@goauthentik/api 2025.2.2-1742245839 → 2025.2.2-1742395408

package/dist/apis/ProvidersApi.d.ts

@@ -383,6 +383,7 @@ export interface ProvidersSamlListRequest {
     assertionValidNotOnOrAfter?: string;
     audience?: string;
     authenticationFlow?: string;
+    authnContextClassRefMapping?: string;
     authorizationFlow?: string;
     backchannelApplication?: string;
     defaultRelayState?: string;

package/dist/apis/ProvidersApi.js

@@ -3361,6 +3361,9 @@ class ProvidersApi extends runtime.BaseAPI {
             if (requestParameters['authenticationFlow'] != null) {
                 queryParameters['authentication_flow'] = requestParameters['authenticationFlow'];
             }
+            if (requestParameters['authnContextClassRefMapping'] != null) {
+                queryParameters['authn_context_class_ref_mapping'] = requestParameters['authnContextClassRefMapping'];
+            }
             if (requestParameters['authorizationFlow'] != null) {
                 queryParameters['authorization_flow'] = requestParameters['authorizationFlow'];
             }

package/dist/apis/SourcesApi.d.ts

@@ -610,11 +610,11 @@ export interface SourcesUserConnectionsSamlUsedByListRequest {
  */
 export declare class SourcesApi extends runtime.BaseAPI {
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     sourcesAllDestroyRaw(requestParameters: SourcesAllDestroyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>>;
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     sourcesAllDestroy(requestParameters: SourcesAllDestroyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void>;
     /**

package/dist/apis/SourcesApi.js

@@ -30,7 +30,7 @@ const index_1 = require("../models/index");
  */
 class SourcesApi extends runtime.BaseAPI {
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     sourcesAllDestroyRaw(requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function* () {
@@ -56,7 +56,7 @@ class SourcesApi extends runtime.BaseAPI {
         });
     }
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     sourcesAllDestroy(requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function* () {

package/dist/esm/apis/ProvidersApi.d.ts

@@ -383,6 +383,7 @@ export interface ProvidersSamlListRequest {
     assertionValidNotOnOrAfter?: string;
     audience?: string;
     authenticationFlow?: string;
+    authnContextClassRefMapping?: string;
     authorizationFlow?: string;
     backchannelApplication?: string;
     defaultRelayState?: string;

package/dist/esm/apis/ProvidersApi.js

@@ -3358,6 +3358,9 @@ export class ProvidersApi extends runtime.BaseAPI {
             if (requestParameters['authenticationFlow'] != null) {
                 queryParameters['authentication_flow'] = requestParameters['authenticationFlow'];
             }
+            if (requestParameters['authnContextClassRefMapping'] != null) {
+                queryParameters['authn_context_class_ref_mapping'] = requestParameters['authnContextClassRefMapping'];
+            }
             if (requestParameters['authorizationFlow'] != null) {
                 queryParameters['authorization_flow'] = requestParameters['authorizationFlow'];
             }

package/dist/esm/apis/SourcesApi.d.ts

@@ -610,11 +610,11 @@ export interface SourcesUserConnectionsSamlUsedByListRequest {
  */
 export declare class SourcesApi extends runtime.BaseAPI {
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     sourcesAllDestroyRaw(requestParameters: SourcesAllDestroyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>>;
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     sourcesAllDestroy(requestParameters: SourcesAllDestroyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void>;
     /**

package/dist/esm/apis/SourcesApi.js

@@ -27,7 +27,7 @@ import { FilePathRequestToJSON, GroupKerberosSourceConnectionFromJSON, GroupKerb
  */
 export class SourcesApi extends runtime.BaseAPI {
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     sourcesAllDestroyRaw(requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function* () {
@@ -53,7 +53,7 @@ export class SourcesApi extends runtime.BaseAPI {
         });
     }
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     sourcesAllDestroy(requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function* () {

package/dist/esm/models/PatchedSAMLProviderRequest.d.ts

@@ -90,6 +90,12 @@ export interface PatchedSAMLProviderRequest {
      * @memberof PatchedSAMLProviderRequest
      */
     nameIdMapping?: string | null;
+    /**
+     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
+     * @type {string}
+     * @memberof PatchedSAMLProviderRequest
+     */
+    authnContextClassRefMapping?: string | null;
     /**
      *
      * @type {DigestAlgorithmEnum}

