Documentation
¶
Index ¶
- Constants
- Variables
- func IsNotFoundError(err error) bool
- func IsUnauthorizedError(err error) bool
- type AccessKeyLoginOptions
- type AccessKeyResponse
- type AssociatedTenant
- type AttributeMapping
- type AuditRecord
- type AuditSearchOptions
- type AuthFactor
- type AuthenticationInfo
- type AuthzModified
- type AuthzNamespace
- type AuthzNode
- type AuthzNodeExpression
- type AuthzNodeExpressionType
- type AuthzNodeType
- type AuthzRelation
- type AuthzRelationDefinition
- type AuthzRelationQuery
- type AuthzSchema
- type AuthzUserQuery
- type BatchUser
- type BatchUserPassword
- type BatchUserPasswordBcrypt
- type BatchUserPasswordDjango
- type BatchUserPasswordFirebase
- type BatchUserPasswordHashed
- type BatchUserPasswordPbkdf2
- type CloneProjectResponse
- type ContextKey
- type DeliveryMethod
- type EnchantedLinkResponse
- type Error
- type ExportSnapshotResponse
- type Flow
- type FlowMetadata
- type FlowResponse
- type FlowsResponse
- type Group
- type GroupMember
- type GroupsMapping
- type ImportSnapshotRequest
- type InviteOptions
- type JWTResponse
- type LoginOptions
- type OAuthProvider
- type OIDCApplicationRequest
- type OIDCAttributeMapping
- type PasswordPolicy
- type PasswordSettings
- type Permission
- type ProjectTag
- type ProviderTokenResponse
- type Role
- type RoleItem
- type RoleMapping
- type RoleSearchOptions
- type SAMLApplicationRequest
- type SAMLIDPAttributeMappingInfo
- type SAMLIDPGroupsMappingInfo
- type SAMLIDPRoleGroupMappingInfo
- type SSOApplication
- type SSOApplicationOIDCSettings
- type SSOApplicationSAMLSettings
- type SSOApplicationSearchOptions
- type SSOOIDCSettings
- type SSOSAMLSettings
- type SSOSAMLSettingsByMetadata
- type SSOSAMLSettingsResponse
- type SSOSettingsResponse
- type SSOTenantSettingsResponse
- type Screen
- type SignUpOptions
- type SnapshotSecret
- type SnapshotSecrets
- type TOTPResponse
- type Tenant
- type TenantRequest
- type TenantSearchOptions
- type TenantSettings
- type Theme
- type Token
- func (to *Token) AuthFactors() []AuthFactor
- func (to *Token) CustomClaim(value string) interface{}
- func (to *Token) GetTenantValue(tenant, key string) any
- func (to *Token) GetTenants() []string
- func (to *Token) IsMFA() bool
- func (to *Token) IsPermitted(permission string) bool
- func (to *Token) IsPermittedPerTenant(tenant string, permission string) bool
- type UpdateOptions
- type User
- type UserHistoryResponse
- type UserImportFailure
- type UserImportResponse
- type UserMapping
- type UserRequest
- type UserResponse
- type UserSearchOptions
- type UserSearchSort
- type UserStatus
- type UsersBatchResponse
- type UsersFailedResponse
- type ValidateSnapshotRequest
- type ValidateSnapshotResponse
- type WebAuthnFinishRequest
- type WebAuthnTransactionResponse
Constants ¶
View Source
const ( MethodWhatsApp DeliveryMethod = "whatsapp" MethodSMS DeliveryMethod = "sms" MethodVoice DeliveryMethod = "voice" MethodEmail DeliveryMethod = "email" MethodEmbedded DeliveryMethod = "Embedded" OAuthFacebook OAuthProvider = "facebook" OAuthGithub OAuthProvider = "github" OAuthGoogle OAuthProvider = "google" OAuthMicrosoft OAuthProvider = "microsoft" OAuthGitlab OAuthProvider = "gitlab" OAuthApple OAuthProvider = "apple" ProjectTagNone ProjectTag = "" ProjectTagProduction ProjectTag = "production" SessionCookieName = "DS" RefreshCookieName = "DSR" RedirectLocationCookieName = "Location" ContextUserIDProperty = "DESCOPE_USER_ID" ContextUserIDPropertyKey ContextKey = ContextUserIDProperty ClaimAuthorizedTenants = "tenants" ClaimAuthorizedGlobalPermissions = "permissions" EnvironmentVariableProjectID = "DESCOPE_PROJECT_ID" EnvironmentVariablePublicKey = "DESCOPE_PUBLIC_KEY" EnvironmentVariableManagementKey = "DESCOPE_MANAGEMENT_KEY" EnvironmentVariableBaseURL = "DESCOPE_BASE_URL" )
Variables ¶
View Source
