@dfns/sdk 0.8.21 → 0.8.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/generated/agreements/types.d.ts +9 -0
- package/generated/allocations/types.d.ts +409 -24
- package/generated/auth/client.d.ts +3 -0
- package/generated/auth/client.js +36 -0
- package/generated/auth/delegatedClient.d.ts +5 -0
- package/generated/auth/delegatedClient.js +66 -0
- package/generated/auth/types.d.ts +1021 -39
- package/generated/exchanges/types.d.ts +1 -1
- package/generated/feeSponsors/types.d.ts +6 -6
- package/generated/keys/types.d.ts +60 -60
- package/generated/networks/types.d.ts +38 -2
- package/generated/payouts/types.d.ts +8 -8
- package/generated/permissions/types.d.ts +2 -2
- package/generated/policies/types.d.ts +903 -162
- package/generated/signers/client.d.ts +5 -0
- package/generated/signers/client.js +25 -0
- package/generated/signers/delegatedClient.d.ts +2 -0
- package/generated/signers/delegatedClient.js +27 -0
- package/generated/signers/types.d.ts +113 -4
- package/generated/staking/types.d.ts +451 -5
- package/generated/swaps/types.d.ts +641 -43
- package/generated/wallets/types.d.ts +536 -110
- package/generated/webhooks/types.d.ts +9 -9
- package/package.json +1 -1
|
@@ -1,132 +1,217 @@
|
|
|
1
1
|
export type ActivateCredentialBody = {
|
|
2
|
+
/** UUID of the credential to activate. */
|
|
2
3
|
credentialUuid: string;
|
|
3
4
|
};
|
|
4
5
|
export type ActivateCredentialResponse = {
|
|
6
|
+
/** Human-readable success message. */
|
|
5
7
|
message: string;
|
|
6
8
|
};
|
|
7
9
|
export type ActivateCredentialRequest = {
|
|
8
10
|
body: ActivateCredentialBody;
|
|
9
11
|
};
|
|
10
12
|
export type ActivatePersonalAccessTokenParams = {
|
|
13
|
+
/** Token id. */
|
|
11
14
|
tokenId: string;
|
|
12
15
|
};
|
|
13
16
|
export type ActivatePersonalAccessTokenResponse = {
|
|
17
|
+
/** The access token. Only returned at creation time. */
|
|
14
18
|
accessToken?: string | undefined;
|
|
15
19
|
dateCreated: string;
|
|
20
|
+
/** ID of the credential associated with the access token. */
|
|
16
21
|
credId: string;
|
|
22
|
+
/** Whether the access token is active. */
|
|
17
23
|
isActive: boolean;
|
|
18
24
|
/** Access token kind. */
|
|
19
25
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
26
|
+
/** User id. */
|
|
20
27
|
linkedUserId: string;
|
|
28
|
+
/** ID of the application the access token is linked to. */
|
|
21
29
|
linkedAppId: string;
|
|
30
|
+
/** Human-readable name of the access token. */
|
|
22
31
|
name: string;
|
|
32
|
+
/** Organization id. */
|
|
23
33
|
orgId: string;
|
|
34
|
+
/** Permissions (roles) assigned to the access token. */
|
|
24
35
|
permissionAssignments: {
|
|
36
|
+
/** Human-readable name of the permission (role). */
|
|
25
37
|
permissionName: string;
|
|
38
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
26
39
|
permissionId: string;
|
|
40
|
+
/** ID of the permission assignment. */
|
|
27
41
|
assignmentId: string;
|
|
42
|
+
/** List of API operations granted by this permission. */
|
|
28
43
|
operations?: string[] | undefined;
|
|
29
44
|
}[];
|
|
45
|
+
/** Public key associated with the access token. */
|
|
30
46
|
publicKey: string;
|
|
47
|
+
/** Token id. */
|
|
31
48
|
tokenId: string;
|
|
32
49
|
};
|
|
33
50
|
export type ActivatePersonalAccessTokenRequest = ActivatePersonalAccessTokenParams;
|
|
34
51
|
export type ActivateServiceAccountParams = {
|
|
52
|
+
/** ID of the service account. */
|
|
35
53
|
serviceAccountId: string;
|
|
36
54
|
};
|
|
37
55
|
export type ActivateServiceAccountResponse = {
|
|
38
56
|
userInfo: {
|
|
57
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
39
58
|
username: string;
|
|
59
|
+
/** Display name of the user. */
|
|
40
60
|
name: string;
|
|
41
61
|
/** User id. */
|
|
42
62
|
userId: string;
|
|
43
63
|
/** User kind. */
|
|
44
|
-
kind: "DfnsStaff" | "
|
|
64
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
65
|
+
/** UUID of the user's primary credential. */
|
|
45
66
|
credentialUuid: string;
|
|
46
|
-
|
|
67
|
+
/** Organization id. */
|
|
68
|
+
orgId?: string | undefined;
|
|
69
|
+
/** Tenant id. */
|
|
70
|
+
tenantId?: string | undefined;
|
|
71
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
47
72
|
permissions?: string[] | undefined;
|
|
73
|
+
/** Whether the user is active. */
|
|
48
74
|
isActive: boolean;
|
|
75
|
+
/** Whether the user is a service account. */
|
|
49
76
|
isServiceAccount: boolean;
|
|
77
|
+
/** Whether the user has completed registration. */
|
|
50
78
|
isRegistered: boolean;
|
|
79
|
+
/** Permissions (roles) assigned to the user. */
|
|
51
80
|
permissionAssignments: {
|
|
81
|
+
/** Human-readable name of the permission (role). */
|
|
52
82
|
permissionName: string;
|
|
83
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
53
84
|
permissionId: string;
|
|
85
|
+
/** ID of the permission assignment. */
|
|
54
86
|
assignmentId: string;
|
|
87
|
+
/** List of API operations granted by this permission. */
|
|
55
88
|
operations?: string[] | undefined;
|
|
56
89
|
}[];
|
|
57
90
|
};
|
|
58
91
|
accessTokens: {
|
|
92
|
+
/** The access token. Only returned at creation time. */
|
|
59
93
|
accessToken?: string | undefined;
|
|
60
94
|
dateCreated: string;
|
|
95
|
+
/** ID of the credential associated with the access token. */
|
|
61
96
|
credId: string;
|
|
97
|
+
/** Whether the access token is active. */
|
|
62
98
|
isActive: boolean;
|
|
63
99
|
/** Access token kind. */
|
|
64
100
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
101
|
+
/** User id. */
|
|
65
102
|
linkedUserId: string;
|
|
103
|
+
/** ID of the application the access token is linked to. */
|
|
66
104
|
linkedAppId: string;
|
|
105
|
+
/** Human-readable name of the access token. */
|
|
67
106
|
name: string;
|
|
107
|
+
/** Organization id. */
|
|
68
108
|
orgId: string;
|
|
109
|
+
/** Permissions (roles) assigned to the access token. */
|
|
69
110
|
permissionAssignments: {
|
|
111
|
+
/** Human-readable name of the permission (role). */
|
|
70
112
|
permissionName: string;
|
|
113
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
71
114
|
permissionId: string;
|
|
115
|
+
/** ID of the permission assignment. */
|
|
72
116
|
assignmentId: string;
|
|
117
|
+
/** List of API operations granted by this permission. */
|
|
73
118
|
operations?: string[] | undefined;
|
|
74
119
|
}[];
|
|
120
|
+
/** Public key associated with the access token. */
|
|
75
121
|
publicKey: string;
|
|
122
|
+
/** Token id. */
|
|
76
123
|
tokenId: string;
|
|
77
124
|
}[];
|
|
78
125
|
};
|
|
79
126
|
export type ActivateServiceAccountRequest = ActivateServiceAccountParams;
|
|
80
127
|
export type ActivateUserParams = {
|
|
128
|
+
/** User id. */
|
|
81
129
|
userId: string;
|
|
82
130
|
};
|
|
83
131
|
export type ActivateUserResponse = {
|
|
132
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
84
133
|
username: string;
|
|
134
|
+
/** Display name of the user. */
|
|
85
135
|
name: string;
|
|
86
136
|
/** User id. */
|
|
87
137
|
userId: string;
|
|
88
138
|
/** User kind. */
|
|
89
|
-
kind: "DfnsStaff" | "
|
|
139
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
140
|
+
/** UUID of the user's primary credential. */
|
|
90
141
|
credentialUuid: string;
|
|
91
|
-
|
|
142
|
+
/** Organization id. */
|
|
143
|
+
orgId?: string | undefined;
|
|
144
|
+
/** Tenant id. */
|
|
145
|
+
tenantId?: string | undefined;
|
|
146
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
92
147
|
permissions?: string[] | undefined;
|
|
148
|
+
/** Whether the user is active. */
|
|
93
149
|
isActive: boolean;
|
|
150
|
+
/** Whether the user is a service account. */
|
|
94
151
|
isServiceAccount: boolean;
|
|
152
|
+
/** Whether the user has completed registration. */
|
|
95
153
|
isRegistered: boolean;
|
|
154
|
+
/** Whether the user must authenticate via SSO. */
|
|
96
155
|
isSSORequired: boolean;
|
|
156
|
+
/** Permissions (roles) assigned to the user. */
|
|
97
157
|
permissionAssignments: {
|
|
158
|
+
/** Human-readable name of the permission (role). */
|
|
98
159
|
permissionName: string;
|
|
160
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
99
161
|
permissionId: string;
|
|
162
|
+
/** ID of the permission assignment. */
|
|
100
163
|
assignmentId: string;
|
|
164
|
+
/** List of API operations granted by this permission. */
|
|
101
165
|
operations?: string[] | undefined;
|
|
102
166
|
}[];
|
|
103
167
|
};
|
|
104
168
|
export type ActivateUserRequest = ActivateUserParams;
|
|
169
|
+
export type ArchiveCredentialParams = {
|
|
170
|
+
credentialUuid: string;
|
|
171
|
+
};
|
|
172
|
+
export type ArchiveCredentialResponse = {};
|
|
173
|
+
export type ArchiveCredentialRequest = ArchiveCredentialParams;
|
|
105
174
|
export type ArchivePersonalAccessTokenParams = {
|
|
175
|
+
/** Token id. */
|
|
106
176
|
tokenId: string;
|
|
107
177
|
};
|
|
108
178
|
export type ArchivePersonalAccessTokenResponse = {
|
|
179
|
+
/** The access token. Only returned at creation time. */
|
|
109
180
|
accessToken?: string | undefined;
|
|
110
181
|
dateCreated: string;
|
|
182
|
+
/** ID of the credential associated with the access token. */
|
|
111
183
|
credId: string;
|
|
184
|
+
/** Whether the access token is active. */
|
|
112
185
|
isActive: boolean;
|
|
113
186
|
/** Access token kind. */
|
|
114
187
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
188
|
+
/** User id. */
|
|
115
189
|
linkedUserId: string;
|
|
190
|
+
/** ID of the application the access token is linked to. */
|
|
116
191
|
linkedAppId: string;
|
|
192
|
+
/** Human-readable name of the access token. */
|
|
117
193
|
name: string;
|
|
194
|
+
/** Organization id. */
|
|
118
195
|
orgId: string;
|
|
196
|
+
/** Permissions (roles) assigned to the access token. */
|
|
119
197
|
permissionAssignments: {
|
|
198
|
+
/** Human-readable name of the permission (role). */
|
|
120
199
|
permissionName: string;
|
|
200
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
121
201
|
permissionId: string;
|
|
202
|
+
/** ID of the permission assignment. */
|
|
122
203
|
assignmentId: string;
|
|
204
|
+
/** List of API operations granted by this permission. */
|
|
123
205
|
operations?: string[] | undefined;
|
|
124
206
|
}[];
|
|
207
|
+
/** Public key associated with the access token. */
|
|
125
208
|
publicKey: string;
|
|
209
|
+
/** Token id. */
|
|
126
210
|
tokenId: string;
|
|
127
211
|
};
|
|
128
212
|
export type ArchivePersonalAccessTokenRequest = ArchivePersonalAccessTokenParams;
|
|
129
213
|
export type ArchiveServiceAccountParams = {
|
|
214
|
+
/** ID of the service account. */
|
|
130
215
|
serviceAccountId: string;
|
|
131
216
|
};
|
|
132
217
|
export type ArchiveServiceAccountQuery = {
|
|
@@ -135,43 +220,72 @@ export type ArchiveServiceAccountQuery = {
|
|
|
135
220
|
};
|
|
136
221
|
export type ArchiveServiceAccountResponse = {
|
|
137
222
|
userInfo: {
|
|
223
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
138
224
|
username: string;
|
|
225
|
+
/** Display name of the user. */
|
|
139
226
|
name: string;
|
|
140
227
|
/** User id. */
|
|
141
228
|
userId: string;
|
|
142
229
|
/** User kind. */
|
|
143
|
-
kind: "DfnsStaff" | "
|
|
230
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
231
|
+
/** UUID of the user's primary credential. */
|
|
144
232
|
credentialUuid: string;
|
|
145
|
-
|
|
233
|
+
/** Organization id. */
|
|
234
|
+
orgId?: string | undefined;
|
|
235
|
+
/** Tenant id. */
|
|
236
|
+
tenantId?: string | undefined;
|
|
237
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
146
238
|
permissions?: string[] | undefined;
|
|
239
|
+
/** Whether the user is active. */
|
|
147
240
|
isActive: boolean;
|
|
241
|
+
/** Whether the user is a service account. */
|
|
148
242
|
isServiceAccount: boolean;
|
|
243
|
+
/** Whether the user has completed registration. */
|
|
149
244
|
isRegistered: boolean;
|
|
245
|
+
/** Permissions (roles) assigned to the user. */
|
|
150
246
|
permissionAssignments: {
|
|
247
|
+
/** Human-readable name of the permission (role). */
|
|
151
248
|
permissionName: string;
|
|
249
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
152
250
|
permissionId: string;
|
|
251
|
+
/** ID of the permission assignment. */
|
|
153
252
|
assignmentId: string;
|
|
253
|
+
/** List of API operations granted by this permission. */
|
|
154
254
|
operations?: string[] | undefined;
|
|
155
255
|
}[];
|
|
156
256
|
};
|
|
157
257
|
accessTokens: {
|
|
258
|
+
/** The access token. Only returned at creation time. */
|
|
158
259
|
accessToken?: string | undefined;
|
|
159
260
|
dateCreated: string;
|
|
261
|
+
/** ID of the credential associated with the access token. */
|
|
160
262
|
credId: string;
|
|
263
|
+
/** Whether the access token is active. */
|
|
161
264
|
isActive: boolean;
|
|
162
265
|
/** Access token kind. */
|
|
163
266
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
267
|
+
/** User id. */
|
|
164
268
|
linkedUserId: string;
|
|
269
|
+
/** ID of the application the access token is linked to. */
|
|
165
270
|
linkedAppId: string;
|
|
271
|
+
/** Human-readable name of the access token. */
|
|
166
272
|
name: string;
|
|
273
|
+
/** Organization id. */
|
|
167
274
|
orgId: string;
|
|
275
|
+
/** Permissions (roles) assigned to the access token. */
|
|
168
276
|
permissionAssignments: {
|
|
277
|
+
/** Human-readable name of the permission (role). */
|
|
169
278
|
permissionName: string;
|
|
279
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
170
280
|
permissionId: string;
|
|
281
|
+
/** ID of the permission assignment. */
|
|
171
282
|
assignmentId: string;
|
|
283
|
+
/** List of API operations granted by this permission. */
|
|
172
284
|
operations?: string[] | undefined;
|
|
173
285
|
}[];
|
|
286
|
+
/** Public key associated with the access token. */
|
|
174
287
|
publicKey: string;
|
|
288
|
+
/** Token id. */
|
|
175
289
|
tokenId: string;
|
|
176
290
|
}[];
|
|
177
291
|
};
|
|
@@ -179,26 +293,43 @@ export type ArchiveServiceAccountRequest = ArchiveServiceAccountParams & {
|
|
|
179
293
|
query?: ArchiveServiceAccountQuery;
|
|
180
294
|
};
|
|
181
295
|
export type ArchiveUserParams = {
|
|
296
|
+
/** User id. */
|
|
182
297
|
userId: string;
|
|
183
298
|
};
|
|
184
299
|
export type ArchiveUserResponse = {
|
|
300
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
185
301
|
username: string;
|
|
302
|
+
/** Display name of the user. */
|
|
186
303
|
name: string;
|
|
187
304
|
/** User id. */
|
|
188
305
|
userId: string;
|
|
189
306
|
/** User kind. */
|
|
190
|
-
kind: "DfnsStaff" | "
|
|
307
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
308
|
+
/** UUID of the user's primary credential. */
|
|
191
309
|
credentialUuid: string;
|
|
192
|
-
|
|
310
|
+
/** Organization id. */
|
|
311
|
+
orgId?: string | undefined;
|
|
312
|
+
/** Tenant id. */
|
|
313
|
+
tenantId?: string | undefined;
|
|
314
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
193
315
|
permissions?: string[] | undefined;
|
|
316
|
+
/** Whether the user is active. */
|
|
194
317
|
isActive: boolean;
|
|
318
|
+
/** Whether the user is a service account. */
|
|
195
319
|
isServiceAccount: boolean;
|
|
320
|
+
/** Whether the user has completed registration. */
|
|
196
321
|
isRegistered: boolean;
|
|
322
|
+
/** Whether the user must authenticate via SSO. */
|
|
197
323
|
isSSORequired: boolean;
|
|
324
|
+
/** Permissions (roles) assigned to the user. */
|
|
198
325
|
permissionAssignments: {
|
|
326
|
+
/** Human-readable name of the permission (role). */
|
|
199
327
|
permissionName: string;
|
|
328
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
200
329
|
permissionId: string;
|
|
330
|
+
/** ID of the permission assignment. */
|
|
201
331
|
assignmentId: string;
|
|
332
|
+
/** List of API operations granted by this permission. */
|
|
202
333
|
operations?: string[] | undefined;
|
|
203
334
|
}[];
|
|
204
335
|
};
|
|
@@ -206,84 +337,129 @@ export type ArchiveUserRequest = ArchiveUserParams;
|
|
|
206
337
|
export type CreateCredentialBody = {
|
|
207
338
|
credentialKind: "Fido2";
|
|
208
339
|
credentialInfo: {
|
|
340
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
209
341
|
credId: string;
|
|
342
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
210
343
|
clientData: string;
|
|
344
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
211
345
|
attestationData: string;
|
|
212
346
|
};
|
|
347
|
+
/** Human-readable name of the credential. */
|
|
213
348
|
credentialName: string;
|
|
349
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
214
350
|
challengeIdentifier: string;
|
|
215
351
|
} | {
|
|
216
352
|
credentialKind: "Key";
|
|
217
353
|
credentialInfo: {
|
|
354
|
+
/** Base64url-encoded id of the credential. */
|
|
218
355
|