package/dist/esm/models/PatchedSAMLProviderRequest.js

@@ -40,6 +40,7 @@ export function PatchedSAMLProviderRequestFromJSONTyped(json, ignoreDiscriminato
         'assertionValidNotOnOrAfter': json['assertion_valid_not_on_or_after'] == null ? undefined : json['assertion_valid_not_on_or_after'],
         'sessionValidNotOnOrAfter': json['session_valid_not_on_or_after'] == null ? undefined : json['session_valid_not_on_or_after'],
         'nameIdMapping': json['name_id_mapping'] == null ? undefined : json['name_id_mapping'],
+        'authnContextClassRefMapping': json['authn_context_class_ref_mapping'] == null ? undefined : json['authn_context_class_ref_mapping'],
         'digestAlgorithm': json['digest_algorithm'] == null ? undefined : DigestAlgorithmEnumFromJSON(json['digest_algorithm']),
         'signatureAlgorithm': json['signature_algorithm'] == null ? undefined : SignatureAlgorithmEnumFromJSON(json['signature_algorithm']),
         'signingKp': json['signing_kp'] == null ? undefined : json['signing_kp'],
@@ -71,6 +72,7 @@ export function PatchedSAMLProviderRequestToJSONTyped(value, ignoreDiscriminator
         'assertion_valid_not_on_or_after': value['assertionValidNotOnOrAfter'],
         'session_valid_not_on_or_after': value['sessionValidNotOnOrAfter'],
         'name_id_mapping': value['nameIdMapping'],
+        'authn_context_class_ref_mapping': value['authnContextClassRefMapping'],
         'digest_algorithm': DigestAlgorithmEnumToJSON(value['digestAlgorithm']),
         'signature_algorithm': SignatureAlgorithmEnumToJSON(value['signatureAlgorithm']),
         'signing_kp': value['signingKp'],

package/dist/esm/models/SAMLProvider.d.ts

@@ -144,6 +144,12 @@ export interface SAMLProvider {
      * @memberof SAMLProvider
      */
     nameIdMapping?: string | null;
+    /**
+     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
+     * @type {string}
+     * @memberof SAMLProvider
+     */
+    authnContextClassRefMapping?: string | null;
     /**
      *
      * @type {DigestAlgorithmEnum}

package/dist/esm/models/SAMLProvider.js

@@ -87,6 +87,7 @@ export function SAMLProviderFromJSONTyped(json, ignoreDiscriminator) {
         'assertionValidNotOnOrAfter': json['assertion_valid_not_on_or_after'] == null ? undefined : json['assertion_valid_not_on_or_after'],
         'sessionValidNotOnOrAfter': json['session_valid_not_on_or_after'] == null ? undefined : json['session_valid_not_on_or_after'],
         'nameIdMapping': json['name_id_mapping'] == null ? undefined : json['name_id_mapping'],
+        'authnContextClassRefMapping': json['authn_context_class_ref_mapping'] == null ? undefined : json['authn_context_class_ref_mapping'],
         'digestAlgorithm': json['digest_algorithm'] == null ? undefined : DigestAlgorithmEnumFromJSON(json['digest_algorithm']),
         'signatureAlgorithm': json['signature_algorithm'] == null ? undefined : SignatureAlgorithmEnumFromJSON(json['signature_algorithm']),
         'signingKp': json['signing_kp'] == null ? undefined : json['signing_kp'],
@@ -124,6 +125,7 @@ export function SAMLProviderToJSONTyped(value, ignoreDiscriminator = false) {
         'assertion_valid_not_on_or_after': value['assertionValidNotOnOrAfter'],
         'session_valid_not_on_or_after': value['sessionValidNotOnOrAfter'],
         'name_id_mapping': value['nameIdMapping'],
+        'authn_context_class_ref_mapping': value['authnContextClassRefMapping'],
         'digest_algorithm': DigestAlgorithmEnumToJSON(value['digestAlgorithm']),
         'signature_algorithm': SignatureAlgorithmEnumToJSON(value['signatureAlgorithm']),
         'signing_kp': value['signingKp'],

package/dist/esm/models/SAMLProviderRequest.d.ts

@@ -90,6 +90,12 @@ export interface SAMLProviderRequest {
      * @memberof SAMLProviderRequest
      */
     nameIdMapping?: string | null;
+    /**
+     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
+     * @type {string}
+     * @memberof SAMLProviderRequest
+     */
+    authnContextClassRefMapping?: string | null;
     /**
      *
      * @type {DigestAlgorithmEnum}

