From d05aa59b03a28c54552c72cc7eab033edccbef1a Mon Sep 17 00:00:00 2001 From: Lyle Schemmerling Date: Tue, 24 Jun 2025 17:12:37 -0600 Subject: [PATCH 1/3] update clients --- openapi.yaml | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/openapi.yaml b/openapi.yaml index 0e18d96..f49cd3d 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -301,6 +301,8 @@ components: themeId: type: string format: uuid + universalConfiguration: + "$ref": "#/components/schemas/UniversalConfiguration" unverified: "$ref": "#/components/schemas/RegistrationUnverifiedOptions" verificationEmailTemplateId: @@ -3678,7 +3680,7 @@ components: type: string kty: "$ref": "#/components/schemas/KeyType" - "n": + n: type: string other: type: object @@ -3702,7 +3704,7 @@ components: type: string x5t#S256: type: string - "y": + y: type: string JSONWebKeyInfoProvider: description: Interface for any object that can provide JSON Web key Information. @@ -4965,6 +4967,7 @@ components: - invalid_target_entity_scope - invalid_entity_permission_scope - invalid_user_id + - invalid_tenant_id - grant_type_disabled - missing_client_id - missing_client_secret @@ -4980,6 +4983,7 @@ components: - missing_user_code - missing_user_id - missing_verification_uri + - missing_tenant_id - login_prevented - not_licensed - user_code_expired @@ -5598,10 +5602,14 @@ components: type: string licensed: type: boolean + organizationAdminApplication: + "$ref": "#/components/schemas/ReactorFeatureStatus" scimServer: "$ref": "#/components/schemas/ReactorFeatureStatus" threatDetection: "$ref": "#/components/schemas/ReactorFeatureStatus" + universalApplication: + "$ref": "#/components/schemas/ReactorFeatureStatus" webAuthn: "$ref": "#/components/schemas/ReactorFeatureStatus" webAuthnPlatformAuthenticators: @@ -7528,6 +7536,24 @@ components: enum: - Always - OnCollision + UniversalApplicationTenant: + description: '' + type: object + properties: + tenantId: + type: string + format: uuid + UniversalConfiguration: + type: object + properties: + applicationTenants: + type: array + items: + "$ref": "#/components/schemas/UniversalApplicationTenant" + global: + type: boolean + universal: + type: boolean UnknownScopePolicy: description: Policy for handling unknown OAuth scopes in the request type: string From 719c3711638119ae5ea5a7d3d095a54ccd2e8674 Mon Sep 17 00:00:00 2001 From: Lyle Schemmerling Date: Thu, 26 Jun 2025 16:41:37 -0600 Subject: [PATCH 2/3] add the application-tenant api and move it out of the application object --- openapi.yaml | 156 ++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 155 insertions(+), 1 deletion(-) diff --git a/openapi.yaml b/openapi.yaml index f49cd3d..1e5a1c2 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -7540,16 +7540,31 @@ components: description: '' type: object properties: + applicationId: + type: string + format: uuid tenantId: type: string format: uuid - UniversalConfiguration: + UniversalApplicationTenantsRequest: + description: '' type: object properties: applicationTenants: type: array items: "$ref": "#/components/schemas/UniversalApplicationTenant" + UniversalApplicationTenantsResponse: + description: '' + type: object + properties: + applicationTenants: + type: array + items: + "$ref": "#/components/schemas/UniversalApplicationTenant" + UniversalConfiguration: + type: object + properties: global: type: boolean universal: @@ -9625,6 +9640,145 @@ paths: "$ref": "#/components/schemas/ApplicationResponse" default: description: Error + "/api/application/{applicationId}/application-tenant": + post: + description: Adds the application tenants for universal applications. + operationId: createUniversalApplicationTenantsWithId + parameters: + - name: applicationId + in: path + schema: + type: string + required: true + description: The Id of the application that the role belongs to. + - in: header + name: X-FusionAuth-TenantId + description: The unique Id of the tenant used to scope this API request. Only + required when there is more than one tenant and the API key is not tenant-scoped. + required: false + schema: + type: string + format: UUID + requestBody: + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantsRequest" + responses: + '200': + description: Success + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantsResponse" + default: + description: Error + content: + application/json: + schema: + "$ref": "#/components/schemas/Errors" + delete: + description: Removes the specified tenants from the universal application tenants + list. + operationId: deleteUniversalApplicationTenantsWithId + parameters: + - name: tenantIds + in: query + schema: + type: string + description: The Ids of the tenants to delete from the universal application + tenants list. + - name: applicationId + in: path + schema: + type: string + required: true + description: The Id of the universal