feat: new sdk reference with snippets

docs/reference/openapi/accept-o-auth-2-consent-request.ParamsDetails.json

@@ -0,0 +1,11 @@
+{
+  "parameters": [
+    {
+      "description": "OAuth 2.0 Consent Request Challenge",
+      "in": "query",
+      "name": "consent_challenge",
+      "required": true,
+      "schema": { "type": "string" }
+    }
+  ]
+}

docs/reference/openapi/accept-o-auth-2-consent-request.RequestSchema.json

@@ -0,0 +1,51 @@
+{
+  "title": "Body",
+  "body": {
+    "content": {
+      "application/json": {
+        "schema": {
+          "properties": {
+            "context": {
+              "title": "JSONRawMessage represents a json.RawMessage that works well with JSON, SQL, and Swagger.",
+              "type": "object"
+            },
+            "grant_access_token_audience": {
+              "description": "GrantedAudience sets the audience the user authorized the client to use. Should be a subset of `requested_access_token_audience`.",
+              "items": { "type": "string" },
+              "type": "array"
+            },
+            "grant_scope": {
+              "description": "GrantScope sets the scope the user authorized the client to use. Should be a subset of `requested_scope`.",
+              "items": { "type": "string" },
+              "type": "array"
+            },
+            "remember": {
+              "description": "Remember, if set to true, tells ORY Hydra to remember this consent authorization and reuse it if the same\nclient asks the same user for the same, or a subset of, scope.",
+              "type": "boolean"
+            },
+            "remember_for": {
+              "description": "RememberFor sets how long the consent authorization should be remembered for in seconds. If set to `0`, the\nauthorization will be remembered indefinitely.",
+              "format": "int64",
+              "type": "integer"
+            },
+            "session": {
+              "properties": {
+                "access_token": {
+                  "description": "AccessToken sets session data for the access and refresh token, as well as any future tokens issued by the\nrefresh grant. Keep in mind that this data will be available to anyone performing OAuth 2.0 Challenge Introspection.\nIf only your services can perform OAuth 2.0 Challenge Introspection, this is usually fine. But if third parties\ncan access that endpoint as well, sensitive data from the session might be exposed to them. Use with care!"
+                },
+                "id_token": {
+                  "description": "IDToken sets session data for the OpenID Connect ID token. Keep in mind that the session'id payloads are readable\nby anyone that has access to the ID Challenge. Use with care!"
+                }
+              },
+              "title": "Pass session data to a consent request.",
+              "type": "object"
+            }
+          },
+          "title": "The request payload used to accept a consent request.",
+          "type": "object"
+        }
+      }
+    },
+    "x-originalParamName": "Body"
+  }
+}

docs/reference/openapi/accept-o-auth-2-consent-request.StatusCodes.json

@@ -0,0 +1,57 @@
+{
+  "responses": {
+    "200": {
+      "content": {
+        "application/json": {
+          "schema": {
+            "description": "Contains a redirect URL used to complete a login, consent, or logout request.",
+            "properties": {
+              "redirect_to": {
+                "description": "RedirectURL is the URL which you should redirect the user's browser to once the authentication process is completed.",
+                "type": "string"
+              }
+            },
+            "required": ["redirect_to"],
+            "title": "OAuth 2.0 Redirect Browser To",
+            "type": "object"
+          }
+        }
+      },
+      "description": "oAuth2RedirectTo"
+    },
+    "default": {
+      "content": {
+        "application/json": {
+          "schema": {
+            "description": "Error",
+            "properties": {
+              "error": { "description": "Error", "type": "string" },
+              "error_debug": {
+                "description": "Error Debug Information\n\nOnly available in dev mode.",
+                "type": "string"
+              },
+              "error_description": {
+                "description": "Error Description",
+                "type": "string"
+              },
+              "error_hint": {
+                "description": "Error Hint\n\nHelps the user identify the error cause.",
+                "example": "The redirect URL is not allowed.",
+                "type": "string"
+              },
+              "status_code": {
+                "description": "HTTP Status Code",
+                "example": 401,
+                "format": "int64",
+                "type": "integer"
+              }
+            },
+            "type": "object",
+            "title": "errorOAuth2"
+          }
+        }
+      },
+      "description": "errorOAuth2"
+    }
+  }
+}