var ( // server common ErrBadRequest = newServerError("E011001") ErrMissingArguments = newServerError("E011002") ErrValidationFailure = newServerError("E011003") ErrInvalidArguments = newServerError("E011004") // server authentication ErrUserAlreadyExists = newServerError("E062107") ErrInvalidOneTimeCode = newServerError("E061102") ErrPasswordExpired = newServerError("E062909") ErrTokenExpiredByLoggedOut = newServerError("E064001") // server management ErrManagementUserNotFound = newServerError("E112102") // server infra ErrRateLimitExceeded = newServerError("E130429") // client setup ErrMissingProjectID = newClientError("G010001", "Missing project ID") // client service error ErrUnexpectedResponse = newClientError("G020001", "Unexpected server response") ErrInvalidResponse = newClientError("G020002", "Invalid server response") // client functional errors ErrPublicKey = newClientError("G030001", "Missing or invalid public key") ErrInvalidToken = newClientError("G030002", "Invalid token") ErrRefreshToken = newClientError("G030003", "Missing or invalid refresh token") ErrInvalidStepUpJWT = newClientError("G030004", "Refresh token must be provided for stepup actions") )
View Source
var ErrorInfoKeys = errorInfoKeys{
HTTPResponseStatusCode: "Status-Code",
RateLimitExceededRetryAfter: "Retry-After",
}
Additional information that might be available in the Error struct's Info map for specific errors
Functions ¶
func IsNotFoundError ¶ added in v0.9.4
func IsUnauthorizedError ¶ added in v0.9.4
Types ¶
type AccessKeyLoginOptions ¶ added in v1.6.3
type AccessKeyLoginOptions struct {
CustomClaims map[string]interface{} `json:"customClaims,omitempty"`
}
type AccessKeyResponse ¶ added in v0.9.4
type AccessKeyResponse struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
RoleNames []string `json:"roleNames,omitempty"`
KeyTenants []*AssociatedTenant `json:"keyTenants,omitempty"`
Status string `json:"status,omitempty"`
CreatedTime int32 `json:"createdTime,omitempty"`
ExpireTime int32 `json:"expireTime,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
ClientID string `json:"clientId,omitempty"`
UserID string `json:"boundUserId,omitempty"`
CustomClaims map[string]any `json:"customClaims,omitempty"`
}
type AssociatedTenant ¶ added in v0.9.4
type AssociatedTenant struct {
TenantID string `json:"tenantId"`
TenantName string `json:"tenantName"`
Roles []string `json:"roleNames,omitempty"`
}
Represents a tenant association for a User or an Access Key. The tenant ID is required to denote which tenant the user / access key belongs to. Roles is an optional list of roles for the user / access key in this specific tenant.
type AttributeMapping ¶ added in v0.9.4
type AttributeMapping struct {
Name string `json:"name,omitempty"`
GivenName string `json:"givenName,omitempty"`
MiddleName string `json:"middleName,omitempty"`
FamilyName string `json:"familyName,omitempty"`
Picture string `json:"picture,omitempty"`
Email string `json:"email,omitempty"`
PhoneNumber string `json:"phoneNumber,omitempty"`
Group string `json:"group,omitempty"`
CustomAttributes map[string]string `json:"customAttributes,omitempty"`
}
Represents a SAML mapping between Descope and IDP user attributes
type AuditRecord ¶ added in v1.5.3
type AuditRecord struct {
ProjectID string `json:"projectId,omitempty"`
UserID string `json:"userId,omitempty"`
Action string `json:"action,omitempty"`
Occurred time.Time `json:"occurred,omitempty"`
Device string `json:"device,omitempty"`
Method string `json:"method,omitempty"`
Geo string `json:"geo,omitempty"`
RemoteAddress string `json:"remoteAddress,omitempty"`
LoginIDs []string `json:"loginIds,omitempty"`
Tenants []string
Data map[string]interface{} `json:"data,omitempty"`
}
type AuditSearchOptions ¶ added in v1.5.3
type AuditSearchOptions struct {
UserIDs []string `json:"userIds,omitempty"` // List of user IDs to filter by
Actions []string `json:"actions,omitempty"` // List of actions to filter by
ExcludedActions []string `json:"excludedActions"` // List of actions to exclude
From time.Time `json:"from,omitempty"` // Retrieve records newer than given time. Limited to no older than 30 days.
To time.Time `json:"to,omitempty"` // Retrieve records older than given time.
Devices []string `json:"devices,omitempty"` // List of devices to filter by. Current devices supported are "Bot"/"Mobile"/"Desktop"/"Tablet"/"Unknown"
Methods []string `json:"methods,omitempty"` // List of methods to filter by. Current auth methods are "otp"/"totp"/"magiclink"/"oauth"/"saml"/"password"
Geos []string `json:"geos,omitempty"` // List of geos to filter by. Geo is currently country code like "US", "IL", etc.
