From 5a9033d81ab2b41ccb20367bb155b08940bf26b5 Mon Sep 17 00:00:00 2001 From: Jeffrey Aven Date: Tue, 2 Sep 2025 17:10:48 +1000 Subject: [PATCH 1/3] updated --- bin/test-meta-routes.cjs | 2 +- provider-dev/config/all_services.csv | 28 +-- .../src/okta/v00.00.00000/services/users.yaml | 169 +++++++----------- .../services/webauthn_registration.yaml | 19 +- 4 files changed, 85 insertions(+), 133 deletions(-) diff --git a/bin/test-meta-routes.cjs b/bin/test-meta-routes.cjs index 0f027ba..822a5c4 100644 --- a/bin/test-meta-routes.cjs +++ b/bin/test-meta-routes.cjs @@ -284,7 +284,7 @@ async function testMetaRoutes() { if (!hasSelect) { results.nonSelectableResourceCount++; - results.nonSelectableResources.push(resourceName); + results.nonSelectableResources.push(`${resourceData.service}.${resourceName}`); } // Try DESCRIBE EXTENDED if available diff --git a/provider-dev/config/all_services.csv b/provider-dev/config/all_services.csv index 7628102..317e3ec 100644 --- a/provider-dev/config/all_services.csv +++ b/provider-dev/config/all_services.csv @@ -614,13 +614,13 @@ users.yaml,/api/v1/users/{userId}/authenticator-enrollments,listAuthenticatorEnr users.yaml,/api/v1/users/{userId}/authenticator-enrollments/{enrollmentId},getAuthenticatorEnrollment,get_authenticator_enrollment,get,,UserAuthenticatorEnrollments,user_authenticator_enrollments,authenticator_enrollments,get_authenticator_enrollment,select users.yaml,/api/v1/users/{userId}/classification,replaceUserClassification,replace_user_classification,put,UserClassification,UserClassification,user_classification,classifications,replace_user_classification,replace users.yaml,/api/v1/users/{userId}/classification,getUserClassification,get_user_classification,get,UserClassification,UserClassification,user_classification,classifications,get_user_classification,select -users.yaml,/api/v1/users/{id}/lifecycle/expire_password,expirePassword,expire_password,post,User,UserCred,user_cred,creds,expire_password,exec -users.yaml,/api/v1/users/{id}/lifecycle/expire_password_with_temp_password,expirePasswordWithTempPassword,expire_password_with_temp_password,post,User,UserCred,user_cred,creds,expire_password_with_temp_password,exec -users.yaml,/api/v1/users/{id}/lifecycle/reset_password,resetPassword,reset_password,post,ResetPasswordToken,UserCred,user_cred,creds,reset_password,exec -users.yaml,/api/v1/users/{userId}/credentials/change_password,changePassword,change_password,post,UserCredentials,UserCred,user_cred,creds,change_password,exec -users.yaml,/api/v1/users/{userId}/credentials/change_recovery_question,changeRecoveryQuestion,change_recovery_question,post,UserCredentials,UserCred,user_cred,creds,change_recovery_question,exec -users.yaml,/api/v1/users/{userId}/credentials/forgot_password,forgotPassword,forgot_password,post,ForgotPasswordResponse,UserCred,user_cred,creds,forgot_password,exec -users.yaml,/api/v1/users/{userId}/credentials/forgot_password_recovery_question,forgotPasswordSetNewPassword,forgot_password_set_new_password,post,UserCredentials,UserCred,user_cred,creds,forgot_password_set_new_password,exec +users.yaml,/api/v1/users/{id}/lifecycle/expire_password,expirePassword,expire_password,post,User,UserCred,user_cred,users,expire_password,exec +users.yaml,/api/v1/users/{id}/lifecycle/expire_password_with_temp_password,expirePasswordWithTempPassword,expire_password_with_temp_password,post,User,UserCred,user_cred,users,expire_password_with_temp_password,exec +users.yaml,/api/v1/users/{id}/lifecycle/reset_password,resetPassword,reset_password,post,ResetPasswordToken,UserCred,user_cred,users,reset_password,exec +users.yaml,/api/v1/users/{userId}/credentials/change_password,changePassword,change_password,post,UserCredentials,UserCred,user_cred,users,change_password,exec +users.yaml,/api/v1/users/{userId}/credentials/change_recovery_question,changeRecoveryQuestion,change_recovery_question,post,UserCredentials,UserCred,user_cred,users,change_recovery_question,exec +users.yaml,/api/v1/users/{userId}/credentials/forgot_password,forgotPassword,forgot_password,post,ForgotPasswordResponse,UserCred,user_cred,users,forgot_password,exec +users.yaml,/api/v1/users/{userId}/credentials/forgot_password_recovery_question,forgotPasswordSetNewPassword,forgot_password_set_new_password,post,UserCredentials,UserCred,user_cred,users,forgot_password_set_new_password,exec users.yaml,/api/v1/users/{userId}/factors/{factorId},unenrollFactor,unenroll_factor,delete,,UserFactor,user_factor,factors,unenroll_factor,delete users.yaml,/api/v1/users/{userId}/factors/{factorId}/lifecycle/activate,activateFactor,activate_factor,post,UserFactorActivateResponse,UserFactor,user_factor,factors,activate_factor,exec users.yaml,/api/v1/users/{userId}/factors/{factorId}/resend,resendEnrollFactor,resend_enroll_factor,post,ResendUserFactor,UserFactor,user_factor,factors,resend_enroll_factor,exec @@ -654,7 +654,7 @@ users.yaml,/api/v1/users/{userId}/roles/{roleAssignmentId},getUserAssignedRole,g users.yaml,/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/groups/{groupId},unassignGroupTargetFromUserAdminRole,unassign_group_target_from_user_admin_role,delete,,RoleBTargetAdmin,role_btarget_admin,role_group_targets,unassign_group_target_from_user_admin_role,delete users.yaml,/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/groups/{groupId},assignGroupTargetToUserRole,assign_group_target_to_user_role,put,,RoleBTargetAdmin,role_btarget_admin,role_group_targets,assign_group_target_to_user_role,replace users.yaml,/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/groups,listGroupTargetsForRole,list_group_targets_for_role,get,Group,RoleBTargetAdmin,role_btarget_admin,role_group_targets,list_group_targets_for_role,select -users.yaml,/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId},assignAppInstanceTargetToAppAdminRoleForUser,assign_app_instance_target_to_app_admin_role_for_user,put,,RoleBTargetAdmin,role_btarget_admin,role_target_admin,assign_app_instance_target_to_app_admin_role_for_user,replace +users.yaml,/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId},assignAppInstanceTargetToAppAdminRoleForUser,assign_app_instance_target_to_app_admin_role_for_user,put,,RoleBTargetAdmin,role_btarget_admin,role_assignment_users,assign_app_instance_target_to_app_admin_role_for_user,exec users.yaml,/api/v1/users/{userId}/roles/{roleIdOrEncodedRoleId}/targets,getRoleTargetsByUserIdAndRoleId,get_role_targets_by_user_id_and_role_id,get,RoleTarget,RoleBTargetAdmin,role_btarget_admin,role_targets,get_role_targets_by_user_id_and_role_id,select users.yaml,/api/v1/users/{userId}/subscriptions/{notificationType}/subscribe,subscribeByNotificationTypeUser,subscribe_by_notification_type_user,post,,Subscription,subscription,subscriptions,subscribe_by_notification_type_user,exec users.yaml,/api/v1/users/{userId}/subscriptions/{notificationType}/unsubscribe,unsubscribeByNotificationTypeUser,unsubscribe_by_notification_type_user,post,,Subscription,subscription,subscriptions,unsubscribe_by_notification_type_user,exec @@ -669,8 +669,8 @@ users.yaml,/api/v1/users/{userId}/devices,listUserDevices,list_user_devices,get, users.yaml,/api/v1/users/{id}/groups,listUserGroups,list_user_groups,get,Group,UserResources,user_resources,user_groups,list_user_groups,select users.yaml,/api/v1/users/{userId}/risk,upsertUserRisk,upsert_user_risk,put,UserRiskPutResponse,UserRisk,user_risk,user_risk,upsert_user_risk,replace users.yaml,/api/v1/users/{userId}/risk,getUserRisk,get_user_risk,get,UserRiskGetResponse,UserRisk,user_risk,user_risk,get_user_risk,select -users.yaml,/api/v1/users/{userId}/sessions,revokeUserSessions,revoke_user_sessions,delete,,UserSessions,user_sessions,user_sessions,revoke_user_sessions,delete -users.yaml,/api/v1/users/me/lifecycle/delete_sessions,endUserSessions,end_user_sessions,post,,UserSessions,user_sessions,user_sessions,end_user_sessions,exec +users.yaml,/api/v1/users/{userId}/sessions,revokeUserSessions,revoke_user_sessions,delete,,UserSessions,user_sessions,users,revoke_user_sessions,exec +users.yaml,/api/v1/users/me/lifecycle/delete_sessions,endUserSessions,end_user_sessions,post,,UserSessions,user_sessions,users,end_user_sessions,exec users.yaml,/api/v1/users/{id},deleteUser,delete_user,delete,,User,user,users,delete_user,delete users.yaml,/api/v1/users/{id}/lifecycle/activate,activateUser,activate_user,post,UserActivationToken,UserLifecycle,user_lifecycle,users,activate_user,exec users.yaml,/api/v1/users/{id}/lifecycle/deactivate,deactivateUser,deactivate_user,post,,UserLifecycle,user_lifecycle,users,deactivate_user,exec @@ -687,10 +687,10 @@ users.yaml,/api/v1/users/{id},updateUser,update_user,post,User,User,user,users,u webauthn_registration.yaml,/webauthn-registration/api/v1/users/{userId}/enrollments/{authenticatorEnrollmentId},deleteWebAuthnPreregistrationFactor,delete_web_authn_preregistration_factor,delete,,WebAuthnPreregistration,web_authn_preregistration,enrollments,delete_web_authn_preregistration_factor,delete webauthn_registration.yaml,/webauthn-registration/api/v1/users/{userId}/enrollments/{authenticatorEnrollmentId}/mark-error,assignFulfillmentErrorWebAuthnPreregistrationFactor,assign_fulfillment_error_web_authn_preregistration_factor,post,,WebAuthnPreregistration,web_authn_preregistration,enrollments,assign_fulfillment_error_web_authn_preregistration_factor,exec webauthn_registration.yaml,/webauthn-registration/api/v1/users/{userId}/enrollments,listWebAuthnPreregistrationFactors,list_web_authn_preregistration_factors,get,WebAuthnPreregistrationFactor,WebAuthnPreregistration,web_authn_preregistration,enrollments,list_web_authn_preregistration_factors,select -webauthn_registration.yaml,/webauthn-registration/api/v1/activate,activatePreregistrationEnrollment,activate_preregistration_enrollment,post,EnrollmentActivationResponse,WebAuthnPreregistration,web_authn_preregistration,preregistration_enrollments,activate_preregistration_enrollment,exec -webauthn_registration.yaml,/webauthn-registration/api/v1/enroll,enrollPreregistrationEnrollment,enroll_preregistration_enrollment,post,EnrollmentInitializationResponse,WebAuthnPreregistration,web_authn_preregistration,preregistration_enrollments,enroll_preregistration_enrollment,exec -webauthn_registration.yaml,/webauthn-registration/api/v1/initiate-fulfillment-request,generateFulfillmentRequest,generate_fulfillment_request,post,,WebAuthnPreregistration,web_authn_preregistration,preregistration_enrollments,generate_fulfillment_request,exec -webauthn_registration.yaml,/webauthn-registration/api/v1/send-pin,sendPin,send_pin,post,,WebAuthnPreregistration,web_authn_preregistration,preregistration_enrollments,send_pin,exec +webauthn_registration.yaml,/webauthn-registration/api/v1/activate,activatePreregistrationEnrollment,activate_preregistration_enrollment,post,EnrollmentActivationResponse,WebAuthnPreregistration,web_authn_preregistration,enrollments,activate_preregistration_enrollment,exec +webauthn_registration.yaml,/webauthn-registration/api/v1/enroll,enrollPreregistrationEnrollment,enroll_preregistration_enrollment,post,EnrollmentInitializationResponse,WebAuthnPreregistration,web_authn_preregistration,enrollments,enroll_preregistration_enrollment,exec +webauthn_registration.yaml,/webauthn-registration/api/v1/initiate-fulfillment-request,generateFulfillmentRequest,generate_fulfillment_request,post,,WebAuthnPreregistration,web_authn_preregistration,enrollments,generate_fulfillment_request,exec +webauthn_registration.yaml,/webauthn-registration/api/v1/send-pin,sendPin,send_pin,post,,WebAuthnPreregistration,web_authn_preregistration,enrollments,send_pin,exec zones.yaml,/api/v1/zones/{zoneId},deleteNetworkZone,delete_network_zone,delete,,NetworkZone,network_zone,network_zones,delete_network_zone,delete zones.yaml,/api/v1/zones/{zoneId}/lifecycle/activate,activateNetworkZone,activate_network_zone,post,NetworkZone,NetworkZone,network_zone,network_zones,activate_network_zone,exec zones.yaml,/api/v1/zones/{zoneId}/lifecycle/deactivate,deactivateNetworkZone,deactivate_network_zone,post,NetworkZone,NetworkZone,network_zone,network_zones,deactivate_network_zone,exec diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/users.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/users.yaml index 4558f0c..ec75416 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/users.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/users.yaml @@ -12508,6 +12508,12 @@ components: response: mediaType: application/json openAPIDocKey: '200' + end_user_sessions: + operation: + $ref: '#/paths/~1api~1v1~1users~1me~1lifecycle~1delete_sessions/post' + response: + mediaType: '' + openAPIDocKey: '200' get_user: operation: $ref: '#/paths/~1api~1v1~1users~1{id}/get' @@ -12544,6 +12550,19 @@ components: response: mediaType: '' openAPIDocKey: '200' + expire_password: + operation: + $ref: '#/paths/~1api~1v1~1users~1{id}~1lifecycle~1expire_password/post' + response: + mediaType: application/json + openAPIDocKey: '200' + expire_password_with_temp_password: + operation: + $ref: >- + #/paths/~1api~1v1~1users~1{id}~1lifecycle~1expire_password_with_temp_password/post + response: + mediaType: application/json + openAPIDocKey: '200' reactivate_user: operation: $ref: '#/paths/~1api~1v1~1users~1{id}~1lifecycle~1reactivate/post' @@ -12556,6 +12575,12 @@ components: response: mediaType: '' openAPIDocKey: '200' + reset_password: + operation: + $ref: '#/paths/~1api~1v1~1users~1{id}~1lifecycle~1reset_password/post' + response: + mediaType: application/json + openAPIDocKey: '200' suspend_user: operation: $ref: '#/paths/~1api~1v1~1users~1{id}~1lifecycle~1suspend/post' @@ -12574,6 +12599,40 @@ components: response: mediaType: '' openAPIDocKey: '200' + change_password: + operation: + $ref: >- + #/paths/~1api~1v1~1users~1{userId}~1credentials~1change_password/post + response: + mediaType: application/json + openAPIDocKey: '200' + change_recovery_question: + operation: + $ref: >- + #/paths/~1api~1v1~1users~1{userId}~1credentials~1change_recovery_question/post + response: + mediaType: application/json + openAPIDocKey: '200' + forgot_password: + operation: + $ref: >- + #/paths/~1api~1v1~1users~1{userId}~1credentials~1forgot_password/post + response: + mediaType: application/json + openAPIDocKey: '200' + forgot_password_set_new_password: + operation: + $ref: >- + #/paths/~1api~1v1~1users~1{userId}~1credentials~1forgot_password_recovery_question/post + response: + mediaType: application/json + openAPIDocKey: '200' + revoke_user_sessions: + operation: + $ref: '#/paths/~1api~1v1~1users~1{userId}~1sessions/delete' + response: + mediaType: '' + openAPIDocKey: '204' sqlVerbs: select: - $ref: '#/components/x-stackQL-resources/users/methods/list_users' @@ -12586,31 +12645,6 @@ components: - $ref: '#/components/x-stackQL-resources/users/methods/delete_user' replace: - $ref: '#/components/x-stackQL-resources/users/methods/replace_user' - user_sessions: - id: okta.users.user_sessions - name: user_sessions - title: User Sessions - methods: - end_user_sessions: - operation: - $ref: '#/paths/~1api~1v1~1users~1me~1lifecycle~1delete_sessions/post' - response: - mediaType: '' - openAPIDocKey: '200' - revoke_user_sessions: - operation: - $ref: '#/paths/~1api~1v1~1users~1{userId}~1sessions/delete' - response: - mediaType: '' - openAPIDocKey: '204' - sqlVerbs: - select: [] - insert: [] - update: [] - delete: - - $ref: >- - #/components/x-stackQL-resources/user_sessions/methods/revoke_user_sessions - replace: [] app_links: id: okta.users.app_links name: app_links @@ -12686,64 +12720,6 @@ components: update: [] delete: [] replace: [] - creds: - id: okta.users.creds - name: creds - title: Creds - methods: - expire_password: - operation: - $ref: '#/paths/~1api~1v1~1users~1{id}~1lifecycle~1expire_password/post' - response: - mediaType: application/json - openAPIDocKey: '200' - expire_password_with_temp_password: - operation: - $ref: >- - #/paths/~1api~1v1~1users~1{id}~1lifecycle~1expire_password_with_temp_password/post - response: - mediaType: application/json - openAPIDocKey: '200' - reset_password: - operation: - $ref: '#/paths/~1api~1v1~1users~1{id}~1lifecycle~1reset_password/post' - response: - mediaType: application/json - openAPIDocKey: '200' - change_password: - operation: - $ref: >- - #/paths/~1api~1v1~1users~1{userId}~1credentials~1change_password/post - response: - mediaType: application/json - openAPIDocKey: '200' - change_recovery_question: - operation: - $ref: >- - #/paths/~1api~1v1~1users~1{userId}~1credentials~1change_recovery_question/post - response: - mediaType: application/json - openAPIDocKey: '200' - forgot_password: - operation: - $ref: >- - #/paths/~1api~1v1~1users~1{userId}~1credentials~1forgot_password/post - response: - mediaType: application/json - openAPIDocKey: '200' - forgot_password_set_new_password: - operation: - $ref: >- - #/paths/~1api~1v1~1users~1{userId}~1credentials~1forgot_password_recovery_question/post - response: - mediaType: application/json - openAPIDocKey: '200' - sqlVerbs: - select: [] - insert: [] - update: [] - delete: [] - replace: [] linked_objects: id: okta.users.linked_objects name: linked_objects @@ -13183,6 +13159,13 @@ components: response: mediaType: '' openAPIDocKey: '204' + assign_app_instance_target_to_app_admin_role_for_user: + operation: + $ref: >- + #/paths/~1api~1v1~1users~1{userId}~1roles~1{roleAssignmentId}~1targets~1catalog~1apps~1{appName}~1{appId}/put + response: + mediaType: '' + openAPIDocKey: '204' sqlVerbs: select: - $ref: >- @@ -13295,26 +13278,6 @@ components: - $ref: >- #/components/x-stackQL-resources/admin_app_targets/methods/unassign_app_instance_target_from_admin_role_for_user replace: [] - role_target_admin: - id: okta.users.role_target_admin - name: role_target_admin - title: Role Target Admin - methods: - assign_app_instance_target_to_app_admin_role_for_user: - operation: - $ref: >- - #/paths/~1api~1v1~1users~1{userId}~1roles~1{roleAssignmentId}~1targets~1catalog~1apps~1{appName}~1{appId}/put - response: - mediaType: '' - openAPIDocKey: '204' - sqlVerbs: - select: [] - insert: [] - update: [] - delete: [] - replace: - - $ref: >- - #/components/x-stackQL-resources/role_target_admin/methods/assign_app_instance_target_to_app_admin_role_for_user role_group_targets: id: okta.users.role_group_targets name: role_group_targets diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/webauthn_registration.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/webauthn_registration.yaml index 800189d..8e499e5 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/webauthn_registration.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/webauthn_registration.yaml @@ -863,10 +863,10 @@ components: errorId: sampleQPivGUj_ND5v78vbYWW errorCauses: [] x-stackQL-resources: - preregistration_enrollments: - id: okta.webauthn_registration.preregistration_enrollments - name: preregistration_enrollments - title: Preregistration Enrollments + enrollments: + id: okta.webauthn_registration.enrollments + name: enrollments + title: Enrollments methods: activate_preregistration_enrollment: operation: @@ -893,17 +893,6 @@ components: response: mediaType: '' openAPIDocKey: '204' - sqlVerbs: - select: [] - insert: [] - update: [] - delete: [] - replace: [] - enrollments: - id: okta.webauthn_registration.enrollments - name: enrollments - title: Enrollments - methods: list_web_authn_preregistration_factors: operation: $ref: >- From c1f7c7d979abfbe3725ef94ccdd91a1e323a87fc Mon Sep 17 00:00:00 2001 From: Jeffrey Aven Date: Wed, 3 Sep 2025 09:13:44 +1000 Subject: [PATCH 2/3] website deploy --- README.md | 127 +- package-lock.json | 8 +- package.json | 2 +- provider-dev/config/all_services.csv | 6 + .../docgen/provider-data/headerContent1.txt | 10 +- .../docgen/provider-data/headerContent2.txt | 22 +- .../src/okta/v00.00.00000/services/apps.yaml | 92 +- .../services/authorizationservers.yaml | 6 +- .../okta/v00.00.00000/services/brands.yaml | 2 +- .../okta/v00.00.00000/services/devices.yaml | 24 +- .../v00.00.00000/services/eventhooks.yaml | 2 +- .../okta/v00.00.00000/services/features.yaml | 2 +- .../okta/v00.00.00000/services/groups.yaml | 64 +- .../src/okta/v00.00.00000/services/iam.yaml | 14 +- .../services/identity_sources.yaml | 2 +- .../src/okta/v00.00.00000/services/idps.yaml | 24 +- .../v00.00.00000/services/inlinehooks.yaml | 12 +- .../v00.00.00000/services/integrations.yaml | 4 +- .../src/okta/v00.00.00000/services/logs.yaml | 2 +- .../v00.00.00000/services/logstreams.yaml | 4 +- .../okta/v00.00.00000/services/mappings.yaml | 2 +- .../src/okta/v00.00.00000/services/meta.yaml | 25 +- .../okta/v00.00.00000/services/oauth2.yaml | 24 +- .../src/okta/v00.00.00000/services/org.yaml | 44 +- .../src/okta/v00.00.00000/services/orgs.yaml | 2 +- .../okta/v00.00.00000/services/policies.yaml | 14 +- .../services/privileged_access.yaml | 2 +- .../okta/v00.00.00000/services/realms.yaml | 2 +- .../src/okta/v00.00.00000/services/risk.yaml | 2 +- .../src/okta/v00.00.00000/services/roles.yaml | 2 +- .../okta/v00.00.00000/services/security.yaml | 4 +- .../okta/v00.00.00000/services/templates.yaml | 2 +- .../okta/v00.00.00000/services/threats.yaml | 2 +- .../src/okta/v00.00.00000/services/users.yaml | 160 +- .../src/okta/v00.00.00000/services/zones.yaml | 4 +- provider-dev/scripts/fix_mappings_issue.sh | 1 - provider-dev/scripts/post_processing.sh | 56 + website/docs/index.md | 142 + .../agent_pool_update_settings/index.md | 205 + .../agentpools/agent_pool_updates/index.md | 619 ++ .../services/agentpools/agent_pools/index.md | 186 + website/docs/services/agentpools/index.md | 34 + .../services/api_tokens/api_tokens/index.md | 360 + website/docs/services/api_tokens/index.md | 33 + .../services/apps/application_users/index.md | 519 + .../docs/services/apps/applications/index.md | 705 ++ .../services/apps/connection_jwks/index.md | 126 + .../docs/services/apps/connections/index.md | 267 + .../cross_app_access_connections/index.md | 378 + website/docs/services/apps/csrs/index.md | 293 + website/docs/services/apps/features/index.md | 240 + .../services/apps/federated_claims/index.md | 322 + website/docs/services/apps/grants/index.md | 405 + .../services/apps/group_assignments/index.md | 356 + website/docs/services/apps/index.md | 46 + website/docs/services/apps/jwks/index.md | 269 + website/docs/services/apps/keys/index.md | 374 + .../docs/services/apps/push_mappings/index.md | 469 + website/docs/services/apps/secrets/index.md | 374 + website/docs/services/apps/tokens/index.md | 352 + .../authenticator_settings/index.md | 158 + .../docs/services/attack_protection/index.md | 33 + .../lockout_settings/index.md | 158 + .../authenticator_methods/index.md | 272 + .../authenticators/authenticators/index.md | 365 + .../authenticators/custom_aaguids/index.md | 390 + website/docs/services/authenticators/index.md | 34 + .../associated_servers/index.md | 322 + .../authorization_servers/index.md | 602 ++ .../authorizationservers/claims/index.md | 489 + .../authorizationservers/clients/index.md | 152 + .../services/authorizationservers/index.md | 41 + .../authorizationservers/keys/index.md | 284 + .../oauth2_resource_server_jwks/index.md | 443 + .../authorizationservers/policies/index.md | 519 + .../refresh_tokens/index.md | 352 + .../authorizationservers/rules/index.md | 511 + .../authorizationservers/scopes/index.md | 494 + .../behavior_detection_rules/index.md | 418 + website/docs/services/behaviors/index.md | 33 + .../brands/brand_well_known_uris/index.md | 168 + website/docs/services/brands/brands/index.md | 424 + .../brands/customization_preview/index.md | 140 + .../brands/customized_error_page/index.md | 195 + .../brands/customized_sign_in_page/index.md | 184 + .../brands/default_error_page/index.md | 134 + .../brands/default_sign_in_page/index.md | 146 + website/docs/services/brands/domains/index.md | 170 + .../brands/email_default_content/index.md | 146 + .../brands/email_default_preview/index.md | 146 + .../services/brands/email_settings/index.md | 167 + .../email_template_customizations/index.md | 447 + .../services/brands/email_templates/index.md | 245 + .../docs/services/brands/error_page/index.md | 134 + website/docs/services/brands/index.md | 52 + .../brands/preview_error_page/index.md | 195 + .../brands/preview_sign_in_page/index.md | 211 + .../services/brands/sign_in_page/index.md | 161 + .../brands/sign_in_widget_versions/index.md | 123 + .../brands/sign_out_page_settings/index.md | 169 + website/docs/services/brands/themes/index.md | 508 + .../services/brands/well_known_uris/index.md | 181 + .../captchas/captcha_instances/index.md | 411 + website/docs/services/captchas/index.md | 33 + website/docs/services/device_access/index.md | 33 + .../mfa_challenge_org_setting/index.md | 158 + .../mfa_recovery_pin_setting/index.md | 158 + .../device_assurance_policies/index.md | 447 + .../docs/services/device_assurances/index.md | 33 + .../device_integrations/index.md | 281 + .../services/device_integrations/index.md | 33 + .../default_device_posture_checks/index.md | 204 + .../device_posture_checks/index.md | 511 + .../services/device_posture_checks/index.md | 33 + .../services/devices/device_users/index.md | 146 + .../docs/services/devices/devices/index.md | 408 + website/docs/services/devices/index.md | 33 + .../directories_integration/index.md | 104 + website/docs/services/directories/index.md | 33 + .../services/domains/custom_domains/index.md | 396 + website/docs/services/domains/index.md | 33 + .../email_domains/email_domains/index.md | 323 + website/docs/services/email_domains/index.md | 33 + .../email_servers/email_servers/index.md | 358 + website/docs/services/email_servers/index.md | 33 + .../services/eventhooks/event_hooks/index.md | 502 + website/docs/services/eventhooks/index.md | 33 + .../features/feature_dependencies/index.md | 164 + .../features/feature_dependents/index.md | 164 + .../docs/services/features/features/index.md | 274 + website/docs/services/features/index.md | 34 + .../first_party_app_settings/index.md | 166 + .../first_party_app_settings/index.md | 33 + .../groups/app_instance_targets/index.md | 130 + .../docs/services/groups/app_targets/index.md | 263 + .../services/groups/assigned_apps/index.md | 224 + .../services/groups/assigned_roles/index.md | 245 + .../services/groups/group_targets/index.md | 245 + website/docs/services/groups/groups/index.md | 443 + website/docs/services/groups/index.md | 40 + website/docs/services/groups/owners/index.md | 285 + website/docs/services/groups/rules/index.md | 476 + website/docs/services/groups/users/index.md | 281 + .../services/hook_keys/hook_keys/index.md | 358 + website/docs/services/hook_keys/index.md | 33 + .../services/hook_keys/public_keys/index.md | 158 + .../iam/bundle_entitlement_values/index.md | 144 + .../services/iam/bundle_entitlements/index.md | 144 + .../services/iam/governance_bundles/index.md | 341 + website/docs/services/iam/index.md | 42 + .../docs/services/iam/opt_in_status/index.md | 176 + .../services/iam/role_permissions/index.md | 302 + .../index.md | 254 + .../iam/role_resource_set_bindings/index.md | 269 + .../iam/role_resource_set_resources/index.md | 336 + .../services/iam/role_resource_sets/index.md | 343 + website/docs/services/iam/roles/index.md | 345 + .../iam/users_with_role_assignments/index.md | 146 + .../identity_sources/index.md | 144 + .../docs/services/identity_sources/index.md | 33 + .../identity_sources/sessions/index.md | 306 + .../idps/active_idp_signing_keys/index.md | 182 + website/docs/services/idps/csrs/index.md | 328 + .../services/idps/identity_providers/index.md | 574 ++ website/docs/services/idps/idp_users/index.md | 323 + website/docs/services/idps/index.md | 38 + website/docs/services/idps/keys/index.md | 424 + .../docs/services/idps/signing_keys/index.md | 374 + .../services/idps/social_auth_tokens/index.md | 158 + website/docs/services/inlinehooks/index.md | 33 + .../inlinehooks/inline_hooks/index.md | 522 + website/docs/services/integrations/index.md | 33 + .../integrations/instance_secrets/index.md | 284 + .../services/integrations/instances/index.md | 369 + website/docs/services/logs/index.md | 33 + .../services/logs/system_log_events/index.md | 260 + website/docs/services/logstreams/index.md | 33 + .../services/logstreams/log_streams/index.md | 439 + website/docs/services/mappings/index.md | 33 + .../mappings/profile_mappings/index.md | 237 + .../meta/application_user_schemas/index.md | 225 + .../docs/services/meta/group_schemas/index.md | 233 + website/docs/services/meta/index.md | 38 + .../meta/linked_object_definitions/index.md | 282 + .../services/meta/log_stream_schemas/index.md | 277 + .../docs/services/meta/ui_schemas/index.md | 336 + .../docs/services/meta/user_schemas/index.md | 225 + .../docs/services/meta/user_types/index.md | 467 + .../services/oauth2/app_target_roles/index.md | 307 + .../services/oauth2/client_roles/index.md | 229 + .../oauth2/group_target_roles/index.md | 245 + website/docs/services/oauth2/index.md | 34 + .../blocked_email_domains/index.md | 103 + .../services/okta_personal_settings/index.md | 34 + .../personal_apps_export_block_list/index.md | 126 + .../okta_personal_settings/settings/index.md | 104 + .../auto_assign_admin_app_setting/index.md | 160 + .../services/org/captcha_settings/index.md | 202 + .../org/client_privileges_setting/index.md | 160 + .../org/communication_settings/index.md | 178 + .../docs/services/org/contact_types/index.md | 128 + website/docs/services/org/contacts/index.md | 167 + .../org/email_customizations/index.md | 104 + website/docs/services/org/index.md | 46 + .../docs/services/org/okta_support/index.md | 170 + .../docs/services/org/preferences/index.md | 199 + website/docs/services/org/settings/index.md | 348 + .../org/support_aerial_consent/index.md | 228 + .../docs/services/org/support_cases/index.md | 164 + .../services/org/support_settings/index.md | 146 + .../org/third_party_admin_setting/index.md | 160 + .../services/org/yubikey_otp_tokens/index.md | 293 + .../docs/services/orgs/child_orgs/index.md | 170 + website/docs/services/orgs/index.md | 33 + website/docs/services/policies/index.md | 35 + .../docs/services/policies/policies/index.md | 606 ++ .../services/policies/policy_apps/index.md | 212 + .../policies/policy_mappings/index.md | 240 + .../services/policies/policy_rules/index.md | 481 + .../services/principal_rate_limits/index.md | 33 + .../principal_rate_limit_entities/index.md | 420 + .../docs/services/privileged_access/index.md | 33 + .../service_accounts/index.md | 527 + website/docs/services/push_providers/index.md | 33 + .../push_providers/push_providers/index.md | 344 + .../admin_notifications/index.md | 159 + .../services/rate_limit_settings/index.md | 34 + .../rate_limit_settings_per_client/index.md | 167 + .../warning_thresholds/index.md | 159 + .../docs/services/realm_assignments/index.md | 33 + .../realm_assignment_operations/index.md | 198 + .../realm_assignments/index.md | 520 + website/docs/services/realms/index.md | 33 + website/docs/services/realms/realms/index.md | 375 + website/docs/services/risk/index.md | 33 + .../docs/services/risk/risk_events/index.md | 100 + .../services/risk/risk_providers/index.md | 381 + website/docs/services/roles/index.md | 33 + .../services/roles/subscriptions/index.md | 249 + website/docs/services/security/index.md | 33 + .../ssf_security_event_tokens/index.md | 100 + .../security_events_providers/index.md | 33 + .../ssf_receivers/index.md | 409 + website/docs/services/sessions/index.md | 33 + .../docs/services/sessions/sessions/index.md | 447 + website/docs/services/ssf/index.md | 33 + .../services/ssf/ssf_stream_status/index.md | 138 + .../docs/services/ssf/ssf_streams/index.md | 362 + website/docs/services/templates/index.md | 33 + .../services/templates/sms_templates/index.md | 437 + .../threats/current_configuration/index.md | 190 + website/docs/services/threats/index.md | 33 + website/docs/services/trustedorigins/index.md | 33 + .../trustedorigins/trusted_origins/index.md | 493 + .../services/users/admin_app_targets/index.md | 250 + .../docs/services/users/app_links/index.md | 182 + .../users/authenticator_enrollments/index.md | 333 + .../services/users/classifications/index.md | 167 + website/docs/services/users/factors/index.md | 499 + website/docs/services/users/grants/index.md | 497 + .../users/identity_providers/index.md | 188 + website/docs/services/users/index.md | 55 + .../services/users/linked_objects/index.md | 185 + .../docs/services/users/oauth_tokens/index.md | 352 + .../role_assignment_governance_grant/index.md | 152 + .../index.md | 134 + .../users/role_assignment_users/index.md | 306 + .../users/role_group_targets/index.md | 245 + .../docs/services/users/role_targets/index.md | 164 + .../services/users/subscriptions/index.md | 266 + .../services/users/supported_factors/index.md | 164 + .../supported_security_questions/index.md | 140 + .../user_assigned_role_governance/index.md | 134 + .../docs/services/users/user_blocks/index.md | 134 + .../docs/services/users/user_clients/index.md | 152 + .../docs/services/users/user_devices/index.md | 140 + .../docs/services/users/user_groups/index.md | 176 + .../docs/services/users/user_risk/index.md | 166 + website/docs/services/users/users/index.md | 1011 ++ .../enrollments/index.md | 327 + .../services/webauthn_registration/index.md | 33 + website/docs/services/zones/index.md | 33 + .../services/zones/network_zones/index.md | 483 + website/docusaurus.config.js | 6 +- .../stackql-okta-provider-featured-image.png | Bin 0 -> 21149 bytes ...ckql-snowflake-provider-featured-image.png | Bin 27769 -> 0 bytes .../static/img/update-ssfeat-flowchart.png | Bin 0 -> 130472 bytes website/yarn.lock | 9081 +++++++++++++++++ 288 files changed, 65489 insertions(+), 387 deletions(-) delete mode 100644 provider-dev/scripts/fix_mappings_issue.sh create mode 100644 provider-dev/scripts/post_processing.sh create mode 100644 website/docs/index.md create mode 100644 website/docs/services/agentpools/agent_pool_update_settings/index.md create mode 100644 website/docs/services/agentpools/agent_pool_updates/index.md create mode 100644 website/docs/services/agentpools/agent_pools/index.md create mode 100644 website/docs/services/agentpools/index.md create mode 100644 website/docs/services/api_tokens/api_tokens/index.md create mode 100644 website/docs/services/api_tokens/index.md create mode 100644 website/docs/services/apps/application_users/index.md create mode 100644 website/docs/services/apps/applications/index.md create mode 100644 website/docs/services/apps/connection_jwks/index.md create mode 100644 website/docs/services/apps/connections/index.md create mode 100644 website/docs/services/apps/cross_app_access_connections/index.md create mode 100644 website/docs/services/apps/csrs/index.md create mode 100644 website/docs/services/apps/features/index.md create mode 100644 website/docs/services/apps/federated_claims/index.md create mode 100644 website/docs/services/apps/grants/index.md create mode 100644 website/docs/services/apps/group_assignments/index.md create mode 100644 website/docs/services/apps/index.md create mode 100644 website/docs/services/apps/jwks/index.md create mode 100644 website/docs/services/apps/keys/index.md create mode 100644 website/docs/services/apps/push_mappings/index.md create mode 100644 website/docs/services/apps/secrets/index.md create mode 100644 website/docs/services/apps/tokens/index.md create mode 100644 website/docs/services/attack_protection/authenticator_settings/index.md create mode 100644 website/docs/services/attack_protection/index.md create mode 100644 website/docs/services/attack_protection/lockout_settings/index.md create mode 100644 website/docs/services/authenticators/authenticator_methods/index.md create mode 100644 website/docs/services/authenticators/authenticators/index.md create mode 100644 website/docs/services/authenticators/custom_aaguids/index.md create mode 100644 website/docs/services/authenticators/index.md create mode 100644 website/docs/services/authorizationservers/associated_servers/index.md create mode 100644 website/docs/services/authorizationservers/authorization_servers/index.md create mode 100644 website/docs/services/authorizationservers/claims/index.md create mode 100644 website/docs/services/authorizationservers/clients/index.md create mode 100644 website/docs/services/authorizationservers/index.md create mode 100644 website/docs/services/authorizationservers/keys/index.md create mode 100644 website/docs/services/authorizationservers/oauth2_resource_server_jwks/index.md create mode 100644 website/docs/services/authorizationservers/policies/index.md create mode 100644 website/docs/services/authorizationservers/refresh_tokens/index.md create mode 100644 website/docs/services/authorizationservers/rules/index.md create mode 100644 website/docs/services/authorizationservers/scopes/index.md create mode 100644 website/docs/services/behaviors/behavior_detection_rules/index.md create mode 100644 website/docs/services/behaviors/index.md create mode 100644 website/docs/services/brands/brand_well_known_uris/index.md create mode 100644 website/docs/services/brands/brands/index.md create mode 100644 website/docs/services/brands/customization_preview/index.md create mode 100644 website/docs/services/brands/customized_error_page/index.md create mode 100644 website/docs/services/brands/customized_sign_in_page/index.md create mode 100644 website/docs/services/brands/default_error_page/index.md create mode 100644 website/docs/services/brands/default_sign_in_page/index.md create mode 100644 website/docs/services/brands/domains/index.md create mode 100644 website/docs/services/brands/email_default_content/index.md create mode 100644 website/docs/services/brands/email_default_preview/index.md create mode 100644 website/docs/services/brands/email_settings/index.md create mode 100644 website/docs/services/brands/email_template_customizations/index.md create mode 100644 website/docs/services/brands/email_templates/index.md create mode 100644 website/docs/services/brands/error_page/index.md create mode 100644 website/docs/services/brands/index.md create mode 100644 website/docs/services/brands/preview_error_page/index.md create mode 100644 website/docs/services/brands/preview_sign_in_page/index.md create mode 100644 website/docs/services/brands/sign_in_page/index.md create mode 100644 website/docs/services/brands/sign_in_widget_versions/index.md create mode 100644 website/docs/services/brands/sign_out_page_settings/index.md create mode 100644 website/docs/services/brands/themes/index.md create mode 100644 website/docs/services/brands/well_known_uris/index.md create mode 100644 website/docs/services/captchas/captcha_instances/index.md create mode 100644 website/docs/services/captchas/index.md create mode 100644 website/docs/services/device_access/index.md create mode 100644 website/docs/services/device_access/mfa_challenge_org_setting/index.md create mode 100644 website/docs/services/device_access/mfa_recovery_pin_setting/index.md create mode 100644 website/docs/services/device_assurances/device_assurance_policies/index.md create mode 100644 website/docs/services/device_assurances/index.md create mode 100644 website/docs/services/device_integrations/device_integrations/index.md create mode 100644 website/docs/services/device_integrations/index.md create mode 100644 website/docs/services/device_posture_checks/default_device_posture_checks/index.md create mode 100644 website/docs/services/device_posture_checks/device_posture_checks/index.md create mode 100644 website/docs/services/device_posture_checks/index.md create mode 100644 website/docs/services/devices/device_users/index.md create mode 100644 website/docs/services/devices/devices/index.md create mode 100644 website/docs/services/devices/index.md create mode 100644 website/docs/services/directories/directories_integration/index.md create mode 100644 website/docs/services/directories/index.md create mode 100644 website/docs/services/domains/custom_domains/index.md create mode 100644 website/docs/services/domains/index.md create mode 100644 website/docs/services/email_domains/email_domains/index.md create mode 100644 website/docs/services/email_domains/index.md create mode 100644 website/docs/services/email_servers/email_servers/index.md create mode 100644 website/docs/services/email_servers/index.md create mode 100644 website/docs/services/eventhooks/event_hooks/index.md create mode 100644 website/docs/services/eventhooks/index.md create mode 100644 website/docs/services/features/feature_dependencies/index.md create mode 100644 website/docs/services/features/feature_dependents/index.md create mode 100644 website/docs/services/features/features/index.md create mode 100644 website/docs/services/features/index.md create mode 100644 website/docs/services/first_party_app_settings/first_party_app_settings/index.md create mode 100644 website/docs/services/first_party_app_settings/index.md create mode 100644 website/docs/services/groups/app_instance_targets/index.md create mode 100644 website/docs/services/groups/app_targets/index.md create mode 100644 website/docs/services/groups/assigned_apps/index.md create mode 100644 website/docs/services/groups/assigned_roles/index.md create mode 100644 website/docs/services/groups/group_targets/index.md create mode 100644 website/docs/services/groups/groups/index.md create mode 100644 website/docs/services/groups/index.md create mode 100644 website/docs/services/groups/owners/index.md create mode 100644 website/docs/services/groups/rules/index.md create mode 100644 website/docs/services/groups/users/index.md create mode 100644 website/docs/services/hook_keys/hook_keys/index.md create mode 100644 website/docs/services/hook_keys/index.md create mode 100644 website/docs/services/hook_keys/public_keys/index.md create mode 100644 website/docs/services/iam/bundle_entitlement_values/index.md create mode 100644 website/docs/services/iam/bundle_entitlements/index.md create mode 100644 website/docs/services/iam/governance_bundles/index.md create mode 100644 website/docs/services/iam/index.md create mode 100644 website/docs/services/iam/opt_in_status/index.md create mode 100644 website/docs/services/iam/role_permissions/index.md create mode 100644 website/docs/services/iam/role_resource_set_binding_members/index.md create mode 100644 website/docs/services/iam/role_resource_set_bindings/index.md create mode 100644 website/docs/services/iam/role_resource_set_resources/index.md create mode 100644 website/docs/services/iam/role_resource_sets/index.md create mode 100644 website/docs/services/iam/roles/index.md create mode 100644 website/docs/services/iam/users_with_role_assignments/index.md create mode 100644 website/docs/services/identity_sources/identity_sources/index.md create mode 100644 website/docs/services/identity_sources/index.md create mode 100644 website/docs/services/identity_sources/sessions/index.md create mode 100644 website/docs/services/idps/active_idp_signing_keys/index.md create mode 100644 website/docs/services/idps/csrs/index.md create mode 100644 website/docs/services/idps/identity_providers/index.md create mode 100644 website/docs/services/idps/idp_users/index.md create mode 100644 website/docs/services/idps/index.md create mode 100644 website/docs/services/idps/keys/index.md create mode 100644 website/docs/services/idps/signing_keys/index.md create mode 100644 website/docs/services/idps/social_auth_tokens/index.md create mode 100644 website/docs/services/inlinehooks/index.md create mode 100644 website/docs/services/inlinehooks/inline_hooks/index.md create mode 100644 website/docs/services/integrations/index.md create mode 100644 website/docs/services/integrations/instance_secrets/index.md create mode 100644 website/docs/services/integrations/instances/index.md create mode 100644 website/docs/services/logs/index.md create mode 100644 website/docs/services/logs/system_log_events/index.md create mode 100644 website/docs/services/logstreams/index.md create mode 100644 website/docs/services/logstreams/log_streams/index.md create mode 100644 website/docs/services/mappings/index.md create mode 100644 website/docs/services/mappings/profile_mappings/index.md create mode 100644 website/docs/services/meta/application_user_schemas/index.md create mode 100644 website/docs/services/meta/group_schemas/index.md create mode 100644 website/docs/services/meta/index.md create mode 100644 website/docs/services/meta/linked_object_definitions/index.md create mode 100644 website/docs/services/meta/log_stream_schemas/index.md create mode 100644 website/docs/services/meta/ui_schemas/index.md create mode 100644 website/docs/services/meta/user_schemas/index.md create mode 100644 website/docs/services/meta/user_types/index.md create mode 100644 website/docs/services/oauth2/app_target_roles/index.md create mode 100644 website/docs/services/oauth2/client_roles/index.md create mode 100644 website/docs/services/oauth2/group_target_roles/index.md create mode 100644 website/docs/services/oauth2/index.md create mode 100644 website/docs/services/okta_personal_settings/blocked_email_domains/index.md create mode 100644 website/docs/services/okta_personal_settings/index.md create mode 100644 website/docs/services/okta_personal_settings/personal_apps_export_block_list/index.md create mode 100644 website/docs/services/okta_personal_settings/settings/index.md create mode 100644 website/docs/services/org/auto_assign_admin_app_setting/index.md create mode 100644 website/docs/services/org/captcha_settings/index.md create mode 100644 website/docs/services/org/client_privileges_setting/index.md create mode 100644 website/docs/services/org/communication_settings/index.md create mode 100644 website/docs/services/org/contact_types/index.md create mode 100644 website/docs/services/org/contacts/index.md create mode 100644 website/docs/services/org/email_customizations/index.md create mode 100644 website/docs/services/org/index.md create mode 100644 website/docs/services/org/okta_support/index.md create mode 100644 website/docs/services/org/preferences/index.md create mode 100644 website/docs/services/org/settings/index.md create mode 100644 website/docs/services/org/support_aerial_consent/index.md create mode 100644 website/docs/services/org/support_cases/index.md create mode 100644 website/docs/services/org/support_settings/index.md create mode 100644 website/docs/services/org/third_party_admin_setting/index.md create mode 100644 website/docs/services/org/yubikey_otp_tokens/index.md create mode 100644 website/docs/services/orgs/child_orgs/index.md create mode 100644 website/docs/services/orgs/index.md create mode 100644 website/docs/services/policies/index.md create mode 100644 website/docs/services/policies/policies/index.md create mode 100644 website/docs/services/policies/policy_apps/index.md create mode 100644 website/docs/services/policies/policy_mappings/index.md create mode 100644 website/docs/services/policies/policy_rules/index.md create mode 100644 website/docs/services/principal_rate_limits/index.md create mode 100644 website/docs/services/principal_rate_limits/principal_rate_limit_entities/index.md create mode 100644 website/docs/services/privileged_access/index.md create mode 100644 website/docs/services/privileged_access/service_accounts/index.md create mode 100644 website/docs/services/push_providers/index.md create mode 100644 website/docs/services/push_providers/push_providers/index.md create mode 100644 website/docs/services/rate_limit_settings/admin_notifications/index.md create mode 100644 website/docs/services/rate_limit_settings/index.md create mode 100644 website/docs/services/rate_limit_settings/rate_limit_settings_per_client/index.md create mode 100644 website/docs/services/rate_limit_settings/warning_thresholds/index.md create mode 100644 website/docs/services/realm_assignments/index.md create mode 100644 website/docs/services/realm_assignments/realm_assignment_operations/index.md create mode 100644 website/docs/services/realm_assignments/realm_assignments/index.md create mode 100644 website/docs/services/realms/index.md create mode 100644 website/docs/services/realms/realms/index.md create mode 100644 website/docs/services/risk/index.md create mode 100644 website/docs/services/risk/risk_events/index.md create mode 100644 website/docs/services/risk/risk_providers/index.md create mode 100644 website/docs/services/roles/index.md create mode 100644 website/docs/services/roles/subscriptions/index.md create mode 100644 website/docs/services/security/index.md create mode 100644 website/docs/services/security/ssf_security_event_tokens/index.md create mode 100644 website/docs/services/security_events_providers/index.md create mode 100644 website/docs/services/security_events_providers/ssf_receivers/index.md create mode 100644 website/docs/services/sessions/index.md create mode 100644 website/docs/services/sessions/sessions/index.md create mode 100644 website/docs/services/ssf/index.md create mode 100644 website/docs/services/ssf/ssf_stream_status/index.md create mode 100644 website/docs/services/ssf/ssf_streams/index.md create mode 100644 website/docs/services/templates/index.md create mode 100644 website/docs/services/templates/sms_templates/index.md create mode 100644 website/docs/services/threats/current_configuration/index.md create mode 100644 website/docs/services/threats/index.md create mode 100644 website/docs/services/trustedorigins/index.md create mode 100644 website/docs/services/trustedorigins/trusted_origins/index.md create mode 100644 website/docs/services/users/admin_app_targets/index.md create mode 100644 website/docs/services/users/app_links/index.md create mode 100644 website/docs/services/users/authenticator_enrollments/index.md create mode 100644 website/docs/services/users/classifications/index.md create mode 100644 website/docs/services/users/factors/index.md create mode 100644 website/docs/services/users/grants/index.md create mode 100644 website/docs/services/users/identity_providers/index.md create mode 100644 website/docs/services/users/index.md create mode 100644 website/docs/services/users/linked_objects/index.md create mode 100644 website/docs/services/users/oauth_tokens/index.md create mode 100644 website/docs/services/users/role_assignment_governance_grant/index.md create mode 100644 website/docs/services/users/role_assignment_governance_grant_resources/index.md create mode 100644 website/docs/services/users/role_assignment_users/index.md create mode 100644 website/docs/services/users/role_group_targets/index.md create mode 100644 website/docs/services/users/role_targets/index.md create mode 100644 website/docs/services/users/subscriptions/index.md create mode 100644 website/docs/services/users/supported_factors/index.md create mode 100644 website/docs/services/users/supported_security_questions/index.md create mode 100644 website/docs/services/users/user_assigned_role_governance/index.md create mode 100644 website/docs/services/users/user_blocks/index.md create mode 100644 website/docs/services/users/user_clients/index.md create mode 100644 website/docs/services/users/user_devices/index.md create mode 100644 website/docs/services/users/user_groups/index.md create mode 100644 website/docs/services/users/user_risk/index.md create mode 100644 website/docs/services/users/users/index.md create mode 100644 website/docs/services/webauthn_registration/enrollments/index.md create mode 100644 website/docs/services/webauthn_registration/index.md create mode 100644 website/docs/services/zones/index.md create mode 100644 website/docs/services/zones/network_zones/index.md create mode 100644 website/static/img/stackql-okta-provider-featured-image.png delete mode 100644 website/static/img/stackql-snowflake-provider-featured-image.png create mode 100644 website/static/img/update-ssfeat-flowchart.png create mode 100644 website/yarn.lock diff --git a/README.md b/README.md index 457c158..32d4a18 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,7 @@ This step analyzes the service specs and creates a CSV mapping file that defines - Flag operations with incomplete mappings (missing resource, method, or SQL verb) - Skip operations that are already fully mapped -After running this command, you should review and edit the generated `all_services.csv` file to ensure all operations are properly mapped to appropriate resources. +Update the resultant `provider-dev/config/all_services.csv` to add the `stackql_resource_name`, `stackql_method_name`, `stackql_verb` values for each operation. ### 4. Generate Provider @@ -80,8 +80,11 @@ npm run generate-provider -- \ --skip-files _well_known.yaml \ --overwrite ``` +Make necessary updates to the output docs: -sh provider-dev/scripts/fix_mappings_issue.sh +```bash +sh provider-dev/scripts/post_processing.sh +``` The `--servers` parameter defines the base URL pattern for API requests, with variables that users can customize. For Okta, this allows specifying different subdomains for different Okta instances. @@ -105,12 +108,6 @@ PROVIDER_REGISTRY_ROOT_DIR="$(pwd)/provider-dev/openapi" npm run start-server -- --provider okta --registry $PROVIDER_REGISTRY_ROOT_DIR ``` -```bash -PROVIDER_REGISTRY_ROOT_DIR="$(pwd)/provider-dev/openapi" -REG_STR='{"url": "file://'${PROVIDER_REGISTRY_ROOT_DIR}'", "localDocRoot": "'${PROVIDER_REGISTRY_ROOT_DIR}'", "verifyConfig": {"nopVerify": true}}' -./stackql shell --registry="${REG_STR}" -``` - #### Test Meta Routes Test all metadata routes (services, resources, methods) in the provider: @@ -118,109 +115,31 @@ Test all metadata routes (services, resources, methods) in the provider: ```bash npm run test-meta-routes -- okta --verbose ``` - When you're done testing, stop the StackQL server: -npm run server-status - ```bash npm run stop-server ``` -npm run server-status - -npm run test-meta-routes -- okta --verbose - - - -### 5. Generate Provider Docs - - - - - -These should include: - -- how to get the providers Open API spec (download these to the [`provider-dev/source`](provider-dev/source) dir) -- if and how to pre process the spec if required -- how to analyze routes and generate a mapping csv in the [`provider-dev/config`](provider-dev/config) dir -- how to generate `stackql` extensions referencing the mapping csv using the included `openapi_to_stackql` python module -- if an how to post process the spec if required - -### Steps to test the provider - -Steps to inspect and test the provider, such as: - - - -Provide some reference queries for the provider. +use this command to view the server status: ```bash -bash ./bin/openapi-to-stackql.sh analyze \ ---input provider-dev/source/snowflake-rest-api-specs-main/specifications \ ---output provider-dev/config -``` - -update the resultant `provider-dev/config/all_services.csv` to add the `stackql_resource_name`, `stackql_method_name`, `stackql_verb` values for each operation, save the file as `provider-dev/config/snowflake.csv` - -### 3. Pre process the specs - -The `common.yaml` contains schemas to be injected into all other service specs, use the following code to do this... - -```bash -bash ./provider-dev/scripts/pre_process.sh provider-dev/source/snowflake-rest-api-specs-main/specifications -``` - -### 4. Generate the provider - -Run the following code to generate the `snowflake` stackql provider: - -```bash -bash ./bin/openapi-to-stackql.sh convert \ ---input provider-dev/source/snowflake-rest-api-specs-main/specifications \ ---output provider-dev/src/snowflake \ ---config provider-dev/config/snowflake.csv \ ---provider snowflake \ ---servers '[{"url":"https://{endpoint}.snowflakecomputing.com","description":"Multi-tenant Snowflake endpoint","variables":{"endpoint":{"default":"orgid-acctid","description":"Organization and Account Name"}}}]' \ ---provider-config '{"auth":{"type":"bearer","credentialsenvvar":"SNOWFLAKE_PAT" }}' \ ---skip common.yaml -``` - -### 5. Post process the specs -Post process the specs to remove redundant reference paths: - -```bash -python3 ./provider-dev/scripts/post_process.py provider-dev/src/snowflake/v00.00.00000/services +npm run server-status ``` -### 6. Test the provider locally - -Download `stackql`: - -```bash -curl -L https://bit.ly/stackql-zip -O \ -&& unzip stackql-zip -``` +#### Run test queries -Test the provider locally: +Run some test queries against the provider using the `stackql shell`: ```bash -PROVIDER_REGISTRY_ROOT_DIR="$(pwd)" -REG_STR='{"url": "file://'${PROVIDER_REGISTRY_ROOT_DIR}/provider-dev'", "localDocRoot": "'${PROVIDER_REGISTRY_ROOT_DIR}/provider-dev'", "verifyConfig": {"nopVerify": true}}' +PROVIDER_REGISTRY_ROOT_DIR="$(pwd)/provider-dev/openapi" +REG_STR='{"url": "file://'${PROVIDER_REGISTRY_ROOT_DIR}'", "localDocRoot": "'${PROVIDER_REGISTRY_ROOT_DIR}'", "verifyConfig": {"nopVerify": true}}' ./stackql shell --registry="${REG_STR}" ``` -```sql -select name, owner from snowflake.database.databases where endpoint = 'OKXVNMC-VH34026'; - -SELECT name, bytes, data_retention_time_in_days, table_type FROM snowflake.table.tables WHERE database_name = 'SNOWFLAKE_SAMPLE_DATA' AND schema_name = 'TPCH_SF10' AND endpoint = 'OKXVNMC-VH34026' order by bytes DESC; -``` - -### 5. Publish the provider +### 6. Publish the provider -To publish the provider push the `snowflake` dir to `providers/src` in a feature branch of the [`stackql-provider-registry`](https://github.com/stackql/stackql-provider-registry). Follow the [registry release flow](https://github.com/stackql/stackql-provider-registry/blob/dev/docs/build-and-deployment.md). - -### 6. Test the provider in the `dev` registry +To publish the provider push the `okta` dir to `providers/src` in a feature branch of the [`stackql-provider-registry`](https://github.com/stackql/stackql-provider-registry). Follow the [registry release flow](https://github.com/stackql/stackql-provider-registry/blob/dev/docs/build-and-deployment.md). Launch the StackQL shell: @@ -229,10 +148,10 @@ export DEV_REG="{ \"url\": \"https://registry-dev.stackql.app/providers\" }" ./stackql --registry="${DEV_REG}" shell ``` -pull the latest dev `snowflake` provider: +pull the latest dev `okta` provider: ```sql -registry pull snowflake; +registry pull okta; ``` Run some test queries @@ -240,11 +159,9 @@ Run some test queries ### 7. Generate web docs ```bash -rm -rf ./website/docs/* -npm i npm run generate-docs -- \ - --provider-name snowflake \ - --provider-dir ./provider-dev/src/snowflake/v00.00.00000 \ + --provider-name okta \ + --provider-dir ./provider-dev/openapi/src/okta/v00.00.00000 \ --output-dir ./website \ --provider-data-dir ./provider-dev/docgen/provider-data ``` @@ -254,4 +171,12 @@ npm run generate-docs -- \ ```bash cd website yarn start -``` \ No newline at end of file +``` + +## License + +MIT + +## Contributing + +Contributions to the Okta provider are welcome! Please feel free to submit a Pull Request. \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 7fe0282..ba1a172 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "0.1.0", "dependencies": { "@stackql/pgwire-lite": "^1.0.1", - "@stackql/provider-utils": "^0.3.8" + "@stackql/provider-utils": "^0.3.9" }, "engines": { "node": ">=14.16.0" @@ -110,9 +110,9 @@ } }, "node_modules/@stackql/provider-utils": { - "version": "0.3.8", - "resolved": "https://registry.npmjs.org/@stackql/provider-utils/-/provider-utils-0.3.8.tgz", - "integrity": "sha512-JJXScxiyye8X2esphkRTZarIcJeE3Zi9rgzD7gTVvSOVbtwGLgp5vRKbYuO0mWXYPrxsPUx0r5sIBJwqMx7n8Q==", + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@stackql/provider-utils/-/provider-utils-0.3.9.tgz", + "integrity": "sha512-X17lR9/lwMkj2dwHJkahsIcxq1Wu6HiC4T8Y/vtu5sfwtfyhS2xT3lqYjmkwNkBnP9eU3ZDnF7sNOrRz8aBjIA==", "license": "MIT", "dependencies": { "@apidevtools/swagger-parser": "^10.1.1", diff --git a/package.json b/package.json index b93bd63..7f1b1fa 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ }, "dependencies": { "@stackql/pgwire-lite": "^1.0.1", - "@stackql/provider-utils": "^0.3.9" + "@stackql/provider-utils": "^0.4.0" }, "keywords": [ "stackql", diff --git a/provider-dev/config/all_services.csv b/provider-dev/config/all_services.csv index 317e3ec..53362b2 100644 --- a/provider-dev/config/all_services.csv +++ b/provider-dev/config/all_services.csv @@ -698,3 +698,9 @@ zones.yaml,/api/v1/zones,createNetworkZone,create_network_zone,post,NetworkZone, zones.yaml,/api/v1/zones/{zoneId},replaceNetworkZone,replace_network_zone,put,NetworkZone,NetworkZone,network_zone,network_zones,replace_network_zone,replace zones.yaml,/api/v1/zones,listNetworkZones,list_network_zones,get,NetworkZone,NetworkZone,network_zone,network_zones,list_network_zones,select zones.yaml,/api/v1/zones/{zoneId},getNetworkZone,get_network_zone,get,NetworkZone,NetworkZone,network_zone,network_zones,get_network_zone,select +_well_known.yaml,/.well-known/app-authenticator-configuration,getWellKnownAppAuthenticatorConfiguration,get_well_known_app_authenticator_configuration,get,WellKnownAppAuthenticatorConfiguration,Authenticator,authenticator,,, +_well_known.yaml,/.well-known/apple-app-site-association,getAppleAppSiteAssociationWellKnownURI,get_apple_app_site_association_well_known_uri,get,PublicAppleAppSiteWellKnownURI,AssociatedDomainCustomizations,associated_domain_customizations,,, +_well_known.yaml,/.well-known/assetlinks.json,getAssetLinksWellKnownURI,get_asset_links_well_known_uri,get,PublicAssetLinksWellKnownURI,AssociatedDomainCustomizations,associated_domain_customizations,,, +_well_known.yaml,/.well-known/okta-organization,getWellknownOrgMetadata,get_wellknown_org_metadata,get,WellKnownOrgMetadata,OrgSettingMetadata,org_setting_metadata,,, +_well_known.yaml,/.well-known/ssf-configuration,getWellknownSsfMetadata,get_wellknown_ssf_metadata,get,WellKnownSSFMetadata,SSFTransmitter,ssftransmitter,,, +_well_known.yaml,/.well-known/webauthn,getWebAuthnWellKnownURI,get_web_authn_well_known_uri,get,PublicWebauthnSiteWellKnownURI,AssociatedDomainCustomizations,associated_domain_customizations,,, diff --git a/provider-dev/docgen/provider-data/headerContent1.txt b/provider-dev/docgen/provider-data/headerContent1.txt index 77e66eb..dbdae8b 100644 --- a/provider-dev/docgen/provider-data/headerContent1.txt +++ b/provider-dev/docgen/provider-data/headerContent1.txt @@ -1,19 +1,19 @@ --- -title: snowflake +title: okta hide_title: false hide_table_of_contents: false keywords: - - snowflake + - okta - stackql - infrastructure-as-code - configuration-as-data - cloud inventory -description: Query, deploy and manage Snowflake resources using SQL +description: Query, deploy and manage Okta resources using SQL custom_edit_url: null -image: /img/stackql-snowflake-provider-featured-image.png +image: /img/stackql-okta-provider-featured-image.png id: 'provider-intro' --- import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; -Snowflake for managing data warehousing, analytics, and secure data sharing with scalable cloud-native architecture and pay-as-you-go pricing. +Authentication and authorization services. \ No newline at end of file diff --git a/provider-dev/docgen/provider-data/headerContent2.txt b/provider-dev/docgen/provider-data/headerContent2.txt index 10fb8d3..f28106a 100644 --- a/provider-dev/docgen/provider-data/headerContent2.txt +++ b/provider-dev/docgen/provider-data/headerContent2.txt @@ -4,10 +4,10 @@ See also: ## Installation -To pull the latest version of the `snowflake` provider, run the following command: +To pull the latest version of the `okta` provider, run the following command: ```bash -REGISTRY PULL snowflake; +REGISTRY PULL okta; ``` > To view previous provider versions or to pull a specific provider version, see [here](https://stackql.io/docs/language-spec/registry). @@ -15,8 +15,8 @@ REGISTRY PULL snowflake; The following system environment variables are used for authentication by default: -- - Snowflake Programmatic Access Token (PAT) (see Using a programmatic access token (PAT)) - +- - Okta API Token (see Creating an Okta API Token) + These variables are sourced at runtime (from the local machine or as CI variables/secrets).
@@ -27,7 +27,7 @@ To use different environment variables (instead of the defaults), use the `--aut ```bash -AUTH='{ "snowflake": { "type": "bearer", "credentialsenvvar": "YOUR_SNOWFLAKE_PAT_VAR" }}' +AUTH='{ "okta": { "type": "api_key", "valuePrefix": "SSWS ", "credentialsenvvar": "YOUR_OKTA_API_TOKEN_VAR" }}' stackql shell --auth="${AUTH}" ``` @@ -35,8 +35,18 @@ or using PowerShell: ```powershell -$Auth = "{ 'snowflake': { 'type': 'bearer', 'credentialsenvvar': 'YOUR_SNOWFLAKE_PAT_VAR' }}" +$Auth = "{ 'okta': { 'type': 'api_key', 'valuePrefix': 'SSWS ', 'credentialsenvvar': 'YOUR_OKTA_API_TOKEN_VAR' }}" stackql.exe shell --auth=$Auth ```
+ + +## Server Parameters + + +The following parameter is required for the `okta` provider: + +- - The Okta tenant domain, for example my-company would be supplied if your Okta domain is my-company.okta.com + +This parameter must be supplied to the `WHERE` clause of each `SELECT` statement. \ No newline at end of file diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/apps.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/apps.yaml index 44ca8eb..cabb984 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/apps.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/apps.yaml @@ -10,14 +10,14 @@ paths: description: >- Lists all apps in the org with pagination. A subset of apps can be returned that match a supported filter expression or query. The results - are [paginated](/#pagination) according to the `limit` parameter. If + are [paginated]https://developer.okta.com/docs/api#pagination according to the `limit` parameter. If there are multiple pages of results, the header contains a `next` link. Treat the link as an opaque value (follow it, don't parse it). > **Note:** To list all of a member's assigned app links, use the [List all assigned app links endpoint in the User Resources - API](/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listAppLinks). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listAppLinks). operationId: listApplications parameters: - name: q @@ -31,7 +31,7 @@ paths: - name: after in: query description: >- - Specifies the [pagination](/#pagination) cursor for the next page of + Specifies the [pagination]https://developer.okta.com/docs/api#pagination cursor for the next page of results. Treat this as an opaque value obtained through the `next` link relationship. schema: @@ -123,11 +123,11 @@ paths: * OIN app instances have prescribed `name` (key app definition) and `signOnMode` options. See the [OIN - schemas](/openapi/okta-management/management/tag/Application/#tag/Application/schema/GoogleApplication) + schemas](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/schema/GoogleApplication) for the request body. * For custom app instances, select the - [signOnMode](/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=0/signOnMode&t=request) + [signOnMode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=0/signOnMode&t=request) that pertains to your app and specify the required parameters in the request body. operationId: createApplication @@ -219,7 +219,7 @@ paths: in: query description: >- An optional query parameter to return the specified [Application - User](/openapi/okta-management/management/tag/ApplicationUsers/) in + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) in the `_embedded` property. Valid value: `expand=user/{userId}` @@ -870,14 +870,14 @@ paths: > **Note:** This API doesn't allow you to add a key if the existing key doesn't have a `kid`. This is also consistent with how the [Dynamic Client Registration](/openapi/okta-oauth/oauth/tag/Client/) or - [Applications](/openapi/okta-management/management/tag/Application/) + [Applications](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/) APIs behave, as they don't allow the creation of multiple keys without `kids`. Use the [Replace an - Application](/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication) + Application](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication) or the [Replace a Client Application](/openapi/okta-oauth/oauth/tag/Client/#tag/Client/operation/replaceClient) operation to update the JWKS or [Delete an OAuth 2.0 Client JSON Web - Key](/openapi/okta-management/management/tag/ApplicationSSOPublicKeys/#tag/ApplicationSSOPublicKeys/operation/deletejwk) + Key](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationSSOPublicKeys/#tag/ApplicationSSOPublicKeys/operation/deletejwk) and re-add the key with a `kid`. operationId: addJwk requestBody: @@ -1161,13 +1161,13 @@ paths: > **Note:** To update an Application with the newly generated key credential, use the [Replace an - Application](/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication) + Application](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication) request with the new - [credentials.signing.kid](/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials/signing/kid&t=request) + [credentials.signing.kid](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials/signing/kid&t=request) value in the request body. You can provide just the [Signing Credential - object](/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials/signing&t=request) + object](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials/signing&t=request) instead of the entire [Application Credential - object](/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials&t=request). + object](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials&t=request). operationId: generateApplicationKey parameters: - name: validityYears @@ -1347,7 +1347,7 @@ paths: you attempt to create more than two Secret objects. > **Note:** This API lets you bring your own secret. If - [token_endpoint_auth_method](/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=4/credentials/oauthClient/token_endpoint_auth_method&t=request) + [token_endpoint_auth_method](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=4/credentials/oauthClient/token_endpoint_auth_method&t=request) of the app is `client_secret_jwt`, then the minimum length of `client_secret` is 32 characters. If no secret is specified in the request, Okta adds a new system-generated secret. @@ -1772,7 +1772,7 @@ paths: for the app. > To set up provisioning, see [Update the default provisioning - connection](/openapi/okta-management/management/tag/ApplicationConnections/#tag/ApplicationConnections/operation/updateDefaultProvisioningConnectionForApplication). + connection](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationConnections/#tag/ApplicationConnections/operation/updateDefaultProvisioningConnectionForApplication). operationId: listFeaturesForApplication responses: '200': @@ -2517,7 +2517,7 @@ paths: This filter only supports the `startsWith` operation that matches the `q` string against the beginning of the [group - name](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=profile/name&t=response). + name](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=profile/name&t=response). schema: type: string example: test @@ -2598,13 +2598,13 @@ paths: summary: Assign an application group description: >- Assigns a - [Group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) + [Group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) to an app, which in turn assigns the app to each - [User](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/) + [User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/) that belongs to the group. The resulting application user - [scope](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers!c=200&path=scope&t=response) + [scope](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers!c=200&path=scope&t=response) is `GROUP` since the assignment was from the group membership. operationId: assignGroupToApplication x-codegen-request-body-name: applicationGroupAssignment @@ -2851,7 +2851,7 @@ paths: summary: Assign an authentication policy description: >- Assigns an app to an [authentication - policy](/openapi/okta-management/management/tag/Policy/), identified by + policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/), identified by `policyId`. If the app was previously assigned to another policy, this operation @@ -2984,7 +2984,7 @@ paths: Lists all refresh tokens for an app - > **Note:** The results are [paginated](/#pagination) according to the + > **Note:** The results are [paginated]https://developer.okta.com/docs/api#pagination according to the `limit` parameter. > If there are multiple pages of results, the Link header contains a @@ -3394,7 +3394,7 @@ components: Enabled app features > **Note:** See [Application - Features](/openapi/okta-management/management/tag/ApplicationFeatures/) + Features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationFeatures/) for app provisioning features. readOnly: true items: @@ -3590,14 +3590,14 @@ components: Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. If the `expand=user/{userId}` query parameter is specified, then the assigned [Application - User](/openapi/okta-management/management/tag/ApplicationUsers/) is + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) is embedded. properties: user: type: object description: >- The specified [Application - User](/openapi/okta-management/management/tag/ApplicationUsers/) + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) assigned to the app additionalProperties: type: object @@ -4318,7 +4318,7 @@ components: type: string description: >- ID of the - [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) + [group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) readOnly: true example: 00g4hb1HChfUriNgW0g4 lastUpdated: @@ -4331,7 +4331,7 @@ components: Priority assigned to the group. If an app has more than one group assigned to the same user, then the group with the higher priority has its profile applied to the [application - user](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/). + user](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/). If a priority value isn't specified, then the next highest priority is assigned by default. @@ -4352,7 +4352,7 @@ components: specification. If the `expand=group` query parameter is specified, then the - [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) + [group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) object is embedded. If the `expand=metadata` query parameter is specified, then the @@ -5255,12 +5255,12 @@ components: GroupAssignmentProfile: description: >- Specifies the profile properties applied to [application - users](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) + users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) that are assigned to the app through group membership. Some reference properties are imported from the target app and can't be configured. See - [profile](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response). + [profile](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response). additionalProperties: true type: object HrefObjectAppLink: @@ -5329,9 +5329,9 @@ components: Specifies a user's credentials for the app. This parameter can be omitted for apps with [sign-on - mode](/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/signOnMode&t=response) + mode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/signOnMode&t=response) (`signOnMode`) or [authentication - schemes](/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/credentials/scheme&t=response) + schemes](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/credentials/scheme&t=response) (`credentials.scheme`) that don't require credentials. type: object properties: @@ -5344,13 +5344,13 @@ components: > **Note:** The - [userNameTemplate](/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=0/credentials/userNameTemplate&t=request) + [userNameTemplate](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=0/credentials/userNameTemplate&t=request) in the application object defines the default username generated when a user is assigned to that app. > If you attempt to assign a username or password to an app with an incompatible [authentication - scheme](/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=0/credentials/scheme&t=request), + scheme](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=0/credentials/scheme&t=request), the following error is returned: > "Credentials should not be set on this resource based on the @@ -5369,7 +5369,7 @@ components: target app and can't be configured. See - [profile](/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response). + [profile](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response). additionalProperties: true type: object AppUserStatus: @@ -5501,7 +5501,7 @@ components: conditional updates. As long as you're the only user updating the the user profile, Okta recommends you fetch the most recent profile with [Retrieve an Application - User](/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/getApplicationUser), + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/getApplicationUser), apply your profile update, and then `POST` back the updated profile. type: object properties: @@ -5575,7 +5575,7 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Application - Groups](/openapi/okta-management/management/tag/ApplicationGroups/#tag/ApplicationGroups/operation/listApplicationGroupAssignments) + Groups](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationGroups/#tag/ApplicationGroups/operation/listApplicationGroupAssignments) resource HelpLink: allOf: @@ -5586,7 +5586,7 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [SAML - metadata](/openapi/okta-management/management/tag/ApplicationSSO/#tag/ApplicationSSO/operation/previewSAMLmetadataForApplication) + metadata](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationSSO/#tag/ApplicationSSO/operation/previewSAMLmetadataForApplication) for SSO HrefObjectSelfLink: allOf: @@ -5597,7 +5597,7 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Application - Users](/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers) + Users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers) resource ProvisioningConnectionAuthScheme: description: Defines the method of authentication @@ -5880,7 +5880,7 @@ components: AUTO: >- Okta manages key rotation for the provisioning connection. Use the [Retrieve a JWKS for the default provisioning - connection](/openapi/okta-management/management/tag/ApplicationConnections/#tag/ApplicationConnections/operation/getUserProvisioningConnectionJWKS) + connection](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationConnections/#tag/ApplicationConnections/operation/getUserProvisioningConnectionJWKS) endpoint for the latest key credentials. MANUAL: >- You need to rotate the keys for your provisioning connection manually @@ -6044,7 +6044,7 @@ components: eq "{userId}"` filter query for the same user. Returns the assigned [application - user](/openapi/okta-management/management/tag/ApplicationUsers/) in the + user](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) in the `_embedded` property. schema: type: string @@ -6147,7 +6147,7 @@ components: `next` link that you need to use as an opaque value (follow it, don't parse it). - See [Pagination](/#pagination). + See [Pagination]https://developer.okta.com/docs/api#pagination. examples: min: value: 20 @@ -6169,7 +6169,7 @@ components: in: query description: >- An optional query parameter to return the corresponding assigned - [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) + [group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) or the group assignment metadata details in the `_embedded` property. @@ -6196,7 +6196,7 @@ components: in: query description: >- An optional query parameter to return the corresponding assigned - [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) + [group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) or the group assignment metadata details in the `_embedded` property. @@ -6224,7 +6224,7 @@ components: description: >- Specifies the pagination cursor for the next page of results. Treat this as an opaque value obtained through the next link relationship. See - [Pagination](/#pagination). + [Pagination]https://developer.okta.com/docs/api#pagination. schema: type: string example: 16275000448691 @@ -6261,7 +6261,7 @@ components: `next` link that you need to use as an opaque value (follow it, don't parse it). - See [Pagination](/#pagination). + See [Pagination]https://developer.okta.com/docs/api#pagination. queryAppUserQ: name: q in: query @@ -6286,7 +6286,7 @@ components: in: query description: >- An optional query parameter to return the corresponding - [User](/openapi/okta-management/management/tag/User/) object in the + [User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/) object in the `_embedded` property. Valid value: `user` diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/authorizationservers.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/authorizationservers.yaml index 8f5c939..d890bb4 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/authorizationservers.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/authorizationservers.yaml @@ -556,7 +556,7 @@ paths: > **Note:** To list a specific user's client resources for which they have tokens or grants, use the [List all clients endpoint in the User Resources - API](/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserClients). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserClients). operationId: listOAuth2ClientsForAuthorizationServer responses: '200': @@ -1482,10 +1482,10 @@ paths: > **Note:** This API doesn't allow you to add a key if the existing key doesn't have a `kid`. Use the [Replace an Authorization - Server](/openapi/okta-management/management/tag/AuthorizationServer/#tag/AuthorizationServer/operation/replaceAuthorizationServer) + Server](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/AuthorizationServer/#tag/AuthorizationServer/operation/replaceAuthorizationServer) operation to update the JWKS or [Delete a Custom Authorization Server Public JSON Web - Key](/openapi/okta-management/management/tag/OAuth2ResourceServerCredentialsKeys/#tag/OAuth2ResourceServerCredentialsKeys/operation/deleteOAuth2ResourceServerJsonWebKey) + Key](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OAuth2ResourceServerCredentialsKeys/#tag/OAuth2ResourceServerCredentialsKeys/operation/deleteOAuth2ResourceServerJsonWebKey) and re-add the key with a `kid`. > **Note:** This API doesn't allow you to add a key with an ACTIVE diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/brands.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/brands.yaml index 0244363..fa1dbda 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/brands.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/brands.yaml @@ -894,7 +894,7 @@ paths: type: string description: >- The pagination header containing links to the current and next - page of results. See [Pagination](/#pagination) for more + page of results. See [Pagination]https://developer.okta.com/docs/api#pagination for more information. '403': $ref: '#/components/responses/ErrorAccessDenied403' diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/devices.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/devices.yaml index 3013ee4..eb514ba 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/devices.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/devices.yaml @@ -13,7 +13,7 @@ paths: >**Note:** To list all devices enrolled by a user, use the [List all devices endpoint in the User Resources - API](/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserDevices). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserDevices). You can return a subset of devices that match a supported search @@ -53,7 +53,7 @@ paths: description: >- The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from - the `Link` response header. See [Pagination](/#pagination) for + the `Link` response header. See [Pagination]https://developer.okta.com/docs/api#pagination for more information. example: 200u3des4afA47rYJu1d7 - name: limit @@ -190,7 +190,7 @@ paths: Deletes (permanently) a device by `deviceId` if it has a status of `DEACTIVATED`. You can transition the device to `DEACTIVATED` status using the [Deactivate a - Device](/openapi/okta-management/management/tag/Device/#tag/Device/operation/deactivateDevice) + Device](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Device/#tag/Device/operation/deactivateDevice) endpoint. This request is destructive and deletes all of the profile data related @@ -663,7 +663,7 @@ components: type: string description: >- The ID of the realm in which the user is residing. See - [Realms](/openapi/okta-management/management/tag/Realm/). + [Realms](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Realm/). example: guo1bfiNtSnZYILxO0g4 readOnly: true status: @@ -690,7 +690,7 @@ components: description: >- The user type that determines the schema for the user's profile. The `type` property is a map that identifies the [User - Types](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType). + Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType). Currently it contains a single element, `id`. It can be specified @@ -728,9 +728,9 @@ components: For a collection of users, the links object contains only the `self` link. Operations that return a collection of users include [List all - users](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) + users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) and [List all group member - users](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroupUsers). + users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroupUsers). allOf: - $ref: '#/components/schemas/LinksSelf' - type: object @@ -908,7 +908,7 @@ components: [pattern](https://developer.okta.com/docs/reference/api/schemas/#login-pattern-validation) for `login`. You can use the Profile Editor in the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to make schema modifications. @@ -916,7 +916,7 @@ components: the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to manage schema extensions. @@ -1023,7 +1023,7 @@ components: that include @-signs. (By default, usernames must be formatted as email addresses and thus always include @-signs. You can remove that restriction using either the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/). Users can sign in with their non-qualified short name (for example: isaac.brock with username isaac.brock@example.com) as long as the short name is still unique within the organization. @@ -1264,7 +1264,7 @@ components: from some other store. Okta supports the BCRYPT, SHA-512, SHA-256, SHA-1, MD5, and PBKDF2 hash functions for password import. A hashed password may be specified in a password object when creating or updating a user, but not for other operations. - See the [Create user with imported hashed password](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-imported-hashed-password) description. When you update a user with a hashed password, the user must be in the `STAGED` status. + See the [Create user with imported hashed password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-imported-hashed-password) description. When you update a user with a hashed password, the user must be in the `STAGED` status. type: object properties: algorithm: @@ -1322,7 +1322,7 @@ components: PasswordCredentialHook: description: >- Specify a [password import inline - hook](/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook) + hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook) to trigger verification of the user's password the first time the user signs in. This allows an existing password to be imported into Okta directly from some other store. diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/eventhooks.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/eventhooks.yaml index 36d00b3..95a3ef1 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/eventhooks.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/eventhooks.yaml @@ -516,7 +516,7 @@ components: > **Note:** Event hook filters is a [self-service Early Access - (EA)](/openapi/okta-management/guides/release-lifecycle/#early-access-ea) + (EA)](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/release-lifecycle/#early-access-ea) to enable. If you want to disable this feature, it's recommended to first remove diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/features.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/features.yaml index 77b1e6d..bbc810f 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/features.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/features.yaml @@ -179,7 +179,7 @@ paths: ![State transitions of a - feature](../../../../../images/features/update-ssfeat-flowchart.png + feature](/img/update-ssfeat-flowchart.png '#width=500px;') operationId: updateFeatureLifecycle parameters: diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/groups.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/groups.yaml index f835844..dd627ea 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/groups.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/groups.yaml @@ -13,11 +13,11 @@ paths: > **Note:** To list all groups belonging to a member, use the [List all groups endpoint in the User Resources - API](/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserGroups). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserGroups). The number of groups returned depends on the specified - [`limit`](/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!in=query&path=limit&t=request), + [`limit`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!in=query&path=limit&t=request), if you have a search, filter, and/or query parameter set, and if that parameter is not null. We recommend using a limit less than or equal to 200. @@ -58,7 +58,7 @@ paths: `lastMembershipUpdated`, `lastUpdated`, and `type`. * The - [source](/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links/source&t=response) + [source](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links/source&t=response) of groups with type of `APP_GROUP`, accessed as `source.id`. @@ -193,7 +193,7 @@ paths: If specified, additional metadata is included in the response. Possible values are `stats` and `app`. This additional metadata is listed in the - [`_embedded`](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/addGroup!c=200&path=_embedded&t=response) + [`_embedded`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/addGroup!c=200&path=_embedded&t=response) property of the response. @@ -672,7 +672,7 @@ paths: summary: List all assigned apps description: >- Lists all apps that are assigned to a group. See [Application Groups - API](/openapi/okta-management/management/tag/ApplicationGroups/). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationGroups/). operationId: listAssignedApplicationsForGroup parameters: - name: after @@ -885,14 +885,14 @@ paths: summary: Assign a role to a group description: >- Assigns a [standard - role](/openapi/okta-management/guides/roles/#standard-roles) to a group. + role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles) to a group. You can also assign a custom role to a group, but the preferred method to assign a custom role to a group is to create a binding between the custom role, the resource set, and the group. See [Create a role resource set - binding](/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding). + binding](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding). > **Notes:** @@ -1110,7 +1110,7 @@ paths: > If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment with the target and create another one. See [Unassign a group - role](/openapi/okta-management/management/tag/RoleAssignmentBGroup/#tag/RoleAssignmentBGroup/operation/unassignRoleFromGroup). + role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentBGroup/#tag/RoleAssignmentBGroup/operation/unassignRoleFromGroup). operationId: unassignAppTargetToAdminRoleForGroup responses: '204': @@ -1187,7 +1187,7 @@ paths: > If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment with the target and create another one. See [Unassign a group - role](/openapi/okta-management/management/tag/RoleAssignmentBGroup/#tag/RoleAssignmentBGroup/operation/unassignRoleFromGroup). + role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentBGroup/#tag/RoleAssignmentBGroup/operation/unassignRoleFromGroup). operationId: unassignAppInstanceTargetToAppAdminRoleForGroup responses: '204': @@ -1218,7 +1218,7 @@ paths: summary: List all group role group targets description: >- Lists all group targets for a - [`USER_ADMIN`](/openapi/okta-management/guides/roles/#standard-roles), + [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a group. @@ -1260,7 +1260,7 @@ paths: summary: Assign a group role group target description: >- Assigns a group target to a - [`USER_ADMIN`](/openapi/okta-management/guides/roles/#standard-roles), + [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a group. @@ -1291,7 +1291,7 @@ paths: summary: Unassign a group role group target description: >- Unassigns a group target from a - [`USER_ADMIN`](/openapi/okta-management/guides/roles/#standard-roles), + [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a group. operationId: unassignGroupTargetFromGroupAdminRole @@ -1477,7 +1477,7 @@ components: _links: description: >- [Discoverable - resources](/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links&t=response) + resources](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links&t=response) related to the group allOf: - $ref: '#/components/schemas/LinksSelf' @@ -1578,7 +1578,7 @@ components: Enabled app features > **Note:** See [Application - Features](/openapi/okta-management/management/tag/ApplicationFeatures/) + Features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationFeatures/) for app provisioning features. readOnly: true items: @@ -1774,14 +1774,14 @@ components: Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. If the `expand=user/{userId}` query parameter is specified, then the assigned [Application - User](/openapi/okta-management/management/tag/ApplicationUsers/) is + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) is embedded. properties: user: type: object description: >- The specified [Application - User](/openapi/okta-management/management/tag/ApplicationUsers/) + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) assigned to the app additionalProperties: type: object @@ -1946,7 +1946,7 @@ components: type: string description: >- Specify the standard or IAM-based role type. See [standard - roles](/openapi/okta-management/guides/roles/#standard-roles). + roles](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles). CustomRoleAssignmentSchema: title: Custom Role type: object @@ -1984,7 +1984,7 @@ components: readOnly: true description: >- Features supported by the app. See app - [features](/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/features&t=response). + [features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/features&t=response). items: type: string id: @@ -2008,7 +2008,7 @@ components: type: array description: >- Authentication mode for the app. See app - [signOnMode](/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/signOnMode&t=response). + [signOnMode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/signOnMode&t=response). items: type: string status: @@ -2080,7 +2080,7 @@ components: type: string description: >- The ID of the realm in which the user is residing. See - [Realms](/openapi/okta-management/management/tag/Realm/). + [Realms](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Realm/). example: guo1bfiNtSnZYILxO0g4 readOnly: true status: @@ -2107,7 +2107,7 @@ components: description: >- The user type that determines the schema for the user's profile. The `type` property is a map that identifies the [User - Types](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType). + Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType). Currently it contains a single element, `id`. It can be specified @@ -2145,9 +2145,9 @@ components: For a collection of users, the links object contains only the `self` link. Operations that return a collection of users include [List all - users](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) + users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) and [List all group member - users](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroupUsers). + users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroupUsers). allOf: - $ref: '#/components/schemas/LinksSelf' - type: object @@ -2223,7 +2223,7 @@ components: You can extend group profiles with custom properties, but you must first add the properties to the group profile schema before you can reference them. Use the Profile Editor in the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to manage schema extensions. @@ -2681,7 +2681,7 @@ components: [pattern](https://developer.okta.com/docs/reference/api/schemas/#login-pattern-validation) for `login`. You can use the Profile Editor in the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to make schema modifications. @@ -2689,7 +2689,7 @@ components: the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to manage schema extensions. @@ -2796,7 +2796,7 @@ components: that include @-signs. (By default, usernames must be formatted as email addresses and thus always include @-signs. You can remove that restriction using either the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/). Users can sign in with their non-qualified short name (for example: isaac.brock with username isaac.brock@example.com) as long as the short name is still unique within the organization. @@ -3022,7 +3022,7 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Application - Groups](/openapi/okta-management/management/tag/ApplicationGroups/#tag/ApplicationGroups/operation/listApplicationGroupAssignments) + Groups](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationGroups/#tag/ApplicationGroups/operation/listApplicationGroupAssignments) resource HelpLink: allOf: @@ -3033,14 +3033,14 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [SAML - metadata](/openapi/okta-management/management/tag/ApplicationSSO/#tag/ApplicationSSO/operation/previewSAMLmetadataForApplication) + metadata](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationSSO/#tag/ApplicationSSO/operation/previewSAMLmetadataForApplication) for SSO UsersLink: allOf: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Application - Users](/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers) + Users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers) resource HrefObjectAssigneeLink: allOf: @@ -3167,7 +3167,7 @@ components: from some other store. Okta supports the BCRYPT, SHA-512, SHA-256, SHA-1, MD5, and PBKDF2 hash functions for password import. A hashed password may be specified in a password object when creating or updating a user, but not for other operations. - See the [Create user with imported hashed password](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-imported-hashed-password) description. When you update a user with a hashed password, the user must be in the `STAGED` status. + See the [Create user with imported hashed password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-imported-hashed-password) description. When you update a user with a hashed password, the user must be in the `STAGED` status. type: object properties: algorithm: @@ -3225,7 +3225,7 @@ components: PasswordCredentialHook: description: >- Specify a [password import inline - hook](/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook) + hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook) to trigger verification of the user's password the first time the user signs in. This allows an existing password to be imported into Okta directly from some other store. diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/iam.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/iam.yaml index fc7ca1c..51f2b4d 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/iam.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/iam.yaml @@ -400,13 +400,13 @@ paths: summary: Create a resource set description: >- Creates a new resource set. See [Supported - resources](/openapi/okta-management/guides/roles/#supported-resources). + resources](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#supported-resources). > **Note:** The maximum number of `resources` allowed in a resource set object is 1000. Resources are identified by either an Okta Resource Name (ORN) or by a REST URL format. See [Okta Resource - Name](/openapi/okta-management/guides/roles/#okta-resource-name-orn). + Name](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#okta-resource-name-orn). operationId: createResourceSet x-codegen-request-body-name: instance requestBody: @@ -1657,7 +1657,7 @@ components: The endpoint (URL) that references all resource objects included in the resource set. Resources are identified by either an Okta Resource Name (ORN) or by a REST URL format. See [Okta Resource - Name](/openapi/okta-management/guides/roles/#okta-resource-name-orn). + Name](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#okta-resource-name-orn). maximum: 1000 items: type: string @@ -1920,7 +1920,7 @@ components: type: array description: >- Array of permissions that the role grants. See - [Permissions](/openapi/okta-management/guides/permissions). + [Permissions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/permissions). required: - label - description @@ -1978,7 +1978,7 @@ components: type: array description: >- Array of permissions assigned to the role. See - [Permissions](/openapi/okta-management/guides/permissions). + [Permissions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/permissions). items: $ref: '#/components/schemas/Permission' Permission: @@ -1995,7 +1995,7 @@ components: type: string description: >- The assigned Okta - [permission](/openapi/okta-management/guides/permissions) + [permission](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/permissions) readOnly: true example: okta.users.read lastUpdated: @@ -2383,7 +2383,7 @@ components: type: string example: okta.users.manage required: true - description: An Okta [permission](/openapi/okta-management/guides/permissions) + description: An Okta [permission](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/permissions) examples: RoleAssignedUsersResponseExample: value: diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/identity_sources.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/identity_sources.yaml index c11a363..5172d62 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/identity_sources.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/identity_sources.yaml @@ -384,7 +384,7 @@ components: Contains a set of external user attributes and their values that are mapped to Okta standard and custom profile properties. See the [`profile` - object](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response) + object](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response) and Declaration of a Custom Identity Source Schema in [Using anything as a source](https://help.okta.com/okta_help.htm?type=oie&id=ext-anything-as-a-source). diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/idps.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/idps.yaml index 5397ccd..a684681 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/idps.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/idps.yaml @@ -106,7 +106,7 @@ paths: You need to upload the whole trust chain as a single key using the [Key Store - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderKeys/#tag/IdentityProviderKeys/operation/createIdentityProviderKey). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderKeys/#tag/IdentityProviderKeys/operation/createIdentityProviderKey). Depending on the information stored in the smart card, select the proper [template](https://developer.okta.com/docs/reference/okta-expression-language/#idp-user-profile) @@ -533,7 +533,7 @@ paths: > **Note:** The private key isn't listed in the [signing key credentials for the identity provider - (IdP)](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderSigningKeys/#tag/IdentityProviderSigningKeys/operation/listIdentityProviderSigningKeys) + (IdP)](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderSigningKeys/#tag/IdentityProviderSigningKeys/operation/listIdentityProviderSigningKeys) until it's published. operationId: generateCsrForIdentityProvider x-codegen-request-body-name: metadata @@ -799,9 +799,9 @@ paths: > **Note:** To update an IdP with the newly generated key credential, [update your - IdP](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider) + IdP](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider) using the returned key's `kid` in the [signing - credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider!path=protocol/0/credentials/signing/kid&t=request). + credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider!path=protocol/0/credentials/signing/kid&t=request). operationId: generateIdentityProviderSigningKey parameters: - name: validityYears @@ -1071,7 +1071,7 @@ paths: API. The [Name Identifier - Format](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider!path=protocol/0/settings&t=request) + Format](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider!path=protocol/0/settings&t=request) of the incoming assertion must be `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent`. operationId: linkUserToIdentityProvider @@ -1196,7 +1196,7 @@ components: `type`. For policy actions supported by each IdP type, see [IdP type policy - actions](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy&t=request). + actions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy&t=request). | Type | @@ -1874,7 +1874,7 @@ components: delegated access from the user > **Note:** The [IdP - type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request) + type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request) table lists the scopes that are supported for each IdP. items: type: string @@ -2204,7 +2204,7 @@ components: The IdP Authorization Server (AS) endpoints are currently defined as part of the [IdP - provider]((https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request)) + provider]((https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request)) and are read-only. type: object properties: @@ -2224,7 +2224,7 @@ components: user. > **Note:** The [identity provider - type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request) + type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request) table lists the scopes that are supported for each IdP. items: type: string @@ -2335,12 +2335,12 @@ components: The IdP user is automatically linked to an Okta user when the transformed IdP user matches an existing Okta user according to [subject match - rules](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/subject&t=request). + rules](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/subject&t=request). DISABLED: >- Okta never attempts to link the IdP user to an existing Okta user, but may still attempt to provision a new Okta user according to the [provisioning action - type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/provisioning/action&t=request). + type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/provisioning/action&t=request). PolicyAccountLinkFilter: description: >- Specifies filters on which users are available for account linking by an @@ -2534,7 +2534,7 @@ components: The `destination` property is required if request signatures are specified. See [SAML 2.0 Request Algorithm - object](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=protocol/0/algorithms/request&t=request). + object](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=protocol/0/algorithms/request&t=request). maxLength: 512 example: https://idp.example.com/saml2/sso url: diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/inlinehooks.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/inlinehooks.yaml index a577a2e..1b83a67 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/inlinehooks.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/inlinehooks.yaml @@ -15,12 +15,12 @@ paths: following types are currently supported: | Type Value | Name | |------------------------------------|----------------------------------------------------------------| - | `com.okta.import.transform` | [User import inline hook](/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createUserImportInlineHook) | - | `com.okta.oauth2.tokens.transform` | [Token inline hook](/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createTokenInlineHook) | - | `com.okta.saml.tokens.transform` | [SAML assertion inline hook](/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createSAMLAssertionInlineHook) | - | `com.okta.telephony.provider` | [Telephony inline hook](/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createTelephonyInlineHook) | - | `com.okta.user.credential.password.import` | [Password import inline hook](/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook)| - | `com.okta.user.pre-registration` | [Registration inline hook](/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/create-registration-hook) | + | `com.okta.import.transform` | [User import inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createUserImportInlineHook) | + | `com.okta.oauth2.tokens.transform` | [Token inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createTokenInlineHook) | + | `com.okta.saml.tokens.transform` | [SAML assertion inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createSAMLAssertionInlineHook) | + | `com.okta.telephony.provider` | [Telephony inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createTelephonyInlineHook) | + | `com.okta.user.credential.password.import` | [Password import inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook)| + | `com.okta.user.pre-registration` | [Registration inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/create-registration-hook) | operationId: listInlineHooks parameters: - $ref: '#/components/parameters/inlineHookType' diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/integrations.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/integrations.yaml index b7a1f1b..b0c446e 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/integrations.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/integrations.yaml @@ -349,7 +349,7 @@ components: description: >- The list of Okta management scopes granted to the API Service Integration instance. See [Okta management OAuth 2.0 - scopes](/oauth2/#okta-admin-management). + scopes]https://developer.okta.com/docs/api/oauth2/#okta-admin-management. items: type: string example: @@ -387,7 +387,7 @@ components: description: >- The list of Okta management scopes granted to the API Service Integration instance. See [Okta management OAuth 2.0 - scopes](/oauth2/#okta-admin-management). + scopes]https://developer.okta.com/docs/api/oauth2/#okta-admin-management. items: type: string example: diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/logs.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/logs.yaml index ce9222d..0762262 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/logs.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/logs.yaml @@ -320,7 +320,7 @@ components: zone: description: >- The `name` of the - [Zone](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/NetworkZone/#tag/NetworkZone/operation/getNetworkZone) + [Zone](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/NetworkZone/#tag/NetworkZone/operation/getNetworkZone) that the client's location is mapped to type: string readOnly: true diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/logstreams.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/logstreams.yaml index ae0fb7c..4e004f4 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/logstreams.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/logstreams.yaml @@ -18,7 +18,7 @@ paths: - name: filter in: query description: >- - An expression that [filters](/#filter) the returned objects. You can + An expression that [filters]https://developer.okta.com/docs/api#filter the returned objects. You can only use the `eq` operator on either the `status` or `type` properties in the filter expression. schema: @@ -141,7 +141,7 @@ paths: properties can't be modified after the log stream is initially created. Use the [Retrieve the log stream schema for the schema - type](/openapi/okta-management/management/tag/Schema/#tag/Schema/operation/getLogStreamSchema) + type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/#tag/Schema/operation/getLogStreamSchema) request to determine which properties you can update for the specific log stream type. diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/mappings.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/mappings.yaml index 9b9b329..5262f21 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/mappings.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/mappings.yaml @@ -14,7 +14,7 @@ paths: and/or `targetId`. - The results are [paginated](/#pagination) according to the `limit` + The results are [paginated]https://developer.okta.com/docs/api#pagination according to the `limit` parameter. If there are multiple pages of results, the Link header contains a `next` link that you should treat as an opaque value (follow it, don't parse it). See [Link diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/meta.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/meta.yaml index b0a7628..6c60d02 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/meta.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/meta.yaml @@ -21,7 +21,7 @@ paths: The [User - Types](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) + Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to apps. All users assigned to a given app use the same app user schema. Therefore, unlike the user schema operations, the app user schema operations all specify `default` and don't accept a @@ -72,7 +72,7 @@ paths: The [User - Types](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) + Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to apps. All users assigned to a given app use the same app user schema. Therefore, unlike the user schema operations, the app user schema operations all specify `default` and don't accept a @@ -131,7 +131,7 @@ paths: The [User - Types](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) + Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to groups. All groups use the same group schema. Unlike user schema operations, group schema operations all specify `default` and don't accept a schema ID. @@ -179,7 +179,7 @@ paths: The [User - Types](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) + Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to groups. All groups use the same group schema. Unlike user schema operations, group schema operations all specify `default` and don't accept a schema ID. @@ -503,7 +503,7 @@ paths: You can't remove a property from the default schema if it's being referenced as a - [`matchAttribute`](/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/subject/matchAttribute&t=request) + [`matchAttribute`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/subject/matchAttribute&t=request) in `SAML2` IdPs. Currently, all validation of SAML assertions are only performed against @@ -1775,7 +1775,7 @@ components: **Note:** The `userType` field is an arbitrary string value and isn't related to the newer [User - Types](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) + Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature. zipCode: allOf: @@ -3522,3 +3522,16 @@ servers: The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. +definitions: + base: + type: object + description: "Dummy base definition for parser compatibility" + properties: + id: + type: string + custom: + type: object + description: "Dummy custom definition for parser compatibility" + properties: + name: + type: string diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/oauth2.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/oauth2.yaml index bda0d1e..f67e164 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/oauth2.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/oauth2.yaml @@ -44,7 +44,7 @@ paths: summary: Assign a client role description: >- Assigns a [standard - role](/openapi/okta-management/guides/roles/#standard-roles) to a client + role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles) to a client app. @@ -52,7 +52,7 @@ paths: method to assign a custom role to a client is to create a binding between the custom role, the resource set, and the client app. See [Create a role resource set - binding](/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding). + binding](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding). > **Notes:** @@ -268,7 +268,7 @@ paths: > If you need a role assignment that applies to all apps, delete the role assignment with the target and create another one. See [Unassign a client - role](/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient). + role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient). operationId: removeAppTargetRoleFromClient responses: '204': @@ -344,7 +344,7 @@ paths: > If you need a role assignment that applies to all the apps, delete the role assignment with the instance target and create another one. See [Unassign a client - role](/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient). + role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient). operationId: removeAppTargetInstanceRoleForClient responses: '204': @@ -375,7 +375,7 @@ paths: summary: List all client role group targets description: >- Lists all group targets for a - [`USER_ADMIN`](/openapi/okta-management/guides/roles/#standard-roles), + [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a client. If the role isn't scoped to specific group targets, Okta returns an empty array `[]`. @@ -415,7 +415,7 @@ paths: summary: Assign a client role group target description: >- Assigns a group target to a - [`USER_ADMIN`](/openapi/okta-management/guides/roles/#standard-roles), + [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a client app. When you assign the first group target, you reduce the scope of the role assignment. The role no longer applies to all targets, but @@ -451,7 +451,7 @@ paths: assignment. If you need a role assignment that applies to all groups, delete the role assignment with the target and create another one. See [Unassign a client - role](/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient). + role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient). operationId: removeGroupTargetRoleFromClient responses: '204': @@ -582,7 +582,7 @@ components: type: string description: >- Specify the standard or IAM-based role type. See [standard - roles](/openapi/okta-management/guides/roles/#standard-roles). + roles](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles). CustomRoleAssignmentSchema: title: Custom Role type: object @@ -620,7 +620,7 @@ components: readOnly: true description: >- Features supported by the app. See app - [features](/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/features&t=response). + [features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/features&t=response). items: type: string id: @@ -644,7 +644,7 @@ components: type: array description: >- Authentication mode for the app. See app - [signOnMode](/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/signOnMode&t=response). + [signOnMode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/signOnMode&t=response). items: type: string status: @@ -716,7 +716,7 @@ components: _links: description: >- [Discoverable - resources](/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links&t=response) + resources](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links&t=response) related to the group allOf: - $ref: '#/components/schemas/LinksSelf' @@ -863,7 +863,7 @@ components: You can extend group profiles with custom properties, but you must first add the properties to the group profile schema before you can reference them. Use the Profile Editor in the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to manage schema extensions. diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/org.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/org.yaml index ceb0bb5..9424617 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/org.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/org.yaml @@ -495,7 +495,7 @@ paths: - name: expand in: query description: >- - Embeds the [user](/openapi/okta-management/management/tag/User/) + Embeds the [user](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/) resource if the YubiKey token is assigned to a user and `expand` is set to `user` schema: @@ -1173,7 +1173,7 @@ paths: > **Note:** This resource is deprecated. Use the [Update an Okta Support - case](/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) + case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) resource to extend Okta Support access for a support case. > For the corresponding Okta Admin Console feature, see [Give access to @@ -1205,7 +1205,7 @@ paths: > **Note:** This resource is deprecated. Use the [Update an Okta Support - case](/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) + case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) resource to grant Okta Support access for a support case. > For the corresponding Okta Admin Console feature, see [Give access to @@ -1236,7 +1236,7 @@ paths: > **Note:** This resource is deprecated. Use the [Update an Okta Support - case](/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) + case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) resource to revoke Okta Support access for a support case. > For the corresponding Okta Admin Console feature, see [Give access to @@ -1719,31 +1719,31 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to [extend Okta Support - Access](/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/extendOktaSupport) + Access](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/extendOktaSupport) revoke: allOf: - $ref: '#/components/schemas/HrefObject' - description: >- Link to [revoke Okta Support - Access](/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/revokeOktaSupport) + Access](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/revokeOktaSupport) grant: allOf: - $ref: '#/components/schemas/HrefObject' - description: >- Link to [grant Okta Support - Access](/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/grantOktaSupport) + Access](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/grantOktaSupport) case: allOf: - $ref: '#/components/schemas/HrefObject' - description: >- Link to [update an Okta Support - case](/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) + case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) cases: allOf: - $ref: '#/components/schemas/HrefObject' - description: >- Link to [List all Okta Support - cases](/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/listOktaSupportCases) + cases](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/listOktaSupportCases) OktaSupportCases: type: object properties: @@ -1821,7 +1821,7 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Org - Contacts](/openapi/okta-management/management/tag/OrgSettingContact/) + Contacts](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingContact/) resource logo: allOf: @@ -1832,28 +1832,28 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Org Communication - Settings](/openapi/okta-management/management/tag/OrgSettingCommunication/) + Settings](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingCommunication/) resource oktaSupport: allOf: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Org Support - Settings](/openapi/okta-management/management/tag/OrgSettingSupport/) + Settings](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/) resource preferences: allOf: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Org - Preferences](/openapi/okta-management/management/tag/OrgSettingCustomization/#tag/OrgSettingCustomization/operation/getOrgPreferences) + Preferences](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingCustomization/#tag/OrgSettingCustomization/operation/getOrgPreferences) resource uploadLogo: allOf: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Upload Org - Logo](/openapi/okta-management/management/tag/OrgSettingCustomization/#tag/OrgSettingCustomization/operation/uploadOrgLogo) + Logo](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingCustomization/#tag/OrgSettingCustomization/operation/uploadOrgLogo) resource readOnly: true enabledPagesType: @@ -1923,7 +1923,7 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the org billing [contact type - user](/openapi/okta-management/management/tag/OrgSettingContact/#tag/OrgSettingContact/operation/getOrgContactUser) + user](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingContact/#tag/OrgSettingContact/operation/getOrgContactUser) resource orgTechnicalContactType: description: Org technical contact @@ -1947,7 +1947,7 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the org technical [Contact Type - User](/openapi/okta-management/management/tag/OrgSettingContact/#tag/OrgSettingContact/operation/getOrgContactUser) + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingContact/#tag/OrgSettingContact/operation/getOrgContactUser) resource OrgContactType: description: Type of contact @@ -2046,7 +2046,7 @@ components: allOf: - description: >- Activates an enrolled factor. See [Activate a - factor](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/activateFactor). + factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/activateFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksCancel: @@ -2064,7 +2064,7 @@ components: allOf: - description: >- Deactivates the factor. See [Unenroll a - factor](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/unenrollFactor). + factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/unenrollFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksEnroll: @@ -2074,7 +2074,7 @@ components: allOf: - description: >- Enrolls a supported factor. See [Enroll a - factor](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/enrollFactor). + factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/enrollFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksFactor: @@ -2113,7 +2113,7 @@ components: - description: >- Lists all supported security questions. See [List all supported security - questions](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/listSupportedSecurityQuestions). + questions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/listSupportedSecurityQuestions). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksResend: @@ -2123,7 +2123,7 @@ components: allOf: - description: >- Resends the factor enrollment challenge. See [Resend a factor - enrollment](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/resendEnrollFactor). + enrollment](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/resendEnrollFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksSend: @@ -2164,7 +2164,7 @@ components: allOf: - description: >- Verifies the factor resource. See [Verify a - factor](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor). + factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true HrefObjectRevokeAerialConsent: diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/orgs.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/orgs.yaml index 032e180..aafd8a0 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/orgs.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/orgs.yaml @@ -213,7 +213,7 @@ components: `lastName`, and `login`. See - [profile](/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response) + [profile](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response) for additional profile attributes. properties: firstName: diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/policies.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/policies.yaml index 464b166..b20c1d1 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/policies.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/policies.yaml @@ -379,7 +379,7 @@ paths: > **Note:** Use [List all resources mapped to a - Policy](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/#tag/Policy/operation/listPolicyMappings) + Policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/#tag/Policy/operation/listPolicyMappings) to list all applications mapped to a policy. operationId: listPolicyApps responses: @@ -1268,7 +1268,7 @@ components: Enabled app features > **Note:** See [Application - Features](/openapi/okta-management/management/tag/ApplicationFeatures/) + Features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationFeatures/) for app provisioning features. readOnly: true items: @@ -1464,14 +1464,14 @@ components: Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. If the `expand=user/{userId}` query parameter is specified, then the assigned [Application - User](/openapi/okta-management/management/tag/ApplicationUsers/) is + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) is embedded. properties: user: type: object description: >- The specified [Application - User](/openapi/okta-management/management/tag/ApplicationUsers/) + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) assigned to the app additionalProperties: type: object @@ -2071,7 +2071,7 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Application - Groups](/openapi/okta-management/management/tag/ApplicationGroups/#tag/ApplicationGroups/operation/listApplicationGroupAssignments) + Groups](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationGroups/#tag/ApplicationGroups/operation/listApplicationGroupAssignments) resource HelpLink: allOf: @@ -2082,14 +2082,14 @@ components: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [SAML - metadata](/openapi/okta-management/management/tag/ApplicationSSO/#tag/ApplicationSSO/operation/previewSAMLmetadataForApplication) + metadata](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationSSO/#tag/ApplicationSSO/operation/previewSAMLmetadataForApplication) for SSO UsersLink: allOf: - $ref: '#/components/schemas/HrefObject' - description: >- Link to the [Application - Users](/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers) + Users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers) resource HrefHints: description: Describes allowed HTTP verbs for the `href` diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/privileged_access.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/privileged_access.yaml index 76d677f..cf9d44d 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/privileged_access.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/privileged_access.yaml @@ -189,7 +189,7 @@ components: containerOrn: description: >- The - [ORN](/openapi/okta-management/guides/roles/#okta-resource-name-orn) + [ORN](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#okta-resource-name-orn) of the relevant resource. diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/realms.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/realms.yaml index 3a3c37e..231d889 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/realms.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/realms.yaml @@ -245,7 +245,7 @@ components: Indicates the default realm. Existing users will start out in the default realm and can be moved to other realms individually or through realm assignments. See [Realms Assignments - API](/openapi/okta-management/management/tag/RealmAssignment/). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RealmAssignment/). readOnly: true lastUpdated: type: string diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/risk.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/risk.yaml index a102206..80f1281 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/risk.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/risk.yaml @@ -14,7 +14,7 @@ paths: This request is used by a third-party risk provider to send IP risk events to Okta. The third-party risk provider needs to be registered with Okta before they can send events to Okta. See [Risk - Providers](/openapi/okta-management/management/tag/RiskProvider/). + Providers](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RiskProvider/). This API has a rate limit of 30 requests per minute. You can include multiple risk events (up to a maximum of 20 events) in a single payload diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/roles.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/roles.yaml index efd315b..363bb31 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/roles.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/roles.yaml @@ -323,7 +323,7 @@ components: description: >- A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard - Roles](/openapi/okta-management/guides/roles/#standard-roles). + Roles](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles). required: true schema: oneOf: diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/security.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/security.yaml index f5b26e5..c9fd46e 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/security.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/security.yaml @@ -22,9 +22,9 @@ paths: For SET JWT header and body descriptions, see [SET JWT - header](/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtHeader) + header](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtHeader) and [SET JWT body - payload](/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtBody). + payload](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtBody). content: application/secevent+jwt: schema: diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/templates.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/templates.yaml index 6905f0f..cf22c3f 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/templates.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/templates.yaml @@ -256,7 +256,7 @@ components: type: string description: >- Text of the Template, including any - [macros](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/) + [macros](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/) maxLength: 161 minLength: 1 translations: diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/threats.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/threats.yaml index bee0fba..d107e4e 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/threats.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/threats.yaml @@ -102,7 +102,7 @@ components: type: array description: >- Accepts a list of [Network - Zone](/openapi/okta-management/management/tag/NetworkZone/) IDs. + Zone](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/NetworkZone/) IDs. IPs in the excluded network zones aren't logged or blocked. diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/users.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/users.yaml index ec75416..ba041c4 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/users.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/users.yaml @@ -63,11 +63,11 @@ paths: This operation searches many properties: * Any user profile attribute, including custom-defined attributes * The top-level properties: `id`, `status`, `created`, `activated`, `statusChanged`, and `lastUpdated` - * The [user type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType/operation/updateUserType) accessed as `type.id` + * The [user type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType/operation/updateUserType) accessed as `type.id` > **Note:** The ability to search by user classification is available as an [Early - Access](https://developer.okta.com/docs/api/openapi/okta-management/guides/release-lifecycle/#early-access-ea) + Access](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/release-lifecycle/#early-access-ea) feature. The `classification.type` property cannot be used in conjunction with other search terms. You can search using `classification.type eq "LITE"` or `classification.type eq @@ -341,7 +341,7 @@ paths: For more information about the various scenarios of creating a user listed in the examples, see the [User creation - scenarios](/openapi/okta-management/management/tag/User/#user-creation-scenarios) + scenarios](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#user-creation-scenarios) section. operationId: createUser parameters: @@ -349,7 +349,7 @@ paths: in: query description: >- Executes an [activation - lifecycle](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserLifecycle/#tag/UserLifecycle/operation/activateUser) + lifecycle](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserLifecycle/#tag/UserLifecycle/operation/activateUser) operation when creating the user schema: type: boolean @@ -522,7 +522,7 @@ paths: properly. Logins with a `/` character can only be fetched by `id` due to URL issues with escaping the `/` character. If you don't know a user's ID, you can use the [List all - users](/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) + users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) endpoint to find it. @@ -542,7 +542,7 @@ paths: description: >- An HTTP entity tag (`ETag`) is an identifier for a specific version of a resource. See [Conditional Requests and Entity - Tags](/#conditional-requests-and-entity-tags). + Tags]https://developer.okta.com/docs/api#conditional-requests-and-entity-tags. schema: type: string example: W/"1234567890abcdef" @@ -613,11 +613,11 @@ paths: If you are using this endpoint to set a password, it sets a password without validating existing user credentials. This is an administrative operation. For operations that validate credentials, refer to the [Reset - password](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/resetPassword), + password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/resetPassword), [Start forgot password - flow](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/forgotPassword), + flow](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/forgotPassword), and [Update - password](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/changePassword) + password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/changePassword) endpoints. operationId: updateUser parameters: @@ -632,7 +632,7 @@ paths: description: >- The ETag value of the user's expected current state. This becomes a conditional request used for concurrency control. See [Conditional - Requests and Entity Tags](/#conditional-requests-and-entity-tags). + Requests and Entity Tags]https://developer.okta.com/docs/api#conditional-requests-and-entity-tags. schema: type: string example: W/"1234567890abcdef" @@ -717,7 +717,7 @@ paths: description: >- The ETag value of the user's expected current state. This becomes a conditional request used for concurrency control. See [Conditional - Requests and Entity Tags](/#conditional-requests-and-entity-tags). + Requests and Entity Tags]https://developer.okta.com/docs/api#conditional-requests-and-entity-tags. schema: type: string example: W/"1234567890abcdef" @@ -856,7 +856,7 @@ paths: > **Note:** To list all apps in an org, use the [List all applications endpoint in the Applications - API](/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications). operationId: listAppLinks responses: '200': @@ -935,7 +935,7 @@ paths: > **Note:** To list all groups in your org, use the [List all groups endpoints in the Groups - API](/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups). operationId: listUserGroups responses: '200': @@ -1037,7 +1037,7 @@ paths: password. > See [Create user with optional - password](/openapi/okta-management/management/tag/User/#create-user-with-optional-password). + password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-optional-password). > **Legal disclaimer** @@ -1280,17 +1280,17 @@ paths: Perform this operation only on users with a `PROVISIONED` or `RECOVERY` - [status](/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!c=200&path=status&t=response). + [status](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!c=200&path=status&t=response). This operation restarts the activation workflow if for some reason the user activation wasn't completed when using the `activationToken` from [Activate - User](/openapi/okta-management/management/tag/UserLifecycle/#tag/UserLifecycle/operation/activateUser). + User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserLifecycle/#tag/UserLifecycle/operation/activateUser). Users that don't have a password must complete the flow by completing the [Reset - password](/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/resetPassword) + password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/resetPassword) flow and MFA enrollment steps to transition the user to `ACTIVE` status. @@ -1890,7 +1890,7 @@ paths: > **Note:** To list all client resources for which a specified authorization server has tokens, use the [List all client resources for an authorization server in the Authorization Servers - API](/openapi/okta-management/management/tag/AuthorizationServerClients/#tag/AuthorizationServerClients/operation/listOAuth2ClientsForAuthorizationServer). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/AuthorizationServerClients/#tag/AuthorizationServerClients/operation/listOAuth2ClientsForAuthorizationServer). operationId: listUserClients responses: '200': @@ -2168,7 +2168,7 @@ paths: You can only perform this operation on users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid [password - credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request). + credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request). The user transitions to `ACTIVE` status when successfully invoked in @@ -2237,7 +2237,7 @@ paths: You can only perform this operation on users in `STAGED`, `ACTIVE`, or `RECOVERY` status that have a valid [password - credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request). + credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request). operationId: changeRecoveryQuestion x-codegen-request-body-name: userCredentials requestBody: @@ -2295,7 +2295,7 @@ paths: status and a valid [recovery question - credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/recovery_question&t=request). + credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/recovery_question&t=request). > **Note:** If you have migrated to Identity Engine, you can allow users @@ -2413,7 +2413,7 @@ paths: > **Note:** To list all devices registered to an org, use the [List all devices endpoint in the Devices - API](/openapi/okta-management/management/tag/Device/#tag/Device/operation/listDevices). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Device/#tag/Device/operation/listDevices). operationId: listUserDevices responses: '200': @@ -2453,7 +2453,7 @@ paths: description: >- Lists all enrolled factors for the specified user that are included in the highest priority [authenticator enrollment - policy](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) + policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) that applies to the user. @@ -2589,7 +2589,7 @@ paths: in: query description: >- ID of an existing custom SMS template. See the [SMS Templates - API](../Template). This parameter is only used by `sms` factors. If + API]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/. This parameter is only used by `sms` factors. If the provided ID doesn't exist, the default template is used instead. schema: type: string @@ -2719,7 +2719,7 @@ paths: description: >- Lists all the supported factors that can be enrolled for the specified user that are included in the highest priority [authenticator enrollment - policy](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) + policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) that applies to the user. @@ -2895,7 +2895,7 @@ paths: > * If the user exceeds their SMS, call, or email factor activation rate limit, then an [OTP resend - request](./#tag/UserFactor/operation/resendEnrollFactor) isn't allowed + request]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/ isn't allowed for the same factor. > * You can't use the Factors API to activate Okta Fastpass @@ -2983,14 +2983,14 @@ paths: > **Note:** Resend operations aren't allowed after a factor exceeds the activation rate limit. See [Activate a - factor](./#tag/UserFactor/operation/activateFactor). + factor]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/. operationId: resendEnrollFactor parameters: - name: templateId in: query description: >- ID of an existing custom SMS template. See the [SMS Templates - API](../Template). This parameter is only used by `sms` factors. + API]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/. This parameter is only used by `sms` factors. schema: example: cstk2flOtuCMDJK4b0g3 type: string @@ -3045,8 +3045,8 @@ paths: > **Note:** > The response body for a number matching push challenge to an Okta Verify `push` factor enrollment is different from the response body of a standard push challenge. - > The number matching push challenge [response body](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/getFactorTransactionStatus!c=200&path=1/_embedded&t=response) contains the correct answer for the challenge. - > Use [Verify a factor](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor) to configure which challenge is sent. + > The number matching push challenge [response body](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/getFactorTransactionStatus!c=200&path=1/_embedded&t=response) contains the correct answer for the challenge. + > Use [Verify a factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor) to configure which challenge is sent. operationId: getFactorTransactionStatus responses: '200': @@ -3102,18 +3102,18 @@ paths: > - You can send standard push challenges or number matching push challenges to Okta Verify `push` factor enrollments. Use a [request - body](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor!path=2/useNumberMatchingChallenge&t=request) + body](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor!path=2/useNumberMatchingChallenge&t=request) for number matching push challenges. > - To verify a `push` factor, use the **poll** link returned when you issue the challenge. See [Retrieve a factor transaction - status](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/getFactorTransactionStatus). + status](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/getFactorTransactionStatus). operationId: verifyFactor parameters: - name: templateId description: >- ID of an existing custom SMS template. See the [SMS Templates - API](../Template). This parameter is only used by `sms` factors. + API]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/. This parameter is only used by `sms` factors. in: query schema: type: string @@ -3166,14 +3166,14 @@ paths: > Unlike standard push challenges that don't require a request body, a number matching - [`push`](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor!path=2/useNumberMatchingChallenge&t=request) + [`push`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor!path=2/useNumberMatchingChallenge&t=request) challenge requires a request body. `useNumberMatchingChallenge` must be set to `true`. > When a number matching challenge is issued for an Okta Verify `push` factor enrollment, a `correctAnswer` challenge object is returned in the - [`_embedded`](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor!c=200&path=_embedded&t=response) + [`_embedded`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor!c=200&path=_embedded&t=response) object. content: application/json: @@ -3552,13 +3552,13 @@ paths: summary: Assign a user role description: >- Assigns a [standard - role](/openapi/okta-management/guides/roles/#standard-roles) to a user. + role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles) to a user. You can also assign a custom role to a user, but the preferred method to assign a custom role to a user is to create a binding between the custom role, the resource set, and the user. See [Create a role resource set - binding](/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding). + binding](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding). > **Notes:** @@ -4183,7 +4183,7 @@ paths: You can also clear the user's remembered factors for all devices using the `forgetDevices` parameter. See - [forgetDevices](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserSessions/#tag/UserSessions/operation/revokeUserSessions!in=query&path=forgetDevices&t=request). + [forgetDevices](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserSessions/#tag/UserSessions/operation/revokeUserSessions!in=query&path=forgetDevices&t=request). > **Note:** This operation doesn't clear the sessions created for web or native apps. @@ -4424,7 +4424,7 @@ components: type: string description: >- The ID of the realm in which the user is residing. See - [Realms](/openapi/okta-management/management/tag/Realm/). + [Realms](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Realm/). example: guo1bfiNtSnZYILxO0g4 readOnly: true status: @@ -4451,7 +4451,7 @@ components: description: >- The user type that determines the schema for the user's profile. The `type` property is a map that identifies the [User - Types](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType). + Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType). Currently it contains a single element, `id`. It can be specified @@ -4489,9 +4489,9 @@ components: For a collection of users, the links object contains only the `self` link. Operations that return a collection of users include [List all - users](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) + users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) and [List all group member - users](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroupUsers). + users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroupUsers). allOf: - $ref: '#/components/schemas/LinksSelf' - type: object @@ -4604,17 +4604,17 @@ components: type: string description: >- The ID of the realm in which the user is residing. See - [Realms](/openapi/okta-management/management/tag/Realm/). + [Realms](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Realm/). example: guo1bfiNtSnZYILxO0g4 type: type: object description: >- The ID of the user type. Add this value if you want to create a user with a non-default [User - Type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/). + Type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/). The user type determines which - [schema](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/) + [schema](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/) applies to that user. After a user has been created, the user can only be assigned a different user type by an administrator through a @@ -4659,7 +4659,7 @@ components: type: string description: >- The ID of the realm in which the user is residing. See - [Realms](/openapi/okta-management/management/tag/Realm/). + [Realms](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Realm/). example: guo1bfiNtSnZYILxO0g4 AssignedAppLink: type: object @@ -4761,7 +4761,7 @@ components: _links: description: >- [Discoverable - resources](/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links&t=response) + resources](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links&t=response) related to the group allOf: - $ref: '#/components/schemas/LinksSelf' @@ -5769,7 +5769,7 @@ components: type: string description: >- Specify the standard or IAM-based role type. See [standard - roles](/openapi/okta-management/guides/roles/#standard-roles). + roles](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles). CustomRoleAssignmentSchema: title: Custom Role type: object @@ -5856,7 +5856,7 @@ components: readOnly: true description: >- Features supported by the app. See app - [features](/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/features&t=response). + [features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/features&t=response). items: type: string id: @@ -5880,7 +5880,7 @@ components: type: array description: >- Authentication mode for the app. See app - [signOnMode](/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/signOnMode&t=response). + [signOnMode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/signOnMode&t=response). items: type: string status: @@ -5973,7 +5973,7 @@ components: [pattern](https://developer.okta.com/docs/reference/api/schemas/#login-pattern-validation) for `login`. You can use the Profile Editor in the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to make schema modifications. @@ -5981,7 +5981,7 @@ components: the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to manage schema extensions. @@ -6088,7 +6088,7 @@ components: that include @-signs. (By default, usernames must be formatted as email addresses and thus always include @-signs. You can remove that restriction using either the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/). + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/). Users can sign in with their non-qualified short name (for example: isaac.brock with username isaac.brock@example.com) as long as the short name is still unique within the organization. @@ -6279,7 +6279,7 @@ components: You can extend group profiles with custom properties, but you must first add the properties to the group profile schema before you can reference them. Use the Profile Editor in the Admin Console or the [Schemas - API](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to + API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to manage schema extensions. @@ -6505,7 +6505,7 @@ components: delegated access from the user > **Note:** The [IdP - type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request) + type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request) table lists the scopes that are supported for each IdP. items: type: string @@ -6567,7 +6567,7 @@ components: `type`. For policy actions supported by each IdP type, see [IdP type policy - actions](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy&t=request). + actions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy&t=request). | Type | @@ -7189,7 +7189,7 @@ components: allOf: - description: >- Verifies the factor resource. See [Verify a - factor](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor). + factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true UserFactorVerifyResult: @@ -7473,7 +7473,7 @@ components: credential. The user's current provider is managed by the **Delegated Authentication** settings in your org. See [Create user with authentication - provider](/openapi/okta-management/management/tag/User/#create-user-with-authentication-provider). + provider](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-authentication-provider). type: object properties: name: @@ -7683,7 +7683,7 @@ components: The IdP Authorization Server (AS) endpoints are currently defined as part of the [IdP - provider]((https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request)) + provider]((https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request)) and are read-only. type: object properties: @@ -7703,7 +7703,7 @@ components: user. > **Note:** The [identity provider - type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request) + type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=type&t=request) table lists the scopes that are supported for each IdP. items: type: string @@ -7794,7 +7794,7 @@ components: - description: >- Returns information about a specific authenticator. See [Retrieve an - authenticator](/openapi/okta-management/management/tag/Authenticator/#tag/Authenticator/operation/getAuthenticator). + authenticator](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Authenticator/#tag/Authenticator/operation/getAuthenticator). - $ref: '#/components/schemas/HrefObject' readOnly: true AuthenticatorProfileTacRequest: @@ -7865,7 +7865,7 @@ components: from some other store. Okta supports the BCRYPT, SHA-512, SHA-256, SHA-1, MD5, and PBKDF2 hash functions for password import. A hashed password may be specified in a password object when creating or updating a user, but not for other operations. - See the [Create user with imported hashed password](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-imported-hashed-password) description. When you update a user with a hashed password, the user must be in the `STAGED` status. + See the [Create user with imported hashed password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-imported-hashed-password) description. When you update a user with a hashed password, the user must be in the `STAGED` status. type: object properties: algorithm: @@ -7923,7 +7923,7 @@ components: PasswordCredentialHook: description: >- Specify a [password import inline - hook](/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook) + hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook) to trigger verification of the user's password the first time the user signs in. This allows an existing password to be imported into Okta directly from some other store. @@ -8077,7 +8077,7 @@ components: allOf: - description: >- Activates an enrolled factor. See [Activate a - factor](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/activateFactor). + factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/activateFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksCancel: @@ -8095,7 +8095,7 @@ components: allOf: - description: >- Deactivates the factor. See [Unenroll a - factor](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/unenrollFactor). + factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/unenrollFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksEnroll: @@ -8105,7 +8105,7 @@ components: allOf: - description: >- Enrolls a supported factor. See [Enroll a - factor](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/enrollFactor). + factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/enrollFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksFactor: @@ -8144,7 +8144,7 @@ components: - description: >- Lists all supported security questions. See [List all supported security - questions](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/listSupportedSecurityQuestions). + questions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/listSupportedSecurityQuestions). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksResend: @@ -8154,7 +8154,7 @@ components: allOf: - description: >- Resends the factor enrollment challenge. See [Resend a factor - enrollment](/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/resendEnrollFactor). + enrollment](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/resendEnrollFactor). - $ref: '#/components/schemas/HrefObject' readOnly: true LinksSend: @@ -8239,12 +8239,12 @@ components: The IdP user is automatically linked to an Okta user when the transformed IdP user matches an existing Okta user according to [subject match - rules](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/subject&t=request). + rules](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/subject&t=request). DISABLED: >- Okta never attempts to link the IdP user to an existing Okta user, but may still attempt to provision a new Okta user according to the [provisioning action - type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/provisioning/action&t=request). + type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/provisioning/action&t=request). PolicyAccountLinkFilter: description: >- Specifies filters on which users are available for account linking by an @@ -8438,7 +8438,7 @@ components: The `destination` property is required if request signatures are specified. See [SAML 2.0 Request Algorithm - object](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=protocol/0/algorithms/request&t=request). + object](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=protocol/0/algorithms/request&t=request). maxLength: 512 example: https://idp.example.com/saml2/sso url: @@ -9351,7 +9351,7 @@ components: create-user-without-credentials-request: description: >- See [Create user without - credentials](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-without-credentials) + credentials](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-without-credentials) value: profile: firstName: Isaac @@ -9362,7 +9362,7 @@ components: create-user-with-recovery-question-request: description: >- See [Create user with recovery - question](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-recovery-question) + question](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-recovery-question) value: profile: firstName: Isaac @@ -9377,7 +9377,7 @@ components: create-user-with-password-request: description: >- Set `activate` parameter to `true`. See [Create user with - password](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-password). + password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-password). value: profile: firstName: Isaac @@ -9392,7 +9392,7 @@ components: description: >- Set `activate` parameter to `true`. See [Create user with imported hashed - password](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-imported-hashed-password). + password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-imported-hashed-password). value: profile: firstName: Isaac @@ -9411,7 +9411,7 @@ components: description: >- Set `activate` parameter to `true`. See [Create user with password import inline - hook](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-password-import-inline-hook). + hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-password-import-inline-hook). value: profile: firstName: Isaac @@ -9426,7 +9426,7 @@ components: create-user-with-password-and-recovery-question-request: description: >- See [Create user with password and recovery - question](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-password-and-recovery-question) + question](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-password-and-recovery-question) value: profile: firstName: Isaac @@ -9443,7 +9443,7 @@ components: create-user-with-authentication-provider-request: description: >- Set `activate` parameter to `true`. See [Create user with authentication - provider](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-authentication-provider). + provider](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-authentication-provider). value: profile: firstName: Isaac @@ -9458,7 +9458,7 @@ components: create-user-in-group-request: description: >- See [Create user in - group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-in-group) + group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-in-group) value: profile: firstName: Isaac @@ -9472,7 +9472,7 @@ components: create-user-with-non-default-user-type-request: description: >- See [Create user with non-default user - type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-non-default-user-type) + type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-non-default-user-type) value: profile: firstName: Isaac diff --git a/provider-dev/openapi/src/okta/v00.00.00000/services/zones.yaml b/provider-dev/openapi/src/okta/v00.00.00000/services/zones.yaml index 877af79..9b5463f 100644 --- a/provider-dev/openapi/src/okta/v00.00.00000/services/zones.yaml +++ b/provider-dev/openapi/src/okta/v00.00.00000/services/zones.yaml @@ -238,9 +238,9 @@ paths: > **Notes:** > * You can't delete a Network Zone that's used by a - [Policy](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) + [Policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) or - [Rule](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/#tag/Policy/operation/listPolicyRules). + [Rule](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/#tag/Policy/operation/listPolicyRules). > * For Okta Identity Engine orgs, you can't delete a Network Zone with an ACTIVE `status`. diff --git a/provider-dev/scripts/fix_mappings_issue.sh b/provider-dev/scripts/fix_mappings_issue.sh deleted file mode 100644 index fdbeadb..0000000 --- a/provider-dev/scripts/fix_mappings_issue.sh +++ /dev/null @@ -1 +0,0 @@ -sed -i 's/[[:space:]]*type: object$//' provider-dev/openapi/src/okta/v00.00.00000/services/mappings.yaml diff --git a/provider-dev/scripts/post_processing.sh b/provider-dev/scripts/post_processing.sh new file mode 100644 index 0000000..43cba94 --- /dev/null +++ b/provider-dev/scripts/post_processing.sh @@ -0,0 +1,56 @@ +#!/bin/bash + +sed -i 's/[[:space:]]*type: object$//' provider-dev/openapi/src/okta/v00.00.00000/services/mappings.yaml + +cat >> provider-dev/openapi/src/okta/v00.00.00000/services/meta.yaml << 'EOF' +definitions: + base: + type: object + description: "Dummy base definition for parser compatibility" + properties: + id: + type: string + custom: + type: object + description: "Dummy custom definition for parser compatibility" + properties: + name: + type: string +EOF + +# fix broken links in md docs +sed -i 's|../../../../../images/features/update-ssfeat-flowchart.png|/img/update-ssfeat-flowchart.png|g' provider-dev/openapi/src/okta/v00.00.00000/services/features.yaml + +# Directory containing the YAML files +YAML_DIR="provider-dev/openapi/src/okta/v00.00.00000/services" + +# Find all YAML files in the directory +find "$YAML_DIR" -type f \( -name "*.yaml" -o -name "*.yml" \) | while read -r file; do + echo "Processing file: $file" + + # Replace links starting with /openapi/okta-management/management/tag/ followed by anything + sed -i 's|\(/openapi/okta-management/management/tag/[^)]*\)|https://developer.okta.com/docs/api\1|g' "$file" + + # Replace links starting with /openapi/okta-management/guides/ followed by anything + sed -i 's|\(/openapi/okta-management/guides/[^)]*\)|https://developer.okta.com/docs/api\1|g' "$file" + + # Replace orphaned anchors (/#something) + sed -i 's|(/\(#[^)]*\))|https://developer.okta.com/docs/api\1|g' "$file" + + # Specific replacements + # 1. Replace (/oauth2/#okta-admin-management) + sed -i 's|(/oauth2/#okta-admin-management)|https://developer.okta.com/docs/api/oauth2/#okta-admin-management|g' "$file" + + # 2. Replace (../Template) + sed -i 's|(../Template)|https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/|g' "$file" + + # 3. Replace (./#tag/UserFactor/operation/resendEnrollFactor) + sed -i 's|(./#tag/UserFactor/operation/resendEnrollFactor)|https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/|g' "$file" + + # 4. Replace (./#tag/UserFactor/operation/activateFactor) + sed -i 's|(./#tag/UserFactor/operation/activateFactor)|https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/|g' "$file" + + echo "Completed processing: $file" +done + +echo "All files processed." \ No newline at end of file diff --git a/website/docs/index.md b/website/docs/index.md new file mode 100644 index 0000000..f3f3df8 --- /dev/null +++ b/website/docs/index.md @@ -0,0 +1,142 @@ +--- +title: okta +hide_title: false +hide_table_of_contents: false +keywords: + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage Okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +id: 'provider-intro' +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; + +Authentication and authorization services. + +:::info[Provider Summary] + +total services: __55__ +total resources: __245__ + +::: + +See also: +[[` SHOW `]](https://stackql.io/docs/language-spec/show) [[` DESCRIBE `]](https://stackql.io/docs/language-spec/describe) [[` REGISTRY `]](https://stackql.io/docs/language-spec/registry) +* * * + +## Installation + +To pull the latest version of the `okta` provider, run the following command: + +```bash +REGISTRY PULL okta; +``` +> To view previous provider versions or to pull a specific provider version, see [here](https://stackql.io/docs/language-spec/registry). + +## Authentication + +The following system environment variables are used for authentication by default: + +- - Okta API Token (see Creating an Okta API Token) + +These variables are sourced at runtime (from the local machine or as CI variables/secrets). + +
+ +Using different environment variables + +To use different environment variables (instead of the defaults), use the `--auth` flag of the `stackql` program. For example: + +```bash + +AUTH='{ "okta": { "type": "api_key", "valuePrefix": "SSWS ", "credentialsenvvar": "YOUR_OKTA_API_TOKEN_VAR" }}' +stackql shell --auth="${AUTH}" + +``` +or using PowerShell: + +```powershell + +$Auth = "{ 'okta': { 'type': 'api_key', 'valuePrefix': 'SSWS ', 'credentialsenvvar': 'YOUR_OKTA_API_TOKEN_VAR' }}" +stackql.exe shell --auth=$Auth + +``` +
+ + +## Server Parameters + + +The following parameter is required for the `okta` provider: + +- - The Okta tenant domain, for example my-company would be supplied if your Okta domain is my-company.okta.com + +This parameter must be supplied to the `WHERE` clause of each `SELECT` statement. + +## Services +
+
+agentpools
+api_tokens
+apps
+attack_protection
+authenticators
+authorizationservers
+behaviors
+brands
+captchas
+device_access
+device_assurances
+device_integrations
+device_posture_checks
+devices
+directories
+domains
+email_domains
+email_servers
+eventhooks
+features
+first_party_app_settings
+groups
+hook_keys
+iam
+identity_sources
+idps
+inlinehooks
+integrations
+
+
+logs
+logstreams
+mappings
+meta
+oauth2
+okta_personal_settings
+org
+orgs
+policies
+principal_rate_limits
+privileged_access
+push_providers
+rate_limit_settings
+realm_assignments
+realms
+risk
+roles
+security
+security_events_providers
+sessions
+ssf
+templates
+threats
+trustedorigins
+users
+webauthn_registration
+zones
+
+
diff --git a/website/docs/services/agentpools/agent_pool_update_settings/index.md b/website/docs/services/agentpools/agent_pool_update_settings/index.md new file mode 100644 index 0000000..f5f099d --- /dev/null +++ b/website/docs/services/agentpools/agent_pool_update_settings/index.md @@ -0,0 +1,205 @@ +--- +title: agent_pool_update_settings +hide_title: false +hide_table_of_contents: false +keywords: + - agent_pool_update_settings + - agentpools + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an agent_pool_update_settings resource. + +## Overview + + + + +
Nameagent_pool_update_settings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringAgent types that are being monitored
booleanContinues the update even if some agents fail to update
stringLatest version of the agent (example: 3.20.0)
stringMinimal version of the agent (example: 3.19.0)
stringID of the agent pool that the settings apply to (example: 0oa3eu7ekG8tjbD9J5s6)
stringPool name (example: iwa.dc)
stringRelease channel for auto-update
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the current state of the agent pool update instance settings
subdomainUpdates an agent pool update instance settings
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the current state of the agent pool update instance settings + +```sql +SELECT +agentType, +continueOnError, +latestVersion, +minimalSupportedVersion, +poolId, +poolName, +releaseChannel +FROM okta.agentpools.agent_pool_update_settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates an agent pool update instance settings + +```sql +UPDATE okta.agentpools.agent_pool_update_settings +SET +data__agentType = '{{ agentType }}', +data__continueOnError = {{ continueOnError }}, +data__latestVersion = '{{ latestVersion }}', +data__minimalSupportedVersion = '{{ minimalSupportedVersion }}', +data__poolName = '{{ poolName }}', +data__releaseChannel = '{{ releaseChannel }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +agentType, +continueOnError, +latestVersion, +minimalSupportedVersion, +poolId, +poolName, +releaseChannel; +``` + + diff --git a/website/docs/services/agentpools/agent_pool_updates/index.md b/website/docs/services/agentpools/agent_pool_updates/index.md new file mode 100644 index 0000000..1511eca --- /dev/null +++ b/website/docs/services/agentpools/agent_pool_updates/index.md @@ -0,0 +1,619 @@ +--- +title: agent_pool_updates +hide_title: false +hide_table_of_contents: false +keywords: + - agent_pool_updates + - agentpools + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an agent_pool_updates resource. + +## Overview + + + + +
Nameagent_pool_updates
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the agent pool update
stringName of the agent pool update (example: region1A.dc)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringAgent types that are being monitored
array
booleanIndicates if auto-update is enabled for the agent pool
booleanIndicates if the admin is notified about the update
stringReason for the update (example: Update failed.)
objectThe schedule of auto-update configured by the admin
integerSpecifies the sort order
stringOverall state for the auto-update job from the admin perspective
stringThe agent version to update to (example: 3.20.0)
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the agent pool update
stringName of the agent pool update (example: region1A.dc)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringAgent types that are being monitored
array
booleanIndicates if auto-update is enabled for the agent pool
booleanIndicates if the admin is notified about the update
stringReason for the update (example: Update failed.)
objectThe schedule of auto-update configured by the admin
integerSpecifies the sort order
stringOverall state for the auto-update job from the admin perspective
stringThe agent version to update to (example: 3.20.0)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainscheduledLists all agent pool updates
subdomainRetrieves an agent pool update by its `updateId`
subdomainCreates an agent pool update
subdomainUpdates an agent pool update instance and returns the latest agent pool update
subdomainDeletes agent pool update
subdomainActivates a scheduled agent pool update
subdomainDeactivates scheduled agent pool update
subdomainPauses a running or queued agent pool update
subdomainResumes a running or queued agent pool update
subdomainRetries an agent pool update if the update is unsuccessful or communication with Okta was interrupted during an agent auto-update
subdomainStops an agent pool update
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
booleanReturn only scheduled or ad-hoc updates. If this parameter isn't provided, Okta returns the entire list of updates.
+ +## `SELECT` examples + + + + +Lists all agent pool updates + +```sql +SELECT +id, +name, +_links, +agentType, +agents, +enabled, +notifyAdmin, +reason, +schedule, +sortOrder, +status, +targetVersion +FROM okta.agentpools.agent_pool_updates +WHERE subdomain = '{{ subdomain }}' -- required +AND scheduled = '{{ scheduled }}'; +``` + + + +Retrieves an agent pool update by its `updateId` + +```sql +SELECT +id, +name, +_links, +agentType, +agents, +enabled, +notifyAdmin, +reason, +schedule, +sortOrder, +status, +targetVersion +FROM okta.agentpools.agent_pool_updates +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates an agent pool update + +```sql +INSERT INTO okta.agentpools.agent_pool_updates ( +data__agents, +data__agentType, +data__enabled, +data__name, +data__notifyAdmin, +data__reason, +data__schedule, +data__sortOrder, +data__status, +data__targetVersion, +subdomain +) +SELECT +'{{ agents }}', +'{{ agentType }}', +{{ enabled }}, +'{{ name }}', +{{ notifyAdmin }}, +'{{ reason }}', +'{{ schedule }}', +{{ sortOrder }}, +'{{ status }}', +'{{ targetVersion }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +agentType, +agents, +enabled, +notifyAdmin, +reason, +schedule, +sortOrder, +status, +targetVersion +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: agent_pool_updates + props: + - name: subdomain + value: string + description: Required parameter for the agent_pool_updates resource. + - name: agents + value: array + - name: agentType + value: string + description: > + Agent types that are being monitored + + valid_values: ['AD', 'IWA', 'LDAP', 'MFA', 'OPP', 'RUM', 'Radius'] + - name: enabled + value: boolean + description: > + Indicates if auto-update is enabled for the agent pool + + - name: name + value: string + description: > + Name of the agent pool update + + - name: notifyAdmin + value: boolean + description: > + Indicates if the admin is notified about the update + + - name: reason + value: string + description: > + Reason for the update + + - name: schedule + value: object + description: > + The schedule of auto-update configured by the admin + + - name: sortOrder + value: integer + description: > + Specifies the sort order + + - name: status + value: string + description: > + Overall state for the auto-update job from the admin perspective + + valid_values: ['Cancelled', 'Failed', 'InProgress', 'Paused', 'Scheduled', 'Success'] + - name: targetVersion + value: string + description: > + The agent version to update to + +``` + + + + +## `UPDATE` examples + + + + +Updates an agent pool update instance and returns the latest agent pool update + +```sql +UPDATE okta.agentpools.agent_pool_updates +SET +data__agents = '{{ agents }}', +data__agentType = '{{ agentType }}', +data__enabled = {{ enabled }}, +data__name = '{{ name }}', +data__notifyAdmin = {{ notifyAdmin }}, +data__reason = '{{ reason }}', +data__schedule = '{{ schedule }}', +data__sortOrder = {{ sortOrder }}, +data__status = '{{ status }}', +data__targetVersion = '{{ targetVersion }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +agentType, +agents, +enabled, +notifyAdmin, +reason, +schedule, +sortOrder, +status, +targetVersion; +``` + + + + +## `DELETE` examples + + + + +Deletes agent pool update + +```sql +DELETE FROM okta.agentpools.agent_pool_updates +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates a scheduled agent pool update + +```sql +EXEC okta.agentpools.agent_pool_updates.activate_agent_pools_update +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates scheduled agent pool update + +```sql +EXEC okta.agentpools.agent_pool_updates.deactivate_agent_pools_update +@subdomain='{{ subdomain }}' --required; +``` + + + +Pauses a running or queued agent pool update + +```sql +EXEC okta.agentpools.agent_pool_updates.pause_agent_pools_update +@subdomain='{{ subdomain }}' --required; +``` + + + +Resumes a running or queued agent pool update + +```sql +EXEC okta.agentpools.agent_pool_updates.resume_agent_pools_update +@subdomain='{{ subdomain }}' --required; +``` + + + +Retries an agent pool update if the update is unsuccessful or communication with Okta was interrupted during an agent auto-update + +```sql +EXEC okta.agentpools.agent_pool_updates.retry_agent_pools_update +@subdomain='{{ subdomain }}' --required; +``` + + + +Stops an agent pool update + +```sql +EXEC okta.agentpools.agent_pool_updates.stop_agent_pools_update +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/agentpools/agent_pools/index.md b/website/docs/services/agentpools/agent_pools/index.md new file mode 100644 index 0000000..0516471 --- /dev/null +++ b/website/docs/services/agentpools/agent_pools/index.md @@ -0,0 +1,186 @@ +--- +title: agent_pools +hide_title: false +hide_table_of_contents: false +keywords: + - agent_pools + - agentpools + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an agent_pools resource. + +## Overview + + + + +
Nameagent_pools
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringAgent pool ID
stringAgent pool name
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
array
integerNumber of agents in the pool that are in a disrupted state
integerNumber of agents in the pool that are in an inactive state
stringOperational status of a given agent
stringAgent types that are being monitored
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainlimitPerPoolType, poolType, afterLists all agent pools with pagination support
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerMaximum number of agent pools returned
stringAgent type to search for
+ +## `SELECT` examples + + + + +Lists all agent pools with pagination support + +```sql +SELECT +id, +name, +_links, +agents, +disruptedAgents, +inactiveAgents, +operationalStatus, +type +FROM okta.agentpools.agent_pools +WHERE subdomain = '{{ subdomain }}' -- required +AND limitPerPoolType = '{{ limitPerPoolType }}' +AND poolType = '{{ poolType }}' +AND after = '{{ after }}'; +``` + + diff --git a/website/docs/services/agentpools/index.md b/website/docs/services/agentpools/index.md new file mode 100644 index 0000000..70adf39 --- /dev/null +++ b/website/docs/services/agentpools/index.md @@ -0,0 +1,34 @@ +--- +title: agentpools +hide_title: false +hide_table_of_contents: false +keywords: + - agentpools + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +agentpools service documentation. + +:::info[Service Summary] + +total resources: __3__ + +::: + +## Resources +
+
+agent_pool_update_settings
+agent_pool_updates +
+
+agent_pools +
+
\ No newline at end of file diff --git a/website/docs/services/api_tokens/api_tokens/index.md b/website/docs/services/api_tokens/api_tokens/index.md new file mode 100644 index 0000000..8c01149 --- /dev/null +++ b/website/docs/services/api_tokens/api_tokens/index.md @@ -0,0 +1,360 @@ +--- +title: api_tokens +hide_title: false +hide_table_of_contents: false +keywords: + - api_tokens + - api_tokens + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an api_tokens resource. + +## Overview + + + + +
Nameapi_tokens
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
string
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string
string (date-time)
string (date-time)
string (date-time)
objectThe Network Condition of the API Token
stringA time duration specified as an [ISO 8601 duration](https://en.wikipedia.org/wiki/ISO_8601#Durations). (pattern: ^P(?:$)(\d+Y)?(\d+M)?(\d+W)?(\d+D)?(T(?:\d)(\d+H)?(\d+M)?(\d+S)?)?$)
string
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
string
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string
string (date-time)
string (date-time)
string (date-time)
objectThe Network Condition of the API Token
stringA time duration specified as an [ISO 8601 duration](https://en.wikipedia.org/wiki/ISO_8601#Durations). (pattern: ^P(?:$)(\d+Y)?(\d+M)?(\d+W)?(\d+D)?(T(?:\d)(\d+H)?(\d+M)?(\d+S)?)?$)
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all the metadata of the active API tokens
subdomainRetrieves the metadata for an active API token by `apiTokenId`
subdomainUpserts an API Token Network Condition by `apiTokenId`
subdomainRevokes the API token provided in the Authorization header
subdomainRevokes an API token by `apiTokenId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all the metadata of the active API tokens + +```sql +SELECT +id, +name, +_link, +clientName, +created, +expiresAt, +lastUpdated, +network, +tokenWindow, +userId +FROM okta.api_tokens.api_tokens +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves the metadata for an active API token by `apiTokenId` + +```sql +SELECT +id, +name, +_link, +clientName, +created, +expiresAt, +lastUpdated, +network, +tokenWindow, +userId +FROM okta.api_tokens.api_tokens +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Upserts an API Token Network Condition by `apiTokenId` + +```sql +REPLACE okta.api_tokens.api_tokens +SET +data__name = '{{ name }}', +data__network = '{{ network }}', +data__userId = '{{ userId }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_link, +clientName, +created, +expiresAt, +lastUpdated, +network, +tokenWindow, +userId; +``` + + + + +## `DELETE` examples + + + + +Revokes the API token provided in the Authorization header + +```sql +DELETE FROM okta.api_tokens.api_tokens +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + +Revokes an API token by `apiTokenId` + +```sql +DELETE FROM okta.api_tokens.api_tokens +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/api_tokens/index.md b/website/docs/services/api_tokens/index.md new file mode 100644 index 0000000..8756c22 --- /dev/null +++ b/website/docs/services/api_tokens/index.md @@ -0,0 +1,33 @@ +--- +title: api_tokens +hide_title: false +hide_table_of_contents: false +keywords: + - api_tokens + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +api_tokens service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+api_tokens +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/apps/application_users/index.md b/website/docs/services/apps/application_users/index.md new file mode 100644 index 0000000..340c02b --- /dev/null +++ b/website/docs/services/apps/application_users/index.md @@ -0,0 +1,519 @@ +--- +title: application_users +hide_title: false +hide_table_of_contents: false +keywords: + - application_users + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an application_users resource. + +## Overview + + + + +
Nameapplication_users
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the Okta user (example: 00u11z6WHMYCGPCHCRFK)
objectEmbedded resources related to the application user using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of resources related to the application user.
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
objectSpecifies a user's credentials for the app. This parameter can be omitted for apps with [sign-on mode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/signOnMode&t=response) (`signOnMode`) or [authentication schemes](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/credentials/scheme&t=response) (`credentials.scheme`) that don't require credentials.
stringThe ID of the user in the target app that's linked to the Okta application user object. This value is the native app-specific identifier or primary key for the user in the target app. The `externalId` is set during import when the user is confirmed (reconciled) or during provisioning when the user is created in the target app. This value isn't populated for SSO app assignments (for example, SAML or SWA) because it isn't synchronized with a target app. (example: 70c14cc17d3745e8a9f98d599a68329c)
string (date-time)Timestamp of the last synchronization operation. This value is only updated for apps with the `IMPORT_PROFILE_UPDATES` or `PUSH PROFILE_UPDATES` feature. (example: 2014-06-24T15:27:59.000Z)
string (date-time)Timestamp when the object was last updated (example: 2014-06-24T15:28:14.000Z)
string (date-time)Timestamp when the application user password was last changed (example: 2014-06-24T15:27:59.000Z)
objectSpecifies the default and custom profile properties for a user. Properties that are visible in the Admin Console for an app assignment can also be assigned through the API. Some properties are reference properties that are imported from the target app and can't be configured. See [profile](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response).
stringIndicates if the assignment is direct (`USER`) or by group membership (`GROUP`). (example: USER)
stringStatus of an application user (example: ACTIVE)
string (date-time)Timestamp when the application user status was last changed (example: 2014-06-24T15:28:14.000Z)
stringThe synchronization state for the application user. The application user's `syncState` depends on whether the `PROFILE_MASTERING` feature is enabled for the app. > **Note:** User provisioning currently must be configured through the Admin Console. (example: SYNCHRONIZED)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the Okta user (example: 00u11z6WHMYCGPCHCRFK)
objectEmbedded resources related to the application user using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of resources related to the application user.
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
objectSpecifies a user's credentials for the app. This parameter can be omitted for apps with [sign-on mode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/signOnMode&t=response) (`signOnMode`) or [authentication schemes](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/credentials/scheme&t=response) (`credentials.scheme`) that don't require credentials.
stringThe ID of the user in the target app that's linked to the Okta application user object. This value is the native app-specific identifier or primary key for the user in the target app. The `externalId` is set during import when the user is confirmed (reconciled) or during provisioning when the user is created in the target app. This value isn't populated for SSO app assignments (for example, SAML or SWA) because it isn't synchronized with a target app. (example: 70c14cc17d3745e8a9f98d599a68329c)
string (date-time)Timestamp of the last synchronization operation. This value is only updated for apps with the `IMPORT_PROFILE_UPDATES` or `PUSH PROFILE_UPDATES` feature. (example: 2014-06-24T15:27:59.000Z)
string (date-time)Timestamp when the object was last updated (example: 2014-06-24T15:28:14.000Z)
string (date-time)Timestamp when the application user password was last changed (example: 2014-06-24T15:27:59.000Z)
objectSpecifies the default and custom profile properties for a user. Properties that are visible in the Admin Console for an app assignment can also be assigned through the API. Some properties are reference properties that are imported from the target app and can't be configured. See [profile](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response).
stringIndicates if the assignment is direct (`USER`) or by group membership (`GROUP`). (example: USER)
stringStatus of an application user (example: ACTIVE)
string (date-time)Timestamp when the application user status was last changed (example: 2014-06-24T15:28:14.000Z)
stringThe synchronization state for the application user. The application user's `syncState` depends on whether the `PROFILE_MASTERING` feature is enabled for the app. > **Note:** User provisioning currently must be configured through the Admin Console. (example: SYNCHRONIZED)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limit, q, expandLists all assigned users for an app
subdomainexpandRetrieves a specific user assignment for a specific app
subdomainAssigns a user to an app for:

* SSO only<br>
Assignments to SSO apps typically don't include a user profile.
However, if your SSO app requires a profile but doesn't have provisioning enabled, you can add profile attributes in the request body.

* SSO and provisioning<br>
Assignments to SSO and provisioning apps typically include credentials and an app-specific profile.
Profile mappings defined for the app are applied first before applying any profile properties that are specified in the request body.
> **Notes:**
> * When Universal Directory is enabled, you can only specify profile properties that aren't defined in profile mappings.
> * Omit mapped properties during assignment to minimize assignment errors.
subdomainUpdates the profile or credentials of a user assigned to an app
subdomainsendEmailUnassigns a user from an app

For directories like Active Directory and LDAP, they act as the owner of the user's credential with Okta delegating authentication (DelAuth) to that directory.
If this request is successful for a user when DelAuth is enabled, then the user is in a state with no password. You can then reset the user's password.

> **Important:** This is a destructive operation. You can't recover the user's app profile. If the app is enabled for provisioning and configured to deactivate users, the user is also deactivated in the target app.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination]https://developer.okta.com/docs/api#pagination.
stringAn optional query parameter to return the corresponding [User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/) object in the `_embedded` property. Valid value: `user`
integer (int32)Specifies the number of objects to return per page. If there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it). See [Pagination]https://developer.okta.com/docs/api#pagination.
stringSpecifies a filter for the list of application users returned based on their profile attributes. The value of `q` is matched against the beginning of the following profile attributes: `userName`, `firstName`, `lastName`, and `email`. This filter only supports the `startsWith` operation that matches the `q` string against the beginning of the attribute values. > **Note:** For OIDC apps, user profiles don't contain the `firstName` or `lastName` attributes. Therefore, the query only matches against the `userName` or `email` attributes.
booleanSends a deactivation email to the administrator if `true`
+ +## `SELECT` examples + + + + +Lists all assigned users for an app + +```sql +SELECT +id, +_embedded, +_links, +created, +credentials, +externalId, +lastSync, +lastUpdated, +passwordChanged, +profile, +scope, +status, +statusChanged, +syncState +FROM okta.apps.application_users +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND q = '{{ q }}' +AND expand = '{{ expand }}'; +``` + + + +Retrieves a specific user assignment for a specific app + +```sql +SELECT +id, +_embedded, +_links, +created, +credentials, +externalId, +lastSync, +lastUpdated, +passwordChanged, +profile, +scope, +status, +statusChanged, +syncState +FROM okta.apps.application_users +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + + +## `INSERT` examples + + + + +Assigns a user to an app for:

* SSO only<br>
Assignments to SSO apps typically don't include a user profile.
However, if your SSO app requires a profile but doesn't have provisioning enabled, you can add profile attributes in the request body.

* SSO and provisioning<br>
Assignments to SSO and provisioning apps typically include credentials and an app-specific profile.
Profile mappings defined for the app are applied first before applying any profile properties that are specified in the request body.
> **Notes:**
> * When Universal Directory is enabled, you can only specify profile properties that aren't defined in profile mappings.
> * Omit mapped properties during assignment to minimize assignment errors. + +```sql +INSERT INTO okta.apps.application_users ( +data__credentials, +data__id, +data__profile, +data__scope, +subdomain +) +SELECT +'{{ credentials }}', +'{{ id }}' --required, +'{{ profile }}', +'{{ scope }}', +'{{ subdomain }}' +RETURNING +id, +_embedded, +_links, +created, +credentials, +externalId, +lastSync, +lastUpdated, +passwordChanged, +profile, +scope, +status, +statusChanged, +syncState +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: application_users + props: + - name: subdomain + value: string + description: Required parameter for the application_users resource. + - name: credentials + value: object + description: > + Specifies a user's credentials for the app. +This parameter can be omitted for apps with [sign-on mode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/signOnMode&t=response) (`signOnMode`) or [authentication schemes](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/getApplication!c=200&path=0/credentials/scheme&t=response) (`credentials.scheme`) that don't require credentials. + + - name: id + value: string + description: > + Unique identifier for the Okta user + + - name: profile + value: object + description: > + Specifies the default and custom profile properties for a user. +Properties that are visible in the Admin Console for an app assignment can also be assigned through the API. +Some properties are reference properties that are imported from the target app and can't be configured. +See [profile](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response). + + - name: scope + value: string + description: > + Indicates if the assignment is direct (`USER`) or by group membership (`GROUP`). + + valid_values: ['USER', 'GROUP'] +``` + + + + +## `UPDATE` examples + + + + +Updates the profile or credentials of a user assigned to an app + +```sql +UPDATE okta.apps.application_users +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_embedded, +_links, +created, +credentials, +externalId, +lastSync, +lastUpdated, +passwordChanged, +profile, +scope, +status, +statusChanged, +syncState; +``` + + + + +## `DELETE` examples + + + + +Unassigns a user from an app

For directories like Active Directory and LDAP, they act as the owner of the user's credential with Okta delegating authentication (DelAuth) to that directory.
If this request is successful for a user when DelAuth is enabled, then the user is in a state with no password. You can then reset the user's password.

> **Important:** This is a destructive operation. You can't recover the user's app profile. If the app is enabled for provisioning and configured to deactivate users, the user is also deactivated in the target app. + +```sql +DELETE FROM okta.apps.application_users +WHERE subdomain = '{{ subdomain }}' --required +AND sendEmail = '{{ sendEmail }}'; +``` + + diff --git a/website/docs/services/apps/applications/index.md b/website/docs/services/apps/applications/index.md new file mode 100644 index 0000000..998a5e2 --- /dev/null +++ b/website/docs/services/apps/applications/index.md @@ -0,0 +1,705 @@ +--- +title: applications +hide_title: false +hide_table_of_contents: false +keywords: + - applications + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an applications resource. + +## Overview + + + + +
Nameapplications
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID for the app instance
objectEmbedded resources related to the app using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. If the `expand=user/{userId}` query parameter is specified, then the assigned [Application User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) is embedded.
objectDiscoverable resources related to the app
objectSpecifies access settings for the app
string (date-time)Timestamp when the application object was created
arrayEnabled app features > **Note:** See [Application Features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationFeatures/) for app provisioning features.
stringUser-defined display name for app
string (date-time)Timestamp when the application object was last updated
objectLicenses for the app
stringThe Okta resource name (ORN) for the current app instance
objectContains any valid JSON schema for specifying properties that can be referenced from a request (only available to OAuth 2.0 client apps). For example, add an app manager contact email address or define an allowlist of groups that you can then reference using the Okta Expression Language `getFilteredGroups` function. > **Notes:** > * `profile` isn't encrypted, so don't store sensitive data in it. > * `profile` doesn't limit the level of nesting in the JSON schema you created, but there is a practical size limit. Okta recommends a JSON schema size of 1 MB or less for best performance.
stringAuthentication mode for the app | signOnMode | Description | | ---------- | ----------- | | AUTO_LOGIN | Secure Web Authentication (SWA) | | BASIC_AUTH | HTTP Basic Authentication with Okta Browser Plugin | | BOOKMARK | Just a bookmark (no-authentication) | | BROWSER_PLUGIN | Secure Web Authentication (SWA) with Okta Browser Plugin | | OPENID_CONNECT | Federated Authentication with OpenID Connect (OIDC) | | SAML_1_1 | Federated Authentication with SAML 1.1 WebSSO (not supported for custom apps) | | SAML_2_0 | Federated Authentication with SAML 2.0 WebSSO | | SECURE_PASSWORD_STORE | Secure Web Authentication (SWA) with POST (plugin not required) | | WS_FEDERATION | Federated Authentication with WS-Federation Passive Requestor Profile | Select the `signOnMode` for your custom app:
stringApp instance status
object<div class="x-lifecycle-container"><x-lifecycle class="oie"></x-lifecycle></div> Universal Logout properties for the app. These properties are only returned and can't be updated. (example: ACTIVE)
objectSpecifies visibility settings for the app
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID for the app instance
objectEmbedded resources related to the app using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. If the `expand=user/{userId}` query parameter is specified, then the assigned [Application User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) is embedded.
objectDiscoverable resources related to the app
objectSpecifies access settings for the app
string (date-time)Timestamp when the application object was created
arrayEnabled app features > **Note:** See [Application Features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationFeatures/) for app provisioning features.
stringUser-defined display name for app
string (date-time)Timestamp when the application object was last updated
objectLicenses for the app
stringThe Okta resource name (ORN) for the current app instance
objectContains any valid JSON schema for specifying properties that can be referenced from a request (only available to OAuth 2.0 client apps). For example, add an app manager contact email address or define an allowlist of groups that you can then reference using the Okta Expression Language `getFilteredGroups` function. > **Notes:** > * `profile` isn't encrypted, so don't store sensitive data in it. > * `profile` doesn't limit the level of nesting in the JSON schema you created, but there is a practical size limit. Okta recommends a JSON schema size of 1 MB or less for best performance.
stringAuthentication mode for the app | signOnMode | Description | | ---------- | ----------- | | AUTO_LOGIN | Secure Web Authentication (SWA) | | BASIC_AUTH | HTTP Basic Authentication with Okta Browser Plugin | | BOOKMARK | Just a bookmark (no-authentication) | | BROWSER_PLUGIN | Secure Web Authentication (SWA) with Okta Browser Plugin | | OPENID_CONNECT | Federated Authentication with OpenID Connect (OIDC) | | SAML_1_1 | Federated Authentication with SAML 1.1 WebSSO (not supported for custom apps) | | SAML_2_0 | Federated Authentication with SAML 2.0 WebSSO | | SECURE_PASSWORD_STORE | Secure Web Authentication (SWA) with POST (plugin not required) | | WS_FEDERATION | Federated Authentication with WS-Federation Passive Requestor Profile | Select the `signOnMode` for your custom app:
stringApp instance status
object<div class="x-lifecycle-container"><x-lifecycle class="oie"></x-lifecycle></div> Universal Logout properties for the app. These properties are only returned and can't be updated. (example: ACTIVE)
objectSpecifies visibility settings for the app
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainq, after, useOptimization, limit, filter, expand, includeNonDeletedLists all apps in the org with pagination. A subset of apps can be returned that match a supported filter expression or query. The results are [paginated]https://developer.okta.com/docs/api#pagination according to the `limit` parameter. If there are multiple pages of results, the header contains a `next` link. Treat the link as an opaque value (follow it, don't parse it).

> **Note:** To list all of a member's assigned app links, use the [List all assigned app links endpoint in the User Resources API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listAppLinks).
subdomainexpandRetrieves an application from your Okta organization by `id`
subdomainactivate, OktaAccessGateway-AgentCreates an app instance in your Okta org.

You can either create an OIN app instance or a custom app instance:
* OIN app instances have prescribed `name` (key app definition) and `signOnMode` options. See the [OIN schemas](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/schema/GoogleApplication) for the request body.
* For custom app instances, select the [signOnMode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=0/signOnMode&t=request) that pertains to your app and specify the required parameters in the request body.
subdomainReplaces properties for an application
> **Notes:**
> * All required properties must be specified in the request body
> * You can't modify system-assigned properties, such as `id`, `name`, `status`, `created`, and `lastUpdated`. The values for these properties in the PUT request body are ignored.
subdomainDeletes an inactive application
subdomainActivates an inactive application
subdomainDeactivates an active application

> **Note:** Deactivating an app triggers a full reconciliation of all users assigned to the app by groups. This reconcile process removes the app assignment for the deactivated app, and might also correct assignments that were supposed to be removed but failed previously.
subdomainUploads a logo for the app instance.
If the app already has a logo, this operation replaces the previous logo.

The logo is visible in the Admin Console as an icon for your app instance.
If you have one `appLink` object configured, this logo also appears in the End-User Dashboard as an icon for your app.
> **Note:** If you have multiple `appLink` objects, use the Admin Console to add logos for each app link.
> You can't use the API to add logos for multiple app links.
subdomainAssigns an app to an [authentication policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/), identified by `policyId`.
If the app was previously assigned to another policy, this operation replaces that assignment with the updated policy identified by `policyId`.

> **Note:** When you [merge duplicate authentication policies](https://help.okta.com/okta_help.htm?type=oie&id=ext-merge-auth-policies),
the policy and mapping CRUD operations may be unavailable during the consolidation. When the consolidation is complete, you receive an email with merged results.
kid, subdomainPreviews the SSO SAML metadata for an application
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
string
booleanExecutes activation lifecycle operation when creating the app
stringSpecifies the [pagination]https://developer.okta.com/docs/api#pagination cursor for the next page of results. Treat this as an opaque value obtained through the `next` link relationship.
stringAn optional query parameter to return the specified [Application User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) in the `_embedded` property. Valid value: `expand=user/{userId}`
stringFilters apps by `status`, `user.id`, `group.id`, `credentials.signing.kid` or `name` expression that supports the `eq` operator
booleanSpecifies whether to include non-active, but not deleted apps in the results
integer (int32)Specifies the number of results per page
stringSearches for apps with `name` or `label` properties that starts with the `q` value using the `startsWith` operation
booleanSpecifies whether to use query optimization. If you specify `useOptimization=true` in the request query, the response contains a subset of app instance properties.
+ +## `SELECT` examples + + + + +Lists all apps in the org with pagination. A subset of apps can be returned that match a supported filter expression or query. The results are [paginated]https://developer.okta.com/docs/api#pagination according to the `limit` parameter. If there are multiple pages of results, the header contains a `next` link. Treat the link as an opaque value (follow it, don't parse it).

> **Note:** To list all of a member's assigned app links, use the [List all assigned app links endpoint in the User Resources API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listAppLinks). + +```sql +SELECT +id, +_embedded, +_links, +accessibility, +created, +features, +label, +lastUpdated, +licensing, +orn, +profile, +signOnMode, +status, +universalLogout, +visibility +FROM okta.apps.applications +WHERE subdomain = '{{ subdomain }}' -- required +AND q = '{{ q }}' +AND after = '{{ after }}' +AND useOptimization = '{{ useOptimization }}' +AND limit = '{{ limit }}' +AND filter = '{{ filter }}' +AND expand = '{{ expand }}' +AND includeNonDeleted = '{{ includeNonDeleted }}'; +``` + + + +Retrieves an application from your Okta organization by `id` + +```sql +SELECT +id, +_embedded, +_links, +accessibility, +created, +features, +label, +lastUpdated, +licensing, +orn, +profile, +signOnMode, +status, +universalLogout, +visibility +FROM okta.apps.applications +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + + +## `INSERT` examples + + + + +Creates an app instance in your Okta org.

You can either create an OIN app instance or a custom app instance:
* OIN app instances have prescribed `name` (key app definition) and `signOnMode` options. See the [OIN schemas](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/schema/GoogleApplication) for the request body.
* For custom app instances, select the [signOnMode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=0/signOnMode&t=request) that pertains to your app and specify the required parameters in the request body.
+ +```sql +INSERT INTO okta.apps.applications ( +data__accessibility, +data__label, +data__licensing, +data__profile, +data__signOnMode, +data__visibility, +subdomain, +activate, +OktaAccessGateway-Agent +) +SELECT +'{{ accessibility }}', +'{{ label }}' --required, +'{{ licensing }}', +'{{ profile }}', +'{{ signOnMode }}' --required, +'{{ visibility }}', +'{{ subdomain }}', +'{{ activate }}', +'{{ OktaAccessGateway-Agent }}' +RETURNING +id, +_embedded, +_links, +accessibility, +created, +features, +label, +lastUpdated, +licensing, +orn, +profile, +signOnMode, +status, +universalLogout, +visibility +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: applications + props: + - name: subdomain + value: string + description: Required parameter for the applications resource. + - name: accessibility + value: object + description: > + Specifies access settings for the app + + - name: label + value: string + description: > + User-defined display name for app + + - name: licensing + value: object + description: > + Licenses for the app + + - name: profile + value: object + description: > + Contains any valid JSON schema for specifying properties that can be referenced from a request (only available to OAuth 2.0 client apps). +For example, add an app manager contact email address or define an allowlist of groups that you can then reference using the Okta Expression Language `getFilteredGroups` function. + +> **Notes:** +> * `profile` isn't encrypted, so don't store sensitive data in it. +> * `profile` doesn't limit the level of nesting in the JSON schema you created, but there is a practical size limit. Okta recommends a JSON schema size of 1 MB or less for best performance. + + - name: signOnMode + value: string + description: > + Authentication mode for the app + +| signOnMode | Description | +| ---------- | ----------- | +| AUTO_LOGIN | Secure Web Authentication (SWA) | +| BASIC_AUTH | HTTP Basic Authentication with Okta Browser Plugin | +| BOOKMARK | Just a bookmark (no-authentication) | +| BROWSER_PLUGIN | Secure Web Authentication (SWA) with Okta Browser Plugin | +| OPENID_CONNECT | Federated Authentication with OpenID Connect (OIDC) | +| SAML_1_1 | Federated Authentication with SAML 1.1 WebSSO (not supported for custom apps) | +| SAML_2_0 | Federated Authentication with SAML 2.0 WebSSO | +| SECURE_PASSWORD_STORE | Secure Web Authentication (SWA) with POST (plugin not required) | +| WS_FEDERATION | Federated Authentication with WS-Federation Passive Requestor Profile | + +Select the `signOnMode` for your custom app: + + valid_values: ['AUTO_LOGIN', 'BASIC_AUTH', 'BOOKMARK', 'BROWSER_PLUGIN', 'OPENID_CONNECT', 'SAML_1_1', 'SAML_2_0', 'SECURE_PASSWORD_STORE', 'WS_FEDERATION'] + - name: visibility + value: object + description: > + Specifies visibility settings for the app + + - name: activate + value: boolean + description: Executes activation lifecycle operation when creating the app + - name: OktaAccessGateway-Agent + value: string +``` + + + + +## `REPLACE` examples + + + + +Replaces properties for an application
> **Notes:**
> * All required properties must be specified in the request body
> * You can't modify system-assigned properties, such as `id`, `name`, `status`, `created`, and `lastUpdated`. The values for these properties in the PUT request body are ignored.
+ +```sql +REPLACE okta.apps.applications +SET +data__accessibility = '{{ accessibility }}', +data__label = '{{ label }}', +data__licensing = '{{ licensing }}', +data__profile = '{{ profile }}', +data__signOnMode = '{{ signOnMode }}', +data__visibility = '{{ visibility }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__signOnMode = '{{ signOnMode }}' --required +AND data__label = '{{ label }}' --required +RETURNING +id, +_embedded, +_links, +accessibility, +created, +features, +label, +lastUpdated, +licensing, +orn, +profile, +signOnMode, +status, +universalLogout, +visibility; +``` + + + + +## `DELETE` examples + + + + +Deletes an inactive application + +```sql +DELETE FROM okta.apps.applications +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates an inactive application + +```sql +EXEC okta.apps.applications.activate_application +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates an active application

> **Note:** Deactivating an app triggers a full reconciliation of all users assigned to the app by groups. This reconcile process removes the app assignment for the deactivated app, and might also correct assignments that were supposed to be removed but failed previously. + +```sql +EXEC okta.apps.applications.deactivate_application +@subdomain='{{ subdomain }}' --required; +``` + + + +Uploads a logo for the app instance.
If the app already has a logo, this operation replaces the previous logo.

The logo is visible in the Admin Console as an icon for your app instance.
If you have one `appLink` object configured, this logo also appears in the End-User Dashboard as an icon for your app.
> **Note:** If you have multiple `appLink` objects, use the Admin Console to add logos for each app link.
> You can't use the API to add logos for multiple app links.
+ +```sql +EXEC okta.apps.applications.upload_application_logo +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"file": "{{ file }}" +}'; +``` + + + +Assigns an app to an [authentication policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/), identified by `policyId`.
If the app was previously assigned to another policy, this operation replaces that assignment with the updated policy identified by `policyId`.