package/dist/esm/models/SAMLProviderRequest.js

@@ -48,6 +48,7 @@ export function SAMLProviderRequestFromJSONTyped(json, ignoreDiscriminator) {
         'assertionValidNotOnOrAfter': json['assertion_valid_not_on_or_after'] == null ? undefined : json['assertion_valid_not_on_or_after'],
         'sessionValidNotOnOrAfter': json['session_valid_not_on_or_after'] == null ? undefined : json['session_valid_not_on_or_after'],
         'nameIdMapping': json['name_id_mapping'] == null ? undefined : json['name_id_mapping'],
+        'authnContextClassRefMapping': json['authn_context_class_ref_mapping'] == null ? undefined : json['authn_context_class_ref_mapping'],
         'digestAlgorithm': json['digest_algorithm'] == null ? undefined : DigestAlgorithmEnumFromJSON(json['digest_algorithm']),
         'signatureAlgorithm': json['signature_algorithm'] == null ? undefined : SignatureAlgorithmEnumFromJSON(json['signature_algorithm']),
         'signingKp': json['signing_kp'] == null ? undefined : json['signing_kp'],
@@ -79,6 +80,7 @@ export function SAMLProviderRequestToJSONTyped(value, ignoreDiscriminator = fals
         'assertion_valid_not_on_or_after': value['assertionValidNotOnOrAfter'],
         'session_valid_not_on_or_after': value['sessionValidNotOnOrAfter'],
         'name_id_mapping': value['nameIdMapping'],
+        'authn_context_class_ref_mapping': value['authnContextClassRefMapping'],
         'digest_algorithm': DigestAlgorithmEnumToJSON(value['digestAlgorithm']),
         'signature_algorithm': SignatureAlgorithmEnumToJSON(value['signatureAlgorithm']),
         'signing_kp': value['signingKp'],

package/dist/esm/models/SCIMProviderGroup.d.ts

@@ -46,6 +46,12 @@ export interface SCIMProviderGroup {
      * @memberof SCIMProviderGroup
      */
     provider: number;
+    /**
+     *
+     * @type {any}
+     * @memberof SCIMProviderGroup
+     */
+    readonly attributes: any | null;
 }
 /**
  * Check if a given object implements the SCIMProviderGroup interface.
@@ -54,4 +60,4 @@ export declare function instanceOfSCIMProviderGroup(value: object): value is SCI
 export declare function SCIMProviderGroupFromJSON(json: any): SCIMProviderGroup;
 export declare function SCIMProviderGroupFromJSONTyped(json: any, ignoreDiscriminator: boolean): SCIMProviderGroup;
 export declare function SCIMProviderGroupToJSON(json: any): SCIMProviderGroup;
-export declare function SCIMProviderGroupToJSONTyped(value?: Omit<SCIMProviderGroup, 'id' | 'group_obj'> | null, ignoreDiscriminator?: boolean): any;
+export declare function SCIMProviderGroupToJSONTyped(value?: Omit<SCIMProviderGroup, 'id' | 'group_obj' | 'attributes'> | null, ignoreDiscriminator?: boolean): any;

package/dist/esm/models/SCIMProviderGroup.js

@@ -26,6 +26,8 @@ export function instanceOfSCIMProviderGroup(value) {
         return false;
     if (!('provider' in value) || value['provider'] === undefined)
         return false;
+    if (!('attributes' in value) || value['attributes'] === undefined)
+        return false;
     return true;
 }
 export function SCIMProviderGroupFromJSON(json) {
@@ -41,6 +43,7 @@ export function SCIMProviderGroupFromJSONTyped(json, ignoreDiscriminator) {
         'group': json['group'],
         'groupObj': UserGroupFromJSON(json['group_obj']),
         'provider': json['provider'],
+        'attributes': json['attributes'],
     };
 }
 export function SCIMProviderGroupToJSON(json) {

package/dist/esm/models/SCIMProviderUser.d.ts

@@ -46,6 +46,12 @@ export interface SCIMProviderUser {
      * @memberof SCIMProviderUser
      */
     provider: number;
+    /**
+     *
+     * @type {any}
+     * @memberof SCIMProviderUser
+     */
+    readonly attributes: any | null;
 }
 /**
  * Check if a given object implements the SCIMProviderUser interface.
@@ -54,4 +60,4 @@ export declare function instanceOfSCIMProviderUser(value: object): value is SCIM
 export declare function SCIMProviderUserFromJSON(json: any): SCIMProviderUser;
 export declare function SCIMProviderUserFromJSONTyped(json: any, ignoreDiscriminator: boolean): SCIMProviderUser;
 export declare function SCIMProviderUserToJSON(json: any): SCIMProviderUser;
-export declare function SCIMProviderUserToJSONTyped(value?: Omit<SCIMProviderUser, 'id' | 'user_obj'> | null, ignoreDiscriminator?: boolean): any;
+export declare function SCIMProviderUserToJSONTyped(value?: Omit<SCIMProviderUser, 'id' | 'user_obj' | 'attributes'> | null, ignoreDiscriminator?: boolean): any;

