goauthentik
diff --git a/‎.openapi-generator/FILES‎
Lines changed: 2 additions & 2 deletions b/‎.openapi-generator/FILES‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎README.md‎
Lines changed: 1 addition & 1 deletion b/‎README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Sources/authentikClient/APIs/ProvidersAPI.swift‎
Lines changed: 18 additions & 3 deletions b/‎Sources/authentikClient/APIs/ProvidersAPI.swift‎
Lines changed: 18 additions & 3 deletions
diff --git a/‎Sources/authentikClient/APIs/SourcesAPI.swift‎
Lines changed: 1 addition & 0 deletions b/‎Sources/authentikClient/APIs/SourcesAPI.swift‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Sources/authentikClient/Models/PatchedSAMLProviderRequest.swift‎
Lines changed: 5 additions & 1 deletion b/‎Sources/authentikClient/Models/PatchedSAMLProviderRequest.swift‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎Sources/authentikClient/Models/PatchedSAMLSourceRequest.swift‎
Lines changed: 2 additions & 2 deletions b/‎Sources/authentikClient/Models/PatchedSAMLSourceRequest.swift‎
Lines changed: 2 additions & 2 deletions
@@ -289,7 +289,6 @@ Sources/authentikClient/Models/ModelRequest.swift
 Sources/authentikClient/Models/MutualTLSStage.swift
 Sources/authentikClient/Models/MutualTLSStageModeEnum.swift
 Sources/authentikClient/Models/MutualTLSStageRequest.swift
-Sources/authentikClient/Models/NameIdPolicyEnum.swift
 Sources/authentikClient/Models/NetworkBindingEnum.swift
 Sources/authentikClient/Models/NotConfiguredActionEnum.swift
 Sources/authentikClient/Models/Notification.swift
@@ -648,6 +647,7 @@ Sources/authentikClient/Models/RoleAssignedObjectPermission.swift
 Sources/authentikClient/Models/RoleObjectPermission.swift
 Sources/authentikClient/Models/RoleRequest.swift
 Sources/authentikClient/Models/SAMLMetadata.swift
+Sources/authentikClient/Models/SAMLNameIDPolicyEnum.swift
 Sources/authentikClient/Models/SAMLPropertyMapping.swift
 Sources/authentikClient/Models/SAMLPropertyMappingRequest.swift
 Sources/authentikClient/Models/SAMLProvider.swift
@@ -1048,7 +1048,6 @@ docs/ModelRequest.md
 docs/MutualTLSStage.md
 docs/MutualTLSStageModeEnum.md
 docs/MutualTLSStageRequest.md
-docs/NameIdPolicyEnum.md
 docs/NetworkBindingEnum.md
 docs/NotConfiguredActionEnum.md
 docs/Notification.md
@@ -1415,6 +1414,7 @@ docs/RoleObjectPermission.md
 docs/RoleRequest.md
 docs/RootAPI.md
 docs/SAMLMetadata.md
+docs/SAMLNameIDPolicyEnum.md
 docs/SAMLPropertyMapping.md
 docs/SAMLPropertyMappingRequest.md
 docs/SAMLProvider.md
 
@@ -1286,7 +1286,6 @@ Class | Method | HTTP request | Description
  - [MutualTLSStage](docs/MutualTLSStage.md)
  - [MutualTLSStageModeEnum](docs/MutualTLSStageModeEnum.md)
  - [MutualTLSStageRequest](docs/MutualTLSStageRequest.md)
- - [NameIdPolicyEnum](docs/NameIdPolicyEnum.md)
  - [NetworkBindingEnum](docs/NetworkBindingEnum.md)
  - [NotConfiguredActionEnum](docs/NotConfiguredActionEnum.md)
  - [Notification](docs/Notification.md)
@@ -1645,6 +1644,7 @@ Class | Method | HTTP request | Description
  - [RoleObjectPermission](docs/RoleObjectPermission.md)
  - [RoleRequest](docs/RoleRequest.md)
  - [SAMLMetadata](docs/SAMLMetadata.md)
+ - [SAMLNameIDPolicyEnum](docs/SAMLNameIDPolicyEnum.md)
  - [SAMLPropertyMapping](docs/SAMLPropertyMapping.md)
  - [SAMLPropertyMappingRequest](docs/SAMLPropertyMappingRequest.md)
  - [SAMLProvider](docs/SAMLProvider.md)
 
@@ -3830,6 +3830,18 @@ open class ProvidersAPI {
         return localVariableRequestBuilder.init(method: "POST", URLString: (localVariableUrlComponents?.string ?? localVariableURLString), parameters: localVariableParameters, headers: localVariableHeaderParameters, requiresAuthentication: true, apiConfiguration: apiConfiguration)
     }
 
