@rebornteam/reborn-api 4.9.2 → 4.9.3

package/.openapi-generator/FILES

@@ -83,6 +83,7 @@ docs/CreateReportRequest.md
 docs/CreateReportResponse.md
 docs/CursoredPageAdminAuditLogEntry.md
 docs/CursoredPageable.md
+docs/DiscordAuthUrlResponse.md
 docs/GameType.md
 docs/JobStatus.md
 docs/PageAdminAltAccount.md

package/README.md

@@ -1,4 +1,4 @@
-## @rebornteam/reborn-api@4.9.2
+## @rebornteam/reborn-api@4.9.3
 
 This generator creates TypeScript/JavaScript client that utilizes [axios](https://github.com/axios/axios). The generated Node module can be used in the following environments:
 
@@ -36,7 +36,7 @@ navigate to the folder of your consuming project and run one of the following co
 _published:_
 
 ```
-npm install @rebornteam/reborn-api@4.9.2 --save
+npm install @rebornteam/reborn-api@4.9.3 --save
 ```
 
 _unPublished (not recommended):_
@@ -111,6 +111,7 @@ Class | Method | HTTP request | Description
 *AdminPunishmentsApi* | [**searchTargets**](docs/AdminPunishmentsApi.md#searchtargets) | **GET** /admin/punishment/search | Search punishment targets
 *AdminReportsApi* | [**list1**](docs/AdminReportsApi.md#list1) | **GET** /admin/report | List reports
 *AdminReportsApi* | [**resolve**](docs/AdminReportsApi.md#resolve) | **POST** /admin/report/{id}/resolve | Resolve a report
+*AuthenticationApi* | [**authorizeUrl**](docs/AuthenticationApi.md#authorizeurl) | **GET** /auth/discord/url | Discord - Authorize URL (native clients)
 *AuthenticationApi* | [**callback**](docs/AuthenticationApi.md#callback) | **GET** /auth/discord/callback | Discord - OAuth2 callback
 *AuthenticationApi* | [**initiateLogin**](docs/AuthenticationApi.md#initiatelogin) | **GET** /auth/discord | Discord - Initiate login
 *AuthenticationApi* | [**me**](docs/AuthenticationApi.md#me) | **GET** /auth/me | Get current user profile
@@ -202,6 +203,7 @@ Class | Method | HTTP request | Description
  - [CreateReportResponse](docs/CreateReportResponse.md)
  - [CursoredPageAdminAuditLogEntry](docs/CursoredPageAdminAuditLogEntry.md)
  - [CursoredPageable](docs/CursoredPageable.md)
+ - [DiscordAuthUrlResponse](docs/DiscordAuthUrlResponse.md)
  - [GameType](docs/GameType.md)
  - [JobStatus](docs/JobStatus.md)
  - [PageAdminAltAccount](docs/PageAdminAltAccount.md)

package/api.ts

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication 
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  * 
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
@@ -1519,6 +1519,15 @@ export interface CursoredPageable {
 }
 
 
+/**
+ * The Discord OAuth2 authorize URL, returned as JSON so a native client can open it directly (system browser → Discord-app universal-link hand-off) rather than following the backend\'s 302. Keeps client_id/scope server-side.
+ */
+export interface DiscordAuthUrlResponse {
+    /**
+     * Discord OAuth2 authorize URL to open on the client.
+     */
+    'authorizeUrl': string;
+}
 
