@epilot/sdk 2.7.0 → 2.8.0-rc.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (254) hide show
  1. package/README.md +1 -0
  2. package/definitions/app.json +101 -8
  3. package/definitions/configuration-hub-runtime.json +1 -1
  4. package/definitions/configuration-hub.json +623 -0
  5. package/definitions/customer-portal-runtime.json +1 -1
  6. package/definitions/customer-portal.json +505 -6
  7. package/definitions/design-runtime.json +1 -1
  8. package/definitions/design.json +1 -11
  9. package/definitions/email-settings-runtime.json +1 -1
  10. package/definitions/email-settings.json +86 -4
  11. package/definitions/file-runtime.json +1 -1
  12. package/definitions/file.json +262 -4
  13. package/definitions/focus-pocus-runtime.json +1 -0
  14. package/definitions/focus-pocus.json +757 -0
  15. package/definitions/journey-runtime.json +1 -1
  16. package/definitions/journey.json +21 -1
  17. package/dist/README-37TXN4EL.cjs +7 -0
  18. package/dist/README-Z2WITBOR.js +7 -0
  19. package/dist/{_index-DB2VV4PQ.cjs → _index-HTUXYSTD.cjs} +4 -1
  20. package/dist/{_index-5FB6F5YY.js → _index-YTOJUFGD.js} +3 -0
  21. package/dist/apis/access-token.cjs +6 -6
  22. package/dist/apis/access-token.js +1 -1
  23. package/dist/apis/address-suggestions.cjs +6 -6
  24. package/dist/apis/address-suggestions.js +1 -1
  25. package/dist/apis/address.cjs +6 -6
  26. package/dist/apis/address.js +1 -1
  27. package/dist/apis/ai-agents.cjs +6 -6
  28. package/dist/apis/ai-agents.js +1 -1
  29. package/dist/apis/app.cjs +6 -6
  30. package/dist/apis/app.d.cts +2 -2
  31. package/dist/apis/app.d.ts +2 -2
  32. package/dist/apis/app.js +1 -1
  33. package/dist/apis/audit-logs.cjs +6 -6
  34. package/dist/apis/audit-logs.js +1 -1
  35. package/dist/apis/automation.cjs +6 -6
  36. package/dist/apis/automation.js +1 -1
  37. package/dist/apis/billing.cjs +6 -6
  38. package/dist/apis/billing.js +1 -1
  39. package/dist/apis/blueprint-manifest.cjs +6 -6
  40. package/dist/apis/blueprint-manifest.js +1 -1
  41. package/dist/apis/calendar.cjs +6 -6
  42. package/dist/apis/calendar.js +1 -1
  43. package/dist/apis/configuration-hub.cjs +8 -8
  44. package/dist/apis/configuration-hub.d.cts +2 -2
  45. package/dist/apis/configuration-hub.d.ts +2 -2
  46. package/dist/apis/configuration-hub.js +2 -2
  47. package/dist/apis/consent.cjs +6 -6
  48. package/dist/apis/consent.js +1 -1
  49. package/dist/apis/customer-portal.cjs +8 -8
  50. package/dist/apis/customer-portal.d.cts +2 -2
  51. package/dist/apis/customer-portal.d.ts +2 -2
  52. package/dist/apis/customer-portal.js +2 -2
  53. package/dist/apis/dashboard.cjs +6 -6
  54. package/dist/apis/dashboard.js +1 -1
  55. package/dist/apis/data-governance.cjs +6 -6
  56. package/dist/apis/data-governance.js +1 -1
  57. package/dist/apis/deduplication.cjs +6 -6
  58. package/dist/apis/deduplication.js +1 -1
  59. package/dist/apis/design.cjs +8 -8
  60. package/dist/apis/design.js +2 -2
  61. package/dist/apis/document.cjs +6 -6
  62. package/dist/apis/document.js +1 -1
  63. package/dist/apis/email-settings.cjs +8 -8
  64. package/dist/apis/email-settings.d.cts +2 -2
  65. package/dist/apis/email-settings.d.ts +2 -2
  66. package/dist/apis/email-settings.js +2 -2
  67. package/dist/apis/email-template.cjs +6 -6
  68. package/dist/apis/email-template.js +1 -1
  69. package/dist/apis/entity-mapping.cjs +6 -6
  70. package/dist/apis/entity-mapping.js +1 -1
  71. package/dist/apis/entity.cjs +6 -6
  72. package/dist/apis/entity.js +1 -1
  73. package/dist/apis/environments.cjs +6 -6
  74. package/dist/apis/environments.js +1 -1
  75. package/dist/apis/event-catalog.cjs +6 -6
  76. package/dist/apis/event-catalog.js +1 -1
  77. package/dist/apis/file.cjs +8 -8
  78. package/dist/apis/file.d.cts +2 -2
  79. package/dist/apis/file.d.ts +2 -2
  80. package/dist/apis/file.js +2 -2
  81. package/dist/apis/focus-pocus.cjs +38 -0
  82. package/dist/apis/focus-pocus.d.cts +18 -0
  83. package/dist/apis/focus-pocus.d.ts +18 -0
  84. package/dist/apis/focus-pocus.js +38 -0
  85. package/dist/apis/iban.cjs +6 -6
  86. package/dist/apis/iban.js +1 -1
  87. package/dist/apis/integration-toolkit.cjs +6 -6
  88. package/dist/apis/integration-toolkit.js +1 -1
  89. package/dist/apis/journey.cjs +8 -8
  90. package/dist/apis/journey.d.cts +2 -2
  91. package/dist/apis/journey.d.ts +2 -2
  92. package/dist/apis/journey.js +2 -2
  93. package/dist/apis/kanban.cjs +6 -6
  94. package/dist/apis/kanban.js +1 -1
  95. package/dist/apis/message.cjs +6 -6
  96. package/dist/apis/message.js +1 -1
  97. package/dist/apis/metering.cjs +6 -6
  98. package/dist/apis/metering.js +1 -1
  99. package/dist/apis/notes.cjs +6 -6
  100. package/dist/apis/notes.js +1 -1
  101. package/dist/apis/notification.cjs +6 -6