+    /**
+     * enum for parameter defaultNameIdPolicy
+     */
+    public enum DefaultNameIdPolicy_providersSamlList: String, Sendable, CaseIterable {
+        case urnOasisNamesTcSaml1Period1NameidFormatX509subjectname = "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"
+        case urnOasisNamesTcSaml1Period1NameidFormatEmailaddress = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+        case urnOasisNamesTcSaml1Period1NameidFormatUnspecified = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+        case urnOasisNamesTcSaml2Period0NameidFormatWindowsdomainqualifiedname = "urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName"
+        case urnOasisNamesTcSaml2Period0NameidFormatPersistent = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+        case urnOasisNamesTcSaml2Period0NameidFormatTransient = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
+    }
+
     /**
      * enum for parameter digestAlgorithm
      */
@@ -3873,6 +3885,7 @@ open class ProvidersAPI {
      - parameter authnContextClassRefMapping: (query)  (optional)
      - parameter authorizationFlow: (query)  (optional)
      - parameter backchannelApplication: (query)  (optional)
+     - parameter defaultNameIdPolicy: (query)  (optional)
      - parameter defaultRelayState: (query)  (optional)
      - parameter digestAlgorithm: (query)  (optional)
      - parameter encryptionKp: (query)  (optional)
@@ -3897,8 +3910,8 @@ open class ProvidersAPI {
      - returns: PaginatedSAMLProviderList
      */
     @available(macOS 10.15, iOS 13.0, tvOS 13.0, watchOS 6.0, *)
-    open class func providersSamlList(acsUrl: String? = nil, assertionValidNotBefore: String? = nil, assertionValidNotOnOrAfter: String? = nil, audience: String? = nil, authenticationFlow: UUID? = nil, authnContextClassRefMapping: UUID? = nil, authorizationFlow: UUID? = nil, backchannelApplication: UUID? = nil, defaultRelayState: String? = nil, digestAlgorithm: DigestAlgorithm_providersSamlList? = nil, encryptionKp: UUID? = nil, invalidationFlow: UUID? = nil, isBackchannel: Bool? = nil, issuer: String? = nil, name: String? = nil, nameIdMapping: UUID? = nil, ordering: String? = nil, page: Int? = nil, pageSize: Int? = nil, propertyMappings: [UUID]? = nil, search: String? = nil, sessionValidNotOnOrAfter: String? = nil, signAssertion: Bool? = nil, signResponse: Bool? = nil, signatureAlgorithm: SignatureAlgorithm_providersSamlList? = nil, signingKp: UUID? = nil, spBinding: SpBinding_providersSamlList? = nil, verificationKp: UUID? = nil, apiConfiguration: authentikClientAPIConfiguration = authentikClientAPIConfiguration.shared) async throws(ErrorResponse) -> PaginatedSAMLProviderList {
-        return try await providersSamlListWithRequestBuilder(acsUrl: acsUrl, assertionValidNotBefore: assertionValidNotBefore, assertionValidNotOnOrAfter: assertionValidNotOnOrAfter, audience: audience, authenticationFlow: authenticationFlow, authnContextClassRefMapping: authnContextClassRefMapping, authorizationFlow: authorizationFlow, backchannelApplication: backchannelApplication, defaultRelayState: defaultRelayState, digestAlgorithm: digestAlgorithm, encryptionKp: encryptionKp, invalidationFlow: invalidationFlow, isBackchannel: isBackchannel, issuer: issuer, name: name, nameIdMapping: nameIdMapping, ordering: ordering, page: page, pageSize: pageSize, propertyMappings: propertyMappings, search: search, sessionValidNotOnOrAfter: sessionValidNotOnOrAfter, signAssertion: signAssertion, signResponse: signResponse, signatureAlgorithm: signatureAlgorithm, signingKp: signingKp, spBinding: spBinding, verificationKp: verificationKp, apiConfiguration: apiConfiguration).execute().body
+    open class func providersSamlList(acsUrl: String? = nil, assertionValidNotBefore: String? = nil, assertionValidNotOnOrAfter: String? = nil, audience: String? = nil, authenticationFlow: UUID? = nil, authnContextClassRefMapping: UUID? = nil, authorizationFlow: UUID? = nil, backchannelApplication: UUID? = nil, defaultNameIdPolicy: DefaultNameIdPolicy_providersSamlList? = nil, defaultRelayState: String? = nil, digestAlgorithm: DigestAlgorithm_providersSamlList? = nil, encryptionKp: UUID? = nil, invalidationFlow: UUID? = nil, isBackchannel: Bool? = nil, issuer: String? = nil, name: String? = nil, nameIdMapping: UUID? = nil, ordering: String? = nil, page: Int? = nil, pageSize: Int? = nil, propertyMappings: [UUID]? = nil, search: String? = nil, sessionValidNotOnOrAfter: String? = nil, signAssertion: Bool? = nil, signResponse: Bool? = nil, signatureAlgorithm: SignatureAlgorithm_providersSamlList? = nil, signingKp: UUID? = nil, spBinding: SpBinding_providersSamlList? = nil, verificationKp: UUID? = nil, apiConfiguration: authentikClientAPIConfiguration = authentikClientAPIConfiguration.shared) async throws(ErrorResponse) -> PaginatedSAMLProviderList {
+        return try await providersSamlListWithRequestBuilder(acsUrl: acsUrl, assertionValidNotBefore: assertionValidNotBefore, assertionValidNotOnOrAfter: assertionValidNotOnOrAfter, audience: audience, authenticationFlow: authenticationFlow, authnContextClassRefMapping: authnContextClassRefMapping, authorizationFlow: authorizationFlow, backchannelApplication: backchannelApplication, defaultNameIdPolicy: defaultNameIdPolicy, defaultRelayState: defaultRelayState, digestAlgorithm: digestAlgorithm, encryptionKp: encryptionKp, invalidationFlow: invalidationFlow, isBackchannel: isBackchannel, issuer: issuer, name: name, nameIdMapping: nameIdMapping, ordering: ordering, page: page, pageSize: pageSize, propertyMappings: propertyMappings, search: search, sessionValidNotOnOrAfter: sessionValidNotOnOrAfter, signAssertion: signAssertion, signResponse: signResponse, signatureAlgorithm: signatureAlgorithm, signingKp: signingKp, spBinding: spBinding, verificationKp: verificationKp, apiConfiguration: apiConfiguration).execute().body
     }
 
