Class: OryKratosClient::FrontendApi

Inherits:
Object
  • Object
show all
Defined in:
lib/ory-kratos-client/api/frontend_api.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(api_client = ApiClient.default) ⇒ FrontendApi

Returns a new instance of FrontendApi.



19
20
21
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 19

def initialize(api_client = ApiClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_clientObject

Returns the value of attribute api_client.



17
18
19
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 17

def api_client
  @api_client
end

Instance Method Details

#create_browser_login_flow(opts = {}) ⇒ LoginFlow

Create Login Flow for Browsers This endpoint initializes a browser-based user login flow. This endpoint will set the appropriate cookies and anti-CSRF measures required for browser-based flows. If this endpoint is opened as a link in the browser, it will be redirected to ‘selfservice.flows.login.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session exists already, the browser will be redirected to `urls.default_redirect_url` unless the query parameter `?refresh=true` was set. If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the `error.id` of the JSON response body can be one of: `session_already_available`: The user is already signed in. `session_aal1_required`: Multi-factor auth (e.g. 2fa) was requested but the user has no session yet. `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. `security_identity_mismatch`: The requested `?return_to` address is not allowed to be used. Adjust this in the configuration! The optional query parameter login_challenge is set when using Kratos with Hydra in an OAuth2 flow. See the oauth2_provider.url configuration option. This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, …) as cookies are needed. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :refresh (Boolean)

    Refresh a login session If set to true, this will refresh an existing login session by asking the user to sign in again. This will reset the authenticated_at time of the session.

  • :aal (String)

    Request a Specific AuthenticationMethod Assurance Level Use this parameter to upgrade an existing session's authenticator assurance level (AAL). This allows you to ask for multi-factor authentication. When an identity sign in using e.g. username+password, the AAL is 1. If you wish to "upgrade" the session's security by asking the user to perform TOTP / WebAuth/ … you would set this to "aal2".

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

  • :login_challenge (String)

    An optional Hydra login challenge. If present, Kratos will cooperate with Ory Hydra to act as an OAuth2 identity provider. The value for this parameter comes from `login_challenge` URL Query parameter sent to your application (e.g. `/login?login_challenge=abcde`).

  • :organization (String)

    An optional organization ID that should be used for logging this user in. This parameter is only effective in the Ory Network.

  • :via (String)

    Via should contain the identity's credential the code should be sent to. Only relevant in aal2 flows.

Returns:



33
34
35
36
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 33

def (opts = {})
  data, _status_code, _headers = (opts)
  data
end

#create_browser_login_flow_with_http_info(opts = {}) ⇒ Array<(LoginFlow, Integer, Hash)>

Create Login Flow for Browsers This endpoint initializes a browser-based user login flow. This endpoint will set the appropriate cookies and anti-CSRF measures required for browser-based flows. If this endpoint is opened as a link in the browser, it will be redirected to &#x60;selfservice.flows.login.ui_url&#x60; with the flow ID set as the query parameter &#x60;?flow&#x3D;&#x60;. If a valid user session exists already, the browser will be redirected to &#x60;urls.default_redirect_url&#x60; unless the query parameter &#x60;?refresh&#x3D;true&#x60; was set. If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;session_already_available&#x60;: The user is already signed in. &#x60;session_aal1_required&#x60;: Multi-factor auth (e.g. 2fa) was requested but the user has no session yet. &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. &#x60;security_identity_mismatch&#x60;: The requested &#x60;?return_to&#x60; address is not allowed to be used. Adjust this in the configuration! The optional query parameter login_challenge is set when using Kratos with Hydra in an OAuth2 flow. See the oauth2_provider.url configuration option. This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, …) as cookies are needed. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :refresh (Boolean)

    Refresh a login session If set to true, this will refresh an existing login session by asking the user to sign in again. This will reset the authenticated_at time of the session.

  • :aal (String)

    Request a Specific AuthenticationMethod Assurance Level Use this parameter to upgrade an existing session&#39;s authenticator assurance level (AAL). This allows you to ask for multi-factor authentication. When an identity sign in using e.g. username+password, the AAL is 1. If you wish to &quot;upgrade&quot; the session&#39;s security by asking the user to perform TOTP / WebAuth/ … you would set this to &quot;aal2&quot;.

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

  • :login_challenge (String)

    An optional Hydra login challenge. If present, Kratos will cooperate with Ory Hydra to act as an OAuth2 identity provider. The value for this parameter comes from &#x60;login_challenge&#x60; URL Query parameter sent to your application (e.g. &#x60;/login?login_challenge&#x3D;abcde&#x60;).

  • :organization (String)

    An optional organization ID that should be used for logging this user in. This parameter is only effective in the Ory Network.

  • :via (String)

    Via should contain the identity&#39;s credential the code should be sent to. Only relevant in aal2 flows.

Returns:

  • (Array<(LoginFlow, Integer, Hash)>)

    LoginFlow data, response status code and response headers



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 49

def (opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_browser_login_flow ...'
  end
  # resource path
  local_var_path = '/self-service/login/browser'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'refresh'] = opts[:'refresh'] if !opts[:'refresh'].nil?
  query_params[:'aal'] = opts[:'aal'] if !opts[:'aal'].nil?
  query_params[:'return_to'] = opts[:'return_to'] if !opts[:'return_to'].nil?
  query_params[:'login_challenge'] = opts[:'login_challenge'] if !opts[:'login_challenge'].nil?
  query_params[:'organization'] = opts[:'organization'] if !opts[:'organization'].nil?
  query_params[:'via'] = opts[:'via'] if !opts[:'via'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'LoginFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_browser_login_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_browser_login_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_browser_logout_flow(opts = {}) ⇒ LogoutFlow

Create a Logout URL for Browsers This endpoint initializes a browser-based user logout flow and a URL which can be used to log out the user. This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, …). For API clients you can call the ‘/self-service/logout/api` URL directly with the Ory Session Token. The URL is only valid for the currently signed in user. If no user is signed in, this endpoint returns a 401 error. When calling this endpoint from a backend, please ensure to properly forward the HTTP cookies.

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies If you call this endpoint from a backend, please include the original Cookie header in the request.

  • :return_to (String)

    Return to URL The URL to which the browser should be redirected to after the logout has been performed.

Returns:



106
107
108
109
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 106

def create_browser_logout_flow(opts = {})
  data, _status_code, _headers = create_browser_logout_flow_with_http_info(opts)
  data
end

#create_browser_logout_flow_with_http_info(opts = {}) ⇒ Array<(LogoutFlow, Integer, Hash)>

Create a Logout URL for Browsers This endpoint initializes a browser-based user logout flow and a URL which can be used to log out the user. This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, …). For API clients you can call the &#x60;/self-service/logout/api&#x60; URL directly with the Ory Session Token. The URL is only valid for the currently signed in user. If no user is signed in, this endpoint returns a 401 error. When calling this endpoint from a backend, please ensure to properly forward the HTTP cookies.

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies If you call this endpoint from a backend, please include the original Cookie header in the request.

  • :return_to (String)

    Return to URL The URL to which the browser should be redirected to after the logout has been performed.

Returns:

  • (Array<(LogoutFlow, Integer, Hash)>)

    LogoutFlow data, response status code and response headers



117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 117

def create_browser_logout_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_browser_logout_flow ...'
  end
  # resource path
  local_var_path = '/self-service/logout/browser'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'return_to'] = opts[:'return_to'] if !opts[:'return_to'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'LogoutFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_browser_logout_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_browser_logout_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_browser_recovery_flow(opts = {}) ⇒ RecoveryFlow

Create Recovery Flow for Browsers This endpoint initializes a browser-based account recovery flow. Once initialized, the browser will be redirected to ‘selfservice.flows.recovery.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session exists, the browser is returned to the configured return URL. If this endpoint is called via an AJAX request, the response contains the recovery flow without any redirects or a 400 bad request error if the user is already authenticated. This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, …) as cookies are needed. More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

Returns:



168
169
170
171
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 168

def create_browser_recovery_flow(opts = {})
  data, _status_code, _headers = create_browser_recovery_flow_with_http_info(opts)
  data
end

#create_browser_recovery_flow_with_http_info(opts = {}) ⇒ Array<(RecoveryFlow, Integer, Hash)>

Create Recovery Flow for Browsers This endpoint initializes a browser-based account recovery flow. Once initialized, the browser will be redirected to &#x60;selfservice.flows.recovery.ui_url&#x60; with the flow ID set as the query parameter &#x60;?flow&#x3D;&#x60;. If a valid user session exists, the browser is returned to the configured return URL. If this endpoint is called via an AJAX request, the response contains the recovery flow without any redirects or a 400 bad request error if the user is already authenticated. This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, …) as cookies are needed. More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

Returns:

  • (Array<(RecoveryFlow, Integer, Hash)>)

    RecoveryFlow data, response status code and response headers



178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 178

def create_browser_recovery_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_browser_recovery_flow ...'
  end
  # resource path
  local_var_path = '/self-service/recovery/browser'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'return_to'] = opts[:'return_to'] if !opts[:'return_to'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'RecoveryFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_browser_recovery_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_browser_recovery_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_browser_registration_flow(opts = {}) ⇒ RegistrationFlow

Create Registration Flow for Browsers This endpoint initializes a browser-based user registration flow. This endpoint will set the appropriate cookies and anti-CSRF measures required for browser-based flows. If this endpoint is opened as a link in the browser, it will be redirected to ‘selfservice.flows.registration.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session exists already, the browser will be redirected to `urls.default_redirect_url`. If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the `error.id` of the JSON response body can be one of: `session_already_available`: The user is already signed in. `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. `security_identity_mismatch`: The requested `?return_to` address is not allowed to be used. Adjust this in the configuration! If this endpoint is called via an AJAX request, the response contains the registration flow without a redirect. This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, …) as cookies are needed. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

  • :login_challenge (String)

    Ory OAuth 2.0 Login Challenge. If set will cooperate with Ory OAuth2 and OpenID to act as an OAuth2 server / OpenID Provider. The value for this parameter comes from &#x60;login_challenge&#x60; URL Query parameter sent to your application (e.g. &#x60;/registration?login_challenge&#x3D;abcde&#x60;). This feature is compatible with Ory Hydra when not running on the Ory Network.

  • :after_verification_return_to (String)

    The URL to return the browser to after the verification flow was completed. After the registration flow is completed, the user will be sent a verification email. Upon completing the verification flow, this URL will be used to override the default &#x60;selfservice.flows.verification.after.default_redirect_to&#x60; value.