> **Note:** When you [merge duplicate authentication policies](https://help.okta.com/okta_help.htm?type=oie&id=ext-merge-auth-policies),
the policy and mapping CRUD operations may be unavailable during the consolidation. When the consolidation is complete, you receive an email with merged results. + +```sql +EXEC okta.apps.applications.assign_application_policy +@subdomain='{{ subdomain }}' --required; +``` + + + +Previews the SSO SAML metadata for an application + +```sql +EXEC okta.apps.applications.preview_samlmetadata_for_application +@kid='{{ kid }}' --required, +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/connection_jwks/index.md b/website/docs/services/apps/connection_jwks/index.md new file mode 100644 index 0000000..089a7f6 --- /dev/null +++ b/website/docs/services/apps/connection_jwks/index.md @@ -0,0 +1,126 @@ +--- +title: connection_jwks +hide_title: false +hide_table_of_contents: false +keywords: + - connection_jwks + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a connection_jwks resource. + +## Overview + + + + +
Nameconnection_jwks
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves a JWKS for the default provisioning connection. This can be used by the OAuth 2.0 app's `jwk_uri` property in the target org.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves a JWKS for the default provisioning connection. This can be used by the OAuth 2.0 app's `jwk_uri` property in the target org. + +```sql +SELECT +jwks +FROM okta.apps.connection_jwks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/apps/connections/index.md b/website/docs/services/apps/connections/index.md new file mode 100644 index 0000000..0a2836d --- /dev/null +++ b/website/docs/services/apps/connections/index.md @@ -0,0 +1,267 @@ +--- +title: connections +hide_title: false +hide_table_of_contents: false +keywords: + - connections + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a connections resource. + +## Overview + + + + +
Nameconnections
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringA token is used to authenticate with the app. This property is only returned for the `TOKEN` authentication scheme.
stringBase URL
object
stringProvisioning connection status (default: DISABLED)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the default provisioning connection for an app
subdomainactivateUpdates the default provisioning connection for an app
subdomainActivates the default provisioning connection for an app
subdomainDeactivates the default provisioning connection for an app
subdomaincode, stateVerifies the OAuth 2.0-based connection as part of the OAuth 2.0 consent flow. The validation of the consent flow is the last step of the provisioning setup for an OAuth 2.0-based connection.
Currently, this operation only supports `office365`,`google`, `zoomus`, and `slack` apps.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
booleanActivates the provisioning connection
string
string
+ +## `SELECT` examples + + + + +Retrieves the default provisioning connection for an app + +```sql +SELECT +_links, +authScheme, +baseUrl, +profile, +status +FROM okta.apps.connections +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates the default provisioning connection for an app + +```sql +UPDATE okta.apps.connections +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required +AND activate = {{ activate}} +RETURNING +_links, +authScheme, +baseUrl, +profile, +status; +``` + + + + +## Lifecycle Methods + + + + +Activates the default provisioning connection for an app + +```sql +EXEC okta.apps.connections.activate_default_provisioning_connection_for_application +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates the default provisioning connection for an app + +```sql +EXEC okta.apps.connections.deactivate_default_provisioning_connection_for_application +@subdomain='{{ subdomain }}' --required; +``` + + + +Verifies the OAuth 2.0-based connection as part of the OAuth 2.0 consent flow. The validation of the consent flow is the last step of the provisioning setup for an OAuth 2.0-based connection.
Currently, this operation only supports `office365`,`google`, `zoomus`, and `slack` apps.
+ +```sql +EXEC okta.apps.connections.verify_provisioning_connection_for_application +@subdomain='{{ subdomain }}' --required, +@code='{{ code }}', +@state='{{ state }}'; +``` + + diff --git a/website/docs/services/apps/cross_app_access_connections/index.md b/website/docs/services/apps/cross_app_access_connections/index.md new file mode 100644 index 0000000..08caa80 --- /dev/null +++ b/website/docs/services/apps/cross_app_access_connections/index.md @@ -0,0 +1,378 @@ +--- +title: cross_app_access_connections +hide_title: false +hide_table_of_contents: false +keywords: + - cross_app_access_connections + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a cross_app_access_connections resource. + +## Overview + + + + +
Namecross_app_access_connections
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the connection (example: cwofxqCAJWWGELFTYASJ)
string (date-time)The ISO 8601 formatted date and time when the connection was created (example: 2024-10-15T10:30:00.000Z)
string (date-time)The ISO 8601 formatted date and time when the connection was last updated (example: 2024-10-15T14:20:00.000Z)
stringID of the requesting app instance (example: 0oafxqCAJWWGELFTYASJ)
stringID of the resource app instance (example: 0oafxqCBJWWGELFTYASK)
stringIndicates if the Cross App Access connection is active or inactive (example: ACTIVE)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the connection (example: cwofxqCAJWWGELFTYASJ)
string (date-time)The ISO 8601 formatted date and time when the connection was created (example: 2024-10-15T10:30:00.000Z)
string (date-time)The ISO 8601 formatted date and time when the connection was last updated (example: 2024-10-15T14:20:00.000Z)
stringID of the requesting app instance (example: 0oafxqCAJWWGELFTYASJ)
stringID of the resource app instance (example: 0oafxqCBJWWGELFTYASK)
stringIndicates if the Cross App Access connection is active or inactive (example: ACTIVE)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitRetrieves inbound and outbound Cross App Access connections associated with an app
subdomainRetrieves the Cross App Access connection with the specified ID
subdomainCreates a Cross App Access connection
subdomainUpdates the Cross App Access connection with the specified ID
subdomainDeletes a Cross App Access connection with the specified ID
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of connection results
integer (int32)Specifies the number of results to return per page. The values: * -1: Return all results (up to system maximum) * 0: Return an empty result set * Positive integer: Return up to that many results (capped at system maximum)
+ +## `SELECT` examples + + + + +Retrieves inbound and outbound Cross App Access connections associated with an app
+ +```sql +SELECT +id, +created, +lastUpdated, +requestingAppInstanceId, +resourceAppInstanceId, +status +FROM okta.apps.cross_app_access_connections +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + +Retrieves the Cross App Access connection with the specified ID
+ +```sql +SELECT +id, +created, +lastUpdated, +requestingAppInstanceId, +resourceAppInstanceId, +status +FROM okta.apps.cross_app_access_connections +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a Cross App Access connection
+ +```sql +INSERT INTO okta.apps.cross_app_access_connections ( +data__requestingAppInstanceId, +data__resourceAppInstanceId, +data__status, +subdomain +) +SELECT +'{{ requestingAppInstanceId }}', +'{{ resourceAppInstanceId }}', +'{{ status }}', +'{{ subdomain }}' +RETURNING +id, +created, +lastUpdated, +requestingAppInstanceId, +resourceAppInstanceId, +status +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: cross_app_access_connections + props: + - name: subdomain + value: string + description: Required parameter for the cross_app_access_connections resource. + - name: requestingAppInstanceId + value: string + description: > + ID of the requesting app instance + + - name: resourceAppInstanceId + value: string + description: > + ID of the resource app instance + + - name: status + value: string + description: > + Indicates if the Cross App Access connection is active or inactive + + valid_values: ['ACTIVE', 'INACTIVE'] +``` + + + + +## `UPDATE` examples + + + + +Updates the Cross App Access connection with the specified ID
+ +```sql +UPDATE okta.apps.cross_app_access_connections +SET +data__status = '{{ status }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__status = '{{ status }}' --required +RETURNING +id, +created, +lastUpdated, +requestingAppInstanceId, +resourceAppInstanceId, +status; +``` + + + + +## `DELETE` examples + + + + +Deletes a Cross App Access connection with the specified ID
+ +```sql +DELETE FROM okta.apps.cross_app_access_connections +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/csrs/index.md b/website/docs/services/apps/csrs/index.md new file mode 100644 index 0000000..86faf66 --- /dev/null +++ b/website/docs/services/apps/csrs/index.md @@ -0,0 +1,293 @@ +--- +title: csrs +hide_title: false +hide_table_of_contents: false +keywords: + - csrs + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a csrs resource. + +## Overview + + + + +
Namecsrs
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string (example: h9zkutaSe7fZX0SwN1GqDApofgD1OW8g2B5l2azha50)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of a CSR object using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
string (example: MIIC4DCCAcgCAQAwcTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCk9rdGEsIEluYy4xDDAKBgNVBAsMA0RldjESMBAGA1UEAwwJU1AgSXNzdWVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6m8jHVCr9/tKvvbFN59T4raoCs/78KRm4fSefHQOv1TKLXo4wTLbsqYWRWc5u0sd5orUMQgPQOyj3i6qh13mALY4BzrT057EG1BUNjGg29QgYlnOk2iX890e5BIDMQQEIKFrvOi2V8cLUkLvE2ydRn0VO1Q1frbUkYeStJYC5Api2JQsYRwa+1ZeDH1ITnIzUaugWhW2WB2lSnwZkenne5KtffxMPYVu+IhNRHoKaRA6Z51YNhMJIx17JM2hs/H4Ka3drk6kzDf7ofk/yBpb9yBWyU7CTSQhdoHidxqFprMDaT66W928t3AeOENHBuwn8c2K9WeGG+bELNyQRJVmawIDAQABoCowKAYJKoZIhvcNAQkOMRswGTAXBgNVHREEEDAOggxkZXYub2t0YS5jb20wDQYJKoZIhvcNAQELBQADggEBAA2hsVJRVM+A83X9MekjTnIbt19UNT8wX7wlE9jUKirWsxceLiZBpVGn9qfKhhVIpvdaIRSeoFYS2Kg/m1G6bCvjmZLcrQ5FcEBjZH2NKfNppGVnfC2ugtUkBtCB+UUzOhKhRKJtGugenKbP33zRWWIqnd2waF6Cy8TIuqQVPbwEDN9bCbAs7ND6CFYNguY7KYjWzQOeAR716eqpEEXuPYAS4nx/ty4ylonR8cv+gpq51rvq80A4k/36aoeM0Y6I4w64vhTfuvWW2UYFUD+/+y2FA2CSP4JfctySrf1s525v6fzTFZ3qZbB5OZQtP2b8xYWktMzywsxGKDoVDB4wkH4=)
string (example: RSA)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string (example: h9zkutaSe7fZX0SwN1GqDApofgD1OW8g2B5l2azha50)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of a CSR object using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
string (example: MIIC4DCCAcgCAQAwcTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCk9rdGEsIEluYy4xDDAKBgNVBAsMA0RldjESMBAGA1UEAwwJU1AgSXNzdWVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6m8jHVCr9/tKvvbFN59T4raoCs/78KRm4fSefHQOv1TKLXo4wTLbsqYWRWc5u0sd5orUMQgPQOyj3i6qh13mALY4BzrT057EG1BUNjGg29QgYlnOk2iX890e5BIDMQQEIKFrvOi2V8cLUkLvE2ydRn0VO1Q1frbUkYeStJYC5Api2JQsYRwa+1ZeDH1ITnIzUaugWhW2WB2lSnwZkenne5KtffxMPYVu+IhNRHoKaRA6Z51YNhMJIx17JM2hs/H4Ka3drk6kzDf7ofk/yBpb9yBWyU7CTSQhdoHidxqFprMDaT66W928t3AeOENHBuwn8c2K9WeGG+bELNyQRJVmawIDAQABoCowKAYJKoZIhvcNAQkOMRswGTAXBgNVHREEEDAOggxkZXYub2t0YS5jb20wDQYJKoZIhvcNAQELBQADggEBAA2hsVJRVM+A83X9MekjTnIbt19UNT8wX7wlE9jUKirWsxceLiZBpVGn9qfKhhVIpvdaIRSeoFYS2Kg/m1G6bCvjmZLcrQ5FcEBjZH2NKfNppGVnfC2ugtUkBtCB+UUzOhKhRKJtGugenKbP33zRWWIqnd2waF6Cy8TIuqQVPbwEDN9bCbAs7ND6CFYNguY7KYjWzQOeAR716eqpEEXuPYAS4nx/ty4ylonR8cv+gpq51rvq80A4k/36aoeM0Y6I4w64vhTfuvWW2UYFUD+/+y2FA2CSP4JfctySrf1s525v6fzTFZ3qZbB5OZQtP2b8xYWktMzywsxGKDoVDB4wkH4=)
string (example: RSA)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all Certificate Signing Requests for an application
subdomainRetrieves a Certificate Signing Request (CSR) for the app by `csrId`.

Returns a Base64-encoded CSR in DER format if the `Accept` media type is `application/pkcs10` or a CSR object if the `Accept` media type is `application/json`.
subdomainRevokes a Certificate Signing Request and deletes the key pair from the app
subdomainGenerates a new key pair and returns the Certificate Signing Request(CSR) for it. The information in a CSR is used by the Certificate Authority (CA) to verify and create your certificate. It also contains the public key that is included in your certificate.

Returns CSR in `pkcs#10` format if the `Accept` media type is `application/pkcs10` or a CSR object if the `Accept` media type is `application/json`.
> **Note:** The key pair isn't listed in the Key Credentials for the app until it's published.
subdomainPublishes a Certificate Signing Request (CSR) for the app with a signed X.509 certificate and adds it into the Application Key Credentials.
> **Note:** Publishing a certificate completes the lifecycle of the CSR and it's no longer accessible.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all Certificate Signing Requests for an application + +```sql +SELECT +id, +_links, +created, +csr, +kty +FROM okta.apps.csrs +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a Certificate Signing Request (CSR) for the app by `csrId`.

Returns a Base64-encoded CSR in DER format if the `Accept` media type is `application/pkcs10` or a CSR object if the `Accept` media type is `application/json`. + +```sql +SELECT +id, +_links, +created, +csr, +kty +FROM okta.apps.csrs +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `DELETE` examples + + + + +Revokes a Certificate Signing Request and deletes the key pair from the app + +```sql +DELETE FROM okta.apps.csrs +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Generates a new key pair and returns the Certificate Signing Request(CSR) for it. The information in a CSR is used by the Certificate Authority (CA) to verify and create your certificate. It also contains the public key that is included in your certificate.

Returns CSR in `pkcs#10` format if the `Accept` media type is `application/pkcs10` or a CSR object if the `Accept` media type is `application/json`.
> **Note:** The key pair isn't listed in the Key Credentials for the app until it's published. + +```sql +EXEC okta.apps.csrs.generate_csr_for_application +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"subject": "{{ subject }}", +"subjectAltNames": "{{ subjectAltNames }}" +}'; +``` + + + +Publishes a Certificate Signing Request (CSR) for the app with a signed X.509 certificate and adds it into the Application Key Credentials.
> **Note:** Publishing a certificate completes the lifecycle of the CSR and it's no longer accessible. + +```sql +EXEC okta.apps.csrs.publish_csr_from_application +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/features/index.md b/website/docs/services/apps/features/index.md new file mode 100644 index 0000000..07a7e4c --- /dev/null +++ b/website/docs/services/apps/features/index.md @@ -0,0 +1,240 @@ +--- +title: features +hide_title: false +hide_table_of_contents: false +keywords: + - features + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a features resource. + +## Overview + + + + +
Namefeatures
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringKey name of the feature | Feature name | Description | | --------- | ------------- | | USER_PROVISIONING | User profiles are pushed from Okta to the third-party app. Represents the **To App** provisioning feature setting in the Admin Console. | | INBOUND_PROVISIONING | User profiles are imported from the third-party app into Okta. This feature represents the **To Okta** provisioning feature setting in the Admin Console. | Select the feature: (example: USER_PROVISIONING)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringDescription of the feature (example: Settings for provisioning users from Okta to a downstream app)
stringSetting status (default: DISABLED, example: ENABLED)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringKey name of the feature | Feature name | Description | | --------- | ------------- | | USER_PROVISIONING | User profiles are pushed from Okta to the third-party app. Represents the **To App** provisioning feature setting in the Admin Console. | | INBOUND_PROVISIONING | User profiles are imported from the third-party app into Okta. This feature represents the **To Okta** provisioning feature setting in the Admin Console. | Select the feature: (example: USER_PROVISIONING)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringDescription of the feature (example: Settings for provisioning users from Okta to a downstream app)
stringSetting status (default: DISABLED, example: ENABLED)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all features for an app
> **Note:** This request returns an error if provisioning isn't enabled for the app.
> To set up provisioning, see [Update the default provisioning connection](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationConnections/#tag/ApplicationConnections/operation/updateDefaultProvisioningConnectionForApplication).
subdomainRetrieves a Feature object for an app
subdomainUpdates a Feature object for an app
> **Note:** This endpoint supports partial updates.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all features for an app
> **Note:** This request returns an error if provisioning isn't enabled for the app.
> To set up provisioning, see [Update the default provisioning connection](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationConnections/#tag/ApplicationConnections/operation/updateDefaultProvisioningConnectionForApplication).
+ +```sql +SELECT +name, +_links, +description, +status +FROM okta.apps.features +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a Feature object for an app + +```sql +SELECT +name, +_links, +description, +status +FROM okta.apps.features +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Updates a Feature object for an app
> **Note:** This endpoint supports partial updates.
+ +```sql +REPLACE okta.apps.features +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +name, +_links, +description, +status; +``` + + diff --git a/website/docs/services/apps/federated_claims/index.md b/website/docs/services/apps/federated_claims/index.md new file mode 100644 index 0000000..bffcdfa --- /dev/null +++ b/website/docs/services/apps/federated_claims/index.md @@ -0,0 +1,322 @@ +--- +title: federated_claims +hide_title: false +hide_table_of_contents: false +keywords: + - federated_claims + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a federated_claims resource. + +## Overview + + + + +
Namefederated_claims
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique ID of the federated claim (example: ofc2f4zrZbs8nUa7p0g4)
stringThe name of the claim to be used in the produced token (example: roleg)
stringTimestamp when the federated claim was created (example: 2024-02-29T20:08:24.000Z)
stringThe Okta Expression Language expression to be evaluated at runtime (example: appuser.entitlements.role)
stringTimestamp when the federated claim was updated (example: 2023-02-21T20:08:24.000Z)
+ + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe name of the claim to be used in the produced token (example: role)
stringThe Okta Expression Language expression to be evaluated at runtime (example: appuser.entitlements.role)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all federated claims for your app
subdomainRetrieves a federated claim by `claimId`
subdomainCreates a claim that will be included in tokens produced by federation protocols (for example: OIDC `id_tokens` or SAML Assertions)
subdomainReplaces a claim that will be included in tokens produced by federation protocols (for example: OIDC `id_tokens` or SAML Assertions)
subdomainDeletes a federated claim by `claimId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all federated claims for your app + +```sql +SELECT +id, +name, +created, +expression, +lastUpdated +FROM okta.apps.federated_claims +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a federated claim by `claimId` + +```sql +SELECT +name, +expression +FROM okta.apps.federated_claims +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a claim that will be included in tokens produced by federation protocols (for example: OIDC `id_tokens` or SAML Assertions) + +```sql +INSERT INTO okta.apps.federated_claims ( +data__expression, +data__name, +subdomain +) +SELECT +'{{ expression }}', +'{{ name }}', +'{{ subdomain }}' +RETURNING +id, +name, +created, +expression, +lastUpdated +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: federated_claims + props: + - name: subdomain + value: string + description: Required parameter for the federated_claims resource. + - name: expression + value: string + description: > + The Okta Expression Language expression to be evaluated at runtime + + - name: name + value: string + description: > + The name of the claim to be used in the produced token + +``` + + + + +## `REPLACE` examples + + + + +Replaces a claim that will be included in tokens produced by federation protocols (for example: OIDC `id_tokens` or SAML Assertions) + +```sql +REPLACE okta.apps.federated_claims +SET +data__expression = '{{ expression }}', +data__name = '{{ name }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +created, +expression, +lastUpdated; +``` + + + + +## `DELETE` examples + + + + +Deletes a federated claim by `claimId` + +```sql +DELETE FROM okta.apps.federated_claims +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/grants/index.md b/website/docs/services/apps/grants/index.md new file mode 100644 index 0000000..863006f --- /dev/null +++ b/website/docs/services/apps/grants/index.md @@ -0,0 +1,405 @@ +--- +title: grants +hide_title: false +hide_table_of_contents: false +keywords: + - grants + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a grants resource. + +## Overview + + + + +
Namegrants
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Grant object (example: oag3ih1zrm1cBFOiq0h6)
objectEmbedded resources related to the Grant
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringClient ID of the app integration (example: oag3ih1zrm1cBFOiq0h6)
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
objectUser that created the object
stringThe issuer of your org authorization server. This is typically your Okta domain. (example: https://my_test_okta_org.oktapreview.com)
string (date-time)Timestamp when the object was last updated
stringThe name of the [Okta scope](https://developer.okta.com/docs/api/oauth2/#oauth-20-scopes) for which consent is granted (example: okta.users.read)
stringUser type source that granted consent (example: ADMIN)
stringStatus (example: ACTIVE)
stringUser ID that granted consent (if `source` is `END_USER`) (example: 00u5t60iloOHN9pBi0h7)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Grant object (example: oag3ih1zrm1cBFOiq0h6)
objectEmbedded resources related to the Grant
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringClient ID of the app integration (example: oag3ih1zrm1cBFOiq0h6)
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
objectUser that created the object
stringThe issuer of your org authorization server. This is typically your Okta domain. (example: https://my_test_okta_org.oktapreview.com)
string (date-time)Timestamp when the object was last updated
stringThe name of the [Okta scope](https://developer.okta.com/docs/api/oauth2/#oauth-20-scopes) for which consent is granted (example: okta.users.read)
stringUser type source that granted consent (example: ADMIN)
stringStatus (example: ACTIVE)
stringUser ID that granted consent (if `source` is `END_USER`) (example: 00u5t60iloOHN9pBi0h7)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainexpandLists all scope consent Grants for the app
subdomainexpandRetrieves a single scope consent Grant object for the app
subdomainGrants consent for the app to request an OAuth 2.0 Okta scope
subdomainRevokes permission for the app to grant the given scope
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringAn optional parameter to return scope details in the `_embedded` property. Valid value: `scope`
+ +## `SELECT` examples + + + + +Lists all scope consent Grants for the app + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +createdBy, +issuer, +lastUpdated, +scopeId, +source, +status, +userId +FROM okta.apps.grants +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + +Retrieves a single scope consent Grant object for the app + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +createdBy, +issuer, +lastUpdated, +scopeId, +source, +status, +userId +FROM okta.apps.grants +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + + +## `INSERT` examples + + + + +Grants consent for the app to request an OAuth 2.0 Okta scope + +```sql +INSERT INTO okta.apps.grants ( +data__issuer, +data__scopeId, +subdomain +) +SELECT +'{{ issuer }}' --required, +'{{ scopeId }}' --required, +'{{ subdomain }}' +RETURNING +id, +_embedded, +_links, +clientId, +created, +createdBy, +issuer, +lastUpdated, +scopeId, +source, +status, +userId +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: grants + props: + - name: subdomain + value: string + description: Required parameter for the grants resource. + - name: issuer + value: string + description: > + The issuer of your org authorization server. This is typically your Okta domain. + + - name: scopeId + value: string + description: > + The name of the [Okta scope](https://developer.okta.com/docs/api/oauth2/#oauth-20-scopes) for which consent is granted + +``` + + + + +## `DELETE` examples + + + + +Revokes permission for the app to grant the given scope + +```sql +DELETE FROM okta.apps.grants +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/group_assignments/index.md b/website/docs/services/apps/group_assignments/index.md new file mode 100644 index 0000000..08edbeb --- /dev/null +++ b/website/docs/services/apps/group_assignments/index.md @@ -0,0 +1,356 @@ +--- +title: group_assignments +hide_title: false +hide_table_of_contents: false +keywords: + - group_assignments + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a group_assignments resource. + +## Overview + + + + +
Namegroup_assignments
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the [group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) (example: 00g4hb1HChfUriNgW0g4)
objectEmbedded resource related to the Application Group using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. If the `expand=group` query parameter is specified, then the [group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) object is embedded. If the `expand=metadata` query parameter is specified, then the group assignment metadata is embedded.
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was last updated (example: 2014-06-24T15:28:14.000Z)
integerPriority assigned to the group. If an app has more than one group assigned to the same user, then the group with the higher priority has its profile applied to the [application user](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/). If a priority value isn't specified, then the next highest priority is assigned by default. See [Assign attribute group priority](https://help.okta.com/okta_help.htm?type=oie&id=ext-usgp-app-group-priority) and the [sample priority use case](https://help.okta.com/okta_help.htm?type=oie&id=ext-usgp-combine-values-use).
objectSpecifies the profile properties applied to [application users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) that are assigned to the app through group membership. Some reference properties are imported from the target app and can't be configured. See [profile](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response).
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the [group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) (example: 00g4hb1HChfUriNgW0g4)
objectEmbedded resource related to the Application Group using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. If the `expand=group` query parameter is specified, then the [group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) object is embedded. If the `expand=metadata` query parameter is specified, then the group assignment metadata is embedded.
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was last updated (example: 2014-06-24T15:28:14.000Z)
integerPriority assigned to the group. If an app has more than one group assigned to the same user, then the group with the higher priority has its profile applied to the [application user](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/). If a priority value isn't specified, then the next highest priority is assigned by default. See [Assign attribute group priority](https://help.okta.com/okta_help.htm?type=oie&id=ext-usgp-app-group-priority) and the [sample priority use case](https://help.okta.com/okta_help.htm?type=oie&id=ext-usgp-combine-values-use).
objectSpecifies the profile properties applied to [application users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) that are assigned to the app through group membership. Some reference properties are imported from the target app and can't be configured. See [profile](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/getUser!c=200&path=profile&t=response).
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainq, after, limit, expandLists all app group assignments
subdomainexpandRetrieves an app group assignment
subdomainUpdates a group assignment to an app
subdomainAssigns a [Group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) to an app, which in turn assigns the app to each [User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/) that belongs to the group.
The resulting application user [scope](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers!c=200&path=scope&t=response) is `GROUP` since the assignment was from the group membership.
subdomainUnassigns a Group from an app
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the `next` page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](https://developer.okta.com/docs/api/#pagination).
stringAn optional query parameter to return the corresponding assigned [group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) or the group assignment metadata details in the `_embedded` property.
integer (int32)Specifies the number of objects to return per page. If there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it). See [Pagination]https://developer.okta.com/docs/api#pagination.
stringSpecifies a filter for a list of assigned groups returned based on their names. The value of `q` is matched against the group `name`. This filter only supports the `startsWith` operation that matches the `q` string against the beginning of the [group name](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=profile/name&t=response).
+ +## `SELECT` examples + + + + +Lists all app group assignments + +```sql +SELECT +id, +_embedded, +_links, +lastUpdated, +priority, +profile +FROM okta.apps.group_assignments +WHERE subdomain = '{{ subdomain }}' -- required +AND q = '{{ q }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND expand = '{{ expand }}'; +``` + + + +Retrieves an app group assignment + +```sql +SELECT +id, +_embedded, +_links, +lastUpdated, +priority, +profile +FROM okta.apps.group_assignments +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + + +## `UPDATE` examples + + + + +Updates a group assignment to an app + +```sql +UPDATE okta.apps.group_assignments +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_embedded, +_links, +lastUpdated, +priority, +profile; +``` + + + + +## `REPLACE` examples + + + + +Assigns a [Group](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) to an app, which in turn assigns the app to each [User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/) that belongs to the group.
The resulting application user [scope](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/#tag/ApplicationUsers/operation/listApplicationUsers!c=200&path=scope&t=response) is `GROUP` since the assignment was from the group membership. + +```sql +REPLACE okta.apps.group_assignments +SET +data__priority = {{ priority }}, +data__profile = '{{ profile }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_embedded, +_links, +lastUpdated, +priority, +profile; +``` + + + + +## `DELETE` examples + + + + +Unassigns a Group from an app + +```sql +DELETE FROM okta.apps.group_assignments +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/index.md b/website/docs/services/apps/index.md new file mode 100644 index 0000000..10bc426 --- /dev/null +++ b/website/docs/services/apps/index.md @@ -0,0 +1,46 @@ +--- +title: apps +hide_title: false +hide_table_of_contents: false +keywords: + - apps + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +apps service documentation. + +:::info[Service Summary] + +total resources: __15__ + +::: + +## Resources +
+
+application_users
+applications
+connection_jwks
+connections
+cross_app_access_connections
+csrs
+features
+federated_claims +
+
+grants
+group_assignments
+jwks
+keys
+push_mappings
+secrets
+tokens +
+
\ No newline at end of file diff --git a/website/docs/services/apps/jwks/index.md b/website/docs/services/apps/jwks/index.md new file mode 100644 index 0000000..bef84d6 --- /dev/null +++ b/website/docs/services/apps/jwks/index.md @@ -0,0 +1,269 @@ +--- +title: jwks +hide_title: false +hide_table_of_contents: false +keywords: + - jwks + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a jwks resource. + +## Overview + + + + +
Namejwks
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + +
NameDatatypeDescription
+ + + + + + + + + + + + + +
NameDatatypeDescription
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all JSON Web Keys for an OAuth 2.0 client app
subdomainRetrieves an OAuth 2.0 Client JSON Web Key by `keyId`.
subdomainAdds a new JSON Web Key to the client`s JSON Web Keys.
> **Note:** This API doesn't allow you to add a key if the existing key doesn't have a `kid`. This is also consistent with how the [Dynamic Client Registration](/openapi/okta-oauth/oauth/tag/Client/) or [Applications](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/) APIs behave, as they don't allow the creation of multiple keys without `kids`. Use the [Replace an Application](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication) or the [Replace a Client Application](/openapi/okta-oauth/oauth/tag/Client/#tag/Client/operation/replaceClient) operation to update the JWKS or [Delete an OAuth 2.0 Client JSON Web Key](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationSSOPublicKeys/#tag/ApplicationSSOPublicKeys/operation/deletejwk) and re-add the key with a `kid`.
subdomainDeletes an OAuth 2.0 Client JSON Web Key by `keyId`. You can only delete an inactive key.
subdomainActivates an OAuth 2.0 Client JSON Web Key by `keyId`
> **Note:** You can have only one active encryption key at any given time for app. When you activate an inactive key, the current active key is automatically deactivated.
subdomainDeactivates an OAuth 2.0 Client JSON Web Key by `keyId`.
> **Note:** You can only deactivate signing keys. Deactivating the active encryption key isn't allowed if the client has ID token encryption enabled. You can activate another encryption key, which makes the current key inactive.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all JSON Web Keys for an OAuth 2.0 client app + +```sql +SELECT +* +FROM okta.apps.jwks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves an OAuth 2.0 Client JSON Web Key by `keyId`. + +```sql +SELECT +* +FROM okta.apps.jwks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Adds a new JSON Web Key to the client`s JSON Web Keys.
> **Note:** This API doesn't allow you to add a key if the existing key doesn't have a `kid`. This is also consistent with how the [Dynamic Client Registration](/openapi/okta-oauth/oauth/tag/Client/) or [Applications](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/) APIs behave, as they don't allow the creation of multiple keys without `kids`. Use the [Replace an Application](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication) or the [Replace a Client Application](/openapi/okta-oauth/oauth/tag/Client/#tag/Client/operation/replaceClient) operation to update the JWKS or [Delete an OAuth 2.0 Client JSON Web Key](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationSSOPublicKeys/#tag/ApplicationSSOPublicKeys/operation/deletejwk) and re-add the key with a `kid`. + +```sql +INSERT INTO okta.apps.jwks ( +subdomain +) +SELECT +'{{ subdomain }}' +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: jwks + props: + - name: subdomain + value: string + description: Required parameter for the jwks resource. +``` + + + + +## `DELETE` examples + + + + +Deletes an OAuth 2.0 Client JSON Web Key by `keyId`. You can only delete an inactive key. + +```sql +DELETE FROM okta.apps.jwks +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates an OAuth 2.0 Client JSON Web Key by `keyId`
> **Note:** You can have only one active encryption key at any given time for app. When you activate an inactive key, the current active key is automatically deactivated. + +```sql +EXEC okta.apps.jwks.activate_oauth2_client_json_web_key +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates an OAuth 2.0 Client JSON Web Key by `keyId`.
> **Note:** You can only deactivate signing keys. Deactivating the active encryption key isn't allowed if the client has ID token encryption enabled. You can activate another encryption key, which makes the current key inactive. + +```sql +EXEC okta.apps.jwks.deactivate_oauth2_client_json_web_key +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/keys/index.md b/website/docs/services/apps/keys/index.md new file mode 100644 index 0000000..7d7c671 --- /dev/null +++ b/website/docs/services/apps/keys/index.md @@ -0,0 +1,374 @@ +--- +title: keys +hide_title: false +hide_table_of_contents: false +keywords: + - keys + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a keys resource. + +## Overview + + + + +
Namekeys
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
stringRSA key value (public exponent) for Key binding
string (date-time)Timestamp when the certificate expires
stringUnique identifier for the certificate
stringCryptographic algorithm family for the certificate's keypair. Valid value: `RSA`
string (date-time)Timestamp when the object was last updated
stringRSA modulus value that is used by both the public and private keys and provides a link between them
stringAcceptable use of the certificate. Valid value: `sig`
arrayX.509 certificate chain that contains a chain of one or more certificates
stringX.509 certificate SHA-256 thumbprint, which is the base64url-encoded SHA-256 thumbprint (digest) of the DER encoding of an X.509 certificate
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
stringRSA key value (public exponent) for Key binding
string (date-time)Timestamp when the certificate expires
stringUnique identifier for the certificate
stringCryptographic algorithm family for the certificate's keypair. Valid value: `RSA`
string (date-time)Timestamp when the object was last updated
stringRSA modulus value that is used by both the public and private keys and provides a link between them
stringAcceptable use of the certificate. Valid value: `sig`
arrayX.509 certificate chain that contains a chain of one or more certificates
stringX.509 certificate SHA-256 thumbprint, which is the base64url-encoded SHA-256 thumbprint (digest) of the DER encoding of an X.509 certificate
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all key credentials for an app
subdomainRetrieves a specific Application Key Credential by `kid`
validityYears, subdomainGenerates a new X.509 certificate for an app key credential
> **Note:** To update an Application with the newly generated key credential, use the [Replace an Application](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication) request with the new [credentials.signing.kid](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials/signing/kid&t=request) value in the request body. You can provide just the [Signing Credential object](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials/signing&t=request) instead of the entire [Application Credential object](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials&t=request).
targetAid, subdomainClones an X.509 certificate for an Application Key Credential from a source app to a target app.

For step-by-step instructions to clone a credential, see [Share application key credentials for IdPs across apps](https://developer.okta.com/docs/guides/sharing-cert/main/).
> **Note:** Sharing certificates isn't a recommended security practice.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringUnique key of the target Application
integerExpiry years of the Application Key Credential
+ +## `SELECT` examples + + + + +Lists all key credentials for an app + +```sql +SELECT +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +FROM okta.apps.keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a specific Application Key Credential by `kid` + +```sql +SELECT +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +FROM okta.apps.keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Generates a new X.509 certificate for an app key credential
> **Note:** To update an Application with the newly generated key credential, use the [Replace an Application](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication) request with the new [credentials.signing.kid](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials/signing/kid&t=request) value in the request body. You can provide just the [Signing Credential object](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials/signing&t=request) instead of the entire [Application Credential object](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/replaceApplication!path=4/credentials&t=request). + +```sql +INSERT INTO okta.apps.keys ( +validityYears, +subdomain +) +SELECT +'{{ validityYears }}', +'{{ subdomain }}' +RETURNING +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: keys + props: + - name: validityYears + value: integer + description: Required parameter for the keys resource. + - name: subdomain + value: string + description: Required parameter for the keys resource. +``` + + + + +## Lifecycle Methods + + + + +Clones an X.509 certificate for an Application Key Credential from a source app to a target app.

For step-by-step instructions to clone a credential, see [Share application key credentials for IdPs across apps](https://developer.okta.com/docs/guides/sharing-cert/main/).
> **Note:** Sharing certificates isn't a recommended security practice. + +```sql +EXEC okta.apps.keys.clone_application_key +@targetAid='{{ targetAid }}' --required, +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/push_mappings/index.md b/website/docs/services/apps/push_mappings/index.md new file mode 100644 index 0000000..f2b0e2e --- /dev/null +++ b/website/docs/services/apps/push_mappings/index.md @@ -0,0 +1,469 @@ +--- +title: push_mappings +hide_title: false +hide_table_of_contents: false +keywords: + - push_mappings + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a push_mappings resource. + +## Overview + + + + +
Namepush_mappings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the group push mapping
objectDiscoverable resources related to the group push mapping
objectAdditional app configuration for group push mappings. Currently only required for Active Directory.
string (date-time)Timestamp when the group push mapping was created
stringThe error message summary if the latest push failed
string (date-time)Timestamp when the group push mapping was pushed
string (date-time)Timestamp when the group push mapping was last updated
stringThe ID of the source group for the group push mapping
stringThe status of the group push mapping
stringThe ID of the target group for the group push mapping
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the group push mapping
objectDiscoverable resources related to the group push mapping
objectAdditional app configuration for group push mappings. Currently only required for Active Directory.
string (date-time)Timestamp when the group push mapping was created
stringThe error message summary if the latest push failed
string (date-time)Timestamp when the group push mapping was pushed
string (date-time)Timestamp when the group push mapping was last updated
stringThe ID of the source group for the group push mapping
stringThe status of the group push mapping
stringThe ID of the target group for the group push mapping
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limit, lastUpdated, sourceGroupId, statusLists all group push mappings with pagination support
subdomainRetrieves a group push mapping by ID
subdomainCreates or links a group push mapping.

**Note:** Either `targetGroupId` or `targetGroupName` must be provided, but not both. If `targetGroupId` is provided, it links to an existing group. If `targetGroupName` is provided, it creates a new group.
subdomainUpdates the status of a group push mapping
deleteTargetGroup, subdomainDeletes a specific group push mapping. The group push mapping must be in an `INACTIVE` state.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
booleanIf set to `true`, the target group is also deleted. If set to `false`, the target group isn't deleted.
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of mappings
stringFilters group push mappings by last updated date. The `lastUpdated` parameter supports the following format: `YYYY-MM-DDTHH:mm:ssZ`. This filters mappings updated on or after the specified date and time in UTC. If you don't specify a value, all group push mappings are returned.
integer (int32)Specifies the number of results returned
stringFilters group push mappings by source group ID. If you don't specify a value, all group push mappings are returned.
stringFilters group push mappings by status. If you don't specify a value, all group push mappings are returned.
+ +## `SELECT` examples + + + + +Lists all group push mappings with pagination support + +```sql +SELECT +id, +_links, +appConfig, +created, +errorSummary, +lastPush, +lastUpdated, +sourceGroupId, +status, +targetGroupId +FROM okta.apps.push_mappings +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND lastUpdated = '{{ lastUpdated }}' +AND sourceGroupId = '{{ sourceGroupId }}' +AND status = '{{ status }}'; +``` + + + +Retrieves a group push mapping by ID + +```sql +SELECT +id, +_links, +appConfig, +created, +errorSummary, +lastPush, +lastUpdated, +sourceGroupId, +status, +targetGroupId +FROM okta.apps.push_mappings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates or links a group push mapping.

**Note:** Either `targetGroupId` or `targetGroupName` must be provided, but not both. If `targetGroupId` is provided, it links to an existing group. If `targetGroupName` is provided, it creates a new group. + +```sql +INSERT INTO okta.apps.push_mappings ( +data__appConfig, +data__sourceGroupId, +data__status, +data__targetGroupId, +data__targetGroupName, +subdomain +) +SELECT +'{{ appConfig }}', +'{{ sourceGroupId }}' --required, +'{{ status }}', +'{{ targetGroupId }}', +'{{ targetGroupName }}', +'{{ subdomain }}' +RETURNING +id, +_links, +appConfig, +created, +errorSummary, +lastPush, +lastUpdated, +sourceGroupId, +status, +targetGroupId +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: push_mappings + props: + - name: subdomain + value: string + description: Required parameter for the push_mappings resource. + - name: appConfig + value: object + description: > + Additional app configuration for group push mappings. Currently only required for Active Directory. + + - name: sourceGroupId + value: string + description: > + The ID of the source group for the group push mapping + + - name: status + value: string + description: > + The status of the group push mapping + + valid_values: ['ACTIVE', 'INACTIVE'] + default: ACTIVE + - name: targetGroupId + value: string + description: > + The ID of the existing target group for the group push mapping. This is used to link to an existing group. Required if `targetGroupName` is not provided. + + - name: targetGroupName + value: string + description: > + The name of the target group for the group push mapping. This is used when creating a new downstream group. If the group already exists, it links to the existing group. Required if `targetGroupId` is not provided. + +``` + + + + +## `UPDATE` examples + + + + +Updates the status of a group push mapping + +```sql +UPDATE okta.apps.push_mappings +SET +data__status = '{{ status }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__status = '{{ status }}' --required +RETURNING +id, +_links, +appConfig, +created, +errorSummary, +lastPush, +lastUpdated, +sourceGroupId, +status, +targetGroupId; +``` + + + + +## `DELETE` examples + + + + +Deletes a specific group push mapping. The group push mapping must be in an `INACTIVE` state. + +```sql +DELETE FROM okta.apps.push_mappings +WHERE deleteTargetGroup = '{{ deleteTargetGroup }}' --required +AND subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/secrets/index.md b/website/docs/services/apps/secrets/index.md new file mode 100644 index 0000000..13b9457 --- /dev/null +++ b/website/docs/services/apps/secrets/index.md @@ -0,0 +1,374 @@ +--- +title: secrets +hide_title: false +hide_table_of_contents: false +keywords: + - secrets + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a secrets resource. + +## Overview + + + + +
Namesecrets
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique ID of the OAuth Client Secret (example: ocs2f4zrZbs8nUa7p0g4)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe OAuth 2.0 client secret string (example: DRUFXGF9XbLn......a3x3POBiIxDreBCdZuFs5B)
stringTimestamp when the OAuth Client 2.0 Secret was created (example: 2023-02-21T20:08:24.000Z)
stringTimestamp when the OAuth Client 2.0 Secret was updated (example: 2023-02-21T20:08:24.000Z)
stringOAuth 2.0 client secret string hash (example: yk4SVx4sUWVJVbHt6M-UPA)
stringStatus of the OAuth 2.0 Client Secret (example: ACTIVE, default: ACTIVE)
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique ID of the OAuth Client Secret (example: ocs2f4zrZbs8nUa7p0g4)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe OAuth 2.0 client secret string (example: DRUFXGF9XbLn......a3x3POBiIxDreBCdZuFs5B)
stringTimestamp when the OAuth Client 2.0 Secret was created (example: 2023-02-21T20:08:24.000Z)
stringTimestamp when the OAuth Client 2.0 Secret was updated (example: 2023-02-21T20:08:24.000Z)
stringOAuth 2.0 client secret string hash (example: yk4SVx4sUWVJVbHt6M-UPA)
stringStatus of the OAuth 2.0 Client Secret (example: ACTIVE, default: ACTIVE)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all client secrets for an OAuth 2.0 client app
subdomainRetrieves an OAuth 2.0 Client Secret by `secretId`
subdomainCreates an OAuth 2.0 Client Secret object with a new active client secret. You can create up to two Secret objects. An error is returned if you attempt to create more than two Secret objects.
> **Note:** This API lets you bring your own secret. If [token_endpoint_auth_method](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=4/credentials/oauthClient/token_endpoint_auth_method&t=request) of the app is `client_secret_jwt`, then the minimum length of `client_secret` is 32 characters. If no secret is specified in the request, Okta adds a new system-generated secret.
subdomainDeletes an OAuth 2.0 Client Secret by `secretId`. You can only delete an inactive Secret.
subdomainActivates an OAuth 2.0 Client Secret by `secretId`
subdomainDeactivates an OAuth 2.0 Client Secret by `secretId`. You can't deactivate a secret if it's the only secret of the client.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all client secrets for an OAuth 2.0 client app + +```sql +SELECT +id, +_links, +client_secret, +created, +lastUpdated, +secret_hash, +status +FROM okta.apps.secrets +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves an OAuth 2.0 Client Secret by `secretId` + +```sql +SELECT +id, +_links, +client_secret, +created, +lastUpdated, +secret_hash, +status +FROM okta.apps.secrets +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates an OAuth 2.0 Client Secret object with a new active client secret. You can create up to two Secret objects. An error is returned if you attempt to create more than two Secret objects.
> **Note:** This API lets you bring your own secret. If [token_endpoint_auth_method](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/createApplication!path=4/credentials/oauthClient/token_endpoint_auth_method&t=request) of the app is `client_secret_jwt`, then the minimum length of `client_secret` is 32 characters. If no secret is specified in the request, Okta adds a new system-generated secret. + +```sql +INSERT INTO okta.apps.secrets ( +data__client_secret, +data__status, +subdomain +) +SELECT +'{{ client_secret }}', +'{{ status }}', +'{{ subdomain }}' +RETURNING +id, +_links, +client_secret, +created, +lastUpdated, +secret_hash, +status +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: secrets + props: + - name: subdomain + value: string + description: Required parameter for the secrets resource. + - name: client_secret + value: string + description: > + The OAuth 2.0 client secret string + + - name: status + value: string + description: > + Status of the OAuth 2.0 Client Secret + + valid_values: ['ACTIVE', 'INACTIVE'] +``` + + + + +## `DELETE` examples + + + + +Deletes an OAuth 2.0 Client Secret by `secretId`. You can only delete an inactive Secret. + +```sql +DELETE FROM okta.apps.secrets +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates an OAuth 2.0 Client Secret by `secretId` + +```sql +EXEC okta.apps.secrets.activate_oauth2_client_secret +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates an OAuth 2.0 Client Secret by `secretId`. You can't deactivate a secret if it's the only secret of the client. + +```sql +EXEC okta.apps.secrets.deactivate_oauth2_client_secret +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/apps/tokens/index.md b/website/docs/services/apps/tokens/index.md new file mode 100644 index 0000000..8db8342 --- /dev/null +++ b/website/docs/services/apps/tokens/index.md @@ -0,0 +1,352 @@ +--- +title: tokens +hide_title: false +hide_table_of_contents: false +keywords: + - tokens + - apps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a tokens resource. + +## Overview + + + + +
Nametokens
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Token object (example: oar579Mcp7OUsNTlo0g3)
objectThe embedded resources related to the object if the `expand` query parameter is specified
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringClient ID
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
string (date-time)Expiration time of the OAuth 2.0 Token
stringThe complete URL of the authorization server that issued the Token (example: https://{yourOktaDomain}/oauth2/ausain6z9zIedDCxB0h7)
string (date-time)Timestamp when the object was last updated
arrayThe scope names attached to the Token
stringStatus (example: ACTIVE)
stringThe ID of the user associated with the Token (example: 00u5t60iloOHN9pBi0h7)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Token object (example: oar579Mcp7OUsNTlo0g3)
objectThe embedded resources related to the object if the `expand` query parameter is specified
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringClient ID
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
string (date-time)Expiration time of the OAuth 2.0 Token
stringThe complete URL of the authorization server that issued the Token (example: https://{yourOktaDomain}/oauth2/ausain6z9zIedDCxB0h7)
string (date-time)Timestamp when the object was last updated
arrayThe scope names attached to the Token
stringStatus (example: ACTIVE)
stringThe ID of the user associated with the Token (example: 00u5t60iloOHN9pBi0h7)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainexpand, after, limitLists all refresh tokens for an app

> **Note:** The results are [paginated]https://developer.okta.com/docs/api#pagination according to the `limit` parameter.
> If there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it).
subdomainexpandRetrieves a refresh token for the specified app
subdomainRevokes all OAuth 2.0 refresh tokens for the specified app. Any access tokens issued with these refresh tokens are also revoked, but access tokens issued without a refresh token aren't affected.
subdomainRevokes the specified token for the specified app
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination]https://developer.okta.com/docs/api#pagination.
stringAn optional parameter to return scope details in the `_embedded` property. Valid value: `scope`
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all refresh tokens for an app

> **Note:** The results are [paginated]https://developer.okta.com/docs/api#pagination according to the `limit` parameter.
> If there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it).
+ +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +expiresAt, +issuer, +lastUpdated, +scopes, +status, +userId +FROM okta.apps.tokens +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + +Retrieves a refresh token for the specified app + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +expiresAt, +issuer, +lastUpdated, +scopes, +status, +userId +FROM okta.apps.tokens +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + + +## `DELETE` examples + + + + +Revokes all OAuth 2.0 refresh tokens for the specified app. Any access tokens issued with these refresh tokens are also revoked, but access tokens issued without a refresh token aren't affected. + +```sql +DELETE FROM okta.apps.tokens +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + +Revokes the specified token for the specified app + +```sql +DELETE FROM okta.apps.tokens +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/attack_protection/authenticator_settings/index.md b/website/docs/services/attack_protection/authenticator_settings/index.md new file mode 100644 index 0000000..0ca1627 --- /dev/null +++ b/website/docs/services/attack_protection/authenticator_settings/index.md @@ -0,0 +1,158 @@ +--- +title: authenticator_settings +hide_title: false +hide_table_of_contents: false +keywords: + - authenticator_settings + - attack_protection + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an authenticator_settings resource. + +## Overview + + + + +
Nameauthenticator_settings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
booleanIf true, requires users to verify a possession factor before verifying a knowledge factor when the assurance requires two-factor authentication (2FA).
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the Authenticator Settings for an org
subdomainReplaces the Authenticator Settings for an org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the Authenticator Settings for an org + +```sql +SELECT +verifyKnowledgeSecondWhen2faRequired +FROM okta.attack_protection.authenticator_settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the Authenticator Settings for an org + +```sql +REPLACE okta.attack_protection.authenticator_settings +SET +data__verifyKnowledgeSecondWhen2faRequired = {{ verifyKnowledgeSecondWhen2faRequired }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +verifyKnowledgeSecondWhen2faRequired; +``` + + diff --git a/website/docs/services/attack_protection/index.md b/website/docs/services/attack_protection/index.md new file mode 100644 index 0000000..bfacd8f --- /dev/null +++ b/website/docs/services/attack_protection/index.md @@ -0,0 +1,33 @@ +--- +title: attack_protection +hide_title: false +hide_table_of_contents: false +keywords: + - attack_protection + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +attack_protection service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +
+
+authenticator_settings +
+
+lockout_settings +
+
\ No newline at end of file diff --git a/website/docs/services/attack_protection/lockout_settings/index.md b/website/docs/services/attack_protection/lockout_settings/index.md new file mode 100644 index 0000000..794e47e --- /dev/null +++ b/website/docs/services/attack_protection/lockout_settings/index.md @@ -0,0 +1,158 @@ +--- +title: lockout_settings +hide_title: false +hide_table_of_contents: false +keywords: + - lockout_settings + - attack_protection + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a lockout_settings resource. + +## Overview + + + + +
Namelockout_settings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
booleanPrevents brute-force lockout from unknown devices for the password authenticator.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the User Lockout Settings for an org
subdomainReplaces the User Lockout Settings for an org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the User Lockout Settings for an org + +```sql +SELECT +preventBruteForceLockoutFromUnknownDevices +FROM okta.attack_protection.lockout_settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the User Lockout Settings for an org + +```sql +REPLACE okta.attack_protection.lockout_settings +SET +data__preventBruteForceLockoutFromUnknownDevices = {{ preventBruteForceLockoutFromUnknownDevices }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +preventBruteForceLockoutFromUnknownDevices; +``` + + diff --git a/website/docs/services/authenticators/authenticator_methods/index.md b/website/docs/services/authenticators/authenticator_methods/index.md new file mode 100644 index 0000000..d9c40ba --- /dev/null +++ b/website/docs/services/authenticators/authenticator_methods/index.md @@ -0,0 +1,272 @@ +--- +title: authenticator_methods +hide_title: false +hide_table_of_contents: false +keywords: + - authenticator_methods + - authenticators + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an authenticator_methods resource. + +## Overview + + + + +
Nameauthenticator_methods
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe status of the authenticator method
stringThe type of authenticator method
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe status of the authenticator method
stringThe type of authenticator method
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all methods of an authenticator identified by `authenticatorId`
subdomainRetrieves a method identified by `methodType` of an authenticator identified by `authenticatorId`
subdomainReplaces a method of `methodType` for an authenticator identified by `authenticatorId`
subdomainActivates a method for an authenticator identified by `authenticatorId` and `methodType`
subdomainDeactivates a method for an authenticator identified by `authenticatorId` and `methodType`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all methods of an authenticator identified by `authenticatorId` + +```sql +SELECT +_links, +status, +type +FROM okta.authenticators.authenticator_methods +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a method identified by `methodType` of an authenticator identified by `authenticatorId` + +```sql +SELECT +_links, +status, +type +FROM okta.authenticators.authenticator_methods +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces a method of `methodType` for an authenticator identified by `authenticatorId` + +```sql +REPLACE okta.authenticators.authenticator_methods +SET +data__status = '{{ status }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +_links, +status, +type; +``` + + + + +## Lifecycle Methods + + + + +Activates a method for an authenticator identified by `authenticatorId` and `methodType` + +```sql +EXEC okta.authenticators.authenticator_methods.activate_authenticator_method +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates a method for an authenticator identified by `authenticatorId` and `methodType` + +```sql +EXEC okta.authenticators.authenticator_methods.deactivate_authenticator_method +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authenticators/authenticators/index.md b/website/docs/services/authenticators/authenticators/index.md new file mode 100644 index 0000000..afe6a7a --- /dev/null +++ b/website/docs/services/authenticators/authenticators/index.md @@ -0,0 +1,365 @@ +--- +title: authenticators +hide_title: false +hide_table_of_contents: false +keywords: + - authenticators + - authenticators + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an authenticators resource. + +## Overview + + + + +
Nameauthenticators
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringA unique identifier for the authenticator
stringDisplay name of the authenticator
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the authenticator was created
stringA human-readable string that identifies the authenticator
string (date-time)Timestamp when the authenticator was last modified
stringStatus of the authenticator
stringThe type of authenticator
+ + + + + + + + + + + + + +
NameDatatypeDescription
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all authenticators
subdomainRetrieves an authenticator from your Okta organization by `authenticatorId`
subdomainactivateCreates an authenticator
subdomainReplaces the properties for an authenticator identified by `authenticatorId`
subdomainActivates an authenticator by `authenticatorId`
subdomainDeactivates an authenticator by `authenticatorId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
booleanWhether to execute the activation lifecycle operation when Okta creates the authenticator
+ +## `SELECT` examples + + + + +Lists all authenticators + +```sql +SELECT +id, +name, +_links, +created, +key, +lastUpdated, +status, +type +FROM okta.authenticators.authenticators +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves an authenticator from your Okta organization by `authenticatorId` + +```sql +SELECT +* +FROM okta.authenticators.authenticators +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates an authenticator + +```sql +INSERT INTO okta.authenticators.authenticators ( +data__key, +data__name, +data__status, +data__type, +subdomain, +activate +) +SELECT +'{{ key }}', +'{{ name }}', +'{{ status }}', +'{{ type }}', +'{{ subdomain }}', +'{{ activate }}' +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: authenticators + props: + - name: subdomain + value: string + description: Required parameter for the authenticators resource. + - name: key + value: string + description: > + A human-readable string that identifies the authenticator + + valid_values: ['custom_app', 'duo', 'external_idp', 'google_otp', 'okta_email', 'okta_password', 'okta_verify', 'onprem_mfa', 'phone_number', 'security_key', 'security_question', 'smart_card_idp', 'symantec_vip', 'webauthn', 'yubikey_token', 'tac'] + - name: name + value: string + description: > + Display name of the authenticator + + - name: status + value: string + description: > + Status of the authenticator + + valid_values: ['ACTIVE', 'INACTIVE'] + - name: type + value: string + description: > + The type of authenticator + + valid_values: ['app', 'email', 'federated', 'password', 'phone', 'security_key', 'security_question', 'tac'] + - name: activate + value: boolean + description: Whether to execute the activation lifecycle operation when Okta creates the authenticator +``` + + + + +## `REPLACE` examples + + + + +Replaces the properties for an authenticator identified by `authenticatorId` + +```sql +REPLACE okta.authenticators.authenticators +SET +data__key = '{{ key }}', +data__name = '{{ name }}', +data__status = '{{ status }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates an authenticator by `authenticatorId` + +```sql +EXEC okta.authenticators.authenticators.activate_authenticator +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates an authenticator by `authenticatorId` + +```sql +EXEC okta.authenticators.authenticators.deactivate_authenticator +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authenticators/custom_aaguids/index.md b/website/docs/services/authenticators/custom_aaguids/index.md new file mode 100644 index 0000000..1706e58 --- /dev/null +++ b/website/docs/services/authenticators/custom_aaguids/index.md @@ -0,0 +1,390 @@ +--- +title: custom_aaguids +hide_title: false +hide_table_of_contents: false +keywords: + - custom_aaguids + - authenticators + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a custom_aaguids resource. + +## Overview + + + + +
Namecustom_aaguids
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe product name associated with the AAGUID
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringA unique 128-bit identifier that's assigned to a specific model of security key or authenticator
array
objectContains additional properties about custom AAGUID.
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe product name associated with the AAGUID
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringA unique 128-bit identifier that's assigned to a specific model of security key or authenticator
array
objectContains additional properties about custom AAGUID.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all custom Authenticator Attestation Global Unique Identifiers (AAGUIDs) in the org

Only custom AAGUIDs that an admin has created are returned.
subdomainRetrieves a custom AAGUID
subdomainCreates a custom AAGUID for the WebAuthn authenticator
subdomainUpdates the properties of a custom AAGUID by the `authenticatorId` and `aaguid` ID
subdomainReplaces a custom AAGUID for the specified WebAuthn authenticator
subdomainDeletes a custom AAGUID

You can only delete custom AAGUIDs that an admin has created.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all custom Authenticator Attestation Global Unique Identifiers (AAGUIDs) in the org

Only custom AAGUIDs that an admin has created are returned. + +```sql +SELECT +name, +_links, +aaguid, +attestationRootCertificates, +authenticatorCharacteristics +FROM okta.authenticators.custom_aaguids +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a custom AAGUID + +```sql +SELECT +name, +_links, +aaguid, +attestationRootCertificates, +authenticatorCharacteristics +FROM okta.authenticators.custom_aaguids +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a custom AAGUID for the WebAuthn authenticator + +```sql +INSERT INTO okta.authenticators.custom_aaguids ( +data__aaguid, +data__attestationRootCertificates, +data__authenticatorCharacteristics, +subdomain +) +SELECT +'{{ aaguid }}', +'{{ attestationRootCertificates }}', +'{{ authenticatorCharacteristics }}', +'{{ subdomain }}' +RETURNING +name, +_links, +aaguid, +attestationRootCertificates, +authenticatorCharacteristics +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: custom_aaguids + props: + - name: subdomain + value: string + description: Required parameter for the custom_aaguids resource. + - name: aaguid + value: string + description: > + An Authenticator Attestation Global Unique Identifier (AAGUID) is a 128-bit identifier indicating the model. + + - name: attestationRootCertificates + value: array + description: > + Contains the certificate and information about it + + - name: authenticatorCharacteristics + value: object + description: > + Contains additional properties about custom AAGUID. + +``` + + + + +## `UPDATE` examples + + + + +Updates the properties of a custom AAGUID by the `authenticatorId` and `aaguid` ID + +```sql +UPDATE okta.authenticators.custom_aaguids +SET +data__attestationRootCertificates = '{{ attestationRootCertificates }}', +data__authenticatorCharacteristics = '{{ authenticatorCharacteristics }}', +data__name = '{{ name }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +name, +_links, +aaguid, +attestationRootCertificates, +authenticatorCharacteristics; +``` + + + + +## `REPLACE` examples + + + + +Replaces a custom AAGUID for the specified WebAuthn authenticator + +```sql +REPLACE okta.authenticators.custom_aaguids +SET +data__attestationRootCertificates = '{{ attestationRootCertificates }}', +data__authenticatorCharacteristics = '{{ authenticatorCharacteristics }}', +data__name = '{{ name }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +name, +_links, +aaguid, +attestationRootCertificates, +authenticatorCharacteristics; +``` + + + + +## `DELETE` examples + + + + +Deletes a custom AAGUID