RemoteAddresses []string `json:"remoteAddresses,omitempty"` // List of remote addresses to filter by
LoginIDs []string `json:"loginIds,omitempty"` // List of login IDs to filter by
Tenants []string `json:"tenants"` // List of tenants to filter by
NoTenants bool `json:"noTenants"` // Should audits without any tenants always be included
Text string `json:"text"` // Free text search across all fields
}
AuditSearchOptions to filter which audits we should retrieve. All parameters are optional. `From` is currently limited to 30 days
type AuthFactor ¶ added in v0.9.4
type AuthFactor string
const ( AuthFactorUnknown AuthFactor = "" AuthFactorEmail AuthFactor = "email" AuthFactorPhone AuthFactor = "sms" AuthFactorSaml AuthFactor = "fed" AuthFactorOAuth AuthFactor = "oauth" AuthFactorWebauthn AuthFactor = "webauthn" AuthFactorTOTP AuthFactor = "totp" AuthFactorMFA AuthFactor = "mfa" AuthFactorPassword AuthFactor = "pwd" )
type AuthenticationInfo ¶ added in v0.9.4
type AuthenticationInfo struct {
SessionToken *Token `json:"token,omitempty"`
RefreshToken *Token `json:"refreshToken,omitempty"`
User *UserResponse `json:"user,omitempty"`
FirstSeen bool `json:"firstSeen,omitempty"`
}
func NewAuthenticationInfo ¶ added in v0.9.4
func NewAuthenticationInfo(jRes *JWTResponse, sessionToken, refreshToken *Token) *AuthenticationInfo
type AuthzModified ¶ added in v1.6.1
type AuthzModified struct {
Resources []string `json:"resources"`
Targets []string `json:"targets"`
SchemaChanged bool `json:"schemaChanged"`
}
AuthzModified resources and targets since given timestamp
type AuthzNamespace ¶ added in v1.5.7
type AuthzNamespace struct {
Name string `json:"name"`
RelationDefinitions []*AuthzRelationDefinition `json:"relationDefinitions"`
}
AuthzNamespace defines an entity in the authorization schema
type AuthzNode ¶ added in v1.5.7
type AuthzNode struct {
NType AuthzNodeType `json:"nType"`
Children []*AuthzNode `json:"children,omitempty"`
Expression *AuthzNodeExpression `json:"expression,omitempty"`
}
AuthzNode holds the definition of a complex relation definition
type AuthzNodeExpression ¶ added in v1.5.7
type AuthzNodeExpression struct {
NEType AuthzNodeExpressionType `json:"neType"`
RelationDefinition string `json:"relationDefinition,omitempty"`
RelationDefinitionNamespace string `json:"relationDefinitionNamespace,omitempty"`
TargetRelationDefinition string `json:"targetRelationDefinition,omitempty"`
TargetRelationDefinitionNamespace string `json:"targetRelationDefinitionNamespace,omitempty"`
}
AuthzNodeExpression holds the definition of a child node
type AuthzNodeExpressionType ¶ added in v1.5.7
type AuthzNodeExpressionType string
const ( AuthzNodeExpressionTypeSelf AuthzNodeExpressionType = "self" AuthzNodeExpressionTypeTargetSet AuthzNodeExpressionType = "targetSet" AuthzNodeExpressionTypeRelationLeft AuthzNodeExpressionType = "relationLeft" AuthzNodeExpressionTypeRelationRight AuthzNodeExpressionType = "relationRight" )
type AuthzNodeType ¶ added in v1.5.7
type AuthzNodeType string
const ( AuthzNodeTypeChild AuthzNodeType = "child" AuthzNodeTypeUnion AuthzNodeType = "union" AuthzNodeTypeIntersect AuthzNodeType = "intersect" AuthzNodeTypeSub AuthzNodeType = "sub" )
type AuthzRelation ¶ added in v1.5.7
type AuthzRelation struct {
Resource string `json:"resource"`
RelationDefinition string `json:"relationDefinition"`
Namespace string `json:"namespace"`
Target string `json:"target,omitempty"`
TargetSetResource string `json:"targetSetResource,omitempty"`
TargetSetRelationDefinition string `json:"targetSetRelationDefinition,omitempty"`
TargetSetRelationDefinitionNamespace string `json:"targetSetRelationDefinitionNamespace,omitempty"`
Query *AuthzUserQuery `json:"query,omitempty"`
}
AuthzRelation defines a relation between resource and target
type AuthzRelationDefinition ¶ added in v1.5.7
type AuthzRelationDefinition struct {
Name string `json:"name"`
ComplexDefinition *AuthzNode `json:"complexDefinition,omitempty"`
}
AuthzRelationDefinition defines a relation within a namespace
type AuthzRelationQuery ¶ added in v1.5.7
type AuthzRelationQuery struct {
Resource string `json:"resource"`
RelationDefinition string `json:"relationDefinition"`
Namespace string `json:"namespace"`
Target string `json:"target"`
HasRelation bool `json:"hasRelation"`
}
AuthzRelationQuery queries the service if a given relation exists
type AuthzSchema ¶ added in v1.5.7
type AuthzSchema struct {
Name string `json:"name,omitempty"`
Namespaces []*AuthzNamespace `json:"namespaces"`
}
AuthzSchema holds the full schema (all namespaces) for a project
type AuthzUserQuery ¶ added in v1.5.7
type AuthzUserQuery struct {
Tenants []string `json:"tenants,omitempty"`
Roles []string `json:"roles,omitempty"`
Text string `json:"text,omitempty"`
Statuses []UserStatus `json:"userStatus,omitempty"`
SSOOnly bool `json:"ssoOnly"`
WithTestUser bool `json:"withTestUser,omitempty"`
CustomAttributes map[string]any `json:"customAttributes,omitempty"`
}
AuthzUserQuery represents a target of a relation for ABAC (query on users)
type BatchUser ¶ added in v1.5.7
type BatchUser struct {
LoginID string `json:"loginId,omitempty"`
Password *BatchUserPassword `json:"password,omitempty"`
UserRequest `json:",inline"`
}
type BatchUserPassword ¶ added in v1.5.7
type BatchUserPassword struct {
Cleartext string
Hashed *BatchUserPasswordHashed
}
Set a cleartext or prehashed password for a new user (only one should be set).