  • :organization (String)

Returns:



231
232
233
234
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 231

def create_browser_registration_flow(opts = {})
  data, _status_code, _headers = create_browser_registration_flow_with_http_info(opts)
  data
end

#create_browser_registration_flow_with_http_info(opts = {}) ⇒ Array<(RegistrationFlow, Integer, Hash)>

Create Registration Flow for Browsers This endpoint initializes a browser-based user registration flow. This endpoint will set the appropriate cookies and anti-CSRF measures required for browser-based flows. If this endpoint is opened as a link in the browser, it will be redirected to &#x60;selfservice.flows.registration.ui_url&#x60; with the flow ID set as the query parameter &#x60;?flow&#x3D;&#x60;. If a valid user session exists already, the browser will be redirected to &#x60;urls.default_redirect_url&#x60;. If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;session_already_available&#x60;: The user is already signed in. &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. &#x60;security_identity_mismatch&#x60;: The requested &#x60;?return_to&#x60; address is not allowed to be used. Adjust this in the configuration! If this endpoint is called via an AJAX request, the response contains the registration flow without a redirect. This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, …) as cookies are needed. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

  • :login_challenge (String)

    Ory OAuth 2.0 Login Challenge. If set will cooperate with Ory OAuth2 and OpenID to act as an OAuth2 server / OpenID Provider. The value for this parameter comes from &#x60;login_challenge&#x60; URL Query parameter sent to your application (e.g. &#x60;/registration?login_challenge&#x3D;abcde&#x60;). This feature is compatible with Ory Hydra when not running on the Ory Network.

  • :after_verification_return_to (String)

    The URL to return the browser to after the verification flow was completed. After the registration flow is completed, the user will be sent a verification email. Upon completing the verification flow, this URL will be used to override the default &#x60;selfservice.flows.verification.after.default_redirect_to&#x60; value.

  • :organization (String)

Returns:

  • (Array<(RegistrationFlow, Integer, Hash)>)

    RegistrationFlow data, response status code and response headers



244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 244

def create_browser_registration_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_browser_registration_flow ...'
  end
  # resource path
  local_var_path = '/self-service/registration/browser'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'return_to'] = opts[:'return_to'] if !opts[:'return_to'].nil?
  query_params[:'login_challenge'] = opts[:'login_challenge'] if !opts[:'login_challenge'].nil?
  query_params[:'after_verification_return_to'] = opts[:'after_verification_return_to'] if !opts[:'after_verification_return_to'].nil?
  query_params[:'organization'] = opts[:'organization'] if !opts[:'organization'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'RegistrationFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_browser_registration_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_browser_registration_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_browser_settings_flow(opts = {}) ⇒ SettingsFlow

Create Settings Flow for Browsers This endpoint initializes a browser-based user settings flow. Once initialized, the browser will be redirected to ‘selfservice.flows.settings.ui_url` with the flow ID set as the query parameter `?flow=`. If no valid Ory Kratos Session Cookie is included in the request, a login flow will be initialized. If this endpoint is opened as a link in the browser, it will be redirected to `selfservice.flows.settings.ui_url` with the flow ID set as the query parameter `?flow=`. If no valid user session was set, the browser will be redirected to the login endpoint. If this endpoint is called via an AJAX request, the response contains the settings flow without any redirects or a 401 forbidden error if no valid session was set. Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor (happens automatically for server-side browser flows) or change the configuration. If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the `error.id` of the JSON response body can be one of: `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. `session_inactive`: No Ory Session was found - sign in a user first. `security_identity_mismatch`: The requested `?return_to` address is not allowed to be used. Adjust this in the configuration! This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, …) as cookies are needed. More information can be found at [Ory Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



298
299
300
301
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 298

def create_browser_settings_flow(opts = {})
  data, _status_code, _headers = create_browser_settings_flow_with_http_info(opts)
  data
end

#create_browser_settings_flow_with_http_info(opts = {}) ⇒ Array<(SettingsFlow, Integer, Hash)>

Create Settings Flow for Browsers This endpoint initializes a browser-based user settings flow. Once initialized, the browser will be redirected to &#x60;selfservice.flows.settings.ui_url&#x60; with the flow ID set as the query parameter &#x60;?flow&#x3D;&#x60;. If no valid Ory Kratos Session Cookie is included in the request, a login flow will be initialized. If this endpoint is opened as a link in the browser, it will be redirected to &#x60;selfservice.flows.settings.ui_url&#x60; with the flow ID set as the query parameter &#x60;?flow&#x3D;&#x60;. If no valid user session was set, the browser will be redirected to the login endpoint. If this endpoint is called via an AJAX request, the response contains the settings flow without any redirects or a 401 forbidden error if no valid session was set. Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor (happens automatically for server-side browser flows) or change the configuration. If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. &#x60;session_inactive&#x60;: No Ory Session was found - sign in a user first. &#x60;security_identity_mismatch&#x60;: The requested &#x60;?return_to&#x60; address is not allowed to be used. Adjust this in the configuration! This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, …) as cookies are needed. More information can be found at [Ory Kratos User Settings &amp; Profile Management Documentation](../self-service/flows/user-settings).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(SettingsFlow, Integer, Hash)>)

    SettingsFlow data, response status code and response headers



309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 309

def create_browser_settings_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_browser_settings_flow ...'
  end
  # resource path
  local_var_path = '/self-service/settings/browser'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'return_to'] = opts[:'return_to'] if !opts[:'return_to'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SettingsFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_browser_settings_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_browser_settings_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_browser_verification_flow(opts = {}) ⇒ VerificationFlow

Create Verification Flow for Browser Clients This endpoint initializes a browser-based account verification flow. Once initialized, the browser will be redirected to ‘selfservice.flows.verification.ui_url` with the flow ID set as the query parameter `?flow=`. If this endpoint is called via an AJAX request, the response contains the recovery flow without any redirects. This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, …). More information can be found at [Ory Kratos Email and Phone Verification Documentation](www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

Returns:



360
361
362
363
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 360

def create_browser_verification_flow(opts = {})
  data, _status_code, _headers = create_browser_verification_flow_with_http_info(opts)
  data
end

#create_browser_verification_flow_with_http_info(opts = {}) ⇒ Array<(VerificationFlow, Integer, Hash)>

Create Verification Flow for Browser Clients This endpoint initializes a browser-based account verification flow. Once initialized, the browser will be redirected to &#x60;selfservice.flows.verification.ui_url&#x60; with the flow ID set as the query parameter &#x60;?flow&#x3D;&#x60;. If this endpoint is called via an AJAX request, the response contains the recovery flow without any redirects. This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, …). More information can be found at [Ory Kratos Email and Phone Verification Documentation](www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

Returns:

  • (Array<(VerificationFlow, Integer, Hash)>)

    VerificationFlow data, response status code and response headers



370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 370

def create_browser_verification_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_browser_verification_flow ...'
  end
  # resource path
  local_var_path = '/self-service/verification/browser'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'return_to'] = opts[:'return_to'] if !opts[:'return_to'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'VerificationFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_browser_verification_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_browser_verification_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_native_login_flow(opts = {}) ⇒ LoginFlow

Create Login Flow for Native Apps This endpoint initiates a login flow for native apps that do not use a browser, such as mobile devices, smart TVs, and so on. If a valid provided session cookie or session token is provided, a 400 Bad Request error will be returned unless the URL query parameter ‘?refresh=true` is set. To fetch an existing login flow call `/self-service/login/flows?flow=<flow_id>`. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks, including CSRF login attacks. In the case of an error, the `error.id` of the JSON response body can be one of: `session_already_available`: The user is already signed in. `session_aal1_required`: Multi-factor auth (e.g. 2fa) was requested but the user has no session yet. `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :refresh (Boolean)

    Refresh a login session If set to true, this will refresh an existing login session by asking the user to sign in again. This will reset the authenticated_at time of the session.

  • :aal (String)

    Request a Specific AuthenticationMethod Assurance Level Use this parameter to upgrade an existing session&#39;s authenticator assurance level (AAL). This allows you to ask for multi-factor authentication. When an identity sign in using e.g. username+password, the AAL is 1. If you wish to &quot;upgrade&quot; the session&#39;s security by asking the user to perform TOTP / WebAuth/ … you would set this to &quot;aal2&quot;.

  • :x_session_token (String)

    The Session Token of the Identity performing the settings flow.

  • :return_session_token_exchange_code (Boolean)

    EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve the session token after the login flow has been completed.

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

  • :via (String)

    Via should contain the identity&#39;s credential the code should be sent to. Only relevant in aal2 flows.

Returns:



425
426
427
428
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 425

def (opts = {})
  data, _status_code, _headers = (opts)
  data
end

#create_native_login_flow_with_http_info(opts = {}) ⇒ Array<(LoginFlow, Integer, Hash)>

Create Login Flow for Native Apps This endpoint initiates a login flow for native apps that do not use a browser, such as mobile devices, smart TVs, and so on. If a valid provided session cookie or session token is provided, a 400 Bad Request error will be returned unless the URL query parameter &#x60;?refresh&#x3D;true&#x60; is set. To fetch an existing login flow call &#x60;/self-service/login/flows?flow&#x3D;&lt;flow_id&gt;&#x60;. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks, including CSRF login attacks. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;session_already_available&#x60;: The user is already signed in. &#x60;session_aal1_required&#x60;: Multi-factor auth (e.g. 2fa) was requested but the user has no session yet. &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :refresh (Boolean)

    Refresh a login session If set to true, this will refresh an existing login session by asking the user to sign in again. This will reset the authenticated_at time of the session.

  • :aal (String)

    Request a Specific AuthenticationMethod Assurance Level Use this parameter to upgrade an existing session&#39;s authenticator assurance level (AAL). This allows you to ask for multi-factor authentication. When an identity sign in using e.g. username+password, the AAL is 1. If you wish to &quot;upgrade&quot; the session&#39;s security by asking the user to perform TOTP / WebAuth/ … you would set this to &quot;aal2&quot;.

  • :x_session_token (String)

    The Session Token of the Identity performing the settings flow.

  • :return_session_token_exchange_code (Boolean)

    EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve the session token after the login flow has been completed.

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

  • :via (String)

    Via should contain the identity&#39;s credential the code should be sent to. Only relevant in aal2 flows.