  102. package/dist/apis/notification.js +1 -1
  103. package/dist/apis/organization.cjs +6 -6
  104. package/dist/apis/organization.js +1 -1
  105. package/dist/apis/partner-directory.cjs +6 -6
  106. package/dist/apis/partner-directory.js +1 -1
  107. package/dist/apis/permissions.cjs +6 -6
  108. package/dist/apis/permissions.js +1 -1
  109. package/dist/apis/pricing-tier.cjs +6 -6
  110. package/dist/apis/pricing-tier.js +1 -1
  111. package/dist/apis/pricing.cjs +6 -6
  112. package/dist/apis/pricing.js +1 -1
  113. package/dist/apis/purpose.cjs +6 -6
  114. package/dist/apis/purpose.js +1 -1
  115. package/dist/apis/query.cjs +6 -6
  116. package/dist/apis/query.js +1 -1
  117. package/dist/apis/sandbox.cjs +6 -6
  118. package/dist/apis/sandbox.js +1 -1
  119. package/dist/apis/sharing.cjs +6 -6
  120. package/dist/apis/sharing.js +1 -1
  121. package/dist/apis/submission.cjs +6 -6
  122. package/dist/apis/submission.js +1 -1
  123. package/dist/apis/target.cjs +6 -6
  124. package/dist/apis/target.js +1 -1
  125. package/dist/apis/targeting.cjs +6 -6
  126. package/dist/apis/targeting.js +1 -1
  127. package/dist/apis/template-variables.cjs +6 -6
  128. package/dist/apis/template-variables.js +1 -1
  129. package/dist/apis/user.cjs +6 -6
  130. package/dist/apis/user.js +1 -1
  131. package/dist/apis/validation-rules.cjs +6 -6
  132. package/dist/apis/validation-rules.js +1 -1
  133. package/dist/apis/webhooks.cjs +6 -6
  134. package/dist/apis/webhooks.js +1 -1
  135. package/dist/apis/workflow-definition.cjs +6 -6
  136. package/dist/apis/workflow-definition.js +1 -1
  137. package/dist/apis/workflow.cjs +6 -6
  138. package/dist/apis/workflow.js +1 -1
  139. package/dist/{app-SSF545U7.cjs → app-74LECFMK.cjs} +1 -1
  140. package/dist/{app-34OBBTA4.js → app-GNUHCGPO.js} +1 -1
  141. package/dist/{app.d--5n0FQQ4.d.cts → app.d-BOR23dso.d.cts} +104 -4
  142. package/dist/{app.d--5n0FQQ4.d.ts → app.d-BOR23dso.d.ts} +104 -4
  143. package/dist/chunk-3APTSPY4.js +14 -0
  144. package/dist/{chunk-JB7LITSP.js → chunk-54KWFSCM.js} +35 -24
  145. package/dist/chunk-A6FYGWQ7.cjs +14 -0
  146. package/dist/{chunk-35CN2YFK.cjs → chunk-F5Z6I7TF.cjs} +35 -24
  147. package/dist/chunk-JOUTFBLN.js +14 -0
  148. package/dist/chunk-KCPVNRDL.js +14 -0
  149. package/dist/chunk-KJPOUJBU.cjs +14 -0
  150. package/dist/chunk-LAWKCWVU.cjs +14 -0
  151. package/dist/{chunk-ZSONBZIF.cjs → chunk-MOLFG5L4.cjs} +1 -1
  152. package/dist/chunk-OPXGJKZR.cjs +14 -0
  153. package/dist/chunk-P42Q6HOW.js +14 -0
  154. package/dist/chunk-P4NA7NWG.js +14 -0
  155. package/dist/chunk-PTEJYAYJ.js +14 -0
  156. package/dist/chunk-WHXYES2D.cjs +14 -0
  157. package/dist/{chunk-ONOGGR6Q.js → chunk-WW6DVKJR.js} +1 -1
  158. package/dist/chunk-YI5YGTAH.cjs +14 -0
  159. package/dist/configuration-hub-E7S4JB2T.js +7 -0
  160. package/dist/configuration-hub-Q5JBYB52.cjs +7 -0
  161. package/dist/{configuration-hub-runtime-L6IOERSP.js → configuration-hub-runtime-CXME7TCX.js} +1 -1
  162. package/dist/{configuration-hub-runtime-I5Y67CXD.cjs → configuration-hub-runtime-QVLJKEZD.cjs} +2 -2
  163. package/dist/configuration-hub.d-CbSJDa7k.d.cts +1096 -0
  164. package/dist/configuration-hub.d-CbSJDa7k.d.ts +1096 -0
  165. package/dist/customer-portal-DR6XFCTQ.js +7 -0
  166. package/dist/customer-portal-PNFBVIAH.cjs +7 -0
  167. package/dist/{customer-portal-runtime-OEXTSMSE.cjs → customer-portal-runtime-IYHJ3RME.cjs} +2 -2
  168. package/dist/{customer-portal-runtime-N4NWQ67M.js → customer-portal-runtime-ZYU3WIXY.js} +1 -1
  169. package/dist/{customer-portal.d-ChSEioI5.d.cts → customer-portal.d-CTTCBAZI.d.cts} +764 -14
  170. package/dist/{customer-portal.d-ChSEioI5.d.ts → customer-portal.d-CTTCBAZI.d.ts} +764 -14
  171. package/dist/data-governance-QYFHBCNB.cjs +7 -0
  172. package/dist/data-governance-YS2NA6W4.js +7 -0
  173. package/dist/design-EWZQZ5KX.js +7 -0
  174. package/dist/design-MUUYXB2J.cjs +7 -0
  175. package/dist/design-runtime-3RHYNHUV.cjs +5 -0
  176. package/dist/{design-runtime-QMJM4FAF.js → design-runtime-DLMA4EHQ.js} +1 -1
  177. package/dist/email-settings-YJ4X5VFU.cjs +7 -0
  178. package/dist/email-settings-YUK3DXFJ.js +7 -0
  179. package/dist/{email-settings-runtime-EGIJ2AVQ.js → email-settings-runtime-BXRZV4M5.js} +1 -1
  180. package/dist/{email-settings-runtime-WGVLI7N6.cjs → email-settings-runtime-FWJQBQBK.cjs} +2 -2
  181. package/dist/{email-settings.d-B7Q_xT25.d.cts → email-settings.d-UJ0C3jPI.d.cts} +108 -9
  182. package/dist/{email-settings.d-B7Q_xT25.d.ts → email-settings.d-UJ0C3jPI.d.ts} +108 -9
  183. package/dist/file-P2FUUER2.js +7 -0
  184. package/dist/file-XTY74SIX.cjs +7 -0
  185. package/dist/file-runtime-24S3QPA7.cjs +5 -0