type BatchUserPasswordBcrypt ¶ added in v1.6.1
type BatchUserPasswordBcrypt struct {
Hash string `json:"hash"` // the bcrypt hash in plaintext format, for example "$2a$..."
}
type BatchUserPasswordDjango ¶ added in v1.6.1
type BatchUserPasswordDjango struct {
Hash string `json:"hash"` // the django hash in plaintext format, for example "pbkdf2_sha256$..."
}
type BatchUserPasswordFirebase ¶ added in v1.6.1
type BatchUserPasswordFirebase struct {
Hash []byte `json:"hash"` // the hash in raw bytes (base64 strings should be decoded first)
Salt []byte `json:"salt"` // the salt in raw bytes (base64 strings should be decoded first)
SaltSeparator []byte `json:"saltSeparator"` // the salt separator (usually 1 byte long)
SignerKey []byte `json:"signerKey"` // the signer key (base64 strings should be decoded first)
Memory int `json:"memory"` // the memory cost value (usually between 12 to 17)
Rounds int `json:"rounds"` // the rounds cost value (usually between 6 to 10)
}
type BatchUserPasswordHashed ¶ added in v1.5.7
type BatchUserPasswordHashed struct {
Bcrypt *BatchUserPasswordBcrypt `json:"bcrypt,omitempty"`
Firebase *BatchUserPasswordFirebase `json:"firebase,omitempty"`
Pbkdf2 *BatchUserPasswordPbkdf2 `json:"pbkdf2,omitempty"`
Django *BatchUserPasswordDjango `json:"django,omitempty"`
}
Set the kind of prehashed password for a user (only one should be set).
type BatchUserPasswordPbkdf2 ¶ added in v1.6.1
type BatchUserPasswordPbkdf2 struct {
Hash []byte `json:"hash"` // the hash in raw bytes (base64 strings should be decoded first)
Salt []byte `json:"salt"` // the salt in raw bytes (base64 strings should be decoded first)
Iterations int `json:"iterations"` // the iterations cost value (usually in the thousands)
Type string `json:"type"` // the hash name (sha1, sha256, sha512)
}
type CloneProjectResponse ¶ added in v1.6.1
type ContextKey ¶ added in v0.9.4
type ContextKey string
type DeliveryMethod ¶ added in v0.9.4
type DeliveryMethod string
type EnchantedLinkResponse ¶ added in v0.9.4
type EnchantedLinkResponse struct {
PendingRef string `json:"pendingRef,omitempty"` // Pending referral code used to poll enchanted link authentication status
LinkID string `json:"linkId,omitempty"` // Link id, on which link the user should click
MaskedEmail string `json:"maskedEmail,omitempty"` // Masked email to which the email was sent
}
type Error ¶ added in v0.9.4
type Error struct {
Code string `json:"errorCode,omitempty"`
Description string `json:"errorDescription,omitempty"`
Message string `json:"errorMessage,omitempty"`
Info map[string]any `json:"-"`
}
func (*Error) IsNotFound ¶ added in v0.9.4
func (*Error) IsUnauthorized ¶ added in v0.9.4
type ExportSnapshotResponse ¶ added in v1.6.3
type Flow ¶ added in v1.1.0
type Flow struct {
FlowMetadata
DSL any `json:"dsl"`
ETag string `json:"etag,omitempty"`
}
type FlowMetadata ¶ added in v1.5.3
type FlowResponse ¶ added in v1.1.0
type FlowsResponse ¶ added in v1.5.3
type FlowsResponse struct {
Flows []*FlowMetadata `json:"flows"`
Total int `json:"total"`
}
type Group ¶ added in v0.9.4
type Group struct {
ID string `json:"id"`
Display string `json:"display,omitempty"`
Members []GroupMember `json:"members,omitempty"`
}
type GroupMember ¶ added in v0.9.4
type GroupsMapping ¶ added in v1.5.0
type ImportSnapshotRequest ¶ added in v1.6.3
type ImportSnapshotRequest struct {
// All project settings and configurations represented as JSON files
Files map[string]any `json:"files"`
// An optional map of project entities and their secrets that will be
// injected into the snapshot before import (see below)
InputSecrets *SnapshotSecrets `json:"inputSecrets,omitempty"`
}
type InviteOptions ¶ added in v1.5.6
type InviteOptions struct {
InviteURL string `json:"inviteUrl,omitempty"`