Returns:

  • (Array<(LoginFlow, Integer, Hash)>)

    LoginFlow data, response status code and response headers



440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 440

def (opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_native_login_flow ...'
  end
  # resource path
  local_var_path = '/self-service/login/api'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'refresh'] = opts[:'refresh'] if !opts[:'refresh'].nil?
  query_params[:'aal'] = opts[:'aal'] if !opts[:'aal'].nil?
  query_params[:'return_session_token_exchange_code'] = opts[:'return_session_token_exchange_code'] if !opts[:'return_session_token_exchange_code'].nil?
  query_params[:'return_to'] = opts[:'return_to'] if !opts[:'return_to'].nil?
  query_params[:'via'] = opts[:'via'] if !opts[:'via'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'X-Session-Token'] = opts[:'x_session_token'] if !opts[:'x_session_token'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'LoginFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_native_login_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_native_login_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_native_recovery_flow(opts = {}) ⇒ RecoveryFlow

Create Recovery Flow for Native Apps This endpoint initiates a recovery flow for API clients such as mobile devices, smart TVs, and so on. If a valid provided session cookie or session token is provided, a 400 Bad Request error. On an existing recovery flow, use the ‘getRecoveryFlow` API endpoint. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:



494
495
496
497
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 494

def create_native_recovery_flow(opts = {})
  data, _status_code, _headers = create_native_recovery_flow_with_http_info(opts)
  data
end

#create_native_recovery_flow_with_http_info(opts = {}) ⇒ Array<(RecoveryFlow, Integer, Hash)>

Create Recovery Flow for Native Apps This endpoint initiates a recovery flow for API clients such as mobile devices, smart TVs, and so on. If a valid provided session cookie or session token is provided, a 400 Bad Request error. On an existing recovery flow, use the &#x60;getRecoveryFlow&#x60; API endpoint. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:

  • (Array<(RecoveryFlow, Integer, Hash)>)

    RecoveryFlow data, response status code and response headers



503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 503

def create_native_recovery_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_native_recovery_flow ...'
  end
  # resource path
  local_var_path = '/self-service/recovery/api'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'RecoveryFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_native_recovery_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_native_recovery_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_native_registration_flow(opts = {}) ⇒ RegistrationFlow

Create Registration Flow for Native Apps This endpoint initiates a registration flow for API clients such as mobile devices, smart TVs, and so on. If a valid provided session cookie or session token is provided, a 400 Bad Request error will be returned unless the URL query parameter ‘?refresh=true` is set. To fetch an existing registration flow call `/self-service/registration/flows?flow=<flow_id>`. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks. In the case of an error, the `error.id` of the JSON response body can be one of: `session_already_available`: The user is already signed in. `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_session_token_exchange_code (Boolean)

    EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve the session token after the login flow has been completed.

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

Returns:



553
554
555
556
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 553

def create_native_registration_flow(opts = {})
  data, _status_code, _headers = create_native_registration_flow_with_http_info(opts)
  data
end

#create_native_registration_flow_with_http_info(opts = {}) ⇒ Array<(RegistrationFlow, Integer, Hash)>

Create Registration Flow for Native Apps This endpoint initiates a registration flow for API clients such as mobile devices, smart TVs, and so on. If a valid provided session cookie or session token is provided, a 400 Bad Request error will be returned unless the URL query parameter &#x60;?refresh&#x3D;true&#x60; is set. To fetch an existing registration flow call &#x60;/self-service/registration/flows?flow&#x3D;&lt;flow_id&gt;&#x60;. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;session_already_available&#x60;: The user is already signed in. &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :return_session_token_exchange_code (Boolean)

    EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve the session token after the login flow has been completed.

  • :return_to (String)

    The URL to return the browser to after the flow was completed.

Returns:

  • (Array<(RegistrationFlow, Integer, Hash)>)

    RegistrationFlow data, response status code and response headers



564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 564

def create_native_registration_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_native_registration_flow ...'
  end
  # resource path
  local_var_path = '/self-service/registration/api'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'return_session_token_exchange_code'] = opts[:'return_session_token_exchange_code'] if !opts[:'return_session_token_exchange_code'].nil?
  query_params[:'return_to'] = opts[:'return_to'] if !opts[:'return_to'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'RegistrationFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_native_registration_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_native_registration_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_native_settings_flow(opts = {}) ⇒ SettingsFlow

Create Settings Flow for Native Apps This endpoint initiates a settings flow for API clients such as mobile devices, smart TVs, and so on. You must provide a valid Ory Kratos Session Token for this endpoint to respond with HTTP 200 OK. To fetch an existing settings flow call ‘/self-service/settings/flows?flow=<flow_id>`. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks. Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration. In the case of an error, the `error.id` of the JSON response body can be one of: `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. `session_inactive`: No Ory Session was found - sign in a user first. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    The Session Token of the Identity performing the settings flow.

Returns:



615
616
617
618
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 615

def create_native_settings_flow(opts = {})
  data, _status_code, _headers = create_native_settings_flow_with_http_info(opts)
  data
end

#create_native_settings_flow_with_http_info(opts = {}) ⇒ Array<(SettingsFlow, Integer, Hash)>

Create Settings Flow for Native Apps This endpoint initiates a settings flow for API clients such as mobile devices, smart TVs, and so on. You must provide a valid Ory Kratos Session Token for this endpoint to respond with HTTP 200 OK. To fetch an existing settings flow call &#x60;/self-service/settings/flows?flow&#x3D;&lt;flow_id&gt;&#x60;. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks. Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. &#x60;session_inactive&#x60;: No Ory Session was found - sign in a user first. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Kratos User Settings &amp; Profile Management Documentation](../self-service/flows/user-settings).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    The Session Token of the Identity performing the settings flow.

Returns:

  • (Array<(SettingsFlow, Integer, Hash)>)

    SettingsFlow data, response status code and response headers



625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 625

def create_native_settings_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_native_settings_flow ...'
  end
  # resource path
  local_var_path = '/self-service/settings/api'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'X-Session-Token'] = opts[:'x_session_token'] if !opts[:'x_session_token'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SettingsFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_native_settings_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_native_settings_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_native_verification_flow(opts = {}) ⇒ VerificationFlow

Create Verification Flow for Native Apps This endpoint initiates a verification flow for API clients such as mobile devices, smart TVs, and so on. To fetch an existing verification flow call ‘/self-service/verification/flows?flow=<flow_id>`. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Email and Phone Verification Documentation](www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:



674
675
676
677
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 674

def create_native_verification_flow(opts = {})
  data, _status_code, _headers = create_native_verification_flow_with_http_info(opts)
  data
end

#create_native_verification_flow_with_http_info(opts = {}) ⇒ Array<(VerificationFlow, Integer, Hash)>

Create Verification Flow for Native Apps This endpoint initiates a verification flow for API clients such as mobile devices, smart TVs, and so on. To fetch an existing verification flow call &#x60;/self-service/verification/flows?flow&#x3D;&lt;flow_id&gt;&#x60;. You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, …) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks. This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, …). More information can be found at [Ory Email and Phone Verification Documentation](www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:

  • (Array<(VerificationFlow, Integer, Hash)>)

    VerificationFlow data, response status code and response headers



683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 683

def create_native_verification_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.create_native_verification_flow ...'
  end
  # resource path
  local_var_path = '/self-service/verification/api'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'VerificationFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.create_native_verification_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#create_native_verification_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#disable_my_other_sessions(opts = {}) ⇒ DeleteMySessionsCount

Disable my other sessions Calling this endpoint invalidates all except the current session that belong to the logged-in user. Session data are not deleted.

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.

  • :cookie (String)

    Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;. It is ok if more than one cookie are included here as all other cookies will be ignored.

Returns:



733
734
735
736
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 733

def disable_my_other_sessions(opts = {})
  data, _status_code, _headers = disable_my_other_sessions_with_http_info(opts)
  data
end

#disable_my_other_sessions_with_http_info(opts = {}) ⇒ Array<(DeleteMySessionsCount, Integer, Hash)>

Disable my other sessions Calling this endpoint invalidates all except the current session that belong to the logged-in user. Session data are not deleted.

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.

  • :cookie (String)

    Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;. It is ok if more than one cookie are included here as all other cookies will be ignored.

Returns:

  • (Array<(DeleteMySessionsCount, Integer, Hash)>)

    DeleteMySessionsCount data, response status code and response headers



744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 744

def disable_my_other_sessions_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.disable_my_other_sessions ...'
  end
  # resource path
  local_var_path = '/sessions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'X-Session-Token'] = opts[:'x_session_token'] if !opts[:'x_session_token'].nil?
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DeleteMySessionsCount'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.disable_my_other_sessions",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#disable_my_other_sessions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#disable_my_session(id, opts = {}) ⇒ nil

Disable one of my sessions Calling this endpoint invalidates the specified session. The current session cannot be revoked. Session data are not deleted.

Parameters:

  • id (String)

    ID is the session&#39;s ID.

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.

  • :cookie (String)

    Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;. It is ok if more than one cookie are included here as all other cookies will be ignored.

Returns:

  • (nil)


797
798
799
800
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 797

def disable_my_session(id, opts = {})
  disable_my_session_with_http_info(id, opts)
  nil
end

#disable_my_session_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Disable one of my sessions Calling this endpoint invalidates the specified session. The current session cannot be revoked. Session data are not deleted.

Parameters:

  • id (String)

    ID is the session&#39;s ID.

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.

  • :cookie (String)

    Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;. It is ok if more than one cookie are included here as all other cookies will be ignored.

Returns:

  • (Array<(nil, Integer, Hash)>)

    nil, response status code and response headers



809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 809

def disable_my_session_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.disable_my_session ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling FrontendApi.disable_my_session"
  end
  # resource path
  local_var_path = '/sessions/{id}'.sub('{' + 'id' + '}', CGI.escape(id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'X-Session-Token'] = opts[:'x_session_token'] if !opts[:'x_session_token'].nil?
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.disable_my_session",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#disable_my_session\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#exchange_session_token(init_code, return_to_code, opts = {}) ⇒ SuccessfulNativeLogin

Exchange Session Token

Parameters:

  • init_code (String)

    The part of the code return when initializing the flow.

  • return_to_code (String)

    The part of the code returned by the return_to URL.

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:



864
865
866
867
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 864

def exchange_session_token(init_code, return_to_code, opts = {})
  data, _status_code, _headers = exchange_session_token_with_http_info(init_code, return_to_code, opts)
  data
end

#exchange_session_token_with_http_info(init_code, return_to_code, opts = {}) ⇒ Array<(SuccessfulNativeLogin, Integer, Hash)>

Exchange Session Token

Parameters:

  • init_code (String)

    The part of the code return when initializing the flow.

  • return_to_code (String)

    The part of the code returned by the return_to URL.