  186. package/dist/{file-runtime-B6AAGZQF.js → file-runtime-BIRMXYRH.js} +1 -1
  187. package/dist/{file.d-DcTJxjp7.d.cts → file.d-DTlrbI40.d.cts} +2336 -19
  188. package/dist/{file.d-DcTJxjp7.d.ts → file.d-DTlrbI40.d.ts} +2336 -19
  189. package/dist/focus-pocus-JGXH42OF.cjs +7 -0
  190. package/dist/focus-pocus-XVDVUYL6.js +7 -0
  191. package/dist/focus-pocus-runtime-QXBBYVX7.js +5 -0
  192. package/dist/focus-pocus-runtime-X6GQ3WI4.cjs +5 -0
  193. package/dist/focus-pocus.d-BRFGe53G.d.cts +489 -0
  194. package/dist/focus-pocus.d-BRFGe53G.d.ts +489 -0
  195. package/dist/index.cjs +34 -26
  196. package/dist/index.d.cts +57 -55
  197. package/dist/index.d.ts +57 -55
  198. package/dist/index.js +23 -15
  199. package/dist/journey-4DIIPRU4.js +7 -0
  200. package/dist/journey-ATC3Y5AW.cjs +7 -0
  201. package/dist/{journey-runtime-SPBL3F32.cjs → journey-runtime-G2O5C3N2.cjs} +2 -2
  202. package/dist/{journey-runtime-YXIAOTMD.js → journey-runtime-RI2LJO5S.js} +1 -1
  203. package/dist/{journey.d-ClXO0xK8.d.cts → journey.d-BenIUWaO.d.cts} +9 -3
  204. package/dist/{journey.d-ClXO0xK8.d.ts → journey.d-BenIUWaO.d.ts} +9 -3
  205. package/dist/pricing-R5ENSVPQ.cjs +7 -0
  206. package/dist/pricing-X27CCRI6.js +7 -0
  207. package/dist/targeting-74BV7F7H.cjs +7 -0
  208. package/dist/targeting-W5EKJYR2.js +7 -0
  209. package/docs/app.md +34 -10
  210. package/docs/configuration-hub.md +660 -0
  211. package/docs/customer-portal.md +604 -176
  212. package/docs/data-governance.md +17 -17
  213. package/docs/design.md +1 -1
  214. package/docs/email-settings.md +67 -3
  215. package/docs/file.md +101 -2
  216. package/docs/focus-pocus.md +460 -0
  217. package/docs/journey.md +2 -0
  218. package/docs/pricing.md +1 -1
  219. package/docs/targeting.md +4 -4
  220. package/package.json +10 -1
  221. package/dist/README-46VYEGGW.js +0 -7
  222. package/dist/README-IVBISSWB.cjs +0 -7
  223. package/dist/chunk-4W22EIRF.cjs +0 -14
  224. package/dist/chunk-5OBMZHRL.cjs +0 -14
  225. package/dist/chunk-E2WMGOM5.js +0 -14
  226. package/dist/chunk-EFWPEVXI.js +0 -14
  227. package/dist/chunk-EIIIKDOJ.cjs +0 -14
  228. package/dist/chunk-KEI3GHDY.cjs +0 -14
  229. package/dist/chunk-KIWRGUKM.js +0 -14
  230. package/dist/chunk-MB6NKETA.cjs +0 -14
  231. package/dist/chunk-VSZEOCIE.js +0 -14
  232. package/dist/chunk-Z6HGUGXK.js +0 -14
  233. package/dist/configuration-hub-A3S6ND6R.cjs +0 -7
  234. package/dist/configuration-hub-PMAW44U5.js +0 -7
  235. package/dist/configuration-hub.d-Cqaq2F-W.d.cts +0 -478
  236. package/dist/configuration-hub.d-Cqaq2F-W.d.ts +0 -478
  237. package/dist/customer-portal-5I7ZGQDU.cjs +0 -7
  238. package/dist/customer-portal-YL2YMPZL.js +0 -7
  239. package/dist/data-governance-2U5UU4GM.cjs +0 -7
  240. package/dist/data-governance-36Y33JVG.js +0 -7
  241. package/dist/design-DROLIWS3.js +0 -7
  242. package/dist/design-XZKOZLTR.cjs +0 -7
  243. package/dist/design-runtime-OXEXKZVG.cjs +0 -5
  244. package/dist/email-settings-CKFJU4WZ.js +0 -7
  245. package/dist/email-settings-NQJJKS2P.cjs +0 -7
  246. package/dist/file-UOWBTDIU.cjs +0 -7
  247. package/dist/file-XSN3NAVZ.js +0 -7
  248. package/dist/file-runtime-SFZIKODF.cjs +0 -5
  249. package/dist/journey-KDR5EU3W.js +0 -7
  250. package/dist/journey-REBN4TGQ.cjs +0 -7
  251. package/dist/pricing-FODHQFCB.cjs +0 -7
  252. package/dist/pricing-XRIDVZFC.js +0 -7
  253. package/dist/targeting-EYGYZD6M.cjs +0 -7
  254. package/dist/targeting-GEJTJN5Z.js +0 -7
package/definitions/customer-portal.json CHANGED
@@ -1867,6 +1867,13 @@
1867
1867
  "example": "CAA_ERROR"
1868
1868
  }
1869
1869
  }
1870
+ },
1871
+ "identity_providers": {
1872
+ "type": "array",
1873
+ "description": "SSO identity providers configured for the portal. Includes raw\n`oidc_config.client_secret` values so the admin UI can round-trip\nthem. Customers are encouraged to reference secrets via env\ntemplates (`{{ env.VAR }}`) rather than embed raw values.\n",
1874
+ "items": {
1875
+ "$ref": "#/components/schemas/ProviderConfig"
1876
+ }
1870
1877
  }
1871
1878
  }
1872
1879
  }
@@ -1994,6 +2001,13 @@
1994
2001
  "example": "CAA_ERROR"
1995
2002
  }
1996
2003
  }
2004
+ },
2005
+ "identity_providers": {
2006
+ "type": "array",
2007
+ "description": "SSO identity providers configured for the portal. Includes raw\n`oidc_config.client_secret` values so the admin UI can round-trip\nthem. Customers are encouraged to reference secrets via env\ntemplates (`{{ env.VAR }}`) rather than embed raw values.\n",
2008
+ "items": {
2009
+ "$ref": "#/components/schemas/ProviderConfig"
2010
+ }
1997
2011
  }
1998
2012
  }
1999
2013
  }
@@ -3561,6 +3575,84 @@
3561
3575
  "contactId": {
3562
3576
  "$ref": "#/components/schemas/EntityId",
3563
3577
  "description": "ID of the contact if exists"
