ory-client 1.5.2__py3-none-any.whl → 1.6.2__py3-none-any.whl

ory_client/model/migration_options.py

@@ -0,0 +1,284 @@
+"""
+    Ory APIs
+
+    Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
+
+    The version of the OpenAPI document: v1.6.2
+    Contact: support@ory.sh
+    Generated by: https://openapi-generator.tech
+"""
+
+
+import re  # noqa: F401
+import sys  # noqa: F401
+
+from ory_client.model_utils import (  # noqa: F401
+    ApiTypeError,
+    ModelComposed,
+    ModelNormal,
+    ModelSimple,
+    cached_property,
+    change_keys_js_to_python,
+    convert_js_args_to_python_args,
+    date,
+    datetime,
+    file_type,
+    none_type,
+    validate_get_composed_info,
+    OpenApiModel
+)
+from ory_client.exceptions import ApiAttributeError
+
+
+
+class MigrationOptions(ModelNormal):
+    """NOTE: This class is auto generated by OpenAPI Generator.
+    Ref: https://openapi-generator.tech
+
+    Do not edit the class manually.
+
+    Attributes:
+      allowed_values (dict): The key is the tuple path to the attribute
+          and the for var_name this is (var_name,). The value is a dict
+          with a capitalized key describing the allowed value and an allowed
+          value. These dicts store the allowed enum values.
+      attribute_map (dict): The key is attribute name
+          and the value is json key in definition.
+      discriminator_value_class_map (dict): A dict to go from the discriminator
+          variable value to the discriminator class name.
+      validations (dict): The key is the tuple path to the attribute
+          and the for var_name this is (var_name,). The value is a dict
+          that stores validations for max_length, min_length, max_items,
+          min_items, exclusive_maximum, inclusive_maximum, exclusive_minimum,
+          inclusive_minimum, and regex.
+      additional_properties_type (tuple): A tuple of classes accepted
+          as additional properties values.
+    """
+
+    allowed_values = {
+        ('environment',): {
+            'PROD': "prod",
+            'DEV': "dev",
+        },
+        ('project_subscription',): {
+            'MIGRATE': "migrate",
+            'IGNORE': "ignore",
+        },
+    }
+
+    validations = {
+    }
+
+    @cached_property
+    def additional_properties_type():
+        """
+        This must be a method because a model may have properties that are
+        of type self, this must run after the class is loaded
+        """
+        return (bool, date, datetime, dict, float, int, list, str, none_type,)  # noqa: E501
+
+    _nullable = False
+
+    @cached_property
+    def openapi_types():
+        """
+        This must be a method because a model may have properties that are
+        of type self, this must run after the class is loaded
+
+        Returns
+            openapi_types (dict): The key is attribute name
+                and the value is attribute type.
+        """
+        return {
+            'environment': (str,),  # noqa: E501
+            'project_subscription': (str,),  # noqa: E501
+        }
+
+    @cached_property
+    def discriminator():
+        return None
+
+
+    attribute_map = {
+        'environment': 'environment',  # noqa: E501
+        'project_subscription': 'project_subscription',  # noqa: E501
+    }
+
+    read_only_vars = {
+    }
+
+    _composed_schemas = {}
+
+    @classmethod
+    @convert_js_args_to_python_args
+    def _from_openapi_data(cls, environment, project_subscription, *args, **kwargs):  # noqa: E501
+        """MigrationOptions - a model defined in OpenAPI
+
+        Args:
+            environment (str): The environment of the project in the workspace. Can be one of \"prod\" or \"dev\". Note that the number of projects in the \"prod\" environment is limited depending on the subscription. prod Production dev Development
+            project_subscription (str): The action to take with the project subscription. Can be one of \"migrate\", and \"ignore\". \"migrate\" will migrate the project subscription to the workspace. \"ignore\" will ignore the project subscription. migrate ProjectSubscriptionActionMigrate  ProjectSubscriptionActionMigrate will migrate the project subscription to the  workspace. ignore ProjectSubscriptionActionIgnore  ProjectSubscriptionActionIgnore will ignore the project subscription.
+
+        Keyword Args:
+            _check_type (bool): if True, values for parameters in openapi_types
+                                will be type checked and a TypeError will be
+                                raised if the wrong type is input.
+                                Defaults to True
+            _path_to_item (tuple/list): This is a list of keys or values to
+                                drill down to the model in received_data
+                                when deserializing a response
+            _spec_property_naming (bool): True if the variable names in the input data
+                                are serialized names, as specified in the OpenAPI document.