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:

  • (Array<(SuccessfulNativeLogin, Integer, Hash)>)

    SuccessfulNativeLogin data, response status code and response headers



874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 874

def exchange_session_token_with_http_info(init_code, return_to_code, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.exchange_session_token ...'
  end
  # verify the required parameter 'init_code' is set
  if @api_client.config.client_side_validation && init_code.nil?
    fail ArgumentError, "Missing the required parameter 'init_code' when calling FrontendApi.exchange_session_token"
  end
  # verify the required parameter 'return_to_code' is set
  if @api_client.config.client_side_validation && return_to_code.nil?
    fail ArgumentError, "Missing the required parameter 'return_to_code' when calling FrontendApi.exchange_session_token"
  end
  # resource path
  local_var_path = '/sessions/token-exchange'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'init_code'] = init_code
  query_params[:'return_to_code'] = return_to_code

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SuccessfulNativeLogin'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.exchange_session_token",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#exchange_session_token\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_flow_error(id, opts = {}) ⇒ FlowError

Get User-Flow Errors This endpoint returns the error associated with a user-facing self service errors. This endpoint supports stub values to help you implement the error UI: ‘?id=stub:500` - returns a stub 500 (Internal Server Error) error. More information can be found at [Ory Kratos User User Facing Error Documentation](www.ory.sh/docs/kratos/self-service/flows/user-facing-errors).

Parameters:

  • id (String)

    Error is the error&#39;s ID

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:



933
934
935
936
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 933

def get_flow_error(id, opts = {})
  data, _status_code, _headers = get_flow_error_with_http_info(id, opts)
  data
end

#get_flow_error_with_http_info(id, opts = {}) ⇒ Array<(FlowError, Integer, Hash)>

Get User-Flow Errors This endpoint returns the error associated with a user-facing self service errors. This endpoint supports stub values to help you implement the error UI: &#x60;?id&#x3D;stub:500&#x60; - returns a stub 500 (Internal Server Error) error. More information can be found at [Ory Kratos User User Facing Error Documentation](www.ory.sh/docs/kratos/self-service/flows/user-facing-errors).

Parameters:

  • id (String)

    Error is the error&#39;s ID

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:

  • (Array<(FlowError, Integer, Hash)>)

    FlowError data, response status code and response headers



943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 943

def get_flow_error_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.get_flow_error ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling FrontendApi.get_flow_error"
  end
  # resource path
  local_var_path = '/self-service/errors'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'FlowError'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.get_flow_error",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#get_flow_error\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_login_flow(id, opts = {}) ⇒ LoginFlow

Get Login Flow This endpoint returns a login flow’s context with, for example, error details and other information. Browser flows expect the anti-CSRF cookie to be included in the request’s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail. If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint: “‘js pseudo-code example router.get(’/login’, async function (req, res) { const flow = await client.getLoginFlow(req.header(‘cookie’), req.query) res.render(‘login’, flow) }) “‘ This request may fail due to several reasons. The `error.id` can be one of: `session_already_available`: The user is already signed in. `self_service_flow_expired`: The flow is expired and you should request a new one. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • id (String)

    The Login Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/login?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



998
999
1000
1001
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 998

def (id, opts = {})
  data, _status_code, _headers = (id, opts)
  data
end

#get_login_flow_with_http_info(id, opts = {}) ⇒ Array<(LoginFlow, Integer, Hash)>

Get Login Flow This endpoint returns a login flow&#39;s context with, for example, error details and other information. Browser flows expect the anti-CSRF cookie to be included in the request&#39;s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail. If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint: &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/login&#39;, async function (req, res) { const flow &#x3D; await client.getLoginFlow(req.header(&#39;cookie&#39;), req.query) res.render(&#39;login&#39;, flow) }) &#x60;&#x60;&#x60; This request may fail due to several reasons. The &#x60;error.id&#x60; can be one of: &#x60;session_already_available&#x60;: The user is already signed in. &#x60;self_service_flow_expired&#x60;: The flow is expired and you should request a new one. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • id (String)

    The Login Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/login?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(LoginFlow, Integer, Hash)>)

    LoginFlow data, response status code and response headers



1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1009

def (id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.get_login_flow ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling FrontendApi.get_login_flow"
  end
  # resource path
  local_var_path = '/self-service/login/flows'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'LoginFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.get_login_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#get_login_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_recovery_flow(id, opts = {}) ⇒ RecoveryFlow

Get Recovery Flow This endpoint returns a recovery flow’s context with, for example, error details and other information. Browser flows expect the anti-CSRF cookie to be included in the request’s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail. If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint: “‘js pseudo-code example router.get(’/recovery’, async function (req, res) { const flow = await client.getRecoveryFlow(req.header(‘Cookie’), req.query) res.render(‘recovery’, flow) }) “‘ More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).

Parameters:

  • id (String)

    The Flow ID The value for this parameter comes from &#x60;request&#x60; URL Query parameter sent to your application (e.g. &#x60;/recovery?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



1065
1066
1067
1068
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1065

def get_recovery_flow(id, opts = {})
  data, _status_code, _headers = get_recovery_flow_with_http_info(id, opts)
  data
end

#get_recovery_flow_with_http_info(id, opts = {}) ⇒ Array<(RecoveryFlow, Integer, Hash)>

Get Recovery Flow This endpoint returns a recovery flow&#39;s context with, for example, error details and other information. Browser flows expect the anti-CSRF cookie to be included in the request&#39;s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail. If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint: &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/recovery&#39;, async function (req, res) { const flow &#x3D; await client.getRecoveryFlow(req.header(&#39;Cookie&#39;), req.query) res.render(&#39;recovery&#39;, flow) }) &#x60;&#x60;&#x60; More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).

Parameters:

  • id (String)

    The Flow ID The value for this parameter comes from &#x60;request&#x60; URL Query parameter sent to your application (e.g. &#x60;/recovery?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(RecoveryFlow, Integer, Hash)>)

    RecoveryFlow data, response status code and response headers



1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1076

def get_recovery_flow_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.get_recovery_flow ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling FrontendApi.get_recovery_flow"
  end
  # resource path
  local_var_path = '/self-service/recovery/flows'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'RecoveryFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.get_recovery_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#get_recovery_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_registration_flow(id, opts = {}) ⇒ RegistrationFlow

Get Registration Flow This endpoint returns a registration flow’s context with, for example, error details and other information. Browser flows expect the anti-CSRF cookie to be included in the request’s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail. If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint: “‘js pseudo-code example router.get(’/registration’, async function (req, res) { const flow = await client.getRegistrationFlow(req.header(‘cookie’), req.query) res.render(‘registration’, flow) }) “‘ This request may fail due to several reasons. The `error.id` can be one of: `session_already_available`: The user is already signed in. `self_service_flow_expired`: The flow is expired and you should request a new one. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • id (String)

    The Registration Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/registration?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



1132
1133
1134
1135
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1132

def get_registration_flow(id, opts = {})
  data, _status_code, _headers = get_registration_flow_with_http_info(id, opts)
  data
end

#get_registration_flow_with_http_info(id, opts = {}) ⇒ Array<(RegistrationFlow, Integer, Hash)>

Get Registration Flow This endpoint returns a registration flow&#39;s context with, for example, error details and other information. Browser flows expect the anti-CSRF cookie to be included in the request&#39;s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail. If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint: &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/registration&#39;, async function (req, res) { const flow &#x3D; await client.getRegistrationFlow(req.header(&#39;cookie&#39;), req.query) res.render(&#39;registration&#39;, flow) }) &#x60;&#x60;&#x60; This request may fail due to several reasons. The &#x60;error.id&#x60; can be one of: &#x60;session_already_available&#x60;: The user is already signed in. &#x60;self_service_flow_expired&#x60;: The flow is expired and you should request a new one. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • id (String)

    The Registration Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/registration?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(RegistrationFlow, Integer, Hash)>)

    RegistrationFlow data, response status code and response headers



1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1143

def get_registration_flow_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.get_registration_flow ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling FrontendApi.get_registration_flow"
  end
  # resource path
  local_var_path = '/self-service/registration/flows'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'RegistrationFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.get_registration_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#get_registration_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_settings_flow(id, opts = {}) ⇒ SettingsFlow

Get Settings Flow When accessing this endpoint through Ory Kratos’ Public API you must ensure that either the Ory Kratos Session Cookie or the Ory Kratos Session Token are set. Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration. You can access this endpoint without credentials when using Ory Kratos’ Admin API. If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the ‘error.id` of the JSON response body can be one of: `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. `session_inactive`: No Ory Session was found - sign in a user first. `security_identity_mismatch`: The flow was interrupted with `session_refresh_required` but apparently some other identity logged in instead. More information can be found at [Ory Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).

Parameters:

  • id (String)

    ID is the Settings Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/settings?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    The Session Token When using the SDK in an app without a browser, please include the session token here.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



1200
1201
1202
1203
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1200

def get_settings_flow(id, opts = {})
  data, _status_code, _headers = get_settings_flow_with_http_info(id, opts)
  data
end

#get_settings_flow_with_http_info(id, opts = {}) ⇒ Array<(SettingsFlow, Integer, Hash)>

Get Settings Flow When accessing this endpoint through Ory Kratos&#39; Public API you must ensure that either the Ory Kratos Session Cookie or the Ory Kratos Session Token are set. Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration. You can access this endpoint without credentials when using Ory Kratos&#39; Admin API. If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. &#x60;session_inactive&#x60;: No Ory Session was found - sign in a user first. &#x60;security_identity_mismatch&#x60;: The flow was interrupted with &#x60;session_refresh_required&#x60; but apparently some other identity logged in instead. More information can be found at [Ory Kratos User Settings &amp; Profile Management Documentation](../self-service/flows/user-settings).

Parameters:

  • id (String)

    ID is the Settings Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/settings?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    The Session Token When using the SDK in an app without a browser, please include the session token here.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(SettingsFlow, Integer, Hash)>)

    SettingsFlow data, response status code and response headers



1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1212

def get_settings_flow_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.get_settings_flow ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling FrontendApi.get_settings_flow"
  end
  # resource path
  local_var_path = '/self-service/settings/flows'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'X-Session-Token'] = opts[:'x_session_token'] if !opts[:'x_session_token'].nil?
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SettingsFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.get_settings_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#get_settings_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_verification_flow(id, opts = {}) ⇒ VerificationFlow

Get Verification Flow This endpoint returns a verification flow’s context with, for example, error details and other information. Browser flows expect the anti-CSRF cookie to be included in the request’s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail. If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint: “‘js pseudo-code example router.get(’/recovery’, async function (req, res) { const flow = await client.getVerificationFlow(req.header(‘cookie’), req.query) res.render(‘verification’, flow) }) “‘ More information can be found at [Ory Kratos Email and Phone Verification Documentation](www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).

