authentik-client 2025.10.3__py3-none-any.whl → 2025.12.0rc1__py3-none-any.whl

authentik_client/models/capabilities_enum.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/captcha_challenge.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/captcha_challenge_response_request.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/captcha_stage.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 
@@ -35,7 +35,7 @@ class CaptchaStage(BaseModel):
     verbose_name: StrictStr = Field(description="Return object's verbose_name")
     verbose_name_plural: StrictStr = Field(description="Return object's plural verbose_name")
     meta_model_name: StrictStr = Field(description="Return internal model name")
-    flow_set: Optional[List[FlowSet]] = None
+    flow_set: List[FlowSet]
     public_key: StrictStr = Field(description="Public key, acquired your captcha Provider.")
     js_url: Optional[StrictStr] = None
     api_url: Optional[StrictStr] = None
@@ -80,6 +80,7 @@ class CaptchaStage(BaseModel):
         * OpenAPI `readOnly` fields are excluded.
         * OpenAPI `readOnly` fields are excluded.
         * OpenAPI `readOnly` fields are excluded.
+        * OpenAPI `readOnly` fields are excluded.
         """
         excluded_fields: Set[str] = set([
             "pk",
@@ -87,6 +88,7 @@ class CaptchaStage(BaseModel):
             "verbose_name",
             "verbose_name_plural",
             "meta_model_name",
+            "flow_set",
         ])
 
         _dict = self.model_dump(

authentik_client/models/captcha_stage_request.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 
@@ -21,7 +21,6 @@ import json
 from pydantic import BaseModel, ConfigDict, Field, StrictBool, StrictFloat, StrictInt
 from typing import Any, ClassVar, Dict, List, Optional, Union
 from typing_extensions import Annotated
-from authentik_client.models.flow_set_request import FlowSetRequest
 from typing import Optional, Set
 from typing_extensions import Self
 
@@ -30,7 +29,6 @@ class CaptchaStageRequest(BaseModel):
     CaptchaStage Serializer
     """ # noqa: E501
     name: Annotated[str, Field(min_length=1, strict=True)]
-    flow_set: Optional[List[FlowSetRequest]] = None
     public_key: Annotated[str, Field(min_length=1, strict=True)] = Field(description="Public key, acquired your captcha Provider.")
     private_key: Annotated[str, Field(min_length=1, strict=True)] = Field(description="Private key, acquired your captcha Provider.")
     js_url: Optional[Annotated[str, Field(min_length=1, strict=True)]] = None
@@ -39,7 +37,7 @@ class CaptchaStageRequest(BaseModel):
     score_min_threshold: Optional[Union[StrictFloat, StrictInt]] = None
     score_max_threshold: Optional[Union[StrictFloat, StrictInt]] = None
     error_on_invalid_score: Optional[StrictBool] = Field(default=None, description="When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions")
-    __properties: ClassVar[List[str]] = ["name", "flow_set", "public_key", "private_key", "js_url", "api_url", "interactive", "score_min_threshold", "score_max_threshold", "error_on_invalid_score"]
+    __properties: ClassVar[List[str]] = ["name", "public_key", "private_key", "js_url", "api_url", "interactive", "score_min_threshold", "score_max_threshold", "error_on_invalid_score"]
 
     model_config = ConfigDict(
         populate_by_name=True,
@@ -80,13 +78,6 @@ class CaptchaStageRequest(BaseModel):
             exclude=excluded_fields,
             exclude_none=True,
         )
-        # override the default output from pydantic by calling `to_dict()` of each item in flow_set (list)
-        _items = []
-        if self.flow_set:
-            for _item_flow_set in self.flow_set:
-                if _item_flow_set:
-                    _items.append(_item_flow_set.to_dict())
-            _dict['flow_set'] = _items
         return _dict
 
     @classmethod
@@ -100,7 +91,6 @@ class CaptchaStageRequest(BaseModel):
 
         _obj = cls.model_validate({
             "name": obj.get("name"),
-            "flow_set": [FlowSetRequest.from_dict(_item) for _item in obj["flow_set"]] if obj.get("flow_set") is not None else None,
             "public_key": obj.get("public_key"),
             "private_key": obj.get("private_key"),
             "js_url": obj.get("js_url"),

authentik_client/models/cert_attribute_enum.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/certificate_data.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/certificate_generation_request.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/certificate_key_pair.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 
@@ -22,6 +22,7 @@ from datetime import datetime
 from pydantic import BaseModel, ConfigDict, Field, StrictBool, StrictStr
 from typing import Any, ClassVar, Dict, List, Optional
 from uuid import UUID
+from authentik_client.models.key_type_enum import KeyTypeEnum
 from typing import Optional, Set
 from typing_extensions import Self
 