+                                False if the variable names in the input data
+                                are pythonic names, e.g. snake case (default)
+            _configuration (Configuration): the instance to use when
+                                deserializing a file_type parameter.
+                                If passed, type conversion is attempted
+                                If omitted no type conversion is done.
+            _visited_composed_classes (tuple): This stores a tuple of
+                                classes that we have traveled through so that
+                                if we see that class again we will not use its
+                                discriminator again.
+                                When traveling through a discriminator, the
+                                composed schema that is
+                                is traveled through is added to this set.
+                                For example if Animal has a discriminator
+                                petType and we pass in "Dog", and the class Dog
+                                allOf includes Animal, we move through Animal
+                                once using the discriminator, and pick Dog.
+                                Then in Dog, we will make an instance of the
+                                Animal class but this time we won't travel
+                                through its discriminator because we passed in
+                                _visited_composed_classes = (Animal,)
+        """
+
+        _check_type = kwargs.pop('_check_type', True)
+        _spec_property_naming = kwargs.pop('_spec_property_naming', True)
+        _path_to_item = kwargs.pop('_path_to_item', ())
+        _configuration = kwargs.pop('_configuration', None)
+        _visited_composed_classes = kwargs.pop('_visited_composed_classes', ())
+
+        self = super(OpenApiModel, cls).__new__(cls)
+
+        if args:
+            for arg in args:
+                if isinstance(arg, dict):
+                    kwargs.update(arg)
+                else:
+                    raise ApiTypeError(
+                        "Invalid positional arguments=%s passed to %s. Remove those invalid positional arguments." % (
+                            args,
+                            self.__class__.__name__,
+                        ),
+                        path_to_item=_path_to_item,
+                        valid_classes=(self.__class__,),
+                    )
+
+        self._data_store = {}
+        self._check_type = _check_type
+        self._spec_property_naming = _spec_property_naming
+        self._path_to_item = _path_to_item
+        self._configuration = _configuration
+        self._visited_composed_classes = _visited_composed_classes + (self.__class__,)
+
+        self.environment = environment
+        self.project_subscription = project_subscription
+        for var_name, var_value in kwargs.items():
+            if var_name not in self.attribute_map and \
+                        self._configuration is not None and \
+                        self._configuration.discard_unknown_keys and \
+                        self.additional_properties_type is None:
+                # discard variable.
+                continue
+            setattr(self, var_name, var_value)
+        return self
+
+    required_properties = set([
+        '_data_store',
+        '_check_type',
+        '_spec_property_naming',
+        '_path_to_item',
+        '_configuration',
+        '_visited_composed_classes',
+    ])
+
+    @convert_js_args_to_python_args
+    def __init__(self, environment, project_subscription, *args, **kwargs):  # noqa: E501
+        """MigrationOptions - a model defined in OpenAPI
+
+        Args:
+            environment (str): The environment of the project in the workspace. Can be one of \"prod\" or \"dev\". Note that the number of projects in the \"prod\" environment is limited depending on the subscription. prod Production dev Development
+            project_subscription (str): The action to take with the project subscription. Can be one of \"migrate\", and \"ignore\". \"migrate\" will migrate the project subscription to the workspace. \"ignore\" will ignore the project subscription. migrate ProjectSubscriptionActionMigrate  ProjectSubscriptionActionMigrate will migrate the project subscription to the  workspace. ignore ProjectSubscriptionActionIgnore  ProjectSubscriptionActionIgnore will ignore the project subscription.
+
+        Keyword Args:
+            _check_type (bool): if True, values for parameters in openapi_types
+                                will be type checked and a TypeError will be
+                                raised if the wrong type is input.
+                                Defaults to True
+            _path_to_item (tuple/list): This is a list of keys or values to
+                                drill down to the model in received_data
+                                when deserializing a response
+            _spec_property_naming (bool): True if the variable names in the input data
+                                are serialized names, as specified in the OpenAPI document.
+                                False if the variable names in the input data
+                                are pythonic names, e.g. snake case (default)
+            _configuration (Configuration): the instance to use when
+                                deserializing a file_type parameter.
+                                If passed, type conversion is attempted
+                                If omitted no type conversion is done.
+            _visited_composed_classes (tuple): This stores a tuple of
+                                classes that we have traveled through so that
+                                if we see that class again we will not use its
+                                discriminator again.
+                                When traveling through a discriminator, the
+                                composed schema that is
+                                is traveled through is added to this set.
+                                For example if Animal has a discriminator
+                                petType and we pass in "Dog", and the class Dog
+                                allOf includes Animal, we move through Animal
+                                once using the discriminator, and pick Dog.