SendMail *bool `json:"sendMail,omitempty"` // send invite via mail, default is according to project settings
SendSMS *bool `json:"sendSMS,omitempty"` // send invite via text message, default is according to project settings
TemplateOptions map[string]string `json:"templateOptions,omitempty"` // for providing messaging template options (templates that are being sent via email / text message)
}
type JWTResponse ¶ added in v0.9.4
type JWTResponse struct {
SessionJwt string `json:"sessionJwt,omitempty"`
RefreshJwt string `json:"refreshJwt,omitempty"`
CookieDomain string `json:"cookieDomain,omitempty"`
CookiePath string `json:"cookiePath,omitempty"`
CookieMaxAge int32 `json:"cookieMaxAge,omitempty"`
CookieExpiration int32 `json:"cookieExpiration,omitempty"`
User *UserResponse `json:"user,omitempty"`
FirstSeen bool `json:"firstSeen,omitempty"`
}
type LoginOptions ¶ added in v0.9.4
type LoginOptions struct {
Stepup bool `json:"stepup,omitempty"`
MFA bool `json:"mfa,omitempty"`
CustomClaims map[string]interface{} `json:"customClaims,omitempty"`
TemplateOptions map[string]string `json:"templateOptions,omitempty"` // for providing messaging template options (templates that are being sent via email / text message)
}
func (*LoginOptions) IsJWTRequired ¶ added in v0.9.4
func (lo *LoginOptions) IsJWTRequired() bool
type OAuthProvider ¶ added in v0.9.4
type OAuthProvider string
type OIDCApplicationRequest ¶ added in v1.6.1
type OIDCAttributeMapping ¶ added in v1.6.1
type OIDCAttributeMapping struct {
LoginID string `json:"loginId,omitempty"`
Name string `json:"name,omitempty"`
GivenName string `json:"givenName,omitempty"`
MiddleName string `json:"middleName,omitempty"`
FamilyName string `json:"familyName,omitempty"`
Email string `json:"email,omitempty"`
VerifiedEmail string `json:"verifiedEmail,omitempty"`
Username string `json:"username,omitempty"`
PhoneNumber string `json:"phoneNumber,omitempty"`
VerifiedPhone string `json:"verifiedPhone,omitempty"`
Picture string `json:"picture,omitempty"`
}
type PasswordPolicy ¶ added in v1.1.0
type PasswordPolicy struct {
MinLength int32 `json:"minLength,omitempty"`
Lowercase bool `json:"lowercase,omitempty"`
Uppercase bool `json:"uppercase,omitempty"`
Number bool `json:"number,omitempty"`
NonAlphanumeric bool `json:"nonAlphanumeric,omitempty"`
}
PasswordPolicy - represents the rules for valid passwords configured in the policy in the Descope console. This can be used to implement client-side validation of new user passwords for a better user experience. Either way, the comprehensive policy is always enforced by Descope on the server side.
type PasswordSettings ¶ added in v1.6.1
type PasswordSettings struct {
Enabled bool `json:"enabled,omitempty"`
MinLength int32 `json:"minLength,omitempty"`
Lowercase bool `json:"lowercase,omitempty"`
Uppercase bool `json:"uppercase,omitempty"`
Number bool `json:"number,omitempty"`
NonAlphanumeric bool `json:"nonAlphanumeric,omitempty"`
Expiration bool `json:"expiration,omitempty"`
ExpirationWeeks int32 `json:"expirationWeeks,omitempty"`
Reuse bool `json:"reuse,omitempty"`
ReuseAmount int32 `json:"reuseAmount,omitempty"`
Lock bool `json:"lock,omitempty"`
LockAttempts int32 `json:"lockAttempts,omitempty"`
}
type Permission ¶ added in v0.9.4
type ProjectTag ¶ added in v1.5.7
type ProjectTag string
type ProviderTokenResponse ¶ added in v1.5.3
type Role ¶ added in v0.9.4
type Role struct {
Name string `json:"name"`
Description string `json:"description,omitempty"`
PermissionNames []string `json:"permissionNames,omitempty"`
CreatedTime int32 `json:"createdTime,omitempty"`
TenantID string `json:"tenantId,omitempty"`
}
func (*Role) GetCreatedTime ¶ added in v1.5.0
type RoleMapping ¶ added in v0.9.4
Represents a mapping between a set of groups of users and a role that will be assigned to them.