     /**
@@ -3915,6 +3928,7 @@ open class ProvidersAPI {
      - parameter authnContextClassRefMapping: (query)  (optional)
      - parameter authorizationFlow: (query)  (optional)
      - parameter backchannelApplication: (query)  (optional)
+     - parameter defaultNameIdPolicy: (query)  (optional)
      - parameter defaultRelayState: (query)  (optional)
      - parameter digestAlgorithm: (query)  (optional)
      - parameter encryptionKp: (query)  (optional)
@@ -3938,7 +3952,7 @@ open class ProvidersAPI {
      - parameter apiConfiguration: The configuration for the http request.
      - returns: RequestBuilder<PaginatedSAMLProviderList> 
      */
-    open class func providersSamlListWithRequestBuilder(acsUrl: String? = nil, assertionValidNotBefore: String? = nil, assertionValidNotOnOrAfter: String? = nil, audience: String? = nil, authenticationFlow: UUID? = nil, authnContextClassRefMapping: UUID? = nil, authorizationFlow: UUID? = nil, backchannelApplication: UUID? = nil, defaultRelayState: String? = nil, digestAlgorithm: DigestAlgorithm_providersSamlList? = nil, encryptionKp: UUID? = nil, invalidationFlow: UUID? = nil, isBackchannel: Bool? = nil, issuer: String? = nil, name: String? = nil, nameIdMapping: UUID? = nil, ordering: String? = nil, page: Int? = nil, pageSize: Int? = nil, propertyMappings: [UUID]? = nil, search: String? = nil, sessionValidNotOnOrAfter: String? = nil, signAssertion: Bool? = nil, signResponse: Bool? = nil, signatureAlgorithm: SignatureAlgorithm_providersSamlList? = nil, signingKp: UUID? = nil, spBinding: SpBinding_providersSamlList? = nil, verificationKp: UUID? = nil, apiConfiguration: authentikClientAPIConfiguration = authentikClientAPIConfiguration.shared) -> RequestBuilder<PaginatedSAMLProviderList> {
+    open class func providersSamlListWithRequestBuilder(acsUrl: String? = nil, assertionValidNotBefore: String? = nil, assertionValidNotOnOrAfter: String? = nil, audience: String? = nil, authenticationFlow: UUID? = nil, authnContextClassRefMapping: UUID? = nil, authorizationFlow: UUID? = nil, backchannelApplication: UUID? = nil, defaultNameIdPolicy: DefaultNameIdPolicy_providersSamlList? = nil, defaultRelayState: String? = nil, digestAlgorithm: DigestAlgorithm_providersSamlList? = nil, encryptionKp: UUID? = nil, invalidationFlow: UUID? = nil, isBackchannel: Bool? = nil, issuer: String? = nil, name: String? = nil, nameIdMapping: UUID? = nil, ordering: String? = nil, page: Int? = nil, pageSize: Int? = nil, propertyMappings: [UUID]? = nil, search: String? = nil, sessionValidNotOnOrAfter: String? = nil, signAssertion: Bool? = nil, signResponse: Bool? = nil, signatureAlgorithm: SignatureAlgorithm_providersSamlList? = nil, signingKp: UUID? = nil, spBinding: SpBinding_providersSamlList? = nil, verificationKp: UUID? = nil, apiConfiguration: authentikClientAPIConfiguration = authentikClientAPIConfiguration.shared) -> RequestBuilder<PaginatedSAMLProviderList> {
         let localVariablePath = "/providers/saml/"
         let localVariableURLString = apiConfiguration.basePath + localVariablePath
         let localVariableParameters: [String: any Sendable]? = nil
@@ -3953,6 +3967,7 @@ open class ProvidersAPI {
             "authn_context_class_ref_mapping": (wrappedValue: authnContextClassRefMapping?.asParameter(codableHelper: apiConfiguration.codableHelper), isExplode: true),
             "authorization_flow": (wrappedValue: authorizationFlow?.asParameter(codableHelper: apiConfiguration.codableHelper), isExplode: true),
             "backchannel_application": (wrappedValue: backchannelApplication?.asParameter(codableHelper: apiConfiguration.codableHelper), isExplode: true),
+            "default_name_id_policy": (wrappedValue: defaultNameIdPolicy?.asParameter(codableHelper: apiConfiguration.codableHelper), isExplode: true),
             "default_relay_state": (wrappedValue: defaultRelayState?.asParameter(codableHelper: apiConfiguration.codableHelper), isExplode: true),
             "digest_algorithm": (wrappedValue: digestAlgorithm?.asParameter(codableHelper: apiConfiguration.codableHelper), isExplode: true),
             "encryption_kp": (wrappedValue: encryptionKp?.asParameter(codableHelper: apiConfiguration.codableHelper), isExplode: true),
 