+                                Then in Dog, we will make an instance of the
+                                Animal class but this time we won't travel
+                                through its discriminator because we passed in
+                                _visited_composed_classes = (Animal,)
+        """
+
+        _check_type = kwargs.pop('_check_type', True)
+        _spec_property_naming = kwargs.pop('_spec_property_naming', False)
+        _path_to_item = kwargs.pop('_path_to_item', ())
+        _configuration = kwargs.pop('_configuration', None)
+        _visited_composed_classes = kwargs.pop('_visited_composed_classes', ())
+
+        if args:
+            for arg in args:
+                if isinstance(arg, dict):
+                    kwargs.update(arg)
+                else:
+                    raise ApiTypeError(
+                        "Invalid positional arguments=%s passed to %s. Remove those invalid positional arguments." % (
+                            args,
+                            self.__class__.__name__,
+                        ),
+                        path_to_item=_path_to_item,
+                        valid_classes=(self.__class__,),
+                    )
+
+        self._data_store = {}
+        self._check_type = _check_type
+        self._spec_property_naming = _spec_property_naming
+        self._path_to_item = _path_to_item
+        self._configuration = _configuration
+        self._visited_composed_classes = _visited_composed_classes + (self.__class__,)
+
+        self.environment = environment
+        self.project_subscription = project_subscription
+        for var_name, var_value in kwargs.items():
+            if var_name not in self.attribute_map and \
+                        self._configuration is not None and \
+                        self._configuration.discard_unknown_keys and \
+                        self.additional_properties_type is None:
+                # discard variable.
+                continue
+            setattr(self, var_name, var_value)
+            if var_name in self.read_only_vars:
+                raise ApiAttributeError(f"`{var_name}` is a read-only attribute. Use `from_openapi_data` to instantiate "
+                                     f"class with read only attributes.")

ory_client/model/namespace.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/needs_privileged_session_error.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/normalized_project.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/normalized_project_revision.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """
@@ -155,6 +155,7 @@ class NormalizedProjectRevision(ModelNormal):
             'hydra_oauth2_grant_jwt_iat_optional': (bool,),  # noqa: E501
             'hydra_oauth2_grant_jwt_jti_optional': (bool,),  # noqa: E501
             'hydra_oauth2_grant_jwt_max_ttl': (str,),  # noqa: E501
+            'hydra_oauth2_mirror_top_level_claims': (bool,),  # noqa: E501
             'hydra_oauth2_pkce_enforced': (bool,),  # noqa: E501
             'hydra_oauth2_pkce_enforced_for_public_clients': (bool,),  # noqa: E501
             'hydra_oauth2_refresh_token_hook': (str,),  # noqa: E501
@@ -213,6 +214,7 @@ class NormalizedProjectRevision(ModelNormal):
             'kratos_courier_templates_login_code_valid_email_body_html': (str,),  # noqa: E501
             'kratos_courier_templates_login_code_valid_email_body_plaintext': (str,),  # noqa: E501
             'kratos_courier_templates_login_code_valid_email_subject': (str,),  # noqa: E501
+            'kratos_courier_templates_login_code_valid_sms_body_plaintext': (str,),  # noqa: E501
             'kratos_courier_templates_recovery_code_invalid_email_body_html': (str,),  # noqa: E501
             'kratos_courier_templates_recovery_code_invalid_email_body_plaintext': (str,),  # noqa: E501
             'kratos_courier_templates_recovery_code_invalid_email_subject': (str,),  # noqa: E501
@@ -298,6 +300,7 @@ class NormalizedProjectRevision(ModelNormal):
             'kratos_selfservice_flows_verification_use': (str,),  # noqa: E501
             'kratos_selfservice_methods_code_config_lifespan': (str,),  # noqa: E501
             'kratos_selfservice_methods_code_enabled': (bool,),  # noqa: E501
+            'kratos_selfservice_methods_code_mfa_enabled': (bool,),  # noqa: E501
             'kratos_selfservice_methods_code_passwordless_enabled': (bool,),  # noqa: E501
             'kratos_selfservice_methods_link_config_base_url': (str,),  # noqa: E501
             'kratos_selfservice_methods_link_config_lifespan': (str,),  # noqa: E501
@@ -351,6 +354,7 @@ class NormalizedProjectRevision(ModelNormal):
         'hydra_oauth2_grant_jwt_iat_optional': 'hydra_oauth2_grant_jwt_iat_optional',  # noqa: E501
         'hydra_oauth2_grant_jwt_jti_optional': 'hydra_oauth2_grant_jwt_jti_optional',  # noqa: E501