package/dist/esm/models/SCIMProviderUser.js

@@ -26,6 +26,8 @@ export function instanceOfSCIMProviderUser(value) {
         return false;
     if (!('provider' in value) || value['provider'] === undefined)
         return false;
+    if (!('attributes' in value) || value['attributes'] === undefined)
+        return false;
     return true;
 }
 export function SCIMProviderUserFromJSON(json) {
@@ -41,6 +43,7 @@ export function SCIMProviderUserFromJSONTyped(json, ignoreDiscriminator) {
         'user': json['user'],
         'userObj': GroupMemberFromJSON(json['user_obj']),
         'provider': json['provider'],
+        'attributes': json['attributes'],
     };
 }
 export function SCIMProviderUserToJSON(json) {

package/dist/models/PatchedSAMLProviderRequest.d.ts

@@ -90,6 +90,12 @@ export interface PatchedSAMLProviderRequest {
      * @memberof PatchedSAMLProviderRequest
      */
     nameIdMapping?: string | null;
+    /**
+     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
+     * @type {string}
+     * @memberof PatchedSAMLProviderRequest
+     */
+    authnContextClassRefMapping?: string | null;
     /**
      *
      * @type {DigestAlgorithmEnum}

package/dist/models/PatchedSAMLProviderRequest.js

@@ -47,6 +47,7 @@ function PatchedSAMLProviderRequestFromJSONTyped(json, ignoreDiscriminator) {
         'assertionValidNotOnOrAfter': json['assertion_valid_not_on_or_after'] == null ? undefined : json['assertion_valid_not_on_or_after'],
         'sessionValidNotOnOrAfter': json['session_valid_not_on_or_after'] == null ? undefined : json['session_valid_not_on_or_after'],
         'nameIdMapping': json['name_id_mapping'] == null ? undefined : json['name_id_mapping'],
+        'authnContextClassRefMapping': json['authn_context_class_ref_mapping'] == null ? undefined : json['authn_context_class_ref_mapping'],
         'digestAlgorithm': json['digest_algorithm'] == null ? undefined : (0, DigestAlgorithmEnum_1.DigestAlgorithmEnumFromJSON)(json['digest_algorithm']),
         'signatureAlgorithm': json['signature_algorithm'] == null ? undefined : (0, SignatureAlgorithmEnum_1.SignatureAlgorithmEnumFromJSON)(json['signature_algorithm']),
         'signingKp': json['signing_kp'] == null ? undefined : json['signing_kp'],
@@ -78,6 +79,7 @@ function PatchedSAMLProviderRequestToJSONTyped(value, ignoreDiscriminator = fals
         'assertion_valid_not_on_or_after': value['assertionValidNotOnOrAfter'],
         'session_valid_not_on_or_after': value['sessionValidNotOnOrAfter'],
         'name_id_mapping': value['nameIdMapping'],
+        'authn_context_class_ref_mapping': value['authnContextClassRefMapping'],
         'digest_algorithm': (0, DigestAlgorithmEnum_1.DigestAlgorithmEnumToJSON)(value['digestAlgorithm']),
         'signature_algorithm': (0, SignatureAlgorithmEnum_1.SignatureAlgorithmEnumToJSON)(value['signatureAlgorithm']),
         'signing_kp': value['signingKp'],

package/dist/models/SAMLProvider.d.ts

@@ -144,6 +144,12 @@ export interface SAMLProvider {
      * @memberof SAMLProvider
      */
     nameIdMapping?: string | null;
+    /**
+     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
+     * @type {string}
+     * @memberof SAMLProvider
+     */
+    authnContextClassRefMapping?: string | null;
     /**
      *
      * @type {DigestAlgorithmEnum}

package/dist/models/SAMLProvider.js

@@ -94,6 +94,7 @@ function SAMLProviderFromJSONTyped(json, ignoreDiscriminator) {
         'assertionValidNotOnOrAfter': json['assertion_valid_not_on_or_after'] == null ? undefined : json['assertion_valid_not_on_or_after'],
         'sessionValidNotOnOrAfter': json['session_valid_not_on_or_after'] == null ? undefined : json['session_valid_not_on_or_after'],
         'nameIdMapping': json['name_id_mapping'] == null ? undefined : json['name_id_mapping'],
+        'authnContextClassRefMapping': json['authn_context_class_ref_mapping'] == null ? undefined : json['authn_context_class_ref_mapping'],
         'digestAlgorithm': json['digest_algorithm'] == null ? undefined : (0, DigestAlgorithmEnum_1.DigestAlgorithmEnumFromJSON)(json['digest_algorithm']),
         'signatureAlgorithm': json['signature_algorithm'] == null ? undefined : (0, SignatureAlgorithmEnum_1.SignatureAlgorithmEnumFromJSON)(json['signature_algorithm']),
         'signingKp': json['signing_kp'] == null ? undefined : json['signing_kp'],
@@ -131,6 +132,7 @@ function SAMLProviderToJSONTyped(value, ignoreDiscriminator = false) {
         'assertion_valid_not_on_or_after': value['assertionValidNotOnOrAfter'],
         'session_valid_not_on_or_after': value['sessionValidNotOnOrAfter'],
         'name_id_mapping': value['nameIdMapping'],
+        'authn_context_class_ref_mapping': value['authnContextClassRefMapping'],
         'digest_algorithm': (0, DigestAlgorithmEnum_1.DigestAlgorithmEnumToJSON)(value['digestAlgorithm']),
         'signature_algorithm': (0, SignatureAlgorithmEnum_1.SignatureAlgorithmEnumToJSON)(value['signatureAlgorithm']),
         'signing_kp': value['signingKp'],