@@ -36,11 +37,11 @@ class CertificateKeyPair(BaseModel):
     cert_expiry: Optional[datetime] = Field(description="Get certificate expiry")
     cert_subject: Optional[StrictStr] = Field(description="Get certificate subject as full rfc4514")
     private_key_available: StrictBool = Field(description="Show if this keypair has a private key configured or not")
-    private_key_type: Optional[StrictStr] = Field(description="Get the private key's type, if set")
+    key_type: Optional[KeyTypeEnum]
     certificate_download_url: StrictStr = Field(description="Get URL to download certificate")
     private_key_download_url: StrictStr = Field(description="Get URL to download private key")
     managed: Optional[StrictStr] = Field(description="Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.")
-    __properties: ClassVar[List[str]] = ["pk", "name", "fingerprint_sha256", "fingerprint_sha1", "cert_expiry", "cert_subject", "private_key_available", "private_key_type", "certificate_download_url", "private_key_download_url", "managed"]
+    __properties: ClassVar[List[str]] = ["pk", "name", "fingerprint_sha256", "fingerprint_sha1", "cert_expiry", "cert_subject", "private_key_available", "key_type", "certificate_download_url", "private_key_download_url", "managed"]
 
     model_config = ConfigDict(
         populate_by_name=True,
@@ -90,7 +91,7 @@ class CertificateKeyPair(BaseModel):
             "cert_expiry",
             "cert_subject",
             "private_key_available",
-            "private_key_type",
+            "key_type",
             "certificate_download_url",
             "private_key_download_url",
             "managed",
@@ -121,10 +122,10 @@ class CertificateKeyPair(BaseModel):
         if self.cert_subject is None and "cert_subject" in self.model_fields_set:
             _dict['cert_subject'] = None
 
-        # set to None if private_key_type (nullable) is None
+        # set to None if key_type (nullable) is None
         # and model_fields_set contains the field
-        if self.private_key_type is None and "private_key_type" in self.model_fields_set:
-            _dict['private_key_type'] = None
+        if self.key_type is None and "key_type" in self.model_fields_set:
+            _dict['key_type'] = None
 
         # set to None if managed (nullable) is None
         # and model_fields_set contains the field
@@ -150,7 +151,7 @@ class CertificateKeyPair(BaseModel):
             "cert_expiry": obj.get("cert_expiry"),
             "cert_subject": obj.get("cert_subject"),
             "private_key_available": obj.get("private_key_available"),
-            "private_key_type": obj.get("private_key_type"),
+            "key_type": obj.get("key_type"),
             "certificate_download_url": obj.get("certificate_download_url"),
             "private_key_download_url": obj.get("private_key_download_url"),
             "managed": obj.get("managed")

authentik_client/models/certificate_key_pair_request.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/challenge_types.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 
@@ -32,6 +32,7 @@ from authentik_client.models.captcha_challenge import CaptchaChallenge
 from authentik_client.models.consent_challenge import ConsentChallenge
 from authentik_client.models.dummy_challenge import DummyChallenge
 from authentik_client.models.email_challenge import EmailChallenge
+from authentik_client.models.endpoint_agent_challenge import EndpointAgentChallenge
 from authentik_client.models.flow_error_challenge import FlowErrorChallenge
 from authentik_client.models.frame_challenge import FrameChallenge
 from authentik_client.models.identification_challenge import IdentificationChallenge
@@ -51,7 +52,7 @@ from pydantic import StrictStr, Field
 from typing import Union, List, Set, Optional, Dict
 from typing_extensions import Literal, Self
 