credId: string;
|
|
356
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
219
357
|
clientData: string;
|
|
358
|
+
/** Base64url-encoded public key. */
|
|
220
359
|
attestationData: string;
|
|
221
360
|
};
|
|
361
|
+
/** Human-readable name of the credential. */
|
|
222
362
|
credentialName: string;
|
|
363
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
223
364
|
challengeIdentifier: string;
|
|
224
365
|
} | {
|
|
225
366
|
credentialKind: "PasswordProtectedKey";
|
|
226
367
|
credentialInfo: {
|
|
368
|
+
/** Base64url-encoded id of the credential. */
|
|
227
369
|
credId: string;
|
|
370
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
228
371
|
clientData: string;
|
|
372
|
+
/** Base64url-encoded public key. */
|
|
229
373
|
attestationData: string;
|
|
230
374
|
};
|
|
375
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
231
376
|
encryptedPrivateKey: string;
|
|
377
|
+
/** Human-readable name of the credential. */
|
|
232
378
|
credentialName: string;
|
|
379
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
233
380
|
challengeIdentifier: string;
|
|
234
381
|
} | {
|
|
235
382
|
credentialKind: "RecoveryKey";
|
|
236
383
|
credentialInfo: {
|
|
384
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
237
385
|
credId: string;
|
|
386
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
238
387
|
clientData: string;
|
|
388
|
+
/** Base64url-encoded public key. */
|
|
239
389
|
attestationData: string;
|
|
240
390
|
};
|
|
391
|
+
/** User-encrypted private key for the recovery credential. */
|
|
241
392
|
encryptedPrivateKey?: string | undefined;
|
|
393
|
+
/** Human-readable name of the credential. */
|
|
242
394
|
credentialName: string;
|
|
395
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
243
396
|
challengeIdentifier: string;
|
|
244
397
|
} | {
|
|
245
398
|
credentialKind: "Password";
|
|
246
399
|
credentialInfo: {
|
|
400
|
+
/** User password. */
|
|
247
401
|
password: string;
|
|
248
402
|
};
|
|
403
|
+
/** Human-readable name of the credential. */
|
|
249
404
|
credentialName: string;
|
|
405
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
250
406
|
challengeIdentifier: string;
|
|
251
407
|
} | {
|
|
252
408
|
credentialKind: "Totp";
|
|
253
409
|
credentialInfo: {
|
|
410
|
+
/** TOTP one-time code. */
|
|
254
411
|
otpCode: string;
|
|
255
412
|
};
|
|
413
|
+
/** Human-readable name of the credential. */
|
|
256
414
|
credentialName: string;
|
|
415
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
257
416
|
challengeIdentifier: string;
|
|
258
417
|
};
|
|
259
418
|
export type CreateCredentialResponse = {
|
|
260
419
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
420
|
+
/** Credential ID from the WebAuthn authenticator (base64url). */
|
|
261
421
|
credentialId: string;
|
|
422
|
+
/** Dfns-internal UUID of the credential. */
|
|
262
423
|
credentialUuid: string;
|
|
263
424
|
dateCreated: string;
|
|
425
|
+
/** Whether the credential is active. */
|
|
264
426
|
isActive: boolean;
|
|
427
|
+
/** Human-readable name of the credential. */
|
|
265
428
|
name: string;
|
|
429
|
+
/** Public key of the credential. */
|
|
266
430
|
publicKey: string;
|
|
431
|
+
/** Relying party identifier associated with the credential. */
|
|
267
432
|
relyingPartyId: string;
|
|
433
|
+
/** Origin where the credential was created. */
|
|
268
434
|
origin: string;
|
|
269
435
|
};
|
|
270
436
|
export type CreateCredentialRequest = {
|
|
271
437
|
body: CreateCredentialBody;
|
|
272
438
|
};
|
|
439
|
+
export type CreateUserCredentialBody = CreateCredentialBody;
|
|
440
|
+
export type CreateUserCredentialResponse = CreateCredentialResponse;
|
|
441
|
+
export type CreateUserCredentialRequest = CreateCredentialRequest;
|
|
273
442
|
export type CreateCredentialChallengeBody = {
|
|
274
443
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
275
444
|
};
|
|
276
445
|
export type CreateCredentialChallengeResponse = {
|
|
277
446
|
kind: "Fido2";
|
|
278
447
|
user: {
|
|
448
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
279
449
|
id: string;
|
|
450
|
+
/** Display name of the user. */
|
|
280
451
|
displayName: string;
|
|
452
|
+
/** Username of the user. */
|
|
281
453
|
name: string;
|
|
282
454
|
};
|
|
455
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
283
456
|
challengeIdentifier: string;
|
|
457
|
+
/** Challenge value to be signed by the credential. */
|
|
284
458
|
challenge: string;
|
|
285
459
|
rp?: {
|
|
460
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
286
461
|
id: string;
|
|
462
|
+
/** Human-readable name of the relying party. */
|
|
287
463
|
name: string;
|
|
288
464
|
} | undefined;
|
|
289
465
|
authenticatorSelection: {
|
|
@@ -319,14 +495,21 @@ export type CreateCredentialChallengeResponse = {
|
|
|
319
495
|
} | {
|
|
320
496
|
kind: "Key";
|
|
321
497
|
user: {
|
|
498
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
322
499
|
id: string;
|
|
500
|
+
/** Display name of the user. */
|
|
323
501
|
displayName: string;
|
|
502
|
+
/** Username of the user. */
|
|
324
503
|
name: string;
|
|
325
504
|
};
|
|
505
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
326
506
|
challengeIdentifier: string;
|
|
507
|
+
/** Challenge value to be signed by the credential. */
|
|
327
508
|
challenge: string;
|
|
328
509
|
rp?: {
|
|
510
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
329
511
|
id: string;
|
|
512
|
+
/** Human-readable name of the relying party. */
|
|
330
513
|
name: string;
|
|
331
514
|
} | undefined;
|
|
332
515
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -345,14 +528,21 @@ export type CreateCredentialChallengeResponse = {
|
|
|
345
528
|
} | {
|
|
346
529
|
kind: "PasswordProtectedKey";
|
|
347
530
|
user: {
|
|
531
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
348
532
|
id: string;
|
|
533
|
+
/** Display name of the user. */
|
|
349
534
|
displayName: string;
|
|
535
|
+
/** Username of the user. */
|
|
350
536
|
name: string;
|
|
351
537
|
};
|
|
538
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
352
539
|
challengeIdentifier: string;
|
|
540
|
+
/** Challenge value to be signed by the credential. */
|
|
353
541
|
challenge: string;
|
|
354
542
|
rp?: {
|
|
543
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
355
544
|
id: string;
|
|
545
|
+
/** Human-readable name of the relying party. */
|
|
356
546
|
name: string;
|
|
357
547
|
} | undefined;
|
|
358
548
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -371,14 +561,21 @@ export type CreateCredentialChallengeResponse = {
|
|
|
371
561
|
} | {
|
|
372
562
|
kind: "RecoveryKey";
|
|
373
563
|
user: {
|
|
564
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
374
565
|
id: string;
|
|
566
|
+
/** Display name of the user. */
|
|
375
567
|
displayName: string;
|
|
568
|
+
/** Username of the user. */
|
|
376
569
|
name: string;
|
|
377
570
|
};
|
|
571
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
378
572
|
challengeIdentifier: string;
|
|
573
|
+
/** Challenge value to be signed by the credential. */
|
|
379
574
|
challenge: string;
|
|
380
575
|
rp?: {
|
|
576
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
381
577
|
id: string;
|
|
578
|
+
/** Human-readable name of the relying party. */
|
|
382
579
|
name: string;
|
|
383
580
|
} | undefined;
|
|
384
581
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -397,13 +594,19 @@ export type CreateCredentialChallengeResponse = {
|
|
|
397
594
|
} | {
|
|
398
595
|
kind: "Password";
|
|
399
596
|
user: {
|
|
597
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
400
598
|
id: string;
|
|
599
|
+
/** Display name of the user. */
|
|
401
600
|
displayName: string;
|
|
601
|
+
/** Username of the user. */
|
|
402
602
|
name: string;
|
|
403
603
|
};
|
|
604
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
404
605
|
challengeIdentifier: string;
|
|
405
606
|
rp?: {
|
|
607
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
406
608
|
id: string;
|
|
609
|
+
/** Human-readable name of the relying party. */
|
|
407
610
|
name: string;
|
|
408
611
|
} | undefined;
|
|
409
612
|
/** @deprecated use challengeIdentifier instead */
|
|
@@ -411,15 +614,22 @@ export type CreateCredentialChallengeResponse = {
|
|
|
411
614
|
} | {
|
|
412
615
|
kind: "Totp";
|
|
413
616
|
user: {
|
|
617
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
414
618
|
id: string;
|
|
619
|
+
/** Display name of the user. */
|
|
415
620
|
displayName: string;
|
|
621
|
+
/** Username of the user. */
|
|
416
622
|
name: string;
|
|
417
623
|
};
|
|
624
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
418
625
|
challengeIdentifier: string;
|
|
419
626
|
rp?: {
|
|
627
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
420
628
|
id: string;
|
|
629
|
+
/** Human-readable name of the relying party. */
|
|
421
630
|
name: string;
|
|
422
631
|
} | undefined;
|
|
632
|
+
/** Provisioning URL for the TOTP authenticator. */
|
|
423
633
|
otpUrl: string;
|
|
424
634
|
/** @deprecated use challengeIdentifier instead */
|
|
425
635
|
temporaryAuthenticationToken: string;
|
|
@@ -427,21 +637,32 @@ export type CreateCredentialChallengeResponse = {
|
|
|
427
637
|
export type CreateCredentialChallengeRequest = {
|
|
428
638
|
body: CreateCredentialChallengeBody;
|
|
429
639
|
};
|
|
640
|
+
export type CreateUserCredentialChallengeBody = CreateCredentialChallengeBody;
|
|
641
|
+
export type CreateUserCredentialChallengeResponse = CreateCredentialChallengeResponse;
|
|
642
|
+
export type CreateUserCredentialChallengeRequest = CreateCredentialChallengeRequest;
|
|
430
643
|
export type CreateCredentialChallengeWithCodeBody = {
|
|
431
644
|
credentialKind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
645
|
+
/** One-time code obtained from the create credential code endpoint. */
|
|
432
646
|
code: string;
|
|
433
647
|
};
|
|
434
648
|
export type CreateCredentialChallengeWithCodeResponse = {
|
|
435
649
|
kind: "Fido2";
|
|
436
650
|
user: {
|
|
651
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
437
652
|
id: string;
|
|
653
|
+
/** Display name of the user. */
|
|
438
654
|
displayName: string;
|
|
655
|
+
/** Username of the user. */
|
|
439
656
|
name: string;
|
|
440
657
|
};
|
|
658
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
441
659
|
challengeIdentifier: string;
|
|
660
|
+
/** Challenge value to be signed by the credential. */
|
|
442
661
|
challenge: string;
|
|
443
662
|
rp?: {
|
|
663
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
444
664
|
id: string;
|
|
665
|
+
/** Human-readable name of the relying party. */
|
|
445
666
|
name: string;
|
|
446
667
|
} | undefined;
|
|
447
668
|
authenticatorSelection: {
|
|
@@ -477,14 +698,21 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
477
698
|
} | {
|
|
478
699
|
kind: "Key";
|
|
479
700
|
user: {
|
|
701
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
480
702
|
id: string;
|
|
703
|
+
/** Display name of the user. */
|
|
481
704
|
displayName: string;
|
|
705
|
+
/** Username of the user. */
|
|
482
706
|
name: string;
|
|
483
707
|
};
|
|
708
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
484
709
|
challengeIdentifier: string;
|
|
710
|
+
/** Challenge value to be signed by the credential. */
|
|
485
711
|
challenge: string;
|
|
486
712
|
rp?: {
|
|
713
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
487
714
|
id: string;
|
|
715
|
+
/** Human-readable name of the relying party. */
|
|
488
716
|
name: string;
|
|
489
717
|
} | undefined;
|
|
490
718
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -503,14 +731,21 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
503
731
|
} | {
|
|
504
732
|
kind: "PasswordProtectedKey";
|
|
505
733
|
user: {
|
|
734
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
506
735
|
id: string;
|
|
736
|
+
/** Display name of the user. */
|
|
507
737
|
displayName: string;
|
|
738
|
+
/** Username of the user. */
|
|
508
739
|
name: string;
|
|
509
740
|
};
|
|
741
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
510
742
|
challengeIdentifier: string;
|
|
743
|
+
/** Challenge value to be signed by the credential. */
|
|
511
744
|
challenge: string;
|
|
512
745
|
rp?: {
|
|
746
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
513
747
|
id: string;
|
|
748
|
+
/** Human-readable name of the relying party. */
|
|
514
749
|
name: string;
|
|
515
750
|
} | undefined;
|
|
516
751
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -529,14 +764,21 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
529
764
|
} | {
|
|
530
765
|
kind: "RecoveryKey";
|
|
531
766
|
user: {
|
|
767
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
532
768
|
id: string;
|
|
769
|
+
/** Display name of the user. */
|
|
533
770
|
displayName: string;
|
|
771
|
+
/** Username of the user. */
|
|
534
772
|
name: string;
|
|
535
773
|
};
|
|
774
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
536
775
|
challengeIdentifier: string;
|
|
776
|
+
/** Challenge value to be signed by the credential. */
|
|
537
777
|
challenge: string;
|
|
538
778
|
rp?: {
|
|
779
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
539
780
|
id: string;
|
|
781
|
+
/** Human-readable name of the relying party. */
|
|
540
782
|
name: string;
|
|
541
783
|
} | undefined;
|
|
542
784
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -555,13 +797,19 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
555
797
|
} | {
|
|
556
798
|
kind: "Password";
|
|
557
799
|
user: {
|
|
800
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
558
801
|
id: string;
|
|
802
|
+
/** Display name of the user. */
|
|
559
803
|
displayName: string;
|
|
804
|
+
/** Username of the user. */
|
|
560
805
|
name: string;
|
|
561
806
|
};
|
|
807
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
562
808
|
challengeIdentifier: string;
|
|
563
809
|
rp?: {
|
|
810
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
564
811
|
id: string;
|
|
812
|
+
/** Human-readable name of the relying party. */
|
|
565
813
|
name: string;
|
|
566
814
|
} | undefined;
|
|
567
815
|
/** @deprecated use challengeIdentifier instead */
|
|
@@ -569,15 +817,22 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
569
817
|
} | {
|
|
570
818
|
kind: "Totp";
|
|
571
819
|
user: {
|
|
820
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
572
821
|
id: string;
|
|
822
|
+
/** Display name of the user. */
|
|
573
823
|
displayName: string;
|
|
824
|
+
/** Username of the user. */
|
|
574
825
|
name: string;
|
|
575
826
|
};
|
|
827
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
576
828
|
challengeIdentifier: string;
|
|
577
829
|
rp?: {
|
|
830
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
578
831
|
id: string;
|
|
832
|
+
/** Human-readable name of the relying party. */
|
|
579
833
|
name: string;
|
|
580
834
|
} | undefined;
|
|
835
|
+
/** Provisioning URL for the TOTP authenticator. */
|
|
581
836
|
otpUrl: string;
|
|
582
837
|
/** @deprecated use challengeIdentifier instead */
|
|
583
838
|
temporaryAuthenticationToken: string;
|
|
@@ -590,7 +845,9 @@ export type CreateCredentialCodeBody = {
|
|
|
590
845
|
expiration: string | number;
|
|
591
846
|
};
|
|
592
847
|
export type CreateCredentialCodeResponse = {
|
|
848
|
+
/** One-time code that can be used to create a new credential. */
|
|
593
849
|
code: string;
|
|
850
|
+
/** Code expiration, as an ISO-8601 datetime string or a unix timestamp. */
|
|
594
851
|
expiration: string;
|
|
595
852
|
};
|
|
596
853
|
export type CreateCredentialCodeRequest = {
|
|
@@ -599,88 +856,136 @@ export type CreateCredentialCodeRequest = {
|
|
|
599
856
|
export type CreateCredentialWithCodeBody = {
|
|
600
857
|
credentialKind: "Fido2";
|
|
601
858
|
credentialInfo: {
|
|
859
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
602
860
|
credId: string;
|
|
861
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
603
862
|
clientData: string;
|
|
863
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
604
864
|
attestationData: string;
|
|
605
865
|
};
|
|
866
|
+
/** Human-readable name of the credential. */
|
|
606
867
|
credentialName: string;
|
|
868
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
607
869
|
challengeIdentifier: string;
|
|
608
870
|
} | {
|
|
609
871
|
credentialKind: "Key";
|
|
610
872
|
credentialInfo: {
|
|
873
|
+
/** Base64url-encoded id of the credential. */
|
|
611
874
|
credId: string;
|
|
875
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
612
876
|
clientData: string;
|
|
877
|
+
/** Base64url-encoded public key. */
|
|
613
878
|
attestationData: string;
|
|
614
879
|
};
|
|
880
|
+
/** Human-readable name of the credential. */
|
|
615
881
|
credentialName: string;
|
|
882
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