You can only delete custom AAGUIDs that an admin has created. + +```sql +DELETE FROM okta.authenticators.custom_aaguids +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authenticators/index.md b/website/docs/services/authenticators/index.md new file mode 100644 index 0000000..4f0b442 --- /dev/null +++ b/website/docs/services/authenticators/index.md @@ -0,0 +1,34 @@ +--- +title: authenticators +hide_title: false +hide_table_of_contents: false +keywords: + - authenticators + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +authenticators service documentation. + +:::info[Service Summary] + +total resources: __3__ + +::: + +## Resources +
+
+authenticator_methods
+authenticators +
+
+custom_aaguids +
+
\ No newline at end of file diff --git a/website/docs/services/authorizationservers/associated_servers/index.md b/website/docs/services/authorizationservers/associated_servers/index.md new file mode 100644 index 0000000..25548ad --- /dev/null +++ b/website/docs/services/authorizationservers/associated_servers/index.md @@ -0,0 +1,322 @@ +--- +title: associated_servers +hide_title: false +hide_table_of_contents: false +keywords: + - associated_servers + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an associated_servers resource. + +## Overview + + + + +
Nameassociated_servers
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the custom authorization server
stringThe name of the custom authorization server
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>The algorithm for encrypting access tokens issued by this authorization server. If this is requested, the response is signed, and then encrypted. The result is a nested JWT. The default, if omitted, is that no encryption is performed.
arrayThe recipients that the tokens are intended for. This becomes the `aud` claim in an access token. Okta currently supports only one audience.
string (date-time)
object
stringThe description of the custom authorization server
stringThe complete URL for the custom authorization server. This becomes the `iss` claim in an access token.
stringIndicates which value is specified in the issuer of the tokens that a custom authorization server returns: the Okta org domain URL or a custom domain URL. `issuerMode` is visible if you have a custom URL domain configured or the Dynamic Issuer Mode feature enabled. If you have a custom URL domain configured, you can set a custom domain URL in a custom authorization server, and this property is returned in the appropriate responses. When set to `ORG_URL`, then in responses, `issuer` is the Okta org domain URL: `https://${yourOktaDomain}`. When set to `CUSTOM_URL`, then in responses, `issuer` is the custom domain URL configured in the administration user interface. When set to `DYNAMIC`, then in responses, `issuer` is the custom domain URL if the OAuth 2.0 request was sent to the custom domain, or is the Okta org's domain URL if the OAuth 2.0 request was sent to the original Okta org domain. After you configure a custom URL domain, all new custom authorization servers use `CUSTOM_URL` by default. If the Dynamic Issuer Mode feature is enabled, then all new custom authorization servers use `DYNAMIC` by default. All existing custom authorization servers continue to use the original value until they're changed using the Admin Console or the API. This way, existing integrations with the client and resource server continue to work after the feature is enabled.
object<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>A [JSON Web Key Set](https://tools.ietf.org/html/rfc7517#section-5) for encrypting JWTs minted by the custom authorization server
string<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>URL string that references a JSON Web Key Set for encrypting JWTs minted by the custom authorization server
string (date-time)
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomaintrusted, q, limit, afterLists all associated Authorization Servers by trusted type for the given `authServerId`
subdomainCreates trusted relationships between the given authorization server and other authorization servers
subdomainDeletes an associated Authorization Server
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of the associated authorization servers
integer (int32)Specifies the number of results for a page
stringSearches for the name or audience of the associated authorization servers (example: customasone)
booleanSearches trusted authorization servers when `true` or searches untrusted authorization servers when `false`
+ +## `SELECT` examples + + + + +Lists all associated Authorization Servers by trusted type for the given `authServerId` + +```sql +SELECT +id, +name, +_links, +accessTokenEncryptedResponseAlgorithm, +audiences, +created, +credentials, +description, +issuer, +issuerMode, +jwks, +jwks_uri, +lastUpdated, +status +FROM okta.authorizationservers.associated_servers +WHERE subdomain = '{{ subdomain }}' -- required +AND trusted = '{{ trusted }}' +AND q = '{{ q }}' +AND limit = '{{ limit }}' +AND after = '{{ after }}'; +``` + + + + +## `INSERT` examples + + + + +Creates trusted relationships between the given authorization server and other authorization servers + +```sql +INSERT INTO okta.authorizationservers.associated_servers ( +data__trusted, +subdomain +) +SELECT +'{{ trusted }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +accessTokenEncryptedResponseAlgorithm, +audiences, +created, +credentials, +description, +issuer, +issuerMode, +jwks, +jwks_uri, +lastUpdated, +status +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: associated_servers + props: + - name: subdomain + value: string + description: Required parameter for the associated_servers resource. + - name: trusted + value: array + description: > + A list of the authorization server IDs + +``` + + + + +## `DELETE` examples + + + + +Deletes an associated Authorization Server + +```sql +DELETE FROM okta.authorizationservers.associated_servers +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authorizationservers/authorization_servers/index.md b/website/docs/services/authorizationservers/authorization_servers/index.md new file mode 100644 index 0000000..143a3bb --- /dev/null +++ b/website/docs/services/authorizationservers/authorization_servers/index.md @@ -0,0 +1,602 @@ +--- +title: authorization_servers +hide_title: false +hide_table_of_contents: false +keywords: + - authorization_servers + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an authorization_servers resource. + +## Overview + + + + +
Nameauthorization_servers
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the custom authorization server
stringThe name of the custom authorization server
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>The algorithm for encrypting access tokens issued by this authorization server. If this is requested, the response is signed, and then encrypted. The result is a nested JWT. The default, if omitted, is that no encryption is performed.
arrayThe recipients that the tokens are intended for. This becomes the `aud` claim in an access token. Okta currently supports only one audience.
string (date-time)
object
stringThe description of the custom authorization server
stringThe complete URL for the custom authorization server. This becomes the `iss` claim in an access token.
stringIndicates which value is specified in the issuer of the tokens that a custom authorization server returns: the Okta org domain URL or a custom domain URL. `issuerMode` is visible if you have a custom URL domain configured or the Dynamic Issuer Mode feature enabled. If you have a custom URL domain configured, you can set a custom domain URL in a custom authorization server, and this property is returned in the appropriate responses. When set to `ORG_URL`, then in responses, `issuer` is the Okta org domain URL: `https://${yourOktaDomain}`. When set to `CUSTOM_URL`, then in responses, `issuer` is the custom domain URL configured in the administration user interface. When set to `DYNAMIC`, then in responses, `issuer` is the custom domain URL if the OAuth 2.0 request was sent to the custom domain, or is the Okta org's domain URL if the OAuth 2.0 request was sent to the original Okta org domain. After you configure a custom URL domain, all new custom authorization servers use `CUSTOM_URL` by default. If the Dynamic Issuer Mode feature is enabled, then all new custom authorization servers use `DYNAMIC` by default. All existing custom authorization servers continue to use the original value until they're changed using the Admin Console or the API. This way, existing integrations with the client and resource server continue to work after the feature is enabled.
object<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>A [JSON Web Key Set](https://tools.ietf.org/html/rfc7517#section-5) for encrypting JWTs minted by the custom authorization server
string<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>URL string that references a JSON Web Key Set for encrypting JWTs minted by the custom authorization server
string (date-time)
string
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the custom authorization server
stringThe name of the custom authorization server
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>The algorithm for encrypting access tokens issued by this authorization server. If this is requested, the response is signed, and then encrypted. The result is a nested JWT. The default, if omitted, is that no encryption is performed.
arrayThe recipients that the tokens are intended for. This becomes the `aud` claim in an access token. Okta currently supports only one audience.
string (date-time)
object
stringThe description of the custom authorization server
stringThe complete URL for the custom authorization server. This becomes the `iss` claim in an access token.
stringIndicates which value is specified in the issuer of the tokens that a custom authorization server returns: the Okta org domain URL or a custom domain URL. `issuerMode` is visible if you have a custom URL domain configured or the Dynamic Issuer Mode feature enabled. If you have a custom URL domain configured, you can set a custom domain URL in a custom authorization server, and this property is returned in the appropriate responses. When set to `ORG_URL`, then in responses, `issuer` is the Okta org domain URL: `https://${yourOktaDomain}`. When set to `CUSTOM_URL`, then in responses, `issuer` is the custom domain URL configured in the administration user interface. When set to `DYNAMIC`, then in responses, `issuer` is the custom domain URL if the OAuth 2.0 request was sent to the custom domain, or is the Okta org's domain URL if the OAuth 2.0 request was sent to the original Okta org domain. After you configure a custom URL domain, all new custom authorization servers use `CUSTOM_URL` by default. If the Dynamic Issuer Mode feature is enabled, then all new custom authorization servers use `DYNAMIC` by default. All existing custom authorization servers continue to use the original value until they're changed using the Admin Console or the API. This way, existing integrations with the client and resource server continue to work after the feature is enabled.
object<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>A [JSON Web Key Set](https://tools.ietf.org/html/rfc7517#section-5) for encrypting JWTs minted by the custom authorization server
string<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>URL string that references a JSON Web Key Set for encrypting JWTs minted by the custom authorization server
string (date-time)
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainq, limit, afterLists all custom authorization servers in the org
subdomainRetrieves an authorization server
subdomainCreates an authorization server
subdomainReplaces an authorization server
subdomainDeletes an authorization server
subdomainActivates an authorization server
subdomainDeactivates an authorization server
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of authorization servers. Treat as an opaque value and obtain through the next link relationship.
integer (int32)Specifies the number of authorization server results on a page. Maximum value: 200
stringSearches the `name` and `audiences` of authorization servers for matching values (example: customasone)
+ +## `SELECT` examples + + + + +Lists all custom authorization servers in the org + +```sql +SELECT +id, +name, +_links, +accessTokenEncryptedResponseAlgorithm, +audiences, +created, +credentials, +description, +issuer, +issuerMode, +jwks, +jwks_uri, +lastUpdated, +status +FROM okta.authorizationservers.authorization_servers +WHERE subdomain = '{{ subdomain }}' -- required +AND q = '{{ q }}' +AND limit = '{{ limit }}' +AND after = '{{ after }}'; +``` + + + +Retrieves an authorization server + +```sql +SELECT +id, +name, +_links, +accessTokenEncryptedResponseAlgorithm, +audiences, +created, +credentials, +description, +issuer, +issuerMode, +jwks, +jwks_uri, +lastUpdated, +status +FROM okta.authorizationservers.authorization_servers +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates an authorization server + +```sql +INSERT INTO okta.authorizationservers.authorization_servers ( +data__accessTokenEncryptedResponseAlgorithm, +data__audiences, +data__credentials, +data__description, +data__issuer, +data__issuerMode, +data__jwks, +data__jwks_uri, +data__name, +data__status, +subdomain +) +SELECT +'{{ accessTokenEncryptedResponseAlgorithm }}', +'{{ audiences }}', +'{{ credentials }}', +'{{ description }}', +'{{ issuer }}', +'{{ issuerMode }}', +'{{ jwks }}', +'{{ jwks_uri }}', +'{{ name }}', +'{{ status }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +accessTokenEncryptedResponseAlgorithm, +audiences, +created, +credentials, +description, +issuer, +issuerMode, +jwks, +jwks_uri, +lastUpdated, +status +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: authorization_servers + props: + - name: subdomain + value: string + description: Required parameter for the authorization_servers resource. + - name: accessTokenEncryptedResponseAlgorithm + value: string + description: > + The algorithm for encrypting access tokens issued by this authorization server. If this is requested, the response is signed, and then encrypted. The result is a nested JWT. The default, if omitted, is that no encryption is performed. + + valid_values: ['RSA-OAEP-256', 'RSA-OAEP-384', 'RSA-OAEP-512'] + - name: audiences + value: array + description: > + The recipients that the tokens are intended for. This becomes the `aud` claim in an access token. Okta currently supports only one audience. + + - name: credentials + value: object + - name: description + value: string + description: > + The description of the custom authorization server + + - name: issuer + value: string + description: > + The complete URL for the custom authorization server. This becomes the `iss` claim in an access token. + + - name: issuerMode + value: string + description: > + Indicates which value is specified in the issuer of the tokens that a custom authorization server returns: the Okta org domain URL or a custom domain URL. + +`issuerMode` is visible if you have a custom URL domain configured or the Dynamic Issuer Mode feature enabled. If you have a custom URL domain configured, you can set a custom domain URL in a custom authorization server, and this property is returned in the appropriate responses. + +When set to `ORG_URL`, then in responses, `issuer` is the Okta org domain URL: `https://${yourOktaDomain}`. + +When set to `CUSTOM_URL`, then in responses, `issuer` is the custom domain URL configured in the administration user interface. + +When set to `DYNAMIC`, then in responses, `issuer` is the custom domain URL if the OAuth 2.0 request was sent to the custom domain, or is the Okta org's domain URL if the OAuth 2.0 request was sent to the original Okta org domain. + +After you configure a custom URL domain, all new custom authorization servers use `CUSTOM_URL` by default. If the Dynamic Issuer Mode feature is enabled, then all new custom authorization servers use `DYNAMIC` by default. All existing custom authorization servers continue to use the original value until they're changed using the Admin Console or the API. This way, existing integrations with the client and resource server continue to work after the feature is enabled. + + - name: jwks + value: object + description: > + A [JSON Web Key Set](https://tools.ietf.org/html/rfc7517#section-5) for encrypting JWTs minted by the custom authorization server + + - name: jwks_uri + value: string + description: > + URL string that references a JSON Web Key Set for encrypting JWTs minted by the custom authorization server + + - name: name + value: string + description: > + The name of the custom authorization server + + - name: status + value: string + valid_values: ['ACTIVE', 'INACTIVE'] +``` + + + + +## `REPLACE` examples + + + + +Replaces an authorization server + +```sql +REPLACE okta.authorizationservers.authorization_servers +SET +data__accessTokenEncryptedResponseAlgorithm = '{{ accessTokenEncryptedResponseAlgorithm }}', +data__audiences = '{{ audiences }}', +data__credentials = '{{ credentials }}', +data__description = '{{ description }}', +data__issuer = '{{ issuer }}', +data__issuerMode = '{{ issuerMode }}', +data__jwks = '{{ jwks }}', +data__jwks_uri = '{{ jwks_uri }}', +data__name = '{{ name }}', +data__status = '{{ status }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +accessTokenEncryptedResponseAlgorithm, +audiences, +created, +credentials, +description, +issuer, +issuerMode, +jwks, +jwks_uri, +lastUpdated, +status; +``` + + + + +## `DELETE` examples + + + + +Deletes an authorization server + +```sql +DELETE FROM okta.authorizationservers.authorization_servers +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates an authorization server + +```sql +EXEC okta.authorizationservers.authorization_servers.activate_authorization_server +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates an authorization server + +```sql +EXEC okta.authorizationservers.authorization_servers.deactivate_authorization_server +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authorizationservers/claims/index.md b/website/docs/services/authorizationservers/claims/index.md new file mode 100644 index 0000000..2cd6905 --- /dev/null +++ b/website/docs/services/authorizationservers/claims/index.md @@ -0,0 +1,489 @@ +--- +title: claims +hide_title: false +hide_table_of_contents: false +keywords: + - claims + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a claims resource. + +## Overview + + + + +
Nameclaims
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Claim
stringName of the Claim
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
booleanSpecifies whether to include Claims in the token. The value is always `TRUE` for access token Claims. If the value is set to `FALSE` for an ID token claim, the Claim isn't included in the ID token when the token is requested with the access token or with the `authorization_code`. The client instead uses the access token to get Claims from the `/userinfo` endpoint.
stringSpecifies whether the Claim is for an access token (`RESOURCE`) or an ID token (`IDENTITY`)
objectSpecifies the scopes for the Claim
stringSpecifies the type of group filter if `valueType` is `GROUPS` If `valueType` is `GROUPS`, then the groups returned are filtered according to the value of `group_filter_type`. If you have complex filters for Groups, you can [create a Groups allowlist](https://developer.okta.com/docs/guides/customize-tokens-groups-claim/main/) to put them all in a Claim.
string
booleanWhen `true`, indicates that Okta created the Claim
stringSpecifies the value of the Claim. This value must be a string literal if `valueType` is `GROUPS`, and the string literal is matched with the selected `group_filter_type`. The value must be an Okta EL expression if `valueType` is `EXPRESSION`.
stringSpecifies whether the Claim is an Okta Expression Language (EL) expression (`EXPRESSION`), a set of groups (`GROUPS`), or a system claim (`SYSTEM`)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Claim
stringName of the Claim
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
booleanSpecifies whether to include Claims in the token. The value is always `TRUE` for access token Claims. If the value is set to `FALSE` for an ID token claim, the Claim isn't included in the ID token when the token is requested with the access token or with the `authorization_code`. The client instead uses the access token to get Claims from the `/userinfo` endpoint.
stringSpecifies whether the Claim is for an access token (`RESOURCE`) or an ID token (`IDENTITY`)
objectSpecifies the scopes for the Claim
stringSpecifies the type of group filter if `valueType` is `GROUPS` If `valueType` is `GROUPS`, then the groups returned are filtered according to the value of `group_filter_type`. If you have complex filters for Groups, you can [create a Groups allowlist](https://developer.okta.com/docs/guides/customize-tokens-groups-claim/main/) to put them all in a Claim.
string
booleanWhen `true`, indicates that Okta created the Claim
stringSpecifies the value of the Claim. This value must be a string literal if `valueType` is `GROUPS`, and the string literal is matched with the selected `group_filter_type`. The value must be an Okta EL expression if `valueType` is `EXPRESSION`.
stringSpecifies whether the Claim is an Okta Expression Language (EL) expression (`EXPRESSION`), a set of groups (`GROUPS`), or a system claim (`SYSTEM`)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all custom token Claims defined for a specified custom authorization server
subdomainRetrieves a custom token Claim by the specified `claimId`
subdomainCreates a custom token Claim for a custom authorization server
subdomainReplaces a custom token Claim specified by the `claimId`
subdomainDeletes a custom token Claim specified by the `claimId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all custom token Claims defined for a specified custom authorization server + +```sql +SELECT +id, +name, +_links, +alwaysIncludeInToken, +claimType, +conditions, +group_filter_type, +status, +system, +value, +valueType +FROM okta.authorizationservers.claims +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a custom token Claim by the specified `claimId` + +```sql +SELECT +id, +name, +_links, +alwaysIncludeInToken, +claimType, +conditions, +group_filter_type, +status, +system, +value, +valueType +FROM okta.authorizationservers.claims +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a custom token Claim for a custom authorization server + +```sql +INSERT INTO okta.authorizationservers.claims ( +data__alwaysIncludeInToken, +data__claimType, +data__conditions, +data__group_filter_type, +data__name, +data__status, +data__system, +data__value, +data__valueType, +subdomain +) +SELECT +{{ alwaysIncludeInToken }}, +'{{ claimType }}', +'{{ conditions }}', +'{{ group_filter_type }}', +'{{ name }}', +'{{ status }}', +{{ system }}, +'{{ value }}', +'{{ valueType }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +alwaysIncludeInToken, +claimType, +conditions, +group_filter_type, +status, +system, +value, +valueType +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: claims + props: + - name: subdomain + value: string + description: Required parameter for the claims resource. + - name: alwaysIncludeInToken + value: boolean + description: > + Specifies whether to include Claims in the token. The value is always `TRUE` for access token Claims. If the value is set to `FALSE` for an ID token claim, the Claim isn't included in the ID token when the token is requested with the access token or with the `authorization_code`. The client instead uses the access token to get Claims from the `/userinfo` endpoint. + + - name: claimType + value: string + description: > + Specifies whether the Claim is for an access token (`RESOURCE`) or an ID token (`IDENTITY`) + + valid_values: ['IDENTITY', 'RESOURCE'] + - name: conditions + value: object + description: > + Specifies the scopes for the Claim + + - name: group_filter_type + value: string + description: > + Specifies the type of group filter if `valueType` is `GROUPS` + +If `valueType` is `GROUPS`, then the groups returned are filtered according to the value of `group_filter_type`. + +If you have complex filters for Groups, you can [create a Groups allowlist](https://developer.okta.com/docs/guides/customize-tokens-groups-claim/main/) to put them all in a Claim. + + valid_values: ['CONTAINS', 'EQUALS', 'REGEX', 'STARTS_WITH'] + - name: name + value: string + description: > + Name of the Claim + + - name: status + value: string + valid_values: ['ACTIVE', 'INACTIVE'] + - name: system + value: boolean + description: > + When `true`, indicates that Okta created the Claim + + - name: value + value: string + description: > + Specifies the value of the Claim. This value must be a string literal if `valueType` is `GROUPS`, and the string literal is matched with the selected `group_filter_type`. The value must be an Okta EL expression if `valueType` is `EXPRESSION`. + + - name: valueType + value: string + description: > + Specifies whether the Claim is an Okta Expression Language (EL) expression (`EXPRESSION`), a set of groups (`GROUPS`), or a system claim (`SYSTEM`) + + valid_values: ['EXPRESSION', 'GROUPS', 'SYSTEM'] +``` + + + + +## `REPLACE` examples + + + + +Replaces a custom token Claim specified by the `claimId` + +```sql +REPLACE okta.authorizationservers.claims +SET +data__alwaysIncludeInToken = {{ alwaysIncludeInToken }}, +data__claimType = '{{ claimType }}', +data__conditions = '{{ conditions }}', +data__group_filter_type = '{{ group_filter_type }}', +data__name = '{{ name }}', +data__status = '{{ status }}', +data__system = {{ system }}, +data__value = '{{ value }}', +data__valueType = '{{ valueType }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +alwaysIncludeInToken, +claimType, +conditions, +group_filter_type, +status, +system, +value, +valueType; +``` + + + + +## `DELETE` examples + + + + +Deletes a custom token Claim specified by the `claimId` + +```sql +DELETE FROM okta.authorizationservers.claims +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authorizationservers/clients/index.md b/website/docs/services/authorizationservers/clients/index.md new file mode 100644 index 0000000..bd59068 --- /dev/null +++ b/website/docs/services/authorizationservers/clients/index.md @@ -0,0 +1,152 @@ +--- +title: clients +hide_title: false +hide_table_of_contents: false +keywords: + - clients + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a clients resource. + +## Overview + + + + +
Nameclients
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key for the client application. The `client_id` is immutable. (example: 0oabskvc6442nkvQO0h7)
stringHuman-readable string name of the client application (example: My App)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (example: https://www.example.com)
stringURL string that references a logo for the client consent dialog (not the sign-in dialog) (example: https://www.example.com/logo.png)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all client resources for which the specified authorization server has tokens.

> **Note:** To list a specific user's client resources for which they have tokens or grants, use the [List all clients endpoint in the User Resources API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserClients).
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all client resources for which the specified authorization server has tokens.

> **Note:** To list a specific user's client resources for which they have tokens or grants, use the [List all clients endpoint in the User Resources API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserClients). + +```sql +SELECT +client_id, +client_name, +_links, +client_uri, +logo_uri +FROM okta.authorizationservers.clients +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/authorizationservers/index.md b/website/docs/services/authorizationservers/index.md new file mode 100644 index 0000000..89d49b9 --- /dev/null +++ b/website/docs/services/authorizationservers/index.md @@ -0,0 +1,41 @@ +--- +title: authorizationservers +hide_title: false +hide_table_of_contents: false +keywords: + - authorizationservers + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +authorizationservers service documentation. + +:::info[Service Summary] + +total resources: __10__ + +::: + +## Resources +
+
+associated_servers
+authorization_servers
+claims
+clients
+keys +
+
+oauth2_resource_server_jwks
+policies
+refresh_tokens
+rules
+scopes +
+
\ No newline at end of file diff --git a/website/docs/services/authorizationservers/keys/index.md b/website/docs/services/authorizationservers/keys/index.md new file mode 100644 index 0000000..5b83a0e --- /dev/null +++ b/website/docs/services/authorizationservers/keys/index.md @@ -0,0 +1,284 @@ +--- +title: keys +hide_title: false +hide_table_of_contents: false +keywords: + - keys + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a keys resource. + +## Overview + + + + +
Namekeys
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe algorithm used with the Key. Valid value: `RS256`
stringRSA key value (public exponent) for Key binding
stringUnique identifier for the key
stringCryptographic algorithm family for the certificate's keypair. Valid value: `RSA`
stringRSA modulus value that is used by both the public and private keys and provides a link between them
stringAn `ACTIVE` Key is used to sign tokens issued by the authorization server. Supported values: `ACTIVE`, `NEXT`, or `EXPIRED`<br> A `NEXT` Key is the next Key that the authorization server uses to sign tokens when Keys are rotated. The `NEXT` Key might not be listed if it hasn't been generated. An `EXPIRED` Key is the previous Key that the authorization server used to sign tokens. The `EXPIRED` Key might not be listed if no Key has expired or the expired Key was deleted.
stringAcceptable use of the key. Valid value: `sig`
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe algorithm used with the Key. Valid value: `RS256`
stringRSA key value (public exponent) for Key binding
stringUnique identifier for the key
stringCryptographic algorithm family for the certificate's keypair. Valid value: `RSA`
stringRSA modulus value that is used by both the public and private keys and provides a link between them
stringAn `ACTIVE` Key is used to sign tokens issued by the authorization server. Supported values: `ACTIVE`, `NEXT`, or `EXPIRED`<br> A `NEXT` Key is the next Key that the authorization server uses to sign tokens when Keys are rotated. The `NEXT` Key might not be listed if it hasn't been generated. An `EXPIRED` Key is the previous Key that the authorization server used to sign tokens. The `EXPIRED` Key might not be listed if no Key has expired or the expired Key was deleted.
stringAcceptable use of the key. Valid value: `sig`
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all of the current, future, and expired Keys used by the Custom Authorization Server
subdomainRetrieves an Authorization Server Key specified by the `keyId`
subdomainRotates the current Keys for a Custom Authorization Server. If you rotate Keys,
the `ACTIVE` Key becomes the `EXPIRED` Key, the `NEXT` Key becomes the `ACTIVE` Key,
and the Custom Authorization Server immediately begins using the new active
Key to sign tokens.

> **Note:** Okta rotates your Keys automatically in `AUTO` mode. You can rotate Keys
yourself in either mode. If Keys are rotated manually, you should invalidate any intermediate cache.
and fetch the Keys again using the Keys endpoint.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all of the current, future, and expired Keys used by the Custom Authorization Server + +```sql +SELECT +_links, +alg, +e, +kid, +kty, +n, +status, +use +FROM okta.authorizationservers.keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves an Authorization Server Key specified by the `keyId` + +```sql +SELECT +_links, +alg, +e, +kid, +kty, +n, +status, +use +FROM okta.authorizationservers.keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## Lifecycle Methods + + + + +Rotates the current Keys for a Custom Authorization Server. If you rotate Keys,
the `ACTIVE` Key becomes the `EXPIRED` Key, the `NEXT` Key becomes the `ACTIVE` Key,
and the Custom Authorization Server immediately begins using the new active
Key to sign tokens.

> **Note:** Okta rotates your Keys automatically in `AUTO` mode. You can rotate Keys
yourself in either mode. If Keys are rotated manually, you should invalidate any intermediate cache.
and fetch the Keys again using the Keys endpoint. + +```sql +EXEC okta.authorizationservers.keys.rotate_authorization_server_keys +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"use": "{{ use }}" +}'; +``` + + diff --git a/website/docs/services/authorizationservers/oauth2_resource_server_jwks/index.md b/website/docs/services/authorizationservers/oauth2_resource_server_jwks/index.md new file mode 100644 index 0000000..b10e065 --- /dev/null +++ b/website/docs/services/authorizationservers/oauth2_resource_server_jwks/index.md @@ -0,0 +1,443 @@ +--- +title: oauth2_resource_server_jwks +hide_title: false +hide_table_of_contents: false +keywords: + - oauth2_resource_server_jwks + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an oauth2_resource_server_jwks resource. + +## Overview + + + + +
Nameoauth2_resource_server_jwks
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique ID of the JSON Web Key (example: apk2f4zrZbs8nUa7p0g4)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of a JSON Web Key using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringTimestamp when the JSON Web Key was created (example: 2023-02-21T20:08:24.000Z)
stringRSA key value (exponent) for key binding (example: AQAB)
stringUnique identifier of the JSON Web Key in the Custom Authorization Server's Public JWKS (example: SIMcCQNY3uwXoW3y0vf6VxiBb5n9pf8L2fK8d-FIbm4)
stringCryptographic algorithm family for the certificate's key pair (example: RSA)
stringTimestamp when the JSON Web Key was updated (example: 2023-02-21T20:08:24.000Z)
stringRSA key value (modulus) for key binding (example: mkC6yAJVvFwUlmM9gKjb2d-YK5qHFt-mXSsbjWKKs4EfNm-BoQeeovBZtSACyaqLc8IYFTPEURFcbDQ9DkAL04uUIRD2gaHYY7uK0jsluEaXGq2RAIsmzAwNTzkiDw4q9pDL_q7n0f_SDt1TsMaMQayB6bU5jWsmqcWJ8MCRJ1aJMjZ16un5UVx51IIeCbe4QRDxEXGAvYNczsBoZxspDt28esSpq5W0dBFxcyGVudyl54Er3FzAguhgfMVjH-bUec9j2Tl40qDTktrYgYfxz9pfjm01Hl4WYP1YQxeETpSL7cQ5Ihz4jGDtHUEOcZ4GfJrPzrGpUrak8Qp5xcwCqQ)
stringThe status of the encryption key. You can use only an `ACTIVE` key to encrypt tokens issued by the authorization server. (example: ACTIVE, default: ACTIVE)
stringAcceptable use of the JSON Web Key (example: enc)
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique ID of the JSON Web Key (example: apk2f4zrZbs8nUa7p0g4)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of a JSON Web Key using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringTimestamp when the JSON Web Key was created (example: 2023-02-21T20:08:24.000Z)
stringRSA key value (exponent) for key binding (example: AQAB)
stringUnique identifier of the JSON Web Key in the Custom Authorization Server's Public JWKS (example: SIMcCQNY3uwXoW3y0vf6VxiBb5n9pf8L2fK8d-FIbm4)
stringCryptographic algorithm family for the certificate's key pair (example: RSA)
stringTimestamp when the JSON Web Key was updated (example: 2023-02-21T20:08:24.000Z)
stringRSA key value (modulus) for key binding (example: mkC6yAJVvFwUlmM9gKjb2d-YK5qHFt-mXSsbjWKKs4EfNm-BoQeeovBZtSACyaqLc8IYFTPEURFcbDQ9DkAL04uUIRD2gaHYY7uK0jsluEaXGq2RAIsmzAwNTzkiDw4q9pDL_q7n0f_SDt1TsMaMQayB6bU5jWsmqcWJ8MCRJ1aJMjZ16un5UVx51IIeCbe4QRDxEXGAvYNczsBoZxspDt28esSpq5W0dBFxcyGVudyl54Er3FzAguhgfMVjH-bUec9j2Tl40qDTktrYgYfxz9pfjm01Hl4WYP1YQxeETpSL7cQ5Ihz4jGDtHUEOcZ4GfJrPzrGpUrak8Qp5xcwCqQ)
stringThe status of the encryption key. You can use only an `ACTIVE` key to encrypt tokens issued by the authorization server. (example: ACTIVE, default: ACTIVE)
stringAcceptable use of the JSON Web Key (example: enc)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all the public keys used by the custom authorization server
subdomainRetrieves a custom authorization server public JSON web key by key `id`
subdomainAdds a new JSON Web Key to the custom authorization server`s JSON web keys.
> **Note:** This API doesn't allow you to add a key if the existing key doesn't have a `kid`. Use the [Replace an Authorization Server](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/AuthorizationServer/#tag/AuthorizationServer/operation/replaceAuthorizationServer) operation to update the JWKS or [Delete a Custom Authorization Server Public JSON Web Key](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OAuth2ResourceServerCredentialsKeys/#tag/OAuth2ResourceServerCredentialsKeys/operation/deleteOAuth2ResourceServerJsonWebKey) and re-add the key with a `kid`.
> **Note:** This API doesn't allow you to add a key with an ACTIVE status. You need to add an INACTIVE key first, and then ACTIVATE the key.
subdomainDeletes a custom authorization server public JSON web key by key `id`. You can only delete an inactive key.
subdomainActivates a custom authorization server public JSON web key by key `id`.
> **Note:** You can have only one active key at any given time for the authorization server. When you activate an inactive key, Okta automatically deactivates the current active key.
subdomainDeactivates a custom authorization server public JSON web key by key `id`.
> **Note:** Deactivating the active key isn't allowed if the authorization server has access token encryption enabled. You can activate another key, which makes the current key inactive.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all the public keys used by the custom authorization server + +```sql +SELECT +id, +_links, +created, +e, +kid, +kty, +lastUpdated, +n, +status, +use +FROM okta.authorizationservers.oauth2_resource_server_jwks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a custom authorization server public JSON web key by key `id` + +```sql +SELECT +id, +_links, +created, +e, +kid, +kty, +lastUpdated, +n, +status, +use +FROM okta.authorizationservers.oauth2_resource_server_jwks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Adds a new JSON Web Key to the custom authorization server`s JSON web keys.
> **Note:** This API doesn't allow you to add a key if the existing key doesn't have a `kid`. Use the [Replace an Authorization Server](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/AuthorizationServer/#tag/AuthorizationServer/operation/replaceAuthorizationServer) operation to update the JWKS or [Delete a Custom Authorization Server Public JSON Web Key](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OAuth2ResourceServerCredentialsKeys/#tag/OAuth2ResourceServerCredentialsKeys/operation/deleteOAuth2ResourceServerJsonWebKey) and re-add the key with a `kid`.
> **Note:** This API doesn't allow you to add a key with an ACTIVE status. You need to add an INACTIVE key first, and then ACTIVATE the key. + +```sql +INSERT INTO okta.authorizationservers.oauth2_resource_server_jwks ( +data__e, +data__kid, +data__kty, +data__n, +data__status, +data__use, +subdomain +) +SELECT +'{{ e }}', +'{{ kid }}', +'{{ kty }}', +'{{ n }}', +'{{ status }}', +'{{ use }}', +'{{ subdomain }}' +RETURNING +id, +_links, +created, +e, +kid, +kty, +lastUpdated, +n, +status, +use +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: oauth2_resource_server_jwks + props: + - name: subdomain + value: string + description: Required parameter for the oauth2_resource_server_jwks resource. + - name: e + value: string + description: > + RSA key value (exponent) for key binding + + - name: kid + value: string + description: > + Unique identifier of the JSON web key in the custom authorization server's public JWKS + + - name: kty + value: string + description: > + Cryptographic algorithm family for the certificate's key pair + + - name: n + value: string + description: > + RSA key value (modulus) for key binding + + - name: status + value: string + description: > + Status of the JSON Web Key + + valid_values: ['ACTIVE', 'INACTIVE'] + - name: use + value: string + description: > + Acceptable use of the JSON Web Key + +``` + + + + +## `DELETE` examples + + + + +Deletes a custom authorization server public JSON web key by key `id`. You can only delete an inactive key. + +```sql +DELETE FROM okta.authorizationservers.oauth2_resource_server_jwks +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates a custom authorization server public JSON web key by key `id`.
> **Note:** You can have only one active key at any given time for the authorization server. When you activate an inactive key, Okta automatically deactivates the current active key. + +```sql +EXEC okta.authorizationservers.oauth2_resource_server_jwks.activate_oauth2_resource_server_json_web_key +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates a custom authorization server public JSON web key by key `id`.
> **Note:** Deactivating the active key isn't allowed if the authorization server has access token encryption enabled. You can activate another key, which makes the current key inactive. + +```sql +EXEC okta.authorizationservers.oauth2_resource_server_jwks.deactivate_oauth2_resource_server_json_web_key +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authorizationservers/policies/index.md b/website/docs/services/authorizationservers/policies/index.md new file mode 100644 index 0000000..e9ebf6c --- /dev/null +++ b/website/docs/services/authorizationservers/policies/index.md @@ -0,0 +1,519 @@ +--- +title: policies +hide_title: false +hide_table_of_contents: false +keywords: + - policies + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a policies resource. + +## Overview + + + + +
Namepolicies
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Policy
stringName of the Policy
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object
string (date-time)Timestamp when the Policy was created
stringDescription of the Policy
string (date-time)Timestamp when the Policy was last updated
integerSpecifies the order in which this Policy is evaluated in relation to the other Policies in a custom authorization server
stringSpecifies whether requests have access to this Policy
booleanSpecifies whether Okta created this Policy
stringIndicates that the Policy is an authorization server Policy
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Policy
stringName of the Policy
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object
string (date-time)Timestamp when the Policy was created
stringDescription of the Policy
string (date-time)Timestamp when the Policy was last updated
integerSpecifies the order in which this Policy is evaluated in relation to the other Policies in a custom authorization server
stringSpecifies whether requests have access to this Policy
booleanSpecifies whether Okta created this Policy
stringIndicates that the Policy is an authorization server Policy
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all policies
subdomainRetrieves a policy
subdomainCreates a policy
subdomainReplaces a policy
subdomainDeletes a policy
subdomainActivates an authorization server policy
subdomainDeactivates an authorization server policy
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all policies + +```sql +SELECT +id, +name, +_links, +conditions, +created, +description, +lastUpdated, +priority, +status, +system, +type +FROM okta.authorizationservers.policies +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a policy + +```sql +SELECT +id, +name, +_links, +conditions, +created, +description, +lastUpdated, +priority, +status, +system, +type +FROM okta.authorizationservers.policies +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a policy + +```sql +INSERT INTO okta.authorizationservers.policies ( +data__id, +data__type, +data__name, +data__conditions, +data__description, +data__priority, +data__status, +data__system, +subdomain +) +SELECT +'{{ id }}', +'{{ type }}', +'{{ name }}', +'{{ conditions }}', +'{{ description }}', +{{ priority }}, +'{{ status }}', +{{ system }}, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +conditions, +created, +description, +lastUpdated, +priority, +status, +system, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: policies + props: + - name: subdomain + value: string + description: Required parameter for the policies resource. + - name: id + value: string + description: > + ID of the Policy + + - name: type + value: string + description: > + Indicates that the Policy is an authorization server Policy + + valid_values: ['OAUTH_AUTHORIZATION_POLICY'] + - name: name + value: string + description: > + Name of the Policy + + - name: conditions + value: object + - name: description + value: string + description: > + Description of the Policy + + - name: priority + value: integer + description: > + Specifies the order in which this Policy is evaluated in relation to the other Policies in a custom authorization server + + - name: status + value: string + description: > + Specifies whether requests have access to this Policy + + valid_values: ['ACTIVE', 'INACTIVE'] + - name: system + value: boolean + description: > + Specifies whether Okta created this Policy + +``` + + + + +## `REPLACE` examples + + + + +Replaces a policy + +```sql +REPLACE okta.authorizationservers.policies +SET +data__id = '{{ id }}', +data__type = '{{ type }}', +data__name = '{{ name }}', +data__conditions = '{{ conditions }}', +data__description = '{{ description }}', +data__priority = {{ priority }}, +data__status = '{{ status }}', +data__system = {{ system }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +conditions, +created, +description, +lastUpdated, +priority, +status, +system, +type; +``` + + + + +## `DELETE` examples + + + + +Deletes a policy + +```sql +DELETE FROM okta.authorizationservers.policies +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates an authorization server policy + +```sql +EXEC okta.authorizationservers.policies.activate_authorization_server_policy +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates an authorization server policy + +```sql +EXEC okta.authorizationservers.policies.deactivate_authorization_server_policy +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authorizationservers/refresh_tokens/index.md b/website/docs/services/authorizationservers/refresh_tokens/index.md new file mode 100644 index 0000000..8ef14f1 --- /dev/null +++ b/website/docs/services/authorizationservers/refresh_tokens/index.md @@ -0,0 +1,352 @@ +--- +title: refresh_tokens +hide_title: false +hide_table_of_contents: false +keywords: + - refresh_tokens + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a refresh_tokens resource. + +## Overview + + + + +
Namerefresh_tokens
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Token object (example: oar579Mcp7OUsNTlo0g3)
objectThe embedded resources related to the object if the `expand` query parameter is specified
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringClient ID
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
string (date-time)Expiration time of the OAuth 2.0 Token
stringThe complete URL of the authorization server that issued the Token (example: https://{yourOktaDomain}/oauth2/ausain6z9zIedDCxB0h7)
string (date-time)Timestamp when the object was last updated
arrayThe scope names attached to the Token
stringStatus (example: ACTIVE)
stringThe ID of the user associated with the Token (example: 00u5t60iloOHN9pBi0h7)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Token object (example: oar579Mcp7OUsNTlo0g3)
objectThe embedded resources related to the object if the `expand` query parameter is specified
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringClient ID
string (date-time)Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)
string (date-time)Expiration time of the OAuth 2.0 Token
stringThe complete URL of the authorization server that issued the Token (example: https://{yourOktaDomain}/oauth2/ausain6z9zIedDCxB0h7)
string (date-time)Timestamp when the object was last updated
arrayThe scope names attached to the Token
stringStatus (example: ACTIVE)
stringThe ID of the user associated with the Token (example: 00u5t60iloOHN9pBi0h7)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainexpand, after, limitLists all refresh tokens issued by an authorization server for a specific Client
subdomainexpandRetrieves a refresh token for a Client
subdomainRevokes all refresh tokens for a Client
subdomainRevokes a refresh token for a Client
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of tokens
stringValid value: `scope`. If specified, scope details are included in the `_embedded` attribute.
integer (int32)The maximum number of tokens to return (maximum 200)
+ +## `SELECT` examples + + + + +Lists all refresh tokens issued by an authorization server for a specific Client + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +expiresAt, +issuer, +lastUpdated, +scopes, +status, +userId +FROM okta.authorizationservers.refresh_tokens +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + +Retrieves a refresh token for a Client + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +expiresAt, +issuer, +lastUpdated, +scopes, +status, +userId +FROM okta.authorizationservers.refresh_tokens +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + + +## `DELETE` examples + + + + +Revokes all refresh tokens for a Client + +```sql +DELETE FROM okta.authorizationservers.refresh_tokens +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + +Revokes a refresh token for a Client + +```sql +DELETE FROM okta.authorizationservers.refresh_tokens +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authorizationservers/rules/index.md b/website/docs/services/authorizationservers/rules/index.md new file mode 100644 index 0000000..9df6c96 --- /dev/null +++ b/website/docs/services/authorizationservers/rules/index.md @@ -0,0 +1,511 @@ +--- +title: rules +hide_title: false +hide_table_of_contents: false +keywords: + - rules + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a rules resource. + +## Overview + + + + +
Namerules
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringIdentifier of the rule
stringName of the rule
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object
object
string (date-time)Timestamp when the rule was created
string (date-time)Timestamp when the rule was last modified
integerPriority of the rule
stringStatus of the rule
booleanSet to `true` for system rules. You can't delete system rules.
stringRule type
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringIdentifier of the rule
stringName of the rule
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object
object
string (date-time)Timestamp when the rule was created
string (date-time)Timestamp when the rule was last modified
integerPriority of the rule
stringStatus of the rule
booleanSet to `true` for system rules. You can't delete system rules.
stringRule type
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all policy rules for the specified Custom Authorization Server and Policy
subdomainRetrieves a policy rule by `ruleId`
subdomainCreates a policy rule for the specified Custom Authorization Server and Policy
subdomainReplaces the configuration of the Policy Rule defined in the specified Custom Authorization Server and Policy
subdomainDeletes a Policy Rule defined in the specified Custom Authorization Server and Policy
subdomainActivates an authorization server policy rule
subdomainDeactivates an authorization server policy rule
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all policy rules for the specified Custom Authorization Server and Policy + +```sql +SELECT +id, +name, +_links, +actions, +conditions, +created, +lastUpdated, +priority, +status, +system, +type +FROM okta.authorizationservers.rules +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a policy rule by `ruleId` + +```sql +SELECT +id, +name, +_links, +actions, +conditions, +created, +lastUpdated, +priority, +status, +system, +type +FROM okta.authorizationservers.rules +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a policy rule for the specified Custom Authorization Server and Policy + +```sql +INSERT INTO okta.authorizationservers.rules ( +data__actions, +data__conditions, +data__name, +data__priority, +data__status, +data__system, +data__type, +subdomain +) +SELECT +'{{ actions }}', +'{{ conditions }}' --required, +'{{ name }}' --required, +{{ priority }}, +'{{ status }}', +{{ system }}, +'{{ type }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +actions, +conditions, +created, +lastUpdated, +priority, +status, +system, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: rules + props: + - name: subdomain + value: string + description: Required parameter for the rules resource. + - name: actions + value: object + - name: conditions + value: object + - name: name + value: string + description: > + Name of the rule + + - name: priority + value: integer + description: > + Priority of the rule + + - name: status + value: string + description: > + Status of the rule + + valid_values: ['ACTIVE', 'INACTIVE'] + - name: system + value: boolean + description: > + Set to `true` for system rules. You can't delete system rules. + + - name: type + value: string + description: > + Rule type + + valid_values: ['RESOURCE_ACCESS'] +``` + + + + +## `REPLACE` examples + + + + +Replaces the configuration of the Policy Rule defined in the specified Custom Authorization Server and Policy + +```sql +REPLACE okta.authorizationservers.rules +SET +data__actions = '{{ actions }}', +data__conditions = '{{ conditions }}', +data__name = '{{ name }}', +data__priority = {{ priority }}, +data__status = '{{ status }}', +data__system = {{ system }}, +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +AND data__conditions = '{{ conditions }}' --required +AND data__type = '{{ type }}' --required +RETURNING +id, +name, +_links, +actions, +conditions, +created, +lastUpdated, +priority, +status, +system, +type; +``` + + + + +## `DELETE` examples + + + + +Deletes a Policy Rule defined in the specified Custom Authorization Server and Policy + +```sql +DELETE FROM okta.authorizationservers.rules +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates an authorization server policy rule + +```sql +EXEC okta.authorizationservers.rules.activate_authorization_server_policy_rule +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates an authorization server policy rule + +```sql +EXEC okta.authorizationservers.rules.deactivate_authorization_server_policy_rule +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/authorizationservers/scopes/index.md b/website/docs/services/authorizationservers/scopes/index.md new file mode 100644 index 0000000..ac5037d --- /dev/null +++ b/website/docs/services/authorizationservers/scopes/index.md @@ -0,0 +1,494 @@ +--- +title: scopes +hide_title: false +hide_table_of_contents: false +keywords: + - scopes + - authorizationservers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a scopes resource. + +## Overview + + + + +
Namescopes
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringScope object ID
stringScope name
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringIndicates whether a consent dialog is needed for the Scope (default: IMPLICIT)
booleanIndicates if this Scope is a default scope
stringDescription of the Scope
stringName of the end user displayed in a consent dialog
stringIndicates whether the Scope is included in the metadata (default: NO_CLIENTS)
booleanIndicates whether the Scope is optional. When set to `true`, the user can skip consent for the scope.
booleanIndicates if Okta created the Scope
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringScope object ID
stringScope name
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringIndicates whether a consent dialog is needed for the Scope (default: IMPLICIT)
booleanIndicates if this Scope is a default scope
stringDescription of the Scope
stringName of the end user displayed in a consent dialog
stringIndicates whether the Scope is included in the metadata (default: NO_CLIENTS)
booleanIndicates whether the Scope is optional. When set to `true`, the user can skip consent for the scope.
booleanIndicates if Okta created the Scope
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainq, filter, after, limitLists all custom token scopes
subdomainRetrieves a custom token scope
subdomainCreates a custom token scope
subdomainReplaces a custom token scope
subdomainDeletes a custom token scope
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of scopes. Treat the after cursor as an opaque value and obtain it through the next link relationship. See [Pagination](https://developer.okta.com/docs/api/#pagination).
stringFilter expression for Custom Token Scopes
integerSpecifies the number of objects to return per page. If there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it). See [Pagination](https://developer.okta.com/docs/api/#pagination).
stringSearches the `name` of Custom Token Scopes for matching values
+ +## `SELECT` examples + + + + +Lists all custom token scopes + +```sql +SELECT +id, +name, +_links, +consent, +default, +description, +displayName, +metadataPublish, +optional, +system +FROM okta.authorizationservers.scopes +WHERE subdomain = '{{ subdomain }}' -- required +AND q = '{{ q }}' +AND filter = '{{ filter }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + +Retrieves a custom token scope + +```sql +SELECT +id, +name, +_links, +consent, +default, +description, +displayName, +metadataPublish, +optional, +system +FROM okta.authorizationservers.scopes +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a custom token scope + +```sql +INSERT INTO okta.authorizationservers.scopes ( +data__consent, +data__default, +data__description, +data__displayName, +data__metadataPublish, +data__name, +data__optional, +data__system, +subdomain +) +SELECT +'{{ consent }}', +{{ default }}, +'{{ description }}', +'{{ displayName }}', +'{{ metadataPublish }}', +'{{ name }}' --required, +{{ optional }}, +{{ system }}, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +consent, +default, +description, +displayName, +metadataPublish, +optional, +system +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: scopes + props: + - name: subdomain + value: string + description: Required parameter for the scopes resource. + - name: consent + value: string + description: > + Indicates whether a consent dialog is needed for the Scope + + valid_values: ['FLEXIBLE', 'IMPLICIT', 'REQUIRED'] + default: IMPLICIT + - name: default + value: boolean + description: > + Indicates if this Scope is a default scope + + default: false + - name: description + value: string + description: > + Description of the Scope + + - name: displayName + value: string + description: > + Name of the end user displayed in a consent dialog + + - name: metadataPublish + value: string + description: > + Indicates whether the Scope is included in the metadata + + valid_values: ['ALL_CLIENTS', 'NO_CLIENTS'] + default: NO_CLIENTS + - name: name + value: string + description: > + Scope name + + - name: optional + value: boolean + description: > + Indicates whether the Scope is optional. When set to `true`, the user can skip consent for the scope. + + default: false + - name: system + value: boolean + description: > + Indicates if Okta created the Scope + + default: false +``` + + + + +## `REPLACE` examples + + + + +Replaces a custom token scope + +```sql +REPLACE okta.authorizationservers.scopes +SET +data__consent = '{{ consent }}', +data__default = {{ default }}, +data__description = '{{ description }}', +data__displayName = '{{ displayName }}', +data__metadataPublish = '{{ metadataPublish }}', +data__name = '{{ name }}', +data__optional = {{ optional }}, +data__system = {{ system }} +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +RETURNING +id, +name, +_links, +consent, +default, +description, +displayName, +metadataPublish, +optional, +system; +``` + + + + +## `DELETE` examples + + + + +Deletes a custom token scope + +```sql +DELETE FROM okta.authorizationservers.scopes +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/behaviors/behavior_detection_rules/index.md b/website/docs/services/behaviors/behavior_detection_rules/index.md new file mode 100644 index 0000000..e2d9eb9 --- /dev/null +++ b/website/docs/services/behaviors/behavior_detection_rules/index.md @@ -0,0 +1,418 @@ +--- +title: behavior_detection_rules +hide_title: false +hide_table_of_contents: false +keywords: + - behavior_detection_rules + - behaviors + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a behavior_detection_rules resource. + +## Overview + + + + +
Namebehavior_detection_rules
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Behavior Detection Rule
stringName of the Behavior Detection Rule
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringTimestamp when the Behavior Detection Rule was created
stringTimestamp when the Behavior Detection Rule was last modified
string
string
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the Behavior Detection Rule
stringName of the Behavior Detection Rule
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringTimestamp when the Behavior Detection Rule was created
stringTimestamp when the Behavior Detection Rule was last modified
string
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all behavior detection rules with pagination support
subdomainRetrieves a Behavior Detection Rule by `behaviorId`
subdomainCreates a new behavior detection rule
subdomainReplaces a Behavior Detection Rule by `behaviorId`
subdomainDeletes a Behavior Detection Rule by `behaviorId`
subdomainActivates a behavior detection rule
subdomainDeactivates a behavior detection rule
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all behavior detection rules with pagination support + +```sql +SELECT +id, +name, +_link, +created, +lastUpdated, +status, +type +FROM okta.behaviors.behavior_detection_rules +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a Behavior Detection Rule by `behaviorId` + +```sql +SELECT +id, +name, +_link, +created, +lastUpdated, +status, +type +FROM okta.behaviors.behavior_detection_rules +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new behavior detection rule + +```sql +INSERT INTO okta.behaviors.behavior_detection_rules ( +data__name, +data__status, +data__type, +subdomain +) +SELECT +'{{ name }}' --required, +'{{ status }}', +'{{ type }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +_link, +created, +lastUpdated, +status, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: behavior_detection_rules + props: + - name: subdomain + value: string + description: Required parameter for the behavior_detection_rules resource. + - name: name + value: string + description: > + Name of the Behavior Detection Rule + + - name: status + value: string + valid_values: ['ACTIVE', 'INACTIVE'] + - name: type + value: string + valid_values: ['ANOMALOUS_DEVICE', 'ANOMALOUS_IP', 'ANOMALOUS_LOCATION', 'VELOCITY'] +``` + + + + +## `REPLACE` examples + + + + +Replaces a Behavior Detection Rule by `behaviorId` + +```sql +REPLACE okta.behaviors.behavior_detection_rules +SET +data__name = '{{ name }}', +data__status = '{{ status }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +AND data__type = '{{ type }}' --required +RETURNING +id, +name, +_link, +created, +lastUpdated, +status, +type; +``` + + + + +## `DELETE` examples + + + + +Deletes a Behavior Detection Rule by `behaviorId` + +```sql +DELETE FROM okta.behaviors.behavior_detection_rules +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates a behavior detection rule + +```sql +EXEC okta.behaviors.behavior_detection_rules.activate_behavior_detection_rule +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates a behavior detection rule + +```sql +EXEC okta.behaviors.behavior_detection_rules.deactivate_behavior_detection_rule +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/behaviors/index.md b/website/docs/services/behaviors/index.md new file mode 100644 index 0000000..9e6a926 --- /dev/null +++ b/website/docs/services/behaviors/index.md @@ -0,0 +1,33 @@ +--- +title: behaviors +hide_title: false +hide_table_of_contents: false +keywords: + - behaviors + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +behaviors service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+behavior_detection_rules +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/brands/brand_well_known_uris/index.md b/website/docs/services/brands/brand_well_known_uris/index.md new file mode 100644 index 0000000..6567777 --- /dev/null +++ b/website/docs/services/brands/brand_well_known_uris/index.md @@ -0,0 +1,168 @@ +--- +title: brand_well_known_uris +hide_title: false +hide_table_of_contents: false +keywords: + - brand_well_known_uris + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a brand_well_known_uris resource. + +## Overview + + + + +
Namebrand_well_known_uris
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the customized well-known URI content + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
objectThe well-known URI content in JSON format
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the customized content of a well-known URI for a specific brand and well-known URI path
subdomainReplaces the content of a customized well-known URI that you specify.

There are endpoint-specific format requirements when you update the content of a customized well-known URI. See [Customize associated domains](https://developer.okta.com/docs/guides/custom-well-known-uri/main/).
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the customized content of a well-known URI for a specific brand and well-known URI path + +```sql +SELECT +_links, +representation +FROM okta.brands.brand_well_known_uris +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the content of a customized well-known URI that you specify.

There are endpoint-specific format requirements when you update the content of a customized well-known URI. See [Customize associated domains](https://developer.okta.com/docs/guides/custom-well-known-uri/main/). + +```sql +REPLACE okta.brands.brand_well_known_uris +SET +data__representation = '{{ representation }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__representation = '{{ representation }}' --required +RETURNING +_links, +representation; +``` + + diff --git a/website/docs/services/brands/brands/index.md b/website/docs/services/brands/brands/index.md new file mode 100644 index 0000000..14bff9f --- /dev/null +++ b/website/docs/services/brands/brands/index.md @@ -0,0 +1,424 @@ +--- +title: brands +hide_title: false +hide_table_of_contents: false +keywords: + - brands + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a brands resource. + +## Overview + + + + +
Namebrands
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully returned the list of brands + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe Brand ID
stringThe name of the Brand
booleanConsent for updating the custom privacy URL. Not required when resetting the URL.
stringCustom privacy policy URL
object
stringThe ID of the email domain
booleanIf `true`, the Brand is used for the Okta subdomain
stringThe language specified as an [IETF BCP 47 language tag](https://datatracker.ietf.org/doc/html/rfc5646)
booleanRemoves "Powered by Okta" from the sign-in page in redirect authentication deployments, and "© [current year] Okta, Inc." from the Okta End-User Dashboard
+ + + +Successfully retrieved the brand + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe Brand ID
stringThe name of the Brand
booleanConsent for updating the custom privacy URL. Not required when resetting the URL.
stringCustom privacy policy URL
object
stringThe ID of the email domain
booleanIf `true`, the Brand is used for the Okta subdomain
stringThe language specified as an [IETF BCP 47 language tag](https://datatracker.ietf.org/doc/html/rfc5646)
booleanRemoves "Powered by Okta" from the sign-in page in redirect authentication deployments, and "© [current year] Okta, Inc." from the Okta End-User Dashboard
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainexpand, after, limit, qLists all the brands in your org
subdomainexpandRetrieves a brand by `brandId`
subdomainCreates a new brand in your org
subdomainReplaces a brand by `brandId`

Passing an invalid `brandId` returns a `404 Not Found` status code with the error code `E0000007`.

Not providing `agreeToCustomPrivacyPolicy` with `customPrivacyPolicyUrl` returns a `400 Bad Request` status code with the error code `E0000001`.

subdomainDeletes a brand by `brandId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
arraySpecifies additional metadata to be included in the response
integerA limit on the number of objects to return
stringSearches the records for matching value
+ +## `SELECT` examples + + + + +Lists all the brands in your org + +```sql +SELECT +id, +name, +agreeToCustomPrivacyPolicy, +customPrivacyPolicyUrl, +defaultApp, +emailDomainId, +isDefault, +locale, +removePoweredByOkta +FROM okta.brands.brands +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND q = '{{ q }}'; +``` + + + +Retrieves a brand by `brandId` + +```sql +SELECT +id, +name, +agreeToCustomPrivacyPolicy, +customPrivacyPolicyUrl, +defaultApp, +emailDomainId, +isDefault, +locale, +removePoweredByOkta +FROM okta.brands.brands +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + + +## `INSERT` examples + + + + +Creates a new brand in your org + +```sql +INSERT INTO okta.brands.brands ( +data__name, +subdomain +) +SELECT +'{{ name }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +agreeToCustomPrivacyPolicy, +customPrivacyPolicyUrl, +defaultApp, +emailDomainId, +isDefault, +locale, +removePoweredByOkta +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: brands + props: + - name: subdomain + value: string + description: Required parameter for the brands resource. + - name: name + value: string + description: > + The name of the Brand + +``` + + + + +## `REPLACE` examples + + + + +Replaces a brand by `brandId`

Passing an invalid `brandId` returns a `404 Not Found` status code with the error code `E0000007`.

Not providing `agreeToCustomPrivacyPolicy` with `customPrivacyPolicyUrl` returns a `400 Bad Request` status code with the error code `E0000001`.

+ +```sql +REPLACE okta.brands.brands +SET +data__agreeToCustomPrivacyPolicy = {{ agreeToCustomPrivacyPolicy }}, +data__customPrivacyPolicyUrl = '{{ customPrivacyPolicyUrl }}', +data__defaultApp = '{{ defaultApp }}', +data__emailDomainId = '{{ emailDomainId }}', +data__locale = '{{ locale }}', +data__name = '{{ name }}', +data__removePoweredByOkta = {{ removePoweredByOkta }} +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +RETURNING +id, +name, +agreeToCustomPrivacyPolicy, +customPrivacyPolicyUrl, +defaultApp, +emailDomainId, +isDefault, +locale, +removePoweredByOkta; +``` + + + + +## `DELETE` examples + + + + +Deletes a brand by `brandId` + +```sql +DELETE FROM okta.brands.brands +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/brands/customization_preview/index.md b/website/docs/services/brands/customization_preview/index.md new file mode 100644 index 0000000..978e091 --- /dev/null +++ b/website/docs/services/brands/customization_preview/index.md @@ -0,0 +1,140 @@ +--- +title: customization_preview +hide_title: false +hide_table_of_contents: false +keywords: + - customization_preview + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a customization_preview resource. + +## Overview + + + + +
Namecustomization_preview
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully generated a preview of the email customization. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe email's HTML body
stringThe email's subject
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves a Preview of an Email Customization. All variable references are populated from the current user's context. For example, `${user.profile.firstName}`.

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is disabled, requests for the preview of an additional language customization by ID return a `404 Not Found` error response.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves a Preview of an Email Customization. All variable references are populated from the current user's context. For example, `${user.profile.firstName}`.

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is disabled, requests for the preview of an additional language customization by ID return a `404 Not Found` error response.
+ +```sql +SELECT +_links, +body, +subject +FROM okta.brands.customization_preview +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/brands/customized_error_page/index.md b/website/docs/services/brands/customized_error_page/index.md new file mode 100644 index 0000000..098c1a9 --- /dev/null +++ b/website/docs/services/brands/customized_error_page/index.md @@ -0,0 +1,195 @@ +--- +title: customized_error_page +hide_title: false +hide_table_of_contents: false +keywords: + - customized_error_page + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a customized_error_page resource. + +## Overview + + + + +
Namecustomized_error_page
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the customized error page. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
stringThe HTML for the page
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the customized error page. The customized error page appears in your live environment.
subdomainReplaces the customized error page. The customized error page appears in your live environment.
subdomainDeletes the customized error page. As a result, the default error page appears in your live environment.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the customized error page. The customized error page appears in your live environment. + +```sql +SELECT +contentSecurityPolicySetting, +pageContent +FROM okta.brands.customized_error_page +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the customized error page. The customized error page appears in your live environment. + +```sql +REPLACE okta.brands.customized_error_page +SET +data__pageContent = '{{ pageContent }}', +data__contentSecurityPolicySetting = '{{ contentSecurityPolicySetting }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +contentSecurityPolicySetting, +pageContent; +``` + + + + +## `DELETE` examples + + + + +Deletes the customized error page. As a result, the default error page appears in your live environment. + +```sql +DELETE FROM okta.brands.customized_error_page +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/brands/customized_sign_in_page/index.md b/website/docs/services/brands/customized_sign_in_page/index.md new file mode 100644 index 0000000..800431c --- /dev/null +++ b/website/docs/services/brands/customized_sign_in_page/index.md @@ -0,0 +1,184 @@ +--- +title: customized_sign_in_page +hide_title: false +hide_table_of_contents: false +keywords: + - customized_sign_in_page + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a customized_sign_in_page resource. + +## Overview + + + + +
Namecustomized_sign_in_page
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the customized sign-in page. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
stringThe HTML for the page
object
stringThe version specified as a [Semantic Version](https://semver.org/). (pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the customized sign-in page. The customized sign-in page appears in your live environment.
subdomainReplaces the customized sign-in page. The customized sign-in page appears in your live environment.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the customized sign-in page. The customized sign-in page appears in your live environment. + +```sql +SELECT +contentSecurityPolicySetting, +pageContent, +widgetCustomizations, +widgetVersion +FROM okta.brands.customized_sign_in_page +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the customized sign-in page. The customized sign-in page appears in your live environment. + +```sql +REPLACE okta.brands.customized_sign_in_page +SET +data__pageContent = '{{ pageContent }}', +data__contentSecurityPolicySetting = '{{ contentSecurityPolicySetting }}', +data__widgetCustomizations = '{{ widgetCustomizations }}', +data__widgetVersion = '{{ widgetVersion }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +contentSecurityPolicySetting, +pageContent, +widgetCustomizations, +widgetVersion; +``` + + diff --git a/website/docs/services/brands/default_error_page/index.md b/website/docs/services/brands/default_error_page/index.md new file mode 100644 index 0000000..07550d1 --- /dev/null +++ b/website/docs/services/brands/default_error_page/index.md @@ -0,0 +1,134 @@ +--- +title: default_error_page +hide_title: false +hide_table_of_contents: false +keywords: + - default_error_page + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a default_error_page resource. + +## Overview + + + + +
Namedefault_error_page
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the default error page. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
stringThe HTML for the page
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the default error page. The default error page appears when no customized error page exists.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the default error page. The default error page appears when no customized error page exists. + +```sql +SELECT +contentSecurityPolicySetting, +pageContent +FROM okta.brands.default_error_page +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/brands/default_sign_in_page/index.md b/website/docs/services/brands/default_sign_in_page/index.md new file mode 100644 index 0000000..c1605a5 --- /dev/null +++ b/website/docs/services/brands/default_sign_in_page/index.md @@ -0,0 +1,146 @@ +--- +title: default_sign_in_page +hide_title: false +hide_table_of_contents: false +keywords: + - default_sign_in_page + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a default_sign_in_page resource. + +## Overview + + + + +
Namedefault_sign_in_page
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the default sign-in page. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
stringThe HTML for the page
object
stringThe version specified as a [Semantic Version](https://semver.org/). (pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the default sign-in page. The default sign-in page appears when no customized sign-in page exists.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the default sign-in page. The default sign-in page appears when no customized sign-in page exists. + +```sql +SELECT +contentSecurityPolicySetting, +pageContent, +widgetCustomizations, +widgetVersion +FROM okta.brands.default_sign_in_page +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/brands/domains/index.md b/website/docs/services/brands/domains/index.md new file mode 100644 index 0000000..b9b3dc5 --- /dev/null +++ b/website/docs/services/brands/domains/index.md @@ -0,0 +1,170 @@ +--- +title: domains +hide_title: false +hide_table_of_contents: false +keywords: + - domains + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a domains resource. + +## Overview + + + + +
Namedomains
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully returned the list of domains for the brand + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID of the domain (example: OcDz6iRyjkaCTXkdo0g3)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe ID number of the brand (example: bndul904tTZ6kWVhP0g3)
stringCertificate source type that indicates whether the certificate is provided by the user or Okta.
array
stringCustom domain name (example: login.example.com)
objectCertificate metadata for the domain
stringStatus of the domain (example: VERIFIED)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all domains associated with a brand by `brandId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all domains associated with a brand by `brandId` + +```sql +SELECT +id, +_links, +brandId, +certificateSourceType, +dnsRecords, +domain, +publicCertificate, +validationStatus +FROM okta.brands.domains +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/brands/email_default_content/index.md b/website/docs/services/brands/email_default_content/index.md new file mode 100644 index 0000000..4bd9e60 --- /dev/null +++ b/website/docs/services/brands/email_default_content/index.md @@ -0,0 +1,146 @@ +--- +title: email_default_content +hide_title: false +hide_table_of_contents: false +keywords: + - email_default_content + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an email_default_content resource. + +## Overview + + + + +
Nameemail_default_content
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the email template's default content. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe HTML body of the email. May contain [variable references](https://velocity.apache.org/engine/1.7/user-guide.html#references). <x-lifecycle class="ea"></x-lifecycle> Not required if Custom languages for Okta Email Templates is enabled. A `null` body is replaced with a default value from one of the following in priority order: 1. An existing default email customization, if one exists 2. Okta-provided translated content for the specified language, if one exists 3. Okta-provided translated content for the brand locale, if it's set 4. Okta-provided content in English
stringThe email subject. May contain [variable references](https://velocity.apache.org/engine/1.7/user-guide.html#references). <x-lifecycle class="ea"></x-lifecycle> Not required if Custom languages for Okta Email Templates is enabled. A `null` subject is replaced with a default value from one of the following in priority order: 1. An existing default email customization, if one exists 2. Okta-provided translated content for the specified language, if one exists 3. Okta-provided translated content for the brand locale, if it's set 4. Okta-provided content in English
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainlanguageRetrieves an email template's default content

<x-lifecycle class="ea"></x-lifecycle> Defaults to the current user's language given the following:
- Custom languages for Okta Email Templates is enabled
- An additional language is specified for the `language` parameter
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe language to use for the email. Defaults to the current user's language if unspecified.
+ +## `SELECT` examples + + + + +Retrieves an email template's default content

<x-lifecycle class="ea"></x-lifecycle> Defaults to the current user's language given the following:
- Custom languages for Okta Email Templates is enabled
- An additional language is specified for the `language` parameter
+ +```sql +SELECT +_links, +body, +subject +FROM okta.brands.email_default_content +WHERE subdomain = '{{ subdomain }}' -- required +AND language = '{{ language }}'; +``` + + diff --git a/website/docs/services/brands/email_default_preview/index.md b/website/docs/services/brands/email_default_preview/index.md new file mode 100644 index 0000000..f0a0fa4 --- /dev/null +++ b/website/docs/services/brands/email_default_preview/index.md @@ -0,0 +1,146 @@ +--- +title: email_default_preview +hide_title: false +hide_table_of_contents: false +keywords: + - email_default_preview + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an email_default_preview resource. + +## Overview + + + + +
Nameemail_default_preview
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully generated a preview of the email template's default content. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe email's HTML body
stringThe email's subject
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainlanguageRetrieves a preview of an Email Template's default content. All variable references are populated using the current user's context. For example, `${user.profile.firstName}`.