         'hydra_oauth2_grant_jwt_max_ttl': 'hydra_oauth2_grant_jwt_max_ttl',  # noqa: E501
+        'hydra_oauth2_mirror_top_level_claims': 'hydra_oauth2_mirror_top_level_claims',  # noqa: E501
         'hydra_oauth2_pkce_enforced': 'hydra_oauth2_pkce_enforced',  # noqa: E501
         'hydra_oauth2_pkce_enforced_for_public_clients': 'hydra_oauth2_pkce_enforced_for_public_clients',  # noqa: E501
         'hydra_oauth2_refresh_token_hook': 'hydra_oauth2_refresh_token_hook',  # noqa: E501
@@ -409,6 +413,7 @@ class NormalizedProjectRevision(ModelNormal):
         'kratos_courier_templates_login_code_valid_email_body_html': 'kratos_courier_templates_login_code_valid_email_body_html',  # noqa: E501
         'kratos_courier_templates_login_code_valid_email_body_plaintext': 'kratos_courier_templates_login_code_valid_email_body_plaintext',  # noqa: E501
         'kratos_courier_templates_login_code_valid_email_subject': 'kratos_courier_templates_login_code_valid_email_subject',  # noqa: E501
+        'kratos_courier_templates_login_code_valid_sms_body_plaintext': 'kratos_courier_templates_login_code_valid_sms_body_plaintext',  # noqa: E501
         'kratos_courier_templates_recovery_code_invalid_email_body_html': 'kratos_courier_templates_recovery_code_invalid_email_body_html',  # noqa: E501
         'kratos_courier_templates_recovery_code_invalid_email_body_plaintext': 'kratos_courier_templates_recovery_code_invalid_email_body_plaintext',  # noqa: E501
         'kratos_courier_templates_recovery_code_invalid_email_subject': 'kratos_courier_templates_recovery_code_invalid_email_subject',  # noqa: E501
@@ -494,6 +499,7 @@ class NormalizedProjectRevision(ModelNormal):
         'kratos_selfservice_flows_verification_use': 'kratos_selfservice_flows_verification_use',  # noqa: E501
         'kratos_selfservice_methods_code_config_lifespan': 'kratos_selfservice_methods_code_config_lifespan',  # noqa: E501
         'kratos_selfservice_methods_code_enabled': 'kratos_selfservice_methods_code_enabled',  # noqa: E501
+        'kratos_selfservice_methods_code_mfa_enabled': 'kratos_selfservice_methods_code_mfa_enabled',  # noqa: E501
         'kratos_selfservice_methods_code_passwordless_enabled': 'kratos_selfservice_methods_code_passwordless_enabled',  # noqa: E501
         'kratos_selfservice_methods_link_config_base_url': 'kratos_selfservice_methods_link_config_base_url',  # noqa: E501
         'kratos_selfservice_methods_link_config_lifespan': 'kratos_selfservice_methods_link_config_lifespan',  # noqa: E501
@@ -587,6 +593,7 @@ class NormalizedProjectRevision(ModelNormal):
             hydra_oauth2_grant_jwt_iat_optional (bool): Configures if the issued at (`iat`) claim is required in the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC7523).  If set to `false`, the `iat` claim is required. Set this value to `true` only after careful consideration.  This governs the \"oauth2.grant.jwt.iat_optional\" setting.. [optional]  # noqa: E501
             hydra_oauth2_grant_jwt_jti_optional (bool): Configures if the JSON Web Token ID (`jti`) claim is required in the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC7523).  If set to `false`, the `jti` claim is required. Set this value to `true` only after careful consideration.  This governs the \"oauth2.grant.jwt.jti_optional\" setting.. [optional]  # noqa: E501
             hydra_oauth2_grant_jwt_max_ttl (str): Configures what the maximum age of a JWT assertion used in the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC7523) can be.  This feature uses the `exp` claim and `iat` claim to calculate assertion age. Assertions exceeding the max age will be denied.  Useful as a safety measure and recommended to keep below 720h.  This governs the \"oauth2.grant.jwt.max_ttl\" setting.. [optional] if omitted the server will use the default value of "720h"  # noqa: E501
+            hydra_oauth2_mirror_top_level_claims (bool): Set to false if you don't want to mirror custom claims under 'ext'.  This governs the \"oauth2.mirror_top_level_claims\" setting.. [optional]  # noqa: E501
             hydra_oauth2_pkce_enforced (bool): Configures whether PKCE should be enforced for all OAuth2 Clients.  This governs the \"oauth2.pkce.enforced\" setting.. [optional]  # noqa: E501
             hydra_oauth2_pkce_enforced_for_public_clients (bool): Configures whether PKCE should be enforced for OAuth2 Clients without a client secret (public clients).  This governs the \"oauth2.pkce.enforced_for_public_clients\" setting.. [optional]  # noqa: E501
             hydra_oauth2_refresh_token_hook (str): Sets the Refresh Token Hook Endpoint. If set this endpoint will be called during the OAuth2 Token Refresh grant update the OAuth2 Access Token claims.  This governs the \"oauth2.refresh_token_hook\" setting.. [optional]  # noqa: E501