@@ -4030,6 +4030,7 @@ open class SourcesAPI {
     public enum NameIdPolicy_sourcesSamlList: String, Sendable, CaseIterable {
         case urnOasisNamesTcSaml1Period1NameidFormatX509subjectname = "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"
         case urnOasisNamesTcSaml1Period1NameidFormatEmailaddress = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+        case urnOasisNamesTcSaml1Period1NameidFormatUnspecified = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
         case urnOasisNamesTcSaml2Period0NameidFormatWindowsdomainqualifiedname = "urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName"
         case urnOasisNamesTcSaml2Period0NameidFormatPersistent = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
         case urnOasisNamesTcSaml2Period0NameidFormatTransient = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
 
@@ -53,8 +53,9 @@ public struct PatchedSAMLProviderRequest: Sendable, Codable, ParameterConvertibl
     public var spBinding: SpBindingEnum?
     /** Default relay_state value for IDP-initiated logins */
     public var defaultRelayState: String?
+    public var defaultNameIdPolicy: SAMLNameIDPolicyEnum?
 
-    public init(name: String? = nil, authenticationFlow: UUID? = nil, authorizationFlow: UUID? = nil, invalidationFlow: UUID? = nil, propertyMappings: [UUID]? = nil, acsUrl: String? = nil, audience: String? = nil, issuer: String? = nil, assertionValidNotBefore: String? = nil, assertionValidNotOnOrAfter: String? = nil, sessionValidNotOnOrAfter: String? = nil, nameIdMapping: UUID? = nil, authnContextClassRefMapping: UUID? = nil, digestAlgorithm: DigestAlgorithmEnum? = nil, signatureAlgorithm: SignatureAlgorithmEnum? = nil, signingKp: UUID? = nil, verificationKp: UUID? = nil, encryptionKp: UUID? = nil, signAssertion: Bool? = nil, signResponse: Bool? = nil, spBinding: SpBindingEnum? = nil, defaultRelayState: String? = nil) {
+    public init(name: String? = nil, authenticationFlow: UUID? = nil, authorizationFlow: UUID? = nil, invalidationFlow: UUID? = nil, propertyMappings: [UUID]? = nil, acsUrl: String? = nil, audience: String? = nil, issuer: String? = nil, assertionValidNotBefore: String? = nil, assertionValidNotOnOrAfter: String? = nil, sessionValidNotOnOrAfter: String? = nil, nameIdMapping: UUID? = nil, authnContextClassRefMapping: UUID? = nil, digestAlgorithm: DigestAlgorithmEnum? = nil, signatureAlgorithm: SignatureAlgorithmEnum? = nil, signingKp: UUID? = nil, verificationKp: UUID? = nil, encryptionKp: UUID? = nil, signAssertion: Bool? = nil, signResponse: Bool? = nil, spBinding: SpBindingEnum? = nil, defaultRelayState: String? = nil, defaultNameIdPolicy: SAMLNameIDPolicyEnum? = nil) {
         self.name = name
         self.authenticationFlow = authenticationFlow
         self.authorizationFlow = authorizationFlow
@@ -77,6 +78,7 @@ public struct PatchedSAMLProviderRequest: Sendable, Codable, ParameterConvertibl
         self.signResponse = signResponse
         self.spBinding = spBinding
         self.defaultRelayState = defaultRelayState
+        self.defaultNameIdPolicy = defaultNameIdPolicy
     }
 