3578
+ },
3579
+ "accountId": {
3580
+ "$ref": "#/components/schemas/EntityId",
3581
+ "description": "ID of the resolved account when the portal is configured for account-based registration"
3582
+ }
3583
+ }
3584
+ }
3585
+ }
3586
+ }
3587
+ },
3588
+ "400": {
3589
+ "$ref": "#/components/responses/InvalidRequest"
3590
+ },
3591
+ "404": {
3592
+ "$ref": "#/components/responses/NotFound"
3593
+ },
3594
+ "500": {
3595
+ "$ref": "#/components/responses/InternalServerError"
3596
+ }
3597
+ }
3598
+ }
3599
+ },
3600
+ "/v3/portal/public/account/exists": {
3601
+ "post": {
3602
+ "operationId": "checkAccountExists",
3603
+ "summary": "checkAccountExists",
3604
+ "description": "True if account with given identifiers exists.\nSupports two identification methods:\n1. Using portal_id\n2. Using domain\n",
3605
+ "security": [],
3606
+ "tags": [
3607
+ "Public"
3608
+ ],
3609
+ "parameters": [
3610
+ {
3611
+ "in": "query",
3612
+ "name": "portal_id",
3613
+ "required": false,
3614
+ "schema": {
3615
+ "$ref": "#/components/schemas/PortalId"
3616
+ },
3617
+ "description": "PortalId of the portal (required if domain is not provided)"
3618
+ },
3619
+ {
3620
+ "in": "query",
3621
+ "name": "domain",
3622
+ "required": false,
3623
+ "schema": {
3624
+ "type": "string"
3625
+ },
3626
+ "description": "Portal domain for identification (alternative to portal_id)"
3627
+ }
3628
+ ],
3629
+ "requestBody": {
3630
+ "description": "Request payload",
3631
+ "required": true,
3632
+ "content": {
3633
+ "application/json": {
3634
+ "schema": {
3635
+ "$ref": "#/components/schemas/AccountExistsRequest"
3636
+ }
3637
+ }
3638
+ }
3639
+ },
3640
+ "responses": {
3641
+ "200": {
3642
+ "description": "Return result true|false if the account with given identifiers exists.",
3643
+ "content": {
3644
+ "application/json": {
3645
+ "schema": {
3646
+ "type": "object",
3647
+ "properties": {
3648
+ "exists": {
3649
+ "type": "boolean",
3650
+ "description": "Whether the account exists with the given identifier values",
3651
+ "example": true
3652
+ },
3653
+ "accountId": {
3654
+ "$ref": "#/components/schemas/EntityId",
3655
+ "description": "ID of the account if exists"
3564
3656
  }
3565
3657
  }
3566
3658
  }
@@ -7527,6 +7619,90 @@
7527
7619
  }
7528
7620
  }
7529
7621
  },
7622
+ "/v2/portal/public/sso/providers/{provider_slug}": {
7623
+ "get": {
7624
+ "operationId": "getSSOProvider",
7625
+ "summary": "getSSOProvider",
7626
+ "description": "Returns the public configuration of a single SSO identity provider with env var\nplaceholders (incl. secrets) already resolved against the organization's environment.\n\nUse this endpoint at SSO initiation time (i.e. when the end user clicks \"Sign in with X\")\nto obtain the resolved OIDC settings needed to construct the authorization URL.\nThe web `client_secret` is intentionally never returned — it is used server-side by\nthe SSO callback to exchange the authorization code for tokens.\n\nSupports three identification methods:\n1. `org_id` + `origin`\n2. `org_id` + `portal_id`\n3. `domain`\n",
7627
+ "security": [],
7628
+ "tags": [
7629
+ "Public"
7630
+ ],
7631
+ "parameters": [
7632
+ {
7633
+ "in": "path",
7634
+ "name": "provider_slug",
7635
+ "required": true,
7636
+ "description": "Provider slug (organization-unique)",
7637
+ "schema": {
7638
+ "$ref": "#/components/schemas/ProviderSlug"
7639
+ }
7640
+ },
7641
+ {
7642
+ "in": "query",
7643
+ "name": "org_id",
7644
+ "required": false,
7645
+ "description": "epilot organization id (required with `origin` or `portal_id`)",
7646
+ "schema": {
7647
+ "type": "string",
7648
+ "example": 123
7649
+ }
7650
+ },
7651
+ {
7652
+ "in": "query",
7653
+ "name": "origin",
7654
+ "required": false,
7655
+ "description": "Origin of the Portal",
7656
+ "schema": {
7657
+ "type": "string",
7658
+ "enum": [
7659
+ "END_CUSTOMER_PORTAL",
7660
+ "INSTALLER_PORTAL"
7661
+ ]
7662
+ }
7663
+ },
7664
+ {
7665
+ "in": "query",
7666
+ "name": "portal_id",
7667
+ "required": false,
7668
+ "description": "ID of the Portal",
7669
+ "schema": {
7670
+ "$ref": "#/components/schemas/PortalId"
7671
+ }
7672
+ },
7673
+ {
7674
+ "in": "query",
7675
+ "name": "domain",
7676
+ "required": false,
7677
+ "description": "Portal domain for identification (alternative to org_id + origin/portal_id)",
7678
+ "schema": {
7679
+ "type": "string"
7680
+ }
7681
+ }
7682
+ ],
7683
+ "responses": {
7684
+ "200": {
7685
+ "description": "Resolved public SSO provider configuration. The handler strips `oidc_config.client_secret` from the response (kept server-side for the token exchange); the schema includes it for shape compatibility with the portal-config response.",
7686
+ "content": {
7687
+ "application/json": {
7688
+ "schema": {
7689