package/dist/models/SAMLProviderRequest.d.ts

@@ -90,6 +90,12 @@ export interface SAMLProviderRequest {
      * @memberof SAMLProviderRequest
      */
     nameIdMapping?: string | null;
+    /**
+     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
+     * @type {string}
+     * @memberof SAMLProviderRequest
+     */
+    authnContextClassRefMapping?: string | null;
     /**
      *
      * @type {DigestAlgorithmEnum}

package/dist/models/SAMLProviderRequest.js

@@ -55,6 +55,7 @@ function SAMLProviderRequestFromJSONTyped(json, ignoreDiscriminator) {
         'assertionValidNotOnOrAfter': json['assertion_valid_not_on_or_after'] == null ? undefined : json['assertion_valid_not_on_or_after'],
         'sessionValidNotOnOrAfter': json['session_valid_not_on_or_after'] == null ? undefined : json['session_valid_not_on_or_after'],
         'nameIdMapping': json['name_id_mapping'] == null ? undefined : json['name_id_mapping'],
+        'authnContextClassRefMapping': json['authn_context_class_ref_mapping'] == null ? undefined : json['authn_context_class_ref_mapping'],
         'digestAlgorithm': json['digest_algorithm'] == null ? undefined : (0, DigestAlgorithmEnum_1.DigestAlgorithmEnumFromJSON)(json['digest_algorithm']),
         'signatureAlgorithm': json['signature_algorithm'] == null ? undefined : (0, SignatureAlgorithmEnum_1.SignatureAlgorithmEnumFromJSON)(json['signature_algorithm']),
         'signingKp': json['signing_kp'] == null ? undefined : json['signing_kp'],
@@ -86,6 +87,7 @@ function SAMLProviderRequestToJSONTyped(value, ignoreDiscriminator = false) {
         'assertion_valid_not_on_or_after': value['assertionValidNotOnOrAfter'],
         'session_valid_not_on_or_after': value['sessionValidNotOnOrAfter'],
         'name_id_mapping': value['nameIdMapping'],
+        'authn_context_class_ref_mapping': value['authnContextClassRefMapping'],
         'digest_algorithm': (0, DigestAlgorithmEnum_1.DigestAlgorithmEnumToJSON)(value['digestAlgorithm']),
         'signature_algorithm': (0, SignatureAlgorithmEnum_1.SignatureAlgorithmEnumToJSON)(value['signatureAlgorithm']),
         'signing_kp': value['signingKp'],

package/dist/models/SCIMProviderGroup.d.ts

@@ -46,6 +46,12 @@ export interface SCIMProviderGroup {
      * @memberof SCIMProviderGroup
      */
     provider: number;
+    /**
+     *
+     * @type {any}
+     * @memberof SCIMProviderGroup
+     */
+    readonly attributes: any | null;
 }
 /**
  * Check if a given object implements the SCIMProviderGroup interface.
@@ -54,4 +60,4 @@ export declare function instanceOfSCIMProviderGroup(value: object): value is SCI
 export declare function SCIMProviderGroupFromJSON(json: any): SCIMProviderGroup;
 export declare function SCIMProviderGroupFromJSONTyped(json: any, ignoreDiscriminator: boolean): SCIMProviderGroup;
 export declare function SCIMProviderGroupToJSON(json: any): SCIMProviderGroup;
-export declare function SCIMProviderGroupToJSONTyped(value?: Omit<SCIMProviderGroup, 'id' | 'group_obj'> | null, ignoreDiscriminator?: boolean): any;
+export declare function SCIMProviderGroupToJSONTyped(value?: Omit<SCIMProviderGroup, 'id' | 'group_obj' | 'attributes'> | null, ignoreDiscriminator?: boolean): any;

package/dist/models/SCIMProviderGroup.js

@@ -33,6 +33,8 @@ function instanceOfSCIMProviderGroup(value) {
         return false;
     if (!('provider' in value) || value['provider'] === undefined)
         return false;
+    if (!('attributes' in value) || value['attributes'] === undefined)
+        return false;
     return true;
 }
 function SCIMProviderGroupFromJSON(json) {
@@ -48,6 +50,7 @@ function SCIMProviderGroupFromJSONTyped(json, ignoreDiscriminator) {
         'group': json['group'],
         'groupObj': (0, UserGroup_1.UserGroupFromJSON)(json['group_obj']),
         'provider': json['provider'],
+        'attributes': json['attributes'],
     };
 }
 function SCIMProviderGroupToJSON(json) {