application that the tenants are linked + to. + - in: header + name: X-FusionAuth-TenantId + description: The unique Id of the tenant used to scope this API request. Only + required when there is more than one tenant and the API key is not tenant-scoped. + required: false + schema: + type: string + format: UUID + responses: + '200': + description: Success + default: + description: Error + content: + application/json: + schema: + "$ref": "#/components/schemas/Errors" + get: + description: Retrieves the application tenants for universal applications. + operationId: retrieveUniversalApplicationTenantsWithId + parameters: + - name: applicationId + in: path + schema: + type: string + required: true + description: The Id of the application that the role belongs to. + - in: header + name: X-FusionAuth-TenantId + description: The unique Id of the tenant used to scope this API request. Only + required when there is more than one tenant and the API key is not tenant-scoped. + required: false + schema: + type: string + format: UUID + responses: + '200': + description: Success + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantsResponse" + default: + description: Error + content: + application/json: + schema: + "$ref": "#/components/schemas/Errors" + "/api/application/{applicationId}/application-tenant/{tenantId}": + delete: + description: Removes the specified tenant from the universal application tenants + list. + operationId: deleteUniversalApplicationTenantWithId + parameters: + - name: applicationId + in: path + schema: + type: string + required: true + description: The Id of the application that the role belongs to. + - name: tenantId + in: path + schema: + type: string + required: true + description: The Id of the tenant to delete from the universal application + tenants list. + - in: header + name: X-FusionAuth-TenantId + description: The unique Id of the tenant used to scope this API request. Only + required when there is more than one tenant and the API key is not tenant-scoped. + required: false + schema: + type: string + format: UUID + responses: + '200': + description: Success + default: + description: Error + content: + application/json: + schema: + "$ref": "#/components/schemas/Errors" "/api/application/{applicationId}/oauth-configuration": get: description: Retrieves the Oauth2 configuration for the application for the From 5c6bb7119ff5d5b703530b635c3670b82250a197 Mon Sep 17 00:00:00 2001 From: Lyle Schemmerling Date: Mon, 7 Jul 2025 15:14:18 -0600 Subject: [PATCH 3/3] separate out the universal config and update clients --- openapi.yaml | 360 +++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 266 insertions(+), 94 deletions(-) diff --git a/openapi.yaml b/openapi.yaml index 1e5a1c2..a895e75 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -302,7 +302,7 @@ components: type: string format: uuid universalConfiguration: - "$ref": "#/components/schemas/UniversalConfiguration" + "$ref": "#/components/schemas/UniversalApplicationConfiguration" unverified: "$ref": "#/components/schemas/RegistrationUnverifiedOptions" verificationEmailTemplateId: @@ -3680,7 +3680,7 @@ components: type: string kty: "$ref": "#/components/schemas/KeyType" - n: + "n": type: string other: type: object @@ -3704,7 +3704,7 @@ components: type: string x5t#S256: type: string - y: + "y": type: string JSONWebKeyInfoProvider: description: Interface for any object that can provide JSON Web key Information. @@ -7536,39 +7536,85 @@ components: enum: - Always - OnCollision - UniversalApplicationTenant: + UniversalApplicationConfiguration: description: '' type: object + properties: + global: + type: boolean + universal: + type: boolean + UniversalApplicationTenant: + description: An object that represents the mapping between a Universal Application + and a Tenant. + type: object properties: applicationId: type: string format: uuid + data: + type: object + additionalProperties: + type: object + id: + type: string + format: uuid + insertInstant: + "$ref": "#/components/schemas/ZonedDateTime" + lastUpdateInstant: + "$ref": "#/components/schemas/ZonedDateTime" tenantId: type: string format: uuid - UniversalApplicationTenantsRequest: - description: '' + UniversalApplicationTenantRequest: + description: The request object for creating or updating a Universal Application + Tenant. type: object properties: - applicationTenants: - type: array - items: - "$ref": "#/components/schemas/UniversalApplicationTenant" - UniversalApplicationTenantsResponse: + universalApplicationTenant: + "$ref": "#/components/schemas/UniversalApplicationTenant" + UniversalApplicationTenantResponse: + description: The response object for a single Universal Application Tenant. + type: object + properties: + universalApplicationTenant: + "$ref": "#/components/schemas/UniversalApplicationTenant" + UniversalApplicationTenantSearchCriteria: description: '' type: object properties: - applicationTenants: + applicationId: + type: string + format: uuid + tenantId: + type: string + format: uuid + tenantName: + type: string + numberOfResults: + type: integer + orderBy: + type: string + startRow: + type: integer + UniversalApplicationTenantSearchRequest: + description: The request object with the search criteria for Universal Application + Tenants. + type: object + properties: + search: + "$ref": "#/components/schemas/UniversalApplicationTenantSearchCriteria" + UniversalApplicationTenantSearchResponse: + description: The response object for Universal Application Tenants search results. + type: object + properties: + universalApplicationTenants: type: array items: "$ref": "#/components/schemas/UniversalApplicationTenant" - UniversalConfiguration: - type: object - properties: - global: - type: boolean - universal: - type: boolean + total: + type: integer + format: int64 UnknownScopePolicy: description: Policy for handling unknown OAuth scopes in the request type: string @@ -9459,6 +9505,38 @@ paths: application/json: schema: "$ref": "#/components/schemas/Errors" + "/api/application/universal-application-tenant/search": + post: + description: Searches universal application tenants for the specified applicationId + and with the specified criteria and pagination. + operationId: searchUniversalApplicationTenantsWithId + parameters: + - in: header + name: X-FusionAuth-TenantId + description: The unique Id of the tenant used to scope this API request. Only + required when there is more than one tenant and the API key is not tenant-scoped. + required: false + schema: + type: string + format: UUID + requestBody: + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantSearchRequest" + responses: + '200': + description: Success + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantSearchResponse" + default: + description: Error + content: + application/json: + schema: + "$ref": "#/components/schemas/Errors" "/api/application/{applicationId}": post: description: Creates an application. You can optionally specify an Id for the @@ -9641,42 +9719,6 @@ paths: default: description: Error "/api/application/{applicationId}/application-tenant": - post: - description: Adds the application tenants for universal applications. - operationId: createUniversalApplicationTenantsWithId - parameters: - - name: applicationId - in: path - schema: - type: string - required: true - description: The Id of the application that the role belongs to. - - in: header - name: X-FusionAuth-TenantId - description: The unique Id of the tenant used to scope this API request. Only - required when there is more than one tenant and the API key is not tenant-scoped. - required: false - schema: - type: string - format: UUID - requestBody: - content: - application/json: - schema: - "$ref": "#/components/schemas/UniversalApplicationTenantsRequest" - responses: - '200': - description: Success - content: - application/json: - schema: - "$ref": "#/components/schemas/UniversalApplicationTenantsResponse" - default: - description: Error - content: - application/json: - schema: - "$ref": "#/components/schemas/Errors" delete: description: Removes the specified tenants from the universal application tenants list. @@ -9712,56 +9754,23 @@ paths: application/json: schema: "$ref": "#/components/schemas/Errors" + "/api/application/{applicationId}/application-tenant/{universalApplicationTenantId}": get: - description: Retrieves the application tenants for universal applications. - operationId: retrieveUniversalApplicationTenantsWithId - parameters: - - name: applicationId - in: path - schema: - type: string - required: true - description: The Id of the application that the role belongs to. - - in: header - name: X-FusionAuth-TenantId - description: The unique Id of the tenant used to scope this API request. Only - required when there is more than one tenant and the API key is not tenant-scoped. - required: false - schema: - type: string - format: UUID - responses: - '200': - description: Success - content: - application/json: - schema: - "$ref": "#/components/schemas/UniversalApplicationTenantsResponse" - default: - description: Error - content: - application/json: - schema: - "$ref": "#/components/schemas/Errors" - "/api/application/{applicationId}/application-tenant/{tenantId}": - delete: - description: Removes the specified tenant from the universal application tenants - list. - operationId: deleteUniversalApplicationTenantWithId + description: Retrieves the universal application tenant. + operationId: retrieveUniversalApplicationTenantWithId parameters: - name: applicationId in: path schema: type: string required: true - description: The Id of the application that the role belongs to. - - name: tenantId + description: The