-CHALLENGETYPES_ONE_OF_SCHEMAS = ["AccessDeniedChallenge", "AppleLoginChallenge", "AuthenticatorDuoChallenge", "AuthenticatorEmailChallenge", "AuthenticatorSMSChallenge", "AuthenticatorStaticChallenge", "AuthenticatorTOTPChallenge", "AuthenticatorValidationChallenge", "AuthenticatorWebAuthnChallenge", "AutosubmitChallenge", "CaptchaChallenge", "ConsentChallenge", "DummyChallenge", "EmailChallenge", "FlowErrorChallenge", "FrameChallenge", "IdentificationChallenge", "IframeLogoutChallenge", "NativeLogoutChallenge", "OAuthDeviceCodeChallenge", "OAuthDeviceCodeFinishChallenge", "PasswordChallenge", "PlexAuthenticationChallenge", "PromptChallenge", "RedirectChallenge", "SessionEndChallenge", "ShellChallenge", "TelegramLoginChallenge", "UserLoginChallenge"]
+CHALLENGETYPES_ONE_OF_SCHEMAS = ["AccessDeniedChallenge", "AppleLoginChallenge", "AuthenticatorDuoChallenge", "AuthenticatorEmailChallenge", "AuthenticatorSMSChallenge", "AuthenticatorStaticChallenge", "AuthenticatorTOTPChallenge", "AuthenticatorValidationChallenge", "AuthenticatorWebAuthnChallenge", "AutosubmitChallenge", "CaptchaChallenge", "ConsentChallenge", "DummyChallenge", "EmailChallenge", "EndpointAgentChallenge", "FlowErrorChallenge", "FrameChallenge", "IdentificationChallenge", "IframeLogoutChallenge", "NativeLogoutChallenge", "OAuthDeviceCodeChallenge", "OAuthDeviceCodeFinishChallenge", "PasswordChallenge", "PlexAuthenticationChallenge", "PromptChallenge", "RedirectChallenge", "SessionEndChallenge", "ShellChallenge", "TelegramLoginChallenge", "UserLoginChallenge"]
 