@@ -645,6 +652,7 @@ class NormalizedProjectRevision(ModelNormal):
             kratos_courier_templates_login_code_valid_email_body_html (str): Configures the Ory Kratos Valid Login via Code Email Body HTML Template  This governs the \"courier.smtp.templates.login_code.valid.email.body.html\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_login_code_valid_email_body_plaintext (str): Configures the Ory Kratos Valid Login via Code Email Body Plaintext Template  This governs the \"courier.smtp.templates.login_code.valid.email.body.plaintext\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_login_code_valid_email_subject (str): Configures the Ory Kratos Valid Login via Code Email Subject Template  This governs the \"courier.smtp.templates.login_code.valid.email.subject\" setting.. [optional]  # noqa: E501
+            kratos_courier_templates_login_code_valid_sms_body_plaintext (str): Configures the Ory Kratos Valid Login via Code SMS plain text body  This governs the \"courier.smtp.templates.login_code.valid.sms.plaintext\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_recovery_code_invalid_email_body_html (str): Configures the Ory Kratos Invalid Recovery via Code Email Body HTML Template  This governs the \"courier.smtp.templates.recovery_code.invalid.email.body.html\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_recovery_code_invalid_email_body_plaintext (str): Configures the Ory Kratos Invalid Recovery via Code Email Body Plaintext Template  This governs the \"courier.smtp.templates.recovery_code.invalid.email.body.plaintext\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_recovery_code_invalid_email_subject (str): Configures the Ory Kratos Invalid Recovery via Code Email Subject Template  This governs the \"courier.smtp.templates.recovery_code.invalid.email.body.html\" setting.. [optional]  # noqa: E501
@@ -730,6 +738,7 @@ class NormalizedProjectRevision(ModelNormal):
             kratos_selfservice_flows_verification_use (str): Configures the Ory Kratos Strategy to use for Verification  This governs the \"selfservice.flows.verification.use\" setting. link SelfServiceMessageVerificationStrategyLink code SelfServiceMessageVerificationStrategyCode. [optional]  # noqa: E501
             kratos_selfservice_methods_code_config_lifespan (str): Configures the Ory Kratos Code Method's lifespan  This governs the \"selfservice.methods.code.config.lifespan\" setting.. [optional]  # noqa: E501
             kratos_selfservice_methods_code_enabled (bool): Configures whether Ory Kratos Code Method is enabled  This governs the \"selfservice.methods.code.enabled\" setting.. [optional]  # noqa: E501
+            kratos_selfservice_methods_code_mfa_enabled (bool): Configues whether the code method can be used to fulfil MFA flows  This governs the \"selfservice.methods.code.mfa_enabled\" setting.. [optional]  # noqa: E501
             kratos_selfservice_methods_code_passwordless_enabled (bool): Configues whether Ory Kratos Passwordless should use the Code Method  This governs the \"selfservice.methods.code.passwordless_enabled\" setting.. [optional]  # noqa: E501
             kratos_selfservice_methods_link_config_base_url (str): Configures the Base URL which Recovery, Verification, and Login Links Point to  It is recommended to leave this value empty. It will be appropriately configured to the best matching domain (e.g. when using custom domains) automatically.  This governs the \"selfservice.methods.link.config.base_url\" setting.. [optional]  # noqa: E501
             kratos_selfservice_methods_link_config_lifespan (str): Configures the Ory Kratos Link Method's lifespan  This governs the \"selfservice.methods.link.config.lifespan\" setting.. [optional]  # noqa: E501
@@ -863,6 +872,7 @@ class NormalizedProjectRevision(ModelNormal):
             hydra_oauth2_grant_jwt_iat_optional (bool): Configures if the issued at (`iat`) claim is required in the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC7523).  If set to `false`, the `iat` claim is required. Set this value to `true` only after careful consideration.  This governs the \"oauth2.grant.jwt.iat_optional\" setting.. [optional]  # noqa: E501
             hydra_oauth2_grant_jwt_jti_optional (bool): Configures if the JSON Web Token ID (`jti`) claim is required in the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC7523).  If set to `false`, the `jti` claim is required. Set this value to `true` only after careful consideration.  This governs the \"oauth2.grant.jwt.jti_optional\" setting.. [optional]  # noqa: E501
