Skip to main content

akeyless_api/models/
auth_method_update_oidc.rs

1/*
2 * Akeyless API
3 *
4 * The purpose of this application is to provide access to Akeyless API.
5 *
6 * The version of the OpenAPI document: 3.0
7 * Contact: support@akeyless.io
8 * Generated by: https://openapi-generator.tech
9 */
10
11use crate::models;
12use serde::{Deserialize, Serialize};
13
14/// AuthMethodUpdateOidc : authMethodUpdateOIDC is a command that updates a new auth method that will be available to authenticate using OIDC.
15#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
16pub struct AuthMethodUpdateOidc {
17    /// Access expiration date in Unix timestamp (select 0 for access without expiry date)
18    #[serde(rename = "access-expires", skip_serializing_if = "Option::is_none")]
19    pub access_expires: Option<i64>,
20    /// limit the auth method usage for specific client types [cli,ui,gateway-admin,sdk,mobile,extension]
21    #[serde(rename = "allowed-client-type", skip_serializing_if = "Option::is_none")]
22    pub allowed_client_type: Option<Vec<String>>,
23    /// Allowed redirect URIs after the authentication
24    #[serde(rename = "allowed-redirect-uri", skip_serializing_if = "Option::is_none")]
25    pub allowed_redirect_uri: Option<Vec<String>>,
26    /// Audience claim to be used as part of the authentication flow. In case set, it must match the one configured on the Identity Provider's Application
27    #[serde(rename = "audience", skip_serializing_if = "Option::is_none")]
28    pub audience: Option<String>,
29    /// Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\"
30    #[serde(rename = "audit-logs-claims", skip_serializing_if = "Option::is_none")]
31    pub audit_logs_claims: Option<Vec<String>>,
32    /// A CIDR whitelist with the IPs that the access is restricted to
33    #[serde(rename = "bound-ips", skip_serializing_if = "Option::is_none")]
34    pub bound_ips: Option<Vec<String>>,
35    /// Client ID
36    #[serde(rename = "client-id", skip_serializing_if = "Option::is_none")]
37    pub client_id: Option<String>,
38    /// Client Secret
39    #[serde(rename = "client-secret", skip_serializing_if = "Option::is_none")]
40    pub client_secret: Option<String>,
41    /// Protection from accidental deletion of this object [true/false]
42    #[serde(rename = "delete_protection", skip_serializing_if = "Option::is_none")]
43    pub delete_protection: Option<String>,
44    /// Auth Method description
45    #[serde(rename = "description", skip_serializing_if = "Option::is_none")]
46    pub description: Option<String>,
47    /// How many days before the expiration of the auth method would you like to be notified.
48    #[serde(rename = "expiration-event-in", skip_serializing_if = "Option::is_none")]
49    pub expiration_event_in: Option<Vec<String>>,
50    /// if true: enforce role-association must include sub claims
51    #[serde(rename = "force-sub-claims", skip_serializing_if = "Option::is_none")]
52    pub force_sub_claims: Option<bool>,
53    /// A CIDR whitelist with the GW IPs that the access is restricted to
54    #[serde(rename = "gw-bound-ips", skip_serializing_if = "Option::is_none")]
55    pub gw_bound_ips: Option<Vec<String>>,
56    /// Issuer URL
57    #[serde(rename = "issuer", skip_serializing_if = "Option::is_none")]
58    pub issuer: Option<String>,
59    /// Set output format to JSON
60    #[serde(rename = "json", skip_serializing_if = "Option::is_none")]
61    pub json: Option<bool>,
62    /// Jwt TTL
63    #[serde(rename = "jwt-ttl", skip_serializing_if = "Option::is_none")]
64    pub jwt_ttl: Option<i64>,
65    /// Auth Method name
66    #[serde(rename = "name")]
67    pub name: String,
68    /// Auth Method new name
69    #[serde(rename = "new-name", skip_serializing_if = "Option::is_none")]
70    pub new_name: Option<String>,
71    /// Choose the relevant product type for the auth method [sm, sra, pm, dp, ca]
72    #[serde(rename = "product-type", skip_serializing_if = "Option::is_none")]
73    pub product_type: Option<Vec<String>>,
74    /// RequiredScopes is a list of required scopes that the oidc method will request from the oidc provider and the user must approve
75    #[serde(rename = "required-scopes", skip_serializing_if = "Option::is_none")]
76    pub required_scopes: Option<Vec<String>>,
77    /// RequiredScopesPrefix is a a prefix to add to all required-scopes when requesting them from the oidc server (for example, azures' Application ID URI)
78    #[serde(rename = "required-scopes-prefix", skip_serializing_if = "Option::is_none")]
79    pub required_scopes_prefix: Option<String>,
80    /// A list of additional sub claims delimiters (relevant only for SAML, OIDC, OAuth2/JWT)
81    #[serde(rename = "subclaims-delimiters", skip_serializing_if = "Option::is_none")]
82    pub subclaims_delimiters: Option<Vec<String>>,
83    /// Authentication token (see `/auth` and `/configure`)
84    #[serde(rename = "token", skip_serializing_if = "Option::is_none")]
85    pub token: Option<String>,
86    /// The universal identity token, Required only for universal_identity authentication
87    #[serde(rename = "uid-token", skip_serializing_if = "Option::is_none")]
88    pub uid_token: Option<String>,
89    /// A unique identifier (ID) value should be configured for OIDC, OAuth2, LDAP and SAML authentication method types and is usually a value such as the email, username, or upn for example. Whenever a user logs in with a token, these authentication types issue a \"sub claim\" that contains details uniquely identifying that user. This sub claim includes a key containing the ID value that you configured, and is used to distinguish between different users from within the same organization.
90    #[serde(rename = "unique-identifier")]
91    pub unique_identifier: String,
92}
93
94impl AuthMethodUpdateOidc {
95    /// authMethodUpdateOIDC is a command that updates a new auth method that will be available to authenticate using OIDC.
96    pub fn new(name: String, unique_identifier: String) -> AuthMethodUpdateOidc {
97        AuthMethodUpdateOidc {
98            access_expires: None,
99            allowed_client_type: None,
100            allowed_redirect_uri: None,
101            audience: None,
102            audit_logs_claims: None,
103            bound_ips: None,
104            client_id: None,
105            client_secret: None,
106            delete_protection: None,
107            description: None,
108            expiration_event_in: None,
109            force_sub_claims: None,
110            gw_bound_ips: None,
111            issuer: None,
112            json: None,
113            jwt_ttl: None,
114            name,
115            new_name: None,
116            product_type: None,
117            required_scopes: None,
118            required_scopes_prefix: None,
119            subclaims_delimiters: None,
120            token: None,
121            uid_token: None,
122            unique_identifier,
123        }
124    }
125}
126