616
883
|
challengeIdentifier: string;
|
|
617
884
|
} | {
|
|
618
885
|
credentialKind: "PasswordProtectedKey";
|
|
619
886
|
credentialInfo: {
|
|
887
|
+
/** Base64url-encoded id of the credential. */
|
|
620
888
|
credId: string;
|
|
889
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
621
890
|
clientData: string;
|
|
891
|
+
/** Base64url-encoded public key. */
|
|
622
892
|
attestationData: string;
|
|
623
893
|
};
|
|
894
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
624
895
|
encryptedPrivateKey: string;
|
|
896
|
+
/** Human-readable name of the credential. */
|
|
625
897
|
credentialName: string;
|
|
898
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
626
899
|
challengeIdentifier: string;
|
|
627
900
|
} | {
|
|
628
901
|
credentialKind: "RecoveryKey";
|
|
629
902
|
credentialInfo: {
|
|
903
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
630
904
|
credId: string;
|
|
905
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
631
906
|
clientData: string;
|
|
907
|
+
/** Base64url-encoded public key. */
|
|
632
908
|
attestationData: string;
|
|
633
909
|
};
|
|
910
|
+
/** User-encrypted private key for the recovery credential. */
|
|
634
911
|
encryptedPrivateKey?: string | undefined;
|
|
912
|
+
/** Human-readable name of the credential. */
|
|
635
913
|
credentialName: string;
|
|
914
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
636
915
|
challengeIdentifier: string;
|
|
637
916
|
} | {
|
|
638
917
|
credentialKind: "Password";
|
|
639
918
|
credentialInfo: {
|
|
919
|
+
/** User password. */
|
|
640
920
|
password: string;
|
|
641
921
|
};
|
|
922
|
+
/** Human-readable name of the credential. */
|
|
642
923
|
credentialName: string;
|
|
924
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
643
925
|
challengeIdentifier: string;
|
|
644
926
|
} | {
|
|
645
927
|
credentialKind: "Totp";
|
|
646
928
|
credentialInfo: {
|
|
929
|
+
/** TOTP one-time code. */
|
|
647
930
|
otpCode: string;
|
|
648
931
|
};
|
|
932
|
+
/** Human-readable name of the credential. */
|
|
649
933
|
credentialName: string;
|
|
934
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
650
935
|
challengeIdentifier: string;
|
|
651
936
|
};
|
|
652
937
|
export type CreateCredentialWithCodeResponse = {
|
|
653
938
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
939
|
+
/** Credential ID from the WebAuthn authenticator (base64url). */
|
|
654
940
|
credentialId: string;
|
|
941
|
+
/** Dfns-internal UUID of the credential. */
|
|
655
942
|
credentialUuid: string;
|
|
656
943
|
dateCreated: string;
|
|
944
|
+
/** Whether the credential is active. */
|
|
657
945
|
isActive: boolean;
|
|
946
|
+
/** Human-readable name of the credential. */
|
|
658
947
|
name: string;
|
|
948
|
+
/** Public key of the credential. */
|
|
659
949
|
publicKey: string;
|
|
950
|
+
/** Relying party identifier associated with the credential. */
|
|
660
951
|
relyingPartyId: string;
|
|
952
|
+
/** Origin where the credential was created. */
|
|
661
953
|
origin: string;
|
|
662
954
|
};
|
|
663
955
|
export type CreateCredentialWithCodeRequest = {
|
|
664
956
|
body: CreateCredentialWithCodeBody;
|
|
665
957
|
};
|
|
666
958
|
export type CreateDelegatedRecoveryChallengeBody = {
|
|
959
|
+
/** Username/identifier of the user to recover. */
|
|
667
960
|
username: string;
|
|
961
|
+
/** Identifier of the recovery credential to use. */
|
|
668
962
|
credentialId: string;
|
|
669
963
|
};
|
|
670
964
|
export type CreateDelegatedRecoveryChallengeResponse = {
|
|
671
965
|
user: {
|
|
966
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
672
967
|
id: string;
|
|
968
|
+
/** Display name of the user. */
|
|
673
969
|
displayName: string;
|
|
970
|
+
/** Username of the user. */
|
|
674
971
|
name: string;
|
|
675
972
|
};
|
|
973
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
676
974
|
temporaryAuthenticationToken: string;
|
|
975
|
+
/** Challenge to be signed by the credential being registered. */
|
|
677
976
|
challenge: string;
|
|
977
|
+
/** Deprecated. Should not be used. */
|
|
678
978
|
rp?: {
|
|
979
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
679
980
|
id: string;
|
|
981
|
+
/** Human-readable name of the relying party. */
|
|
680
982
|
name: string;
|
|
681
983
|
} | undefined;
|
|
984
|
+
/** Credential kinds that can be used to register the user. */
|
|
682
985
|
supportedCredentialKinds: {
|
|
986
|
+
/** Credential kinds accepted as first factor. */
|
|
683
987
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
988
|
+
/** Credential kinds accepted as second factor. */
|
|
684
989
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
685
990
|
};
|
|
686
991
|
authenticatorSelection: {
|
|
@@ -701,44 +1006,66 @@ export type CreateDelegatedRecoveryChallengeResponse = {
|
|
|
701
1006
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
702
1007
|
*/
|
|
703
1008
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1009
|
+
/** Public key credential parameters supported for the registration. */
|
|
704
1010
|
pubKeyCredParams: {
|
|
705
1011
|
type: "public-key";
|
|
706
1012
|
alg: number;
|
|
707
1013
|
}[];
|
|
1014
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
708
1015
|
excludeCredentials: {
|
|
709
1016
|
/** Is always `public-key`. */
|
|
710
1017
|
type: "public-key";
|
|
711
1018
|
/** ID that identifies the credential. */
|
|
712
1019
|
id: string;
|
|
713
1020
|
}[];
|
|
1021
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
714
1022
|
otpUrl: string;
|
|
715
1023
|
allowedRecoveryCredentials: {
|
|
1024
|
+
/** Identifier of the recovery credential. */
|
|
716
1025
|
id: string;
|
|
1026
|
+
/** Encrypted recovery key associated with this credential. */
|
|
717
1027
|
encryptedRecoveryKey: string;
|
|
718
1028
|
}[];
|
|
719
1029
|
};
|
|
720
1030
|
export type CreateDelegatedRecoveryChallengeRequest = {
|
|
721
1031
|
body: CreateDelegatedRecoveryChallengeBody;
|
|
722
1032
|
};
|
|
1033
|
+
export type CreateDelegatedUserRecoveryBody = CreateDelegatedRecoveryChallengeBody;
|
|
1034
|
+
export type CreateDelegatedUserRecoveryResponse = CreateDelegatedRecoveryChallengeResponse;
|
|
1035
|
+
export type CreateDelegatedUserRecoveryRequest = CreateDelegatedRecoveryChallengeRequest;
|
|
723
1036
|
export type CreateDelegatedRegistrationChallengeBody = {
|
|
1037
|
+
/** Username/identifier (any unique string accepted, e.g. your internal user ID or email). */
|
|
724
1038
|
email: string;
|
|
1039
|
+
/** Must be `EndUser`. */
|
|
725
1040
|
kind: "EndUser";
|
|
1041
|
+
/** Optional external identifier for the user, used for cross-referencing with your own systems. */
|
|
726
1042
|
externalId?: string | undefined;
|
|
727
1043
|
};
|
|
728
1044
|
export type CreateDelegatedRegistrationChallengeResponse = {
|
|
729
1045
|
user: {
|
|
1046
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
730
1047
|
id: string;
|
|
1048
|
+
/** Display name of the user. */
|
|
731
1049
|
displayName: string;
|
|
1050
|
+
/** Username of the user. */
|
|
732
1051
|
name: string;
|
|
733
1052
|
};
|
|
1053
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
734
1054
|
temporaryAuthenticationToken: string;
|
|
1055
|
+
/** Challenge to be signed by the credential being registered. */
|
|
735
1056
|
challenge: string;
|
|
1057
|
+
/** Deprecated. Should not be used. */
|
|
736
1058
|
rp?: {
|
|
1059
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
737
1060
|
id: string;
|
|
1061
|
+
/** Human-readable name of the relying party. */
|
|
738
1062
|
name: string;
|
|
739
1063
|
} | undefined;
|
|
1064
|
+
/** Credential kinds that can be used to register the user. */
|
|
740
1065
|
supportedCredentialKinds: {
|
|
1066
|
+
/** Credential kinds accepted as first factor. */
|
|
741
1067
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1068
|
+
/** Credential kinds accepted as second factor. */
|
|
742
1069
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
743
1070
|
};
|
|
744
1071
|
authenticatorSelection: {
|
|
@@ -759,24 +1086,35 @@ export type CreateDelegatedRegistrationChallengeResponse = {
|
|
|
759
1086
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
760
1087
|
*/
|
|
761
1088
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1089
|
+
/** Public key credential parameters supported for the registration. */
|
|
762
1090
|
pubKeyCredParams: {
|
|
763
1091
|
type: "public-key";
|
|
764
1092
|
alg: number;
|
|
765
1093
|
}[];
|
|
1094
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
766
1095
|
excludeCredentials: {
|
|
767
1096
|
/** Is always `public-key`. */
|
|
768
1097
|
type: "public-key";
|
|
769
1098
|
/** ID that identifies the credential. */
|
|
770
1099
|
id: string;
|
|
771
1100
|
}[];
|
|
1101
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
772
1102
|
otpUrl: string;
|
|
773
1103
|
};
|
|
774
1104
|
export type CreateDelegatedRegistrationChallengeRequest = {
|
|
775
1105
|
body: CreateDelegatedRegistrationChallengeBody;
|
|
776
1106
|
};
|
|
1107
|
+
export type CreateDelegatedUserRegistrationBody = CreateDelegatedRegistrationChallengeBody;
|
|
1108
|
+
export type CreateDelegatedUserRegistrationResponse = CreateDelegatedRegistrationChallengeResponse;
|
|
1109
|
+
export type CreateDelegatedUserRegistrationRequest = CreateDelegatedRegistrationChallengeRequest;
|
|
777
1110
|
export type CreateLoginChallengeBody = {
|
|
1111
|
+
/** Username/identifier of the user. Optional when the user has at least one discoverable WebAuthn credential. */
|
|
778
1112
|
username?: string | undefined;
|
|
779
|
-
|
|
1113
|
+
/** Organization id. */
|
|
1114
|
+
orgId?: string | undefined;
|
|
1115
|
+
/** Tenant id. */
|
|
1116
|
+
tenantId?: string | undefined;
|
|
1117
|
+
/** One-time login code, required when the user has a credential of kind `PasswordProtectedKey`. */
|
|
780
1118
|
loginCode?: string | undefined;
|
|
781
1119
|
};
|
|
782
1120
|
export type CreateLoginChallengeResponse = {
|
|
@@ -786,7 +1124,9 @@ export type CreateLoginChallengeResponse = {
|
|
|
786
1124
|
challengeIdentifier: string;
|
|
787
1125
|
/** Deprecated. Should not be used. */
|
|
788
1126
|
rp?: {
|
|
1127
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
789
1128
|
id: string;
|
|
1129
|
+
/** Human-readable name of the relying party. */
|
|
790
1130
|
name: string;
|
|
791
1131
|
} | undefined;
|
|
792
1132
|
/** Identifies the kind of credentials that can be used to sign the user action. */
|
|
@@ -844,29 +1184,48 @@ export type CreateLoginChallengeRequest = {
|
|
|
844
1184
|
body: CreateLoginChallengeBody;
|
|
845
1185
|
};
|
|
846
1186
|
export type CreatePersonalAccessTokenBody = {
|
|
1187
|
+
/** Human-readable name of the Personal Access Token. */
|
|
847
1188
|
name: string;
|
|
848
1189
|
publicKey: string;
|
|
1190
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
849
1191
|
permissionId?: string | undefined;
|
|
1192
|
+
/** Value that can be used to correlate the entity with an external system. */
|
|
850
1193
|
externalId?: string | undefined;
|
|
1194
|
+
/** Number of days the token will be valid for. */
|
|
851
1195
|
daysValid?: number | undefined;
|
|
1196
|
+
/** Number of seconds the token will be valid for. */
|
|
852
1197
|
secondsValid?: number | undefined;
|
|
853
1198
|
};
|
|
854
1199
|
export type CreatePersonalAccessTokenResponse = {
|
|
1200
|
+
/** The access token. Only returned at creation time. */
|
|
855
1201
|
accessToken: string;
|
|
856
1202
|
dateCreated: string;
|
|
1203
|
+
/** ID of the credential associated with the access token. */
|
|
857
1204
|
credId: string;
|
|
1205
|
+
/** Whether the access token is active. */
|
|
858
1206
|
isActive: boolean;
|
|
859
1207
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
1208
|
+
/** User id. */
|
|
860
1209
|
linkedUserId: string;
|
|
1210
|
+
/** ID of the application the access token is linked to. */
|
|
861
1211
|
linkedAppId: string;
|
|
1212
|
+
/** Human-readable name of the access token. */
|
|
862
1213
|
name: string;
|
|
1214
|
+
/** Organization id. */
|
|
863
1215
|
orgId: string;
|
|
1216
|
+
/** Public key associated with the access token. */
|
|
864
1217
|
publicKey: string;
|
|
1218
|
+
/** Token id. */
|
|
865
1219
|
tokenId: string;
|
|
1220
|
+
/** Permissions (roles) assigned to the access token. */
|
|
866
1221
|
permissionAssignments: {
|
|
1222
|
+
/** Human-readable name of the permission (role). */
|
|
867
1223
|
permissionName: string;
|
|
1224
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
868
1225
|
permissionId: string;
|
|
1226
|
+
/** ID of the permission assignment. */
|
|
869
1227
|
assignmentId: string;
|
|
1228
|
+
/** List of API operations granted by this permission. */
|
|
870
1229
|
operations?: string[] | undefined;
|
|
871
1230
|
}[];
|
|
872
1231
|
};
|
|
@@ -874,25 +1233,42 @@ export type CreatePersonalAccessTokenRequest = {
|
|
|
874
1233
|
body: CreatePersonalAccessTokenBody;
|
|
875
1234
|
};
|
|
876
1235
|
export type CreateRecoveryChallengeBody = {
|
|
1236
|
+
/** Username/identifier of the user to recover. */
|
|
877
1237
|
username: string;
|
|
1238
|
+
/** Recovery verification code sent to the user by email. */
|
|
878
1239
|
verificationCode: string;
|
|
879
|
-
|
|
1240
|
+
/** Organization id. */
|
|
1241
|
+
orgId?: string | undefined;
|
|
1242
|
+
/** Tenant id. */
|
|
1243
|
+
tenantId?: string | undefined;
|
|
1244
|
+
/** Identifier of the recovery credential to use. */
|
|
880
1245
|
credentialId: string;
|
|
881
1246
|
};
|
|
882
1247
|
export type CreateRecoveryChallengeResponse = {
|
|
883
1248
|
user: {
|
|
1249
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
884
1250
|
id: string;
|
|
1251
|
+
/** Display name of the user. */
|
|
885
1252
|
displayName: string;
|
|
1253
|
+
/** Username of the user. */
|
|
886
1254
|
name: string;
|
|
887
1255
|
};
|
|
1256
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
888
1257
|
temporaryAuthenticationToken: string;
|
|
1258
|
+
/** Challenge to be signed by the credential being registered. */
|
|
889
1259
|
challenge: string;
|
|
1260
|
+
/** Deprecated. Should not be used. */
|
|
890
1261
|
rp?: {
|
|
1262
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
891
1263
|
id: string;
|
|
1264
|
+
/** Human-readable name of the relying party. */
|
|
892
1265
|
name: string;
|
|
893
1266
|
} | undefined;
|
|
1267
|
+
/** Credential kinds that can be used to register the user. */
|
|
894
1268
|
supportedCredentialKinds: {
|
|
1269
|
+
/** Credential kinds accepted as first factor. */
|
|
895
1270
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1271
|
+
/** Credential kinds accepted as second factor. */
|
|
896
1272
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
897
1273
|
};
|
|
898
1274
|
authenticatorSelection: {
|
|
@@ -913,19 +1289,24 @@ export type CreateRecoveryChallengeResponse = {
|
|
|
913
1289
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
914
1290
|
*/
|
|
915
1291
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1292
|
+
/** Public key credential parameters supported for the registration. */
|
|
916
1293
|
pubKeyCredParams: {
|
|
917
1294
|
type: "public-key";
|
|
918
1295
|
alg: number;
|
|
919
1296
|
}[];
|
|
1297
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
920
1298
|
excludeCredentials: {
|
|
921
1299
|
/** Is always `public-key`. */
|
|
922
1300
|
type: "public-key";
|
|
923
1301
|
/** ID that identifies the credential. */
|
|
924
1302
|
id: string;
|
|
925
1303
|
}[];
|
|
1304
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
926
1305
|
otpUrl: string;
|
|
927
1306
|
allowedRecoveryCredentials: {
|
|
1307
|
+
/** Identifier of the recovery credential. */
|
|
928
1308
|
id: string;
|
|
1309
|
+
/** Encrypted recovery key associated with this credential. */
|
|
929
1310
|
encryptedRecoveryKey: string;
|
|
930
1311
|
}[];
|
|
931
1312
|
};
|
|
@@ -933,24 +1314,40 @@ export type CreateRecoveryChallengeRequest = {
|
|
|
933
1314
|
body: CreateRecoveryChallengeBody;
|
|
934
1315
|
};
|
|
935
1316
|
export type CreateRegistrationChallengeBody = {
|
|
936
|
-
|
|
1317
|
+
/** Organization id. */
|
|
1318
|
+
orgId?: string | undefined;
|
|
1319
|
+
/** Tenant id. */
|
|
1320
|
+
tenantId?: string | undefined;
|
|
1321
|
+
/** Username/identifier of the user being registered (any unique string accepted, e.g. email). */
|
|
937
1322
|
username: string;
|
|
1323
|
+
/** One-time registration code sent to the user by email. */
|
|
938
1324
|
registrationCode: string;
|
|
939
1325
|
};
|
|
940
1326
|
export type CreateRegistrationChallengeResponse = {
|
|
941
1327
|
user: {
|
|
1328
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
942
1329
|
id: string;
|
|
1330
|
+
/** Display name of the user. */
|
|
943
1331
|
displayName: string;
|
|
1332