+ "$ref": "#/components/schemas/ProviderPublicConfig"
7690
+ }
7691
+ }
7692
+ }
7693
+ },
7694
+ "400": {
7695
+ "$ref": "#/components/responses/InvalidRequest"
7696
+ },
7697
+ "404": {
7698
+ "$ref": "#/components/responses/NotFound"
7699
+ },
7700
+ "500": {
7701
+ "$ref": "#/components/responses/InternalServerError"
7702
+ }
7703
+ }
7704
+ }
7705
+ },
7530
7706
  "/v2/portal/public/sso/login": {
7531
7707
  "post": {
7532
7708
  "operationId": "ssoLogin",
@@ -9718,6 +9894,149 @@
9718
9894
  }
9719
9895
  }
9720
9896
  }
9897
+ },
9898
+ "/v3/portal/verify-dns": {
9899
+ "post": {
9900
+ "operationId": "verifyDns",
9901
+ "summary": "verifyDns",
9902
+ "description": "Manually triggers DNS verification for a portal's domain setup. Runs the same verification logic as the scheduled processAllPendingNetworks lambda.",
9903
+ "tags": [
9904
+ "ECP Admin"
9905
+ ],
9906
+ "security": [
9907
+ {
9908
+ "EpilotAuth": []
9909
+ }
9910
+ ],
9911
+ "parameters": [
9912
+ {
9913
+ "in": "query",
9914
+ "name": "portal_id",
9915
+ "required": true,
9916
+ "schema": {
9917
+ "$ref": "#/components/schemas/PortalId"
9918
+ },
9919
+ "description": "PortalId of the portal"
9920
+ }
9921
+ ],
9922
+ "responses": {
9923
+ "200": {
9924
+ "description": "DNS verification result",
9925
+ "content": {
9926
+ "application/json": {
9927
+ "schema": {
9928
+ "type": "object",
9929
+ "properties": {
9930
+ "domain_status": {
9931
+ "type": "string",
9932
+ "description": "The status of the custom domain verification",
9933
+ "enum": [
9934
+ "PENDING",
9935
+ "SUCCEED"
9936
+ ]
9937
+ },
9938
+ "message": {
9939
+ "type": "string",
9940
+ "description": "A message describing the result"
9941
+ }
9942
+ }
9943
+ }
9944
+ }
9945
+ }
9946
+ },
9947
+ "401": {
9948
+ "$ref": "#/components/responses/Unauthorized"
9949
+ },
9950
+ "403": {
9951
+ "$ref": "#/components/responses/Forbidden"
9952
+ },
9953
+ "500": {
9954
+ "$ref": "#/components/responses/InternalServerError"
9955
+ }
9956
+ }
9957
+ }
9958
+ },
9959
+ "/v2/portal/proxy/execute": {
9960
+ "post": {
9961
+ "operationId": "portalProxyExecute",
9962
+ "summary": "portalProxyExecute",
9963
+ "description": "Execute an Integration Hub managed-call use case on behalf of a portal user.\nBridges PortalAuth to the Integration API by generating an internal token.\n",
9964
+ "security": [
9965
+ {
9966
+ "PortalAuth": []
9967
+ }
9968
+ ],
9969
+ "tags": [
9970
+ "ECP"
9971
+ ],
9972
+ "requestBody": {
9973
+ "required": true,
9974
+ "content": {
9975
+ "application/json": {
9976
+ "schema": {
9977
+ "type": "object",
9978
+ "required": [
9979
+ "integration_id",
9980
+ "use_case_slug"
9981
+ ],
9982
+ "properties": {
9983
+ "integration_id": {
9984
+ "type": "string",
9985
+ "format": "uuid",
9986
+ "description": "Integration ID containing the managed-call use case"
9987
+ },
9988
+ "use_case_slug": {
9989
+ "type": "string",
9990
+ "description": "Use case slug (acts as the RPC method name)"
9991
+ },
9992
+ "payload": {
9993
+ "type": "object",
9994
+ "description": "Input data for the managed-call operation",
9995
+ "additionalProperties": true
9996
+ }
9997
+ }
9998
+ }
9999
+ }
10000
+ }
10001
+ },
10002
+ "responses": {
10003
+ "200": {
10004
+ "description": "Managed-call execution result envelope.",
10005
+ "content": {
10006
+ "application/json": {
10007
+ "schema": {
10008
+ "type": "object",
10009
+ "required": [
10010
+ "success"
10011
+ ],
10012
+ "properties": {
10013
+ "success": {
10014
+ "type": "boolean"
10015
+ },
10016
+ "data": {
10017
+ "type": "object",
10018
+ "additionalProperties": true,
10019
+ "description": "Managed-call response payload. Shape is defined by the use\ncase's JSONata response_mapping; if no mapping is\nconfigured the raw external API response is returned.\n"
10020
+ }
10021
+ }
10022
+ }
10023
+ }
10024
+ }
10025
+ },
10026
+ "400": {
10027
+ "$ref": "#/components/responses/InvalidRequest"
10028
+ },
10029
+ "401": {
10030
+ "$ref": "#/components/responses/Unauthorized"
10031
+ },
10032
+ "403": {
10033
+ "$ref": "#/components/responses/Forbidden"
10034
+ },
10035
+ "500": {
10036
+ "$ref": "#/components/responses/InternalServerError"
10037
+ }
10038
+ }
10039
+ }
9721
10040
  }
9722
10041
  },
9723
10042
  "components": {
@@ -10403,6 +10722,13 @@
10403
10722
  "description": "Default admin users for pending user notification to notify"
10404
10723
  }
10405
10724
  }
10725
+ },
10726
+ "identity_providers": {
10727
+ "type": "array",
10728
+ "description": "SSO identity providers for the portal. When sent on a portal save (PUT/POST),\nthe list is fully synced — incoming providers are upserted and any existing\nproviders not in the list are deleted. Omit the field to leave SSO\nconfiguration unchanged; send an empty array to remove all providers.\n\nEach provider is persisted verbatim — `oidc_config.client_secret` is stored\nas sent. Customers are encouraged to reference an org env secret via\n`{{ env.VAR }}` rather than embed raw values.\n",