 export const GameType = {
     Rotj: 'ROTJ',
@@ -7161,6 +7170,45 @@ export class AdminReportsApi extends BaseAPI {
  */
 export const AuthenticationApiAxiosParamCreator = function (configuration?: Configuration) {
     return {
+        /**
+         * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target. 
+         * @summary Discord - Authorize URL (native clients)
+         * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        authorizeUrl: async (redirect?: string | null, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/auth/discord/url`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication DiscordAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+            if (redirect !== undefined) {
+                localVarQueryParameter['redirect'] = redirect;
+            }
+
+            localVarHeaderParameter['Accept'] = 'application/json';
+
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
         /**
          * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead. 
          * @summary Discord - OAuth2 callback
@@ -7342,6 +7390,19 @@ export const AuthenticationApiAxiosParamCreator = function (configuration?: Conf
 export const AuthenticationApiFp = function(configuration?: Configuration) {
     const localVarAxiosParamCreator = AuthenticationApiAxiosParamCreator(configuration)
     return {
+        /**
+         * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target. 
+         * @summary Discord - Authorize URL (native clients)
+         * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async authorizeUrl(redirect?: string | null, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<DiscordAuthUrlResponse>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.authorizeUrl(redirect, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['AuthenticationApi.authorizeUrl']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
         /**
          * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead. 
          * @summary Discord - OAuth2 callback
@@ -7406,6 +7467,16 @@ export const AuthenticationApiFp = function(configuration?: Configuration) {
 export const AuthenticationApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) {
     const localVarFp = AuthenticationApiFp(configuration)
     return {
+        /**
+         * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target. 
+         * @summary Discord - Authorize URL (native clients)
+         * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        authorizeUrl(redirect?: string | null, options?: RawAxiosRequestConfig): AxiosPromise<DiscordAuthUrlResponse> {
+            return localVarFp.authorizeUrl(redirect, options).then((request) => request(axios, basePath));
+        },
         /**
          * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead. 
          * @summary Discord - OAuth2 callback
@@ -7456,6 +7527,17 @@ export const AuthenticationApiFactory = function (configuration?: Configuration,
  * AuthenticationApi - object-oriented interface
  */
 export class AuthenticationApi extends BaseAPI {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target. 
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    public authorizeUrl(redirect?: string | null, options?: RawAxiosRequestConfig) {
+        return AuthenticationApiFp(this.configuration).authorizeUrl(redirect, options).then((request) => request(this.axios, this.basePath));
+    }
+
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead. 
      * @summary Discord - OAuth2 callback

package/base.ts

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication 
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  * 
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/common.ts

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication 
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  * 
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/configuration.ts

@@ -3,7 +3,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication 
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  * 
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/api.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
@@ -1481,6 +1481,15 @@ export interface CursoredPageable {
     'sort': Sort;
     'backward': boolean;
 }
+/**
+ * The Discord OAuth2 authorize URL, returned as JSON so a native client can open it directly (system browser → Discord-app universal-link hand-off) rather than following the backend\'s 302. Keeps client_id/scope server-side.
+ */
+export interface DiscordAuthUrlResponse {
+    /**
+     * Discord OAuth2 authorize URL to open on the client.
+     */
+    'authorizeUrl': string;
+}
 export declare const GameType: {
     readonly Rotj: "ROTJ";
     readonly Legacy: "LEGACY";
@@ -4352,6 +4361,14 @@ export declare class AdminReportsApi extends BaseAPI {
  * AuthenticationApi - axios parameter creator
  */
 export declare const AuthenticationApiAxiosParamCreator: (configuration?: Configuration) => {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl: (redirect?: string | null, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback
@@ -4392,6 +4409,14 @@ export declare const AuthenticationApiAxiosParamCreator: (configuration?: Config
  * AuthenticationApi - functional programming interface
  */
 export declare const AuthenticationApiFp: (configuration?: Configuration) => {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl(redirect?: string | null, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<DiscordAuthUrlResponse>>;
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback
@@ -4432,6 +4457,14 @@ export declare const AuthenticationApiFp: (configuration?: Configuration) => {
  * AuthenticationApi - factory interface
  */
 export declare const AuthenticationApiFactory: (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) => {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl(redirect?: string | null, options?: RawAxiosRequestConfig): AxiosPromise<DiscordAuthUrlResponse>;
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback
@@ -4472,6 +4505,14 @@ export declare const AuthenticationApiFactory: (configuration?: Configuration, b
  * AuthenticationApi - object-oriented interface
  */
 export declare class AuthenticationApi extends BaseAPI {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl(redirect?: string | null, options?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<DiscordAuthUrlResponse, any, {}>>;
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback

package/dist/api.js

@@ -5,7 +5,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
@@ -4823,6 +4823,39 @@ exports.AdminReportsApi = AdminReportsApi;
  */
 const AuthenticationApiAxiosParamCreator = function (configuration) {
     return {
+        /**
+         * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+         * @summary Discord - Authorize URL (native clients)
+         * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        authorizeUrl: (redirect_1, ...args_1) => __awaiter(this, [redirect_1, ...args_1], void 0, function* (redirect, options = {}) {
+            const localVarPath = `/auth/discord/url`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, common_1.DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+            const localVarRequestOptions = Object.assign(Object.assign({ method: 'GET' }, baseOptions), options);
+            const localVarHeaderParameter = {};
+            const localVarQueryParameter = {};
+            // authentication DiscordAuth required
+            // http bearer authentication required
+            yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
+            if (redirect !== undefined) {
+                localVarQueryParameter['redirect'] = redirect;
+            }
+            localVarHeaderParameter['Accept'] = 'application/json';
+            (0, common_1.setSearchParams)(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = Object.assign(Object.assign(Object.assign({}, localVarHeaderParameter), headersFromBaseOptions), options.headers);
+            return {
+                url: (0, common_1.toPathString)(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        }),
         /**
          * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
          * @summary Discord - OAuth2 callback
@@ -4977,6 +5010,22 @@ exports.AuthenticationApiAxiosParamCreator = AuthenticationApiAxiosParamCreator;
 const AuthenticationApiFp = function (configuration) {
     const localVarAxiosParamCreator = (0, exports.AuthenticationApiAxiosParamCreator)(configuration);
     return {
+        /**
+         * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+         * @summary Discord - Authorize URL (native clients)
+         * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        authorizeUrl(redirect, options) {
+            return __awaiter(this, void 0, void 0, function* () {
+                var _a, _b, _c;
+                const localVarAxiosArgs = yield localVarAxiosParamCreator.authorizeUrl(redirect, options);
+                const localVarOperationServerIndex = (_a = configuration === null || configuration === void 0 ? void 0 : configuration.serverIndex) !== null && _a !== void 0 ? _a : 0;
+                const localVarOperationServerBasePath = (_c = (_b = base_1.operationServerMap['AuthenticationApi.authorizeUrl']) === null || _b === void 0 ? void 0 : _b[localVarOperationServerIndex]) === null || _c === void 0 ? void 0 : _c.url;
+                return (axios, basePath) => (0, common_1.createRequestFunction)(localVarAxiosArgs, axios_1.default, base_1.BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+            });
+        },
         /**
          * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
          * @summary Discord - OAuth2 callback
@@ -5053,6 +5102,16 @@ exports.AuthenticationApiFp = AuthenticationApiFp;
 const AuthenticationApiFactory = function (configuration, basePath, axios) {
     const localVarFp = (0, exports.AuthenticationApiFp)(configuration);
     return {
+        /**
+         * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+         * @summary Discord - Authorize URL (native clients)
+         * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        authorizeUrl(redirect, options) {
+            return localVarFp.authorizeUrl(redirect, options).then((request) => request(axios, basePath));
+        },
         /**
          * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
          * @summary Discord - OAuth2 callback
@@ -5103,6 +5162,16 @@ exports.AuthenticationApiFactory = AuthenticationApiFactory;
  * AuthenticationApi - object-oriented interface
  */
 class AuthenticationApi extends base_1.BaseAPI {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl(redirect, options) {
+        return (0, exports.AuthenticationApiFp)(this.configuration).authorizeUrl(redirect, options).then((request) => request(this.axios, this.basePath));
+    }
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback

package/dist/base.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/base.js

@@ -5,7 +5,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/common.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/common.js

@@ -5,7 +5,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/configuration.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/configuration.js

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/esm/api.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
@@ -1481,6 +1481,15 @@ export interface CursoredPageable {
     'sort': Sort;
     'backward': boolean;
 }
+/**
+ * The Discord OAuth2 authorize URL, returned as JSON so a native client can open it directly (system browser → Discord-app universal-link hand-off) rather than following the backend\'s 302. Keeps client_id/scope server-side.
+ */
+export interface DiscordAuthUrlResponse {
+    /**
+     * Discord OAuth2 authorize URL to open on the client.
+     */
+    'authorizeUrl': string;
+}
 export declare const GameType: {
     readonly Rotj: "ROTJ";
     readonly Legacy: "LEGACY";
@@ -4352,6 +4361,14 @@ export declare class AdminReportsApi extends BaseAPI {
  * AuthenticationApi - axios parameter creator
  */
 export declare const AuthenticationApiAxiosParamCreator: (configuration?: Configuration) => {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl: (redirect?: string | null, options?: RawAxiosRequestConfig) => Promise<RequestArgs>;
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback
@@ -4392,6 +4409,14 @@ export declare const AuthenticationApiAxiosParamCreator: (configuration?: Config
  * AuthenticationApi - functional programming interface
  */
 export declare const AuthenticationApiFp: (configuration?: Configuration) => {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl(redirect?: string | null, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<DiscordAuthUrlResponse>>;
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback
@@ -4432,6 +4457,14 @@ export declare const AuthenticationApiFp: (configuration?: Configuration) => {
  * AuthenticationApi - factory interface
  */
 export declare const AuthenticationApiFactory: (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) => {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl(redirect?: string | null, options?: RawAxiosRequestConfig): AxiosPromise<DiscordAuthUrlResponse>;
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback
@@ -4472,6 +4505,14 @@ export declare const AuthenticationApiFactory: (configuration?: Configuration, b
  * AuthenticationApi - object-oriented interface
  */
 export declare class AuthenticationApi extends BaseAPI {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl(redirect?: string | null, options?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<DiscordAuthUrlResponse, any, {}>>;
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback

package/dist/esm/api.js

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
@@ -4787,6 +4787,39 @@ export class AdminReportsApi extends BaseAPI {
  */
 export const AuthenticationApiAxiosParamCreator = function (configuration) {
     return {
+        /**
+         * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+         * @summary Discord - Authorize URL (native clients)
+         * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        authorizeUrl: (redirect_1, ...args_1) => __awaiter(this, [redirect_1, ...args_1], void 0, function* (redirect, options = {}) {
+            const localVarPath = `/auth/discord/url`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+            const localVarRequestOptions = Object.assign(Object.assign({ method: 'GET' }, baseOptions), options);
+            const localVarHeaderParameter = {};
+            const localVarQueryParameter = {};
+            // authentication DiscordAuth required
+            // http bearer authentication required
+            yield setBearerAuthToObject(localVarHeaderParameter, configuration);
+            if (redirect !== undefined) {
+                localVarQueryParameter['redirect'] = redirect;
+            }
+            localVarHeaderParameter['Accept'] = 'application/json';
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = Object.assign(Object.assign(Object.assign({}, localVarHeaderParameter), headersFromBaseOptions), options.headers);
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        }),
         /**
          * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
          * @summary Discord - OAuth2 callback
@@ -4940,6 +4973,22 @@ export const AuthenticationApiAxiosParamCreator = function (configuration) {
 export const AuthenticationApiFp = function (configuration) {
     const localVarAxiosParamCreator = AuthenticationApiAxiosParamCreator(configuration);
     return {
+        /**
+         * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+         * @summary Discord - Authorize URL (native clients)
+         * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        authorizeUrl(redirect, options) {
+            return __awaiter(this, void 0, void 0, function* () {
+                var _a, _b, _c;
+                const localVarAxiosArgs = yield localVarAxiosParamCreator.authorizeUrl(redirect, options);
+                const localVarOperationServerIndex = (_a = configuration === null || configuration === void 0 ? void 0 : configuration.serverIndex) !== null && _a !== void 0 ? _a : 0;
+                const localVarOperationServerBasePath = (_c = (_b = operationServerMap['AuthenticationApi.authorizeUrl']) === null || _b === void 0 ? void 0 : _b[localVarOperationServerIndex]) === null || _c === void 0 ? void 0 : _c.url;
+                return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+            });
+        },
         /**
          * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
          * @summary Discord - OAuth2 callback
@@ -5015,6 +5064,16 @@ export const AuthenticationApiFp = function (configuration) {
 export const AuthenticationApiFactory = function (configuration, basePath, axios) {
     const localVarFp = AuthenticationApiFp(configuration);
     return {
+        /**
+         * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+         * @summary Discord - Authorize URL (native clients)
+         * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        authorizeUrl(redirect, options) {
+            return localVarFp.authorizeUrl(redirect, options).then((request) => request(axios, basePath));
+        },
         /**
          * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
          * @summary Discord - OAuth2 callback
@@ -5064,6 +5123,16 @@ export const AuthenticationApiFactory = function (configuration, basePath, axios
  * AuthenticationApi - object-oriented interface
  */
 export class AuthenticationApi extends BaseAPI {
+    /**
+     * Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target.
+     * @summary Discord - Authorize URL (native clients)
+     * @param {string | null} [redirect] Final redirect target for the JWT (native deep link). Must be allowlisted.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    authorizeUrl(redirect, options) {
+        return AuthenticationApiFp(this.configuration).authorizeUrl(redirect, options).then((request) => request(this.axios, this.basePath));
+    }
     /**
      * Receives the authorization code from Discord after the user approves the OAuth2 prompt. Exchanges the code for an access token, verifies the user holds an admin guild role, then redirects back to the admin frontend with a signed JWT in the query string (`?token=...`). On failure, redirects with `?error=<reason>` instead.
      * @summary Discord - OAuth2 callback

package/dist/esm/base.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/esm/base.js