|
+
/** Username of the user. */
|
|
944
1333
|
name: string;
|
|
945
1334
|
};
|
|
1335
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
946
1336
|
temporaryAuthenticationToken: string;
|
|
1337
|
+
/** Challenge to be signed by the credential being registered. */
|
|
947
1338
|
challenge: string;
|
|
1339
|
+
/** Deprecated. Should not be used. */
|
|
948
1340
|
rp?: {
|
|
1341
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
949
1342
|
id: string;
|
|
1343
|
+
/** Human-readable name of the relying party. */
|
|
950
1344
|
name: string;
|
|
951
1345
|
} | undefined;
|
|
1346
|
+
/** Credential kinds that can be used to register the user. */
|
|
952
1347
|
supportedCredentialKinds: {
|
|
1348
|
+
/** Credential kinds accepted as first factor. */
|
|
953
1349
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1350
|
+
/** Credential kinds accepted as second factor. */
|
|
954
1351
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
955
1352
|
};
|
|
956
1353
|
authenticatorSelection: {
|
|
@@ -971,67 +1368,103 @@ export type CreateRegistrationChallengeResponse = {
|
|
|
971
1368
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
972
1369
|
*/
|
|
973
1370
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1371
|
+
/** Public key credential parameters supported for the registration. */
|
|
974
1372
|
pubKeyCredParams: {
|
|
975
1373
|
type: "public-key";
|
|
976
1374
|
alg: number;
|
|
977
1375
|
}[];
|
|
1376
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
978
1377
|
excludeCredentials: {
|
|
979
1378
|
/** Is always `public-key`. */
|
|
980
1379
|
type: "public-key";
|
|
981
1380
|
/** ID that identifies the credential. */
|
|
982
1381
|
id: string;
|
|
983
1382
|
}[];
|
|
1383
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
984
1384
|
otpUrl: string;
|
|
985
1385
|
};
|
|
986
1386
|
export type CreateRegistrationChallengeRequest = {
|
|
987
1387
|
body: CreateRegistrationChallengeBody;
|
|
988
1388
|
};
|
|
989
1389
|
export type CreateServiceAccountBody = {
|
|
1390
|
+
/** Human-readable name of the Service Account. */
|
|
990
1391
|
name: string;
|
|
991
1392
|
publicKey: string;
|
|
1393
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
992
1394
|
permissionId?: string | undefined;
|
|
1395
|
+
/** Value that can be used to correlate the entity with an external system. */
|
|
993
1396
|
externalId?: string | undefined;
|
|
1397
|
+
/** Number of days the service account will be valid for. */
|
|
994
1398
|
daysValid?: number | undefined;
|
|
995
1399
|
};
|
|
996
1400
|
export type CreateServiceAccountResponse = {
|
|
997
1401
|
userInfo: {
|
|
1402
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
998
1403
|
username: string;
|
|
1404
|
+
/** Display name of the user. */
|
|
999
1405
|
name: string;
|
|
1000
1406
|
/** User id. */
|
|
1001
1407
|
userId: string;
|
|
1002
1408
|
/** User kind. */
|
|
1003
|
-
kind: "DfnsStaff" | "
|
|
1409
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
1410
|
+
/** UUID of the user's primary credential. */
|
|
1004
1411
|
credentialUuid: string;
|
|
1005
|
-
|
|
1412
|
+
/** Organization id. */
|
|
1413
|
+
orgId?: string | undefined;
|
|
1414
|
+
/** Tenant id. */
|
|
1415
|
+
tenantId?: string | undefined;
|
|
1416
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1006
1417
|
permissions?: string[] | undefined;
|
|
1418
|
+
/** Whether the user is active. */
|
|
1007
1419
|
isActive: boolean;
|
|
1420
|
+
/** Whether the user is a service account. */
|
|
1008
1421
|
isServiceAccount: boolean;
|
|
1422
|
+
/** Whether the user has completed registration. */
|
|
1009
1423
|
isRegistered: boolean;
|
|
1424
|
+
/** Permissions (roles) assigned to the user. */
|
|
1010
1425
|
permissionAssignments: {
|
|
1426
|
+
/** Human-readable name of the permission (role). */
|
|
1011
1427
|
permissionName: string;
|
|
1428
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1012
1429
|
permissionId: string;
|
|
1430
|
+
/** ID of the permission assignment. */
|
|
1013
1431
|
assignmentId: string;
|
|
1432
|
+
/** List of API operations granted by this permission. */
|
|
1014
1433
|
operations?: string[] | undefined;
|
|
1015
1434
|
}[];
|
|
1016
1435
|
};
|
|
1017
1436
|
accessTokens: {
|
|
1437
|
+
/** The access token. Only returned at creation time. */
|
|
1018
1438
|
accessToken?: string | undefined;
|
|
1019
1439
|
dateCreated: string;
|
|
1440
|
+
/** ID of the credential associated with the access token. */
|
|
1020
1441
|
credId: string;
|
|
1442
|
+
/** Whether the access token is active. */
|
|
1021
1443
|
isActive: boolean;
|
|
1022
1444
|
/** Access token kind. */
|
|
1023
1445
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
1446
|
+
/** User id. */
|
|
1024
1447
|
linkedUserId: string;
|
|
1448
|
+
/** ID of the application the access token is linked to. */
|
|
1025
1449
|
linkedAppId: string;
|
|
1450
|
+
/** Human-readable name of the access token. */
|
|
1026
1451
|
name: string;
|
|
1452
|
+
/** Organization id. */
|
|
1027
1453
|
orgId: string;
|
|
1454
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1028
1455
|
permissionAssignments: {
|
|
1456
|
+
/** Human-readable name of the permission (role). */
|
|
1029
1457
|
permissionName: string;
|
|
1458
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1030
1459
|
permissionId: string;
|
|
1460
|
+
/** ID of the permission assignment. */
|
|
1031
1461
|
assignmentId: string;
|
|
1462
|
+
/** List of API operations granted by this permission. */
|
|
1032
1463
|
operations?: string[] | undefined;
|
|
1033
1464
|
}[];
|
|
1465
|
+
/** Public key associated with the access token. */
|
|
1034
1466
|
publicKey: string;
|
|
1467
|
+
/** Token id. */
|
|
1035
1468
|
tokenId: string;
|
|
1036
1469
|
}[];
|
|
1037
1470
|
};
|
|
@@ -1039,24 +1472,38 @@ export type CreateServiceAccountRequest = {
|
|
|
1039
1472
|
body: CreateServiceAccountBody;
|
|
1040
1473
|
};
|
|
1041
1474
|
export type CreateSocialRegistrationChallengeBody = {
|
|
1475
|
+
/** Organization id. */
|
|
1042
1476
|
orgId?: string | undefined;
|
|
1477
|
+
/** Social login provider used to issue the JWT. */
|
|
1043
1478
|
socialLoginProviderKind: "Oidc";
|
|
1479
|
+
/** JWT id token issued by the social login provider. */
|
|
1044
1480
|
idToken: string;
|
|
1045
1481
|
};
|
|
1046
1482
|
export type CreateSocialRegistrationChallengeResponse = {
|
|
1047
1483
|
user: {
|
|
1484
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
1048
1485
|
id: string;
|
|
1486
|
+
/** Display name of the user. */
|
|
1049
1487
|
displayName: string;
|
|
1488
|
+
/** Username of the user. */
|
|
1050
1489
|
name: string;
|
|
1051
1490
|
};
|
|
1491
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
1052
1492
|
temporaryAuthenticationToken: string;
|
|
1493
|
+
/** Challenge to be signed by the credential being registered. */
|
|
1053
1494
|
challenge: string;
|
|
1495
|
+
/** Deprecated. Should not be used. */
|
|
1054
1496
|
rp?: {
|
|
1497
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
1055
1498
|
id: string;
|
|
1499
|
+
/** Human-readable name of the relying party. */
|
|
1056
1500
|
name: string;
|
|
1057
1501
|
} | undefined;
|
|
1502
|
+
/** Credential kinds that can be used to register the user. */
|
|
1058
1503
|
supportedCredentialKinds: {
|
|
1504
|
+
/** Credential kinds accepted as first factor. */
|
|
1059
1505
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1506
|
+
/** Credential kinds accepted as second factor. */
|
|
1060
1507
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1061
1508
|
};
|
|
1062
1509
|
authenticatorSelection: {
|
|
@@ -1077,16 +1524,19 @@ export type CreateSocialRegistrationChallengeResponse = {
|
|
|
1077
1524
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
1078
1525
|
*/
|
|
1079
1526
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1527
|
+
/** Public key credential parameters supported for the registration. */
|
|
1080
1528
|
pubKeyCredParams: {
|
|
1081
1529
|
type: "public-key";
|
|
1082
1530
|
alg: number;
|
|
1083
1531
|
}[];
|
|
1532
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
1084
1533
|
excludeCredentials: {
|
|
1085
1534
|
/** Is always `public-key`. */
|
|
1086
1535
|
type: "public-key";
|
|
1087
1536
|
/** ID that identifies the credential. */
|
|
1088
1537
|
id: string;
|
|
1089
1538
|
}[];
|
|
1539
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
1090
1540
|
otpUrl: string;
|
|
1091
1541
|
};
|
|
1092
1542
|
export type CreateSocialRegistrationChallengeRequest = {
|
|
@@ -1098,6 +1548,7 @@ export type CreateUserBody = {
|
|
|
1098
1548
|
/** The kind of user being created.
|
|
1099
1549
|
In this endpoint it can only be "`CustomerEmployee`" (creating an "`EndUser`" is done through the [Delegated Registration](https://docs.dfns.co/api-reference/auth/registration-flows#delegated-users-registration-flow) endpoint) */
|
|
1100
1550
|
kind: "CustomerEmployee" | "DfnsStaff";
|
|
1551
|
+
/** Optional public key in PEM format associated with the user. */
|
|
1101
1552
|
publicKey?: string | undefined;
|
|
1102
1553
|
/** Value that can be used to correlate the entity with an external system. */
|
|
1103
1554
|
externalId?: string | undefined;
|
|
@@ -1105,23 +1556,39 @@ export type CreateUserBody = {
|
|
|
1105
1556
|
isSSORequired?: boolean | undefined;
|
|
1106
1557
|
};
|
|
1107
1558
|
export type CreateUserResponse = {
|
|
1559
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1108
1560
|
username: string;
|
|
1561
|
+
/** Display name of the user. */
|
|
1109
1562
|
name: string;
|
|
1110
1563
|
/** User id. */
|
|
1111
1564
|
userId: string;
|
|
1112
1565
|
/** User kind. */
|
|
1113
|
-
kind: "DfnsStaff" | "
|
|
1566
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
1567
|
+
/** UUID of the user's primary credential. */
|
|
1114
1568
|
credentialUuid: string;
|
|
1115
|
-
|
|
1569
|
+
/** Organization id. */
|
|
1570
|
+
orgId?: string | undefined;
|
|
1571
|
+
/** Tenant id. */
|
|
1572
|
+
tenantId?: string | undefined;
|
|
1573
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1116
1574
|
permissions?: string[] | undefined;
|
|
1575
|
+
/** Whether the user is active. */
|
|
1117
1576
|
isActive: boolean;
|
|
1577
|
+
/** Whether the user is a service account. */
|
|
1118
1578
|
isServiceAccount: boolean;
|
|
1579
|
+
/** Whether the user has completed registration. */
|
|
1119
1580
|
isRegistered: boolean;
|
|
1581
|
+
/** Whether the user must authenticate via SSO. */
|
|
1120
1582
|
isSSORequired: boolean;
|
|
1583
|
+
/** Permissions (roles) assigned to the user. */
|
|
1121
1584
|
permissionAssignments: {
|
|
1585
|
+
/** Human-readable name of the permission (role). */
|
|
1122
1586
|
permissionName: string;
|
|
1587
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1123
1588
|
permissionId: string;
|
|
1589
|
+
/** ID of the permission assignment. */
|
|
1124
1590
|
assignmentId: string;
|
|
1591
|
+
/** List of API operations granted by this permission. */
|
|
1125
1592
|
operations?: string[] | undefined;
|
|
1126
1593
|
}[];
|
|
1127
1594
|
};
|
|
@@ -1145,7 +1612,9 @@ export type CreateUserActionChallengeResponse = {
|
|
|
1145
1612
|
challengeIdentifier: string;
|
|
1146
1613
|
/** Deprecated. Should not be used. */
|
|
1147
1614
|
rp?: {
|
|
1615
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
1148
1616
|
id: string;
|
|
1617
|
+
/** Human-readable name of the relying party. */
|
|
1149
1618
|
name: string;
|
|
1150
1619
|
} | undefined;
|
|
1151
1620
|
/** Identifies the kind of credentials that can be used to sign the user action. */
|
|
@@ -1202,6 +1671,9 @@ export type CreateUserActionChallengeResponse = {
|
|
|
1202
1671
|
export type CreateUserActionChallengeRequest = {
|
|
1203
1672
|
body: CreateUserActionChallengeBody;
|
|
1204
1673
|
};
|
|
1674
|
+
export type CreateUserActionSignatureChallengeBody = CreateUserActionChallengeBody;
|
|
1675
|
+
export type CreateUserActionSignatureChallengeResponse = CreateUserActionChallengeResponse;
|
|
1676
|
+
export type CreateUserActionSignatureChallengeRequest = CreateUserActionChallengeRequest;
|
|
1205
1677
|
export type CreateUserActionSignatureBody = {
|
|
1206
1678
|
/** Temporary authentication token returned by the Create Challenge endpoint. */
|
|
1207
1679
|
challengeIdentifier: string;
|
|
@@ -1248,6 +1720,7 @@ export type CreateUserActionSignatureBody = {
|
|
|
1248
1720
|
};
|
|
1249
1721
|
} | {
|
|
1250
1722
|
kind: "Password";
|
|
1723
|
+
/** User password. */
|
|
1251
1724
|
password: string;
|
|
1252
1725
|
};
|
|
1253
1726
|
/** Second factor credential used to authenticate a user. */
|
|
@@ -1293,45 +1766,64 @@ export type CreateUserActionSignatureBody = {
|
|
|
1293
1766
|
};
|
|
1294
1767
|
} | {
|
|
1295
1768
|
kind: "Totp";
|
|
1769
|
+
/** TOTP one-time code. */
|
|
1296
1770
|
otpCode: string;
|
|
1297
1771
|
}) | undefined;
|
|
1298
1772
|
};
|
|
1299
1773
|
export type CreateUserActionSignatureResponse = {
|
|
1774
|
+
/** Signing token to use to verify the user intended to perform the action. */
|
|
1300
1775
|
userAction: string;
|
|
1301
1776
|
};
|
|
1302
1777
|
export type CreateUserActionSignatureRequest = {
|
|
1303
1778
|
body: CreateUserActionSignatureBody;
|
|
1304
1779
|
};
|
|
1305
1780
|
export type DeactivateCredentialBody = {
|
|
1781
|
+
/** UUID of the credential to deactivate. */
|
|
1306
1782
|
credentialUuid: string;
|
|
1307
1783
|
};
|
|
1308
1784
|
export type DeactivateCredentialResponse = {
|
|
1785
|
+
/** Human-readable success message. */
|
|
1309
1786
|
message: string;
|
|
1310
1787
|
};
|
|
1311
1788
|
export type DeactivateCredentialRequest = {
|
|
1312
1789
|
body: DeactivateCredentialBody;
|
|
1313
1790
|
};
|
|
1314
1791
|
export type DeactivatePersonalAccessTokenParams = {
|
|
1792
|
+
/** Token id. */
|
|
1315
1793
|
tokenId: string;
|
|
1316
1794
|
};
|
|
1317
1795
|
export type DeactivatePersonalAccessTokenResponse = {
|
|
1796
|
+
/** The access token. Only returned at creation time. */
|
|
1318
1797
|
accessToken?: string | undefined;
|
|
1319
1798
|
dateCreated: string;
|
|
1799
|
+
/** ID of the credential associated with the access token. */
|
|
1320
1800
|
credId: string;
|
|
1801
|
+
/** Whether the access token is active. */
|
|
1321
1802
|
isActive: boolean;
|
|
1322
1803
|
/** Access token kind. */
|
|
1323
1804
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
1805
|
+
/** User id. */
|
|
1324
1806
|
linkedUserId: string;
|
|
1807
|
+
/** ID of the application the access token is linked to. */
|
|
1325
1808
|
linkedAppId: string;
|
|
1809
|
+
/** Human-readable name of the access token. */
|
|
1326
1810
|
name: string;
|
|
1811
|
+
/** Organization id. */
|
|
1327
1812
|
orgId: string;
|
|
1813
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1328
1814
|
permissionAssignments: {
|
|
1815
|
+
/** Human-readable name of the permission (role). */
|
|
1329
1816
|
permissionName: string;
|
|
1817
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1330
1818
|
permissionId: string;
|
|
1819
|
+
/** ID of the permission assignment. */
|
|
1331
1820
|
assignmentId: string;
|
|
1821
|
+
/** List of API operations granted by this permission. */
|
|
1332
1822
|
operations?: string[] | undefined;
|
|
1333
1823
|
}[];
|
|
1824
|
+
/** Public key associated with the access token. */
|
|
1334
1825
|
publicKey: string;
|
|
1826
|
+
/** Token id. */
|
|
1335
1827
|
tokenId: string;
|
|
1336
1828
|
};
|
|
1337
1829
|
export type DeactivatePersonalAccessTokenRequest = DeactivatePersonalAccessTokenParams;
|
|
@@ -1340,47 +1832,77 @@ export type DeactivateServiceAccountBody = {
|
|
|
1340
1832
|
force?: boolean;
|
|
1341
1833
|
};
|
|
1342
1834
|
export type DeactivateServiceAccountParams = {
|
|
1835
|
+
/** ID of the service account. */
|
|
1343
1836
|
serviceAccountId: string;
|
|
1344
1837
|
};
|
|
1345
1838
|
export type DeactivateServiceAccountResponse = {
|
|
1346
1839
|
userInfo: {
|
|
1840
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1347
1841
|
username: string;
|
|
1842
|
+
/** Display name of the user. */
|
|
1348
1843
|
name: string;
|
|
1349
1844
|
/** User id. */
|
|
1350
1845
|
userId: string;
|
|
1351
1846
|
/** User kind. */
|
|
1352
|
-
kind: "DfnsStaff" | "
|
|
1847
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
1848
|
+
/** UUID of the user's primary credential. */
|
|
1353
1849
|
credentialUuid: string;
|
|
1354
|
-
|
|
1850
|
+
/** Organization id. */
|
|
1851
|
+
orgId?: string | undefined;
|
|
1852
|
+
/** Tenant id. */
|
|
1853
|
+
tenantId?: string | undefined;
|
|
1854
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1355
1855
|
permissions?: string[] | undefined;
|
|
1856
|
+
/** Whether the user is active. */
|
|
1356
1857
|
isActive: boolean;
|
|
1858
|
+