10729
+ "items": {
10730
+ "$ref": "#/components/schemas/ProviderConfig"
10731
+ }
10406
10732
  }
10407
10733
  }
10408
10734
  },
@@ -10430,6 +10756,14 @@
10430
10756
  "type": "boolean",
10431
10757
  "description": "Mark true if the domain is an Epilot domain"
10432
10758
  },
10759
+ "epilot_domain": {
10760
+ "type": "string",
10761
+ "description": "The URL on which the portal is accessible",
10762
+ "example": "example-portal-12345.ecp.epilot.cloud"
10763
+ },
10764
+ "domain_settings": {
10765
+ "$ref": "#/components/schemas/DomainSettings"
10766
+ },
10433
10767
  "design_id": {
10434
10768
  "$ref": "#/components/schemas/EntityId",
10435
10769
  "description": "ID of the design used to build the portal"
@@ -10456,6 +10790,24 @@
10456
10790
  "BLOCK_IF_PORTAL_USER_EXISTS"
10457
10791
  ]
10458
10792
  },
10793
+ "self_registration_account_setting": {
10794
+ "type": "string",
10795
+ "description": "Controls behavior of self-registration when account is used as the registration entity",
10796
+ "enum": [
10797
+ "ALLOW_WITH_CONTACT_CREATION",
10798
+ "DENY",
10799
+ "ALWAYS_CREATE_CONTACT",
10800
+ "DISALLOW_COMPLETELY"
10801
+ ]
10802
+ },
10803
+ "self_registration_entity": {
10804
+ "type": "string",
10805
+ "description": "Entity type used as the primary identifier for self-registration",
10806
+ "enum": [
10807
+ "contact",
10808
+ "account"
10809
+ ]
10810
+ },
10459
10811
  "user_account_self_management": {
10460
10812
  "type": "boolean",
10461
10813
  "description": "Enable or disable user account self management",
@@ -10880,6 +11232,13 @@
10880
11232
  "additionalProperties": {
10881
11233
  "$ref": "#/components/schemas/Page"
10882
11234
  }
11235
+ },
11236
+ "global_blocks": {
11237
+ "type": "object",
11238
+ "description": "Portal-level blocks shared across all pages (e.g. footer). Keyed by block id.",
11239
+ "additionalProperties": {
11240
+ "$ref": "#/components/schemas/Block"
11241
+ }
10883
11242
  }
10884
11243
  }
10885
11244
  },
@@ -10986,6 +11345,24 @@
10986
11345
  }
10987
11346
  }
10988
11347
  },
11348
+ "DomainSettings": {
11349
+ "type": "object",
11350
+ "description": "Domain settings for the portal",
11351
+ "properties": {
11352
+ "is_custom_domain_enabled": {
11353
+ "type": "boolean",
11354
+ "description": "Whether the custom domain is enabled"
11355
+ },
11356
+ "is_epilot_domain_enabled": {
11357
+ "type": "boolean",
11358
+ "description": "Whether the Epilot domain is enabled"
11359
+ },
11360
+ "is_redirection_enabled": {
11361
+ "type": "boolean",
11362
+ "description": "Whether the redirection is enabled"
11363
+ }
11364
+ }
11365
+ },
10989
11366
  "WidgetBase": {
10990
11367
  "type": "object",
10991
11368
  "required": [
@@ -11342,6 +11719,38 @@
11342
11719
  }
11343
11720
  }
11344
11721
  },
11722
+ "AccountExistsRequest": {
11723
+ "type": "object",
11724
+ "required": [
11725
+ "registration_identifiers",
11726
+ "org_id"
11727
+ ],
11728
+ "properties": {
11729
+ "org_id": {
11730
+ "type": "string",
11731
+ "example": 728,
11732
+ "description": "ID of the organization"
11733
+ },
11734
+ "registration_identifiers": {
11735
+ "type": "object",
11736
+ "description": "Identifier-value pairs per schema to identify an account during portal user registration",
11737
+ "additionalProperties": {
11738
+ "type": "object",
11739
+ "additionalProperties": {
11740
+ "type": "string"
11741
+ }
11742
+ },
11743
+ "example": {
11744
+ "account": {
11745
+ "customer_number": "ACC-123456"
11746
+ },
11747
+ "contract": {
11748
+ "contract_number": "123456"
11749
+ }
11750
+ }
11751
+ }
11752
+ }
11753
+ },
11345
11754
  "UserRequest": {
11346
11755
  "type": "object",
11347
11756
  "properties": {
@@ -14471,6 +14880,11 @@
14471
14880
  "type": "string",
14472
14881
  "description": "Lower allowed limit of the meter reading",
14473
14882
  "example": "{{CallResponse.data.lower_limit}}"
14883
+ },
14884
+ "errorMessagePath": {
14885
+ "type": "string",
14886
+ "description": "Optional path to a human-readable error message in the third-party response body, used when the call fails (non-2xx status).\nIf specified and the path resolves to a string, that message is forwarded to the end user instead of a generic error.\n",
14887
+ "example": "error.message"
14474
14888
  }
14475
14889
  }
14476
14890
  },
@@ -14550,6 +14964,11 @@
14550
14964
  "dataPath": {
14551
14965
  "type": "string",
14552
14966
  "description": "Optional path to the data (array) in the response. If omitted, the data is assumed to be on the top level."