type RoleSearchOptions ¶ added in v1.6.3
type SAMLApplicationRequest ¶ added in v1.6.1
type SAMLApplicationRequest struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Enabled bool `json:"enabled"`
Logo string `json:"logo"`
LoginPageURL string `json:"loginPageUrl"`
UseMetadataInfo bool `json:"useMetadataInfo"`
MetadataURL string `json:"metadataUrl"`
EntityID string `json:"entityId"`
AcsURL string `json:"acsUrl"`
Certificate string `json:"certificate"`
AttributeMapping []SAMLIDPAttributeMappingInfo `json:"attributeMapping"`
GroupsMapping []SAMLIDPGroupsMappingInfo `json:"groupsMapping"`
AcsAllowedCallbacks []string `json:"acsAllowedCallbacks"`
SubjectNameIDType string `json:"subjectNameIdType"`
SubjectNameIDFormat string `json:"subjectNameIdFormat"`
}
type SAMLIDPAttributeMappingInfo ¶ added in v1.6.1
type SAMLIDPGroupsMappingInfo ¶ added in v1.6.1
type SAMLIDPGroupsMappingInfo struct {
Name string `json:"name"`
Type string `json:"type"`
FilterType string `json:"filterType"`
Value string `json:"value"`
Roles []SAMLIDPRoleGroupMappingInfo `json:"roles"`
}
type SAMLIDPRoleGroupMappingInfo ¶ added in v1.6.1
type SSOApplication ¶ added in v1.6.1
type SSOApplication struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Enabled bool `json:"enabled"`
Logo string `json:"logo"`
AppType string `json:"appType"`
SAMLSettings *SSOApplicationSAMLSettings `json:"samlSettings"`
OIDCSettings *SSOApplicationOIDCSettings `json:"oidcSettings"`
}
type SSOApplicationOIDCSettings ¶ added in v1.6.1
type SSOApplicationSAMLSettings ¶ added in v1.6.1
type SSOApplicationSAMLSettings struct {
LoginPageURL string `json:"loginPageUrl"`
IdpCert string `json:"idpCert"`
UseMetadataInfo bool `json:"useMetadataInfo"`
MetadataURL string `json:"metadataUrl"`
EntityID string `json:"entityId"`
AcsURL string `json:"acsUrl"`
Certificate string `json:"certificate"`
AttributeMapping []SAMLIDPAttributeMappingInfo `json:"attributeMapping"`
GroupsMapping []SAMLIDPGroupsMappingInfo `json:"groupsMapping"`
IdpMetadataURL string `json:"idpMetadataUrl"`
IdpEntityID string `json:"idpEntityId"`
IdpSSOURL string `json:"idpSsoUrl"`
AcsAllowedCallbacks []string `json:"acsAllowedCallbacks"`
SubjectNameIDType string `json:"subjectNameIdType"`
SubjectNameIDFormat string `json:"subjectNameIdFormat"`
}
type SSOApplicationSearchOptions ¶ added in v1.6.1
type SSOOIDCSettings ¶ added in v1.6.1
type SSOOIDCSettings struct {
Name string `json:"name,omitempty"`
ClientID string `json:"clientId,omitempty"`
ClientSecret string `json:"clientSecret,omitempty"` // will be empty on response
RedirectURL string `json:"redirectUrl,omitempty"`
AuthURL string `json:"authUrl,omitempty"`
TokenURL string `json:"tokenUrl,omitempty"`
UserDataURL string `json:"userDataUrl,omitempty"`
Scope []string `json:"scope,omitempty"`
JWKsURL string `json:"JWKsUrl,omitempty"`
AttributeMapping *OIDCAttributeMapping `json:"userAttrMapping,omitempty"`
ManageProviderTokens bool `json:"manageProviderTokens,omitempty"`
CallbackDomain string `json:"callbackDomain,omitempty"`
Prompt []string `json:"prompt,omitempty"`
GrantType string `json:"grantType,omitempty"`
Issuer string `json:"issuer,omitempty"`
}
type SSOSAMLSettings ¶ added in v1.6.1
type SSOSAMLSettings struct {
IdpURL string `json:"idpUrl,omitempty"`
IdpEntityID string `json:"entityId,omitempty"`
IdpCert string `json:"idpCert,omitempty"`
AttributeMapping *AttributeMapping `json:"attributeMapping,omitempty"`
RoleMappings []*RoleMapping `json:"roleMappings,omitempty"`
}
type SSOSAMLSettingsByMetadata ¶ added in v1.6.1
type SSOSAMLSettingsByMetadata struct {
IdpMetadataURL string `json:"idpMetadataUrl,omitempty"`
AttributeMapping *AttributeMapping `json:"attributeMapping,omitempty"`
RoleMappings []*RoleMapping `json:"roleMappings,omitempty"`
}
type SSOSAMLSettingsResponse ¶ added in v1.6.1
type SSOSAMLSettingsResponse struct {
IdpEntityID string `json:"idpEntityId,omitempty"`
IdpSSOURL string `json:"idpSSOUrl,omitempty"`
IdpCertificate string `json:"idpCertificate,omitempty"`
IdpMetadataURL string `json:"idpMetadataUrl,omitempty"`
SpEntityID string `json:"spEntityId,omitempty"`
SpACSUrl string `json:"spACSUrl,omitempty"`
SpCertificate string `json:"spCertificate,omitempty"`
AttributeMapping *AttributeMapping `json:"attributeMapping,omitempty"`
GroupsMapping []*GroupsMapping `json:"groupsMapping,omitempty"`
RedirectURL string `json:"redirectUrl,omitempty"`