/** Whether the user is a service account. */
|
|
1357
1859
|
isServiceAccount: boolean;
|
|
1860
|
+
/** Whether the user has completed registration. */
|
|
1358
1861
|
isRegistered: boolean;
|
|
1862
|
+
/** Permissions (roles) assigned to the user. */
|
|
1359
1863
|
permissionAssignments: {
|
|
1864
|
+
/** Human-readable name of the permission (role). */
|
|
1360
1865
|
permissionName: string;
|
|
1866
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1361
1867
|
permissionId: string;
|
|
1868
|
+
/** ID of the permission assignment. */
|
|
1362
1869
|
assignmentId: string;
|
|
1870
|
+
/** List of API operations granted by this permission. */
|
|
1363
1871
|
operations?: string[] | undefined;
|
|
1364
1872
|
}[];
|
|
1365
1873
|
};
|
|
1366
1874
|
accessTokens: {
|
|
1875
|
+
/** The access token. Only returned at creation time. */
|
|
1367
1876
|
accessToken?: string | undefined;
|
|
1368
1877
|
dateCreated: string;
|
|
1878
|
+
/** ID of the credential associated with the access token. */
|
|
1369
1879
|
credId: string;
|
|
1880
|
+
/** Whether the access token is active. */
|
|
1370
1881
|
isActive: boolean;
|
|
1371
1882
|
/** Access token kind. */
|
|
1372
1883
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
1884
|
+
/** User id. */
|
|
1373
1885
|
linkedUserId: string;
|
|
1886
|
+
/** ID of the application the access token is linked to. */
|
|
1374
1887
|
linkedAppId: string;
|
|
1888
|
+
/** Human-readable name of the access token. */
|
|
1375
1889
|
name: string;
|
|
1890
|
+
/** Organization id. */
|
|
1376
1891
|
orgId: string;
|
|
1892
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1377
1893
|
permissionAssignments: {
|
|
1894
|
+
/** Human-readable name of the permission (role). */
|
|
1378
1895
|
permissionName: string;
|
|
1896
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1379
1897
|
permissionId: string;
|
|
1898
|
+
/** ID of the permission assignment. */
|
|
1380
1899
|
assignmentId: string;
|
|
1900
|
+
/** List of API operations granted by this permission. */
|
|
1381
1901
|
operations?: string[] | undefined;
|
|
1382
1902
|
}[];
|
|
1903
|
+
/** Public key associated with the access token. */
|
|
1383
1904
|
publicKey: string;
|
|
1905
|
+
/** Token id. */
|
|
1384
1906
|
tokenId: string;
|
|
1385
1907
|
}[];
|
|
1386
1908
|
};
|
|
@@ -1388,74 +1910,133 @@ export type DeactivateServiceAccountRequest = DeactivateServiceAccountParams & {
|
|
|
1388
1910
|
body: DeactivateServiceAccountBody;
|
|
1389
1911
|
};
|
|
1390
1912
|
export type DeactivateUserParams = {
|
|
1913
|
+
/** User id. */
|
|
1391
1914
|
userId: string;
|
|
1392
1915
|
};
|
|
1393
1916
|
export type DeactivateUserResponse = {
|
|
1917
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1394
1918
|
username: string;
|
|
1919
|
+
/** Display name of the user. */
|
|
1395
1920
|
name: string;
|
|
1396
1921
|
/** User id. */
|
|
1397
1922
|
userId: string;
|
|
1398
1923
|
/** User kind. */
|
|
1399
|
-
kind: "DfnsStaff" | "
|
|
1924
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
1925
|
+
/** UUID of the user's primary credential. */
|
|
1400
1926
|
credentialUuid: string;
|
|
1401
|
-
|
|
1927
|
+
/** Organization id. */
|
|
1928
|
+
orgId?: string | undefined;
|
|
1929
|
+
/** Tenant id. */
|
|
1930
|
+
tenantId?: string | undefined;
|
|
1931
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1402
1932
|
permissions?: string[] | undefined;
|
|
1933
|
+
/** Whether the user is active. */
|
|
1403
1934
|
isActive: boolean;
|
|
1935
|
+
/** Whether the user is a service account. */
|
|
1404
1936
|
isServiceAccount: boolean;
|
|
1937
|
+
/** Whether the user has completed registration. */
|
|
1405
1938
|
isRegistered: boolean;
|
|
1939
|
+
/** Whether the user must authenticate via SSO. */
|
|
1406
1940
|
isSSORequired: boolean;
|
|
1941
|
+
/** Permissions (roles) assigned to the user. */
|
|
1407
1942
|
permissionAssignments: {
|
|
1943
|
+
/** Human-readable name of the permission (role). */
|
|
1408
1944
|
permissionName: string;
|
|
1945
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1409
1946
|
permissionId: string;
|
|
1947
|
+
/** ID of the permission assignment. */
|
|
1410
1948
|
assignmentId: string;
|
|
1949
|
+
/** List of API operations granted by this permission. */
|
|
1411
1950
|
operations?: string[] | undefined;
|
|
1412
1951
|
}[];
|
|
1413
1952
|
};
|
|
1414
1953
|
export type DeactivateUserRequest = DeactivateUserParams;
|
|
1415
1954
|
export type DelegatedLoginBody = {
|
|
1955
|
+
/** Username/identifier of the user to log in. */
|
|
1416
1956
|
username: string;
|
|
1417
1957
|
};
|
|
1418
1958
|
export type DelegatedLoginResponse = {
|
|
1959
|
+
/** Authentication token issued to the user. */
|
|
1419
1960
|
token: string;
|
|
1420
1961
|
};
|
|
1421
1962
|
export type DelegatedLoginRequest = {
|
|
1422
1963
|
body: DelegatedLoginBody;
|
|
1423
1964
|
};
|
|
1965
|
+
export type CreateDelegatedUserLoginBody = DelegatedLoginBody;
|
|
1966
|
+
export type CreateDelegatedUserLoginResponse = DelegatedLoginResponse;
|
|
1967
|
+
export type CreateDelegatedUserLoginRequest = DelegatedLoginRequest;
|
|
1968
|
+
export type ExchangeAccessTokenBody = {
|
|
1969
|
+
/** ID of the Organisation or Tenant for which you wish to obtain an access token. */
|
|
1970
|
+
target: string;
|
|
1971
|
+
};
|
|
1972
|
+
export type ExchangeAccessTokenResponse = {
|
|
1973
|
+
token: string;
|
|
1974
|
+
};
|
|
1975
|
+
export type ExchangeAccessTokenRequest = {
|
|
1976
|
+
body: ExchangeAccessTokenBody;
|
|
1977
|
+
};
|
|
1424
1978
|
export type GetApplicationParams = {
|
|
1979
|
+
/** ID of the application (deprecated). */
|
|
1425
1980
|
appId: string;
|
|
1426
1981
|
};
|
|
1427
1982
|
export type GetApplicationResponse = {
|
|
1983
|
+
/** ID of the application (deprecated). */
|
|
1428
1984
|
appId: string;
|
|
1429
1985
|
kind: "ServerSideApplication" | "ClientSideApplication";
|
|
1986
|
+
/** Organization id. */
|
|
1430
1987
|
orgId: string;
|
|
1988
|
+
/** Expected relying party ID for webauthn (deprecated). */
|
|
1431
1989
|
expectedRpId?: string | undefined;
|
|
1990
|
+
/** Human-readable name of the application. */
|
|
1432
1991
|
name: string;
|
|
1992
|
+
/** Whether the application is active. */
|
|
1433
1993
|
isActive: boolean;
|
|
1994
|
+
/** Expected origin for webauthn (deprecated). */
|
|
1434
1995
|
expectedOrigin?: string | undefined;
|
|
1996
|
+
/** Permissions (roles) assigned to the application. */
|
|
1435
1997
|
permissionAssignments: {
|
|
1998
|
+
/** Human-readable name of the permission (role). */
|
|
1436
1999
|
permissionName: string;
|
|
2000
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1437
2001
|
permissionId: string;
|
|
2002
|
+
/** ID of the permission assignment. */
|
|
1438
2003
|
assignmentId: string;
|
|
2004
|
+
/** List of API operations granted by this permission. */
|
|
1439
2005
|
operations?: string[] | undefined;
|
|
1440
2006
|
}[];
|
|
2007
|
+
/** Access tokens associated with the application. */
|
|
1441
2008
|
accessTokens: {
|
|
2009
|
+
/** The access token. Only returned at creation time. */
|
|
1442
2010
|
accessToken?: string | undefined;
|
|
1443
2011
|
dateCreated: string;
|
|
2012
|
+
/** ID of the credential associated with the access token. */
|
|
1444
2013
|
credId: string;
|
|
2014
|
+
/** Whether the access token is active. */
|
|
1445
2015
|
isActive: boolean;
|
|
1446
2016
|
/** Access token kind. */
|
|
1447
2017
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2018
|
+
/** User id. */
|
|
1448
2019
|
linkedUserId: string;
|
|
2020
|
+
/** ID of the application the access token is linked to. */
|
|
1449
2021
|
linkedAppId: string;
|
|
2022
|
+
/** Human-readable name of the access token. */
|
|
1450
2023
|
name: string;
|
|
2024
|
+
/** Organization id. */
|
|
1451
2025
|
orgId: string;
|
|
2026
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1452
2027
|
permissionAssignments: {
|
|
2028
|
+
/** Human-readable name of the permission (role). */
|
|
1453
2029
|
permissionName: string;
|
|
2030
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1454
2031
|
permissionId: string;
|
|
2032
|
+
/** ID of the permission assignment. */
|
|
1455
2033
|
assignmentId: string;
|
|
2034
|
+
/** List of API operations granted by this permission. */
|
|
1456
2035
|
operations?: string[] | undefined;
|
|
1457
2036
|
}[];
|
|
2037
|
+
/** Public key associated with the access token. */
|
|
1458
2038
|
publicKey: string;
|
|
2039
|
+
/** Token id. */
|
|
1459
2040
|
tokenId: string;
|
|
1460
2041
|
}[];
|
|
1461
2042
|
};
|
|
@@ -1497,133 +2078,232 @@ export type GetAuditLogResponse = {
|
|
|
1497
2078
|
};
|
|
1498
2079
|
export type GetAuditLogRequest = GetAuditLogParams;
|
|
1499
2080
|
export type GetPersonalAccessTokenParams = {
|
|
2081
|
+
/** Token id. */
|
|
1500
2082
|
tokenId: string;
|
|
1501
2083
|
};
|
|
1502
2084
|
export type GetPersonalAccessTokenResponse = {
|
|
2085
|
+
/** The access token. Only returned at creation time. */
|
|
1503
2086
|
accessToken?: string | undefined;
|
|
1504
2087
|
dateCreated: string;
|
|
2088
|
+
/** ID of the credential associated with the access token. */
|
|
1505
2089
|
credId: string;
|
|
2090
|
+
/** Whether the access token is active. */
|
|
1506
2091
|
isActive: boolean;
|
|
1507
2092
|
/** Access token kind. */
|
|
1508
2093
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2094
|
+
/** User id. */
|
|
1509
2095
|
linkedUserId: string;
|
|
2096
|
+
/** ID of the application the access token is linked to. */
|
|
1510
2097
|
linkedAppId: string;
|
|
2098
|
+
/** Human-readable name of the access token. */
|
|
1511
2099
|
name: string;
|
|
2100
|
+
/** Organization id. */
|
|
1512
2101
|
orgId: string;
|
|
2102
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1513
2103
|
permissionAssignments: {
|
|
2104
|
+
/** Human-readable name of the permission (role). */
|
|
1514
2105
|
permissionName: string;
|
|
2106
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1515
2107
|
permissionId: string;
|
|
2108
|
+
/** ID of the permission assignment. */
|
|
1516
2109
|
assignmentId: string;
|
|
2110
|
+
/** List of API operations granted by this permission. */
|
|
1517
2111
|
operations?: string[] | undefined;
|
|
1518
2112
|
}[];
|
|
2113
|
+
/** Public key associated with the access token. */
|
|
1519
2114
|
publicKey: string;
|
|
2115
|
+
/** Token id. */
|
|
1520
2116
|
tokenId: string;
|
|
1521
2117
|
};
|
|
1522
2118
|
export type GetPersonalAccessTokenRequest = GetPersonalAccessTokenParams;
|
|
1523
2119
|
export type GetServiceAccountParams = {
|
|
2120
|
+
/** ID of the service account. */
|
|
1524
2121
|
serviceAccountId: string;
|
|
1525
2122
|
};
|
|
1526
2123
|
export type GetServiceAccountResponse = {
|
|
1527
2124
|
userInfo: {
|
|
2125
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1528
2126
|
username: string;
|
|
2127
|
+
/** Display name of the user. */
|
|
1529
2128
|
name: string;
|
|
1530
2129
|
/** User id. */
|
|
1531
2130
|
userId: string;
|
|
1532
2131
|
/** User kind. */
|
|
1533
|
-
kind: "DfnsStaff" | "
|
|
2132
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
2133
|
+
/** UUID of the user's primary credential. */
|
|
1534
2134
|
credentialUuid: string;
|
|
1535
|
-
|
|
2135
|
+
/** Organization id. */
|
|
2136
|
+
orgId?: string | undefined;
|
|
2137
|
+
/** Tenant id. */
|
|
2138
|
+
tenantId?: string | undefined;
|
|
2139
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1536
2140
|
permissions?: string[] | undefined;
|
|
2141
|
+
/** Whether the user is active. */
|
|
1537
2142
|
isActive: boolean;
|
|
2143
|
+
/** Whether the user is a service account. */
|
|
1538
2144
|
isServiceAccount: boolean;
|
|
2145
|
+
/** Whether the user has completed registration. */
|
|
1539
2146
|
isRegistered: boolean;
|
|
2147
|
+
/** Permissions (roles) assigned to the user. */
|
|
1540
2148
|
permissionAssignments: {
|
|
2149
|
+
/** Human-readable name of the permission (role). */
|
|
1541
2150
|
permissionName: string;
|
|
2151
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1542
2152
|
permissionId: string;
|
|
2153
|
+
/** ID of the permission assignment. */
|
|
1543
2154
|
assignmentId: string;
|
|
2155
|
+
/** List of API operations granted by this permission. */
|
|
1544
2156
|
operations?: string[] | undefined;
|
|
1545
2157
|
}[];
|
|
1546
2158
|
};
|
|
1547
2159
|
accessTokens: {
|
|
2160
|
+
/** The access token. Only returned at creation time. */
|
|
1548
2161
|
accessToken?: string | undefined;
|
|
1549
2162
|
dateCreated: string;
|
|
2163
|
+
/** ID of the credential associated with the access token. */
|
|
1550
2164
|
credId: string;
|
|
2165
|
+
/** Whether the access token is active. */
|
|
1551
2166
|
isActive: boolean;
|
|
1552
2167
|
/** Access token kind. */
|
|
1553
2168
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2169
|
+
/** User id. */
|
|
1554
2170
|
linkedUserId: string;
|
|
2171
|
+
/** ID of the application the access token is linked to. */
|
|
1555
2172
|
linkedAppId: string;
|
|
2173
|
+
/** Human-readable name of the access token. */
|
|
1556
2174
|
name: string;
|
|
2175
|
+
/** Organization id. */
|
|
1557
2176
|
orgId: string;
|
|
2177
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1558
2178
|
permissionAssignments: {
|
|
2179
|
+
/** Human-readable name of the permission (role). */
|
|
1559
2180
|
permissionName: string;
|
|
2181
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1560
2182
|
permissionId: string;
|
|
2183
|
+
/** ID of the permission assignment. */
|
|
1561
2184
|
assignmentId: string;
|
|
2185
|
+
/** List of API operations granted by this permission. */
|
|
1562
2186
|
operations?: string[] | undefined;
|
|
1563
2187
|
}[];
|
|
2188
|
+
/** Public key associated with the access token. */
|
|
1564
2189
|
publicKey: string;
|
|
2190
|
+
/** Token id. */
|
|
1565
2191
|
tokenId: string;
|
|
1566
2192
|
}[];
|
|
1567
2193
|
};
|
|
1568
2194
|
export type GetServiceAccountRequest = GetServiceAccountParams;
|
|
1569
2195
|
export type GetUserParams = {
|
|
2196
|
+
/** User id. */
|
|
1570
2197
|
userId: string;
|
|
1571
2198
|
};
|
|
1572
2199
|
export type GetUserResponse = {
|
|
2200
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1573
2201
|
username: string;
|
|
2202
|
+
/** Display name of the user. */
|
|
1574
2203
|
name: string;
|
|
1575
2204
|
/** User id. */
|
|
1576
2205
|
userId: string;
|
|
1577
2206
|
/** User kind. */
|
|
1578
|
-
kind: "DfnsStaff" | "
|
|
2207
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
2208
|
+
/** UUID of the user's primary credential. */
|
|
1579
2209
|
credentialUuid: string;
|
|
1580
|
-
|
|
2210
|
+
/** Organization id. */
|
|
2211
|
+
orgId?: string | undefined;
|
|
2212
|
+
/** Tenant id. */
|
|
2213
|
+
tenantId?: string | undefined;
|
|
2214
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1581
2215
|
permissions?: string[] | undefined;
|
|
2216
|
+
/** Whether the user is active. */
|
|
1582
2217
|
isActive: boolean;
|
|
2218
|
+
/** Whether the user is a service account. */
|
|
1583
2219
|
isServiceAccount: boolean;
|
|
2220
|
+
/** Whether the user has completed registration. */
|
|
1584
2221
|
isRegistered: boolean;
|
|
2222
|
+
/** Whether the user must authenticate via SSO. */
|
|
1585
2223
|
isSSORequired: boolean;
|
|
2224
|
+
/** Permissions (roles) assigned to the user. */
|
|
1586
2225
|
permissionAssignments: {
|
|
2226
|
+
/** Human-readable name of the permission (role). */
|
|
1587
2227
|
permissionName: string;
|
|
2228
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1588
2229
|
permissionId: string;
|
|
2230
|
+
/** ID of the permission assignment. */
|
|
1589
2231
|
assignmentId: string;
|
|
2232
|
+
/** List of API operations granted by this permission. */
|
|
1590
2233
|
operations?: string[] | undefined;
|
|
1591
2234
|
}[];
|
|
1592
2235
|
};
|
|
1593
2236
|
export type GetUserRequest = GetUserParams;
|
|
2237
|
+
export type InviteTenantUserBody = {
|
|
2238
|
+
/** Email address of the existing Tenant User. */
|
|
2239
|
+
email: string;
|
|
2240
|
+
/** The kind of user being invited. It can only be "`TenantUser`" */
|
|
2241
|
+
kind: "TenantUser";
|
|
2242
|
+
};
|
|
2243
|
+
export type InviteTenantUserResponse = {};
|
|
2244
|
+
export type InviteTenantUserRequest = {
|
|
2245
|
+
body: InviteTenantUserBody;
|
|
2246
|
+
};
|
|
1594
2247
|
export type ListApplicationsResponse = {
|
|
2248
|
+
/** Current page items. */
|
|
1595
2249
|
items: {
|
|
2250
|
+
/** ID of the application (deprecated). */
|
|
1596
2251
|
appId: string;
|
|
1597
2252
|
kind: "ServerSideApplication" | "ClientSideApplication";
|
|
2253
|
+
/** Organization id. */
|
|
1598
2254
|
orgId: string;
|
|
2255
|
+
/** Expected relying party ID for webauthn (deprecated). */