docs/reference/openapi/accept-o-auth-2-consent-request.api.mdx

@@ -0,0 +1,52 @@
+---
+id: accept-o-auth-2-consent-request
+title: "Accept OAuth 2.0 Consent Request"
+description: "When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider"
+sidebar_label: "Accept OAuth 2.0 Consent Request"
+hide_title: true
+hide_table_of_contents: true
+api: eJztOmtvGzmSf6WWg0OkQ6s7Fyz2gwYB1mN7Jt6ZSXy2g8HACmyqu6Rm3E32kmzLvY7++6HIfktynJ3MYT9EH2yJj2K9WE8+sgRNrEVhhZJszn5LUQKXwEubKi3+xWkcYpVgAGm11CIJQGkQeZGJWFh4d1TaFF6FL+HHTG1AGBBSWMEtJgG80xVwc2fApgiZWgsJhVb3IkG9kFa5Q1BaEXOLbo0plx8xtsBlQr8lWMwyB0aqDfClKi0IG8LZari8BycJIMXIpAh5aazbt0TCAhMQq4WkfR3Sx5lAaWGTijjtMHfAV0SPSVWZJQ5ClqkNTSngcYzGE6XRqFLHaEDJPkovDCwx5dkqXMiFvEoRYiUNHRWnPMtQrpF4xYsCZeKh2t6ihksvDLy/+IVmPYbDE0qDesbXtGGy1GpjUE8JqsZEaIwdISqE3ukL2UCmzUQC72NkFazQOk6slM697GvCHM9egcZ/lmhGEjJORGIklDjGwmKykEqDxo81Qo5pDkbNGmEAZVIoIW0PmMOsDy7lplXKGk4nxtiLsZPNQC6pMFGKupPI1R5Wg5BxViZogCeJIMp51udDAKaMU+AGDBpDjEm45bBSujmTWHJ2AlbdoTSB++lZspDNYQ33OrUqDSYEdMmNMA7aqrSlbplkWgXSaAoCQ5hbLqQB3kraaUmnIju01ee1y2lRT3usak9JcMXLzO5hjwF+z0XGlxnCveBeArqCX7nka0zgKI5VKS2cPhSoBcoYQ7hSEJfGqlz8C/diFkCRITe4kCnyBNQ96uYudNJNVFzmKK2TQ8gCpgrU7sdZwubMK5rXz2MP/8IzjwWs4JrnaFEbNr9+HBm7nh2o8ao3wnFzJ1jABC39Z4m6YgGTPEc2ZzUdN3FvHUlMaEzY3OoSA2biFHPO5o/MVgVtMlYLuWbb7Qe/GI39QSUVrSCZorT0lRdkWh150UdDeD72QBWaiLcCTbvtwW2zwmZ0yD8u37294Jtf0Ri+Jq0pNBKqpC4ELuxNuku2UfrOwIYM7UbYFAhAAJf/+4tX4csNX69RE9trMpS7kGwbsLXm0t549b9xen/Dy8TJnlAaMvsnWozJUb0ADFpvQ5strVaO73l3u0uDIVx2Npmsg0ELagW3NUcx2Y/QLVEgLOZmj0Ra2rjWvOpIM7EqDpFySXMdFW7pVyPBQftClDXmmC9R7+J7Uc8EZJDoMLpipKONwb34Hd5UieY00YABS6a5ubDDeIAUQ2NpEIRt7T7PydJ5QluvT6OeI2TbmhEXQ/RIDzz7ekq2VCpDLvt03azUE7T9qLQXRqo2kCm5HtibIfqd+W1gY+LwExIMxkomxsUYNatuX94G3o4PwWxElo2ACJngiuIIzCqixrsPNmdC2r/9tSNPSItr1ERe7U52L3dfjXfpPnKzVzTp6d5xS+5uda5J40qjSb1/CsjnuDtPblVWjdfxzguEMSUmsKw82c1WdylC+BmxIFblwgUBzlEL4w9ueNL5CnLKslISoUBN/BBy3Y/A2ujjTFqtTIGxM/MLebYCJbMKKlWSaPW9IH8ec9kA+jyUwGMmKFYqeZZVsBISQ/ihrNVW6AQK7li+kAS6je247cKSmlcBGJRGWHGPNZe1yr1O17zPxTq1RD4+FMq0cV0ewnuD3rzGXONfSO4iOSTas5PPifVdgfLshLyWJHfeRB37RdOi90IQsVWmeGKAuxiDJySjhVxWjZDcJhds1Zzw3phOa3i8Sw1Zo9r/nHMzQpoUAEYR0B530oNx1QWJDcI+UKoDvMI+D+I2YA8zpcVaSJ6dUyTw1rtv53adafExlbtvr16+/CJXPBTa8YGorME7VnmRoSWL7zKhoCHA2cJMrSm36dEytAUNyBur9plAP0nHCW92u3iwUuXB8I+yFJ83EIaq8cG9dIqEWGjlNMF5A09E0uN2G9X0I6DrAcYfOtF2V7bBGn6oUbhS+0U4JFa5OK/ZfKWYW+GC1j8gvVOtld7hOrrRg4t3PLJbf5Pgslwf2AUnNAlnXV5Bgfc7MnOdxRQSEryHXCW4h8/dMT3ohw7rxg7CSYVn1z4AbwTljAv5BrPCdMGNSEg9Vs47gIMCMafAhgUMHzjpSHuLe1dBGJDKNpn0XtKM5bY0N1Rv2MXpzdXVOVy6FXBMK3qn/fXl/zzD227HCtYppiPDJxH71G44TV47LrWwlcsqlK567pjNrz9QiG/5mpKOWmPpEpAxqmaaW8xELuxsWcZ3SPimFHzNeJILOUvFOmW0lphw6cjzuUvG5ZrYWhV46TBjAcv4EjM2Z39Xuop87MUC5nNfIjwvlLbwuJAAUKfwR4UI/O9jJVdiXfpUqh47OphMLeTWO7wXvcNefE/qQZbMpYwdOHgNEjfDIybT75u1vBBn0lhOJsevbJGbDOBM3QEZthlp64Xm4NXme4iiZyRyMGlSWwrCfZiGydTDPpxCzp/gCJ0ME1X4YsG048QjeD0OvAPcwmvgGy4GZIeHz5x4UYwJriV0eN9CTr9n26DVlJ9UT0Mkp7ilrxwFj+8oC8y5cFaoVpbJQi7sokktF8z/XOXtV2X8N1Wg5IWoI/4FWwublsswVnnUKchsrWi1Y86qlLE7bTIllVzYMYUwfw0LNh69qS/5ghG/vdDhEzxD5nTGYXbRaf89ICJ8i5vD4p5M6fzD8/AJRtrgKOzdiflr2DlvdEMcyoWo65L7Nhydn/nZ0UWhnRTPBKADMsq0uYUU1tfr/Cx8gsBa5uEPPL5ba1XKZDKdhscjeUzGApo+BfMw/6fh6QPGpUVPtVg5rP/yGqTIvH4s7Cq34Y+FFtKuJsqElzZBrQNY1P5pQxXImGcZqcTtc2i8vZ3Df90vFnLBHJemnznnxzLLwDmeJlbs7fe7t/QniroCnbOSt0/gMK+tXRfFEIhdHFRpCYeLIeBnkdnHEk0xXcgt2zoXZJK7WaJiF+D0fAkFR2ItOaWBTxbVJtOmrObdUl0Re7IKVzvdw/iysb/dqaeRXRsW3/o1umEgMQb2vDrf6DxXpLOlllce9lhkrkqkxnx76nbZh57K72Xin07Zimemz8o/U2r+rM+zkSLRB0uZtZKeG3dYsfmhaClg9zwrcV/URIQ1e1s1b9d/U/dv6v6foO60JkebKmpeFKXvUtiUzVnkdDlSlIC/iuhv1LSBoppXkSeB4jjU901bo9QU4qXWFmYeRY+FVpTd3JisXG/D+pcJla54IYyL0Ny10ILyTVOXHtstPvOqU2pWZLzywcAO/b9TZY56QG/RUhsBzj0UICgh/K5KV65bUTGKCsW+k3jd30EcVhl+mDTIx36AkA1NGjXIR3GpNdG/RjszlmuLyTSsudkkY5eU3Xt6qJ8Wtxm/qyi7kVbMdB7p9BK59jXzbqUf2lnq5UJLqTfsa7T9gvBxnbUOBt8PRONMVphgrhoCe8ImoVIZ3EFWq1UmpFPIurfQqJqPemrFoMBnUNk1MOGZ4L6XeFtDqVsit3QNh0NfDt/336RIXOWp6QbvKUn6ZJhSbvryTD74kmg/UfdMJ/aPsuxxeeDKNVd8xbct3VL5SyL1WOVQ8Y7Oz+AOq07xNpuNw4VuBzkO0kS6aiYqUBuK6WeeZTOH4zRkwTNURle/UX+t4DEeFeJnrL4Yb9+gIwCzDO8x+/8nYxswqp9ddC3L06bs0m9Bfq4heN1Y9Q+j9lp/omti+SbqsPnzst8uIbyoQd9gwWPn1jHnglTNlAXls3/3+tW1boljl36O7ZR5vvP9g6SMfW3upN969s3+LIOiXGYidl0VZ7GFsdql184YHp2fmRCOhhM06Iyha2ksm84MPY9whXQO9zwTCZzXQgKv6v4ShXDuT3RQqHKfK2OzyheXhWyquP6xwHffweXJz6Z+W9E0z8ETukRfx/OQ+iXHpp9fa5Z/N9Ie2C3lxoFvexErRfU8shNUdij5Gs2c0PgEv9S/wX8+wYnaSFfMvzz5Gf6dD4HoC+QrfT4RtrPBB8YDX/75CiD2gyVsT7i2A8ZcF+UyTPC+swT1QFTXeQxVZW58HWG6l7fXF6dHJ7+edhBGFR2T3EXLTC2jnBuLuq7wmPp/lHBtIw8izJNpn7fh29Or4VGyXKMNlV4PLVc73GH9TlehL2JE06+JrbISd/B12J5m4kHo/lEpPoRF3h3lfz+Xs18BW3Qo7cX2JzU+qgN98Li2OPenaMJa7epBje0/+D0fHpXze5RDTTDIdZyG7UxEHdoVj21kUnJuhMOs4fcfxvYjv+cH9Jaw9Qljq7dF/tEMWev0thludCLqFcmnX5O35Jm9x+rjPMZ28hs5FfeYb/rvoj2rt/8pyHvgAxKAaDh/cz5SRY+ZMCNrMRge3MQR1/8w0kVa7FFnx/HzyqY9N0TYVoUYIVqPNKlMT3mj3dv3x7F1KO21FBflshoepctltcbcDDHuj0b0ZXDfviq2dNSBu3dBz3cHR8VUCzKhUL1ssRmqvx3E9Ctha/Z7OOqziBilcSFxE2gWPE6RqhUsGGXodPe4m3Y8rvea6Jez49O3l6ezV+HLMLV55rIn1Ll5t7r0D2CoSmCV6TUum5CTMnrUPjZmGTHDxbeFMjbnso+Xf0FxsJYyTvN7TfVvz8O/PQ//9jz82/Pw/+zn4XXxgsoSUZFx4YpQzgA/1pXWa+bydtbW9AJWF+AavrKgqU7TnK+5fghYqoyl7Y+PS27wvc62Wxr2r8PdA3NhiAVNPfgJUzq5qOtt0+e0sg+R5dsd+56jN10S1/Zrar3ubUrAiJtUY2l7LccerZmrWnd7d55QdR2Wo6YOfXhtv859/v6KBWxZP3fPXaWUab4hlvONr6X73rl/70Zj/iEDVRDYnHmQVPNxkuoeRLc1q6aSe91OcVn1EHx89CtcSWW7ZQ3z6pLjh+12+3/wNmb6
+sidebar_class_name: "put api-method"
+info_path: reference/openapi/ory-apis
+custom_edit_url: null
+---
+