}
type SSOSettingsResponse ¶ added in v1.5.0
type SSOSettingsResponse struct {
TenantID string `json:"tenantId,omitempty"`
IdpEntityID string `json:"idpEntityId,omitempty"`
IdpSSOURL string `json:"idpSSOUrl,omitempty"`
IdpCertificate string `json:"idpCertificate,omitempty"`
IdpMetadataURL string `json:"idpMetadataUrl,omitempty"`
SpEntityID string `json:"spEntityId,omitempty"`
SpACSUrl string `json:"spACSUrl,omitempty"`
SpCertificate string `json:"spCertificate,omitempty"`
UserMapping *UserMapping `json:"userMapping,omitempty"`
GroupsMapping []*GroupsMapping `json:"groupsMapping,omitempty"`
RedirectURL string `json:"redirectUrl,omitempty"`
Domains []string `json:"domains,omitempty"`
// Deprecated - prefer using domains
Domain string `json:"domain,omitempty"`
}
type SSOTenantSettingsResponse ¶ added in v1.6.1
type SSOTenantSettingsResponse struct {
Tenant *Tenant `json:"tenant,omitempty"`
Saml *SSOSAMLSettingsResponse `json:"saml,omitempty"`
Oidc *SSOOIDCSettings `json:"oidc,omitempty"`
}
type SignUpOptions ¶ added in v1.6.1
type SnapshotSecret ¶ added in v1.6.3
type SnapshotSecret struct {
// The id of the project entity that requires this secret
ID string `json:"id"`
// The name of the project entity that requires this secret
Name string `json:"name"`
// The type of secret, e.g., "bearertoken", "password"
Type string `json:"type"`
// The cleartext value of the secret. This value must not be empty when used in
// request objects when calling ValidateSnapshot and ImportSnapshot. Conversely,
// this value is an empty string when returned in ValidateSnapshotResponse to
// signify that this is a missing secret.
Value string `json:"value,omitempty"`
}
type SnapshotSecrets ¶ added in v1.6.3
type SnapshotSecrets struct {
// Any missing or input secrets for connectors in a snapshot
Connectors []*SnapshotSecret `json:"connectors,omitempty"`
// Any missing or input secrets for OAuth providers in a snapshot
OAuthProviders []*SnapshotSecret `json:"oauthProviders,omitempty"`
}
type TOTPResponse ¶ added in v0.9.4
type TOTPResponse struct {
ProvisioningURL string `json:"provisioningURL,omitempty"`
Image string `json:"image,omitempty"`
Key string `json:"key,omitempty"`
}
TOTPResponse - returns all relevant data to complete a TOTP registration One can select which method of registration to use for handshaking with an Authenticator app
type TenantRequest ¶ added in v1.5.7
type TenantSearchOptions ¶ added in v1.5.7
type TenantSettings ¶ added in v1.6.1
type TenantSettings struct {
Domains []string `json:"domains,omitempty"`
SelfProvisioningDomains []string `json:"selfProvisioningDomains,omitempty"`
AuthType string `json:"authType,omitempty"`
SessionSettingsEnabled bool `json:"sessionSettingsEnabled,omitempty"`
RefreshTokenExpiration int32 `json:"refreshTokenExpiration,omitempty"`
RefreshTokenExpirationUnit string `json:"refreshTokenExpirationUnit,omitempty"`
SessionTokenExpiration int32 `json:"sessionTokenExpiration,omitempty"`
SessionTokenExpirationUnit string `json:"sessionTokenExpirationUnit,omitempty"`
StepupTokenExpiration int32 `json:"stepupTokenExpiration,omitempty"`
StepupTokenExpirationUnit string `json:"stepupTokenExpirationUnit,omitempty"`
EnableInactivity bool `json:"enableInactivity,omitempty"`
InactivityTime int32 `json:"inactivityTime,omitempty"`
InactivityTimeUnit string `json:"inactivityTimeUnit,omitempty"`
JITDisabled bool `json:"JITDisabled,omitempty"`
}
type Token ¶ added in v0.9.4
type Token struct {
RefreshExpiration int64 `json:"refreshExpiration,omitempty"`
Expiration int64 `json:"expiration,omitempty"`
JWT string `json:"jwt,omitempty"`
ID string `json:"id,omitempty"`
ProjectID string `json:"projectId,omitempty"`
Claims map[string]interface{} `json:"claims,omitempty"`
}
func (*Token) AuthFactors ¶ added in v0.9.4
func (to *Token) AuthFactors() []AuthFactor
func (*Token) CustomClaim ¶ added in v0.9.4
func (*Token) GetTenantValue ¶ added in v0.9.4
func (*Token) GetTenants ¶ added in v0.9.4
func (*Token) IsPermitted ¶ added in v1.5.2
type UpdateOptions ¶ added in v1.5.0
type UpdateOptions struct {
AddToLoginIDs bool `json:"addToLoginIDs,omitempty"`
OnMergeUseExisting bool `json:"onMergeUseExisting,omitempty"`
TemplateOptions map[string]string `json:"templateOptions,omitempty"` // for providing messaging template options (templates that are being sent via email / text message)