Id of the universal application that tenant is mapped to + - name: universalApplicationTenantId in: path schema: type: string required: true - description: The Id of the tenant to delete from the universal application - tenants list. + description: The Id of the universal application tenant. - in: header name: X-FusionAuth-TenantId description: The unique Id of the tenant used to scope this API request. Only @@ -9773,6 +9782,10 @@ paths: responses: '200': description: Success + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantResponse" default: description: Error content: @@ -10263,6 +10276,165 @@ paths: application/json: schema: "$ref": "#/components/schemas/Errors" + "/api/application/{applicationId}/universal-application-tenant": + post: + description: Adds the application tenants for universal applications. + operationId: createUniversalApplicationTenant + parameters: + - name: applicationId + in: path + schema: + type: string + required: true + description: The Id of the application that the universal application tenant + belongs to. + - in: header + name: X-FusionAuth-TenantId + description: The unique Id of the tenant used to scope this API request. Only + required when there is more than one tenant and the API key is not tenant-scoped. + required: false + schema: + type: string + format: UUID + requestBody: + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantRequest" + responses: + '200': + description: Success + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantResponse" + default: + description: Error + content: + application/json: + schema: + "$ref": "#/components/schemas/Errors" + "/api/application/{applicationId}/universal-application-tenant/{universalApplicationTenantId}": + post: + description: Adds the application tenants for universal applications. + operationId: createUniversalApplicationTenantWithId + parameters: + - name: applicationId + in: path + schema: + type: string + required: true + description: The Id of the application that the universal application tenant + belongs to. + - name: universalApplicationTenantId + in: path + schema: + type: string + required: true + description: The Id of the universal application tenant. + - in: header + name: X-FusionAuth-TenantId + description: The unique Id of the tenant used to scope this API request. Only + required when there is more than one tenant and the API key is not tenant-scoped. + required: false + schema: + type: string + format: UUID + requestBody: + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantRequest" + responses: + '200': + description: Success + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantResponse" + default: + description: Error + content: + application/json: + schema: + "$ref": "#/components/schemas/Errors" + delete: + description: Deletes the universal application tenant. + operationId: deleteUniversalApplicationTenantWithId + parameters: + - name: applicationId + in: path + schema: + type: string + required: true + description: The Id of the application that the UniversalApplicationTenant + belongs to. + - name: universalApplicationTenantId + in: path + schema: + type: string + required: true + description: The Id of the UniversalApplicationTenant to delete. + - in: header + name: X-FusionAuth-TenantId + description: The unique Id of the tenant used to scope this API request. Only + required when there is more than one tenant and the API key is not tenant-scoped. + required: false + schema: + type: string + format: UUID + responses: + '200': + description: Success + default: + description: Error + content: + application/json: + schema: + "$ref": "#/components/schemas/Errors" + put: + description: Adds the application tenants for universal applications. + operationId: updateUniversalApplicationTenantWithId + parameters: + - name: applicationId + in: path + schema: + type: string + required: true + description: The Id of the application that the UniversalApplicationTenant + belongs to. + - name: universalApplicationTenantId + in: path + schema: + type: string + required: true + description: The Id of the universal application tenant. + - in: header + name: X-FusionAuth-TenantId + description: The unique Id of the tenant used to scope this API request. Only + required when there is more than one tenant and the API key is not tenant-scoped. + required: false + schema: + type: string + format: UUID + requestBody: + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantRequest" + responses: + '200': + description: Success + content: + application/json: + schema: + "$ref": "#/components/schemas/UniversalApplicationTenantResponse" + default: + description: Error + content: + application/json: + schema: + "$ref": "#/components/schemas/Errors" "/api/connector": post: description: Creates a connector. You can optionally specify an Id for the