             hydra_oauth2_grant_jwt_max_ttl (str): Configures what the maximum age of a JWT assertion used in the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC7523) can be.  This feature uses the `exp` claim and `iat` claim to calculate assertion age. Assertions exceeding the max age will be denied.  Useful as a safety measure and recommended to keep below 720h.  This governs the \"oauth2.grant.jwt.max_ttl\" setting.. [optional] if omitted the server will use the default value of "720h"  # noqa: E501
+            hydra_oauth2_mirror_top_level_claims (bool): Set to false if you don't want to mirror custom claims under 'ext'.  This governs the \"oauth2.mirror_top_level_claims\" setting.. [optional]  # noqa: E501
             hydra_oauth2_pkce_enforced (bool): Configures whether PKCE should be enforced for all OAuth2 Clients.  This governs the \"oauth2.pkce.enforced\" setting.. [optional]  # noqa: E501
             hydra_oauth2_pkce_enforced_for_public_clients (bool): Configures whether PKCE should be enforced for OAuth2 Clients without a client secret (public clients).  This governs the \"oauth2.pkce.enforced_for_public_clients\" setting.. [optional]  # noqa: E501
             hydra_oauth2_refresh_token_hook (str): Sets the Refresh Token Hook Endpoint. If set this endpoint will be called during the OAuth2 Token Refresh grant update the OAuth2 Access Token claims.  This governs the \"oauth2.refresh_token_hook\" setting.. [optional]  # noqa: E501
@@ -921,6 +931,7 @@ class NormalizedProjectRevision(ModelNormal):
             kratos_courier_templates_login_code_valid_email_body_html (str): Configures the Ory Kratos Valid Login via Code Email Body HTML Template  This governs the \"courier.smtp.templates.login_code.valid.email.body.html\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_login_code_valid_email_body_plaintext (str): Configures the Ory Kratos Valid Login via Code Email Body Plaintext Template  This governs the \"courier.smtp.templates.login_code.valid.email.body.plaintext\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_login_code_valid_email_subject (str): Configures the Ory Kratos Valid Login via Code Email Subject Template  This governs the \"courier.smtp.templates.login_code.valid.email.subject\" setting.. [optional]  # noqa: E501
+            kratos_courier_templates_login_code_valid_sms_body_plaintext (str): Configures the Ory Kratos Valid Login via Code SMS plain text body  This governs the \"courier.smtp.templates.login_code.valid.sms.plaintext\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_recovery_code_invalid_email_body_html (str): Configures the Ory Kratos Invalid Recovery via Code Email Body HTML Template  This governs the \"courier.smtp.templates.recovery_code.invalid.email.body.html\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_recovery_code_invalid_email_body_plaintext (str): Configures the Ory Kratos Invalid Recovery via Code Email Body Plaintext Template  This governs the \"courier.smtp.templates.recovery_code.invalid.email.body.plaintext\" setting.. [optional]  # noqa: E501
             kratos_courier_templates_recovery_code_invalid_email_subject (str): Configures the Ory Kratos Invalid Recovery via Code Email Subject Template  This governs the \"courier.smtp.templates.recovery_code.invalid.email.body.html\" setting.. [optional]  # noqa: E501
@@ -1006,6 +1017,7 @@ class NormalizedProjectRevision(ModelNormal):
             kratos_selfservice_flows_verification_use (str): Configures the Ory Kratos Strategy to use for Verification  This governs the \"selfservice.flows.verification.use\" setting. link SelfServiceMessageVerificationStrategyLink code SelfServiceMessageVerificationStrategyCode. [optional]  # noqa: E501
             kratos_selfservice_methods_code_config_lifespan (str): Configures the Ory Kratos Code Method's lifespan  This governs the \"selfservice.methods.code.config.lifespan\" setting.. [optional]  # noqa: E501
             kratos_selfservice_methods_code_enabled (bool): Configures whether Ory Kratos Code Method is enabled  This governs the \"selfservice.methods.code.enabled\" setting.. [optional]  # noqa: E501
+            kratos_selfservice_methods_code_mfa_enabled (bool): Configues whether the code method can be used to fulfil MFA flows  This governs the \"selfservice.methods.code.mfa_enabled\" setting.. [optional]  # noqa: E501
             kratos_selfservice_methods_code_passwordless_enabled (bool): Configues whether Ory Kratos Passwordless should use the Code Method  This governs the \"selfservice.methods.code.passwordless_enabled\" setting.. [optional]  # noqa: E501
             kratos_selfservice_methods_link_config_base_url (str): Configures the Base URL which Recovery, Verification, and Login Links Point to  It is recommended to leave this value empty. It will be appropriately configured to the best matching domain (e.g. when using custom domains) automatically.  This governs the \"selfservice.methods.link.config.base_url\" setting.. [optional]  # noqa: E501