}
type UserHistoryResponse ¶ added in v1.6.2
type UserImportFailure ¶ added in v1.5.7
type UserImportResponse ¶ added in v1.5.7
type UserImportResponse struct {
Users []*UserResponse `json:"users,omitempty"`
Failures []*UserImportFailure `json:"failures,omitempty"`
}
type UserMapping ¶ added in v1.5.0
type UserRequest ¶ added in v1.5.0
type UserRequest struct {
User `json:",inline"`
Roles []string `json:"roles,omitempty"`
Tenants []*AssociatedTenant `json:"tenants,omitempty"`
CustomAttributes map[string]any `json:"customAttributes,omitempty"`
Picture string `json:"picture,omitempty"`
VerifiedEmail *bool `json:"verifiedEmail,omitempty"`
VerifiedPhone *bool `json:"verifiedPhone,omitempty"`
AdditionalLoginIDs []string `json:"additionalLoginIds,omitempty"`
SSOAppIDs []string `json:"ssoAppIDs,omitempty"`
}
type UserResponse ¶ added in v0.9.4
type UserResponse struct {
User `json:",inline"`
UserID string `json:"userId,omitempty"`
LoginIDs []string `json:"loginIds,omitempty"`
VerifiedEmail bool `json:"verifiedEmail,omitempty"`
VerifiedPhone bool `json:"verifiedPhone,omitempty"`
RoleNames []string `json:"roleNames,omitempty"`
UserTenants []*AssociatedTenant `json:"userTenants,omitempty"`
Status string `json:"status,omitempty"`
Picture string `json:"picture,omitempty"`
Test bool `json:"test,omitempty"`
CustomAttributes map[string]any `json:"customAttributes,omitempty"`
CreatedTime int32 `json:"createdTime,omitempty"`
TOTP bool `json:"totp,omitempty"`
WebAuthn bool `json:"webauthn,omitempty"`
Password bool `json:"password,omitempty"`
SAML bool `json:"saml,omitempty"`
OAuth map[string]bool `json:"oauth,omitempty"`
SSOAppIDs []string `json:"ssoAppIds,omitempty"`
}
func (*UserResponse) GetCreatedTime ¶ added in v1.5.0
func (ur *UserResponse) GetCreatedTime() time.Time
type UserSearchOptions ¶ added in v1.1.0
type UserSearchOptions struct {
Page int32
Limit int32
Sort []UserSearchSort
Text string
Emails []string
Phones []string
Statuses []UserStatus
Roles []string
TenantIDs []string
SSOAppIDs []string
CustomAttributes map[string]any
WithTestUsers bool
TestUsersOnly bool
}
Options for searching and filtering users
Limit - limits the number of returned users. Leave at 0 to return the default amount. Page - allows to paginate over the results. Pages start at 0 and must non-negative. Sort - allows to sort by fields. Text - allows free text search among all user's attributes. TenantIDs - filter by tenant IDs. Roles - filter by role names. CustomAttributes map is an optional filter for custom attributes: where the keys are the attribute names and the values are either a value we are searching for or list of these values in a slice. We currently support string, int and bool values
type UserSearchSort ¶ added in v1.6.1
type UserStatus ¶ added in v1.5.5
type UserStatus string
const ( UserStatusEnabled UserStatus = "enabled" UserStatusDisabled UserStatus = "disabled" UserStatusInvited UserStatus = "invited" )
type UsersBatchResponse ¶ added in v1.5.7
type UsersBatchResponse struct {
CreatedUsers []*UserResponse `json:"createdUsers,omitempty"`
FailedUsers []*UsersFailedResponse `json:"failedUsers,omitempty"`
}
type UsersFailedResponse ¶ added in v1.5.7
type UsersFailedResponse struct {
Failure string `json:"failure,omitempty"`
User *UserResponse `json:"user,omitempty"`
}
type ValidateSnapshotRequest ¶ added in v1.6.3
type ValidateSnapshotRequest struct {
// All project settings and configurations represented as JSON files
Files map[string]any `json:"files"`
// An optional map of project entities and their secrets that will be
// injected into the snapshot before validation (see below)
InputSecrets *SnapshotSecrets `json:"inputSecrets,omitempty"`
}
type ValidateSnapshotResponse ¶ added in v1.6.3
type ValidateSnapshotResponse struct {
// Whether the validation passed or not (true if and only if Failures is empty)
Ok bool `json:"ok"`
// A string representation of any validation failures that were found
Failures []string `json:"failures,omitempty"`
// An optional object that lists which if any secret values need to be provided in
// the request for an ImportSnapshot call so it doesn't fail (see below)
MissingSecrets *SnapshotSecrets `json:"missingSecrets,omitempty"`
}
type WebAuthnFinishRequest ¶ added in v0.9.4
type WebAuthnTransactionResponse ¶ added in v0.9.4
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.