 class ChallengeTypes(BaseModel):
     """
@@ -85,38 +86,40 @@ class ChallengeTypes(BaseModel):
     oneof_schema_13_validator: Optional[DummyChallenge] = None
     # data type: EmailChallenge
     oneof_schema_14_validator: Optional[EmailChallenge] = None
+    # data type: EndpointAgentChallenge
+    oneof_schema_15_validator: Optional[EndpointAgentChallenge] = None
     # data type: FlowErrorChallenge
-    oneof_schema_15_validator: Optional[FlowErrorChallenge] = None
+    oneof_schema_16_validator: Optional[FlowErrorChallenge] = None
     # data type: FrameChallenge
-    oneof_schema_16_validator: Optional[FrameChallenge] = None
+    oneof_schema_17_validator: Optional[FrameChallenge] = None
     # data type: IdentificationChallenge
-    oneof_schema_17_validator: Optional[IdentificationChallenge] = None
+    oneof_schema_18_validator: Optional[IdentificationChallenge] = None
     # data type: IframeLogoutChallenge
-    oneof_schema_18_validator: Optional[IframeLogoutChallenge] = None
+    oneof_schema_19_validator: Optional[IframeLogoutChallenge] = None
     # data type: NativeLogoutChallenge
-    oneof_schema_19_validator: Optional[NativeLogoutChallenge] = None
+    oneof_schema_20_validator: Optional[NativeLogoutChallenge] = None
     # data type: OAuthDeviceCodeChallenge
-    oneof_schema_20_validator: Optional[OAuthDeviceCodeChallenge] = None
+    oneof_schema_21_validator: Optional[OAuthDeviceCodeChallenge] = None
     # data type: OAuthDeviceCodeFinishChallenge
-    oneof_schema_21_validator: Optional[OAuthDeviceCodeFinishChallenge] = None
+    oneof_schema_22_validator: Optional[OAuthDeviceCodeFinishChallenge] = None
     # data type: PasswordChallenge
-    oneof_schema_22_validator: Optional[PasswordChallenge] = None
+    oneof_schema_23_validator: Optional[PasswordChallenge] = None
     # data type: PlexAuthenticationChallenge
-    oneof_schema_23_validator: Optional[PlexAuthenticationChallenge] = None
+    oneof_schema_24_validator: Optional[PlexAuthenticationChallenge] = None
     # data type: PromptChallenge
-    oneof_schema_24_validator: Optional[PromptChallenge] = None
+    oneof_schema_25_validator: Optional[PromptChallenge] = None
     # data type: RedirectChallenge
-    oneof_schema_25_validator: Optional[RedirectChallenge] = None
+    oneof_schema_26_validator: Optional[RedirectChallenge] = None
     # data type: SessionEndChallenge
-    oneof_schema_26_validator: Optional[SessionEndChallenge] = None
+    oneof_schema_27_validator: Optional[SessionEndChallenge] = None
     # data type: ShellChallenge
-    oneof_schema_27_validator: Optional[ShellChallenge] = None
+    oneof_schema_28_validator: Optional[ShellChallenge] = None
     # data type: TelegramLoginChallenge
-    oneof_schema_28_validator: Optional[TelegramLoginChallenge] = None
+    oneof_schema_29_validator: Optional[TelegramLoginChallenge] = None
     # data type: UserLoginChallenge
-    oneof_schema_29_validator: Optional[UserLoginChallenge] = None
-    actual_instance: Optional[Union[AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge]] = None
-    one_of_schemas: Set[str] = { "AccessDeniedChallenge", "AppleLoginChallenge", "AuthenticatorDuoChallenge", "AuthenticatorEmailChallenge", "AuthenticatorSMSChallenge", "AuthenticatorStaticChallenge", "AuthenticatorTOTPChallenge", "AuthenticatorValidationChallenge", "AuthenticatorWebAuthnChallenge", "AutosubmitChallenge", "CaptchaChallenge", "ConsentChallenge", "DummyChallenge", "EmailChallenge", "FlowErrorChallenge", "FrameChallenge", "IdentificationChallenge", "IframeLogoutChallenge", "NativeLogoutChallenge", "OAuthDeviceCodeChallenge", "OAuthDeviceCodeFinishChallenge", "PasswordChallenge", "PlexAuthenticationChallenge", "PromptChallenge", "RedirectChallenge", "SessionEndChallenge", "ShellChallenge", "TelegramLoginChallenge", "UserLoginChallenge" }
+    oneof_schema_30_validator: Optional[UserLoginChallenge] = None
+    actual_instance: Optional[Union[AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, EndpointAgentChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge]] = None
+    one_of_schemas: Set[str] = { "AccessDeniedChallenge", "AppleLoginChallenge", "AuthenticatorDuoChallenge", "AuthenticatorEmailChallenge", "AuthenticatorSMSChallenge", "AuthenticatorStaticChallenge", "AuthenticatorTOTPChallenge", "AuthenticatorValidationChallenge", "AuthenticatorWebAuthnChallenge", "AutosubmitChallenge", "CaptchaChallenge", "ConsentChallenge", "DummyChallenge", "EmailChallenge", "EndpointAgentChallenge", "FlowErrorChallenge", "FrameChallenge", "IdentificationChallenge", "IframeLogoutChallenge", "NativeLogoutChallenge", "OAuthDeviceCodeChallenge", "OAuthDeviceCodeFinishChallenge", "PasswordChallenge", "PlexAuthenticationChallenge", "PromptChallenge", "RedirectChallenge", "SessionEndChallenge", "ShellChallenge", "TelegramLoginChallenge", "UserLoginChallenge" }
 
     model_config = ConfigDict(
         validate_assignment=True,
@@ -212,6 +215,11 @@ class ChallengeTypes(BaseModel):
             error_messages.append(f"Error! Input type `{type(v)}` is not `EmailChallenge`")
         else:
             match += 1
+        # validate data type: EndpointAgentChallenge
+        if not isinstance(v, EndpointAgentChallenge):
+            error_messages.append(f"Error! Input type `{type(v)}` is not `EndpointAgentChallenge`")
+        else:
+            match += 1
         # validate data type: FlowErrorChallenge
         if not isinstance(v, FlowErrorChallenge):
             error_messages.append(f"Error! Input type `{type(v)}` is not `FlowErrorChallenge`")
@@ -289,10 +297,10 @@ class ChallengeTypes(BaseModel):
             match += 1
         if match > 1:
             # more than 1 match
-            raise ValueError("Multiple matches found when setting `actual_instance` in ChallengeTypes with oneOf schemas: AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge. Details: " + ", ".join(error_messages))
+            raise ValueError("Multiple matches found when setting `actual_instance` in ChallengeTypes with oneOf schemas: AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, EndpointAgentChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge. Details: " + ", ".join(error_messages))
         elif match == 0:
             # no match
-            raise ValueError("No match found when setting `actual_instance` in ChallengeTypes with oneOf schemas: AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge. Details: " + ", ".join(error_messages))
+            raise ValueError("No match found when setting `actual_instance` in ChallengeTypes with oneOf schemas: AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, EndpointAgentChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge. Details: " + ", ".join(error_messages))
         else:
             return v
 