             kratos_selfservice_methods_link_config_lifespan (str): Configures the Ory Kratos Link Method's lifespan  This governs the \"selfservice.methods.link.config.lifespan\" setting.. [optional]  # noqa: E501

ory_client/model/normalized_project_revision_courier_channel.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/normalized_project_revision_hook.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/normalized_project_revision_identity_schema.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/normalized_project_revision_identity_schemas.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/normalized_project_revision_third_party_provider.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """
@@ -98,6 +98,7 @@ class NormalizedProjectRevisionThirdPartyProvider(ModelNormal):
             'apple_team_id': (str,),  # noqa: E501
             'auth_url': (str,),  # noqa: E501
             'azure_tenant': (str,),  # noqa: E501
+            'claims_source': (str, none_type,),  # noqa: E501
             'client_id': (str,),  # noqa: E501
             'client_secret': (str, none_type,),  # noqa: E501
             'created_at': (datetime,),  # noqa: E501
@@ -129,6 +130,7 @@ class NormalizedProjectRevisionThirdPartyProvider(ModelNormal):
         'apple_team_id': 'apple_team_id',  # noqa: E501
         'auth_url': 'auth_url',  # noqa: E501
         'azure_tenant': 'azure_tenant',  # noqa: E501
+        'claims_source': 'claims_source',  # noqa: E501
         'client_id': 'client_id',  # noqa: E501
         'client_secret': 'client_secret',  # noqa: E501
         'created_at': 'created_at',  # noqa: E501
@@ -197,6 +199,7 @@ class NormalizedProjectRevisionThirdPartyProvider(ModelNormal):
             apple_team_id (str): Apple Developer Team ID  Apple Developer Team ID needed for generating a JWT token for client secret. [optional]  # noqa: E501
             auth_url (str): AuthURL is the authorize url, typically something like: https://example.org/oauth2/auth Should only be used when the OAuth2 / OpenID Connect server is not supporting OpenID Connect Discovery and when `provider` is set to `generic`.. [optional]  # noqa: E501
             azure_tenant (str): Tenant is the Azure AD Tenant to use for authentication, and must be set when `provider` is set to `microsoft`.  Can be either `common`, `organizations`, `consumers` for a multitenant application or a specific tenant like `8eaef023-2b34-4da1-9baa-8bc8c9d6a490` or `contoso.onmicrosoft.com`.. [optional]  # noqa: E501
+            claims_source (str, none_type): [optional]  # noqa: E501
             client_id (str): ClientID is the application's Client ID.. [optional]  # noqa: E501
             client_secret (str, none_type): [optional]  # noqa: E501
             created_at (datetime): The Project's Revision Creation Date. [optional]  # noqa: E501
@@ -305,6 +308,7 @@ class NormalizedProjectRevisionThirdPartyProvider(ModelNormal):
             apple_team_id (str): Apple Developer Team ID  Apple Developer Team ID needed for generating a JWT token for client secret. [optional]  # noqa: E501
             auth_url (str): AuthURL is the authorize url, typically something like: https://example.org/oauth2/auth Should only be used when the OAuth2 / OpenID Connect server is not supporting OpenID Connect Discovery and when `provider` is set to `generic`.. [optional]  # noqa: E501
             azure_tenant (str): Tenant is the Azure AD Tenant to use for authentication, and must be set when `provider` is set to `microsoft`.  Can be either `common`, `organizations`, `consumers` for a multitenant application or a specific tenant like `8eaef023-2b34-4da1-9baa-8bc8c9d6a490` or `contoso.onmicrosoft.com`.. [optional]  # noqa: E501
+            claims_source (str, none_type): [optional]  # noqa: E501
             client_id (str): ClientID is the application's Client ID.. [optional]  # noqa: E501
             client_secret (str, none_type): [optional]  # noqa: E501
             created_at (datetime): The Project's Revision Creation Date. [optional]  # noqa: E501

ory_client/model/normalized_project_revision_tokenizer_template.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/normalized_project_revision_tokenizer_templates.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/normalized_projects.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/null_duration.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/o_auth2_client.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """
@@ -131,6 +131,7 @@ class OAuth2Client(ModelNormal):
             'scope': (str,),  # noqa: E501
             'sector_identifier_uri': (str,),  # noqa: E501
             'skip_consent': (bool,),  # noqa: E501
+            'skip_logout_consent': (bool,),  # noqa: E501
             'subject_type': (str,),  # noqa: E501
             'token_endpoint_auth_method': (str,),  # noqa: E501