14967
+ },
14968
+ "errorMessagePath": {
14969
+ "type": "string",
14970
+ "description": "Optional path to a human-readable error message in the third-party response body, used when the call fails (non-2xx status).\nIf specified and the path resolves to a string, that message is forwarded to the end user instead of a generic error.\n",
14971
+ "example": "error.message"
14553
14972
  }
14554
14973
  }
14555
14974
  },
@@ -14628,6 +15047,11 @@
14628
15047
  "dataPath": {
14629
15048
  "type": "string",
14630
15049
  "description": "Optional path to the data (array) in the response. If omitted, the data is assumed to be on the top level."
15050
+ },
15051
+ "errorMessagePath": {
15052
+ "type": "string",
15053
+ "description": "Optional path to a human-readable error message in the third-party response body, used when the call fails (non-2xx status).\nIf specified and the path resolves to a string, that message is forwarded to the end user instead of a generic error.\n",
15054
+ "example": "error.message"
14631
15055
  }
14632
15056
  }
14633
15057
  },
@@ -14707,6 +15131,16 @@
14707
15131
  "url"
14708
15132
  ]
14709
15133
  },
15134
+ "resolved": {
15135
+ "type": "object",
15136
+ "properties": {
15137
+ "errorMessagePath": {
15138
+ "type": "string",
15139
+ "description": "Optional path to a human-readable error message in the third-party response body, used when the call fails (non-2xx status).\nIf specified and the path resolves to a string, that message is forwarded to the end user instead of a generic error.\n",
15140
+ "example": "error.message"
15141
+ }
15142
+ }
15143
+ },
14710
15144
  "use_static_ips": {
14711
15145
  "type": "boolean",
14712
15146
  "deprecated": true,
@@ -14782,6 +15216,11 @@
14782
15216
  "dataPath": {
14783
15217
  "type": "string",
14784
15218
  "description": "Optional path to the metadata object in the response. If omitted, the metadata is assumed to be on the top level."
15219
+ },
15220
+ "errorMessagePath": {
15221
+ "type": "string",
15222
+ "description": "Optional path to a human-readable error message in the third-party response body, used when the call fails (non-2xx status).\nIf specified and the path resolves to a string, that message is forwarded to the end user instead of a generic error.\n",
15223
+ "example": "error.message"
14785
15224
  }
14786
15225
  }
14787
15226
  },
@@ -14860,6 +15299,11 @@
14860
15299
  "dataPath": {
14861
15300
  "type": "string",
14862
15301
  "description": "Optional path to the data (array) in the response. If omitted, the data is assumed to be on the top level."
15302
+ },
15303
+ "errorMessagePath": {
15304
+ "type": "string",
15305
+ "description": "Optional path to a human-readable error message in the third-party response body, used when the call fails (non-2xx status).\nIf specified and the path resolves to a string, that message is forwarded to the end user instead of a generic error.\n",
15306
+ "example": "error.message"
14863
15307
  }
14864
15308
  }
14865
15309
  },
@@ -15181,6 +15625,7 @@
15181
15625
  },
15182
15626
  "ProviderConfig": {
15183
15627
  "type": "object",
15628
+ "description": "SSO identity provider configuration.\n\nEnv var interpolation: only string fields under `oidc_config` and\n`mobile_oidc_config` (incl. their nested `metadata`) are passed through\nLiquid templating, so they may contain `{{ env.VAR }}` placeholders that\nget resolved at runtime against the organization's environment.\n\nThe following fields are used as literal values and MUST NOT contain\ntemplate syntax: `slug`, `display_name`, `provider_type`, all keys and\nvalues under `attribute_mappings` (used as JSONPath-like accessors into\ntoken claims), and all keys and values under `entity_matching`.\n",
15184
15629
  "properties": {
15185
15630
  "slug": {
15186
15631
  "$ref": "#/components/schemas/ProviderSlug"
@@ -15372,6 +15817,7 @@
15372
15817
  },
15373
15818
  "OIDCProviderConfig": {
15374
15819
  "type": "object",
15820
+ "description": "OIDC provider configuration. Values are resolved at SSO invocation time\n(login / callback), so the fields below may reference org env vars via\nmustache-like templates, e.g. `{{ env.MY_PROVIDER_CLIENT_SECRET }}`.\n\nFields used to render the SSO buttons up-front (`ProviderConfig.slug`,\n`ProviderConfig.display_name`) are NOT interpolated and must be literal.\n",
15375
15821
  "properties": {
15376
15822
  "type": {
15377
15823
  "type": "string",
@@ -15383,20 +15829,22 @@
15383
15829
  },
15384
15830
  "oidc_issuer": {
15385
15831
  "type": "string",
15386
- "description": "Issuing Authority URL",
15832
+ "description": "Issuing Authority URL. Supports env var interpolation, e.g. `{{ env.MY_ISSUER }}`.",
15387
15833
  "example": "https://login.microsoftonline.com/33d4f3e5-3df2-421e-b92e-a63cfa680a88/v2.0"
15388
15834
  },
15389
15835
  "redirect_uri": {
15390
15836
  "type": "string",
15391
- "description": "Redirect URI for the OIDC flow",
15837
+ "description": "Redirect URI for the OIDC flow. Supports env var interpolation.",
15392
15838
  "example": "https://customer-portal.com/login"
15393
15839
  },
15394
15840
  "client_id": {
15395