<x-lifecycle class="ea"></x-lifecycle> Defaults to the current user's language given the following:
- Custom languages for Okta Email Templates is enabled
- An additional language is specified for the `language` parameter
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe language to use for the email. Defaults to the current user's language if unspecified.
+ +## `SELECT` examples + + + + +Retrieves a preview of an Email Template's default content. All variable references are populated using the current user's context. For example, `${user.profile.firstName}`.

<x-lifecycle class="ea"></x-lifecycle> Defaults to the current user's language given the following:
- Custom languages for Okta Email Templates is enabled
- An additional language is specified for the `language` parameter
+ +```sql +SELECT +_links, +body, +subject +FROM okta.brands.email_default_preview +WHERE subdomain = '{{ subdomain }}' -- required +AND language = '{{ language }}'; +``` + + diff --git a/website/docs/services/brands/email_settings/index.md b/website/docs/services/brands/email_settings/index.md new file mode 100644 index 0000000..1074a58 --- /dev/null +++ b/website/docs/services/brands/email_settings/index.md @@ -0,0 +1,167 @@ +--- +title: email_settings +hide_title: false +hide_table_of_contents: false +keywords: + - email_settings + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an email_settings resource. + +## Overview + + + + +
Nameemail_settings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the email template's settings. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves an email template's settings
subdomainReplaces an email template's settings
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves an email template's settings + +```sql +SELECT +_links, +recipients +FROM okta.brands.email_settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces an email template's settings + +```sql +REPLACE okta.brands.email_settings +SET +data__recipients = '{{ recipients }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__recipients = '{{ recipients }}' --required +RETURNING +recipients; +``` + + diff --git a/website/docs/services/brands/email_template_customizations/index.md b/website/docs/services/brands/email_template_customizations/index.md new file mode 100644 index 0000000..3959caf --- /dev/null +++ b/website/docs/services/brands/email_template_customizations/index.md @@ -0,0 +1,447 @@ +--- +title: email_template_customizations +hide_title: false +hide_table_of_contents: false +keywords: + - email_template_customizations + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an email_template_customizations resource. + +## Overview + + + + +
Nameemail_template_customizations
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved all email customizations for the specified email template. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringA unique identifier for this email customization
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe HTML body of the email. May contain [variable references](https://velocity.apache.org/engine/1.7/user-guide.html#references). <x-lifecycle class="ea"></x-lifecycle> Not required if Custom languages for Okta Email Templates is enabled. A `null` body is replaced with a default value from one of the following in priority order: 1. An existing default email customization, if one exists 2. Okta-provided translated content for the specified language, if one exists 3. Okta-provided translated content for the brand locale, if it's set 4. Okta-provided content in English
string (date-time)The UTC time at which this email customization was created.
booleanWhether this is the default customization for the email template. Each customized email template must have exactly one default customization. Defaults to `true` for the first customization and `false` thereafter.
stringThe language specified as an [IETF BCP 47 language tag](https://datatracker.ietf.org/doc/html/rfc5646)
string (date-time)The UTC time at which this email customization was last updated.
stringThe email subject. May contain [variable references](https://velocity.apache.org/engine/1.7/user-guide.html#references). <x-lifecycle class="ea"></x-lifecycle> Not required if Custom languages for Okta Email Templates is enabled. A `null` subject is replaced with a default value from one of the following in priority order: 1. An existing default email customization, if one exists 2. Okta-provided translated content for the specified language, if one exists 3. Okta-provided translated content for the brand locale, if it's set 4. Okta-provided content in English
+ + + +Successfully retrieved the email customization. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringA unique identifier for this email customization
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe HTML body of the email. May contain [variable references](https://velocity.apache.org/engine/1.7/user-guide.html#references). <x-lifecycle class="ea"></x-lifecycle> Not required if Custom languages for Okta Email Templates is enabled. A `null` body is replaced with a default value from one of the following in priority order: 1. An existing default email customization, if one exists 2. Okta-provided translated content for the specified language, if one exists 3. Okta-provided translated content for the brand locale, if it's set 4. Okta-provided content in English
string (date-time)The UTC time at which this email customization was created.
booleanWhether this is the default customization for the email template. Each customized email template must have exactly one default customization. Defaults to `true` for the first customization and `false` thereafter.
stringThe language specified as an [IETF BCP 47 language tag](https://datatracker.ietf.org/doc/html/rfc5646)
string (date-time)The UTC time at which this email customization was last updated.
stringThe email subject. May contain [variable references](https://velocity.apache.org/engine/1.7/user-guide.html#references). <x-lifecycle class="ea"></x-lifecycle> Not required if Custom languages for Okta Email Templates is enabled. A `null` subject is replaced with a default value from one of the following in priority order: 1. An existing default email customization, if one exists 2. Okta-provided translated content for the specified language, if one exists 3. Okta-provided translated content for the brand locale, if it's set 4. Okta-provided content in English
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all customizations of an email template

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is enabled, all existing customizations are retrieved, including customizations for additional languages. If disabled, only customizations for Okta-supported languages are returned.
subdomainRetrieves an email customization by its unique identifier

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is disabled, requests to retrieve an additional language customization by ID result in a `404 Not Found` error response.
subdomainCreates a new Email Customization

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is enabled, you can create a customization for any BCP47 language in addition to the Okta-supported languages.
subdomainReplaces an email customization using property values

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is disabled, requests to update a customization for an additional language return a `404 Not Found` error response.
subdomainDeletes all customizations for an email template

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is enabled, all customizations are deleted, including customizations for additional languages. If disabled, only customizations in Okta-supported languages are deleted.
subdomainDeletes an Email Customization by its unique identifier

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is disabled, deletion of an existing additional language customization by ID doesn't register.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all customizations of an email template

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is enabled, all existing customizations are retrieved, including customizations for additional languages. If disabled, only customizations for Okta-supported languages are returned.
+ +```sql +SELECT +id, +_links, +body, +created, +isDefault, +language, +lastUpdated, +subject +FROM okta.brands.email_template_customizations +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + +Retrieves an email customization by its unique identifier

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is disabled, requests to retrieve an additional language customization by ID result in a `404 Not Found` error response.
+ +```sql +SELECT +id, +_links, +body, +created, +isDefault, +language, +lastUpdated, +subject +FROM okta.brands.email_template_customizations +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new Email Customization

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is enabled, you can create a customization for any BCP47 language in addition to the Okta-supported languages.
+ +```sql +INSERT INTO okta.brands.email_template_customizations ( +data__body, +data__subject, +data__isDefault, +data__language, +subdomain +) +SELECT +'{{ body }}' --required, +'{{ subject }}' --required, +{{ isDefault }}, +'{{ language }}', +'{{ subdomain }}' +RETURNING +id, +_links, +body, +created, +isDefault, +language, +lastUpdated, +subject +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: email_template_customizations + props: + - name: subdomain + value: string + description: Required parameter for the email_template_customizations resource. + - name: body + value: string + description: > + The HTML body of the email. May contain [variable references](https://velocity.apache.org/engine/1.7/user-guide.html#references). + + Not required if Custom languages for Okta Email Templates is enabled. A `null` body is replaced with a default value from one of the following in priority order: + +1. An existing default email customization, if one exists +2. Okta-provided translated content for the specified language, if one exists +3. Okta-provided translated content for the brand locale, if it's set +4. Okta-provided content in English + + - name: subject + value: string + description: > + The email subject. May contain [variable references](https://velocity.apache.org/engine/1.7/user-guide.html#references). + + Not required if Custom languages for Okta Email Templates is enabled. A `null` subject is replaced with a default value from one of the following in priority order: + +1. An existing default email customization, if one exists +2. Okta-provided translated content for the specified language, if one exists +3. Okta-provided translated content for the brand locale, if it's set +4. Okta-provided content in English + + - name: isDefault + value: boolean + description: > + Whether this is the default customization for the email template. Each customized email template must have exactly one default customization. Defaults to `true` for the first customization and `false` thereafter. + + - name: language + value: string + description: > + The language specified as an [IETF BCP 47 language tag](https://datatracker.ietf.org/doc/html/rfc5646) + +``` + + + + +## `REPLACE` examples + + + + +Replaces an email customization using property values

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is disabled, requests to update a customization for an additional language return a `404 Not Found` error response.
+ +```sql +REPLACE okta.brands.email_template_customizations +SET +data__body = '{{ body }}', +data__subject = '{{ subject }}', +data__isDefault = {{ isDefault }}, +data__language = '{{ language }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__subject = '{{ subject }}' --required +AND data__body = '{{ body }}' --required +RETURNING +id, +_links, +body, +created, +isDefault, +language, +lastUpdated, +subject; +``` + + + + +## `DELETE` examples + + + + +Deletes all customizations for an email template

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is enabled, all customizations are deleted, including customizations for additional languages. If disabled, only customizations in Okta-supported languages are deleted.
+ +```sql +DELETE FROM okta.brands.email_template_customizations +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + +Deletes an Email Customization by its unique identifier

<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is disabled, deletion of an existing additional language customization by ID doesn't register.
+ +```sql +DELETE FROM okta.brands.email_template_customizations +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/brands/email_templates/index.md b/website/docs/services/brands/email_templates/index.md new file mode 100644 index 0000000..6cc6c9d --- /dev/null +++ b/website/docs/services/brands/email_templates/index.md @@ -0,0 +1,245 @@ +--- +title: email_templates +hide_title: false +hide_table_of_contents: false +keywords: + - email_templates + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an email_templates resource. + +## Overview + + + + +
Nameemail_templates
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully returned the list of email templates. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe name of this email template
object
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
+ + + +Successfully retrieved the email template. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe name of this email template
object
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limit, expandLists all supported email templates
subdomainexpandRetrieves the details of an email template by name
subdomainlanguageSends a test email to the current user's primary and secondary email addresses. The email content is selected based on the following priority:
1. The email customization for the language specified in the `language` query parameter
<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is enabled and the `language` parameter is an additional language, the test email uses the customization corresponding to the language.
2. The email template's default customization
3. The email template's default content, translated to the current user's language

> **Note:** Super admins can view customized email templates with the **Send a test email** request. However, when custom email templates are sent to super admins as part of actual email notification flows, the customizations aren't applied. Instead, the default email template is used. This only applies to super admins.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
arraySpecifies additional metadata to be included in the response
stringThe language to use for the email. Defaults to the current user's language if unspecified.
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all supported email templates + +```sql +SELECT +name, +_embedded, +_links +FROM okta.brands.email_templates +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND expand = '{{ expand }}'; +``` + + + +Retrieves the details of an email template by name + +```sql +SELECT +name, +_embedded, +_links +FROM okta.brands.email_templates +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + + +## Lifecycle Methods + + + + +Sends a test email to the current user's primary and secondary email addresses. The email content is selected based on the following priority:
1. The email customization for the language specified in the `language` query parameter
<x-lifecycle class="ea"></x-lifecycle> If Custom languages for Okta Email Templates is enabled and the `language` parameter is an additional language, the test email uses the customization corresponding to the language.
2. The email template's default customization
3. The email template's default content, translated to the current user's language

> **Note:** Super admins can view customized email templates with the **Send a test email** request. However, when custom email templates are sent to super admins as part of actual email notification flows, the customizations aren't applied. Instead, the default email template is used. This only applies to super admins. + +```sql +EXEC okta.brands.email_templates.send_test_email +@subdomain='{{ subdomain }}' --required, +@language='{{ language }}'; +``` + + diff --git a/website/docs/services/brands/error_page/index.md b/website/docs/services/brands/error_page/index.md new file mode 100644 index 0000000..684dbb6 --- /dev/null +++ b/website/docs/services/brands/error_page/index.md @@ -0,0 +1,134 @@ +--- +title: error_page +hide_title: false +hide_table_of_contents: false +keywords: + - error_page + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an error_page resource. + +## Overview + + + + +
Nameerror_page
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the error page. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the error page sub-resources. The `expand` query parameter specifies which sub-resources to include in the response.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the error page sub-resources. The `expand` query parameter specifies which sub-resources to include in the response. + +```sql +SELECT +_embedded, +_links +FROM okta.brands.error_page +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/brands/index.md b/website/docs/services/brands/index.md new file mode 100644 index 0000000..aa30fe4 --- /dev/null +++ b/website/docs/services/brands/index.md @@ -0,0 +1,52 @@ +--- +title: brands +hide_title: false +hide_table_of_contents: false +keywords: + - brands + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +brands service documentation. + +:::info[Service Summary] + +total resources: __21__ + +::: + +## Resources +
+
+brand_well_known_uris
+brands
+customization_preview
+customized_error_page
+customized_sign_in_page
+default_error_page
+default_sign_in_page
+domains
+email_default_content
+email_default_preview
+email_settings +
+
+email_template_customizations
+email_templates
+error_page
+preview_error_page
+preview_sign_in_page
+sign_in_page
+sign_in_widget_versions
+sign_out_page_settings
+themes
+well_known_uris +
+
\ No newline at end of file diff --git a/website/docs/services/brands/preview_error_page/index.md b/website/docs/services/brands/preview_error_page/index.md new file mode 100644 index 0000000..32164d2 --- /dev/null +++ b/website/docs/services/brands/preview_error_page/index.md @@ -0,0 +1,195 @@ +--- +title: preview_error_page +hide_title: false +hide_table_of_contents: false +keywords: + - preview_error_page + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a preview_error_page resource. + +## Overview + + + + +
Namepreview_error_page
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the preview error page. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
stringThe HTML for the page
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the preview error page. The preview error page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/error/preview`.
subdomainReplaces the preview error page. The preview error page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/error/preview`.
subdomainDeletes the preview error page. The preview error page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/error/preview`.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the preview error page. The preview error page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/error/preview`. + +```sql +SELECT +contentSecurityPolicySetting, +pageContent +FROM okta.brands.preview_error_page +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the preview error page. The preview error page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/error/preview`. + +```sql +REPLACE okta.brands.preview_error_page +SET +data__pageContent = '{{ pageContent }}', +data__contentSecurityPolicySetting = '{{ contentSecurityPolicySetting }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +contentSecurityPolicySetting, +pageContent; +``` + + + + +## `DELETE` examples + + + + +Deletes the preview error page. The preview error page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/error/preview`. + +```sql +DELETE FROM okta.brands.preview_error_page +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/brands/preview_sign_in_page/index.md b/website/docs/services/brands/preview_sign_in_page/index.md new file mode 100644 index 0000000..4a450ad --- /dev/null +++ b/website/docs/services/brands/preview_sign_in_page/index.md @@ -0,0 +1,211 @@ +--- +title: preview_sign_in_page +hide_title: false +hide_table_of_contents: false +keywords: + - preview_sign_in_page + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a preview_sign_in_page resource. + +## Overview + + + + +
Namepreview_sign_in_page
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the preview sign-in page. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
stringThe HTML for the page
object
stringThe version specified as a [Semantic Version](https://semver.org/). (pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the preview sign-in page. The preview sign-in page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/login/preview`.
subdomainReplaces the preview sign-in page. The preview sign-in page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/login/preview`.
subdomainDeletes the preview sign-in page. The preview sign-in page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/login/preview`.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the preview sign-in page. The preview sign-in page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/login/preview`. + +```sql +SELECT +contentSecurityPolicySetting, +pageContent, +widgetCustomizations, +widgetVersion +FROM okta.brands.preview_sign_in_page +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the preview sign-in page. The preview sign-in page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/login/preview`. + +```sql +REPLACE okta.brands.preview_sign_in_page +SET +data__pageContent = '{{ pageContent }}', +data__contentSecurityPolicySetting = '{{ contentSecurityPolicySetting }}', +data__widgetCustomizations = '{{ widgetCustomizations }}', +data__widgetVersion = '{{ widgetVersion }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +contentSecurityPolicySetting, +pageContent, +widgetCustomizations, +widgetVersion; +``` + + + + +## `DELETE` examples + + + + +Deletes the preview sign-in page. The preview sign-in page contains unpublished changes and isn't shown in your live environment. Preview it at `${yourOktaDomain}/login/preview`. + +```sql +DELETE FROM okta.brands.preview_sign_in_page +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/brands/sign_in_page/index.md b/website/docs/services/brands/sign_in_page/index.md new file mode 100644 index 0000000..952695f --- /dev/null +++ b/website/docs/services/brands/sign_in_page/index.md @@ -0,0 +1,161 @@ +--- +title: sign_in_page +hide_title: false +hide_table_of_contents: false +keywords: + - sign_in_page + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a sign_in_page resource. + +## Overview + + + + +
Namesign_in_page
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the sign-in page. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the sign-in page sub-resources. The `expand` query parameter specifies which sub-resources to include in the response.
subdomainDeletes the customized sign-in page. As a result, the default sign-in page appears in your live environment.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the sign-in page sub-resources. The `expand` query parameter specifies which sub-resources to include in the response. + +```sql +SELECT +_embedded, +_links +FROM okta.brands.sign_in_page +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `DELETE` examples + + + + +Deletes the customized sign-in page. As a result, the default sign-in page appears in your live environment. + +```sql +DELETE FROM okta.brands.sign_in_page +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/brands/sign_in_widget_versions/index.md b/website/docs/services/brands/sign_in_widget_versions/index.md new file mode 100644 index 0000000..1a2d9c4 --- /dev/null +++ b/website/docs/services/brands/sign_in_widget_versions/index.md @@ -0,0 +1,123 @@ +--- +title: sign_in_widget_versions +hide_title: false +hide_table_of_contents: false +keywords: + - sign_in_widget_versions + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a sign_in_widget_versions resource. + +## Overview + + + + +
Namesign_in_widget_versions
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully listed the sign-in widget versions. + + + + + + + + + + + +
NameDatatypeDescription
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all sign-in widget versions supported by the current org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all sign-in widget versions supported by the current org + +```sql +SELECT +* +FROM okta.brands.sign_in_widget_versions +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/brands/sign_out_page_settings/index.md b/website/docs/services/brands/sign_out_page_settings/index.md new file mode 100644 index 0000000..bba75f5 --- /dev/null +++ b/website/docs/services/brands/sign_out_page_settings/index.md @@ -0,0 +1,169 @@ +--- +title: sign_out_page_settings +hide_title: false +hide_table_of_contents: false +keywords: + - sign_out_page_settings + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a sign_out_page_settings resource. + +## Overview + + + + +
Namesign_out_page_settings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved the sign-out page settings. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the sign-out page settings
subdomainReplaces the sign-out page settings
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the sign-out page settings + +```sql +SELECT +type, +url +FROM okta.brands.sign_out_page_settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the sign-out page settings + +```sql +REPLACE okta.brands.sign_out_page_settings +SET +data__type = '{{ type }}', +data__url = '{{ url }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__type = '{{ type }}' --required +RETURNING +type, +url; +``` + + diff --git a/website/docs/services/brands/themes/index.md b/website/docs/services/brands/themes/index.md new file mode 100644 index 0000000..9dbb949 --- /dev/null +++ b/website/docs/services/brands/themes/index.md @@ -0,0 +1,508 @@ +--- +title: themes +hide_title: false +hide_table_of_contents: false +keywords: + - themes + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a themes resource. + +## Overview + + + + +
Namethemes
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully returned the list of themes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string
stringVariant for email templates. You can publish a theme for email templates with different combinations of assets. Variants are preset combinations of those assets. (default: OKTA_DEFAULT)
stringVariant for the Okta End-User Dashboard. You can publish a theme for end-user dashboard with different combinations of assets. Variants are preset combinations of those assets. (default: OKTA_DEFAULT)
stringVariant for the error page. You can publish a theme for error page with different combinations of assets. Variants are preset combinations of those assets. (default: OKTA_DEFAULT)
string
stringVariant for the Okta loading page. You can publish a theme for Okta loading page with different combinations of assets. Variants are preset combinations of those assets. (default: OKTA_DEFAULT)
string
stringPrimary color contrast hex code
stringPrimary color hex code
stringSecondary color contrast hex code
stringSecondary color hex code
stringVariant for the Okta sign-in page. You can publish a theme for sign-in page with different combinations of assets. Variants are preset combinations of those assets. > **Note:** For a non-`OKTA_DEFAULT` variant, `primaryColorHex` is used for button background color and `primaryColorContrastHex` is used to optimize the opacity for button text.
+ + + +Successfully retrieved the theme + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string
stringVariant for email templates. You can publish a theme for email templates with different combinations of assets. Variants are preset combinations of those assets. (default: OKTA_DEFAULT)
stringVariant for the Okta End-User Dashboard. You can publish a theme for end-user dashboard with different combinations of assets. Variants are preset combinations of those assets. (default: OKTA_DEFAULT)
stringVariant for the error page. You can publish a theme for error page with different combinations of assets. Variants are preset combinations of those assets. (default: OKTA_DEFAULT)
string
stringVariant for the Okta loading page. You can publish a theme for Okta loading page with different combinations of assets. Variants are preset combinations of those assets. (default: OKTA_DEFAULT)
string
stringPrimary color contrast hex code
stringPrimary color hex code
stringSecondary color contrast hex code
stringSecondary color hex code
stringVariant for the Okta sign-in page. You can publish a theme for sign-in page with different combinations of assets. Variants are preset combinations of those assets. > **Note:** For a non-`OKTA_DEFAULT` variant, `primaryColorHex` is used for button background color and `primaryColorContrastHex` is used to optimize the opacity for button text.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all the themes in your brand.

> **Important:** Currently each org supports only one theme, therefore this contains a single object only.
subdomainRetrieves a theme for a brand
subdomainReplaces a theme for a brand
subdomainUploads and replaces the background image for the theme. The file must be in PNG, JPG, or GIF format and less than 2 MB in size.
subdomainDeletes a theme background image
subdomainUploads and replaces the favicon for the theme
subdomainDeletes a theme favicon. The theme will use the default Okta favicon.
subdomainUploads and replaces the logo for the theme. The file must be in PNG, JPG, or GIF format and less than 100kB in size. For best results use landscape orientation, a transparent background, and a minimum size of 300px by 50px to prevent upscaling.
subdomainDeletes a Theme logo. The theme will use the default Okta logo.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all the themes in your brand.

> **Important:** Currently each org supports only one theme, therefore this contains a single object only. + +```sql +SELECT +id, +_links, +backgroundImage, +emailTemplateTouchPointVariant, +endUserDashboardTouchPointVariant, +errorPageTouchPointVariant, +favicon, +loadingPageTouchPointVariant, +logo, +primaryColorContrastHex, +primaryColorHex, +secondaryColorContrastHex, +secondaryColorHex, +signInPageTouchPointVariant +FROM okta.brands.themes +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a theme for a brand + +```sql +SELECT +id, +_links, +backgroundImage, +emailTemplateTouchPointVariant, +endUserDashboardTouchPointVariant, +errorPageTouchPointVariant, +favicon, +loadingPageTouchPointVariant, +logo, +primaryColorContrastHex, +primaryColorHex, +secondaryColorContrastHex, +secondaryColorHex, +signInPageTouchPointVariant +FROM okta.brands.themes +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces a theme for a brand + +```sql +REPLACE okta.brands.themes +SET +data__emailTemplateTouchPointVariant = '{{ emailTemplateTouchPointVariant }}', +data__endUserDashboardTouchPointVariant = '{{ endUserDashboardTouchPointVariant }}', +data__errorPageTouchPointVariant = '{{ errorPageTouchPointVariant }}', +data__loadingPageTouchPointVariant = '{{ loadingPageTouchPointVariant }}', +data__primaryColorContrastHex = '{{ primaryColorContrastHex }}', +data__primaryColorHex = '{{ primaryColorHex }}', +data__secondaryColorContrastHex = '{{ secondaryColorContrastHex }}', +data__secondaryColorHex = '{{ secondaryColorHex }}', +data__signInPageTouchPointVariant = '{{ signInPageTouchPointVariant }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__primaryColorHex = '{{ primaryColorHex }}' --required +AND data__secondaryColorHex = '{{ secondaryColorHex }}' --required +AND data__signInPageTouchPointVariant = '{{ signInPageTouchPointVariant }}' --required +AND data__endUserDashboardTouchPointVariant = '{{ endUserDashboardTouchPointVariant }}' --required +AND data__errorPageTouchPointVariant = '{{ errorPageTouchPointVariant }}' --required +AND data__emailTemplateTouchPointVariant = '{{ emailTemplateTouchPointVariant }}' --required +RETURNING +id, +_links, +backgroundImage, +emailTemplateTouchPointVariant, +endUserDashboardTouchPointVariant, +errorPageTouchPointVariant, +favicon, +loadingPageTouchPointVariant, +logo, +primaryColorContrastHex, +primaryColorHex, +secondaryColorContrastHex, +secondaryColorHex, +signInPageTouchPointVariant; +``` + + + + +## Lifecycle Methods + + + + +Uploads and replaces the background image for the theme. The file must be in PNG, JPG, or GIF format and less than 2 MB in size. + +```sql +EXEC okta.brands.themes.upload_brand_theme_background_image +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"file": "{{ file }}" +}'; +``` + + + +Deletes a theme background image + +```sql +EXEC okta.brands.themes.delete_brand_theme_background_image +@subdomain='{{ subdomain }}' --required; +``` + + + +Uploads and replaces the favicon for the theme + +```sql +EXEC okta.brands.themes.upload_brand_theme_favicon +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"file": "{{ file }}" +}'; +``` + + + +Deletes a theme favicon. The theme will use the default Okta favicon. + +```sql +EXEC okta.brands.themes.delete_brand_theme_favicon +@subdomain='{{ subdomain }}' --required; +``` + + + +Uploads and replaces the logo for the theme. The file must be in PNG, JPG, or GIF format and less than 100kB in size. For best results use landscape orientation, a transparent background, and a minimum size of 300px by 50px to prevent upscaling. + +```sql +EXEC okta.brands.themes.upload_brand_theme_logo +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"file": "{{ file }}" +}'; +``` + + + +Deletes a Theme logo. The theme will use the default Okta logo. + +```sql +EXEC okta.brands.themes.delete_brand_theme_logo +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/brands/well_known_uris/index.md b/website/docs/services/brands/well_known_uris/index.md new file mode 100644 index 0000000..1975e08 --- /dev/null +++ b/website/docs/services/brands/well_known_uris/index.md @@ -0,0 +1,181 @@ +--- +title: well_known_uris +hide_title: false +hide_table_of_contents: false +keywords: + - well_known_uris + - brands + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a well_known_uris resource. + +## Overview + + + + +
Namewell_known_uris
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Successfully retrieved all the well-known URIs + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
+ + + +Successfully retrieved the well-known URI + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
objectThe well-known URI content in JSON format
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the content from each of the well-known URIs for a specified brand
subdomainRetrieves the well-known URI of a specific brand and well-known URI path
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the content from each of the well-known URIs for a specified brand + +```sql +SELECT +_embedded, +_links +FROM okta.brands.well_known_uris +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves the well-known URI of a specific brand and well-known URI path + +```sql +SELECT +_links, +representation +FROM okta.brands.well_known_uris +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/captchas/captcha_instances/index.md b/website/docs/services/captchas/captcha_instances/index.md new file mode 100644 index 0000000..90a79ea --- /dev/null +++ b/website/docs/services/captchas/captcha_instances/index.md @@ -0,0 +1,411 @@ +--- +title: captcha_instances +hide_title: false +hide_table_of_contents: false +keywords: + - captcha_instances + - captchas + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a captcha_instances resource. + +## Overview + + + + +
Namecaptcha_instances
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique key for the CAPTCHA instance
stringThe name of the CAPTCHA instance
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe secret key issued from the CAPTCHA provider to perform server-side validation for a CAPTCHA token
stringThe site key issued from the CAPTCHA provider to render a CAPTCHA on a page
stringThe type of CAPTCHA provider
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique key for the CAPTCHA instance
stringThe name of the CAPTCHA instance
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe secret key issued from the CAPTCHA provider to perform server-side validation for a CAPTCHA token
stringThe site key issued from the CAPTCHA provider to render a CAPTCHA on a page
stringThe type of CAPTCHA provider
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all CAPTCHA instances with pagination support. A subset of CAPTCHA instances can be returned that match a supported filter expression or query.
subdomainRetrieves the properties of a specified CAPTCHA instance
subdomainCreates a new CAPTCHA instance. Currently, an org can only configure a single CAPTCHA instance.
subdomainPartially updates the properties of a specified CAPTCHA instance
subdomainReplaces the properties for a specified CAPTCHA instance
subdomainDeletes a specified CAPTCHA instance
> **Note:** If your CAPTCHA instance is still associated with your org, the request fails. You must first update your Org-wide CAPTCHA settings to remove the CAPTCHA instance.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all CAPTCHA instances with pagination support. A subset of CAPTCHA instances can be returned that match a supported filter expression or query. + +```sql +SELECT +id, +name, +_links, +secretKey, +siteKey, +type +FROM okta.captchas.captcha_instances +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves the properties of a specified CAPTCHA instance + +```sql +SELECT +id, +name, +_links, +secretKey, +siteKey, +type +FROM okta.captchas.captcha_instances +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new CAPTCHA instance. Currently, an org can only configure a single CAPTCHA instance. + +```sql +INSERT INTO okta.captchas.captcha_instances ( +data__name, +data__secretKey, +data__siteKey, +data__type, +subdomain +) +SELECT +'{{ name }}', +'{{ secretKey }}', +'{{ siteKey }}', +'{{ type }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +secretKey, +siteKey, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: captcha_instances + props: + - name: subdomain + value: string + description: Required parameter for the captcha_instances resource. + - name: name + value: string + description: > + The name of the CAPTCHA instance + + - name: secretKey + value: string + description: > + The secret key issued from the CAPTCHA provider to perform server-side validation for a CAPTCHA token + + - name: siteKey + value: string + description: > + The site key issued from the CAPTCHA provider to render a CAPTCHA on a page + + - name: type + value: string + description: > + The type of CAPTCHA provider + + valid_values: ['HCAPTCHA', 'RECAPTCHA_V2'] +``` + + + + +## `UPDATE` examples + + + + +Partially updates the properties of a specified CAPTCHA instance + +```sql +UPDATE okta.captchas.captcha_instances +SET +data__name = '{{ name }}', +data__secretKey = '{{ secretKey }}', +data__siteKey = '{{ siteKey }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +secretKey, +siteKey, +type; +``` + + + + +## `REPLACE` examples + + + + +Replaces the properties for a specified CAPTCHA instance + +```sql +REPLACE okta.captchas.captcha_instances +SET +data__name = '{{ name }}', +data__secretKey = '{{ secretKey }}', +data__siteKey = '{{ siteKey }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +secretKey, +siteKey, +type; +``` + + + + +## `DELETE` examples + + + + +Deletes a specified CAPTCHA instance
> **Note:** If your CAPTCHA instance is still associated with your org, the request fails. You must first update your Org-wide CAPTCHA settings to remove the CAPTCHA instance. + +```sql +DELETE FROM okta.captchas.captcha_instances +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/captchas/index.md b/website/docs/services/captchas/index.md new file mode 100644 index 0000000..4772b4f --- /dev/null +++ b/website/docs/services/captchas/index.md @@ -0,0 +1,33 @@ +--- +title: captchas +hide_title: false +hide_table_of_contents: false +keywords: + - captchas + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +captchas service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+captcha_instances +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/device_access/index.md b/website/docs/services/device_access/index.md new file mode 100644 index 0000000..b07a8e6 --- /dev/null +++ b/website/docs/services/device_access/index.md @@ -0,0 +1,33 @@ +--- +title: device_access +hide_title: false +hide_table_of_contents: false +keywords: + - device_access + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +device_access service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +
+
+mfa_challenge_org_setting +
+
+mfa_recovery_pin_setting +
+
\ No newline at end of file diff --git a/website/docs/services/device_access/mfa_challenge_org_setting/index.md b/website/docs/services/device_access/mfa_challenge_org_setting/index.md new file mode 100644 index 0000000..c806e05 --- /dev/null +++ b/website/docs/services/device_access/mfa_challenge_org_setting/index.md @@ -0,0 +1,158 @@ +--- +title: mfa_challenge_org_setting +hide_title: false +hide_table_of_contents: false +keywords: + - mfa_challenge_org_setting + - device_access + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a mfa_challenge_org_setting resource. + +## Overview + + + + +
Namemfa_challenge_org_setting
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
booleanIndicates whether or not the Desktop MFA Enforce Number Matching Challenge push notifications feature is enabled
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the status of the Desktop MFA Enforce Number Matching Challenge push notifications feature. That is, whether or not the feature is enabled for your org.
subdomainReplaces the status of the Desktop MFA Enforce Number Matching Challenge push notifications feature. That is, whether or not the feature is enabled for your org.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the status of the Desktop MFA Enforce Number Matching Challenge push notifications feature. That is, whether or not the feature is enabled for your org. + +```sql +SELECT +desktopMFAEnforceNumberMatchingChallengeEnabled +FROM okta.device_access.mfa_challenge_org_setting +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the status of the Desktop MFA Enforce Number Matching Challenge push notifications feature. That is, whether or not the feature is enabled for your org. + +```sql +REPLACE okta.device_access.mfa_challenge_org_setting +SET +data__desktopMFAEnforceNumberMatchingChallengeEnabled = {{ desktopMFAEnforceNumberMatchingChallengeEnabled }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +desktopMFAEnforceNumberMatchingChallengeEnabled; +``` + + diff --git a/website/docs/services/device_access/mfa_recovery_pin_setting/index.md b/website/docs/services/device_access/mfa_recovery_pin_setting/index.md new file mode 100644 index 0000000..f6b2266 --- /dev/null +++ b/website/docs/services/device_access/mfa_recovery_pin_setting/index.md @@ -0,0 +1,158 @@ +--- +title: mfa_recovery_pin_setting +hide_title: false +hide_table_of_contents: false +keywords: + - mfa_recovery_pin_setting + - device_access + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a mfa_recovery_pin_setting resource. + +## Overview + + + + +
Namemfa_recovery_pin_setting
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
booleanIndicates whether or not the Desktop MFA Recovery PIN feature is enabled
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the status of the Desktop MFA Recovery PIN feature. That is, whether or not the feature is enabled for your org.
subdomainReplaces the Desktop MFA Recovery PIN feature for your org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the status of the Desktop MFA Recovery PIN feature. That is, whether or not the feature is enabled for your org. + +```sql +SELECT +desktopMFARecoveryPinEnabled +FROM okta.device_access.mfa_recovery_pin_setting +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the Desktop MFA Recovery PIN feature for your org + +```sql +REPLACE okta.device_access.mfa_recovery_pin_setting +SET +data__desktopMFARecoveryPinEnabled = {{ desktopMFARecoveryPinEnabled }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +desktopMFARecoveryPinEnabled; +``` + + diff --git a/website/docs/services/device_assurances/device_assurance_policies/index.md b/website/docs/services/device_assurances/device_assurance_policies/index.md new file mode 100644 index 0000000..fe915bf --- /dev/null +++ b/website/docs/services/device_assurances/device_assurance_policies/index.md @@ -0,0 +1,447 @@ +--- +title: device_assurance_policies +hide_title: false +hide_table_of_contents: false +keywords: + - device_assurance_policies + - device_assurances + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a device_assurance_policies resource. + +## Overview + + + + +
Namedevice_assurance_policies
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
stringDisplay name of the device assurance policy
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string
string
object<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>Represents the Device Posture Checks configuration for the device assurance policy
string<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>Represents the remediation mode of this device assurance policy when users are denied access due to device noncompliance (example: SHOW)
object<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>Represents the Grace Period configuration for the device assurance policy
string
string
string
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
stringDisplay name of the device assurance policy
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string
string
object<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>Represents the Device Posture Checks configuration for the device assurance policy
string<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>Represents the remediation mode of this device assurance policy when users are denied access due to device noncompliance (example: SHOW)
object<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>Represents the Grace Period configuration for the device assurance policy
string
string
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all device assurance policies
subdomainRetrieves a device assurance policy by `deviceAssuranceId`
subdomainCreates a new device assurance policy
subdomainReplaces a device assurance policy by `deviceAssuranceId`
subdomainDeletes a device assurance policy by `deviceAssuranceId`. If the device assurance policy is currently being used in the org Authentication Policies, the delete will not be allowed.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all device assurance policies + +```sql +SELECT +id, +name, +_links, +createdBy, +createdDate, +devicePostureChecks, +displayRemediationMode, +gracePeriod, +lastUpdate, +lastUpdatedBy, +platform +FROM okta.device_assurances.device_assurance_policies +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a device assurance policy by `deviceAssuranceId` + +```sql +SELECT +id, +name, +_links, +createdBy, +createdDate, +devicePostureChecks, +displayRemediationMode, +gracePeriod, +lastUpdate, +lastUpdatedBy, +platform +FROM okta.device_assurances.device_assurance_policies +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new device assurance policy + +```sql +INSERT INTO okta.device_assurances.device_assurance_policies ( +data__devicePostureChecks, +data__displayRemediationMode, +data__gracePeriod, +data__name, +data__platform, +subdomain +) +SELECT +'{{ devicePostureChecks }}', +'{{ displayRemediationMode }}', +'{{ gracePeriod }}', +'{{ name }}', +'{{ platform }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +createdBy, +createdDate, +devicePostureChecks, +displayRemediationMode, +gracePeriod, +lastUpdate, +lastUpdatedBy, +platform +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: device_assurance_policies + props: + - name: subdomain + value: string + description: Required parameter for the device_assurance_policies resource. + - name: devicePostureChecks + value: object + description: > + Represents the Device Posture Checks configuration for the device assurance policy + + - name: displayRemediationMode + value: string + description: > + Represents the remediation mode of this device assurance policy when users are denied access due to device noncompliance + + valid_values: ['HIDE', 'SHOW'] + - name: gracePeriod + value: object + description: > + Represents the Grace Period configuration for the device assurance policy + + - name: name + value: string + description: > + Display name of the device assurance policy + + - name: platform + value: string + valid_values: ['ANDROID', 'CHROMEOS', 'IOS', 'MACOS', 'WINDOWS'] +``` + + + + +## `REPLACE` examples + + + + +Replaces a device assurance policy by `deviceAssuranceId` + +```sql +REPLACE okta.device_assurances.device_assurance_policies +SET +data__devicePostureChecks = '{{ devicePostureChecks }}', +data__displayRemediationMode = '{{ displayRemediationMode }}', +data__gracePeriod = '{{ gracePeriod }}', +data__name = '{{ name }}', +data__platform = '{{ platform }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +createdBy, +createdDate, +devicePostureChecks, +displayRemediationMode, +gracePeriod, +lastUpdate, +lastUpdatedBy, +platform; +``` + + + + +## `DELETE` examples + + + + +Deletes a device assurance policy by `deviceAssuranceId`. If the device assurance policy is currently being used in the org Authentication Policies, the delete will not be allowed. + +```sql +DELETE FROM okta.device_assurances.device_assurance_policies +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/device_assurances/index.md b/website/docs/services/device_assurances/index.md new file mode 100644 index 0000000..bd107dc --- /dev/null +++ b/website/docs/services/device_assurances/index.md @@ -0,0 +1,33 @@ +--- +title: device_assurances +hide_title: false +hide_table_of_contents: false +keywords: + - device_assurances + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +device_assurances service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+device_assurance_policies +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/device_integrations/device_integrations/index.md b/website/docs/services/device_integrations/device_integrations/index.md new file mode 100644 index 0000000..6c56edc --- /dev/null +++ b/website/docs/services/device_integrations/device_integrations/index.md @@ -0,0 +1,281 @@ +--- +title: device_integrations +hide_title: false +hide_table_of_contents: false +keywords: + - device_integrations + - device_integrations + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a device_integrations resource. + +## Overview + + + + +
Namedevice_integrations
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the device integration
stringThe namespace of the device integration
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe display name of the device integration
objectThe metadata of the device integration
string
stringThe status of the device integration
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the device integration
stringThe namespace of the device integration
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe display name of the device integration
objectThe metadata of the device integration
string
stringThe status of the device integration
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all device integrations for your org. Examples include Device Posture Provider, Windows Security Center, Chrome Device Trust, OSQuery, and Android Device Trust.
subdomainRetrieves a device integration by `deviceIntegrationId`
subdomainActivates a device integration and populates the related configurations by `deviceIntegrationId`
subdomainDeactivates a device integration by `deviceIntegrationId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all device integrations for your org. Examples include Device Posture Provider, Windows Security Center, Chrome Device Trust, OSQuery, and Android Device Trust. + +```sql +SELECT +id, +name, +_links, +displayName, +metadata, +platform, +status +FROM okta.device_integrations.device_integrations +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a device integration by `deviceIntegrationId` + +```sql +SELECT +id, +name, +_links, +displayName, +metadata, +platform, +status +FROM okta.device_integrations.device_integrations +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## Lifecycle Methods + + + + +Activates a device integration and populates the related configurations by `deviceIntegrationId` + +```sql +EXEC okta.device_integrations.device_integrations.activate_device_integration +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates a device integration by `deviceIntegrationId` + +```sql +EXEC okta.device_integrations.device_integrations.deactivate_device_integration +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/device_integrations/index.md b/website/docs/services/device_integrations/index.md new file mode 100644 index 0000000..131e459 --- /dev/null +++ b/website/docs/services/device_integrations/index.md @@ -0,0 +1,33 @@ +--- +title: device_integrations +hide_title: false +hide_table_of_contents: false +keywords: + - device_integrations + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +device_integrations service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+device_integrations +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/device_posture_checks/default_device_posture_checks/index.md b/website/docs/services/device_posture_checks/default_device_posture_checks/index.md new file mode 100644 index 0000000..ad8aed8 --- /dev/null +++ b/website/docs/services/device_posture_checks/default_device_posture_checks/index.md @@ -0,0 +1,204 @@ +--- +title: default_device_posture_checks +hide_title: false +hide_table_of_contents: false +keywords: + - default_device_posture_checks + - device_posture_checks + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a default_device_posture_checks resource. + +## Overview + + + + +
Namedefault_device_posture_checks
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the device posture check (example: dch3m8o4rWhwReDeM1c5)
stringDisplay name of the device posture check (example: Device posture check macOS)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringUser who created the device posture check (example: 00u217pyf72CdUrBt1c5)
stringTime the device posture check was created (example: 2019-10-02T18:03:07.000Z)
stringDescription of the device posture check (example: Query macOS devices to check if firewall is enabled)
stringTime the device posture check was updated (example: 2019-10-02T18:03:07.000Z)
stringUser who updated the device posture check (example: 00u217pyf72CdUrBt1c5)
stringRepresents how the device posture check is rendered in device assurance policies
string
stringOSQuery for the device posture check (example: SELECT CASE WHEN global_state = 0 THEN 0 ELSE 1 END AS firewall_enabled FROM alf;)
objectRepresents the remediation instructions shown to the end user when the device posture check fails
string
stringUnique name of the device posture check (example: macOSFirewall)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all default device posture checks. Default device posture checks are defined by Okta. Their type will always be `BUILTIN`.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all default device posture checks. Default device posture checks are defined by Okta. Their type will always be `BUILTIN`. + +```sql +SELECT +id, +name, +_links, +createdBy, +createdDate, +description, +lastUpdate, +lastUpdatedBy, +mappingType, +platform, +query, +remediationSettings, +type, +variableName +FROM okta.device_posture_checks.default_device_posture_checks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/device_posture_checks/device_posture_checks/index.md b/website/docs/services/device_posture_checks/device_posture_checks/index.md new file mode 100644 index 0000000..b4a5ec4 --- /dev/null +++ b/website/docs/services/device_posture_checks/device_posture_checks/index.md @@ -0,0 +1,511 @@ +--- +title: device_posture_checks +hide_title: false +hide_table_of_contents: false +keywords: + - device_posture_checks + - device_posture_checks + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a device_posture_checks resource. + +## Overview + + + + +
Namedevice_posture_checks
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the device posture check (example: dch3m8o4rWhwReDeM1c5)
stringDisplay name of the device posture check (example: Device posture check macOS)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringUser who created the device posture check (example: 00u217pyf72CdUrBt1c5)
stringTime the device posture check was created (example: 2019-10-02T18:03:07.000Z)
stringDescription of the device posture check (example: Query macOS devices to check if firewall is enabled)
stringTime the device posture check was updated (example: 2019-10-02T18:03:07.000Z)
stringUser who updated the device posture check (example: 00u217pyf72CdUrBt1c5)
stringRepresents how the device posture check is rendered in device assurance policies
string
stringOSQuery for the device posture check (example: SELECT CASE WHEN global_state = 0 THEN 0 ELSE 1 END AS firewall_enabled FROM alf;)
objectRepresents the remediation instructions shown to the end user when the device posture check fails
string
stringUnique name of the device posture check (example: macOSFirewall)
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the device posture check (example: dch3m8o4rWhwReDeM1c5)
stringDisplay name of the device posture check (example: Device posture check macOS)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringUser who created the device posture check (example: 00u217pyf72CdUrBt1c5)
stringTime the device posture check was created (example: 2019-10-02T18:03:07.000Z)
stringDescription of the device posture check (example: Query macOS devices to check if firewall is enabled)
stringTime the device posture check was updated (example: 2019-10-02T18:03:07.000Z)
stringUser who updated the device posture check (example: 00u217pyf72CdUrBt1c5)
stringRepresents how the device posture check is rendered in device assurance policies
string
stringOSQuery for the device posture check (example: SELECT CASE WHEN global_state = 0 THEN 0 ELSE 1 END AS firewall_enabled FROM alf;)
objectRepresents the remediation instructions shown to the end user when the device posture check fails
string
stringUnique name of the device posture check (example: macOSFirewall)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all device posture checks
subdomainRetrieves a device posture check by `postureCheckId`
subdomainCreates a device posture check
subdomainReplaces a device posture check by `postureCheckId`
subdomainDeletes a device posture check by `postureCheckId`. You can't delete the device posture check if it's used in a device assurance policy.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all device posture checks + +```sql +SELECT +id, +name, +_links, +createdBy, +createdDate, +description, +lastUpdate, +lastUpdatedBy, +mappingType, +platform, +query, +remediationSettings, +type, +variableName +FROM okta.device_posture_checks.device_posture_checks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a device posture check by `postureCheckId` + +```sql +SELECT +id, +name, +_links, +createdBy, +createdDate, +description, +lastUpdate, +lastUpdatedBy, +mappingType, +platform, +query, +remediationSettings, +type, +variableName +FROM okta.device_posture_checks.device_posture_checks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a device posture check + +```sql +INSERT INTO okta.device_posture_checks.device_posture_checks ( +data__description, +data__mappingType, +data__name, +data__platform, +data__query, +data__remediationSettings, +data__type, +data__variableName, +subdomain +) +SELECT +'{{ description }}', +'{{ mappingType }}', +'{{ name }}', +'{{ platform }}', +'{{ query }}', +'{{ remediationSettings }}', +'{{ type }}', +'{{ variableName }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +createdBy, +createdDate, +description, +lastUpdate, +lastUpdatedBy, +mappingType, +platform, +query, +remediationSettings, +type, +variableName +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: device_posture_checks + props: + - name: subdomain + value: string + description: Required parameter for the device_posture_checks resource. + - name: description + value: string + description: > + Description of the device posture check + + - name: mappingType + value: string + description: > + Represents how the device posture check is rendered in device assurance policies + + valid_values: ['CHECKBOX', 'TEXTBOX'] + - name: name + value: string + description: > + Display name of the device posture check + + - name: platform + value: string + valid_values: ['MACOS', 'WINDOWS'] + - name: query + value: string + description: > + OSQuery for the device posture check + + - name: remediationSettings + value: object + description: > + Represents the remediation instructions shown to the end user when the device posture check fails + + - name: type + value: string + valid_values: ['BUILTIN', 'CUSTOM'] + - name: variableName + value: string + description: > + Unique name of the device posture check + +``` + + + + +## `REPLACE` examples + + + + +Replaces a device posture check by `postureCheckId` + +```sql +REPLACE okta.device_posture_checks.device_posture_checks +SET +data__description = '{{ description }}', +data__mappingType = '{{ mappingType }}', +data__name = '{{ name }}', +data__platform = '{{ platform }}', +data__query = '{{ query }}', +data__remediationSettings = '{{ remediationSettings }}', +data__type = '{{ type }}', +data__variableName = '{{ variableName }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +createdBy, +createdDate, +description, +lastUpdate, +lastUpdatedBy, +mappingType, +platform, +query, +remediationSettings, +type, +variableName; +``` + + + + +## `DELETE` examples + + + + +Deletes a device posture check by `postureCheckId`. You can't delete the device posture check if it's used in a device assurance policy. + +```sql +DELETE FROM okta.device_posture_checks.device_posture_checks +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/device_posture_checks/index.md b/website/docs/services/device_posture_checks/index.md new file mode 100644 index 0000000..ff2f162 --- /dev/null +++ b/website/docs/services/device_posture_checks/index.md @@ -0,0 +1,33 @@ +--- +title: device_posture_checks +hide_title: false +hide_table_of_contents: false +keywords: + - device_posture_checks + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +device_posture_checks service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +
+
+default_device_posture_checks +
+
+device_posture_checks +
+
\ No newline at end of file diff --git a/website/docs/services/devices/device_users/index.md b/website/docs/services/devices/device_users/index.md new file mode 100644 index 0000000..8eaed6e --- /dev/null +++ b/website/docs/services/devices/device_users/index.md @@ -0,0 +1,146 @@ +--- +title: device_users +hide_title: false +hide_table_of_contents: false +keywords: + - device_users + - devices + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a device_users resource. + +## Overview + + + + +
Namedevice_users
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringTimestamp when device was created
stringThe management status of the device
stringScreen lock type of the device
object
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all Users for a device by `deviceId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all Users for a device by `deviceId` + +```sql +SELECT +created, +managementStatus, +screenLockType, +user +FROM okta.devices.device_users +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/devices/devices/index.md b/website/docs/services/devices/devices/index.md new file mode 100644 index 0000000..499b301 --- /dev/null +++ b/website/docs/services/devices/devices/index.md @@ -0,0 +1,408 @@ +--- +title: devices +hide_title: false +hide_table_of_contents: false +keywords: + - devices + - devices + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a devices resource. + +## Overview + + + + +
Namedevices
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key for the device
objectList of associated users for the device if the `expand=user` query parameter is specified in the request. Use `expand=userSummary` to get only a summary of each associated user for the device.
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the device was created
string (date-time)Timestamp when the device record was last updated. Updates occur when Okta collects and saves device signals during authentication, and when the lifecycle state of the device changes.
object
string
objectDisplay name of the device
stringAlternate key for the `id`
string (default: UDDevice)
stringThe state object of the device
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key for the device
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the device was created
string (date-time)Timestamp when the device record was last updated. Updates occur when Okta collects and saves device signals during authentication, and when the lifecycle state of the device changes.
object
string
objectDisplay name of the device
stringAlternate key for the `id`
string (default: UDDevice)
stringThe state object of the device
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limit, search, expandLists all devices with pagination support.

>**Note:** To list all devices enrolled by a user, use the [List all devices endpoint in the User Resources API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserDevices).

You can return a subset of devices that match a supported search criteria using the `search` query parameter.
Searches for devices based on the properties specified in the `search` parameter conforming SCIM filter specifications (case-insensitive). This data is eventually consistent. The API returns different results depending on specified queries in the request. Empty list is returned if no objects match `search` request.
> **Note:** Listing devices with `search` should not be used as a part of any critical flow, such as authentication or updates, to prevent potential data loss. `search` results may not reflect the latest information, as this endpoint uses a search index which may not be up-to-date with recent updates to the object.

Don't use search results directly for record updates, as the data might be stale and therefore overwrite newer data, resulting in data loss.

Use an `id` lookup for records that you update to ensure your results contain the latest data.

This operation requires [URL encoding](https://www.w3.org/TR/html4/interact/forms.html#h-17.13.4.1). For example, `search=profile.displayName eq "Bob"` is encoded as `search=profile.displayName%20eq%20%22Bob%22`.
subdomainRetrieves a device by `deviceId`
subdomainDeletes (permanently) a device by `deviceId` if it has a status of `DEACTIVATED`. You can transition the device to `DEACTIVATED` status using the [Deactivate a Device](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Device/#tag/Device/operation/deactivateDevice) endpoint.
This request is destructive and deletes all of the profile data related to the device. Once deleted, device data can't be recovered. However, reenrollment creates a new device record.
> **Note:** Attempts to delete a device that isn't in a `DEACTIVATED` state raise an error.
subdomainActivates a device by setting its status to `ACTIVE` by `deviceId`.
Activated devices are used to create and delete device user links.
subdomainDeactivates a device by setting its status to `DEACTIVATED` by `deviceId`.
Deactivation causes a device to lose all device user links. Set the device status to `DEACTIVATED` before deleting it.
> **Note:** When deactivating a Device, keep in mind the following:
- Device deactivation is a destructive operation for device factors and client certificates. Device reenrollment using Okta Verify allows end users to set up new factors on the device.
- Device deletion removes the device record from Okta. Reenrollment creates a new device record.
subdomainSuspends a device by setting its status to `SUSPENDED`.
Use suspended devices to create and delete device user links. You can only unsuspend or deactivate suspended devices.
> **Note:** `SUSPENDED` status is meant to be temporary, so it isn't destructive.
subdomainUnsuspends a device by returning its `status` to `ACTIVE`.
>**Note:** Only devices with a `SUSPENDED` status can be unsuspended.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
string
stringIncludes associated user details and management status for the device in the `_embedded` attribute
integerA limit on the number of objects to return (recommend `20`)
+ +## `SELECT` examples + + + + +Lists all devices with pagination support.

>**Note:** To list all devices enrolled by a user, use the [List all devices endpoint in the User Resources API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserDevices).

You can return a subset of devices that match a supported search criteria using the `search` query parameter.
Searches for devices based on the properties specified in the `search` parameter conforming SCIM filter specifications (case-insensitive). This data is eventually consistent. The API returns different results depending on specified queries in the request. Empty list is returned if no objects match `search` request.
> **Note:** Listing devices with `search` should not be used as a part of any critical flow, such as authentication or updates, to prevent potential data loss. `search` results may not reflect the latest information, as this endpoint uses a search index which may not be up-to-date with recent updates to the object.

Don't use search results directly for record updates, as the data might be stale and therefore overwrite newer data, resulting in data loss.

Use an `id` lookup for records that you update to ensure your results contain the latest data.