             'token_endpoint_auth_signing_alg': (str,),  # noqa: E501
@@ -186,6 +187,7 @@ class OAuth2Client(ModelNormal):
         'scope': 'scope',  # noqa: E501
         'sector_identifier_uri': 'sector_identifier_uri',  # noqa: E501
         'skip_consent': 'skip_consent',  # noqa: E501
+        'skip_logout_consent': 'skip_logout_consent',  # noqa: E501
         'subject_type': 'subject_type',  # noqa: E501
         'token_endpoint_auth_method': 'token_endpoint_auth_method',  # noqa: E501
         'token_endpoint_auth_signing_alg': 'token_endpoint_auth_signing_alg',  # noqa: E501
@@ -276,6 +278,7 @@ class OAuth2Client(ModelNormal):
             scope (str): OAuth 2.0 Client Scope  Scope is a string containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens.. [optional]  # noqa: E501
             sector_identifier_uri (str): OpenID Connect Sector Identifier URI  URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a file with a single JSON array of redirect_uri values.. [optional]  # noqa: E501
             skip_consent (bool): SkipConsent skips the consent screen for this client. This field can only be set from the admin API.. [optional]  # noqa: E501
+            skip_logout_consent (bool): SkipLogoutConsent skips the logout consent screen for this client. This field can only be set from the admin API.. [optional]  # noqa: E501
             subject_type (str): OpenID Connect Subject Type  The `subject_types_supported` Discovery parameter contains a list of the supported subject_type values for this server. Valid types include `pairwise` and `public`.. [optional]  # noqa: E501
             token_endpoint_auth_method (str): OAuth 2.0 Token Endpoint Authentication Method  Requested Client Authentication method for the Token Endpoint. The options are:  `client_secret_basic`: (default) Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` encoded in the HTTP Authorization header. `client_secret_post`: Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` in the HTTP body. `private_key_jwt`: Use JSON Web Tokens to authenticate the client. `none`: Used for public clients (native apps, mobile apps) which can not have secrets.. [optional] if omitted the server will use the default value of "client_secret_basic"  # noqa: E501
             token_endpoint_auth_signing_alg (str): OAuth 2.0 Token Endpoint Signing Algorithm  Requested Client Authentication signing algorithm for the Token Endpoint.. [optional]  # noqa: E501
@@ -408,6 +411,7 @@ class OAuth2Client(ModelNormal):
             scope (str): OAuth 2.0 Client Scope  Scope is a string containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens.. [optional]  # noqa: E501
             sector_identifier_uri (str): OpenID Connect Sector Identifier URI  URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a file with a single JSON array of redirect_uri values.. [optional]  # noqa: E501
             skip_consent (bool): SkipConsent skips the consent screen for this client. This field can only be set from the admin API.. [optional]  # noqa: E501
+            skip_logout_consent (bool): SkipLogoutConsent skips the logout consent screen for this client. This field can only be set from the admin API.. [optional]  # noqa: E501
             subject_type (str): OpenID Connect Subject Type  The `subject_types_supported` Discovery parameter contains a list of the supported subject_type values for this server. Valid types include `pairwise` and `public`.. [optional]  # noqa: E501
             token_endpoint_auth_method (str): OAuth 2.0 Token Endpoint Authentication Method  Requested Client Authentication method for the Token Endpoint. The options are:  `client_secret_basic`: (default) Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` encoded in the HTTP Authorization header. `client_secret_post`: Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` in the HTTP body. `private_key_jwt`: Use JSON Web Tokens to authenticate the client. `none`: Used for public clients (native apps, mobile apps) which can not have secrets.. [optional] if omitted the server will use the default value of "client_secret_basic"  # noqa: E501
             token_endpoint_auth_signing_alg (str): OAuth 2.0 Token Endpoint Signing Algorithm  Requested Client Authentication signing algorithm for the Token Endpoint.. [optional]  # noqa: E501

ory_client/model/o_auth2_client_token_lifespans.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/o_auth2_consent_request.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """

ory_client/model/o_auth2_consent_request_open_id_connect_context.py

@@ -3,7 +3,7 @@
 
     Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.   # noqa: E501
 
-    The version of the OpenAPI document: v1.5.2
+    The version of the OpenAPI document: v1.6.2
     Contact: support@ory.sh
     Generated by: https://openapi-generator.tech
 """