package/dist/models/SCIMProviderUser.d.ts

@@ -46,6 +46,12 @@ export interface SCIMProviderUser {
      * @memberof SCIMProviderUser
      */
     provider: number;
+    /**
+     *
+     * @type {any}
+     * @memberof SCIMProviderUser
+     */
+    readonly attributes: any | null;
 }
 /**
  * Check if a given object implements the SCIMProviderUser interface.
@@ -54,4 +60,4 @@ export declare function instanceOfSCIMProviderUser(value: object): value is SCIM
 export declare function SCIMProviderUserFromJSON(json: any): SCIMProviderUser;
 export declare function SCIMProviderUserFromJSONTyped(json: any, ignoreDiscriminator: boolean): SCIMProviderUser;
 export declare function SCIMProviderUserToJSON(json: any): SCIMProviderUser;
-export declare function SCIMProviderUserToJSONTyped(value?: Omit<SCIMProviderUser, 'id' | 'user_obj'> | null, ignoreDiscriminator?: boolean): any;
+export declare function SCIMProviderUserToJSONTyped(value?: Omit<SCIMProviderUser, 'id' | 'user_obj' | 'attributes'> | null, ignoreDiscriminator?: boolean): any;

package/dist/models/SCIMProviderUser.js

@@ -33,6 +33,8 @@ function instanceOfSCIMProviderUser(value) {
         return false;
     if (!('provider' in value) || value['provider'] === undefined)
         return false;
+    if (!('attributes' in value) || value['attributes'] === undefined)
+        return false;
     return true;
 }
 function SCIMProviderUserFromJSON(json) {
@@ -48,6 +50,7 @@ function SCIMProviderUserFromJSONTyped(json, ignoreDiscriminator) {
         'user': json['user'],
         'userObj': (0, GroupMember_1.GroupMemberFromJSON)(json['user_obj']),
         'provider': json['provider'],
+        'attributes': json['attributes'],
     };
 }
 function SCIMProviderUserToJSON(json) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@goauthentik/api",
-  "version": "2025.2.2-1742245839",
+  "version": "2025.2.2-1742395408",
   "description": "OpenAPI client for @goauthentik/api",
   "author": "OpenAPI-Generator",
   "repository": {

package/src/apis/ProvidersApi.ts

@@ -683,6 +683,7 @@ export interface ProvidersSamlListRequest {
     assertionValidNotOnOrAfter?: string;
     audience?: string;
     authenticationFlow?: string;
+    authnContextClassRefMapping?: string;
     authorizationFlow?: string;
     backchannelApplication?: string;
     defaultRelayState?: string;
@@ -4851,6 +4852,10 @@ export class ProvidersApi extends runtime.BaseAPI {
             queryParameters['authentication_flow'] = requestParameters['authenticationFlow'];
         }
 
+        if (requestParameters['authnContextClassRefMapping'] != null) {
+            queryParameters['authn_context_class_ref_mapping'] = requestParameters['authnContextClassRefMapping'];
+        }
+
         if (requestParameters['authorizationFlow'] != null) {
             queryParameters['authorization_flow'] = requestParameters['authorizationFlow'];
         }

package/src/apis/SourcesApi.ts

@@ -997,7 +997,7 @@ export interface SourcesUserConnectionsSamlUsedByListRequest {
 export class SourcesApi extends runtime.BaseAPI {
 
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     async sourcesAllDestroyRaw(requestParameters: SourcesAllDestroyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {
         if (requestParameters['slug'] == null) {
@@ -1030,7 +1030,7 @@ export class SourcesApi extends runtime.BaseAPI {
     }
 
     /**
-     * Source Viewset
+     * Prevent deletion of built-in sources
      */
     async sourcesAllDestroy(requestParameters: SourcesAllDestroyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void> {
         await this.sourcesAllDestroyRaw(requestParameters, initOverrides);