|
|
1599
2256
|
expectedRpId?: string | undefined;
|
|
2257
|
+
/** Human-readable name of the application. */
|
|
1600
2258
|
name: string;
|
|
2259
|
+
/** Whether the application is active. */
|
|
1601
2260
|
isActive: boolean;
|
|
2261
|
+
/** Expected origin for webauthn (deprecated). */
|
|
1602
2262
|
expectedOrigin?: string | undefined;
|
|
2263
|
+
/** Permissions (roles) assigned to the application. */
|
|
1603
2264
|
permissionAssignments: {
|
|
2265
|
+
/** Human-readable name of the permission (role). */
|
|
1604
2266
|
permissionName: string;
|
|
2267
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1605
2268
|
permissionId: string;
|
|
2269
|
+
/** ID of the permission assignment. */
|
|
1606
2270
|
assignmentId: string;
|
|
2271
|
+
/** List of API operations granted by this permission. */
|
|
1607
2272
|
operations?: string[] | undefined;
|
|
1608
2273
|
}[];
|
|
2274
|
+
/** Access tokens associated with the application. */
|
|
1609
2275
|
accessTokens: {
|
|
2276
|
+
/** The access token. Only returned at creation time. */
|
|
1610
2277
|
accessToken?: string | undefined;
|
|
1611
2278
|
dateCreated: string;
|
|
2279
|
+
/** ID of the credential associated with the access token. */
|
|
1612
2280
|
credId: string;
|
|
2281
|
+
/** Whether the access token is active. */
|
|
1613
2282
|
isActive: boolean;
|
|
1614
2283
|
/** Access token kind. */
|
|
1615
2284
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2285
|
+
/** User id. */
|
|
1616
2286
|
linkedUserId: string;
|
|
2287
|
+
/** ID of the application the access token is linked to. */
|
|
1617
2288
|
linkedAppId: string;
|
|
2289
|
+
/** Human-readable name of the access token. */
|
|
1618
2290
|
name: string;
|
|
2291
|
+
/** Organization id. */
|
|
1619
2292
|
orgId: string;
|
|
2293
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1620
2294
|
permissionAssignments: {
|
|
2295
|
+
/** Human-readable name of the permission (role). */
|
|
1621
2296
|
permissionName: string;
|
|
2297
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1622
2298
|
permissionId: string;
|
|
2299
|
+
/** ID of the permission assignment. */
|
|
1623
2300
|
assignmentId: string;
|
|
2301
|
+
/** List of API operations granted by this permission. */
|
|
1624
2302
|
operations?: string[] | undefined;
|
|
1625
2303
|
}[];
|
|
2304
|
+
/** Public key associated with the access token. */
|
|
1626
2305
|
publicKey: string;
|
|
2306
|
+
/** Token id. */
|
|
1627
2307
|
tokenId: string;
|
|
1628
2308
|
}[];
|
|
1629
2309
|
}[];
|
|
@@ -1639,111 +2319,186 @@ export type ListAuditLogsRequest = {
|
|
|
1639
2319
|
query?: ListAuditLogsQuery;
|
|
1640
2320
|
};
|
|
1641
2321
|
export type ListCredentialsResponse = {
|
|
2322
|
+
/** Current page items. */
|
|
1642
2323
|
items: {
|
|
1643
2324
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
2325
|
+
/** Credential ID from the WebAuthn authenticator (base64url). */
|
|
1644
2326
|
credentialId: string;
|
|
2327
|
+
/** Dfns-internal UUID of the credential. */
|
|
1645
2328
|
credentialUuid: string;
|
|
1646
2329
|
dateCreated: string;
|
|
2330
|
+
/** Whether the credential is active. */
|
|
1647
2331
|
isActive: boolean;
|
|
2332
|
+
/** Human-readable name of the credential. */
|
|
1648
2333
|
name: string;
|
|
2334
|
+
/** Public key of the credential. */
|
|
1649
2335
|
publicKey: string;
|
|
2336
|
+
/** Relying party identifier associated with the credential. */
|
|
1650
2337
|
relyingPartyId: string;
|
|
2338
|
+
/** Origin where the credential was created. */
|
|
1651
2339
|
origin: string;
|
|
1652
2340
|
}[];
|
|
1653
2341
|
};
|
|
2342
|
+
export type ListUserCredentialsResponse = ListCredentialsResponse;
|
|
1654
2343
|
export type ListPersonalAccessTokensResponse = {
|
|
2344
|
+
/** Current page items. */
|
|
1655
2345
|
items: {
|
|
2346
|
+
/** The access token. Only returned at creation time. */
|
|
1656
2347
|
accessToken?: string | undefined;
|
|
1657
2348
|
dateCreated: string;
|
|
2349
|
+
/** ID of the credential associated with the access token. */
|
|
1658
2350
|
credId: string;
|
|
2351
|
+
/** Whether the access token is active. */
|
|
1659
2352
|
isActive: boolean;
|
|
1660
2353
|
/** Access token kind. */
|
|
1661
2354
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2355
|
+
/** User id. */
|
|
1662
2356
|
linkedUserId: string;
|
|
2357
|
+
/** ID of the application the access token is linked to. */
|
|
1663
2358
|
linkedAppId: string;
|
|
2359
|
+
/** Human-readable name of the access token. */
|
|
1664
2360
|
name: string;
|
|
2361
|
+
/** Organization id. */
|
|
1665
2362
|
orgId: string;
|
|
2363
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1666
2364
|
permissionAssignments: {
|
|
2365
|
+
/** Human-readable name of the permission (role). */
|
|
1667
2366
|
permissionName: string;
|
|
2367
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1668
2368
|
permissionId: string;
|
|
2369
|
+
/** ID of the permission assignment. */
|
|
1669
2370
|
assignmentId: string;
|
|
2371
|
+
/** List of API operations granted by this permission. */
|
|
1670
2372
|
operations?: string[] | undefined;
|
|
1671
2373
|
}[];
|
|
2374
|
+
/** Public key associated with the access token. */
|
|
1672
2375
|
publicKey: string;
|
|
2376
|
+
/** Token id. */
|
|
1673
2377
|
tokenId: string;
|
|
1674
2378
|
}[];
|
|
1675
2379
|
};
|
|
1676
2380
|
export type ListServiceAccountsResponse = {
|
|
2381
|
+
/** Current page items. */
|
|
1677
2382
|
items: {
|
|
1678
2383
|
userInfo: {
|
|
2384
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1679
2385
|
username: string;
|
|
2386
|
+
/** Display name of the user. */
|
|
1680
2387
|
name: string;
|
|
1681
2388
|
/** User id. */
|
|
1682
2389
|
userId: string;
|
|
1683
2390
|
/** User kind. */
|
|
1684
|
-
kind: "DfnsStaff" | "
|
|
2391
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
2392
|
+
/** UUID of the user's primary credential. */
|
|
1685
2393
|
credentialUuid: string;
|
|
1686
|
-
|
|
2394
|
+
/** Organization id. */
|
|
2395
|
+
orgId?: string | undefined;
|
|
2396
|
+
/** Tenant id. */
|
|
2397
|
+
tenantId?: string | undefined;
|
|
2398
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1687
2399
|
permissions?: string[] | undefined;
|
|
2400
|
+
/** Whether the user is active. */
|
|
1688
2401
|
isActive: boolean;
|
|
2402
|
+
/** Whether the user is a service account. */
|
|
1689
2403
|
isServiceAccount: boolean;
|
|
2404
|
+
/** Whether the user has completed registration. */
|
|
1690
2405
|
isRegistered: boolean;
|
|
2406
|
+
/** Permissions (roles) assigned to the user. */
|
|
1691
2407
|
permissionAssignments: {
|
|
2408
|
+
/** Human-readable name of the permission (role). */
|
|
1692
2409
|
permissionName: string;
|
|
2410
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1693
2411
|
permissionId: string;
|
|
2412
|
+
/** ID of the permission assignment. */
|
|
1694
2413
|
assignmentId: string;
|
|
2414
|
+
/** List of API operations granted by this permission. */
|
|
1695
2415
|
operations?: string[] | undefined;
|
|
1696
2416
|
}[];
|
|
1697
2417
|
};
|
|
1698
2418
|
accessTokens: {
|
|
2419
|
+
/** The access token. Only returned at creation time. */
|
|
1699
2420
|
accessToken?: string | undefined;
|
|
1700
2421
|
dateCreated: string;
|
|
2422
|
+
/** ID of the credential associated with the access token. */
|
|
1701
2423
|
credId: string;
|
|
2424
|
+
/** Whether the access token is active. */
|
|
1702
2425
|
isActive: boolean;
|
|
1703
2426
|
/** Access token kind. */
|
|
1704
2427
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2428
|
+
/** User id. */
|
|
1705
2429
|
linkedUserId: string;
|
|
2430
|
+
/** ID of the application the access token is linked to. */
|
|
1706
2431
|
linkedAppId: string;
|
|
2432
|
+
/** Human-readable name of the access token. */
|
|
1707
2433
|
name: string;
|
|
2434
|
+
/** Organization id. */
|
|
1708
2435
|
orgId: string;
|
|
2436
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1709
2437
|
permissionAssignments: {
|
|
2438
|
+
/** Human-readable name of the permission (role). */
|
|
1710
2439
|
permissionName: string;
|
|
2440
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1711
2441
|
permissionId: string;
|
|
2442
|
+
/** ID of the permission assignment. */
|
|
1712
2443
|
assignmentId: string;
|
|
2444
|
+
/** List of API operations granted by this permission. */
|
|
1713
2445
|
operations?: string[] | undefined;
|
|
1714
2446
|
}[];
|
|
2447
|
+
/** Public key associated with the access token. */
|
|
1715
2448
|
publicKey: string;
|
|
2449
|
+
/** Token id. */
|
|
1716
2450
|
tokenId: string;
|
|
1717
2451
|
}[];
|
|
1718
2452
|
}[];
|
|
1719
2453
|
};
|
|
1720
2454
|
export type ListUsersQuery = {
|
|
2455
|
+
/** Maximum number of items to return. */
|
|
1721
2456
|
limit?: number | undefined;
|
|
2457
|
+
/** Opaque token used to retrieve the next page. Returned as `nextPageToken` from the previous request. */
|
|
1722
2458
|
paginationToken?: string | undefined;
|
|
2459
|
+
/** Filter users by kind. */
|
|
1723
2460
|
kind?: ("CustomerEmployee" | "EndUser") | undefined;
|
|
1724
2461
|
};
|
|
1725
2462
|
export type ListUsersResponse = {
|
|
2463
|
+
/** Current page items. */
|
|
1726
2464
|
items: {
|
|
2465
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1727
2466
|
username: string;
|
|
2467
|
+
/** Display name of the user. */
|
|
1728
2468
|
name: string;
|
|
1729
2469
|
/** User id. */
|
|
1730
2470
|
userId: string;
|
|
1731
2471
|
/** User kind. */
|
|
1732
|
-
kind: "DfnsStaff" | "
|
|
2472
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
2473
|
+
/** UUID of the user's primary credential. */
|
|
1733
2474
|
credentialUuid: string;
|
|
1734
|
-
|
|
2475
|
+
/** Organization id. */
|
|
2476
|
+
orgId?: string | undefined;
|
|
2477
|
+
/** Tenant id. */
|
|
2478
|
+
tenantId?: string | undefined;
|
|
2479
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1735
2480
|
permissions?: string[] | undefined;
|
|
2481
|
+
/** Whether the user is active. */
|
|
1736
2482
|
isActive: boolean;
|
|
2483
|
+
/** Whether the user is a service account. */
|
|
1737
2484
|
isServiceAccount: boolean;
|
|
2485
|
+
/** Whether the user has completed registration. */
|
|
1738
2486
|
isRegistered: boolean;
|
|
2487
|
+
/** Whether the user must authenticate via SSO. */
|
|
1739
2488
|
isSSORequired: boolean;
|
|
2489
|
+
/** Permissions (roles) assigned to the user. */
|
|
1740
2490
|
permissionAssignments: {
|
|
2491
|
+
/** Human-readable name of the permission (role). */
|
|
1741
2492
|
permissionName: string;
|
|
2493
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1742
2494
|
permissionId: string;
|
|
2495
|
+
/** ID of the permission assignment. */
|
|
1743
2496
|
assignmentId: string;
|
|
2497
|
+
/** List of API operations granted by this permission. */
|
|
1744
2498
|
operations?: string[] | undefined;
|
|
1745
2499
|
}[];
|
|
1746
2500
|
}[];
|
|
2501
|
+
/** token to use as `paginationToken` to request the next page. */
|
|
1747
2502
|
nextPageToken?: string | undefined;
|
|
1748
2503
|
};
|
|
1749
2504
|
export type ListUsersRequest = {
|
|
@@ -1795,6 +2550,7 @@ export type LoginBody = {
|
|
|
1795
2550
|
};
|
|
1796
2551
|
} | {
|
|
1797
2552
|
kind: "Password";
|
|
2553
|
+
/** User password. */
|
|
1798
2554
|
password: string;
|
|
1799
2555
|
};
|
|
1800
2556
|
/** Second factor credential used to authenticate a user. */
|
|
@@ -1840,12 +2596,15 @@ export type LoginBody = {
|
|
|
1840
2596
|
};
|
|
1841
2597
|
} | {
|
|
1842
2598
|
kind: "Totp";
|
|
2599
|
+
/** TOTP one-time code. */
|
|
1843
2600
|
otpCode: string;
|
|
1844
2601
|
}) | undefined;
|
|
1845
2602
|
};
|
|
1846
2603
|
export type LoginResponse = {
|
|
2604
|
+
/** Authentication token issued to the user. */
|
|
1847
2605
|
token: string;
|
|
1848
2606
|
} | {
|
|
2607
|
+
/** Identifier of the SSO client to use to complete the login flow. */
|
|
1849
2608
|
ssoClientId: string;
|
|
1850
2609
|
};
|
|
1851
2610
|
export type LoginRequest = {
|
|
@@ -1855,6 +2614,7 @@ export type LogoutBody = {
|
|
|
1855
2614
|
allSessions?: boolean | undefined;
|
|
1856
2615
|
} | undefined;
|
|
1857
2616
|
export type LogoutResponse = {
|
|
2617
|
+
/** Human-readable success message. */
|
|
1858
2618
|
message: string;
|
|
1859
2619
|
};
|
|
1860
2620
|
export type LogoutRequest = {
|
|
@@ -1878,288 +2638,424 @@ export type RecoverBody = {
|
|
|
1878
2638
|
firstFactorCredential: {
|
|
1879
2639
|
credentialKind: "Fido2";
|
|
1880
2640
|
credentialInfo: {
|
|
2641
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
1881
2642
|
credId: string;
|
|
2643
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
1882
2644
|
clientData: string;
|
|
2645
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
1883
2646
|
attestationData: string;
|
|
1884
2647
|
};
|
|
2648
|
+
/** Human-readable name to assign to the credential. */
|
|
1885
2649
|
credentialName?: string | undefined;
|
|
1886
2650
|
} | {
|
|
1887
2651
|
credentialKind: "Key";
|
|
1888
2652
|
credentialInfo: {
|
|
2653
|
+
/** Base64url-encoded id of the credential. */
|
|
1889
2654
|
credId: string;
|
|
2655
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1890
2656
|
clientData: string;
|
|
2657
|
+
/** Base64url-encoded public key. */
|
|
1891
2658
|
attestationData: string;
|
|
1892
2659
|
};
|
|
2660
|
+
/** Human-readable name to assign to the credential. */
|
|
1893
2661
|
credentialName?: string | undefined;
|
|
1894
2662
|
} | {
|
|
1895
2663
|
credentialKind: "Password";
|
|
1896
2664
|
credentialInfo: {
|
|
2665
|
+
/** User password. */
|
|
1897
2666
|
password: string;
|
|
1898
2667
|
};
|
|
2668
|
+
/** Human-readable name to assign to the credential. */
|
|
1899
2669
|
credentialName?: string | undefined;
|
|
1900
2670
|
} | {
|
|
1901
2671
|
credentialKind: "PasswordProtectedKey";
|
|
1902
2672
|
credentialInfo: {
|
|
2673
|
+
/** Base64url-encoded id of the credential. */
|
|
1903
2674
|
credId: string;
|
|
2675
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1904
2676
|
clientData: string;
|
|
2677
|
+
/** Base64url-encoded public key. */
|
|
1905
2678
|
attestationData: string;
|
|
1906
2679
|
};
|
|
2680
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
1907
2681
|
encryptedPrivateKey: string;
|
|
2682
|
+
/** Human-readable name to assign to the credential. */
|
|
1908
2683
|
credentialName?: string | undefined;
|
|
1909
2684
|
};
|
|
1910
2685
|
secondFactorCredential?: ({
|
|
1911
2686
|
credentialKind: "Fido2";
|
|
1912
2687
|
credentialInfo: {
|
|
2688
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
1913
2689
|
credId: string;
|
|
2690
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
1914
2691
|
clientData: string;
|
|
2692
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
1915
2693
|
attestationData: string;
|
|
1916
2694
|
};
|
|
2695
|
+
/** Human-readable name to assign to the credential. */
|
|
1917
2696
|
credentialName?: string | undefined;
|
|
1918
2697
|
} | {
|
|
1919
2698
|
credentialKind: "Key";
|
|
1920
2699
|
credentialInfo: {
|
|
2700
|
+
/** Base64url-encoded id of the credential. */
|
|
1921
2701
|
credId: string;
|
|
2702
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1922
2703
|
clientData: string;
|
|
2704
|
+
/** Base64url-encoded public key. */
|
|
1923
2705
|
attestationData: string;
|
|
1924
2706
|
};
|
|
2707
|
+
/** Human-readable name to assign to the credential. */
|
|
1925
2708
|
credentialName?: string | undefined;
|
|
1926
2709
|
} | {
|
|
1927
2710
|
credentialKind: "Totp";
|
|
1928
2711
|
credentialInfo: {
|
|
2712
|
+
/** TOTP one-time code. */
|
|
1929
2713
|
otpCode: string;
|
|
1930
2714
|
};
|
|
2715
|
+
/** Human-readable name to assign to the credential. */
|
|
1931
2716
|
credentialName?: string | undefined;
|
|
1932
2717
|
} | {
|
|
1933
2718
|
credentialKind: "PasswordProtectedKey";
|
|
1934
2719
|
credentialInfo: {
|
|
2720
|
+
/** Base64url-encoded id of the credential. */
|
|
1935
2721
|
credId: string;
|
|
2722
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1936
2723
|
clientData: string;
|
|
2724
|
+
/** Base64url-encoded public key. */
|
|
1937
2725
|
attestationData: string;
|
|
1938
2726
|
};
|
|
2727
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
1939
2728
|
encryptedPrivateKey: string;
|
|
2729
|
+
/** Human-readable name to assign to the credential. */
|
|
1940
2730
|
credentialName?: string | undefined;
|
|
1941
2731
|
}) | undefined;
|
|
1942
2732
|
/** Register a recovery key. See [Account Recovery](https://docs.dfns.co/api-reference/auth/account-recovery) for more details. */
|
|
1943
2733
|
recoveryCredential?: {
|
|
1944
2734
|
credentialKind: "RecoveryKey";
|
|
1945
2735
|
credentialInfo: {
|
|
2736
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