@@ -391,6 +399,12 @@ class ChallengeTypes(BaseModel):
             match += 1
         except (ValidationError, ValueError) as e:
             error_messages.append(str(e))
+        # deserialize data into EndpointAgentChallenge
+        try:
+            instance.actual_instance = EndpointAgentChallenge.from_json(json_str)
+            match += 1
+        except (ValidationError, ValueError) as e:
+            error_messages.append(str(e))
         # deserialize data into FlowErrorChallenge
         try:
             instance.actual_instance = FlowErrorChallenge.from_json(json_str)
@@ -484,10 +498,10 @@ class ChallengeTypes(BaseModel):
 
         if match > 1:
             # more than 1 match
-            raise ValueError("Multiple matches found when deserializing the JSON string into ChallengeTypes with oneOf schemas: AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge. Details: " + ", ".join(error_messages))
+            raise ValueError("Multiple matches found when deserializing the JSON string into ChallengeTypes with oneOf schemas: AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, EndpointAgentChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge. Details: " + ", ".join(error_messages))
         elif match == 0:
             # no match
-            raise ValueError("No match found when deserializing the JSON string into ChallengeTypes with oneOf schemas: AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge. Details: " + ", ".join(error_messages))
+            raise ValueError("No match found when deserializing the JSON string into ChallengeTypes with oneOf schemas: AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, EndpointAgentChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge. Details: " + ", ".join(error_messages))
         else:
             return instance
 
@@ -501,7 +515,7 @@ class ChallengeTypes(BaseModel):
         else:
             return json.dumps(self.actual_instance)
 
-    def to_dict(self) -> Optional[Union[Dict[str, Any], AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge]]:
+    def to_dict(self) -> Optional[Union[Dict[str, Any], AccessDeniedChallenge, AppleLoginChallenge, AuthenticatorDuoChallenge, AuthenticatorEmailChallenge, AuthenticatorSMSChallenge, AuthenticatorStaticChallenge, AuthenticatorTOTPChallenge, AuthenticatorValidationChallenge, AuthenticatorWebAuthnChallenge, AutosubmitChallenge, CaptchaChallenge, ConsentChallenge, DummyChallenge, EmailChallenge, EndpointAgentChallenge, FlowErrorChallenge, FrameChallenge, IdentificationChallenge, IframeLogoutChallenge, NativeLogoutChallenge, OAuthDeviceCodeChallenge, OAuthDeviceCodeFinishChallenge, PasswordChallenge, PlexAuthenticationChallenge, PromptChallenge, RedirectChallenge, SessionEndChallenge, ShellChallenge, TelegramLoginChallenge, UserLoginChallenge]]:
         """Returns the dict representation of the actual instance"""
         if self.actual_instance is None:
             return None

authentik_client/models/client_type_enum.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/compatibility_mode_enum.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/config.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/connection_token.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/connection_token_request.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/connector.py