package/src/models/PatchedSAMLProviderRequest.ts

@@ -113,6 +113,12 @@ export interface PatchedSAMLProviderRequest {
      * @memberof PatchedSAMLProviderRequest
      */
     nameIdMapping?: string | null;
+    /**
+     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
+     * @type {string}
+     * @memberof PatchedSAMLProviderRequest
+     */
+    authnContextClassRefMapping?: string | null;
     /**
      * 
      * @type {DigestAlgorithmEnum}
@@ -200,6 +206,7 @@ export function PatchedSAMLProviderRequestFromJSONTyped(json: any, ignoreDiscrim
         'assertionValidNotOnOrAfter': json['assertion_valid_not_on_or_after'] == null ? undefined : json['assertion_valid_not_on_or_after'],
         'sessionValidNotOnOrAfter': json['session_valid_not_on_or_after'] == null ? undefined : json['session_valid_not_on_or_after'],
         'nameIdMapping': json['name_id_mapping'] == null ? undefined : json['name_id_mapping'],
+        'authnContextClassRefMapping': json['authn_context_class_ref_mapping'] == null ? undefined : json['authn_context_class_ref_mapping'],
         'digestAlgorithm': json['digest_algorithm'] == null ? undefined : DigestAlgorithmEnumFromJSON(json['digest_algorithm']),
         'signatureAlgorithm': json['signature_algorithm'] == null ? undefined : SignatureAlgorithmEnumFromJSON(json['signature_algorithm']),
         'signingKp': json['signing_kp'] == null ? undefined : json['signing_kp'],
@@ -235,6 +242,7 @@ export function PatchedSAMLProviderRequestToJSONTyped(value?: PatchedSAMLProvide
         'assertion_valid_not_on_or_after': value['assertionValidNotOnOrAfter'],
         'session_valid_not_on_or_after': value['sessionValidNotOnOrAfter'],
         'name_id_mapping': value['nameIdMapping'],
+        'authn_context_class_ref_mapping': value['authnContextClassRefMapping'],
         'digest_algorithm': DigestAlgorithmEnumToJSON(value['digestAlgorithm']),
         'signature_algorithm': SignatureAlgorithmEnumToJSON(value['signatureAlgorithm']),
         'signing_kp': value['signingKp'],

package/src/models/SAMLProvider.ts

@@ -167,6 +167,12 @@ export interface SAMLProvider {
      * @memberof SAMLProvider
      */
     nameIdMapping?: string | null;
+    /**
+     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
+     * @type {string}
+     * @memberof SAMLProvider
+     */
+    authnContextClassRefMapping?: string | null;
     /**
      * 
      * @type {DigestAlgorithmEnum}
@@ -318,6 +324,7 @@ export function SAMLProviderFromJSONTyped(json: any, ignoreDiscriminator: boolea
         'assertionValidNotOnOrAfter': json['assertion_valid_not_on_or_after'] == null ? undefined : json['assertion_valid_not_on_or_after'],
         'sessionValidNotOnOrAfter': json['session_valid_not_on_or_after'] == null ? undefined : json['session_valid_not_on_or_after'],
         'nameIdMapping': json['name_id_mapping'] == null ? undefined : json['name_id_mapping'],
+        'authnContextClassRefMapping': json['authn_context_class_ref_mapping'] == null ? undefined : json['authn_context_class_ref_mapping'],
         'digestAlgorithm': json['digest_algorithm'] == null ? undefined : DigestAlgorithmEnumFromJSON(json['digest_algorithm']),
         'signatureAlgorithm': json['signature_algorithm'] == null ? undefined : SignatureAlgorithmEnumFromJSON(json['signature_algorithm']),
         'signingKp': json['signing_kp'] == null ? undefined : json['signing_kp'],
@@ -359,6 +366,7 @@ export function SAMLProviderToJSONTyped(value?: Omit<SAMLProvider, 'pk'|'compone
         'assertion_valid_not_on_or_after': value['assertionValidNotOnOrAfter'],
         'session_valid_not_on_or_after': value['sessionValidNotOnOrAfter'],
         'name_id_mapping': value['nameIdMapping'],
+        'authn_context_class_ref_mapping': value['authnContextClassRefMapping'],
         'digest_algorithm': DigestAlgorithmEnumToJSON(value['digestAlgorithm']),
         'signature_algorithm': SignatureAlgorithmEnumToJSON(value['signatureAlgorithm']),
         'signing_kp': value['signingKp'],