+import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint"
+import ParamsDetails from "@theme/ParamsDetails"
+import RequestSchema from "@theme/RequestSchema"
+import StatusCodes from "@theme/StatusCodes"
+import OperationTabs from "@theme/OperationTabs"
+import TabItem from "@theme/TabItem"
+import Heading from "@theme/Heading"
+import Translate from "@docusaurus/Translate"
+
+<Heading as={"h1"} className={"openapi__heading"} children={"Accept OAuth 2.0 Consent Request"}></Heading>
+
+<MethodEndpoint method={"put"} path={"/admin/oauth2/auth/requests/consent/accept"} context={"endpoint"}></MethodEndpoint>
+
+When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the
+subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which
+initiated the flow should be allowed to access the resources on the subject's behalf.
+
+The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The
+consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or
+rejected the request.
+
+This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. The consent
+provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used
+as basis for future requests.
+
+The response contains a redirect URL which the consent provider should redirect the user-agent to.
+
+The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head
+over to the OAuth 2.0 documentation.
+
+<Heading id={"request"} as={"h2"} className={"openapi-tabs__heading"}>
+  <Translate id="theme.openapi.request.title">Request</Translate>
+</Heading>
+
+<ParamsDetails {...require("./accept-o-auth-2-consent-request.ParamsDetails.json")}></ParamsDetails>
+
+<RequestSchema {...require("./accept-o-auth-2-consent-request.RequestSchema.json")}></RequestSchema>
+
+<StatusCodes {...require("./accept-o-auth-2-consent-request.StatusCodes.json")}></StatusCodes>