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/esm/common.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/esm/common.js

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/esm/configuration.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/esm/configuration.js

@@ -3,7 +3,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/esm/index.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/esm/index.js

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/index.d.ts

@@ -2,7 +2,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/dist/index.js

@@ -5,7 +5,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  *
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/docs/AuthenticationApi.md

@@ -4,11 +4,64 @@ All URIs are relative to *https://api.smsh.sh*
 
 |Method | HTTP request | Description|
 |------------- | ------------- | -------------|
+|[**authorizeUrl**](#authorizeurl) | **GET** /auth/discord/url | Discord - Authorize URL (native clients)|
 |[**callback**](#callback) | **GET** /auth/discord/callback | Discord - OAuth2 callback|
 |[**initiateLogin**](#initiatelogin) | **GET** /auth/discord | Discord - Initiate login|
 |[**me**](#me) | **GET** /auth/me | Get current user profile|
 |[**token**](#token) | **POST** /oauth/token | Service - Exchange client credentials for token|
 
+# **authorizeUrl**
+> DiscordAuthUrlResponse authorizeUrl()
+
+Returns the Discord OAuth2 authorize URL as JSON so a native app can open it directly (system browser → Discord-app universal-link hand-off) instead of following the 302. The `redirect` is validated against the allowlist and carried through Discord via `state`, exactly like the browser flow; the callback still bounces the JWT to that target. 
+
+### Example
+
+```typescript
+import {
+    AuthenticationApi,
+    Configuration
+} from '@rebornteam/reborn-api';
+
+const configuration = new Configuration();
+const apiInstance = new AuthenticationApi(configuration);
+
+let redirect: string; //Final redirect target for the JWT (native deep link). Must be allowlisted. (optional) (default to undefined)
+
+const { status, data } = await apiInstance.authorizeUrl(
+    redirect
+);
+```
+
+### Parameters
+
+|Name | Type | Description  | Notes|
+|------------- | ------------- | ------------- | -------------|
+| **redirect** | [**string**] | Final redirect target for the JWT (native deep link). Must be allowlisted. | (optional) defaults to undefined|
+
+
+### Return type
+
+**DiscordAuthUrlResponse**
+
+### Authorization
+
+[DiscordAuth](../README.md#DiscordAuth)
+
+### HTTP request headers
+
+ - **Content-Type**: Not defined
+ - **Accept**: application/json
+
+
+### HTTP response details
+| Status code | Description | Response headers |
+|-------------|-------------|------------------|
+|**200** | Authorize URL payload |  -  |
+|**400** | The requested `redirect` is not allowlisted |  -  |
+
+[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
+
 # **callback**
 > callback()
 

package/docs/DiscordAuthUrlResponse.md

@@ -0,0 +1,21 @@
+# DiscordAuthUrlResponse
+
+The Discord OAuth2 authorize URL, returned as JSON so a native client can open it directly (system browser → Discord-app universal-link hand-off) rather than following the backend\'s 302. Keeps client_id/scope server-side.
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**authorizeUrl** | **string** | Discord OAuth2 authorize URL to open on the client. | [default to undefined]
+
+## Example
+
+```typescript
+import { DiscordAuthUrlResponse } from '@rebornteam/reborn-api';
+
+const instance: DiscordAuthUrlResponse = {
+    authorizeUrl,
+};
+```
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)

package/index.ts

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication 
  *
- * The version of the OpenAPI document: 4.9.2
+ * The version of the OpenAPI document: 4.9.3
  * 
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rebornteam/reborn-api",
-  "version": "4.9.2",
+  "version": "4.9.3",
   "description": "OpenAPI client for @rebornteam/reborn-api",
   "author": "OpenAPI-Generator Contributors",
   "repository": {