1946
2737
|
credId: string;
|
|
2738
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1947
2739
|
clientData: string;
|
|
2740
|
+
/** Base64url-encoded public key. */
|
|
1948
2741
|
attestationData: string;
|
|
1949
2742
|
};
|
|
2743
|
+
/** User-encrypted private key for the recovery credential. */
|
|
1950
2744
|
encryptedPrivateKey?: string | undefined;
|
|
2745
|
+
/** Human-readable name to assign to the credential. */
|
|
1951
2746
|
credentialName?: string | undefined;
|
|
1952
2747
|
} | undefined;
|
|
1953
2748
|
};
|
|
1954
2749
|
};
|
|
1955
2750
|
export type RecoverResponse = {
|
|
1956
2751
|
credential: {
|
|
2752
|
+
/** UUID of the credential that was registered. */
|
|
1957
2753
|
uuid: string;
|
|
2754
|
+
/** Kind of credential that was registered. */
|
|
1958
2755
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
2756
|
+
/** Human-readable name of the credential. */
|
|
1959
2757
|
name: string;
|
|
1960
2758
|
};
|
|
1961
2759
|
user: {
|
|
2760
|
+
/** User id. */
|
|
1962
2761
|
id: string;
|
|
2762
|
+
/** Username/identifier of the user. */
|
|
1963
2763
|
username: string;
|
|
1964
|
-
|
|
2764
|
+
/** Organization id. */
|
|
2765
|
+
orgId?: string | undefined;
|
|
2766
|
+
/** Tenant id. */
|
|
2767
|
+
tenantId?: string | undefined;
|
|
1965
2768
|
};
|
|
1966
2769
|
};
|
|
1967
2770
|
export type RecoverRequest = {
|
|
1968
2771
|
body: RecoverBody;
|
|
1969
2772
|
};
|
|
2773
|
+
export type CreateUserRecoveryBody = RecoverBody;
|
|
2774
|
+
export type CreateUserRecoveryResponse = RecoverResponse;
|
|
2775
|
+
export type CreateUserRecoveryRequest = RecoverRequest;
|
|
1970
2776
|
export type RegisterBody = {
|
|
1971
2777
|
firstFactorCredential: {
|
|
1972
2778
|
credentialKind: "Fido2";
|
|
1973
2779
|
credentialInfo: {
|
|
2780
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
1974
2781
|
credId: string;
|
|
2782
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
1975
2783
|
clientData: string;
|
|
2784
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
1976
2785
|
attestationData: string;
|
|
1977
2786
|
};
|
|
2787
|
+
/** Human-readable name to assign to the credential. */
|
|
1978
2788
|
credentialName?: string | undefined;
|
|
1979
2789
|
} | {
|
|
1980
2790
|
credentialKind: "Key";
|
|
1981
2791
|
credentialInfo: {
|
|
2792
|
+
/** Base64url-encoded id of the credential. */
|
|
1982
2793
|
credId: string;
|
|
2794
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1983
2795
|
clientData: string;
|
|
2796
|
+
/** Base64url-encoded public key. */
|
|
1984
2797
|
attestationData: string;
|
|
1985
2798
|
};
|
|
2799
|
+
/** Human-readable name to assign to the credential. */
|
|
1986
2800
|
credentialName?: string | undefined;
|
|
1987
2801
|
} | {
|
|
1988
2802
|
credentialKind: "Password";
|
|
1989
2803
|
credentialInfo: {
|
|
2804
|
+
/** User password. */
|
|
1990
2805
|
password: string;
|
|
1991
2806
|
};
|
|
2807
|
+
/** Human-readable name to assign to the credential. */
|
|
1992
2808
|
credentialName?: string | undefined;
|
|
1993
2809
|
} | {
|
|
1994
2810
|
credentialKind: "PasswordProtectedKey";
|
|
1995
2811
|
credentialInfo: {
|
|
2812
|
+
/** Base64url-encoded id of the credential. */
|
|
1996
2813
|
credId: string;
|
|
2814
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1997
2815
|
clientData: string;
|
|
2816
|
+
/** Base64url-encoded public key. */
|
|
1998
2817
|
attestationData: string;
|
|
1999
2818
|
};
|
|
2819
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
2000
2820
|
encryptedPrivateKey: string;
|
|
2821
|
+
/** Human-readable name to assign to the credential. */
|
|
2001
2822
|
credentialName?: string | undefined;
|
|
2002
2823
|
};
|
|
2003
2824
|
secondFactorCredential?: ({
|
|
2004
2825
|
credentialKind: "Fido2";
|
|
2005
2826
|
credentialInfo: {
|
|
2827
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
2006
2828
|
credId: string;
|
|
2829
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
2007
2830
|
clientData: string;
|
|
2831
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
2008
2832
|
attestationData: string;
|
|
2009
2833
|
};
|
|
2834
|
+
/** Human-readable name to assign to the credential. */
|
|
2010
2835
|
credentialName?: string | undefined;
|
|
2011
2836
|
} | {
|
|
2012
2837
|
credentialKind: "Key";
|
|
2013
2838
|
credentialInfo: {
|
|
2839
|
+
/** Base64url-encoded id of the credential. */
|
|
2014
2840
|
credId: string;
|
|
2841
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2015
2842
|
clientData: string;
|
|
2843
|
+
/** Base64url-encoded public key. */
|
|
2016
2844
|
attestationData: string;
|
|
2017
2845
|
};
|
|
2846
|
+
/** Human-readable name to assign to the credential. */
|
|
2018
2847
|
credentialName?: string | undefined;
|
|
2019
2848
|
} | {
|
|
2020
2849
|
credentialKind: "Totp";
|
|
2021
2850
|
credentialInfo: {
|
|
2851
|
+
/** TOTP one-time code. */
|
|
2022
2852
|
otpCode: string;
|
|
2023
2853
|
};
|
|
2854
|
+
/** Human-readable name to assign to the credential. */
|
|
2024
2855
|
credentialName?: string | undefined;
|
|
2025
2856
|
} | {
|
|
2026
2857
|
credentialKind: "PasswordProtectedKey";
|
|
2027
2858
|
credentialInfo: {
|
|
2859
|
+
/** Base64url-encoded id of the credential. */
|
|
2028
2860
|
credId: string;
|
|
2861
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2029
2862
|
clientData: string;
|
|
2863
|
+
/** Base64url-encoded public key. */
|
|
2030
2864
|
attestationData: string;
|
|
2031
2865
|
};
|
|
2866
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
2032
2867
|
encryptedPrivateKey: string;
|
|
2868
|
+
/** Human-readable name to assign to the credential. */
|
|
2033
2869
|
credentialName?: string | undefined;
|
|
2034
2870
|
}) | undefined;
|
|
2035
2871
|
/** Register a recovery key. See [Account Recovery](https://docs.dfns.co/api-reference/auth/account-recovery) for more details. */
|
|
2036
2872
|
recoveryCredential?: {
|
|
2037
2873
|
credentialKind: "RecoveryKey";
|
|
2038
2874
|
credentialInfo: {
|
|
2875
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
2039
2876
|
credId: string;
|
|
2877
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2040
2878
|
clientData: string;
|
|
2879
|
+
/** Base64url-encoded public key. */
|
|
2041
2880
|
attestationData: string;
|
|
2042
2881
|
};
|
|
2882
|
+
/** User-encrypted private key for the recovery credential. */
|
|
2043
2883
|
encryptedPrivateKey?: string | undefined;
|
|
2884
|
+
/** Human-readable name to assign to the credential. */
|
|
2044
2885
|
credentialName?: string | undefined;
|
|
2045
2886
|
} | undefined;
|
|
2046
2887
|
};
|
|
2047
2888
|
export type RegisterResponse = {
|
|
2048
2889
|
credential: {
|
|
2890
|
+
/** UUID of the credential that was registered. */
|
|
2049
2891
|
uuid: string;
|
|
2892
|
+
/** Kind of credential that was registered. */
|
|
2050
2893
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
2894
|
+
/** Human-readable name of the credential. */
|
|
2051
2895
|
name: string;
|
|
2052
2896
|
};
|
|
2053
2897
|
user: {
|
|
2898
|
+
/** User id. */
|
|
2054
2899
|
id: string;
|
|
2900
|
+
/** Username/identifier of the user. */
|
|
2055
2901
|
username: string;
|
|
2056
|
-
|
|
2902
|
+
/** Organization id. */
|
|
2903
|
+
orgId?: string | undefined;
|
|
2904
|
+
/** Tenant id. */
|
|
2905
|
+
tenantId?: string | undefined;
|
|
2057
2906
|
};
|
|
2058
2907
|
};
|
|
2059
2908
|
export type RegisterRequest = {
|
|
2060
2909
|
body: RegisterBody;
|
|
2061
2910
|
};
|
|
2911
|
+
export type CreateUserRegistrationBody = RegisterBody;
|
|
2912
|
+
export type CreateUserRegistrationResponse = RegisterResponse;
|
|
2913
|
+
export type CreateUserRegistrationRequest = RegisterRequest;
|
|
2062
2914
|
export type RegisterEndUserBody = {
|
|
2063
2915
|
firstFactorCredential: {
|
|
2064
2916
|
credentialKind: "Fido2";
|
|
2065
2917
|
credentialInfo: {
|
|
2918
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
2066
2919
|
credId: string;
|
|
2920
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
2067
2921
|
clientData: string;
|
|
2922
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
2068
2923
|
attestationData: string;
|
|
2069
2924
|
};
|
|
2925
|
+
/** Human-readable name to assign to the credential. */
|
|
2070
2926
|
credentialName?: string | undefined;
|
|
2071
2927
|
} | {
|
|
2072
2928
|
credentialKind: "Key";
|
|
2073
2929
|
credentialInfo: {
|
|
2930
|
+
/** Base64url-encoded id of the credential. */
|
|
2074
2931
|
credId: string;
|
|
2932
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2075
2933
|
clientData: string;
|
|
2934
|
+
/** Base64url-encoded public key. */
|
|
2076
2935
|
attestationData: string;
|
|
2077
2936
|
};
|
|
2937
|
+
/** Human-readable name to assign to the credential. */
|
|
2078
2938
|
credentialName?: string | undefined;
|
|
2079
2939
|
} | {
|
|
2080
2940
|
credentialKind: "Password";
|
|
2081
2941
|
credentialInfo: {
|
|
2942
|
+
/** User password. */
|
|
2082
2943
|
password: string;
|
|
2083
2944
|
};
|
|
2945
|
+
/** Human-readable name to assign to the credential. */
|
|
2084
2946
|
credentialName?: string | undefined;
|
|
2085
2947
|
} | {
|
|
2086
2948
|
credentialKind: "PasswordProtectedKey";
|
|
2087
2949
|
credentialInfo: {
|
|
2950
|
+
/** Base64url-encoded id of the credential. */
|
|
2088
2951
|
credId: string;
|
|
2952
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2089
2953
|
clientData: string;
|
|
2954
|
+
/** Base64url-encoded public key. */
|
|
2090
2955
|
attestationData: string;
|
|
2091
2956
|
};
|
|
2957
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
2092
2958
|
encryptedPrivateKey: string;
|
|
2959
|
+
/** Human-readable name to assign to the credential. */
|
|
2093
2960
|
credentialName?: string | undefined;
|
|
2094
2961
|
};
|
|
2095
2962
|
secondFactorCredential?: ({
|
|
2096
2963
|
credentialKind: "Fido2";
|
|
2097
2964
|
credentialInfo: {
|
|
2965
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
2098
2966
|
credId: string;
|
|
2967
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
2099
2968
|
clientData: string;
|
|
2969
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
2100
2970
|
attestationData: string;
|
|
2101
2971
|
};
|
|
2972
|
+
/** Human-readable name to assign to the credential. */
|
|
2102
2973
|
credentialName?: string | undefined;
|
|
2103
2974
|
} | {
|
|
2104
2975
|
credentialKind: "Key";
|
|
2105
2976
|
credentialInfo: {
|
|
2977
|
+
/** Base64url-encoded id of the credential. */
|
|
2106
2978
|
credId: string;
|
|
2979
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2107
2980
|
clientData: string;
|
|
2981
|
+
/** Base64url-encoded public key. */
|
|
2108
2982
|
attestationData: string;
|
|
2109
2983
|
};
|
|
2984
|
+
/** Human-readable name to assign to the credential. */
|
|
2110
2985
|
credentialName?: string | undefined;
|
|
2111
2986
|
} | {
|
|
2112
2987
|
credentialKind: "Totp";
|
|
2113
2988
|
credentialInfo: {
|
|
2989
|
+
/** TOTP one-time code. */
|
|
2114
2990
|
otpCode: string;
|
|
2115
2991
|
};
|
|
2992
|
+
/** Human-readable name to assign to the credential. */
|
|
2116
2993
|
credentialName?: string | undefined;
|
|
2117
2994
|
} | {
|
|
2118
2995
|
credentialKind: "PasswordProtectedKey";
|
|
2119
2996
|
credentialInfo: {
|
|
2997
|
+
/** Base64url-encoded id of the credential. */
|
|
2120
2998
|
credId: string;
|
|
2999
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2121
3000
|
clientData: string;
|
|
3001
|
+
/** Base64url-encoded public key. */
|
|
2122
3002
|
attestationData: string;
|
|
2123
3003
|
};
|
|
3004
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
2124
3005
|
encryptedPrivateKey: string;
|
|
3006
|
+
/** Human-readable name to assign to the credential. */
|
|
2125
3007
|
credentialName?: string | undefined;
|
|
2126
3008
|
}) | undefined;
|
|
2127
3009
|
/** Register a recovery key. See [Account Recovery](https://docs.dfns.co/api-reference/auth/account-recovery) for more details. */
|
|
2128
3010
|
recoveryCredential?: {
|
|
2129
3011
|
credentialKind: "RecoveryKey";
|
|
2130
3012
|
credentialInfo: {
|
|
3013
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
2131
3014
|
credId: string;
|
|
3015
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2132
3016
|
clientData: string;
|
|
3017
|
+
/** Base64url-encoded public key. */
|
|
2133
3018
|
attestationData: string;
|
|
2134
3019
|
};
|
|
3020
|
+
/** User-encrypted private key for the recovery credential. */
|
|
2135
3021
|
encryptedPrivateKey?: string | undefined;
|
|
3022
|
+
/** Human-readable name to assign to the credential. */
|
|
2136
3023
|
credentialName?: string | undefined;
|
|
2137
3024
|
} | undefined;
|
|
2138
3025
|
wallets: {
|
|
2139
|
-
network: ("Algorand" | "AlgorandTestnet" | "Aptos" | "AptosTestnet" | "ArbitrumOne" | "ArbitrumGoerli" | "ArbitrumSepolia" | "ArcTestnet" | "Areum" | "AvalancheC" | "AvalancheCFuji" | "Adi" | "AdiTestnet" | "AdiTestnetAb" | "BabylonGenesis" | "BabylonTestnet5" | "Base" | "BaseGoerli" | "BaseSepolia" | "Berachain" | "BerachainBArtio" | "BerachainBepolia" | "BesuTestnet" | "Bitcoin" | "BitcoinSignet" | "BitcoinTestnet3" | "BitcoinTestnet4" | "BitcoinCash" | "BitcoinCashTestnet" | "Bob" | "BobSepolia" | "Bsc" | "BscTestnet" | "Canton" | "CantonDevnet" | "CantonTestnet" | "Cardano" | "CardanoPreprod" | "Concordium" | "ConcordiumTestnet" | "Celo" | "CeloAlfajores" | "Codex" | "CodexSepolia" | "CosmosHub4" | "CosmosIcsTestnet" | "Dogecoin" | "DogecoinTestnet" | "Ethereum" | "EthereumClassic" | "EthereumClassicMordor" | "EthereumGoerli" | "EthereumSepolia" | "EthereumHolesky" | "EthereumHoodi" | "FantomOpera" | "FantomTestnet" | "FlareC" | "FlareCCoston2" | "FlowEvm" | "FlowEvmTestnet" | "Hedera" | "HederaTestnet" | "Ink" | "InkSepolia" | "InternetComputer" | "Ion" | "IonTestnet" | "Iota" | "IotaTestnet" | "IotaZodianet" | "Kaspa" | "KaspaTestnet11" | "Kusama" | "KusamaAssetHub" | "Litecoin" | "LitecoinTestnet" | "Near" | "NearTestnet" | "Optimism" | "OptimismGoerli" | "OptimismSepolia" | "Origyn" | "Plasma" | "PlasmaTestnet" | "Plume" | "PlumeSepolia" | "Paseo" | "PaseoAssetHub" | "Polkadot" | "PolkadotAssetHub" | "Polygon" | "PolygonAmoy" | "PolygonMumbai" | "Polymesh" | "PolymeshTestnet" | "Race" | "RaceSepolia" | "SeiAtlantic2" | "SeiPacific1" | "Solana" | "SolanaDevnet" | "Sonic" | "SonicTestnet" | "Starknet" | "StarknetSepolia" | "Stellar" | "StellarTestnet" | "Sui" | "SuiTestnet" | "Tezos" | "TezosGhostnet" | "TezosShadownet" | "Tempo" | "TempoAndantino" | "TempoModerato" | "Tsc" | "TscTestnet1" | "Ton" | "TonTestnet" | "Tron" | "TronNile" | "Westend" | "WestendAssetHub" | "Xdc" | "XdcApothem" | "XLayer" | "XLayerSepolia" | "XrpLedger" | "XrpLedgerTestnet") | ("KeyECDSA" | "KeyEdDSA" | "KeyECDSAStark");
|
|
3026
|
+
network: ("Algorand" | "AlgorandTestnet" | "Aptos" | "AptosTestnet" | "ArbitrumOne" | "ArbitrumGoerli" | "ArbitrumSepolia" | "ArcTestnet" | "Areum" | "AvalancheC" | "AvalancheCFuji" | "Adi" | "AdiTestnet" | "AdiTestnetAb" | "BabylonGenesis" | "BabylonTestnet5" | "Base" | "BaseGoerli" | "BaseSepolia" | "Berachain" | "BerachainBArtio" | "BerachainBepolia" | "BesuTestnet" | "BesuTestnet2" | "Bitcoin" | "BitcoinSignet" | "BitcoinTestnet3" | "BitcoinTestnet4" | "BitcoinCash" | "BitcoinCashTestnet" | "Bob" | "BobSepolia" | "Bsc" | "BscTestnet" | "Canton" | "CantonDevnet" | "CantonTestnet" | "Cardano" | "CardanoPreprod" | "Concordium" | "ConcordiumTestnet" | "Celo" | "CeloAlfajores" | "Codex" | "CodexSepolia" | "CosmosHub4" | "CosmosIcsTestnet" | "Dogecoin" | "DogecoinTestnet" | "Ethereum" | "EthereumClassic" | "EthereumClassicMordor" | "EthereumGoerli" | "EthereumSepolia" | "EthereumHolesky" | "EthereumHoodi" | "FantomOpera" | "FantomTestnet" | "FlareC" | "FlareCCoston2" | "FlowEvm" | "FlowEvmTestnet" | "IconTestnet" | "Hedera" | "HederaTestnet" | "Ink" | "InkSepolia" | "InternetComputer" | "Ion" | "IonTestnet" | "Iota" | "IotaTestnet" | "IotaZodianet" | "Kaspa" | "KaspaTestnet11" | "Kusama" | "KusamaAssetHub" | "Litecoin" | "LitecoinTestnet" | "Movement" | "MovementTestnet" | "Near" | "NearTestnet" | "Optimism" | "OptimismGoerli" | "OptimismSepolia" | "Origyn" | "Plasma" | "PlasmaTestnet" | "Plume" | "PlumeSepolia" | "Paseo" | "PaseoAssetHub" | "Polkadot" | "PolkadotAssetHub" | "Polygon" | "PolygonAmoy" | "PolygonMumbai" | "Polymesh" | "PolymeshTestnet" | "Race" | "RaceSepolia" | "Rayls" | "RaylsTestnet" | "Robinhood" | "RobinhoodSepolia" | "SeiAtlantic2" | "SeiPacific1" | "Solana" | "SolanaDevnet" | "Sonic" | "SonicTestnet" | "Starknet" | "StarknetSepolia" | "Stellar" | "StellarTestnet" | "Sui" | "SuiTestnet" | "Tezos" | "TezosGhostnet" | "TezosShadownet" | "Tempo" | "TempoAndantino" | "TempoModerato" | "Tsc" | "TscTestnet1" | "Ton" | "TonTestnet" | "Tron" | "TronNile" | "Westend" | "WestendAssetHub" | "Xdc" | "XdcApothem" | "XLayer" | "XLayerSepolia" | "XrpLedger" | "XrpLedgerTestnet") | ("KeyECDSA" | "KeyEdDSA" | "KeyECDSAStark");