@@ -0,0 +1,109 @@
+# coding: utf-8
+
+"""
+    authentik
+
+    Making authentication simple.
+
+    The version of the OpenAPI document: 2025.12.0-rc1
+    Contact: hello@goauthentik.io
+    Generated by OpenAPI Generator (https://openapi-generator.tech)
+
+    Do not edit the class manually.
+"""  # noqa: E501
+
+
+from __future__ import annotations
+import pprint
+import re  # noqa: F401
+import json
+
+from pydantic import BaseModel, ConfigDict, Field, StrictBool, StrictStr
+from typing import Any, ClassVar, Dict, List, Optional
+from uuid import UUID
+from typing import Optional, Set
+from typing_extensions import Self
+
+class Connector(BaseModel):
+    """
+    Connector
+    """ # noqa: E501
+    connector_uuid: Optional[UUID] = None
+    name: StrictStr
+    enabled: Optional[StrictBool] = None
+    component: StrictStr = Field(description="Get object component so that we know how to edit the object")
+    verbose_name: StrictStr = Field(description="Return object's verbose_name")
+    verbose_name_plural: StrictStr = Field(description="Return object's plural verbose_name")
+    meta_model_name: StrictStr = Field(description="Return internal model name")
+    __properties: ClassVar[List[str]] = ["connector_uuid", "name", "enabled", "component", "verbose_name", "verbose_name_plural", "meta_model_name"]
+
+    model_config = ConfigDict(
+        populate_by_name=True,
+        validate_assignment=True,
+        protected_namespaces=(),
+    )
+
+
+    def to_str(self) -> str:
+        """Returns the string representation of the model using alias"""
+        return pprint.pformat(self.model_dump(by_alias=True))
+
+    def to_json(self) -> str:
+        """Returns the JSON representation of the model using alias"""
+        # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead
+        return json.dumps(self.to_dict())
+
+    @classmethod
+    def from_json(cls, json_str: str) -> Optional[Self]:
+        """Create an instance of Connector from a JSON string"""
+        return cls.from_dict(json.loads(json_str))
+
+    def to_dict(self) -> Dict[str, Any]:
+        """Return the dictionary representation of the model using alias.
+
+        This has the following differences from calling pydantic's
+        `self.model_dump(by_alias=True)`:
+
+        * `None` is only added to the output dict for nullable fields that
+          were set at model initialization. Other fields with value `None`
+          are ignored.
+        * OpenAPI `readOnly` fields are excluded.
+        * OpenAPI `readOnly` fields are excluded.
+        * OpenAPI `readOnly` fields are excluded.
+        * OpenAPI `readOnly` fields are excluded.
+        """
+        excluded_fields: Set[str] = set([
+            "component",
+            "verbose_name",
+            "verbose_name_plural",
+            "meta_model_name",
+        ])
+
+        _dict = self.model_dump(
+            by_alias=True,
+            exclude=excluded_fields,
+            exclude_none=True,
+        )
+        return _dict
+
+    @classmethod
+    def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]:
+        """Create an instance of Connector from a dict"""
+        if obj is None:
+            return None
+
+        if not isinstance(obj, dict):
+            return cls.model_validate(obj)
+
+        _obj = cls.model_validate({
+            "connector_uuid": obj.get("connector_uuid"),
+            "name": obj.get("name"),
+            "enabled": obj.get("enabled"),
+            "component": obj.get("component"),
+            "verbose_name": obj.get("verbose_name"),
+            "verbose_name_plural": obj.get("verbose_name_plural"),
+            "meta_model_name": obj.get("meta_model_name")
+        })
+        return _obj
+
+

authentik_client/models/consent_challenge.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/consent_challenge_response_request.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/consent_permission.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 

authentik_client/models/consent_stage.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)
 
@@ -36,7 +36,7 @@ class ConsentStage(BaseModel):
     verbose_name: StrictStr = Field(description="Return object's verbose_name")
     verbose_name_plural: StrictStr = Field(description="Return object's plural verbose_name")
     meta_model_name: StrictStr = Field(description="Return internal model name")
-    flow_set: Optional[List[FlowSet]] = None
+    flow_set: List[FlowSet]
     mode: Optional[ConsentStageModeEnum] = None
     consent_expire_in: Optional[StrictStr] = Field(default=None, description="Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).")
     __properties: ClassVar[List[str]] = ["pk", "name", "component", "verbose_name", "verbose_name_plural", "meta_model_name", "flow_set", "mode", "consent_expire_in"]
@@ -76,6 +76,7 @@ class ConsentStage(BaseModel):
         * OpenAPI `readOnly` fields are excluded.
         * OpenAPI `readOnly` fields are excluded.
         * OpenAPI `readOnly` fields are excluded.
+        * OpenAPI `readOnly` fields are excluded.
         """
         excluded_fields: Set[str] = set([
             "pk",
@@ -83,6 +84,7 @@ class ConsentStage(BaseModel):
             "verbose_name",
             "verbose_name_plural",
             "meta_model_name",
+            "flow_set",
         ])
 
         _dict = self.model_dump(

authentik_client/models/consent_stage_mode_enum.py

@@ -5,7 +5,7 @@
 
     Making authentication simple.
 
-    The version of the OpenAPI document: 2025.10.3
+    The version of the OpenAPI document: 2025.12.0-rc1
     Contact: hello@goauthentik.io
     Generated by OpenAPI Generator (https://openapi-generator.tech)