Parameters:

  • id (String)

    The Flow ID The value for this parameter comes from &#x60;request&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK on the server side you must include the HTTP Cookie Header originally sent to your HTTP handler here.

Returns:



1269
1270
1271
1272
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1269

def get_verification_flow(id, opts = {})
  data, _status_code, _headers = get_verification_flow_with_http_info(id, opts)
  data
end

#get_verification_flow_with_http_info(id, opts = {}) ⇒ Array<(VerificationFlow, Integer, Hash)>

Get Verification Flow This endpoint returns a verification flow&#39;s context with, for example, error details and other information. Browser flows expect the anti-CSRF cookie to be included in the request&#39;s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail. If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint: &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/recovery&#39;, async function (req, res) { const flow &#x3D; await client.getVerificationFlow(req.header(&#39;cookie&#39;), req.query) res.render(&#39;verification&#39;, flow) }) &#x60;&#x60;&#x60; More information can be found at [Ory Kratos Email and Phone Verification Documentation](www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).

Parameters:

  • id (String)

    The Flow ID The value for this parameter comes from &#x60;request&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK on the server side you must include the HTTP Cookie Header originally sent to your HTTP handler here.

Returns:

  • (Array<(VerificationFlow, Integer, Hash)>)

    VerificationFlow data, response status code and response headers



1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1280

def get_verification_flow_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.get_verification_flow ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling FrontendApi.get_verification_flow"
  end
  # resource path
  local_var_path = '/self-service/verification/flows'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'VerificationFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.get_verification_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#get_verification_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_web_authn_java_script(opts = {}) ⇒ String

Get WebAuthn JavaScript This endpoint provides JavaScript which is needed in order to perform WebAuthn login and registration. If you are building a JavaScript Browser App (e.g. in ReactJS or AngularJS) you will need to load this file: “‘html <script src="public-kratos.example.org/.well-known/ory/webauthn.js" type="script" async /> “` More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:

  • (String)


1334
1335
1336
1337
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1334

def get_web_authn_java_script(opts = {})
  data, _status_code, _headers = get_web_authn_java_script_with_http_info(opts)
  data
end

#get_web_authn_java_script_with_http_info(opts = {}) ⇒ Array<(String, Integer, Hash)>

Get WebAuthn JavaScript This endpoint provides JavaScript which is needed in order to perform WebAuthn login and registration. If you are building a JavaScript Browser App (e.g. in ReactJS or AngularJS) you will need to load this file: &#x60;&#x60;&#x60;html &lt;script src&#x3D;&quot;public-kratos.example.org/.well-known/ory/webauthn.js&quot; type&#x3D;&quot;script&quot; async /&gt; &#x60;&#x60;&#x60; More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:

  • (Array<(String, Integer, Hash)>)

    String data, response status code and response headers



1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1343

def get_web_authn_java_script_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.get_web_authn_java_script ...'
  end
  # resource path
  local_var_path = '/.well-known/ory/webauthn.js'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'String'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.get_web_authn_java_script",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#get_web_authn_java_script\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_my_sessions(opts = {}) ⇒ Array<Session>

Get My Active Sessions This endpoints returns all other active sessions that belong to the logged-in user. The current session can be retrieved by calling the ‘/sessions/whoami` endpoint.

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :per_page (Integer)

    Deprecated Items per Page DEPRECATED: Please use &#x60;page_token&#x60; instead. This parameter will be removed in the future. This is the number of items per page. (default to 250)

  • :page (Integer)

    Deprecated Pagination Page DEPRECATED: Please use &#x60;page_token&#x60; instead. This parameter will be removed in the future. This value is currently an integer, but it is not sequential. The value is not the page number, but a reference. The next page can be any number and some numbers might return an empty list. For example, page 2 might not follow after page 1. And even if page 3 and 5 exist, but page 4 might not exist. The first page can be retrieved by omitting this parameter. Following page pointers will be returned in the &#x60;Link&#x60; header.

  • :page_size (Integer)

    Page Size This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](www.ory.sh/docs/ecosystem/api-design#pagination). (default to 250)

  • :page_token (String)

    Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](www.ory.sh/docs/ecosystem/api-design#pagination). (default to ‘1’)

  • :x_session_token (String)

    Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.

  • :cookie (String)

    Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;. It is ok if more than one cookie are included here as all other cookies will be ignored.

Returns:



1397
1398
1399
1400
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1397

def list_my_sessions(opts = {})
  data, _status_code, _headers = list_my_sessions_with_http_info(opts)
  data
end

#list_my_sessions_with_http_info(opts = {}) ⇒ Array<(Array<Session>, Integer, Hash)>

Get My Active Sessions This endpoints returns all other active sessions that belong to the logged-in user. The current session can be retrieved by calling the &#x60;/sessions/whoami&#x60; endpoint.

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :per_page (Integer)

    Deprecated Items per Page DEPRECATED: Please use &#x60;page_token&#x60; instead. This parameter will be removed in the future. This is the number of items per page. (default to 250)

  • :page (Integer)

    Deprecated Pagination Page DEPRECATED: Please use &#x60;page_token&#x60; instead. This parameter will be removed in the future. This value is currently an integer, but it is not sequential. The value is not the page number, but a reference. The next page can be any number and some numbers might return an empty list. For example, page 2 might not follow after page 1. And even if page 3 and 5 exist, but page 4 might not exist. The first page can be retrieved by omitting this parameter. Following page pointers will be returned in the &#x60;Link&#x60; header.

  • :page_size (Integer)

    Page Size This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](www.ory.sh/docs/ecosystem/api-design#pagination). (default to 250)

  • :page_token (String)

    Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](www.ory.sh/docs/ecosystem/api-design#pagination). (default to ‘1’)

  • :x_session_token (String)

    Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.

  • :cookie (String)

    Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;. It is ok if more than one cookie are included here as all other cookies will be ignored.

Returns:

  • (Array<(Array<Session>, Integer, Hash)>)

    Array<Session> data, response status code and response headers



1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1412

def list_my_sessions_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.list_my_sessions ...'
  end
  if @api_client.config.client_side_validation && !opts[:'per_page'].nil? && opts[:'per_page'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"per_page"]" when calling FrontendApi.list_my_sessions, must be smaller than or equal to 1000.'
  end

  if @api_client.config.client_side_validation && !opts[:'per_page'].nil? && opts[:'per_page'] < 1
    fail ArgumentError, 'invalid value for "opts[:"per_page"]" when calling FrontendApi.list_my_sessions, must be greater than or equal to 1.'
  end

  if @api_client.config.client_side_validation && !opts[:'page_size'].nil? && opts[:'page_size'] > 500
    fail ArgumentError, 'invalid value for "opts[:"page_size"]" when calling FrontendApi.list_my_sessions, must be smaller than or equal to 500.'
  end

  if @api_client.config.client_side_validation && !opts[:'page_size'].nil? && opts[:'page_size'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_size"]" when calling FrontendApi.list_my_sessions, must be greater than or equal to 1.'
  end

  # resource path
  local_var_path = '/sessions'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'per_page'] = opts[:'per_page'] if !opts[:'per_page'].nil?
  query_params[:'page'] = opts[:'page'] if !opts[:'page'].nil?
  query_params[:'page_size'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page_token'] = opts[:'page_token'] if !opts[:'page_token'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'X-Session-Token'] = opts[:'x_session_token'] if !opts[:'x_session_token'].nil?
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'Array<Session>'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.list_my_sessions",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#list_my_sessions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#perform_native_logout(perform_native_logout_body, opts = {}) ⇒ nil

Perform Logout for Native Apps Use this endpoint to log out an identity using an Ory Session Token. If the Ory Session Token was successfully revoked, the server returns a 204 No Content response. A 204 No Content response is also sent when the Ory Session Token has been revoked already before. If the Ory Session Token is malformed or does not exist a 403 Forbidden response will be returned. This endpoint does not remove any HTTP Cookies - use the Browser-Based Self-Service Logout Flow instead.

Parameters:

Returns:

  • (nil)


1483
1484
1485
1486
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1483

def perform_native_logout(perform_native_logout_body, opts = {})
  perform_native_logout_with_http_info(perform_native_logout_body, opts)
  nil
end

#perform_native_logout_with_http_info(perform_native_logout_body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Perform Logout for Native Apps Use this endpoint to log out an identity using an Ory Session Token. If the Ory Session Token was successfully revoked, the server returns a 204 No Content response. A 204 No Content response is also sent when the Ory Session Token has been revoked already before. If the Ory Session Token is malformed or does not exist a 403 Forbidden response will be returned. This endpoint does not remove any HTTP Cookies - use the Browser-Based Self-Service Logout Flow instead.

Parameters:

Returns:

  • (Array<(nil, Integer, Hash)>)

    nil, response status code and response headers



1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1493

def perform_native_logout_with_http_info(perform_native_logout_body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.perform_native_logout ...'
  end
  # verify the required parameter 'perform_native_logout_body' is set
  if @api_client.config.client_side_validation && perform_native_logout_body.nil?
    fail ArgumentError, "Missing the required parameter 'perform_native_logout_body' when calling FrontendApi.perform_native_logout"
  end
  # resource path
  local_var_path = '/self-service/logout/api'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
      header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(perform_native_logout_body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.perform_native_logout",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#perform_native_logout\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#to_session(opts = {}) ⇒ Session

Check Who the Current HTTP Session Belongs To Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the ‘X-Kratos-Authenticated-Identity-Id’ header in the response. If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint: “‘js pseudo-code example router.get(’/protected-endpoint’, async function (req, res) { const session = await client.toSession(undefined, req.header(‘cookie’)) console.log(session) }) “‘ When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token: “`js pseudo-code example … const session = await client.toSession("the-session-token") console.log(session) “` When using a token template, the token is included in the `tokenized` field of the session. “`js pseudo-code example … const session = await client.toSession("the-session-token", { tokenize_as: "example-jwt-template" }) console.log(session.tokenized) // The JWT “` Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration. This endpoint is useful for: AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the `X-Session-Token` header! This endpoint authenticates users by checking: if the `Cookie` HTTP header was set containing an Ory Kratos Session Cookie; if the `Authorization: bearer <ory-session-token>` HTTP header was set with a valid Ory Kratos Session Token; if the `X-Session-Token` HTTP header was set with a valid Ory Kratos Session Token. If none of these headers are set or the cookie or token are invalid, the endpoint returns a HTTP 401 status code. As explained above, this request may fail due to several reasons. The `error.id` can be one of: `session_inactive`: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). `session_aal2_required`: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.