|
|
2140
3027
|
/** Wallet nickname. */
|
|
2141
3028
|
name?: string | undefined;
|
|
2142
3029
|
}[];
|
|
2143
3030
|
};
|
|
2144
3031
|
export type RegisterEndUserResponse = {
|
|
2145
3032
|
credential: {
|
|
3033
|
+
/** UUID of the credential that was registered. */
|
|
2146
3034
|
uuid: string;
|
|
3035
|
+
/** Kind of credential that was registered. */
|
|
2147
3036
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
3037
|
+
/** Human-readable name of the credential. */
|
|
2148
3038
|
name: string;
|
|
2149
3039
|
};
|
|
2150
3040
|
user: {
|
|
3041
|
+
/** User id. */
|
|
2151
3042
|
id: string;
|
|
3043
|
+
/** Username/identifier of the user. */
|
|
2152
3044
|
username: string;
|
|
2153
|
-
|
|
3045
|
+
/** Organization id. */
|
|
3046
|
+
orgId?: string | undefined;
|
|
3047
|
+
/** Tenant id. */
|
|
3048
|
+
tenantId?: string | undefined;
|
|
2154
3049
|
};
|
|
2155
3050
|
authentication: {
|
|
3051
|
+
/** Authentication token issued to the user. */
|
|
2156
3052
|
token: string;
|
|
2157
3053
|
};
|
|
2158
3054
|
wallets: {
|
|
2159
3055
|
/** ID of the wallet. */
|
|
2160
3056
|
id: string;
|
|
2161
3057
|
/** Network this wallet is bound to. */
|
|
2162
|
-
network: ("Algorand" | "AlgorandTestnet" | "Aptos" | "AptosTestnet" | "ArbitrumOne" | "ArbitrumGoerli" | "ArbitrumSepolia" | "ArcTestnet" | "Areum" | "AvalancheC" | "AvalancheCFuji" | "Adi" | "AdiTestnet" | "AdiTestnetAb" | "BabylonGenesis" | "BabylonTestnet5" | "Base" | "BaseGoerli" | "BaseSepolia" | "Berachain" | "BerachainBArtio" | "BerachainBepolia" | "BesuTestnet" | "Bitcoin" | "BitcoinSignet" | "BitcoinTestnet3" | "BitcoinTestnet4" | "BitcoinCash" | "BitcoinCashTestnet" | "Bob" | "BobSepolia" | "Bsc" | "BscTestnet" | "Canton" | "CantonDevnet" | "CantonTestnet" | "Cardano" | "CardanoPreprod" | "Concordium" | "ConcordiumTestnet" | "Celo" | "CeloAlfajores" | "Codex" | "CodexSepolia" | "CosmosHub4" | "CosmosIcsTestnet" | "Dogecoin" | "DogecoinTestnet" | "Ethereum" | "EthereumClassic" | "EthereumClassicMordor" | "EthereumGoerli" | "EthereumSepolia" | "EthereumHolesky" | "EthereumHoodi" | "FantomOpera" | "FantomTestnet" | "FlareC" | "FlareCCoston2" | "FlowEvm" | "FlowEvmTestnet" | "Hedera" | "HederaTestnet" | "Ink" | "InkSepolia" | "InternetComputer" | "Ion" | "IonTestnet" | "Iota" | "IotaTestnet" | "IotaZodianet" | "Kaspa" | "KaspaTestnet11" | "Kusama" | "KusamaAssetHub" | "Litecoin" | "LitecoinTestnet" | "Near" | "NearTestnet" | "Optimism" | "OptimismGoerli" | "OptimismSepolia" | "Origyn" | "Plasma" | "PlasmaTestnet" | "Plume" | "PlumeSepolia" | "Paseo" | "PaseoAssetHub" | "Polkadot" | "PolkadotAssetHub" | "Polygon" | "PolygonAmoy" | "PolygonMumbai" | "Polymesh" | "PolymeshTestnet" | "Race" | "RaceSepolia" | "SeiAtlantic2" | "SeiPacific1" | "Solana" | "SolanaDevnet" | "Sonic" | "SonicTestnet" | "Starknet" | "StarknetSepolia" | "Stellar" | "StellarTestnet" | "Sui" | "SuiTestnet" | "Tezos" | "TezosGhostnet" | "TezosShadownet" | "Tempo" | "TempoAndantino" | "TempoModerato" | "Tsc" | "TscTestnet1" | "Ton" | "TonTestnet" | "Tron" | "TronNile" | "Westend" | "WestendAssetHub" | "Xdc" | "XdcApothem" | "XLayer" | "XLayerSepolia" | "XrpLedger" | "XrpLedgerTestnet") | ("KeyECDSA" | "KeyEdDSA" | "KeyECDSAStark");
|
|
3058
|
+
network: ("Algorand" | "AlgorandTestnet" | "Aptos" | "AptosTestnet" | "ArbitrumOne" | "ArbitrumGoerli" | "ArbitrumSepolia" | "ArcTestnet" | "Areum" | "AvalancheC" | "AvalancheCFuji" | "Adi" | "AdiTestnet" | "AdiTestnetAb" | "BabylonGenesis" | "BabylonTestnet5" | "Base" | "BaseGoerli" | "BaseSepolia" | "Berachain" | "BerachainBArtio" | "BerachainBepolia" | "BesuTestnet" | "BesuTestnet2" | "Bitcoin" | "BitcoinSignet" | "BitcoinTestnet3" | "BitcoinTestnet4" | "BitcoinCash" | "BitcoinCashTestnet" | "Bob" | "BobSepolia" | "Bsc" | "BscTestnet" | "Canton" | "CantonDevnet" | "CantonTestnet" | "Cardano" | "CardanoPreprod" | "Concordium" | "ConcordiumTestnet" | "Celo" | "CeloAlfajores" | "Codex" | "CodexSepolia" | "CosmosHub4" | "CosmosIcsTestnet" | "Dogecoin" | "DogecoinTestnet" | "Ethereum" | "EthereumClassic" | "EthereumClassicMordor" | "EthereumGoerli" | "EthereumSepolia" | "EthereumHolesky" | "EthereumHoodi" | "FantomOpera" | "FantomTestnet" | "FlareC" | "FlareCCoston2" | "FlowEvm" | "FlowEvmTestnet" | "IconTestnet" | "Hedera" | "HederaTestnet" | "Ink" | "InkSepolia" | "InternetComputer" | "Ion" | "IonTestnet" | "Iota" | "IotaTestnet" | "IotaZodianet" | "Kaspa" | "KaspaTestnet11" | "Kusama" | "KusamaAssetHub" | "Litecoin" | "LitecoinTestnet" | "Movement" | "MovementTestnet" | "Near" | "NearTestnet" | "Optimism" | "OptimismGoerli" | "OptimismSepolia" | "Origyn" | "Plasma" | "PlasmaTestnet" | "Plume" | "PlumeSepolia" | "Paseo" | "PaseoAssetHub" | "Polkadot" | "PolkadotAssetHub" | "Polygon" | "PolygonAmoy" | "PolygonMumbai" | "Polymesh" | "PolymeshTestnet" | "Race" | "RaceSepolia" | "Rayls" | "RaylsTestnet" | "Robinhood" | "RobinhoodSepolia" | "SeiAtlantic2" | "SeiPacific1" | "Solana" | "SolanaDevnet" | "Sonic" | "SonicTestnet" | "Starknet" | "StarknetSepolia" | "Stellar" | "StellarTestnet" | "Sui" | "SuiTestnet" | "Tezos" | "TezosGhostnet" | "TezosShadownet" | "Tempo" | "TempoAndantino" | "TempoModerato" | "Tsc" | "TscTestnet1" | "Ton" | "TonTestnet" | "Tron" | "TronNile" | "Westend" | "WestendAssetHub" | "Xdc" | "XdcApothem" | "XLayer" | "XLayerSepolia" | "XrpLedger" | "XrpLedgerTestnet") | ("KeyECDSA" | "KeyEdDSA" | "KeyECDSAStark");
|
|
2163
3059
|
/** Wallet address on its corresponding network. */
|
|
2164
3060
|
address?: string | undefined;
|
|
2165
3061
|
/** Details about the key underlying the wallet. */
|
|
@@ -2197,41 +3093,60 @@ export type RegisterEndUserRequest = {
|
|
|
2197
3093
|
body: RegisterEndUserBody;
|
|
2198
3094
|
};
|
|
2199
3095
|
export type ResendRegistrationCodeBody = {
|
|
3096
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
2200
3097
|
username: string;
|
|
2201
|
-
|
|
3098
|
+
/** Organization id. */
|
|
3099
|
+
orgId?: string | undefined;
|
|
3100
|
+
/** Tenant id. */
|
|
3101
|
+
tenantId?: string | undefined;
|
|
2202
3102
|
};
|
|
2203
3103
|
export type ResendRegistrationCodeResponse = {
|
|
3104
|
+
/** Human-readable success message. */
|
|
2204
3105
|
message: string;
|
|
2205
3106
|
};
|
|
2206
3107
|
export type ResendRegistrationCodeRequest = {
|
|
2207
3108
|
body: ResendRegistrationCodeBody;
|
|
2208
3109
|
};
|
|
2209
3110
|
export type SendLoginCodeBody = {
|
|
3111
|
+
/** Username/identifier of the user to send the login code to. */
|
|
2210
3112
|
username: string;
|
|
2211
|
-
|
|
3113
|
+
/** Organization id. */
|
|
3114
|
+
orgId?: string | undefined;
|
|
3115
|
+
/** Tenant id. */
|
|
3116
|
+
tenantId?: string | undefined;
|
|
2212
3117
|
};
|
|
2213
3118
|
export type SendLoginCodeResponse = {
|
|
3119
|
+
/** Human-readable success message. */
|
|
2214
3120
|
message: string;
|
|
2215
3121
|
};
|
|
2216
3122
|
export type SendLoginCodeRequest = {
|
|
2217
3123
|
body: SendLoginCodeBody;
|
|
2218
3124
|
};
|
|
2219
3125
|
export type SendRecoveryCodeBody = {
|
|
3126
|
+
/** Username/identifier of the user to send the recovery code to. */
|
|
2220
3127
|
username: string;
|
|
2221
|
-
|
|
3128
|
+
/** Organization id. */
|
|
3129
|
+
orgId?: string | undefined;
|
|
3130
|
+
/** Tenant id. */
|
|
3131
|
+
tenantId?: string | undefined;
|
|
2222
3132
|
};
|
|
2223
3133
|
export type SendRecoveryCodeResponse = {
|
|
3134
|
+
/** Human-readable success message. */
|
|
2224
3135
|
message: string;
|
|
2225
3136
|
};
|
|
2226
3137
|
export type SendRecoveryCodeRequest = {
|
|
2227
3138
|
body: SendRecoveryCodeBody;
|
|
2228
3139
|
};
|
|
2229
3140
|
export type SocialLoginBody = {
|
|
3141
|
+
/** Organization id. */
|
|
2230
3142
|
orgId?: string | undefined;
|
|
3143
|
+
/** Social login provider used to issue the JWT. */
|
|
2231
3144
|
socialLoginProviderKind: "Oidc";
|
|
3145
|
+
/** JWT id token issued by the social login provider. */
|
|
2232
3146
|
idToken: string;
|
|
2233
3147
|
};
|
|
2234
3148
|
export type SocialLoginResponse = {
|
|
3149
|
+
/** Authentication token issued to the user. */
|
|
2235
3150
|
token: string;
|
|
2236
3151
|
};
|
|
2237
3152
|
export type SocialLoginRequest = {
|
|
@@ -2244,6 +3159,7 @@ export type SsoLoginBody = {
|
|
|
2244
3159
|
state: string;
|
|
2245
3160
|
};
|
|
2246
3161
|
export type SsoLoginResponse = {
|
|
3162
|
+
/** Authentication token issued to the user. */
|
|
2247
3163
|
token: string;
|
|
2248
3164
|
};
|
|
2249
3165
|
export type SsoLoginRequest = {
|
|
@@ -2265,81 +3181,130 @@ export type SsoLoginInitRequest = {
|
|
|
2265
3181
|
body: SsoLoginInitBody;
|
|
2266
3182
|
};
|
|
2267
3183
|
export type UpdatePersonalAccessTokenBody = {
|
|
3184
|
+
/** Updated human-readable name of the Personal Access Token. */
|
|
2268
3185
|
name?: string | undefined;
|
|
3186
|
+
/** Value that can be used to correlate the entity with an external system. */
|
|
2269
3187
|
externalId?: string | undefined;
|
|
2270
3188
|
};
|
|
2271
3189
|
export type UpdatePersonalAccessTokenParams = {
|
|
3190
|
+
/** Token id. */
|
|
2272
3191
|
tokenId: string;
|
|
2273
3192
|
};
|
|
2274
3193
|
export type UpdatePersonalAccessTokenResponse = {
|
|
3194
|
+
/** The access token. Only returned at creation time. */
|
|
2275
3195
|
accessToken?: string | undefined;
|
|
2276
3196
|
dateCreated: string;
|
|
3197
|
+
/** ID of the credential associated with the access token. */
|
|
2277
3198
|
credId: string;
|
|
3199
|
+
/** Whether the access token is active. */
|
|
2278
3200
|
isActive: boolean;
|
|
2279
3201
|
/** Access token kind. */
|
|
2280
3202
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
3203
|
+
/** User id. */
|
|
2281
3204
|
linkedUserId: string;
|
|
3205
|
+
/** ID of the application the access token is linked to. */
|
|
2282
3206
|
linkedAppId: string;
|
|
3207
|
+
/** Human-readable name of the access token. */
|
|
2283
3208
|
name: string;
|
|
3209
|
+
/** Organization id. */
|
|
2284
3210
|
orgId: string;
|
|
3211
|
+
/** Permissions (roles) assigned to the access token. */
|
|
2285
3212
|
permissionAssignments: {
|
|
3213
|
+
/** Human-readable name of the permission (role). */
|
|
2286
3214
|
permissionName: string;
|
|
3215
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
2287
3216
|
permissionId: string;
|
|
3217
|
+
/** ID of the permission assignment. */
|
|
2288
3218
|
assignmentId: string;
|
|
3219
|
+
/** List of API operations granted by this permission. */
|
|
2289
3220
|
operations?: string[] | undefined;
|
|
2290
3221
|
}[];
|
|
3222
|
+
/** Public key associated with the access token. */
|
|
2291
3223
|
publicKey: string;
|
|
3224
|
+
/** Token id. */
|
|
2292
3225
|
tokenId: string;
|
|
2293
3226
|
};
|
|
2294
3227
|
export type UpdatePersonalAccessTokenRequest = UpdatePersonalAccessTokenParams & {
|
|
2295
3228
|
body: UpdatePersonalAccessTokenBody;
|
|
2296
3229
|
};
|
|
2297
3230
|
export type UpdateServiceAccountBody = {
|
|
3231
|
+
/** Updated human-readable name of the Service Account. */
|
|
2298
3232
|
name?: string | undefined;
|
|
3233
|
+
/** Value that can be used to correlate the entity with an external system. */
|
|
2299
3234
|
externalId?: string | undefined;
|
|
2300
3235
|
};
|
|
2301
3236
|
export type UpdateServiceAccountParams = {
|
|
3237
|
+
/** ID of the service account. */
|
|
2302
3238
|
serviceAccountId: string;
|
|
2303
3239
|
};
|
|
2304
3240
|
export type UpdateServiceAccountResponse = {
|
|
2305
3241
|
userInfo: {
|
|
3242
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
2306
3243
|
username: string;
|
|
3244
|
+
/** Display name of the user. */
|
|
2307
3245
|
name: string;
|
|
2308
3246
|
/** User id. */
|
|
2309
3247
|
userId: string;
|
|
2310
3248
|
/** User kind. */
|
|
2311
|
-
kind: "DfnsStaff" | "
|
|
3249
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
3250
|
+
/** UUID of the user's primary credential. */
|
|
2312
3251
|
credentialUuid: string;
|
|
2313
|
-
|
|
3252
|
+
/** Organization id. */
|
|
3253
|
+
orgId?: string | undefined;
|
|
3254
|
+
/** Tenant id. */
|
|
3255
|
+
tenantId?: string | undefined;
|
|
3256
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
2314
3257
|
permissions?: string[] | undefined;
|
|
3258
|
+
/** Whether the user is active. */
|
|
2315
3259
|
isActive: boolean;
|
|
3260
|
+
/** Whether the user is a service account. */
|
|
2316
3261
|
isServiceAccount: boolean;
|
|
3262
|
+
/** Whether the user has completed registration. */
|
|
2317
3263
|
isRegistered: boolean;
|
|
3264
|
+
/** Permissions (roles) assigned to the user. */
|
|
2318
3265
|
permissionAssignments: {
|
|
3266
|
+
/** Human-readable name of the permission (role). */
|
|
2319
3267
|
permissionName: string;
|
|
3268
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
2320
3269
|
permissionId: string;
|
|
3270
|
+
/** ID of the permission assignment. */
|
|
2321
3271
|
assignmentId: string;
|
|
3272
|
+
/** List of API operations granted by this permission. */
|
|
2322
3273
|
operations?: string[] | undefined;
|
|
2323
3274
|
}[];
|
|
2324
3275
|
};
|
|
2325
3276
|
accessTokens: {
|
|
3277
|
+
/** The access token. Only returned at creation time. */
|
|
2326
3278
|
accessToken?: string | undefined;
|
|
2327
3279
|
dateCreated: string;
|
|
3280
|
+
/** ID of the credential associated with the access token. */
|
|
2328
3281
|
credId: string;
|
|
3282
|
+
/** Whether the access token is active. */
|
|
2329
3283
|
isActive: boolean;
|
|
2330
3284
|
/** Access token kind. */
|
|
2331
3285
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
3286
|
+
/** User id. */
|
|
2332
3287
|
linkedUserId: string;
|
|
3288
|
+
/** ID of the application the access token is linked to. */
|
|
2333
3289
|
linkedAppId: string;
|
|
3290
|
+
/** Human-readable name of the access token. */
|
|
2334
3291
|
name: string;
|
|
3292
|
+
/** Organization id. */
|
|
2335
3293
|
orgId: string;
|
|
3294
|
+
/** Permissions (roles) assigned to the access token. */
|
|
2336
3295
|
permissionAssignments: {
|
|
3296
|
+
/** Human-readable name of the permission (role). */
|
|
2337
3297
|
permissionName: string;
|
|
3298
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
2338
3299
|
permissionId: string;
|
|
3300
|
+
/** ID of the permission assignment. */
|
|
2339
3301
|
assignmentId: string;
|
|
3302
|
+
/** List of API operations granted by this permission. */
|
|
2340
3303
|
operations?: string[] | undefined;
|
|
2341
3304
|
}[];
|
|
3305
|
+
/** Public key associated with the access token. */
|
|
2342
3306
|
publicKey: string;
|
|
3307
|
+
/** Token id. */
|
|
2343
3308
|
tokenId: string;
|
|
2344
3309
|
}[];
|
|
2345
3310
|
};
|
|
@@ -2350,26 +3315,43 @@ export type UpdateUserBody = {
|
|
|
2350
3315
|
isSSORequired: boolean;
|
|
2351
3316
|
};
|
|
2352
3317
|
export type UpdateUserParams = {
|
|
3318
|
+
/** User id. */
|
|
2353
3319
|
userId: string;
|
|
2354
3320
|
};
|
|
2355
3321
|
export type UpdateUserResponse = {
|
|
3322
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
2356
3323
|
username: string;
|
|
3324
|
+
/** Display name of the user. */
|
|
2357
3325
|
name: string;
|
|
2358
3326
|
/** User id. */
|
|
2359
3327
|
userId: string;
|
|
2360
3328
|
/** User kind. */
|
|
2361
|
-
kind: "DfnsStaff" | "
|
|
3329
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
3330
|
+
/** UUID of the user's primary credential. */
|
|
2362
3331
|
credentialUuid: string;
|
|
2363
|
-
|
|
3332
|
+
/** Organization id. */
|
|
3333
|
+
orgId?: string | undefined;
|
|
3334
|
+
/** Tenant id. */
|
|
3335
|
+
tenantId?: string | undefined;
|
|
3336
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
2364
3337
|
permissions?: string[] | undefined;
|
|
3338
|
+
/** Whether the user is active. */
|
|
2365
3339
|
isActive: boolean;
|
|
3340
|
+
/** Whether the user is a service account. */
|
|
2366
3341
|
isServiceAccount: boolean;
|
|
3342
|
+
/** Whether the user has completed registration. */
|
|
2367
3343
|
isRegistered: boolean;
|
|
3344
|
+
/** Whether the user must authenticate via SSO. */
|
|
2368
3345
|
isSSORequired: boolean;
|
|
3346
|
+
/** Permissions (roles) assigned to the user. */
|
|
2369
3347
|
permissionAssignments: {
|
|
3348
|
+
/** Human-readable name of the permission (role). */
|
|
2370
3349
|
permissionName: string;
|
|
3350
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
2371
3351
|
permissionId: string;
|
|
3352
|
+
/** ID of the permission assignment. */
|
|
2372
3353
|
assignmentId: string;
|
|
3354
|
+
/** List of API operations granted by this permission. */
|
|
2373
3355
|
operations?: string[] | undefined;
|
|
2374
3356
|
}[];
|
|
2375
3357
|
};
|