This operation requires [URL encoding](https://www.w3.org/TR/html4/interact/forms.html#h-17.13.4.1). For example, `search=profile.displayName eq "Bob"` is encoded as `search=profile.displayName%20eq%20%22Bob%22`. + +```sql +SELECT +id, +_embedded, +_links, +created, +lastUpdated, +profile, +resourceAlternateId, +resourceDisplayName, +resourceId, +resourceType, +status +FROM okta.devices.devices +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND search = '{{ search }}' +AND expand = '{{ expand }}'; +``` + + + +Retrieves a device by `deviceId` + +```sql +SELECT +id, +_links, +created, +lastUpdated, +profile, +resourceAlternateId, +resourceDisplayName, +resourceId, +resourceType, +status +FROM okta.devices.devices +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `DELETE` examples + + + + +Deletes (permanently) a device by `deviceId` if it has a status of `DEACTIVATED`. You can transition the device to `DEACTIVATED` status using the [Deactivate a Device](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Device/#tag/Device/operation/deactivateDevice) endpoint.
This request is destructive and deletes all of the profile data related to the device. Once deleted, device data can't be recovered. However, reenrollment creates a new device record.
> **Note:** Attempts to delete a device that isn't in a `DEACTIVATED` state raise an error. + +```sql +DELETE FROM okta.devices.devices +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates a device by setting its status to `ACTIVE` by `deviceId`.
Activated devices are used to create and delete device user links. + +```sql +EXEC okta.devices.devices.activate_device +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates a device by setting its status to `DEACTIVATED` by `deviceId`.
Deactivation causes a device to lose all device user links. Set the device status to `DEACTIVATED` before deleting it.
> **Note:** When deactivating a Device, keep in mind the following:
- Device deactivation is a destructive operation for device factors and client certificates. Device reenrollment using Okta Verify allows end users to set up new factors on the device.
- Device deletion removes the device record from Okta. Reenrollment creates a new device record. + +```sql +EXEC okta.devices.devices.deactivate_device +@subdomain='{{ subdomain }}' --required; +``` + + + +Suspends a device by setting its status to `SUSPENDED`.
Use suspended devices to create and delete device user links. You can only unsuspend or deactivate suspended devices.
> **Note:** `SUSPENDED` status is meant to be temporary, so it isn't destructive. + +```sql +EXEC okta.devices.devices.suspend_device +@subdomain='{{ subdomain }}' --required; +``` + + + +Unsuspends a device by returning its `status` to `ACTIVE`.
>**Note:** Only devices with a `SUSPENDED` status can be unsuspended. + +```sql +EXEC okta.devices.devices.unsuspend_device +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/devices/index.md b/website/docs/services/devices/index.md new file mode 100644 index 0000000..db93814 --- /dev/null +++ b/website/docs/services/devices/index.md @@ -0,0 +1,33 @@ +--- +title: devices +hide_title: false +hide_table_of_contents: false +keywords: + - devices + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +devices service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +
+
+device_users +
+
+devices +
+
\ No newline at end of file diff --git a/website/docs/services/directories/directories_integration/index.md b/website/docs/services/directories/directories_integration/index.md new file mode 100644 index 0000000..90e8832 --- /dev/null +++ b/website/docs/services/directories/directories_integration/index.md @@ -0,0 +1,104 @@ +--- +title: directories_integration +hide_title: false +hide_table_of_contents: false +keywords: + - directories_integration + - directories + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a directories_integration resource. + +## Overview + + + + +
Namedirectories_integration
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainUpdates an Active Directory group membership directly in Active Directory

> **Note:** See **Before you begin: Active Directory integration with the following setup** in the [Use Okta Access Certifications to manage AD group membership](https://help.okta.com/okta_help.htm?type=oie&id=ad-bidirectional-group-mgt-configure) product documentation.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `UPDATE` examples + + + + +Updates an Active Directory group membership directly in Active Directory

> **Note:** See **Before you begin: Active Directory integration with the following setup** in the [Use Okta Access Certifications to manage AD group membership](https://help.okta.com/okta_help.htm?type=oie&id=ad-bidirectional-group-mgt-configure) product documentation. + +```sql +UPDATE okta.directories.directories_integration +SET +data__id = '{{ id }}', +data__parameters = '{{ parameters }}' +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/directories/index.md b/website/docs/services/directories/index.md new file mode 100644 index 0000000..f8a976c --- /dev/null +++ b/website/docs/services/directories/index.md @@ -0,0 +1,33 @@ +--- +title: directories +hide_title: false +hide_table_of_contents: false +keywords: + - directories + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +directories service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+directories_integration +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/domains/custom_domains/index.md b/website/docs/services/domains/custom_domains/index.md new file mode 100644 index 0000000..a61885f --- /dev/null +++ b/website/docs/services/domains/custom_domains/index.md @@ -0,0 +1,396 @@ +--- +title: custom_domains +hide_title: false +hide_table_of_contents: false +keywords: + - custom_domains + - domains + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a custom_domains resource. + +## Overview + + + + +
Namecustom_domains
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + +
NameDatatypeDescription
arrayEach element of the array defines an individual domain.
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID of the domain (example: OcDz6iRyjkaCTXkdo0g3)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe ID number of the brand (example: bndul904tTZ6kWVhP0g3)
stringCertificate source type that indicates whether the certificate is provided by the user or Okta.
array
stringCustom domain name (example: login.example.com)
objectCertificate metadata for the domain
stringStatus of the domain (example: VERIFIED)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all verified custom domains for the org
subdomainRetrieves a custom domain by `domainId`
subdomainCreates your custom domain
subdomainReplaces a custom domain's brand
subdomainDeletes a custom domain by `domainId`
subdomainUpserts (creates or renews) the `MANUAL` certificate for the custom domain

> **Notes:**
> * If the existing `certificateSourceType` is `OKTA_MANAGED`, this operation changes the source type to `MANUAL`. Okta no longer manages and renews certificates for this domain after you provide a user-managed certificate.
> * Okta supports TLS certificates and private keys that are PEM-encoded and 2048, 3072, or 4096 bits. See the [Custom domain guide](https://developer.okta.com/docs/guides/custom-url-domain/main/) for more details.
subdomainVerifies the custom domain and validity of DNS records by `domainId`. Furthermore, if the `certificateSourceType` in the domain is `OKTA_MANAGED`, then an attempt is made to obtain and install a certificate. After a certificate is obtained and installed by Okta, Okta manages the certificate including certificate renewal.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all verified custom domains for the org + +```sql +SELECT +domains +FROM okta.domains.custom_domains +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a custom domain by `domainId` + +```sql +SELECT +id, +_links, +brandId, +certificateSourceType, +dnsRecords, +domain, +publicCertificate, +validationStatus +FROM okta.domains.custom_domains +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates your custom domain + +```sql +INSERT INTO okta.domains.custom_domains ( +data__certificateSourceType, +data__domain, +subdomain +) +SELECT +'{{ certificateSourceType }}' --required, +'{{ domain }}' --required, +'{{ subdomain }}' +RETURNING +id, +_links, +brandId, +certificateSourceType, +dnsRecords, +domain, +publicCertificate, +validationStatus +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: custom_domains + props: + - name: subdomain + value: string + description: Required parameter for the custom_domains resource. + - name: certificateSourceType + value: string + description: > + Certificate source type that indicates whether the certificate is provided by the user or Okta. + + valid_values: ['MANUAL', 'OKTA_MANAGED'] + - name: domain + value: string + description: > + Custom domain name + +``` + + + + +## `REPLACE` examples + + + + +Replaces a custom domain's brand + +```sql +REPLACE okta.domains.custom_domains +SET +data__brandId = '{{ brandId }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__brandId = '{{ brandId }}' --required +RETURNING +id, +_links, +brandId, +certificateSourceType, +dnsRecords, +domain, +publicCertificate, +validationStatus; +``` + + + + +## `DELETE` examples + + + + +Deletes a custom domain by `domainId` + +```sql +DELETE FROM okta.domains.custom_domains +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Upserts (creates or renews) the `MANUAL` certificate for the custom domain

> **Notes:**
> * If the existing `certificateSourceType` is `OKTA_MANAGED`, this operation changes the source type to `MANUAL`. Okta no longer manages and renews certificates for this domain after you provide a user-managed certificate.
> * Okta supports TLS certificates and private keys that are PEM-encoded and 2048, 3072, or 4096 bits. See the [Custom domain guide](https://developer.okta.com/docs/guides/custom-url-domain/main/) for more details. + +```sql +EXEC okta.domains.custom_domains.upsert_certificate +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"certificate": "{{ certificate }}", +"certificateChain": "{{ certificateChain }}", +"privateKey": "{{ privateKey }}", +"type": "{{ type }}" +}'; +``` + + + +Verifies the custom domain and validity of DNS records by `domainId`. Furthermore, if the `certificateSourceType` in the domain is `OKTA_MANAGED`, then an attempt is made to obtain and install a certificate. After a certificate is obtained and installed by Okta, Okta manages the certificate including certificate renewal. + +```sql +EXEC okta.domains.custom_domains.verify_domain +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/domains/index.md b/website/docs/services/domains/index.md new file mode 100644 index 0000000..bbddfde --- /dev/null +++ b/website/docs/services/domains/index.md @@ -0,0 +1,33 @@ +--- +title: domains +hide_title: false +hide_table_of_contents: false +keywords: + - domains + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +domains service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+custom_domains +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/email_domains/email_domains/index.md b/website/docs/services/email_domains/email_domains/index.md new file mode 100644 index 0000000..e77b0d3 --- /dev/null +++ b/website/docs/services/email_domains/email_domains/index.md @@ -0,0 +1,323 @@ +--- +title: email_domains +hide_title: false +hide_table_of_contents: false +keywords: + - email_domains + - email_domains + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an email_domains resource. + +## Overview + + + + +
Nameemail_domains
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
string
+ + + +Success + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all the Email Domains in your org
subdomainRetrieves an Email Domain by `emailDomainId`
subdomainCreates an Email Domain in your org
subdomainReplaces associated username and sender display name by `emailDomainId`
subdomainDeletes an Email Domain by `emailDomainId`
subdomainVerifies an Email Domain by `emailDomainId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all the Email Domains in your org + +```sql +SELECT +displayName, +userName +FROM okta.email_domains.email_domains +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves an Email Domain by `emailDomainId` + +```sql +SELECT +displayName, +userName +FROM okta.email_domains.email_domains +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates an Email Domain in your org + +```sql +INSERT INTO okta.email_domains.email_domains ( +data__displayName, +data__userName, +subdomain +) +SELECT +'{{ displayName }}' --required, +'{{ userName }}' --required, +'{{ subdomain }}' +RETURNING +displayName, +userName +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: email_domains + props: + - name: subdomain + value: string + description: Required parameter for the email_domains resource. + - name: displayName + value: string + - name: userName + value: string +``` + + + + +## `REPLACE` examples + + + + +Replaces associated username and sender display name by `emailDomainId` + +```sql +REPLACE okta.email_domains.email_domains +SET +data__displayName = '{{ displayName }}', +data__userName = '{{ userName }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__displayName = '{{ displayName }}' --required +AND data__userName = '{{ userName }}' --required +RETURNING +displayName, +userName; +``` + + + + +## `DELETE` examples + + + + +Deletes an Email Domain by `emailDomainId` + +```sql +DELETE FROM okta.email_domains.email_domains +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Verifies an Email Domain by `emailDomainId` + +```sql +EXEC okta.email_domains.email_domains.verify_email_domain +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/email_domains/index.md b/website/docs/services/email_domains/index.md new file mode 100644 index 0000000..dc6e178 --- /dev/null +++ b/website/docs/services/email_domains/index.md @@ -0,0 +1,33 @@ +--- +title: email_domains +hide_title: false +hide_table_of_contents: false +keywords: + - email_domains + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +email_domains service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+email_domains +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/email_servers/email_servers/index.md b/website/docs/services/email_servers/email_servers/index.md new file mode 100644 index 0000000..b83f50e --- /dev/null +++ b/website/docs/services/email_servers/email_servers/index.md @@ -0,0 +1,358 @@ +--- +title: email_servers +hide_title: false +hide_table_of_contents: false +keywords: + - email_servers + - email_servers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an email_servers resource. + +## Overview + + + + +
Nameemail_servers
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
array
+ + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
array
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all the enrolled custom SMTP server configurations
subdomainRetrieves the specified custom SMTP server configuration
subdomainCreates a custom email SMTP server configuration for your org
subdomainUpdates the specified custom SMTP server configuration
subdomainDeletes the specified custom SMTP server configuration
subdomainTests the specified custom SMTP Server configuration
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all the enrolled custom SMTP server configurations + +```sql +SELECT +email-servers +FROM okta.email_servers.email_servers +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves the specified custom SMTP server configuration + +```sql +SELECT +email-servers +FROM okta.email_servers.email_servers +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a custom email SMTP server configuration for your org + +```sql +INSERT INTO okta.email_servers.email_servers ( +data__alias, +data__enabled, +data__host, +data__port, +data__username, +data__password, +subdomain +) +SELECT +'{{ alias }}' --required, +{{ enabled }}, +'{{ host }}' --required, +{{ port }} --required, +'{{ username }}' --required, +'{{ password }}' --required, +'{{ subdomain }}' +RETURNING +id, +alias, +enabled, +host, +port, +username +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: email_servers + props: + - name: subdomain + value: string + description: Required parameter for the email_servers resource. + - name: alias + value: string + description: > + Human-readable name for your SMTP server + + - name: enabled + value: boolean + description: > + If `true`, routes all email traffic through your SMTP server + + - name: host + value: string + description: > + Hostname or IP address of your SMTP server + + - name: port + value: integer + description: > + Port number of your SMTP server + + - name: username + value: string + description: > + Username used to access your SMTP server + + - name: password + value: string + description: > + Password used to access your SMTP server + +``` + + + + +## `UPDATE` examples + + + + +Updates the specified custom SMTP server configuration + +```sql +UPDATE okta.email_servers.email_servers +SET +data__alias = '{{ alias }}', +data__enabled = {{ enabled }}, +data__host = '{{ host }}', +data__port = {{ port }}, +data__username = '{{ username }}', +data__password = '{{ password }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +alias, +enabled, +host, +port, +username; +``` + + + + +## `DELETE` examples + + + + +Deletes the specified custom SMTP server configuration + +```sql +DELETE FROM okta.email_servers.email_servers +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Tests the specified custom SMTP Server configuration + +```sql +EXEC okta.email_servers.email_servers.test_email_server +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"from": "{{ from }}", +"to": "{{ to }}" +}'; +``` + + diff --git a/website/docs/services/email_servers/index.md b/website/docs/services/email_servers/index.md new file mode 100644 index 0000000..287fc9b --- /dev/null +++ b/website/docs/services/email_servers/index.md @@ -0,0 +1,33 @@ +--- +title: email_servers +hide_title: false +hide_table_of_contents: false +keywords: + - email_servers + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +email_servers service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+email_servers +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/eventhooks/event_hooks/index.md b/website/docs/services/eventhooks/event_hooks/index.md new file mode 100644 index 0000000..8e7ce26 --- /dev/null +++ b/website/docs/services/eventhooks/event_hooks/index.md @@ -0,0 +1,502 @@ +--- +title: event_hooks +hide_title: false +hide_table_of_contents: false +keywords: + - event_hooks + - eventhooks + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an event_hooks resource. + +## Overview + + + + +
Nameevent_hooks
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key for the event hook
stringDisplay name for the event hook
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object
string (date-time)Timestamp of the event hook creation
stringThe ID of the user who created the event hook
stringDescription of the event hook
object
string (date-time)Date of the last event hook update
stringStatus of the event hook
stringVerification status of the event hook. `UNVERIFIED` event hooks won't receive any events.
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key for the event hook
stringDisplay name for the event hook
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object
string (date-time)Timestamp of the event hook creation
stringThe ID of the user who created the event hook
stringDescription of the event hook
object
string (date-time)Date of the last event hook update
stringStatus of the event hook
stringVerification status of the event hook. `UNVERIFIED` event hooks won't receive any events.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all event hooks
subdomainRetrieves an event hook
subdomainCreates a new event hook for your organization in `ACTIVE` status. You pass an event hook object in the JSON payload
of your request. That object represents the set of required information about the event hook you're registering, including:
* The URI of your external service
* The [events](https://developer.okta.com/docs/reference/api/event-types/) in Okta you want to subscribe to
* An optional event hook filter that can reduce the number of event hook calls. This is a self-service Early Access (EA) feature.
See [Create an event hook filter](https://developer.okta.com/docs/concepts/event-hooks/#create-an-event-hook-filter).

Additionally, you can specify a secret API key for Okta to pass to your external service endpoint for security verification. Note that the API key you set here is unrelated to the Okta API token
you must supply when making calls to Okta APIs. Optionally, you can specify extra headers that Okta passes to your external
service with each call.
Your external service must use a valid HTTPS endpoint.
subdomainReplaces an event hook. Okta validates the new properties before replacing the existing values.
Some event hook properties are immutable and can't be updated. Refer to the parameter description in the request body schema.

>**Note:** Updating the `channel` property requires you to verify the hook again.
subdomainDeletes the event hook that matches the provided `id`. After deletion, the event hook is unrecoverable.
As a safety precaution, you can only delete event hooks with a status of `INACTIVE`.
subdomainActivates the event hook that matches the provided `id`
subdomainDeactivates the event hook that matches the provided `id`
subdomainVerifies that the event hook matches the provided `eventHookId`. To verify ownership, your endpoint must send information back to Okta in JSON format. See [Event hooks](https://developer.okta.com/docs/concepts/event-hooks/#one-time-verification-request).

Only `ACTIVE` and `VERIFIED` event hooks can receive events from Okta.

If a response is not received within 3 seconds, the outbound request times out. One retry is attempted after a timeout or error response.
If a successful response still isn't received, this operation returns a 400 error with more information about the failure.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all event hooks + +```sql +SELECT +id, +name, +_links, +channel, +created, +createdBy, +description, +events, +lastUpdated, +status, +verificationStatus +FROM okta.eventhooks.event_hooks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves an event hook + +```sql +SELECT +id, +name, +_links, +channel, +created, +createdBy, +description, +events, +lastUpdated, +status, +verificationStatus +FROM okta.eventhooks.event_hooks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new event hook for your organization in `ACTIVE` status. You pass an event hook object in the JSON payload
of your request. That object represents the set of required information about the event hook you're registering, including:
* The URI of your external service
* The [events](https://developer.okta.com/docs/reference/api/event-types/) in Okta you want to subscribe to
* An optional event hook filter that can reduce the number of event hook calls. This is a self-service Early Access (EA) feature.
See [Create an event hook filter](https://developer.okta.com/docs/concepts/event-hooks/#create-an-event-hook-filter).

Additionally, you can specify a secret API key for Okta to pass to your external service endpoint for security verification. Note that the API key you set here is unrelated to the Okta API token
you must supply when making calls to Okta APIs. Optionally, you can specify extra headers that Okta passes to your external
service with each call.
Your external service must use a valid HTTPS endpoint. + +```sql +INSERT INTO okta.eventhooks.event_hooks ( +data__channel, +data__description, +data__events, +data__name, +subdomain +) +SELECT +'{{ channel }}' --required, +'{{ description }}', +'{{ events }}' --required, +'{{ name }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +channel, +created, +createdBy, +description, +events, +lastUpdated, +status, +verificationStatus +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: event_hooks + props: + - name: subdomain + value: string + description: Required parameter for the event_hooks resource. + - name: channel + value: object + - name: description + value: string + description: > + Description of the event hook + + - name: events + value: object + - name: name + value: string + description: > + Display name for the event hook + +``` + + + + +## `REPLACE` examples + + + + +Replaces an event hook. Okta validates the new properties before replacing the existing values.
Some event hook properties are immutable and can't be updated. Refer to the parameter description in the request body schema.

>**Note:** Updating the `channel` property requires you to verify the hook again. + +```sql +REPLACE okta.eventhooks.event_hooks +SET +data__channel = '{{ channel }}', +data__description = '{{ description }}', +data__events = '{{ events }}', +data__name = '{{ name }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +AND data__events = '{{ events }}' --required +AND data__channel = '{{ channel }}' --required +RETURNING +id, +name, +_links, +channel, +created, +createdBy, +description, +events, +lastUpdated, +status, +verificationStatus; +``` + + + + +## `DELETE` examples + + + + +Deletes the event hook that matches the provided `id`. After deletion, the event hook is unrecoverable.
As a safety precaution, you can only delete event hooks with a status of `INACTIVE`. + +```sql +DELETE FROM okta.eventhooks.event_hooks +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates the event hook that matches the provided `id` + +```sql +EXEC okta.eventhooks.event_hooks.activate_event_hook +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates the event hook that matches the provided `id` + +```sql +EXEC okta.eventhooks.event_hooks.deactivate_event_hook +@subdomain='{{ subdomain }}' --required; +``` + + + +Verifies that the event hook matches the provided `eventHookId`. To verify ownership, your endpoint must send information back to Okta in JSON format. See [Event hooks](https://developer.okta.com/docs/concepts/event-hooks/#one-time-verification-request).

Only `ACTIVE` and `VERIFIED` event hooks can receive events from Okta.

If a response is not received within 3 seconds, the outbound request times out. One retry is attempted after a timeout or error response.
If a successful response still isn't received, this operation returns a 400 error with more information about the failure. + +```sql +EXEC okta.eventhooks.event_hooks.verify_event_hook +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/eventhooks/index.md b/website/docs/services/eventhooks/index.md new file mode 100644 index 0000000..5414faf --- /dev/null +++ b/website/docs/services/eventhooks/index.md @@ -0,0 +1,33 @@ +--- +title: eventhooks +hide_title: false +hide_table_of_contents: false +keywords: + - eventhooks + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +eventhooks service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+event_hooks +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/features/feature_dependencies/index.md b/website/docs/services/features/feature_dependencies/index.md new file mode 100644 index 0000000..0813f71 --- /dev/null +++ b/website/docs/services/features/feature_dependencies/index.md @@ -0,0 +1,164 @@ +--- +title: feature_dependencies +hide_title: false +hide_table_of_contents: false +keywords: + - feature_dependencies + - features + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a feature_dependencies resource. + +## Overview + + + + +
Namefeature_dependencies
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for this feature
stringName of the feature
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringBrief description of the feature and what it provides
objectCurrent release cycle stage of a feature If a feature's stage value is `EA`, the state is `null` and not returned. If the value is `BETA`, the state is `OPEN` or `CLOSED` depending on whether the `BETA` feature is manageable. > **Note:** If a feature's stage is `OPEN BETA`, you can update it only in Preview cells. If a feature's stage is `CLOSED BETA`, you can disable it only in Preview cells.
stringSetting status
stringType of feature
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all feature dependencies for a specified feature.

A feature's dependencies are the features that it requires to be enabled in order for itself to be enabled.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all feature dependencies for a specified feature.

A feature's dependencies are the features that it requires to be enabled in order for itself to be enabled. + +```sql +SELECT +id, +name, +_links, +description, +stage, +status, +type +FROM okta.features.feature_dependencies +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/features/feature_dependents/index.md b/website/docs/services/features/feature_dependents/index.md new file mode 100644 index 0000000..4afe161 --- /dev/null +++ b/website/docs/services/features/feature_dependents/index.md @@ -0,0 +1,164 @@ +--- +title: feature_dependents +hide_title: false +hide_table_of_contents: false +keywords: + - feature_dependents + - features + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a feature_dependents resource. + +## Overview + + + + +
Namefeature_dependents
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for this feature
stringName of the feature
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringBrief description of the feature and what it provides
objectCurrent release cycle stage of a feature If a feature's stage value is `EA`, the state is `null` and not returned. If the value is `BETA`, the state is `OPEN` or `CLOSED` depending on whether the `BETA` feature is manageable. > **Note:** If a feature's stage is `OPEN BETA`, you can update it only in Preview cells. If a feature's stage is `CLOSED BETA`, you can disable it only in Preview cells.
stringSetting status
stringType of feature
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all feature dependents for the specified feature.

A feature's dependents are the features that need to be disabled in order for the feature itself to be disabled.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all feature dependents for the specified feature.

A feature's dependents are the features that need to be disabled in order for the feature itself to be disabled. + +```sql +SELECT +id, +name, +_links, +description, +stage, +status, +type +FROM okta.features.feature_dependents +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/features/features/index.md b/website/docs/services/features/features/index.md new file mode 100644 index 0000000..3c393d7 --- /dev/null +++ b/website/docs/services/features/features/index.md @@ -0,0 +1,274 @@ +--- +title: features +hide_title: false +hide_table_of_contents: false +keywords: + - features + - features + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a features resource. + +## Overview + + + + +
Namefeatures
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for this feature
stringName of the feature
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringBrief description of the feature and what it provides
objectCurrent release cycle stage of a feature If a feature's stage value is `EA`, the state is `null` and not returned. If the value is `BETA`, the state is `OPEN` or `CLOSED` depending on whether the `BETA` feature is manageable. > **Note:** If a feature's stage is `OPEN BETA`, you can update it only in Preview cells. If a feature's stage is `CLOSED BETA`, you can disable it only in Preview cells.
stringSetting status
stringType of feature
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for this feature
stringName of the feature
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringBrief description of the feature and what it provides
objectCurrent release cycle stage of a feature If a feature's stage value is `EA`, the state is `null` and not returned. If the value is `BETA`, the state is `OPEN` or `CLOSED` depending on whether the `BETA` feature is manageable. > **Note:** If a feature's stage is `OPEN BETA`, you can update it only in Preview cells. If a feature's stage is `CLOSED BETA`, you can disable it only in Preview cells.
stringSetting status
stringType of feature
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all self-service features for your org
subdomainRetrieves a feature by ID
subdomainmodeUpdates a feature's lifecycle status. Use this endpoint to enable or disable a feature for your org.

Use the `mode=force` parameter to override dependency restrictions for a particular feature. Normally, you can't enable a feature if it has one or more dependencies that aren't enabled.

When you use the `mode=force` parameter while enabling a feature, Okta first tries to enable any disabled features that this feature may have as dependencies. If you don't pass the `mode=force` parameter and the feature has dependencies that need to be enabled before the feature is enabled, a 400 error is returned.

When you use the `mode=force` parameter while disabling a feature, Okta first tries to disable any enabled features that this feature may have as dependents. If you don't pass the `mode=force` parameter and the feature has dependents that need to be disabled before the feature is disabled, a 400 error is returned.

The following chart shows the different state transitions for a feature.

![State transitions of a feature](/img/update-ssfeat-flowchart.png '#width=500px;')
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringIndicates if you want to force enable or disable a feature. Supported value is `force`.
+ +## `SELECT` examples + + + + +Lists all self-service features for your org + +```sql +SELECT +id, +name, +_links, +description, +stage, +status, +type +FROM okta.features.features +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a feature by ID + +```sql +SELECT +id, +name, +_links, +description, +stage, +status, +type +FROM okta.features.features +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## Lifecycle Methods + + + + +Updates a feature's lifecycle status. Use this endpoint to enable or disable a feature for your org.

Use the `mode=force` parameter to override dependency restrictions for a particular feature. Normally, you can't enable a feature if it has one or more dependencies that aren't enabled.

When you use the `mode=force` parameter while enabling a feature, Okta first tries to enable any disabled features that this feature may have as dependencies. If you don't pass the `mode=force` parameter and the feature has dependencies that need to be enabled before the feature is enabled, a 400 error is returned.

When you use the `mode=force` parameter while disabling a feature, Okta first tries to disable any enabled features that this feature may have as dependents. If you don't pass the `mode=force` parameter and the feature has dependents that need to be disabled before the feature is disabled, a 400 error is returned.

The following chart shows the different state transitions for a feature.

![State transitions of a feature](/img/update-ssfeat-flowchart.png '#width=500px;') + +```sql +EXEC okta.features.features.update_feature_lifecycle +@subdomain='{{ subdomain }}' --required, +@mode='{{ mode }}'; +``` + + diff --git a/website/docs/services/features/index.md b/website/docs/services/features/index.md new file mode 100644 index 0000000..2c25bbd --- /dev/null +++ b/website/docs/services/features/index.md @@ -0,0 +1,34 @@ +--- +title: features +hide_title: false +hide_table_of_contents: false +keywords: + - features + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +features service documentation. + +:::info[Service Summary] + +total resources: __3__ + +::: + +## Resources +
+
+feature_dependencies
+feature_dependents +
+
+features +
+
\ No newline at end of file diff --git a/website/docs/services/first_party_app_settings/first_party_app_settings/index.md b/website/docs/services/first_party_app_settings/first_party_app_settings/index.md new file mode 100644 index 0000000..9f9c002 --- /dev/null +++ b/website/docs/services/first_party_app_settings/first_party_app_settings/index.md @@ -0,0 +1,166 @@ +--- +title: first_party_app_settings +hide_title: false +hide_table_of_contents: false +keywords: + - first_party_app_settings + - first_party_app_settings + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a first_party_app_settings resource. + +## Overview + + + + +
Namefirst_party_app_settings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
integerThe maximum idle time before the Okta Admin Console session expires. Must be no more than 12 hours.
integerThe absolute maximum session lifetime of the Okta Admin Console. Must be no more than 7 days.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the settings for an Okta app (also known as an Okta first-party app)
subdomainReplaces the settings for an Okta app (also known as an Okta first-party app)
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the settings for an Okta app (also known as an Okta first-party app) + +```sql +SELECT +sessionIdleTimeoutMinutes, +sessionMaxLifetimeMinutes +FROM okta.first_party_app_settings.first_party_app_settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the settings for an Okta app (also known as an Okta first-party app) + +```sql +REPLACE okta.first_party_app_settings.first_party_app_settings +SET +data__sessionIdleTimeoutMinutes = {{ sessionIdleTimeoutMinutes }}, +data__sessionMaxLifetimeMinutes = {{ sessionMaxLifetimeMinutes }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +sessionIdleTimeoutMinutes, +sessionMaxLifetimeMinutes; +``` + + diff --git a/website/docs/services/first_party_app_settings/index.md b/website/docs/services/first_party_app_settings/index.md new file mode 100644 index 0000000..4cbba2b --- /dev/null +++ b/website/docs/services/first_party_app_settings/index.md @@ -0,0 +1,33 @@ +--- +title: first_party_app_settings +hide_title: false +hide_table_of_contents: false +keywords: + - first_party_app_settings + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +first_party_app_settings service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+first_party_app_settings +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/groups/app_instance_targets/index.md b/website/docs/services/groups/app_instance_targets/index.md new file mode 100644 index 0000000..fae464c --- /dev/null +++ b/website/docs/services/groups/app_instance_targets/index.md @@ -0,0 +1,130 @@ +--- +title: app_instance_targets +hide_title: false +hide_table_of_contents: false +keywords: + - app_instance_targets + - groups + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an app_instance_targets resource. + +## Overview + + + + +
Nameapp_instance_targets
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainAssigns an app instance target to an `APP_ADMIN` role assignment to a group. When you assign the first OIN app or app instance target, you reduce the scope of the role assignment.
The role no longer applies to all app targets, but applies only to the specified target.

> **Note:** You can target a mixture of both OIN app and app instance targets, but you can't assign permissions to manage all instances of an OIN app and then assign a subset of permissions to the same app.
> For example, you can't specify that an admin has access to manage all instances of the Salesforce app and then also manage specific configurations of the Salesforce app.
subdomainUnassigns an app instance target from an `APP_ADMIN` role assignment to a group

> **Note:** You can't remove the last app instance target from a role assignment.
> If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment with the target and create another one. See [Unassign a group role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentBGroup/#tag/RoleAssignmentBGroup/operation/unassignRoleFromGroup).
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `REPLACE` examples + + + + +Assigns an app instance target to an `APP_ADMIN` role assignment to a group. When you assign the first OIN app or app instance target, you reduce the scope of the role assignment.
The role no longer applies to all app targets, but applies only to the specified target.

> **Note:** You can target a mixture of both OIN app and app instance targets, but you can't assign permissions to manage all instances of an OIN app and then assign a subset of permissions to the same app.
> For example, you can't specify that an admin has access to manage all instances of the Salesforce app and then also manage specific configurations of the Salesforce app. + +```sql +REPLACE okta.groups.app_instance_targets +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + + + +## `DELETE` examples + + + + +Unassigns an app instance target from an `APP_ADMIN` role assignment to a group

> **Note:** You can't remove the last app instance target from a role assignment.
> If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment with the target and create another one. See [Unassign a group role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentBGroup/#tag/RoleAssignmentBGroup/operation/unassignRoleFromGroup). + +```sql +DELETE FROM okta.groups.app_instance_targets +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/groups/app_targets/index.md b/website/docs/services/groups/app_targets/index.md new file mode 100644 index 0000000..730b692 --- /dev/null +++ b/website/docs/services/groups/app_targets/index.md @@ -0,0 +1,263 @@ +--- +title: app_targets +hide_title: false +hide_table_of_contents: false +keywords: + - app_targets + - groups + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an app_targets resource. + +## Overview + + + + +
Nameapp_targets
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the app instance. Okta returns this property only for apps not in the OIN catalog.
stringApp key name. For OIN catalog apps, this is a unique key for the app definition.
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
stringCategory for the app in the OIN catalog (example: SOCIAL)
stringDescription of the app in the OIN catalog
stringOIN catalog app display name
arrayFeatures supported by the app. See app [features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/features&t=response).
string (date-time)Timestamp when the object was last updated (example: 2024-09-19T23:37:37.000Z)
arrayAuthentication mode for the app. See app [signOnMode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/signOnMode&t=response).
stringApp status
stringOIN verification status of the catalog app (example: OKTA_VERIFIED)
stringWebsite of the OIN catalog app
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all app targets for an `APP_ADMIN` role assignment to a group. The response includes a list of OIN-cataloged apps or app instances. The response payload for an app instance contains the `id` property, but an OIN-cataloged app doesn't.
subdomainAssigns an OIN app target to an `APP_ADMIN` role assignment to a group. When you assign the first OIN app target, you reduce the scope of the role assignment. The role no longer applies to all app targets, but applies only to the specified target. An OIN app target that's assigned to the role overrides any existing instance targets of the OIN app. For example, if a user is assigned to administer a specific Facebook instance, a successful request to add an OIN app with `facebook` for `appName` makes that user the administrator for all Facebook instances.
subdomainUnassigns an OIN app target from an `APP_ADMIN` role assignment to a group

> **Note:** You can't remove the last app target from a role assignment.
> If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment with the target and create another one. See [Unassign a group role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentBGroup/#tag/RoleAssignmentBGroup/operation/unassignRoleFromGroup).
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all app targets for an `APP_ADMIN` role assignment to a group. The response includes a list of OIN-cataloged apps or app instances. The response payload for an app instance contains the `id` property, but an OIN-cataloged app doesn't. + +```sql +SELECT +id, +name, +_links, +category, +description, +displayName, +features, +lastUpdated, +signOnModes, +status, +verificationStatus, +website +FROM okta.groups.app_targets +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + + +## `REPLACE` examples + + + + +Assigns an OIN app target to an `APP_ADMIN` role assignment to a group. When you assign the first OIN app target, you reduce the scope of the role assignment. The role no longer applies to all app targets, but applies only to the specified target. An OIN app target that's assigned to the role overrides any existing instance targets of the OIN app. For example, if a user is assigned to administer a specific Facebook instance, a successful request to add an OIN app with `facebook` for `appName` makes that user the administrator for all Facebook instances. + +```sql +REPLACE okta.groups.app_targets +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + + + +## `DELETE` examples + + + + +Unassigns an OIN app target from an `APP_ADMIN` role assignment to a group

> **Note:** You can't remove the last app target from a role assignment.
> If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment with the target and create another one. See [Unassign a group role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentBGroup/#tag/RoleAssignmentBGroup/operation/unassignRoleFromGroup).
+ +```sql +DELETE FROM okta.groups.app_targets +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/groups/assigned_apps/index.md b/website/docs/services/groups/assigned_apps/index.md new file mode 100644 index 0000000..b56b7fc --- /dev/null +++ b/website/docs/services/groups/assigned_apps/index.md @@ -0,0 +1,224 @@ +--- +title: assigned_apps +hide_title: false +hide_table_of_contents: false +keywords: + - assigned_apps + - groups + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an assigned_apps resource. + +## Overview + + + + +
Nameassigned_apps
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID for the app instance
objectEmbedded resources related to the app using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. If the `expand=user/{userId}` query parameter is specified, then the assigned [Application User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) is embedded.
objectDiscoverable resources related to the app
objectSpecifies access settings for the app
string (date-time)Timestamp when the application object was created
arrayEnabled app features > **Note:** See [Application Features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationFeatures/) for app provisioning features.
stringUser-defined display name for app
string (date-time)Timestamp when the application object was last updated
objectLicenses for the app
stringThe Okta resource name (ORN) for the current app instance
objectContains any valid JSON schema for specifying properties that can be referenced from a request (only available to OAuth 2.0 client apps). For example, add an app manager contact email address or define an allowlist of groups that you can then reference using the Okta Expression Language `getFilteredGroups` function. > **Notes:** > * `profile` isn't encrypted, so don't store sensitive data in it. > * `profile` doesn't limit the level of nesting in the JSON schema you created, but there is a practical size limit. Okta recommends a JSON schema size of 1 MB or less for best performance.
stringAuthentication mode for the app | signOnMode | Description | | ---------- | ----------- | | AUTO_LOGIN | Secure Web Authentication (SWA) | | BASIC_AUTH | HTTP Basic Authentication with Okta Browser Plugin | | BOOKMARK | Just a bookmark (no-authentication) | | BROWSER_PLUGIN | Secure Web Authentication (SWA) with Okta Browser Plugin | | OPENID_CONNECT | Federated Authentication with OpenID Connect (OIDC) | | SAML_1_1 | Federated Authentication with SAML 1.1 WebSSO (not supported for custom apps) | | SAML_2_0 | Federated Authentication with SAML 2.0 WebSSO | | SECURE_PASSWORD_STORE | Secure Web Authentication (SWA) with POST (plugin not required) | | WS_FEDERATION | Federated Authentication with WS-Federation Passive Requestor Profile | Select the `signOnMode` for your custom app:
stringApp instance status
object<div class="x-lifecycle-container"><x-lifecycle class="oie"></x-lifecycle></div> Universal Logout properties for the app. These properties are only returned and can't be updated. (example: ACTIVE)
objectSpecifies visibility settings for the app
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all apps that are assigned to a group. See [Application Groups API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationGroups/).
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of apps
integer (int32)Specifies the number of app results for a page
+ +## `SELECT` examples + + + + +Lists all apps that are assigned to a group. See [Application Groups API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationGroups/). + +```sql +SELECT +id, +_embedded, +_links, +accessibility, +created, +features, +label, +lastUpdated, +licensing, +orn, +profile, +signOnMode, +status, +universalLogout, +visibility +FROM okta.groups.assigned_apps +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + diff --git a/website/docs/services/groups/assigned_roles/index.md b/website/docs/services/groups/assigned_roles/index.md new file mode 100644 index 0000000..1cdbd0a --- /dev/null +++ b/website/docs/services/groups/assigned_roles/index.md @@ -0,0 +1,245 @@ +--- +title: assigned_roles +hide_title: false +hide_table_of_contents: false +keywords: + - assigned_roles + - groups + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an assigned_roles resource. + +## Overview + + + + +
Nameassigned_roles
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + +
NameDatatypeDescription
+ + + +Success + + + + + + + + + + + +
NameDatatypeDescription
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainexpandLists all assigned roles of a group by `groupId`
subdomainRetrieves a role assigned to a group (identified by the `groupId`). The `roleAssignmentId` is the unique identifier for either a standard role group assignment object or a custom role resource set binding object.
subdomaindisableNotificationsAssigns a [standard role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles) to a group.

You can also assign a custom role to a group, but the preferred method to assign a custom role to a group is to create a binding between the custom role, the resource set, and the group. See [Create a role resource set binding](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding).

> **Notes:**
> * The request payload is different for standard and custom role assignments.
> * For IAM-based standard role assignments, use the request payload for standard roles. However, the response payload for IAM-based role assignments is similar to the custom role's assignment response.
subdomainUnassigns a role assignment (identified by `roleAssignmentId`) from a group (identified by the `groupId`)
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
booleanGrants the group third-party admin status when set to `true`
stringAn optional parameter used to return targets configured for the standard role assignment in the `embedded` property. Supported values: `targets/groups` or `targets/catalog/apps`
+ +## `SELECT` examples + + + + +Lists all assigned roles of a group by `groupId` + +```sql +SELECT +* +FROM okta.groups.assigned_roles +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + +Retrieves a role assigned to a group (identified by the `groupId`). The `roleAssignmentId` is the unique identifier for either a standard role group assignment object or a custom role resource set binding object. + +```sql +SELECT +* +FROM okta.groups.assigned_roles +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Assigns a [standard role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles) to a group.

You can also assign a custom role to a group, but the preferred method to assign a custom role to a group is to create a binding between the custom role, the resource set, and the group. See [Create a role resource set binding](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding).

> **Notes:**
> * The request payload is different for standard and custom role assignments.
> * For IAM-based standard role assignments, use the request payload for standard roles. However, the response payload for IAM-based role assignments is similar to the custom role's assignment response. + +```sql +INSERT INTO okta.groups.assigned_roles ( +subdomain, +disableNotifications +) +SELECT +'{{ subdomain }}', +'{{ disableNotifications }}' +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: assigned_roles + props: + - name: subdomain + value: string + description: Required parameter for the assigned_roles resource. + - name: disableNotifications + value: boolean + description: Grants the group third-party admin status when set to `true` +``` + + + + +## `DELETE` examples + + + + +Unassigns a role assignment (identified by `roleAssignmentId`) from a group (identified by the `groupId`) + +```sql +DELETE FROM okta.groups.assigned_roles +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/groups/group_targets/index.md b/website/docs/services/groups/group_targets/index.md new file mode 100644 index 0000000..0539905 --- /dev/null +++ b/website/docs/services/groups/group_targets/index.md @@ -0,0 +1,245 @@ +--- +title: group_targets +hide_title: false +hide_table_of_contents: false +keywords: + - group_targets + - groups + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a group_targets resource. + +## Overview + + + + +
Namegroup_targets
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID for the group (example: 0gabcd1234)
objectEmbedded resources related to the group
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the group was created
string (date-time)Timestamp when the groups memberships were last updated
string (date-time)Timestamp when the group's profile was last updated
arrayDetermines the group's `profile`
Specifies required and optional properties for a group. The `objectClass` of a group determines which additional properties are available. You can extend group profiles with custom properties, but you must first add the properties to the group profile schema before you can reference them. Use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to manage schema extensions. Custom properties can contain HTML tags. It is the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting.
stringDetermines how a group's profile and memberships are managed
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all group targets for a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a group.
If the role isn't scoped to specific group targets, Okta returns an empty array `[]`.
subdomainAssigns a group target to a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a group.
When you assign the first group target, you reduce the scope of the role assignment. The role no longer applies to all targets but applies only to the specified target.
subdomainUnassigns a group target from a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a group.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all group targets for a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a group.
If the role isn't scoped to specific group targets, Okta returns an empty array `[]`. + +```sql +SELECT +id, +_embedded, +_links, +created, +lastMembershipUpdated, +lastUpdated, +objectClass, +profile, +type +FROM okta.groups.group_targets +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + + +## `REPLACE` examples + + + + +Assigns a group target to a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a group.
When you assign the first group target, you reduce the scope of the role assignment. The role no longer applies to all targets but applies only to the specified target. + +```sql +REPLACE okta.groups.group_targets +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + + + +## `DELETE` examples + + + + +Unassigns a group target from a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a group. + +```sql +DELETE FROM okta.groups.group_targets +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/groups/groups/index.md b/website/docs/services/groups/groups/index.md new file mode 100644 index 0000000..358cbd9 --- /dev/null +++ b/website/docs/services/groups/groups/index.md @@ -0,0 +1,443 @@ +--- +title: groups +hide_title: false +hide_table_of_contents: false +keywords: + - groups + - groups + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a groups resource. + +## Overview + + + + +
Namegroups
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID for the group (example: 0gabcd1234)
objectEmbedded resources related to the group
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the group was created
string (date-time)Timestamp when the groups memberships were last updated
string (date-time)Timestamp when the group's profile was last updated
arrayDetermines the group's `profile`
Specifies required and optional properties for a group. The `objectClass` of a group determines which additional properties are available. You can extend group profiles with custom properties, but you must first add the properties to the group profile schema before you can reference them. Use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to manage schema extensions. Custom properties can contain HTML tags. It is the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting.
stringDetermines how a group's profile and memberships are managed
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID for the group (example: 0gabcd1234)
objectEmbedded resources related to the group
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the group was created
string (date-time)Timestamp when the groups memberships were last updated
string (date-time)Timestamp when the group's profile was last updated
arrayDetermines the group's `profile`
Specifies required and optional properties for a group. The `objectClass` of a group determines which additional properties are available. You can extend group profiles with custom properties, but you must first add the properties to the group profile schema before you can reference them. Use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to manage schema extensions. Custom properties can contain HTML tags. It is the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting.
stringDetermines how a group's profile and memberships are managed
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainsearch, filter, q, after, limit, expand, sortBy, sortOrderLists all groups with pagination support.

> **Note:** To list all groups belonging to a member, use the [List all groups endpoint in the User Resources API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserGroups).

The number of groups returned depends on the specified [`limit`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!in=query&path=limit&t=request), if you have a search, filter, and/or query parameter set, and if that parameter is not null. We recommend using a limit less than or equal to 200.

A subset of groups can be returned that match a supported filter expression, query, or search criteria.

> **Note:** Results from the filter or query parameter are driven from an eventually consistent datasource. The synchronization lag is typically less than one second.
subdomainRetrieves a specific group by `id` from your org
subdomainAdds a new group with the `OKTA_GROUP` type to your org.
> **Note:** App import operations are responsible for syncing groups with `APP_GROUP` type such as Active Directory groups. See
[About groups](https://help.okta.com/okta_help.htm?id=Directory_Groups) in the help documentation.
subdomainReplaces the profile for a group of `OKTA_GROUP` type from your org.
> **Note :** You only can modify profiles for groups of the `OKTA_GROUP` type.
>
> App imports are responsible for updating profiles for groups of the `APP_GROUP` type, such as Active Directory groups.
subdomainDeletes a group of the `OKTA_GROUP` or `APP_GROUP` type from your org.
> **Note:** You can't remove groups of type `APP_GROUP` if they are used in a group push mapping.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of groups. The `after` cursor should be treated as an opaque value and obtained through the next link relation. See [Pagination](https://developer.okta.com/docs/api/#pagination).
stringIf specified, additional metadata is included in the response. Possible values are `stats` and `app`. This additional metadata is listed in the [`_embedded`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/addGroup!c=200&path=_embedded&t=response) property of the response. > **Note:** You can use the `stats` value to return the number of users within a group. This is listed as the `_embedded.stats.usersCount` value in the response. See this [Knowledge Base article](https://support.okta.com/help/s/article/Is-there-an-API-that-returns-the-number-of-users-in-a-group?language=en_US) for more information and an example.
stringFilter expression for groups. See [Filter](https://developer.okta.com/docs/api/#filter). > **Note:** All filters must be [URL encoded](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `filter=lastUpdated gt "2013-06-01T00:00:00.000Z"` is encoded as `filter=lastUpdated%20gt%20%222013-06-01T00:00:00.000Z%22`.
integer (int32)Specifies the number of group results in a page. Okta recommends using a specific value other than the default or maximum. If your request times out, retry your request with a smaller `limit` and [page the results](https://developer.okta.com/docs/api/#pagination). The Okta default `Everyone` group isn't returned for users with a group admin role.
stringFinds a group that matches the `name` property. > **Note:** Paging and searching are currently mutually exclusive. You can't page a query. The default limit for a query is 300 results. Query is intended for an auto-complete picker use case where users refine their search string to constrain the results.
stringSpecifies field to sort by **(for search queries only)**. `sortBy` can be any single property, for example `sortBy=profile.name`.
stringSpecifies sort order: `asc` or `desc` (for search queries only). This parameter is ignored if `sortBy` isn't present. Groups with the same value for the `sortBy` property are ordered by `id`'.
+ +## `SELECT` examples + + + + +Lists all groups with pagination support.

> **Note:** To list all groups belonging to a member, use the [List all groups endpoint in the User Resources API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserResources/#tag/UserResources/operation/listUserGroups).

The number of groups returned depends on the specified [`limit`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!in=query&path=limit&t=request), if you have a search, filter, and/or query parameter set, and if that parameter is not null. We recommend using a limit less than or equal to 200.

A subset of groups can be returned that match a supported filter expression, query, or search criteria.

> **Note:** Results from the filter or query parameter are driven from an eventually consistent datasource. The synchronization lag is typically less than one second. + +```sql +SELECT +id, +_embedded, +_links, +created, +lastMembershipUpdated, +lastUpdated, +objectClass, +profile, +type +FROM okta.groups.groups +WHERE subdomain = '{{ subdomain }}' -- required +AND search = '{{ search }}' +AND filter = '{{ filter }}' +AND q = '{{ q }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND expand = '{{ expand }}' +AND sortBy = '{{ sortBy }}' +AND sortOrder = '{{ sortOrder }}'; +``` + + + +Retrieves a specific group by `id` from your org + +```sql +SELECT +id, +_embedded, +_links, +created, +lastMembershipUpdated, +lastUpdated, +objectClass, +profile, +type +FROM okta.groups.groups +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Adds a new group with the `OKTA_GROUP` type to your org.
> **Note:** App import operations are responsible for syncing groups with `APP_GROUP` type such as Active Directory groups. See
[About groups](https://help.okta.com/okta_help.htm?id=Directory_Groups) in the help documentation. + +```sql +INSERT INTO okta.groups.groups ( +data__profile, +subdomain +) +SELECT +'{{ profile }}', +'{{ subdomain }}' +RETURNING +id, +_embedded, +_links, +created, +lastMembershipUpdated, +lastUpdated, +objectClass, +profile, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: groups + props: + - name: subdomain + value: string + description: Required parameter for the groups resource. + - name: profile + value: object + description: > + Profile for any group that is not imported from Active Directory. Specifies the standard +and custom profile properties for a group. + +The `objectClass` for these groups is `okta:user_group`. + +``` + + + + +## `REPLACE` examples + + + + +Replaces the profile for a group of `OKTA_GROUP` type from your org.
> **Note :** You only can modify profiles for groups of the `OKTA_GROUP` type.
>
> App imports are responsible for updating profiles for groups of the `APP_GROUP` type, such as Active Directory groups. + +```sql +REPLACE okta.groups.groups +SET +data__profile = '{{ profile }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_embedded, +_links, +created, +lastMembershipUpdated, +lastUpdated, +objectClass, +profile, +type; +``` + + + + +## `DELETE` examples + + + + +Deletes a group of the `OKTA_GROUP` or `APP_GROUP` type from your org.
> **Note:** You can't remove groups of type `APP_GROUP` if they are used in a group push mapping. + +```sql +DELETE FROM okta.groups.groups +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/groups/index.md b/website/docs/services/groups/index.md new file mode 100644 index 0000000..3aeba70 --- /dev/null +++ b/website/docs/services/groups/index.md @@ -0,0 +1,40 @@ +--- +title: groups +hide_title: false +hide_table_of_contents: false +keywords: + - groups + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +groups service documentation. + +:::info[Service Summary] + +total resources: __9__ + +::: + +## Resources +
+
+app_instance_targets
+app_targets
+assigned_apps
+assigned_roles
+group_targets +
+
+groups
+owners
+rules
+users +
+
\ No newline at end of file diff --git a/website/docs/services/groups/owners/index.md b/website/docs/services/groups/owners/index.md new file mode 100644 index 0000000..158cf8d --- /dev/null +++ b/website/docs/services/groups/owners/index.md @@ -0,0 +1,285 @@ +--- +title: owners +hide_title: false +hide_table_of_contents: false +keywords: + - owners + - groups + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an owners resource. + +## Overview + + + + +
Nameowners
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe `id` of the group owner
stringThe display name of the group owner
string (date-time)Timestamp when the group owner was last updated
stringThe ID of the app instance if the `originType` is `APPLICATION`. This value is `NULL` if `originType` is `OKTA_DIRECTORY`.
stringThe source where group ownership is managed
booleanIf `originType`is APPLICATION, this parameter is set to `FALSE` until the owner's `originId` is reconciled with an associated Okta ID.
stringThe entity type of the owner
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainsearch, after, limitLists all owners for a specific group
groupId, subdomainAssigns a group owner
subdomainDeletes a group owner from a specific group
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe `id` of the group
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of owners
integer (int32)Specifies the number of owner results in a page
+ +## `SELECT` examples + + + + +Lists all owners for a specific group + +```sql +SELECT +id, +displayName, +lastUpdated, +originId, +originType, +resolved, +type +FROM okta.groups.owners +WHERE subdomain = '{{ subdomain }}' -- required +AND search = '{{ search }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + + +## `INSERT` examples + + + + +Assigns a group owner + +```sql +INSERT INTO okta.groups.owners ( +data__id, +data__type, +groupId, +subdomain +) +SELECT +'{{ id }}', +'{{ type }}', +'{{ groupId }}', +'{{ subdomain }}' +RETURNING +id, +displayName, +lastUpdated, +originId, +originType, +resolved, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: owners + props: + - name: groupId + value: string + description: Required parameter for the owners resource. + - name: subdomain + value: string + description: Required parameter for the owners resource. + - name: id + value: string + description: > + The `id` of the group owner + + - name: type + value: string + description: > + The entity type of the owner + + valid_values: ['GROUP', 'USER'] +``` + + + + +## `DELETE` examples + + + + +Deletes a group owner from a specific group + +```sql +DELETE FROM okta.groups.owners +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/groups/rules/index.md b/website/docs/services/groups/rules/index.md new file mode 100644 index 0000000..e99e00e --- /dev/null +++ b/website/docs/services/groups/rules/index.md @@ -0,0 +1,476 @@ +--- +title: rules +hide_title: false +hide_table_of_contents: false +keywords: + - rules + - groups + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a rules resource. + +## Overview + + + + +
Namerules
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the group rule
stringName of the group rule
objectDefines which users and groups to assign
objectDefines group rule conditions
string (date-time)Creation date for group rule
string (date-time)Date group rule was last updated
stringStatus of group rule
stringType to indicate a group rule operation. Only `group_rule` is allowed.
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the group rule
stringName of the group rule
objectDefines which users and groups to assign
objectDefines group rule conditions
string (date-time)Creation date for group rule
string (date-time)Date group rule was last updated
stringStatus of group rule
stringType to indicate a group rule operation. Only `group_rule` is allowed.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainlimit, after, search, expandLists all group rules for your org
subdomainexpandRetrieves a specific group rule by ID from your org
subdomainCreates a group rule to dynamically add users to the specified group if they match the condition
> **Note:** Group rules are created with the status set to `'INACTIVE'`.
subdomainReplaces a group rule
> **Notes:** You can only update rules with a group whose status is set to `'INACTIVE'`.
>
> You currently can't update the `action` section.
subdomainremoveUsersDeletes a specific group rule by `groupRuleId`
subdomainActivates a specific group rule by ID from your org
subdomainDeactivates a specific group rule by ID from your org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of rules
stringIf specified as `groupIdToGroupNameMap`, then show group names
integer (int32)Specifies the number of rule results in a page
booleanIf set to `true`, removes users from groups assigned by this rule
+ +## `SELECT` examples + + + + +Lists all group rules for your org + +```sql +SELECT +id, +name, +actions, +conditions, +created, +lastUpdated, +status, +type +FROM okta.groups.rules +WHERE subdomain = '{{ subdomain }}' -- required +AND limit = '{{ limit }}' +AND after = '{{ after }}' +AND search = '{{ search }}' +AND expand = '{{ expand }}'; +``` + + + +Retrieves a specific group rule by ID from your org + +```sql +SELECT +id, +name, +actions, +conditions, +created, +lastUpdated, +status, +type +FROM okta.groups.rules +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` + + + + +## `INSERT` examples + + + + +Creates a group rule to dynamically add users to the specified group if they match the condition
> **Note:** Group rules are created with the status set to `'INACTIVE'`. + +```sql +INSERT INTO okta.groups.rules ( +data__actions, +data__conditions, +data__name, +data__type, +subdomain +) +SELECT +'{{ actions }}', +'{{ conditions }}', +'{{ name }}', +'{{ type }}', +'{{ subdomain }}' +RETURNING +id, +name, +actions, +conditions, +created, +lastUpdated, +status, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: rules + props: + - name: subdomain + value: string + description: Required parameter for the rules resource. + - name: actions + value: object + description: > + Defines which users and groups to assign + + - name: conditions + value: object + description: > + Defines group rule conditions + + - name: name + value: string + description: > + Name of the group rule + + - name: type + value: string + valid_values: ['group_rule'] +``` + + + + +## `REPLACE` examples + + + + +Replaces a group rule
> **Notes:** You can only update rules with a group whose status is set to `'INACTIVE'`.
>
> You currently can't update the `action` section. + +```sql +REPLACE okta.groups.rules +SET +data__actions = '{{ actions }}', +data__conditions = '{{ conditions }}', +data__name = '{{ name }}', +data__status = '{{ status }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +actions, +conditions, +created, +lastUpdated, +status, +type; +``` + + + + +## `DELETE` examples + + + + +Deletes a specific group rule by `groupRuleId` + +```sql +DELETE FROM okta.groups.rules +WHERE subdomain = '{{ subdomain }}' --required +AND removeUsers = '{{ removeUsers }}'; +``` + + + + +## Lifecycle Methods + + + + +Activates a specific group rule by ID from your org + +```sql +EXEC okta.groups.rules.activate_group_rule +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates a specific group rule by ID from your org + +```sql +EXEC okta.groups.rules.deactivate_group_rule +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/groups/users/index.md b/website/docs/services/groups/users/index.md new file mode 100644 index 0000000..47adf0d --- /dev/null +++ b/website/docs/services/groups/users/index.md @@ -0,0 +1,281 @@ +--- +title: users +hide_title: false +hide_table_of_contents: false +keywords: + - users + - groups + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a users resource. + +## Overview + + + + +
Nameusers
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique key for the user
objectEmbedded resources related to the user using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)The timestamp when the user status transitioned to `ACTIVE`
string (date-time)The timestamp when the user was created
objectSpecifies primary authentication and recovery credentials for a user. Credential types and requirements vary depending on the provider and security policy of the org.
string (date-time)The timestamp of the last login
string (date-time)The timestamp when the user was last updated
string (date-time)The timestamp when the user's password was last updated
objectSpecifies the default and custom profile properties for a user. The default user profile is based on the [System for Cross-domain Identity Management: Core Schema](https://datatracker.ietf.org/doc/html/rfc7643). The only permitted customizations of the default profile are to update permissions, change whether the `firstName` and `lastName` properties are nullable, and specify a [pattern](https://developer.okta.com/docs/reference/api/schemas/#login-pattern-validation) for `login`. You can use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to make schema modifications. You can extend user profiles with custom properties. You must first add the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to manage schema extensions. Custom attributes can contain HTML tags. It's the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting.
stringThe ID of the realm in which the user is residing. See [Realms](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Realm/). (example: guo1bfiNtSnZYILxO0g4)
stringThe current status of the user. The status of a user changes in response to explicit events, such as admin-driven lifecycle changes, user login, or self-service password recovery. Okta doesn't asynchronously sweep through users and update their password expiry state, for example. Instead, Okta evaluates password policy at login time, notices the password has expired, and moves the user to the expired state. When running reports, remember that the data is valid as of the last login or lifecycle event for that user.
string (date-time)The timestamp when the status of the user last changed
stringThe target status of an in-progress asynchronous status transition. This property is only returned if the user's state is transitioning.
objectThe user type that determines the schema for the user's profile. The `type` property is a map that identifies the [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType). Currently it contains a single element, `id`. It can be specified when creating a new user, and ca be updated by an admin on a full replace of an existing user (but not a partial update).
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all users that are a member of a group.
The default user limit is set to a very high number due to historical reasons that are no longer valid for most orgs. This will change in a future version of this API. The recommended page limit is now `limit=200`.
subdomainAssigns a user to a group with the `OKTA_GROUP` type.
> **Note:** You only can modify memberships for groups of the `OKTA_GROUP` type. App imports are responsible for managing group memberships for groups of the `APP_GROUP` type, such as Active Directory groups.
subdomainUnassigns a user from a group with the `OKTA_GROUP` type.
> **Note:** You only can modify memberships for groups of the `OKTA_GROUP` type.
>
> App imports are responsible for managing group memberships for groups of the `APP_GROUP` type, such as Active Directory groups.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integer (int32)Specifies the number of user results in a page
+ +## `SELECT` examples + + + + +Lists all users that are a member of a group.
The default user limit is set to a very high number due to historical reasons that are no longer valid for most orgs. This will change in a future version of this API. The recommended page limit is now `limit=200`. + +```sql +SELECT +id, +_embedded, +_links, +activated, +created, +credentials, +lastLogin, +lastUpdated, +passwordChanged, +profile, +realmId, +status, +statusChanged, +transitioningToStatus, +type +FROM okta.groups.users +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + + +## `REPLACE` examples + + + + +Assigns a user to a group with the `OKTA_GROUP` type.
> **Note:** You only can modify memberships for groups of the `OKTA_GROUP` type. App imports are responsible for managing group memberships for groups of the `APP_GROUP` type, such as Active Directory groups. + +```sql +REPLACE okta.groups.users +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + + + +## `DELETE` examples + + + + +Unassigns a user from a group with the `OKTA_GROUP` type.
> **Note:** You only can modify memberships for groups of the `OKTA_GROUP` type.
>
> App imports are responsible for managing group memberships for groups of the `APP_GROUP` type, such as Active Directory groups. + +```sql +DELETE FROM okta.groups.users +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/hook_keys/hook_keys/index.md b/website/docs/services/hook_keys/hook_keys/index.md new file mode 100644 index 0000000..18c31e0 --- /dev/null +++ b/website/docs/services/hook_keys/hook_keys/index.md @@ -0,0 +1,358 @@ +--- +title: hook_keys +hide_title: false +hide_table_of_contents: false +keywords: + - hook_keys + - hook_keys + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a hook_keys resource. + +## Overview + + + + +
Namehook_keys
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique identifier for the key
stringDisplay name of the key
string (date-time)Timestamp when the key was created
string (boolean)Whether this key is currently in use by other applications
stringThe alias of the public key
string (date-time)Timestamp when the key was updated
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique identifier for the key
stringDisplay name of the key
string (date-time)Timestamp when the key was created
string (boolean)Whether this key is currently in use by other applications
stringThe alias of the public key
string (date-time)Timestamp when the key was updated
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all keys
subdomainidRetrieves the public portion of the Key object using the `id` parameter

>**Note:** The `?expand=publickey` query parameter optionally returns the full object including the details of the public key in the response body's `_embedded` property.
subdomainCreates a key for use with other parts of the application, such as inline hooks

> **Note:** Use the key name to access this key for inline hook operations.

The total number of keys that you can create in an Okta org is limited to 50.

The response is a [Key object](https://developer.okta.com/docs/reference/api/hook-keys/#key-object) that represents the
key that you create. The `id` property in the response serves as the unique ID for the key, which you can specify when
invoking other CRUD operations. The `keyId` provided in the response is the alias of the public key that you can use to get
details of the public key data in a separate call.

> **Note:** The keyId is the alias of the public key that you can use to retrieve the public key.
subdomainReplaces a key by `id`

This request replaces existing properties after passing validation.