  • :cookie (String)

    Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;. It is ok if more than one cookie are included here as all other cookies will be ignored.

  • :tokenize_as (String)

    Returns the session additionally as a token (such as a JWT) The value of this parameter has to be a valid, configured Ory Session token template. For more information head over to [the documentation](ory.sh/docs/identities/session-to-jwt-cors).

Returns:



1553
1554
1555
1556
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1553

def to_session(opts = {})
  data, _status_code, _headers = to_session_with_http_info(opts)
  data
end

#to_session_with_http_info(opts = {}) ⇒ Array<(Session, Integer, Hash)>

Check Who the Current HTTP Session Belongs To Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the &#39;X-Kratos-Authenticated-Identity-Id&#39; header in the response. If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint: &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/protected-endpoint&#39;, async function (req, res) { const session &#x3D; await client.toSession(undefined, req.header(&#39;cookie&#39;)) console.log(session) }) &#x60;&#x60;&#x60; When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token: &#x60;&#x60;&#x60;js pseudo-code example … const session &#x3D; await client.toSession(&quot;the-session-token&quot;) console.log(session) &#x60;&#x60;&#x60; When using a token template, the token is included in the &#x60;tokenized&#x60; field of the session. &#x60;&#x60;&#x60;js pseudo-code example … const session &#x3D; await client.toSession(&quot;the-session-token&quot;, { tokenize_as: &quot;example-jwt-template&quot; }) console.log(session.tokenized) // The JWT &#x60;&#x60;&#x60; Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration. This endpoint is useful for: AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the &#x60;X-Session-Token&#x60; header! This endpoint authenticates users by checking: if the &#x60;Cookie&#x60; HTTP header was set containing an Ory Kratos Session Cookie; if the &#x60;Authorization: bearer &lt;ory-session-token&gt;&#x60; HTTP header was set with a valid Ory Kratos Session Token; if the &#x60;X-Session-Token&#x60; HTTP header was set with a valid Ory Kratos Session Token. If none of these headers are set or the cookie or token are invalid, the endpoint returns a HTTP 401 status code. As explained above, this request may fail due to several reasons. The &#x60;error.id&#x60; can be one of: &#x60;session_inactive&#x60;: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). &#x60;session_aal2_required&#x60;: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.

  • :cookie (String)

    Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;. It is ok if more than one cookie are included here as all other cookies will be ignored.

  • :tokenize_as (String)

    Returns the session additionally as a token (such as a JWT) The value of this parameter has to be a valid, configured Ory Session token template. For more information head over to [the documentation](ory.sh/docs/identities/session-to-jwt-cors).

Returns:

  • (Array<(Session, Integer, Hash)>)

    Session data, response status code and response headers



1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1565

def to_session_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.to_session ...'
  end
  # resource path
  local_var_path = '/sessions/whoami'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'tokenize_as'] = opts[:'tokenize_as'] if !opts[:'tokenize_as'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'X-Session-Token'] = opts[:'x_session_token'] if !opts[:'x_session_token'].nil?
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'Session'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.to_session",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#to_session\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_login_flow(flow, update_login_flow_body, opts = {}) ⇒ SuccessfulNativeLogin

Submit a Login Flow Use this endpoint to complete a login flow. This endpoint behaves differently for API and browser flows. API flows expect ‘application/json` to be sent in the body and responds with HTTP 200 and a application/json body with the session token on success; HTTP 410 if the original flow expired with the appropriate error messages set and optionally a `use_flow_id` parameter in the body; HTTP 400 on form validation errors. Browser flows expect a Content-Type of `application/x-www-form-urlencoded` or `application/json` to be sent in the body and respond with a HTTP 303 redirect to the post/after login URL or the `return_to` value if it was set and if the login succeeded; a HTTP 303 redirect to the login UI URL with the flow ID containing the validation errors otherwise. Browser flows with an accept header of `application/json` will not redirect but instead respond with HTTP 200 and a application/json body with the signed in identity and a `Set-Cookie` header on success; HTTP 303 redirect to a fresh login flow if the original flow expired with the appropriate error messages set; HTTP 400 on form validation errors. If this endpoint is called with `Accept: application/json` in the header, the response contains the flow without a redirect. In the case of an error, the `error.id` of the JSON response body can be one of: `session_already_available`: The user is already signed in. `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. `security_identity_mismatch`: The requested `?return_to` address is not allowed to be used. Adjust this in the configuration! `browser_location_change_required`: Usually sent when an AJAX request indicates that the browser needs to open a specific URL. Most likely used in Social Sign In flows. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • flow (String)

    The Login Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/login?flow&#x3D;abcde&#x60;).

  • update_login_flow_body (UpdateLoginFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    The Session Token of the Identity performing the settings flow.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



1620
1621
1622
1623
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1620

def (flow, , opts = {})
  data, _status_code, _headers = (flow, , opts)
  data
end

#update_login_flow_with_http_info(flow, update_login_flow_body, opts = {}) ⇒ Array<(SuccessfulNativeLogin, Integer, Hash)>

Submit a Login Flow Use this endpoint to complete a login flow. This endpoint behaves differently for API and browser flows. API flows expect &#x60;application/json&#x60; to be sent in the body and responds with HTTP 200 and a application/json body with the session token on success; HTTP 410 if the original flow expired with the appropriate error messages set and optionally a &#x60;use_flow_id&#x60; parameter in the body; HTTP 400 on form validation errors. Browser flows expect a Content-Type of &#x60;application/x-www-form-urlencoded&#x60; or &#x60;application/json&#x60; to be sent in the body and respond with a HTTP 303 redirect to the post/after login URL or the &#x60;return_to&#x60; value if it was set and if the login succeeded; a HTTP 303 redirect to the login UI URL with the flow ID containing the validation errors otherwise. Browser flows with an accept header of &#x60;application/json&#x60; will not redirect but instead respond with HTTP 200 and a application/json body with the signed in identity and a &#x60;Set-Cookie&#x60; header on success; HTTP 303 redirect to a fresh login flow if the original flow expired with the appropriate error messages set; HTTP 400 on form validation errors. If this endpoint is called with &#x60;Accept: application/json&#x60; in the header, the response contains the flow without a redirect. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;session_already_available&#x60;: The user is already signed in. &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. &#x60;security_identity_mismatch&#x60;: The requested &#x60;?return_to&#x60; address is not allowed to be used. Adjust this in the configuration! &#x60;browser_location_change_required&#x60;: Usually sent when an AJAX request indicates that the browser needs to open a specific URL. Most likely used in Social Sign In flows. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • flow (String)

    The Login Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/login?flow&#x3D;abcde&#x60;).

  • update_login_flow_body (UpdateLoginFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    The Session Token of the Identity performing the settings flow.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(SuccessfulNativeLogin, Integer, Hash)>)

    SuccessfulNativeLogin data, response status code and response headers



1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1633

def (flow, , opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.update_login_flow ...'
  end
  # verify the required parameter 'flow' is set
  if @api_client.config.client_side_validation && flow.nil?
    fail ArgumentError, "Missing the required parameter 'flow' when calling FrontendApi.update_login_flow"
  end
  # verify the required parameter 'update_login_flow_body' is set
  if @api_client.config.client_side_validation && .nil?
    fail ArgumentError, "Missing the required parameter 'update_login_flow_body' when calling FrontendApi.update_login_flow"
  end
  # resource path
  local_var_path = '/self-service/login'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'flow'] = flow

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json', 'application/x-www-form-urlencoded'])
  if !content_type.nil?
      header_params['Content-Type'] = content_type
  end
  header_params[:'X-Session-Token'] = opts[:'x_session_token'] if !opts[:'x_session_token'].nil?
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body()

  # return_type
  return_type = opts[:debug_return_type] || 'SuccessfulNativeLogin'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.update_login_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#update_login_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_logout_flow(opts = {}) ⇒ nil

Update Logout Flow This endpoint logs out an identity in a self-service manner. If the ‘Accept` HTTP header is not set to `application/json`, the browser will be redirected (HTTP 303 See Other) to the `return_to` parameter of the initial request or fall back to `urls.default_return_to`. If the `Accept` HTTP header is set to `application/json`, a 204 No Content response will be sent on successful logout instead. This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, …). For API clients you can call the `/self-service/logout/api` URL directly with the Ory Session Token. More information can be found at [Ory Kratos User Logout Documentation](www.ory.sh/docs/next/kratos/self-service/flows/user-logout).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :token (String)

    A Valid Logout Token If you do not have a logout token because you only have a session cookie, call &#x60;/self-service/logout/browser&#x60; to generate a URL for this endpoint.

  • :return_to (String)

    The URL to return to after the logout was completed.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (nil)


1700
1701
1702
1703
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1700

def update_logout_flow(opts = {})
  update_logout_flow_with_http_info(opts)
  nil
end

#update_logout_flow_with_http_info(opts = {}) ⇒ Array<(nil, Integer, Hash)>

Update Logout Flow This endpoint logs out an identity in a self-service manner. If the &#x60;Accept&#x60; HTTP header is not set to &#x60;application/json&#x60;, the browser will be redirected (HTTP 303 See Other) to the &#x60;return_to&#x60; parameter of the initial request or fall back to &#x60;urls.default_return_to&#x60;. If the &#x60;Accept&#x60; HTTP header is set to &#x60;application/json&#x60;, a 204 No Content response will be sent on successful logout instead. This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, …). For API clients you can call the &#x60;/self-service/logout/api&#x60; URL directly with the Ory Session Token. More information can be found at [Ory Kratos User Logout Documentation](www.ory.sh/docs/next/kratos/self-service/flows/user-logout).

Parameters:

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :token (String)

    A Valid Logout Token If you do not have a logout token because you only have a session cookie, call &#x60;/self-service/logout/browser&#x60; to generate a URL for this endpoint.