docs/reference/openapi/accept-o-auth-2-login-request.ParamsDetails.json

@@ -0,0 +1,11 @@
+{
+  "parameters": [
+    {
+      "description": "OAuth 2.0 Login Request Challenge",
+      "in": "query",
+      "name": "login_challenge",
+      "required": true,
+      "schema": { "type": "string" }
+    }
+  ]
+}

docs/reference/openapi/accept-o-auth-2-login-request.RequestSchema.json

@@ -0,0 +1,55 @@
+{
+  "title": "Body",
+  "body": {
+    "content": {
+      "application/json": {
+        "schema": {
+          "properties": {
+            "acr": {
+              "description": "ACR sets the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it\nto express that, for example, a user authenticated using two-factor authentication.",
+              "type": "string"
+            },
+            "amr": {
+              "description": "AMR sets the Authentication Methods References value for this\nauthentication session. You can use it to specify the method a user used to\nauthenticate. For example, if the acr indicates a user used two-factor\nauthentication, the amr can express they used a software-secured key.",
+              "items": { "type": "string" },
+              "type": "array"
+            },
+            "context": {
+              "title": "JSONRawMessage represents a json.RawMessage that works well with JSON, SQL, and Swagger.",
+              "type": "object"
+            },
+            "extend_session_lifespan": {
+              "description": "Extend OAuth2 authentication session lifespan\n\nIf set to `true`, the OAuth2 authentication cookie lifespan is extended. This is for example useful if you want the user to be able to use `prompt=none` continuously.\n\nThis value can only be set to `true` if the user has an authentication, which is the case if the `skip` value is `true`.",
+              "type": "boolean"
+            },
+            "force_subject_identifier": {
+              "description": "ForceSubjectIdentifier forces the \"pairwise\" user ID of the end-user that authenticated. The \"pairwise\" user ID refers to the\n(Pairwise Identifier Algorithm)[http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg] of the OpenID\nConnect specification. It allows you to set an obfuscated subject (\"user\") identifier that is unique to the client.\n\nPlease note that this changes the user ID on endpoint /userinfo and sub claim of the ID Token. It does not change the\nsub claim in the OAuth 2.0 Introspection.\n\nPer default, ORY Hydra handles this value with its own algorithm. In case you want to set this yourself\nyou can use this field. Please note that setting this field has no effect if `pairwise` is not configured in\nORY Hydra or the OAuth 2.0 Client does not expect a pairwise identifier (set via `subject_type` key in the client's\nconfiguration).\n\nPlease also be aware that ORY Hydra is unable to properly compute this value during authentication. This implies\nthat you have to compute this value on every authentication process (probably depending on the client ID or some\nother unique value).\n\nIf you fail to compute the proper value, then authentication processes which have id_token_hint set might fail.",
+              "type": "string"
+            },
+            "identity_provider_session_id": {
+              "description": "IdentityProviderSessionID is the session ID of the end-user that authenticated.\nIf specified, we will use this value to propagate the logout.",
+              "type": "string"
+            },
+            "remember": {
+              "description": "Remember, if set to true, tells Ory Hydra to remember this user by telling the user agent (browser) to store\na cookie with authentication data. If the same user performs another OAuth 2.0 Authorization Request, they\nwill not be asked to log in again.",
+              "type": "boolean"
+            },
+            "remember_for": {
+              "description": "RememberFor sets how long the authentication should be remembered for in seconds. If set to `0`, the\nauthorization will be remembered for the duration of the browser session (using a session cookie).",
+              "format": "int64",
+              "type": "integer"
+            },
+            "subject": {
+              "description": "Subject is the user ID of the end-user that authenticated.",
+              "type": "string"
+            }
+          },
+          "required": ["subject"],
+          "title": "HandledLoginRequest is the request payload used to accept a login request.",
+          "type": "object"
+        }
+      }
+    },
+    "x-originalParamName": "Body"
+  }
+}

docs/reference/openapi/accept-o-auth-2-login-request.StatusCodes.json

@@ -0,0 +1,57 @@
+{
+  "responses": {
+    "200": {
+      "content": {
+        "application/json": {
+          "schema": {
+            "description": "Contains a redirect URL used to complete a login, consent, or logout request.",
+            "properties": {
+              "redirect_to": {
+                "description": "RedirectURL is the URL which you should redirect the user's browser to once the authentication process is completed.",
+                "type": "string"
+              }
+            },
+            "required": ["redirect_to"],
+            "title": "OAuth 2.0 Redirect Browser To",
+            "type": "object"
+          }
+        }
+      },
+      "description": "oAuth2RedirectTo"
+    },
+    "default": {
+      "content": {
+        "application/json": {
+          "schema": {
+            "description": "Error",
+            "properties": {
+              "error": { "description": "Error", "type": "string" },
+              "error_debug": {
+                "description": "Error Debug Information\n\nOnly available in dev mode.",
+                "type": "string"
+              },
+              "error_description": {
+                "description": "Error Description",
+                "type": "string"
+              },
+              "error_hint": {
+                "description": "Error Hint\n\nHelps the user identify the error cause.",
+                "example": "The redirect URL is not allowed.",
+                "type": "string"
+              },
+              "status_code": {
+                "description": "HTTP Status Code",
+                "example": 401,
+                "format": "int64",
+                "type": "integer"
+              }
+            },
+            "type": "object",
+            "title": "errorOAuth2"
+          }
+        }
+      },
+      "description": "errorOAuth2"
+    }
+  }
+}