     public enum CodingKeys: String, CodingKey, CaseIterable {
@@ -102,6 +104,7 @@ public struct PatchedSAMLProviderRequest: Sendable, Codable, ParameterConvertibl
         case signResponse = "sign_response"
         case spBinding = "sp_binding"
         case defaultRelayState = "default_relay_state"
+        case defaultNameIdPolicy = "default_name_id_policy"
     }
 
     // Encodable protocol methods
@@ -130,6 +133,7 @@ public struct PatchedSAMLProviderRequest: Sendable, Codable, ParameterConvertibl
         try container.encodeIfPresent(signResponse, forKey: .signResponse)
         try container.encodeIfPresent(spBinding, forKey: .spBinding)
         try container.encodeIfPresent(defaultRelayState, forKey: .defaultRelayState)
+        try container.encodeIfPresent(defaultNameIdPolicy, forKey: .defaultNameIdPolicy)
     }
 }
 
@@ -43,7 +43,7 @@ public struct PatchedSAMLSourceRequest: Sendable, Codable, ParameterConvertible,
     /** Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done. */
     public var allowIdpInitiated: Bool?
     /** NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. */
-    public var nameIdPolicy: NameIdPolicyEnum?
+    public var nameIdPolicy: SAMLNameIDPolicyEnum?
     public var bindingType: BindingTypeEnum?
     /** When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default. */
     public var verificationKp: UUID?
@@ -56,7 +56,7 @@ public struct PatchedSAMLSourceRequest: Sendable, Codable, ParameterConvertible,
     /** When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key. */
     public var encryptionKp: UUID?
 
-    public init(name: String? = nil, slug: String? = nil, enabled: Bool? = nil, authenticationFlow: UUID? = nil, enrollmentFlow: UUID? = nil, userPropertyMappings: [UUID]? = nil, groupPropertyMappings: [UUID]? = nil, policyEngineMode: PolicyEngineMode? = nil, userMatchingMode: UserMatchingModeEnum? = nil, userPathTemplate: String? = nil, groupMatchingMode: GroupMatchingModeEnum? = nil, preAuthenticationFlow: UUID? = nil, issuer: String? = nil, ssoUrl: String? = nil, sloUrl: String? = nil, allowIdpInitiated: Bool? = nil, nameIdPolicy: NameIdPolicyEnum? = nil, bindingType: BindingTypeEnum? = nil, verificationKp: UUID? = nil, signingKp: UUID? = nil, digestAlgorithm: DigestAlgorithmEnum? = nil, signatureAlgorithm: SignatureAlgorithmEnum? = nil, temporaryUserDeleteAfter: String? = nil, encryptionKp: UUID? = nil) {
+    public init(name: String? = nil, slug: String? = nil, enabled: Bool? = nil, authenticationFlow: UUID? = nil, enrollmentFlow: UUID? = nil, userPropertyMappings: [UUID]? = nil, groupPropertyMappings: [UUID]? = nil, policyEngineMode: PolicyEngineMode? = nil, userMatchingMode: UserMatchingModeEnum? = nil, userPathTemplate: String? = nil, groupMatchingMode: GroupMatchingModeEnum? = nil, preAuthenticationFlow: UUID? = nil, issuer: String? = nil, ssoUrl: String? = nil, sloUrl: String? = nil, allowIdpInitiated: Bool? = nil, nameIdPolicy: SAMLNameIDPolicyEnum? = nil, bindingType: BindingTypeEnum? = nil, verificationKp: UUID? = nil, signingKp: UUID? = nil, digestAlgorithm: DigestAlgorithmEnum? = nil, signatureAlgorithm: SignatureAlgorithmEnum? = nil, temporaryUserDeleteAfter: String? = nil, encryptionKp: UUID? = nil) {
         self.name = name
         self.slug = slug
         self.enabled = enabled