15841
  "type": "string",
15842
+ "description": "Supports env var interpolation, e.g. `{{ env.MY_CLIENT_ID }}`.",
15396
15843
  "example": "ab81daf8-8b1f-42d6-94ca-c51621054c75"
15397
15844
  },
15398
15845
  "client_secret": {
15399
15846
  "type": "string",
15847
+ "description": "Client Secret. Supports env var interpolation (incl. secrets), e.g.\n`{{ env.MY_CLIENT_SECRET }}`. Prefer storing the actual secret as an org\nenv var and referencing it here.\n",
15400
15848
  "example": "7BIUnn~6shh.7fNtXb..3k1Mp3s6k6WK3B"
15401
15849
  },
15402
15850
  "has_client_secret": {
@@ -15429,15 +15877,16 @@
15429
15877
  },
15430
15878
  "MoblieOIDCConfig": {
15431
15879
  "type": "object",
15880
+ "description": "Mobile OIDC configuration. Values are resolved at SSO invocation time, so the\nfields below may reference org env vars via mustache-like templates, e.g.\n`{{ env.MOBILE_CLIENT_SECRET }}`.\n",
15432
15881
  "properties": {
15433
15882
  "client_id": {
15434
15883
  "type": "string",
15435
- "description": "Client ID for the mobile app",
15884
+ "description": "Client ID for the mobile app. Supports env var interpolation.",
15436
15885
  "example": 123456
15437
15886
  },
15438
15887
  "client_secret": {
15439
15888
  "type": "string",
15440
- "description": "Client Secret for the mobile app",
15889
+ "description": "Client Secret for the mobile app. Supports env var interpolation (incl. secrets),\ne.g. `{{ env.MOBILE_CLIENT_SECRET }}`.\n",
15441
15890
  "example": 123456
15442
15891
  }
15443
15892
  }
@@ -15445,6 +15894,18 @@
15445
15894
  "OIDCProviderMetadata": {
15446
15895
  "type": "object",
15447
15896
  "properties": {
15897
+ "response_modes_supported": {
15898
+ "type": "array",
15899
+ "description": "Response modes the provider accepts (e.g. `form_post` for Apple)",
15900
+ "items": {
15901
+ "type": "string",
15902
+ "enum": [
15903
+ "form_post",
15904
+ "fragment",
15905
+ "query"
15906
+ ]
15907
+ }
15908
+ },
15448
15909
  "authorization_endpoint": {
15449
15910
  "type": "string",
15450
15911
  "description": "URL of the authorization endpoint",
@@ -15482,12 +15943,12 @@
15482
15943
  },
15483
15944
  "test_auth_username": {
15484
15945
  "type": "string",
15485
- "description": "The username for the test auth, only used for testing on auth code flow",
15946
+ "description": "The username for the test auth, only used for testing on auth code flow.\nSupports env var interpolation, e.g. `{{ env.MY_TEST_AUTH_USERNAME }}`.\n",
15486
15947
  "example": "test@epilot.io"
15487
15948
  },
15488
15949
  "test_auth_password": {
15489
15950
  "type": "string",
15490
- "description": "The password for the test auth, only used for testing on auth code flow"
15951
+ "description": "The password for the test auth, only used for testing on auth code flow.\nSupports env var interpolation (incl. secrets), e.g. `{{ env.MY_TEST_AUTH_PASSWORD }}`.\n"
15491
15952
  }
15492
15953
  }
15493
15954
  },
@@ -15924,6 +16385,14 @@
15924
16385
  "type": "boolean",
15925
16386
  "description": "Mark true if the domain is an Epilot domain"
15926
16387
  },
16388
+ "epilot_domain": {
16389
+ "type": "string",
16390
+ "description": "The Epilot domain on which the portal is accessible",
16391
+ "example": "example-portal-1.ecp.epilot.io"
16392
+ },
16393
+ "domain_settings": {
16394
+ "$ref": "#/components/schemas/DomainSettings"
16395
+ },
15927
16396
  "design_id": {
15928
16397
  "$ref": "#/components/schemas/EntityId",
15929
16398
  "description": "ID of the design used to build the portal"
@@ -15950,6 +16419,24 @@
15950
16419
  "BLOCK_IF_PORTAL_USER_EXISTS"
15951
16420
  ]
15952
16421
  },
16422
+ "self_registration_account_setting": {
16423
+ "type": "string",
16424
+ "description": "Controls behavior of self-registration when account is used as the registration entity",
16425
+ "enum": [
16426
+ "ALLOW_WITH_CONTACT_CREATION",
16427
+ "DENY",
16428
+ "ALWAYS_CREATE_CONTACT",
16429
+ "DISALLOW_COMPLETELY"
16430
+ ]
16431
+ },
16432
+ "self_registration_entity": {
16433
+ "type": "string",
16434
+ "description": "Entity type used as the primary identifier for self-registration",
16435
+ "enum": [
16436
+ "contact",
16437
+ "account"
16438
+ ]
16439
+ },
15953
16440
  "user_account_self_management": {
15954
16441
  "type": "boolean",
15955
16442
  "description": "Enable or disable user account self management",
@@ -16368,6 +16855,13 @@
16368
16855
  },
16369
16856
  "origin": {
16370
16857
  "$ref": "#/components/schemas/Origin"
16858
+ },
16859
+ "global_blocks": {
16860
+ "type": "object",
16861
+ "description": "Portal-level blocks shared across all pages (e.g. footer). Keyed by block id.",
16862
+ "additionalProperties": {
16863
+ "$ref": "#/components/schemas/Block"
16864
+ }
16371
16865
  }
16372
16866
  }
16373
16867
  },
@@ -16480,6 +16974,11 @@
16480
16974
  "is_canary": {
16481
16975
  "type": "boolean",
16482
16976
  "description": "Whether the org is in canary mode"
16977
+ },
16978
+ "redirect_to": {
16979
+ "type": "string",
16980
+ "description": "The URL to redirect to",
16981
+ "example": "https://example.com"
16483
16982
  }
16484
16983
  }
16485
16984
  },