package/src/models/SAMLProviderRequest.ts

@@ -113,6 +113,12 @@ export interface SAMLProviderRequest {
      * @memberof SAMLProviderRequest
      */
     nameIdMapping?: string | null;
+    /**
+     * Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate.
+     * @type {string}
+     * @memberof SAMLProviderRequest
+     */
+    authnContextClassRefMapping?: string | null;
     /**
      * 
      * @type {DigestAlgorithmEnum}
@@ -204,6 +210,7 @@ export function SAMLProviderRequestFromJSONTyped(json: any, ignoreDiscriminator:
         'assertionValidNotOnOrAfter': json['assertion_valid_not_on_or_after'] == null ? undefined : json['assertion_valid_not_on_or_after'],
         'sessionValidNotOnOrAfter': json['session_valid_not_on_or_after'] == null ? undefined : json['session_valid_not_on_or_after'],
         'nameIdMapping': json['name_id_mapping'] == null ? undefined : json['name_id_mapping'],
+        'authnContextClassRefMapping': json['authn_context_class_ref_mapping'] == null ? undefined : json['authn_context_class_ref_mapping'],
         'digestAlgorithm': json['digest_algorithm'] == null ? undefined : DigestAlgorithmEnumFromJSON(json['digest_algorithm']),
         'signatureAlgorithm': json['signature_algorithm'] == null ? undefined : SignatureAlgorithmEnumFromJSON(json['signature_algorithm']),
         'signingKp': json['signing_kp'] == null ? undefined : json['signing_kp'],
@@ -239,6 +246,7 @@ export function SAMLProviderRequestToJSONTyped(value?: SAMLProviderRequest | nul
         'assertion_valid_not_on_or_after': value['assertionValidNotOnOrAfter'],
         'session_valid_not_on_or_after': value['sessionValidNotOnOrAfter'],
         'name_id_mapping': value['nameIdMapping'],
+        'authn_context_class_ref_mapping': value['authnContextClassRefMapping'],
         'digest_algorithm': DigestAlgorithmEnumToJSON(value['digestAlgorithm']),
         'signature_algorithm': SignatureAlgorithmEnumToJSON(value['signatureAlgorithm']),
         'signing_kp': value['signingKp'],

package/src/models/SCIMProviderGroup.ts

@@ -57,6 +57,12 @@ export interface SCIMProviderGroup {
      * @memberof SCIMProviderGroup
      */
     provider: number;
+    /**
+     * 
+     * @type {any}
+     * @memberof SCIMProviderGroup
+     */
+    readonly attributes: any | null;
 }
 
 /**
@@ -68,6 +74,7 @@ export function instanceOfSCIMProviderGroup(value: object): value is SCIMProvide
     if (!('group' in value) || value['group'] === undefined) return false;
     if (!('groupObj' in value) || value['groupObj'] === undefined) return false;
     if (!('provider' in value) || value['provider'] === undefined) return false;
+    if (!('attributes' in value) || value['attributes'] === undefined) return false;
     return true;
 }
 
@@ -86,6 +93,7 @@ export function SCIMProviderGroupFromJSONTyped(json: any, ignoreDiscriminator: b
         'group': json['group'],
         'groupObj': UserGroupFromJSON(json['group_obj']),
         'provider': json['provider'],
+        'attributes': json['attributes'],
     };
 }
 
@@ -93,7 +101,7 @@ export function SCIMProviderGroupToJSON(json: any): SCIMProviderGroup {
     return SCIMProviderGroupToJSONTyped(json, false);
 }
 
-export function SCIMProviderGroupToJSONTyped(value?: Omit<SCIMProviderGroup, 'id'|'group_obj'> | null, ignoreDiscriminator: boolean = false): any {
+export function SCIMProviderGroupToJSONTyped(value?: Omit<SCIMProviderGroup, 'id'|'group_obj'|'attributes'> | null, ignoreDiscriminator: boolean = false): any {
     if (value == null) {
         return value;
     }

package/src/models/SCIMProviderUser.ts

@@ -57,6 +57,12 @@ export interface SCIMProviderUser {
      * @memberof SCIMProviderUser
      */
     provider: number;
+    /**
+     * 
+     * @type {any}
+     * @memberof SCIMProviderUser
+     */
+    readonly attributes: any | null;
 }
 
 /**
@@ -68,6 +74,7 @@ export function instanceOfSCIMProviderUser(value: object): value is SCIMProvider
     if (!('user' in value) || value['user'] === undefined) return false;
     if (!('userObj' in value) || value['userObj'] === undefined) return false;
     if (!('provider' in value) || value['provider'] === undefined) return false;
+    if (!('attributes' in value) || value['attributes'] === undefined) return false;
     return true;
 }
 
@@ -86,6 +93,7 @@ export function SCIMProviderUserFromJSONTyped(json: any, ignoreDiscriminator: bo
         'user': json['user'],
         'userObj': GroupMemberFromJSON(json['user_obj']),
         'provider': json['provider'],
+        'attributes': json['attributes'],
     };
 }
 
@@ -93,7 +101,7 @@ export function SCIMProviderUserToJSON(json: any): SCIMProviderUser {
     return SCIMProviderUserToJSONTyped(json, false);
 }
 
-export function SCIMProviderUserToJSONTyped(value?: Omit<SCIMProviderUser, 'id'|'user_obj'> | null, ignoreDiscriminator: boolean = false): any {
+export function SCIMProviderUserToJSONTyped(value?: Omit<SCIMProviderUser, 'id'|'user_obj'|'attributes'> | null, ignoreDiscriminator: boolean = false): any {
     if (value == null) {
         return value;
     }