  • :return_to (String)

    The URL to return to after the logout was completed.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(nil, Integer, Hash)>)

    nil, response status code and response headers



1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1712

def update_logout_flow_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.update_logout_flow ...'
  end
  # resource path
  local_var_path = '/self-service/logout'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'token'] = opts[:'token'] if !opts[:'token'].nil?
  query_params[:'return_to'] = opts[:'return_to'] if !opts[:'return_to'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.update_logout_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#update_logout_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_recovery_flow(flow, update_recovery_flow_body, opts = {}) ⇒ RecoveryFlow

Update Recovery Flow Use this endpoint to update a recovery flow. This endpoint behaves differently for API and browser flows and has several states: ‘choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent and works with API- and Browser-initiated flows. For API clients and Browser clients with HTTP Header `Accept: application/json` it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid. and a HTTP 303 See Other redirect with a fresh recovery flow if the flow was otherwise invalid (e.g. expired). For Browser clients without HTTP Header `Accept` or with `Accept: text/*` it returns a HTTP 303 See Other redirect to the Recovery UI URL with the Recovery Flow ID appended. `sent_email` is the success state after `choose_method` for the `link` method and allows the user to request another recovery email. It works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state. `passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow ("sending a recovery link") does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Recover UI URL with a new Recovery Flow ID which contains an error message that the recovery link was invalid. More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).

Parameters:

  • flow (String)

    The Recovery Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/recovery?flow&#x3D;abcde&#x60;).

  • update_recovery_flow_body (UpdateRecoveryFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :token (String)

    Recovery Token The recovery token which completes the recovery request. If the token is invalid (e.g. expired) an error will be shown to the end-user. This parameter is usually set in a link and not used by any direct API call.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



1767
1768
1769
1770
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1767

def update_recovery_flow(flow, update_recovery_flow_body, opts = {})
  data, _status_code, _headers = update_recovery_flow_with_http_info(flow, update_recovery_flow_body, opts)
  data
end

#update_recovery_flow_with_http_info(flow, update_recovery_flow_body, opts = {}) ⇒ Array<(RecoveryFlow, Integer, Hash)>

Update Recovery Flow Use this endpoint to update a recovery flow. This endpoint behaves differently for API and browser flows and has several states: &#x60;choose_method&#x60; expects &#x60;flow&#x60; (in the URL query) and &#x60;email&#x60; (in the body) to be sent and works with API- and Browser-initiated flows. For API clients and Browser clients with HTTP Header &#x60;Accept: application/json&#x60; it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid. and a HTTP 303 See Other redirect with a fresh recovery flow if the flow was otherwise invalid (e.g. expired). For Browser clients without HTTP Header &#x60;Accept&#x60; or with &#x60;Accept: text/*&#x60; it returns a HTTP 303 See Other redirect to the Recovery UI URL with the Recovery Flow ID appended. &#x60;sent_email&#x60; is the success state after &#x60;choose_method&#x60; for the &#x60;link&#x60; method and allows the user to request another recovery email. It works for both API and Browser-initiated flows and returns the same responses as the flow in &#x60;choose_method&#x60; state. &#x60;passed_challenge&#x60; expects a &#x60;token&#x60; to be sent in the URL query and given the nature of the flow (&quot;sending a recovery link&quot;) does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Recover UI URL with a new Recovery Flow ID which contains an error message that the recovery link was invalid. More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).

Parameters:

  • flow (String)

    The Recovery Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/recovery?flow&#x3D;abcde&#x60;).

  • update_recovery_flow_body (UpdateRecoveryFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :token (String)

    Recovery Token The recovery token which completes the recovery request. If the token is invalid (e.g. expired) an error will be shown to the end-user. This parameter is usually set in a link and not used by any direct API call.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(RecoveryFlow, Integer, Hash)>)

    RecoveryFlow data, response status code and response headers



1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1780

def update_recovery_flow_with_http_info(flow, update_recovery_flow_body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.update_recovery_flow ...'
  end
  # verify the required parameter 'flow' is set
  if @api_client.config.client_side_validation && flow.nil?
    fail ArgumentError, "Missing the required parameter 'flow' when calling FrontendApi.update_recovery_flow"
  end
  # verify the required parameter 'update_recovery_flow_body' is set
  if @api_client.config.client_side_validation && update_recovery_flow_body.nil?
    fail ArgumentError, "Missing the required parameter 'update_recovery_flow_body' when calling FrontendApi.update_recovery_flow"
  end
  # resource path
  local_var_path = '/self-service/recovery'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'flow'] = flow
  query_params[:'token'] = opts[:'token'] if !opts[:'token'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json', 'application/x-www-form-urlencoded'])
  if !content_type.nil?
      header_params['Content-Type'] = content_type
  end
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(update_recovery_flow_body)

  # return_type
  return_type = opts[:debug_return_type] || 'RecoveryFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.update_recovery_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#update_recovery_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_registration_flow(flow, update_registration_flow_body, opts = {}) ⇒ SuccessfulNativeRegistration

Update Registration Flow Use this endpoint to complete a registration flow by sending an identity’s traits and password. This endpoint behaves differently for API and browser flows. API flows expect ‘application/json` to be sent in the body and respond with HTTP 200 and a application/json body with the created identity success - if the session hook is configured the `session` and `session_token` will also be included; HTTP 410 if the original flow expired with the appropriate error messages set and optionally a `use_flow_id` parameter in the body; HTTP 400 on form validation errors. Browser flows expect a Content-Type of `application/x-www-form-urlencoded` or `application/json` to be sent in the body and respond with a HTTP 303 redirect to the post/after registration URL or the `return_to` value if it was set and if the registration succeeded; a HTTP 303 redirect to the registration UI URL with the flow ID containing the validation errors otherwise. Browser flows with an accept header of `application/json` will not redirect but instead respond with HTTP 200 and a application/json body with the signed in identity and a `Set-Cookie` header on success; HTTP 303 redirect to a fresh login flow if the original flow expired with the appropriate error messages set; HTTP 400 on form validation errors. If this endpoint is called with `Accept: application/json` in the header, the response contains the flow without a redirect. In the case of an error, the `error.id` of the JSON response body can be one of: `session_already_available`: The user is already signed in. `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. `security_identity_mismatch`: The requested `?return_to` address is not allowed to be used. Adjust this in the configuration! `browser_location_change_required`: Usually sent when an AJAX request indicates that the browser needs to open a specific URL. Most likely used in Social Sign In flows. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • flow (String)

    The Registration Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/registration?flow&#x3D;abcde&#x60;).

  • update_registration_flow_body (UpdateRegistrationFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



1847
1848
1849
1850
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1847

def update_registration_flow(flow, update_registration_flow_body, opts = {})
  data, _status_code, _headers = update_registration_flow_with_http_info(flow, update_registration_flow_body, opts)
  data
end

#update_registration_flow_with_http_info(flow, update_registration_flow_body, opts = {}) ⇒ Array<(SuccessfulNativeRegistration, Integer, Hash)>

Update Registration Flow Use this endpoint to complete a registration flow by sending an identity&#39;s traits and password. This endpoint behaves differently for API and browser flows. API flows expect &#x60;application/json&#x60; to be sent in the body and respond with HTTP 200 and a application/json body with the created identity success - if the session hook is configured the &#x60;session&#x60; and &#x60;session_token&#x60; will also be included; HTTP 410 if the original flow expired with the appropriate error messages set and optionally a &#x60;use_flow_id&#x60; parameter in the body; HTTP 400 on form validation errors. Browser flows expect a Content-Type of &#x60;application/x-www-form-urlencoded&#x60; or &#x60;application/json&#x60; to be sent in the body and respond with a HTTP 303 redirect to the post/after registration URL or the &#x60;return_to&#x60; value if it was set and if the registration succeeded; a HTTP 303 redirect to the registration UI URL with the flow ID containing the validation errors otherwise. Browser flows with an accept header of &#x60;application/json&#x60; will not redirect but instead respond with HTTP 200 and a application/json body with the signed in identity and a &#x60;Set-Cookie&#x60; header on success; HTTP 303 redirect to a fresh login flow if the original flow expired with the appropriate error messages set; HTTP 400 on form validation errors. If this endpoint is called with &#x60;Accept: application/json&#x60; in the header, the response contains the flow without a redirect. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;session_already_available&#x60;: The user is already signed in. &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. &#x60;security_identity_mismatch&#x60;: The requested &#x60;?return_to&#x60; address is not allowed to be used. Adjust this in the configuration! &#x60;browser_location_change_required&#x60;: Usually sent when an AJAX request indicates that the browser needs to open a specific URL. Most likely used in Social Sign In flows. More information can be found at [Ory Kratos User Login](www.ory.sh/docs/kratos/self-service/flows/user-login) and [User Registration Documentation](www.ory.sh/docs/kratos/self-service/flows/user-registration).

Parameters:

  • flow (String)

    The Registration Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/registration?flow&#x3D;abcde&#x60;).

  • update_registration_flow_body (UpdateRegistrationFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1859

def update_registration_flow_with_http_info(flow, update_registration_flow_body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.update_registration_flow ...'
  end
  # verify the required parameter 'flow' is set
  if @api_client.config.client_side_validation && flow.nil?
    fail ArgumentError, "Missing the required parameter 'flow' when calling FrontendApi.update_registration_flow"
  end
  # verify the required parameter 'update_registration_flow_body' is set
  if @api_client.config.client_side_validation && update_registration_flow_body.nil?
    fail ArgumentError, "Missing the required parameter 'update_registration_flow_body' when calling FrontendApi.update_registration_flow"
  end
  # resource path
  local_var_path = '/self-service/registration'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'flow'] = flow

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json', 'application/x-www-form-urlencoded'])
  if !content_type.nil?
      header_params['Content-Type'] = content_type
  end
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(update_registration_flow_body)

  # return_type
  return_type = opts[:debug_return_type] || 'SuccessfulNativeRegistration'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.update_registration_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#update_registration_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_settings_flow(flow, update_settings_flow_body, opts = {}) ⇒ SettingsFlow

Complete Settings Flow Use this endpoint to complete a settings flow by sending an identity’s updated password. This endpoint behaves differently for API and browser flows. API-initiated flows expect ‘application/json` to be sent in the body and respond with HTTP 200 and an application/json body with the session token on success; HTTP 303 redirect to a fresh settings flow if the original flow expired with the appropriate error messages set; HTTP 400 on form validation errors. HTTP 401 when the endpoint is called without a valid session token. HTTP 403 when `selfservice.flows.settings.privileged_session_max_age` was reached or the session’s AAL is too low. Implies that the user needs to re-authenticate. Browser flows without HTTP Header ‘Accept` or with `Accept: text/*` respond with a HTTP 303 redirect to the post/after settings URL or the `return_to` value if it was set and if the flow succeeded; a HTTP 303 redirect to the Settings UI URL with the flow ID containing the validation errors otherwise. a HTTP 303 redirect to the login endpoint when `selfservice.flows.settings.privileged_session_max_age` was reached or the session’s AAL is too low. Browser flows with HTTP Header ‘Accept: application/json` respond with HTTP 200 and a application/json body with the signed in identity and a `Set-Cookie` header on success; HTTP 303 redirect to a fresh login flow if the original flow expired with the appropriate error messages set; HTTP 401 when the endpoint is called without a valid session cookie. HTTP 403 when the page is accessed without a session cookie or the session’s AAL is too low. HTTP 400 on form validation errors. Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor (happens automatically for server-side browser flows) or change the configuration. If this endpoint is called with a ‘Accept: application/json` HTTP header, the response contains the flow without a redirect. In the case of an error, the `error.id` of the JSON response body can be one of: `session_refresh_required`: The identity requested to change something that needs a privileged session. Redirect the identity to the login init endpoint with query parameters `?refresh=true&return_to=<the-current-browser-url>`, or initiate a refresh login flow otherwise. `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. `session_inactive`: No Ory Session was found - sign in a user first. `security_identity_mismatch`: The flow was interrupted with `session_refresh_required` but apparently some other identity logged in instead. `security_identity_mismatch`: The requested `?return_to` address is not allowed to be used. Adjust this in the configuration! `browser_location_change_required`: Usually sent when an AJAX request indicates that the browser needs to open a specific URL. Most likely used in Social Sign In flows. More information can be found at [Ory Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).

