1
0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-01 00:08:27 +01:00
unleash.unleash/frontend/src/openapi/models/oidcSettingsResponseSchema.ts

44 lines
2.7 KiB
TypeScript
Raw Normal View History

2024-09-23 16:41:55 +02:00
/**
* Generated by Orval
* Do not edit manually.
* See `gen:api` script in package.json
*/
import type { OidcSettingsResponseSchemaDefaultRootRole } from './oidcSettingsResponseSchemaDefaultRootRole';
import type { OidcSettingsResponseSchemaIdTokenSigningAlgorithm } from './oidcSettingsResponseSchemaIdTokenSigningAlgorithm';
/**
* Response for OpenID Connect settings
*/
export interface OidcSettingsResponseSchema {
/** Authentication Context Class Reference, used to request extra values in the acr claim returned from the server. If multiple values are required, they should be space separated.
Consult [the OIDC reference](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint) for more information
*/
acrValues?: string;
/** When enabled Unleash will also request the 'groups' scope as part of the login request. */
addGroupsScope?: boolean;
/** Auto create users based on email addresses from login tokens */
autoCreate?: boolean;
/** The OIDC client ID of this application. */
clientId?: string;
/** [Default role](https://docs.getunleash.io/reference/rbac#standard-roles) granted to users auto-created from email. Only relevant if autoCreate is `true` */
defaultRootRole?: OidcSettingsResponseSchemaDefaultRootRole;
/** Assign this root role to auto created users. Should be a role ID and takes precedence over `defaultRootRole`. */
defaultRootRoleId?: number;
/** The [.well-known OpenID discover URL](https://swagger.io/docs/specification/authentication/openid-connect-discovery/) */
discoverUrl?: string;
/** Comma separated list of email domains that are automatically approved for an account in the server. Only relevant if autoCreate is `true` */
emailDomains?: string;
/** Whether to enable or disable OpenID Connect for this instance */
enabled?: boolean;
/** Should we enable group syncing. Refer to the documentation [Group syncing](https://docs.getunleash.io/how-to/how-to-set-up-group-sso-sync) */
enableGroupSyncing?: boolean;
/** Support Single sign out when user clicks logout in Unleash. If `true` user is signed out of all OpenID Connect sessions against the clientId they may have active */
enableSingleSignOut?: boolean;
/** Specifies the path in the OIDC token response to read which groups the user belongs to from. */
groupJsonPath?: string;
/** The signing algorithm used to sign our token. Refer to the [JWT signatures](https://jwt.io/introduction) documentation for more information. */
idTokenSigningAlgorithm?: OidcSettingsResponseSchemaIdTokenSigningAlgorithm;
/** Shared secret from OpenID server. Used to authenticate login requests */
secret?: string;
}