Parameters:

  • flow (String)

    The Settings Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/settings?flow&#x3D;abcde&#x60;).

  • update_settings_flow_body (UpdateSettingsFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    The Session Token of the Identity performing the settings flow.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



1926
1927
1928
1929
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1926

def update_settings_flow(flow, update_settings_flow_body, opts = {})
  data, _status_code, _headers = update_settings_flow_with_http_info(flow, update_settings_flow_body, opts)
  data
end

#update_settings_flow_with_http_info(flow, update_settings_flow_body, opts = {}) ⇒ Array<(SettingsFlow, Integer, Hash)>

Complete Settings Flow Use this endpoint to complete a settings flow by sending an identity&#39;s updated password. This endpoint behaves differently for API and browser flows. API-initiated flows expect &#x60;application/json&#x60; to be sent in the body and respond with HTTP 200 and an application/json body with the session token on success; HTTP 303 redirect to a fresh settings flow if the original flow expired with the appropriate error messages set; HTTP 400 on form validation errors. HTTP 401 when the endpoint is called without a valid session token. HTTP 403 when &#x60;selfservice.flows.settings.privileged_session_max_age&#x60; was reached or the session&#39;s AAL is too low. Implies that the user needs to re-authenticate. Browser flows without HTTP Header &#x60;Accept&#x60; or with &#x60;Accept: text/*&#x60; respond with a HTTP 303 redirect to the post/after settings URL or the &#x60;return_to&#x60; value if it was set and if the flow succeeded; a HTTP 303 redirect to the Settings UI URL with the flow ID containing the validation errors otherwise. a HTTP 303 redirect to the login endpoint when &#x60;selfservice.flows.settings.privileged_session_max_age&#x60; was reached or the session&#39;s AAL is too low. Browser flows with HTTP Header &#x60;Accept: application/json&#x60; respond with HTTP 200 and a application/json body with the signed in identity and a &#x60;Set-Cookie&#x60; header on success; HTTP 303 redirect to a fresh login flow if the original flow expired with the appropriate error messages set; HTTP 401 when the endpoint is called without a valid session cookie. HTTP 403 when the page is accessed without a session cookie or the session&#39;s AAL is too low. HTTP 400 on form validation errors. Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor (happens automatically for server-side browser flows) or change the configuration. If this endpoint is called with a &#x60;Accept: application/json&#x60; HTTP header, the response contains the flow without a redirect. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of: &#x60;session_refresh_required&#x60;: The identity requested to change something that needs a privileged session. Redirect the identity to the login init endpoint with query parameters &#x60;?refresh&#x3D;true&amp;return_to&#x3D;&lt;the-current-browser-url&gt;&#x60;, or initiate a refresh login flow otherwise. &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. &#x60;session_inactive&#x60;: No Ory Session was found - sign in a user first. &#x60;security_identity_mismatch&#x60;: The flow was interrupted with &#x60;session_refresh_required&#x60; but apparently some other identity logged in instead. &#x60;security_identity_mismatch&#x60;: The requested &#x60;?return_to&#x60; address is not allowed to be used. Adjust this in the configuration! &#x60;browser_location_change_required&#x60;: Usually sent when an AJAX request indicates that the browser needs to open a specific URL. Most likely used in Social Sign In flows. More information can be found at [Ory Kratos User Settings &amp; Profile Management Documentation](../self-service/flows/user-settings).

Parameters:

  • flow (String)

    The Settings Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/settings?flow&#x3D;abcde&#x60;).

  • update_settings_flow_body (UpdateSettingsFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :x_session_token (String)

    The Session Token of the Identity performing the settings flow.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(SettingsFlow, Integer, Hash)>)

    SettingsFlow data, response status code and response headers



1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 1939

def update_settings_flow_with_http_info(flow, update_settings_flow_body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.update_settings_flow ...'
  end
  # verify the required parameter 'flow' is set
  if @api_client.config.client_side_validation && flow.nil?
    fail ArgumentError, "Missing the required parameter 'flow' when calling FrontendApi.update_settings_flow"
  end
  # verify the required parameter 'update_settings_flow_body' is set
  if @api_client.config.client_side_validation && update_settings_flow_body.nil?
    fail ArgumentError, "Missing the required parameter 'update_settings_flow_body' when calling FrontendApi.update_settings_flow"
  end
  # resource path
  local_var_path = '/self-service/settings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'flow'] = flow

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json', 'application/x-www-form-urlencoded'])
  if !content_type.nil?
      header_params['Content-Type'] = content_type
  end
  header_params[:'X-Session-Token'] = opts[:'x_session_token'] if !opts[:'x_session_token'].nil?
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(update_settings_flow_body)

  # return_type
  return_type = opts[:debug_return_type] || 'SettingsFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.update_settings_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#update_settings_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_verification_flow(flow, update_verification_flow_body, opts = {}) ⇒ VerificationFlow

Complete Verification Flow Use this endpoint to complete a verification flow. This endpoint behaves differently for API and browser flows and has several states: ‘choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent and works with API- and Browser-initiated flows. For API clients and Browser clients with HTTP Header `Accept: application/json` it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid and a HTTP 303 See Other redirect with a fresh verification flow if the flow was otherwise invalid (e.g. expired). For Browser clients without HTTP Header `Accept` or with `Accept: text/*` it returns a HTTP 303 See Other redirect to the Verification UI URL with the Verification Flow ID appended. `sent_email` is the success state after `choose_method` when using the `link` method and allows the user to request another verification email. It works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state. `passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow ("sending a verification link") does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Verification UI URL with a new Verification Flow ID which contains an error message that the verification link was invalid. More information can be found at [Ory Kratos Email and Phone Verification Documentation](www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).

Parameters:

  • flow (String)

    The Verification Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).

  • update_verification_flow_body (UpdateVerificationFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :token (String)

    Verification Token The verification token which completes the verification request. If the token is invalid (e.g. expired) an error will be shown to the end-user. This parameter is usually set in a link and not used by any direct API call.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:



2007
2008
2009
2010
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 2007

def update_verification_flow(flow, update_verification_flow_body, opts = {})
  data, _status_code, _headers = update_verification_flow_with_http_info(flow, update_verification_flow_body, opts)
  data
end

#update_verification_flow_with_http_info(flow, update_verification_flow_body, opts = {}) ⇒ Array<(VerificationFlow, Integer, Hash)>

Complete Verification Flow Use this endpoint to complete a verification flow. This endpoint behaves differently for API and browser flows and has several states: &#x60;choose_method&#x60; expects &#x60;flow&#x60; (in the URL query) and &#x60;email&#x60; (in the body) to be sent and works with API- and Browser-initiated flows. For API clients and Browser clients with HTTP Header &#x60;Accept: application/json&#x60; it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid and a HTTP 303 See Other redirect with a fresh verification flow if the flow was otherwise invalid (e.g. expired). For Browser clients without HTTP Header &#x60;Accept&#x60; or with &#x60;Accept: text/*&#x60; it returns a HTTP 303 See Other redirect to the Verification UI URL with the Verification Flow ID appended. &#x60;sent_email&#x60; is the success state after &#x60;choose_method&#x60; when using the &#x60;link&#x60; method and allows the user to request another verification email. It works for both API and Browser-initiated flows and returns the same responses as the flow in &#x60;choose_method&#x60; state. &#x60;passed_challenge&#x60; expects a &#x60;token&#x60; to be sent in the URL query and given the nature of the flow (&quot;sending a verification link&quot;) does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Verification UI URL with a new Verification Flow ID which contains an error message that the verification link was invalid. More information can be found at [Ory Kratos Email and Phone Verification Documentation](www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).

Parameters:

  • flow (String)

    The Verification Flow ID The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).

  • update_verification_flow_body (UpdateVerificationFlowBody)
  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :token (String)

    Verification Token The verification token which completes the verification request. If the token is invalid (e.g. expired) an error will be shown to the end-user. This parameter is usually set in a link and not used by any direct API call.

  • :cookie (String)

    HTTP Cookies When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.

Returns:

  • (Array<(VerificationFlow, Integer, Hash)>)

    VerificationFlow data, response status code and response headers



2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
# File 'lib/ory-kratos-client/api/frontend_api.rb', line 2020

def update_verification_flow_with_http_info(flow, update_verification_flow_body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: FrontendApi.update_verification_flow ...'
  end
  # verify the required parameter 'flow' is set
  if @api_client.config.client_side_validation && flow.nil?
    fail ArgumentError, "Missing the required parameter 'flow' when calling FrontendApi.update_verification_flow"
  end
  # verify the required parameter 'update_verification_flow_body' is set
  if @api_client.config.client_side_validation && update_verification_flow_body.nil?
    fail ArgumentError, "Missing the required parameter 'update_verification_flow_body' when calling FrontendApi.update_verification_flow"
  end
  # resource path
  local_var_path = '/self-service/verification'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'flow'] = flow
  query_params[:'token'] = opts[:'token'] if !opts[:'token'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json', 'application/x-www-form-urlencoded'])
  if !content_type.nil?
      header_params['Content-Type'] = content_type
  end
  header_params[:'Cookie'] = opts[:'cookie'] if !opts[:'cookie'].nil?

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(update_verification_flow_body)

  # return_type
  return_type = opts[:debug_return_type] || 'VerificationFlow'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    :operation => :"FrontendApi.update_verification_flow",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: FrontendApi#update_verification_flow\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end