> **Note:** The only parameter that you can update is the name of the key, which must be unique at all times.
subdomainDeletes a key by `id`. After being deleted, the key is unrecoverable.

As a safety precaution, only keys that aren't being used are eligible for deletion.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringA valid key ID
+ +## `SELECT` examples + + + + +Lists all keys + +```sql +SELECT +id, +name, +created, +isUsed, +keyId, +lastUpdated +FROM okta.hook_keys.hook_keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves the public portion of the Key object using the `id` parameter

>**Note:** The `?expand=publickey` query parameter optionally returns the full object including the details of the public key in the response body's `_embedded` property. + +```sql +SELECT +id, +name, +created, +isUsed, +keyId, +lastUpdated +FROM okta.hook_keys.hook_keys +WHERE subdomain = '{{ subdomain }}' -- required +AND id = '{{ id }}'; +``` + + + + +## `INSERT` examples + + + + +Creates a key for use with other parts of the application, such as inline hooks

> **Note:** Use the key name to access this key for inline hook operations.

The total number of keys that you can create in an Okta org is limited to 50.

The response is a [Key object](https://developer.okta.com/docs/reference/api/hook-keys/#key-object) that represents the
key that you create. The `id` property in the response serves as the unique ID for the key, which you can specify when
invoking other CRUD operations. The `keyId` provided in the response is the alias of the public key that you can use to get
details of the public key data in a separate call.

> **Note:** The keyId is the alias of the public key that you can use to retrieve the public key. + +```sql +INSERT INTO okta.hook_keys.hook_keys ( +data__name, +subdomain +) +SELECT +'{{ name }}', +'{{ subdomain }}' +RETURNING +id, +name, +_embedded, +created, +isUsed, +keyId, +lastUpdated +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: hook_keys + props: + - name: subdomain + value: string + description: Required parameter for the hook_keys resource. + - name: name + value: string + description: > + Display name for the key + +``` + + + + +## `REPLACE` examples + + + + +Replaces a key by `id`

This request replaces existing properties after passing validation.

> **Note:** The only parameter that you can update is the name of the key, which must be unique at all times. + +```sql +REPLACE okta.hook_keys.hook_keys +SET +data__name = '{{ name }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_embedded, +created, +isUsed, +keyId, +lastUpdated; +``` + + + + +## `DELETE` examples + + + + +Deletes a key by `id`. After being deleted, the key is unrecoverable.

As a safety precaution, only keys that aren't being used are eligible for deletion.
+ +```sql +DELETE FROM okta.hook_keys.hook_keys +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/hook_keys/index.md b/website/docs/services/hook_keys/index.md new file mode 100644 index 0000000..e5bdd30 --- /dev/null +++ b/website/docs/services/hook_keys/index.md @@ -0,0 +1,33 @@ +--- +title: hook_keys +hide_title: false +hide_table_of_contents: false +keywords: + - hook_keys + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +hook_keys service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +
+
+hook_keys +
+
+public_keys +
+
\ No newline at end of file diff --git a/website/docs/services/hook_keys/public_keys/index.md b/website/docs/services/hook_keys/public_keys/index.md new file mode 100644 index 0000000..62763ed --- /dev/null +++ b/website/docs/services/hook_keys/public_keys/index.md @@ -0,0 +1,158 @@ +--- +title: public_keys +hide_title: false +hide_table_of_contents: false +keywords: + - public_keys + - hook_keys + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a public_keys resource. + +## Overview + + + + +
Namepublic_keys
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringAlgorithm used in the key
stringRSA key value (exponent) for key binding
stringUnique identifier for the certificate
stringCryptographic algorithm family for the certificate's keypair
stringRSA key value (modulus) for key binding
stringAcceptable use of the certificate
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves a public key by `keyId`

>**Note:** keyId is the alias of the public key.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves a public key by `keyId`

>**Note:** keyId is the alias of the public key. + +```sql +SELECT +alg, +e, +kid, +kty, +n, +use +FROM okta.hook_keys.public_keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/iam/bundle_entitlement_values/index.md b/website/docs/services/iam/bundle_entitlement_values/index.md new file mode 100644 index 0000000..0b91026 --- /dev/null +++ b/website/docs/services/iam/bundle_entitlement_values/index.md @@ -0,0 +1,144 @@ +--- +title: bundle_entitlement_values +hide_title: false +hide_table_of_contents: false +keywords: + - bundle_entitlement_values + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a bundle_entitlement_values resource. + +## Overview + + + + +
Namebundle_entitlement_values
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
array
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all Entitlement Values specific to a Bundle Entitlement
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all Entitlement Values specific to a Bundle Entitlement + +```sql +SELECT +_links, +entitlementValues +FROM okta.iam.bundle_entitlement_values +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + diff --git a/website/docs/services/iam/bundle_entitlements/index.md b/website/docs/services/iam/bundle_entitlements/index.md new file mode 100644 index 0000000..b456894 --- /dev/null +++ b/website/docs/services/iam/bundle_entitlements/index.md @@ -0,0 +1,144 @@ +--- +title: bundle_entitlements +hide_title: false +hide_table_of_contents: false +keywords: + - bundle_entitlements + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a bundle_entitlements resource. + +## Overview + + + + +
Namebundle_entitlements
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
array
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all Entitlements specific to a Governance Bundle
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all Entitlements specific to a Governance Bundle + +```sql +SELECT +_links, +entitlements +FROM okta.iam.bundle_entitlements +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + diff --git a/website/docs/services/iam/governance_bundles/index.md b/website/docs/services/iam/governance_bundles/index.md new file mode 100644 index 0000000..cea9839 --- /dev/null +++ b/website/docs/services/iam/governance_bundles/index.md @@ -0,0 +1,341 @@ +--- +title: governance_bundles +hide_title: false +hide_table_of_contents: false +keywords: + - governance_bundles + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a governance_bundles resource. + +## Overview + + + + +
Namegovernance_bundles
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
array
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string
string
object
string
string
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all Governance Bundles for the Admin Console in your org
subdomainRetrieves a Governance Bundle from RAMP
subdomainCreates a Governance Bundle for the Admin Console in RAMP
subdomainReplaces a Governance Bundle in RAMP
subdomainDeletes a Governance Bundle from RAMP
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all Governance Bundles for the Admin Console in your org + +```sql +SELECT +_links, +bundles +FROM okta.iam.governance_bundles +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + +Retrieves a Governance Bundle from RAMP + +```sql +SELECT +id, +name, +_links, +description, +orn, +status +FROM okta.iam.governance_bundles +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a Governance Bundle for the Admin Console in RAMP + +```sql +INSERT INTO okta.iam.governance_bundles ( +data__description, +data__entitlements, +data__name, +subdomain +) +SELECT +'{{ description }}', +'{{ entitlements }}', +'{{ name }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +description, +orn, +status +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: governance_bundles + props: + - name: subdomain + value: string + description: Required parameter for the governance_bundles resource. + - name: description + value: string + - name: entitlements + value: array + - name: name + value: string +``` + + + + +## `REPLACE` examples + + + + +Replaces a Governance Bundle in RAMP + +```sql +REPLACE okta.iam.governance_bundles +SET +data__description = '{{ description }}', +data__entitlements = '{{ entitlements }}', +data__name = '{{ name }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +description, +orn, +status; +``` + + + + +## `DELETE` examples + + + + +Deletes a Governance Bundle from RAMP + +```sql +DELETE FROM okta.iam.governance_bundles +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/iam/index.md b/website/docs/services/iam/index.md new file mode 100644 index 0000000..97ae1a5 --- /dev/null +++ b/website/docs/services/iam/index.md @@ -0,0 +1,42 @@ +--- +title: iam +hide_title: false +hide_table_of_contents: false +keywords: + - iam + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +iam service documentation. + +:::info[Service Summary] + +total resources: __11__ + +::: + +## Resources +
+
+bundle_entitlement_values
+bundle_entitlements
+governance_bundles
+opt_in_status
+role_permissions
+role_resource_set_binding_members +
+
+role_resource_set_bindings
+role_resource_set_resources
+role_resource_sets
+roles
+users_with_role_assignments +
+
\ No newline at end of file diff --git a/website/docs/services/iam/opt_in_status/index.md b/website/docs/services/iam/opt_in_status/index.md new file mode 100644 index 0000000..a880b8f --- /dev/null +++ b/website/docs/services/iam/opt_in_status/index.md @@ -0,0 +1,176 @@ +--- +title: opt_in_status +hide_title: false +hide_table_of_contents: false +keywords: + - opt_in_status + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an opt_in_status resource. + +## Overview + + + + +
Nameopt_in_status
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
object
string
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the opt-in status of the Admin Console from RAMP
subdomainOpts in the Admin Console to RAMP
subdomainOpts out the Admin Console from RAMP
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the opt-in status of the Admin Console from RAMP + +```sql +SELECT +_links, +optInStatus +FROM okta.iam.opt_in_status +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## Lifecycle Methods + + + + +Opts in the Admin Console to RAMP + +```sql +EXEC okta.iam.opt_in_status.opt_in +@subdomain='{{ subdomain }}' --required; +``` + + + +Opts out the Admin Console from RAMP + +```sql +EXEC okta.iam.opt_in_status.opt_out +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/iam/role_permissions/index.md b/website/docs/services/iam/role_permissions/index.md new file mode 100644 index 0000000..3e505af --- /dev/null +++ b/website/docs/services/iam/role_permissions/index.md @@ -0,0 +1,302 @@ +--- +title: role_permissions +hide_title: false +hide_table_of_contents: false +keywords: + - role_permissions + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a role_permissions resource. + +## Overview + + + + +
Namerole_permissions
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
arrayArray of permissions assigned to the role. See [Permissions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/permissions).
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
objectConditions for further restricting a permission. See [Permission conditions](https://help.okta.com/okta_help.htm?type=oie&id=ext-permission-conditions).
string (date-time)Timestamp when the permission was assigned
stringThe assigned Okta [permission](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/permissions) (example: okta.users.read)
string (date-time)Timestamp when the permission was last updated
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all permissions for a custom role by `roleIdOrLabel`
subdomainRetrieves a permission (identified by `permissionType`) for a custom role
subdomainCreates a permission (specified by `permissionType`) for a custom role
subdomainReplaces a permission (specified by `permissionType`) for a custom role
subdomainDeletes a permission (identified by `permissionType`) from a custom role
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all permissions for a custom role by `roleIdOrLabel` + +```sql +SELECT +permissions +FROM okta.iam.role_permissions +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a permission (identified by `permissionType`) for a custom role + +```sql +SELECT +_links, +conditions, +created, +label, +lastUpdated +FROM okta.iam.role_permissions +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a permission (specified by `permissionType`) for a custom role + +```sql +INSERT INTO okta.iam.role_permissions ( +data__conditions, +subdomain +) +SELECT +'{{ conditions }}', +'{{ subdomain }}' +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: role_permissions + props: + - name: subdomain + value: string + description: Required parameter for the role_permissions resource. + - name: conditions + value: object + description: > + Conditions for further restricting a permission. See [Permission conditions](https://help.okta.com/okta_help.htm?type=oie&id=ext-permission-conditions). + +``` + + + + +## `REPLACE` examples + + + + +Replaces a permission (specified by `permissionType`) for a custom role + +```sql +REPLACE okta.iam.role_permissions +SET +data__conditions = '{{ conditions }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +_links, +conditions, +created, +label, +lastUpdated; +``` + + + + +## `DELETE` examples + + + + +Deletes a permission (identified by `permissionType`) from a custom role + +```sql +DELETE FROM okta.iam.role_permissions +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/iam/role_resource_set_binding_members/index.md b/website/docs/services/iam/role_resource_set_binding_members/index.md new file mode 100644 index 0000000..8d40041 --- /dev/null +++ b/website/docs/services/iam/role_resource_set_binding_members/index.md @@ -0,0 +1,254 @@ +--- +title: role_resource_set_binding_members +hide_title: false +hide_table_of_contents: false +keywords: + - role_resource_set_binding_members + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a role_resource_set_binding_members resource. + +## Overview + + + + +
Namerole_resource_set_binding_members
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
arrayThe members of the role resource set binding. If there are more than 100 members for the binding, then the `_links.next` resource is returned with the next list of members.
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringRole resource set binding member ID
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the member was created
string (date-time)Timestamp when the member was last updated
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafterLists all members of a role resource set binding with pagination support
subdomainRetrieves a member (identified by `memberId`) that belongs to a role resource set binding
subdomainAdds more members to a role resource set binding
subdomainUnassigns a member (identified by `memberId`) from a role resource set binding
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
+ +## `SELECT` examples + + + + +Lists all members of a role resource set binding with pagination support + +```sql +SELECT +_links, +members +FROM okta.iam.role_resource_set_binding_members +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}'; +``` + + + +Retrieves a member (identified by `memberId`) that belongs to a role resource set binding + +```sql +SELECT +id, +_links, +created, +lastUpdated +FROM okta.iam.role_resource_set_binding_members +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Adds more members to a role resource set binding + +```sql +UPDATE okta.iam.role_resource_set_binding_members +SET +data__additions = '{{ additions }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +_links; +``` + + + + +## `DELETE` examples + + + + +Unassigns a member (identified by `memberId`) from a role resource set binding + +```sql +DELETE FROM okta.iam.role_resource_set_binding_members +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/iam/role_resource_set_bindings/index.md b/website/docs/services/iam/role_resource_set_bindings/index.md new file mode 100644 index 0000000..9d36a81 --- /dev/null +++ b/website/docs/services/iam/role_resource_set_bindings/index.md @@ -0,0 +1,269 @@ +--- +title: role_resource_set_bindings +hide_title: false +hide_table_of_contents: false +keywords: + - role_resource_set_bindings + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a role_resource_set_bindings resource. + +## Overview + + + + +
Namerole_resource_set_bindings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
arrayRoles associated with the resource set binding. If there are more than 100 bindings for the specified resource set, then the `_links.next` resource is returned with the next list of bindings.
+ + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string`id` of the role resource set binding
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafterLists all bindings for a resource set with pagination support.

The returned `roles` array contains the roles for each binding associated with the specified resource set. If there are more than 100 bindings for the specified resource set, `links.next` provides the resource with pagination for the next list of bindings.
subdomainRetrieves the binding of a role (identified by `roleIdOrLabel`) for a resource set (identified by `resourceSetIdOrLabel`)
subdomainCreates a binding for the resource set, custom role, and members (users or groups)

> **Note:** If you use a custom role with permissions that don't apply to the resources in the resource set, it doesn't affect the admin role. For example,
the `okta.users.userprofile.manage` permission gives the admin no privileges if it's granted to a resource set that only includes `https://{yourOktaDomain}/api/v1/groups/{targetGroupId}`
resources. If you want the admin to be able to manage the users within the group, the resource set must include the corresponding `https://{yourOktaDomain}/api/v1/groups/{targetGroupId}/users` resource.
subdomainDeletes a binding of a role (identified by `roleIdOrLabel`) and a resource set (identified by `resourceSetIdOrLabel`)
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
+ +## `SELECT` examples + + + + +Lists all bindings for a resource set with pagination support.

The returned `roles` array contains the roles for each binding associated with the specified resource set. If there are more than 100 bindings for the specified resource set, `links.next` provides the resource with pagination for the next list of bindings. + +```sql +SELECT +_links, +roles +FROM okta.iam.role_resource_set_bindings +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}'; +``` + + + +Retrieves the binding of a role (identified by `roleIdOrLabel`) for a resource set (identified by `resourceSetIdOrLabel`) + +```sql +SELECT +id, +_links +FROM okta.iam.role_resource_set_bindings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a binding for the resource set, custom role, and members (users or groups)

> **Note:** If you use a custom role with permissions that don't apply to the resources in the resource set, it doesn't affect the admin role. For example,
the `okta.users.userprofile.manage` permission gives the admin no privileges if it's granted to a resource set that only includes `https://{yourOktaDomain}/api/v1/groups/{targetGroupId}`
resources. If you want the admin to be able to manage the users within the group, the resource set must include the corresponding `https://{yourOktaDomain}/api/v1/groups/{targetGroupId}/users` resource. + +```sql +INSERT INTO okta.iam.role_resource_set_bindings ( +data__members, +data__role, +subdomain +) +SELECT +'{{ members }}', +'{{ role }}', +'{{ subdomain }}' +RETURNING +_links +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: role_resource_set_bindings + props: + - name: subdomain + value: string + description: Required parameter for the role_resource_set_bindings resource. + - name: members + value: array + description: > + URLs to user and/or group instances that are assigned to the role + + - name: role + value: string + description: > + Unique key for the role + +``` + + + + +## `DELETE` examples + + + + +Deletes a binding of a role (identified by `roleIdOrLabel`) and a resource set (identified by `resourceSetIdOrLabel`) + +```sql +DELETE FROM okta.iam.role_resource_set_bindings +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/iam/role_resource_set_resources/index.md b/website/docs/services/iam/role_resource_set_resources/index.md new file mode 100644 index 0000000..2b7d34a --- /dev/null +++ b/website/docs/services/iam/role_resource_set_resources/index.md @@ -0,0 +1,336 @@ +--- +title: role_resource_set_resources +hide_title: false +hide_table_of_contents: false +keywords: + - role_resource_set_resources + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a role_resource_set_resources resource. + +## Overview + + + + +
Namerole_resource_set_resources
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. Use the `LinksNext` object for dynamic discovery of related resources and lifecycle operations.
array
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID of the resource set resource object
objectRelated discoverable resources
objectConditions for further restricting a resource.
string (date-time)Timestamp when the resource set resource object was created
string (date-time)Timestamp when this object was last updated
stringThe Okta Resource Name (ORN) of the resource
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all resources for the resource set
subdomainRetrieves a resource identified by `resourceId` in a resource set
subdomainAdds more resources to a resource set
subdomainReplaces the conditions of a resource identified by `resourceId` in a resource set
subdomainDeletes a resource (identified by `resourceId`) from a resource set
subdomainAdds a resource with conditions for a resource set
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all resources for the resource set + +```sql +SELECT +_links, +resources +FROM okta.iam.role_resource_set_resources +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a resource identified by `resourceId` in a resource set + +```sql +SELECT +id, +_links, +conditions, +created, +lastUpdated, +orn +FROM okta.iam.role_resource_set_resources +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Adds more resources to a resource set + +```sql +UPDATE okta.iam.role_resource_set_resources +SET +data__additions = '{{ additions }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_links, +created, +description, +label, +lastUpdated; +``` + + + + +## `REPLACE` examples + + + + +Replaces the conditions of a resource identified by `resourceId` in a resource set + +```sql +REPLACE okta.iam.role_resource_set_resources +SET +data__conditions = '{{ conditions }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_links, +conditions, +created, +lastUpdated, +orn; +``` + + + + +## `DELETE` examples + + + + +Deletes a resource (identified by `resourceId`) from a resource set + +```sql +DELETE FROM okta.iam.role_resource_set_resources +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Adds a resource with conditions for a resource set + +```sql +EXEC okta.iam.role_resource_set_resources.add_resource_set_resource +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"conditions": "{{ conditions }}", +"resourceOrnOrUrl": "{{ resourceOrnOrUrl }}" +}'; +``` + + diff --git a/website/docs/services/iam/role_resource_sets/index.md b/website/docs/services/iam/role_resource_sets/index.md new file mode 100644 index 0000000..c6db09f --- /dev/null +++ b/website/docs/services/iam/role_resource_sets/index.md @@ -0,0 +1,343 @@ +--- +title: role_resource_sets +hide_title: false +hide_table_of_contents: false +keywords: + - role_resource_sets + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a role_resource_sets resource. + +## Overview + + + + +
Namerole_resource_sets
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. Use the `LinksNext` object for dynamic discovery of related resources and lifecycle operations.
array
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID for the resource set object
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the role was created
stringDescription of the resource set
stringUnique label for the resource set
string (date-time)Timestamp when the role was last updated
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafterLists all resource sets with pagination support
subdomainRetrieves a resource set by `resourceSetIdOrLabel`
subdomainCreates a new resource set. See [Supported resources](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#supported-resources).

> **Note:** The maximum number of `resources` allowed in a resource set object is 1000. Resources are identified by either an Okta Resource Name (ORN) or by a REST URL format. See [Okta Resource Name](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#okta-resource-name-orn).
subdomainReplaces the label and description of a resource set
subdomainDeletes a resource set by `resourceSetIdOrLabel`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
+ +## `SELECT` examples + + + + +Lists all resource sets with pagination support + +```sql +SELECT +_links, +resource-sets +FROM okta.iam.role_resource_sets +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}'; +``` + + + +Retrieves a resource set by `resourceSetIdOrLabel` + +```sql +SELECT +id, +_links, +created, +description, +label, +lastUpdated +FROM okta.iam.role_resource_sets +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new resource set. See [Supported resources](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#supported-resources).

> **Note:** The maximum number of `resources` allowed in a resource set object is 1000. Resources are identified by either an Okta Resource Name (ORN) or by a REST URL format. See [Okta Resource Name](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#okta-resource-name-orn). + +```sql +INSERT INTO okta.iam.role_resource_sets ( +data__description, +data__label, +data__resources, +subdomain +) +SELECT +'{{ description }}' --required, +'{{ label }}' --required, +'{{ resources }}' --required, +'{{ subdomain }}' +RETURNING +id, +_links, +created, +description, +label, +lastUpdated +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: role_resource_sets + props: + - name: subdomain + value: string + description: Required parameter for the role_resource_sets resource. + - name: description + value: string + description: > + Description of the resource set + + - name: label + value: string + description: > + Unique name for the resource set + + - name: resources + value: array + description: > + The endpoint (URL) that references all resource objects included in the resource set. Resources are identified by either an Okta Resource Name (ORN) or by a REST URL format. See [Okta Resource Name](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#okta-resource-name-orn). + +``` + + + + +## `REPLACE` examples + + + + +Replaces the label and description of a resource set + +```sql +REPLACE okta.iam.role_resource_sets +SET +data__description = '{{ description }}', +data__label = '{{ label }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_links, +created, +description, +label, +lastUpdated; +``` + + + + +## `DELETE` examples + + + + +Deletes a resource set by `resourceSetIdOrLabel` + +```sql +DELETE FROM okta.iam.role_resource_sets +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/iam/roles/index.md b/website/docs/services/iam/roles/index.md new file mode 100644 index 0000000..02db949 --- /dev/null +++ b/website/docs/services/iam/roles/index.md @@ -0,0 +1,345 @@ +--- +title: roles +hide_title: false +hide_table_of_contents: false +keywords: + - roles + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a roles resource. + +## Overview + + + + +
Nameroles
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. Use the `LinksNext` object for dynamic discovery of related resources and lifecycle operations.
array
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key for the role
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the role was created
stringDescription of the role
stringUnique label for the role
string (date-time)Timestamp when the role was last updated
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafterLists all custom roles with pagination support
subdomainRetrieves a role by `roleIdOrLabel`
subdomainCreates a custom role
subdomainReplaces the label and description for a custom role by `roleIdOrLabel`
subdomainDeletes a custom role by `roleIdOrLabel`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
+ +## `SELECT` examples + + + + +Lists all custom roles with pagination support + +```sql +SELECT +_links, +roles +FROM okta.iam.roles +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}'; +``` + + + +Retrieves a role by `roleIdOrLabel` + +```sql +SELECT +id, +_links, +created, +description, +label, +lastUpdated +FROM okta.iam.roles +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a custom role + +```sql +INSERT INTO okta.iam.roles ( +data__description, +data__label, +data__permissions, +subdomain +) +SELECT +'{{ description }}' --required, +'{{ label }}' --required, +'{{ permissions }}' --required, +'{{ subdomain }}' +RETURNING +id, +_links, +created, +description, +label, +lastUpdated +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: roles + props: + - name: subdomain + value: string + description: Required parameter for the roles resource. + - name: description + value: string + description: > + Description of the role + + - name: label + value: string + description: > + Unique label for the role + + - name: permissions + value: array + description: > + Array of permissions that the role grants. See [Permissions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/permissions). + +``` + + + + +## `REPLACE` examples + + + + +Replaces the label and description for a custom role by `roleIdOrLabel` + +```sql +REPLACE okta.iam.roles +SET +data__description = '{{ description }}', +data__label = '{{ label }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__label = '{{ label }}' --required +AND data__description = '{{ description }}' --required +RETURNING +id, +_links, +created, +description, +label, +lastUpdated; +``` + + + + +## `DELETE` examples + + + + +Deletes a custom role by `roleIdOrLabel` + +```sql +DELETE FROM okta.iam.roles +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/iam/users_with_role_assignments/index.md b/website/docs/services/iam/users_with_role_assignments/index.md new file mode 100644 index 0000000..ced5b4c --- /dev/null +++ b/website/docs/services/iam/users_with_role_assignments/index.md @@ -0,0 +1,146 @@ +--- +title: users_with_role_assignments +hide_title: false +hide_table_of_contents: false +keywords: + - users_with_role_assignments + - iam + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a users_with_role_assignments resource. + +## Overview + + + + +
Nameusers_with_role_assignments
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification.
array
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all users with role assignments
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringSpecifies the pagination cursor for the next page of targets
integer (int32)Specifies the number of results returned. Defaults to `100`.
+ +## `SELECT` examples + + + + +Lists all users with role assignments + +```sql +SELECT +_links, +value +FROM okta.iam.users_with_role_assignments +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + diff --git a/website/docs/services/identity_sources/identity_sources/index.md b/website/docs/services/identity_sources/identity_sources/index.md new file mode 100644 index 0000000..f7e6d54 --- /dev/null +++ b/website/docs/services/identity_sources/identity_sources/index.md @@ -0,0 +1,144 @@ +--- +title: identity_sources +hide_title: false +hide_table_of_contents: false +keywords: + - identity_sources + - identity_sources + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an identity_sources resource. + +## Overview + + + + +
Nameidentity_sources
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainUploads external IDs of entities that need to be deleted in Okta from the identity source for the given session
subdomainUploads entities that need to be inserted or updated in Okta from the identity source for the given session
subdomainStarts the import from the identity source described by the uploaded bulk operations
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## Lifecycle Methods + + + + +Uploads external IDs of entities that need to be deleted in Okta from the identity source for the given session + +```sql +EXEC okta.identity_sources.identity_sources.upload_identity_source_data_for_delete +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"entityType": "{{ entityType }}", +"profiles": "{{ profiles }}" +}'; +``` + + + +Uploads entities that need to be inserted or updated in Okta from the identity source for the given session + +```sql +EXEC okta.identity_sources.identity_sources.upload_identity_source_data_for_upsert +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"entityType": "{{ entityType }}", +"profiles": "{{ profiles }}" +}'; +``` + + + +Starts the import from the identity source described by the uploaded bulk operations + +```sql +EXEC okta.identity_sources.identity_sources.start_import_from_identity_source +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/identity_sources/index.md b/website/docs/services/identity_sources/index.md new file mode 100644 index 0000000..7e87fc3 --- /dev/null +++ b/website/docs/services/identity_sources/index.md @@ -0,0 +1,33 @@ +--- +title: identity_sources +hide_title: false +hide_table_of_contents: false +keywords: + - identity_sources + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +identity_sources service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +
+
+identity_sources +
+
+sessions +
+
\ No newline at end of file diff --git a/website/docs/services/identity_sources/sessions/index.md b/website/docs/services/identity_sources/sessions/index.md new file mode 100644 index 0000000..4849b55 --- /dev/null +++ b/website/docs/services/identity_sources/sessions/index.md @@ -0,0 +1,306 @@ +--- +title: sessions +hide_title: false +hide_table_of_contents: false +keywords: + - sessions + - identity_sources + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a sessions resource. + +## Overview + + + + +
Namesessions
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the identity source session
string (date-time)The timestamp when the identity source session was created
stringThe ID of the custom identity source for which the session is created
stringThe type of import. All imports are `INCREMENTAL` imports.
string (date-time)The timestamp when the identity source session was created
stringThe current status of the identity source session
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the identity source session
string (date-time)The timestamp when the identity source session was created
stringThe ID of the custom identity source for which the session is created
stringThe type of import. All imports are `INCREMENTAL` imports.
string (date-time)The timestamp when the identity source session was created
stringThe current status of the identity source session
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all identity source sessions for the given identity source instance
subdomainRetrieves an identity source session for a given identity source ID and session ID
subdomainCreates an identity source session for the given identity source instance
subdomainDeletes an identity source session for a given identity source ID and session Id
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all identity source sessions for the given identity source instance + +```sql +SELECT +id, +created, +identitySourceId, +importType, +lastUpdated, +status +FROM okta.identity_sources.sessions +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves an identity source session for a given identity source ID and session ID + +```sql +SELECT +id, +created, +identitySourceId, +importType, +lastUpdated, +status +FROM okta.identity_sources.sessions +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates an identity source session for the given identity source instance + +```sql +INSERT INTO okta.identity_sources.sessions ( +subdomain +) +SELECT +'{{ subdomain }}' +RETURNING +id, +created, +identitySourceId, +importType, +lastUpdated, +status +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: sessions + props: + - name: subdomain + value: string + description: Required parameter for the sessions resource. +``` + + + + +## `DELETE` examples + + + + +Deletes an identity source session for a given identity source ID and session Id + +```sql +DELETE FROM okta.identity_sources.sessions +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/idps/active_idp_signing_keys/index.md b/website/docs/services/idps/active_idp_signing_keys/index.md new file mode 100644 index 0000000..a326caf --- /dev/null +++ b/website/docs/services/idps/active_idp_signing_keys/index.md @@ -0,0 +1,182 @@ +--- +title: active_idp_signing_keys +hide_title: false +hide_table_of_contents: false +keywords: + - active_idp_signing_keys + - idps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an active_idp_signing_keys resource. + +## Overview + + + + +
Nameactive_idp_signing_keys
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringThe exponent value for the RSA public key (example: AQAB)
string (date-time)Timestamp when the object expires (example: 2016-01-03T18:15:47.000Z)
stringUnique identifier for the key (example: your-key-id)
stringIdentifies the cryptographic algorithm family used with the key (example: RSA)
string (date-time)Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)
stringThe modulus value for the RSA public key (example: 101438407598598116085679865987760095721749307901605456708912786847324207000576780508113360584555007890315805735307890113536927352312915634368993759211767770602174860126854831344273970871509573365292777620005537635317282520456901584213746937262823585533063042033441296629204165064680610660631365266976782082747)
stringIntended use of the public key (example: sig)
arrayBase64-encoded X.509 certificate chain with DER encoding
stringBase64url-encoded SHA-256 thumbprint of the DER encoding of an X.509 certificate (example: wzPVobIrveR1x-PCbjsFGNV-6zn7Rm9KuOWOG4Rk6jE)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists the active signing key credential for an identity provider (IdP)
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists the active signing key credential for an identity provider (IdP) + +```sql +SELECT +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +FROM okta.idps.active_idp_signing_keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/idps/csrs/index.md b/website/docs/services/idps/csrs/index.md new file mode 100644 index 0000000..a11f269 --- /dev/null +++ b/website/docs/services/idps/csrs/index.md @@ -0,0 +1,328 @@ +--- +title: csrs +hide_title: false +hide_table_of_contents: false +keywords: + - csrs + - idps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a csrs resource. + +## Overview + + + + +
Namecsrs
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the CSR (example: h9zkutaSe7fZX0SwN1GqDApofgD1OW8g2B5l2azha50)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringBase64-encoded CSR in DER format (example: MIIC4DCCAcgCAQAwcTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCk9rdGEsIEluYy4xDDAKBgNVBAsMA0RldjESMBAGA1UEAwwJU1AgSXNzdWVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6m8jHVCr9/tKvvbFN59T4raoCs/78KRm4fSefHQOv1TKLXo4wTLbsqYWRWc5u0sd5orUMQgPQOyj3i6qh13mALY4BzrT057EG1BUNjGg29QgYlnOk2iX890e5BIDMQQEIKFrvOi2V8cLUkLvE2ydRn0VO1Q1frbUkYeStJYC5Api2JQsYRwa+1ZeDH1ITnIzUaugWhW2WB2lSnwZkenne5KtffxMPYVu+IhNRHoKaRA6Z51YNhMJIx17JM2hs/H4Ka3drk6kzDf7ofk/yBpb9yBWyU7CTSQhdoHidxqFprMDaT66W928t3AeOENHBuwn8c2K9WeGG+bELNyQRJVmawIDAQABoCowKAYJKoZIhvcNAQkOMRswGTAXBgNVHREEEDAOggxkZXYub2t0YS5jb20wDQYJKoZIhvcNAQELBQADggEBAA2hsVJRVM+A83X9MekjTnIbt19UNT8wX7wlE9jUKirWsxceLiZBpVGn9qfKhhVIpvdaIRSeoFYS2Kg/m1G6bCvjmZLcrQ5FcEBjZH2NKfNppGVnfC2ugtUkBtCB+UUzOhKhRKJtGugenKbP33zRWWIqnd2waF6Cy8TIuqQVPbwEDN9bCbAs7ND6CFYNguY7KYjWzQOeAR716eqpEEXuPYAS4nx/ty4ylonR8cv+gpq51rvq80A4k/36aoeM0Y6I4w64vhTfuvWW2UYFUD+/+y2FA2CSP4JfctySrf1s525v6fzTFZ3qZbB5OZQtP2b8xYWktMzywsxGKDoVDB4wkH4=)
stringCryptographic algorithm family for the CSR's keypair (example: RSA)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the CSR (example: h9zkutaSe7fZX0SwN1GqDApofgD1OW8g2B5l2azha50)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringBase64-encoded CSR in DER format (example: MIIC4DCCAcgCAQAwcTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCk9rdGEsIEluYy4xDDAKBgNVBAsMA0RldjESMBAGA1UEAwwJU1AgSXNzdWVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6m8jHVCr9/tKvvbFN59T4raoCs/78KRm4fSefHQOv1TKLXo4wTLbsqYWRWc5u0sd5orUMQgPQOyj3i6qh13mALY4BzrT057EG1BUNjGg29QgYlnOk2iX890e5BIDMQQEIKFrvOi2V8cLUkLvE2ydRn0VO1Q1frbUkYeStJYC5Api2JQsYRwa+1ZeDH1ITnIzUaugWhW2WB2lSnwZkenne5KtffxMPYVu+IhNRHoKaRA6Z51YNhMJIx17JM2hs/H4Ka3drk6kzDf7ofk/yBpb9yBWyU7CTSQhdoHidxqFprMDaT66W928t3AeOENHBuwn8c2K9WeGG+bELNyQRJVmawIDAQABoCowKAYJKoZIhvcNAQkOMRswGTAXBgNVHREEEDAOggxkZXYub2t0YS5jb20wDQYJKoZIhvcNAQELBQADggEBAA2hsVJRVM+A83X9MekjTnIbt19UNT8wX7wlE9jUKirWsxceLiZBpVGn9qfKhhVIpvdaIRSeoFYS2Kg/m1G6bCvjmZLcrQ5FcEBjZH2NKfNppGVnfC2ugtUkBtCB+UUzOhKhRKJtGugenKbP33zRWWIqnd2waF6Cy8TIuqQVPbwEDN9bCbAs7ND6CFYNguY7KYjWzQOeAR716eqpEEXuPYAS4nx/ty4ylonR8cv+gpq51rvq80A4k/36aoeM0Y6I4w64vhTfuvWW2UYFUD+/+y2FA2CSP4JfctySrf1s525v6fzTFZ3qZbB5OZQtP2b8xYWktMzywsxGKDoVDB4wkH4=)
stringCryptographic algorithm family for the CSR's keypair (example: RSA)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all certificate signing requests (CSRs) for an identity provider (IdP)
subdomainRetrieves a specific certificate signing request (CSR) by `id`
subdomainGenerates a new key pair and returns a certificate signing request (CSR) for it
> **Note:** The private key isn't listed in the [signing key credentials for the identity provider (IdP)](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderSigningKeys/#tag/IdentityProviderSigningKeys/operation/listIdentityProviderSigningKeys) until it's published.
subdomainRevokes a certificate signing request (CSR) and deletes the key pair from the identity provider (IdP)
subdomainPublishes the certificate signing request (CSR) with a signed X.509 certificate and adds it into the signing key credentials for the identity provider (IdP)
> **Notes:**
> * Publishing a certificate completes the lifecycle of the CSR, and it's no longer accessible.
> * If the validity period of the certificate is less than 90 days, a 400 error response is returned.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all certificate signing requests (CSRs) for an identity provider (IdP) + +```sql +SELECT +id, +_links, +created, +csr, +kty +FROM okta.idps.csrs +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a specific certificate signing request (CSR) by `id` + +```sql +SELECT +id, +_links, +created, +csr, +kty +FROM okta.idps.csrs +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Generates a new key pair and returns a certificate signing request (CSR) for it
> **Note:** The private key isn't listed in the [signing key credentials for the identity provider (IdP)](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderSigningKeys/#tag/IdentityProviderSigningKeys/operation/listIdentityProviderSigningKeys) until it's published. + +```sql +INSERT INTO okta.idps.csrs ( +data__subject, +data__subjectAltNames, +subdomain +) +SELECT +'{{ subject }}', +'{{ subjectAltNames }}', +'{{ subdomain }}' +RETURNING +id, +_links, +created, +csr, +kty +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: csrs + props: + - name: subdomain + value: string + description: Required parameter for the csrs resource. + - name: subject + value: object + - name: subjectAltNames + value: object +``` + + + + +## `DELETE` examples + + + + +Revokes a certificate signing request (CSR) and deletes the key pair from the identity provider (IdP) + +```sql +DELETE FROM okta.idps.csrs +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Publishes the certificate signing request (CSR) with a signed X.509 certificate and adds it into the signing key credentials for the identity provider (IdP)
> **Notes:**
> * Publishing a certificate completes the lifecycle of the CSR, and it's no longer accessible.
> * If the validity period of the certificate is less than 90 days, a 400 error response is returned. + +```sql +EXEC okta.idps.csrs.publish_csr_for_identity_provider +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/idps/identity_providers/index.md b/website/docs/services/idps/identity_providers/index.md new file mode 100644 index 0000000..d9f8392 --- /dev/null +++ b/website/docs/services/idps/identity_providers/index.md @@ -0,0 +1,574 @@ +--- +title: identity_providers +hide_title: false +hide_table_of_contents: false +keywords: + - identity_providers + - idps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an identity_providers resource. + +## Overview + + + + +
Nameidentity_providers
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key for the IdP (example: 0oaWma58liwx40w6boYD)
stringUnique name for the IdP (example: Sample IdP)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringIndicates whether Okta uses the original Okta org domain URL or a custom domain URL in the request to the social IdP (default: DYNAMIC)
string (date-time)Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)
objectPolicy settings for the IdP. The following provisioning and account linking actions are supported by each IdP provider: | IdP type | User provisioning actions | Group provisioning actions | Account link actions | Account link filters | | ----------------------------------------------------------------- | ------------------------- | ------------------------------------- | -------------------- | -------------------- | | `SAML2` | `AUTO` or `DISABLED` | `NONE`, `ASSIGN`, `APPEND`, or `SYNC` | `AUTO`, `DISABLED` | `groups`, `users` | | `X509`, `IDV_PERSONA`, `IDV_INCODE`, and `IDV_CLEAR` | `DISABLED` | No support for JIT provisioning | | | | All other IdP types | `AUTO`, `DISABLED` | `NONE` or `ASSIGN` | `AUTO`, `DISABLED` | `groups`, `users` |
objectThe properties in the IdP `properties` object vary depending on the IdP type
IdP-specific protocol settings for endpoints, bindings, and algorithms used to connect with the IdP and validate messages
string
stringThe IdP object's `type` property identifies the social or enterprise IdP used for authentication. Each IdP uses a specific protocol, therefore the `protocol` object must correspond with the IdP `type`. If the protocol is OAuth 2.0-based, the `protocol` object's `scopes` property must also correspond with the scopes supported by the IdP `type`. For policy actions supported by each IdP type, see [IdP type policy actions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy&t=request). | Type | Description | Corresponding protocol | Corresponding protocol scopes | | ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -------------------------------------------------------------------- | | `AMAZON` | [Amazon](https://developer.amazon.com/settings/console/registration?return_to=/) as the IdP | OpenID Connect | `profile`, `profile:user_id` | | `APPLE` | [Apple](https://developer.apple.com/sign-in-with-apple/) as the IdP | OpenID Connect | `names`, `email`, `openid` | | `DISCORD` | [Discord](https://discord.com/login) as the IdP | OAuth 2.0 | `identify`, `email` | | `FACEBOOK` | [Facebook](https://developers.facebook.com) as the IdP | OAuth 2.0 | `public_profile`, `email` | | `GITHUB` | [GitHub](https://github.com/join) as the IdP | OAuth 2.0 | `user` | | `GITLAB` | [GitLab](https://gitlab.com/users/sign_in) as the IdP | OpenID Connect | `openid`, `read_user`, `profile`, `email` | | `GOOGLE` | [Google](https://accounts.google.com/signup) as the IdP | OpenID Connect | `openid`, `email`, `profile` | | `IDV_PERSONA` | [Persona](https://app.withpersona.com/dashboard/login) as the IDV IdP | ID verification | | | `IDV_CLEAR` | [CLEAR Verified](https://www.clearme.com/) as the IDV IdP | ID verification | `openid`, `profile`, `identity_assurance` | | `IDV_INCODE` | [Incode](https://incode.com/) as the IDV IdP | ID verification | `openid`, `profile`, `identity_assurance` | | `LINKEDIN` | [LinkedIn](https://developer.linkedin.com/) as the IdP | OAuth 2.0 | `r_emailaddress`, `r_liteprofile` | | `LOGINGOV` | [Login.gov](https://developers.login.gov/) as the IdP | OpenID Connect | `email`, `profile`, `profile:name` | | `LOGINGOV_SANDBOX` | [Login.gov's identity sandbox](https://developers.login.gov/testing/) as the IdP | OpenID Connect | `email`, `profile`, `profile:name` | | `MICROSOFT` | [Microsoft Enterprise SSO](https://azure.microsoft.com/) as the IdP | OpenID Connect | `openid`, `email`, `profile`, `https://graph.microsoft.com/User.Read` | | `OIDC` | IdP that supports [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) | OpenID Connect | `openid`, `email`, `profile` | | `PAYPAL` | [Paypal](https://www.paypal.com/signin) as the IdP | OpenID Connect | `openid`, `email`, `profile` | | `PAYPAL_SANDBOX` | [Paypal Sandbox](https://developer.paypal.com/tools/sandbox/) as the IdP | OpenID Connect | `openid`, `email`, `profile` | | `SALESFORCE` | [SalesForce](https://login.salesforce.com/) as the IdP | OAuth 2.0 | `id`, `email`, `profile` | | `SAML2` | Enterprise IdP that supports the [SAML 2.0 Web Browser SSO Profile](https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf)| SAML 2.0 | | | `SPOTIFY` | [Spotify](https://developer.spotify.com/) as the IdP | OpenID Connect | `user-read-email`, `user-read-private` | | `X509` | [Smart Card IdP](https://tools.ietf.org/html/rfc5280) | Mutual TLS | | | `XERO` | [Xero](https://www.xero.com/us/signup/api/) as the IdP | OpenID Connect | `openid`, `profile`, `email` | | `YAHOO` | [Yahoo](https://login.yahoo.com/) as the IdP | OpenID Connect | `openid`, `profile`, `email` | | `YAHOOJP` | [Yahoo Japan](https://login.yahoo.co.jp/config/login) as the IdP | OpenID Connect | `openid`, `profile`, `email` | | `OKTA_INTEGRATION` | IdP that supports the [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) Org2Org IdP | OpenID Connect | `openid`, `email`, `profile` |
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key for the IdP (example: 0oaWma58liwx40w6boYD)
stringUnique name for the IdP (example: Sample IdP)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringIndicates whether Okta uses the original Okta org domain URL or a custom domain URL in the request to the social IdP (default: DYNAMIC)
string (date-time)Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)
objectPolicy settings for the IdP. The following provisioning and account linking actions are supported by each IdP provider: | IdP type | User provisioning actions | Group provisioning actions | Account link actions | Account link filters | | ----------------------------------------------------------------- | ------------------------- | ------------------------------------- | -------------------- | -------------------- | | `SAML2` | `AUTO` or `DISABLED` | `NONE`, `ASSIGN`, `APPEND`, or `SYNC` | `AUTO`, `DISABLED` | `groups`, `users` | | `X509`, `IDV_PERSONA`, `IDV_INCODE`, and `IDV_CLEAR` | `DISABLED` | No support for JIT provisioning | | | | All other IdP types | `AUTO`, `DISABLED` | `NONE` or `ASSIGN` | `AUTO`, `DISABLED` | `groups`, `users` |
objectThe properties in the IdP `properties` object vary depending on the IdP type
IdP-specific protocol settings for endpoints, bindings, and algorithms used to connect with the IdP and validate messages
string
stringThe IdP object's `type` property identifies the social or enterprise IdP used for authentication. Each IdP uses a specific protocol, therefore the `protocol` object must correspond with the IdP `type`. If the protocol is OAuth 2.0-based, the `protocol` object's `scopes` property must also correspond with the scopes supported by the IdP `type`. For policy actions supported by each IdP type, see [IdP type policy actions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy&t=request). | Type | Description | Corresponding protocol | Corresponding protocol scopes | | ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -------------------------------------------------------------------- | | `AMAZON` | [Amazon](https://developer.amazon.com/settings/console/registration?return_to=/) as the IdP | OpenID Connect | `profile`, `profile:user_id` | | `APPLE` | [Apple](https://developer.apple.com/sign-in-with-apple/) as the IdP | OpenID Connect | `names`, `email`, `openid` | | `DISCORD` | [Discord](https://discord.com/login) as the IdP | OAuth 2.0 | `identify`, `email` | | `FACEBOOK` | [Facebook](https://developers.facebook.com) as the IdP | OAuth 2.0 | `public_profile`, `email` | | `GITHUB` | [GitHub](https://github.com/join) as the IdP | OAuth 2.0 | `user` | | `GITLAB` | [GitLab](https://gitlab.com/users/sign_in) as the IdP | OpenID Connect | `openid`, `read_user`, `profile`, `email` | | `GOOGLE` | [Google](https://accounts.google.com/signup) as the IdP | OpenID Connect | `openid`, `email`, `profile` | | `IDV_PERSONA` | [Persona](https://app.withpersona.com/dashboard/login) as the IDV IdP | ID verification | | | `IDV_CLEAR` | [CLEAR Verified](https://www.clearme.com/) as the IDV IdP | ID verification | `openid`, `profile`, `identity_assurance` | | `IDV_INCODE` | [Incode](https://incode.com/) as the IDV IdP | ID verification | `openid`, `profile`, `identity_assurance` | | `LINKEDIN` | [LinkedIn](https://developer.linkedin.com/) as the IdP | OAuth 2.0 | `r_emailaddress`, `r_liteprofile` | | `LOGINGOV` | [Login.gov](https://developers.login.gov/) as the IdP | OpenID Connect | `email`, `profile`, `profile:name` | | `LOGINGOV_SANDBOX` | [Login.gov's identity sandbox](https://developers.login.gov/testing/) as the IdP | OpenID Connect | `email`, `profile`, `profile:name` | | `MICROSOFT` | [Microsoft Enterprise SSO](https://azure.microsoft.com/) as the IdP | OpenID Connect | `openid`, `email`, `profile`, `https://graph.microsoft.com/User.Read` | | `OIDC` | IdP that supports [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) | OpenID Connect | `openid`, `email`, `profile` | | `PAYPAL` | [Paypal](https://www.paypal.com/signin) as the IdP | OpenID Connect | `openid`, `email`, `profile` | | `PAYPAL_SANDBOX` | [Paypal Sandbox](https://developer.paypal.com/tools/sandbox/) as the IdP | OpenID Connect | `openid`, `email`, `profile` | | `SALESFORCE` | [SalesForce](https://login.salesforce.com/) as the IdP | OAuth 2.0 | `id`, `email`, `profile` | | `SAML2` | Enterprise IdP that supports the [SAML 2.0 Web Browser SSO Profile](https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf)| SAML 2.0 | | | `SPOTIFY` | [Spotify](https://developer.spotify.com/) as the IdP | OpenID Connect | `user-read-email`, `user-read-private` | | `X509` | [Smart Card IdP](https://tools.ietf.org/html/rfc5280) | Mutual TLS | | | `XERO` | [Xero](https://www.xero.com/us/signup/api/) as the IdP | OpenID Connect | `openid`, `profile`, `email` | | `YAHOO` | [Yahoo](https://login.yahoo.com/) as the IdP | OpenID Connect | `openid`, `profile`, `email` | | `YAHOOJP` | [Yahoo Japan](https://login.yahoo.co.jp/config/login) as the IdP | OpenID Connect | `openid`, `profile`, `email` | | `OKTA_INTEGRATION` | IdP that supports the [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) Org2Org IdP | OpenID Connect | `openid`, `email`, `profile` |
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainq, after, limit, typeLists all identity provider (IdP) integrations with pagination. A subset of IdPs can be returned that match a supported filter expression or query.
subdomainRetrieves an identity provider (IdP) integration by `idpId`
subdomainCreates a new identity provider (IdP) integration.

#### SAML 2.0 IdP

You must first add the IdP's signature certificate to the IdP key store before you can add a SAML 2.0 IdP with a `kid` credential reference.

Don't use `fromURI` to automatically redirect a user to a particular app after successfully authenticating with a third-party IdP. Instead, use SAML deep links. Using `fromURI` isn't tested or supported. For more information about using deep links when signing users in using an SP-initiated flow, see [Understanding SP-Initiated Login flow](https://developer.okta.com/docs/concepts/saml/#understanding-sp-initiated-login-flow).

Use SAML deep links to automatically redirect the user to an app after successfully authenticating with a third-party IdP. To use deep links, assemble these three parts into a URL:

* SP ACS URL<br>
For example: `https://${yourOktaDomain}/sso/saml2/:idpId`
* The app to which the user is automatically redirected after successfully authenticating with the IdP <br>
For example: `/app/:app-location/:appId/sso/saml`
* Optionally, if the app is an outbound SAML app, you can specify the `relayState` passed to it.<br>
For example: `?RelayState=:anyUrlEncodedValue`

The deep link for the above three parts is:<br>
`https://${yourOktaDomain}/sso/saml2/:idpId/app/:app-location/:appId/sso/saml?RelayState=:anyUrlEncodedValue`

#### Smart Card X509 IdP

You must first add the IdP's server certificate to the IdP key store before you can add a Smart Card `X509` IdP with a `kid` credential reference.
You need to upload the whole trust chain as a single key using the [Key Store API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderKeys/#tag/IdentityProviderKeys/operation/createIdentityProviderKey).
Depending on the information stored in the smart card, select the proper [template](https://developer.okta.com/docs/reference/okta-expression-language/#idp-user-profile) `idpuser.subjectAltNameEmail` or `idpuser.subjectAltNameUpn`.

#### Identity verification vendors as identity providers

Identity verification vendors (IDVs) work like IdPs, with a few key differences. IDVs verify your user's identities by requiring them to submit a proof of identity. There are many ways to verify user identities. For example, a proof of identity can be a selfie to determine liveliness or it can be requiring users to submit a photo of their driver's license and matching that information with a database.

There are three IDVs that you can configure as IdPs in your org by creating an account with the vendor, and then creating an IdP integration. Control how the IDVs verify your users by using [Okta account management policy rules](https://developer.okta.com/docs/guides/okta-account-management-policy/main/).

* [Persona](https://withpersona.com/)

* [CLEAR Verified](https://www.clearme.com/)

* [Incode](https://incode.com/)
subdomainReplaces an identity provider (IdP) integration by `idpId`
subdomainDeletes an identity provider (IdP) integration by `idpId`
* All existing IdP users are unlinked with the highest order profile source taking precedence for each IdP user.
* Unlinked users keep their existing authentication provider such as `FEDERATION` or `SOCIAL`.
subdomainActivates an inactive identity provider (IdP)
subdomainDeactivates an active identity provider (IdP)
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
stringSearches the `name` property of IdPs for matching value (example: Example SAML)
stringFilters IdPs by `type`
+ +## `SELECT` examples + + + + +Lists all identity provider (IdP) integrations with pagination. A subset of IdPs can be returned that match a supported filter expression or query. + +```sql +SELECT +id, +name, +_links, +created, +issuerMode, +lastUpdated, +policy, +properties, +protocol, +status, +type +FROM okta.idps.identity_providers +WHERE subdomain = '{{ subdomain }}' -- required +AND q = '{{ q }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND type = '{{ type }}'; +``` + + + +Retrieves an identity provider (IdP) integration by `idpId` + +```sql +SELECT +id, +name, +_links, +created, +issuerMode, +lastUpdated, +policy, +properties, +protocol, +status, +type +FROM okta.idps.identity_providers +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new identity provider (IdP) integration.

#### SAML 2.0 IdP

You must first add the IdP's signature certificate to the IdP key store before you can add a SAML 2.0 IdP with a `kid` credential reference.

Don't use `fromURI` to automatically redirect a user to a particular app after successfully authenticating with a third-party IdP. Instead, use SAML deep links. Using `fromURI` isn't tested or supported. For more information about using deep links when signing users in using an SP-initiated flow, see [Understanding SP-Initiated Login flow](https://developer.okta.com/docs/concepts/saml/#understanding-sp-initiated-login-flow).

Use SAML deep links to automatically redirect the user to an app after successfully authenticating with a third-party IdP. To use deep links, assemble these three parts into a URL:

* SP ACS URL<br>
For example: `https://${yourOktaDomain}/sso/saml2/:idpId`
* The app to which the user is automatically redirected after successfully authenticating with the IdP <br>
For example: `/app/:app-location/:appId/sso/saml`
* Optionally, if the app is an outbound SAML app, you can specify the `relayState` passed to it.<br>
For example: `?RelayState=:anyUrlEncodedValue`

The deep link for the above three parts is:<br>
`https://${yourOktaDomain}/sso/saml2/:idpId/app/:app-location/:appId/sso/saml?RelayState=:anyUrlEncodedValue`

#### Smart Card X509 IdP

You must first add the IdP's server certificate to the IdP key store before you can add a Smart Card `X509` IdP with a `kid` credential reference.
You need to upload the whole trust chain as a single key using the [Key Store API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProviderKeys/#tag/IdentityProviderKeys/operation/createIdentityProviderKey).
Depending on the information stored in the smart card, select the proper [template](https://developer.okta.com/docs/reference/okta-expression-language/#idp-user-profile) `idpuser.subjectAltNameEmail` or `idpuser.subjectAltNameUpn`.

#### Identity verification vendors as identity providers

Identity verification vendors (IDVs) work like IdPs, with a few key differences. IDVs verify your user's identities by requiring them to submit a proof of identity. There are many ways to verify user identities. For example, a proof of identity can be a selfie to determine liveliness or it can be requiring users to submit a photo of their driver's license and matching that information with a database.

There are three IDVs that you can configure as IdPs in your org by creating an account with the vendor, and then creating an IdP integration. Control how the IDVs verify your users by using [Okta account management policy rules](https://developer.okta.com/docs/guides/okta-account-management-policy/main/).

* [Persona](https://withpersona.com/)

* [CLEAR Verified](https://www.clearme.com/)

* [Incode](https://incode.com/) + +```sql +INSERT INTO okta.idps.identity_providers ( +data__issuerMode, +data__name, +data__policy, +data__properties, +data__protocol, +data__status, +data__type, +subdomain +) +SELECT +'{{ issuerMode }}', +'{{ name }}', +'{{ policy }}', +'{{ properties }}', +'{{ protocol }}', +'{{ status }}', +'{{ type }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +created, +issuerMode, +lastUpdated, +policy, +properties, +protocol, +status, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: identity_providers + props: + - name: subdomain + value: string + description: Required parameter for the identity_providers resource. + - name: issuerMode + value: string + description: > + Indicates whether Okta uses the original Okta org domain URL or a custom domain URL in the request to the social IdP + + valid_values: ['CUSTOM_URL', 'DYNAMIC', 'ORG_URL'] + default: DYNAMIC + - name: name + value: string + description: > + Unique name for the IdP + + - name: policy + value: object + description: > + Policy settings for the IdP. +The following provisioning and account linking actions are supported by each IdP provider: +| IdP type | User provisioning actions | Group provisioning actions | Account link actions | Account link filters | +| ----------------------------------------------------------------- | ------------------------- | ------------------------------------- | -------------------- | -------------------- | +| `SAML2` | `AUTO` or `DISABLED` | `NONE`, `ASSIGN`, `APPEND`, or `SYNC` | `AUTO`, `DISABLED` | `groups`, `users` | +| `X509`, `IDV_PERSONA`, `IDV_INCODE`, and `IDV_CLEAR` | `DISABLED` | No support for JIT provisioning | | | +| All other IdP types | `AUTO`, `DISABLED` | `NONE` or `ASSIGN` | `AUTO`, `DISABLED` | `groups`, `users` | + + - name: properties + value: object + description: > + The properties in the IdP `properties` object vary depending on the IdP type + + - name: protocol + value: string + description: > + IdP-specific protocol settings for endpoints, bindings, and algorithms used to connect with the IdP and validate messages + + - name: status + value: string + valid_values: ['ACTIVE', 'INACTIVE'] + - name: type + value: string + description: > + The IdP object's `type` property identifies the social or enterprise IdP used for authentication. +Each IdP uses a specific protocol, therefore the `protocol` object must correspond with the IdP `type`. +If the protocol is OAuth 2.0-based, the `protocol` object's `scopes` property must also correspond with the scopes supported by the IdP `type`. +For policy actions supported by each IdP type, see [IdP type policy actions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy&t=request). + +| Type | Description | Corresponding protocol | Corresponding protocol scopes | +| ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -------------------------------------------------------------------- | +| `AMAZON` | [Amazon](https://developer.amazon.com/settings/console/registration?return_to=/) as the IdP | OpenID Connect | `profile`, `profile:user_id` | +| `APPLE` | [Apple](https://developer.apple.com/sign-in-with-apple/) as the IdP | OpenID Connect | `names`, `email`, `openid` | +| `DISCORD` | [Discord](https://discord.com/login) as the IdP | OAuth 2.0 | `identify`, `email` | +| `FACEBOOK` | [Facebook](https://developers.facebook.com) as the IdP | OAuth 2.0 | `public_profile`, `email` | +| `GITHUB` | [GitHub](https://github.com/join) as the IdP | OAuth 2.0 | `user` | +| `GITLAB` | [GitLab](https://gitlab.com/users/sign_in) as the IdP | OpenID Connect | `openid`, `read_user`, `profile`, `email` | +| `GOOGLE` | [Google](https://accounts.google.com/signup) as the IdP | OpenID Connect | `openid`, `email`, `profile` | +| `IDV_PERSONA` | [Persona](https://app.withpersona.com/dashboard/login) as the IDV IdP | ID verification | | +| `IDV_CLEAR` | [CLEAR Verified](https://www.clearme.com/) as the IDV IdP | ID verification | `openid`, `profile`, `identity_assurance` | +| `IDV_INCODE` | [Incode](https://incode.com/) as the IDV IdP | ID verification | `openid`, `profile`, `identity_assurance` | +| `LINKEDIN` | [LinkedIn](https://developer.linkedin.com/) as the IdP | OAuth 2.0 | `r_emailaddress`, `r_liteprofile` | +| `LOGINGOV` | [Login.gov](https://developers.login.gov/) as the IdP | OpenID Connect | `email`, `profile`, `profile:name` | +| `LOGINGOV_SANDBOX` | [Login.gov's identity sandbox](https://developers.login.gov/testing/) as the IdP | OpenID Connect | `email`, `profile`, `profile:name` | +| `MICROSOFT` | [Microsoft Enterprise SSO](https://azure.microsoft.com/) as the IdP | OpenID Connect | `openid`, `email`, `profile`, `https://graph.microsoft.com/User.Read` | +| `OIDC` | IdP that supports [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) | OpenID Connect | `openid`, `email`, `profile` | +| `PAYPAL` | [Paypal](https://www.paypal.com/signin) as the IdP | OpenID Connect | `openid`, `email`, `profile` | +| `PAYPAL_SANDBOX` | [Paypal Sandbox](https://developer.paypal.com/tools/sandbox/) as the IdP | OpenID Connect | `openid`, `email`, `profile` | +| `SALESFORCE` | [SalesForce](https://login.salesforce.com/) as the IdP | OAuth 2.0 | `id`, `email`, `profile` | +| `SAML2` | Enterprise IdP that supports the [SAML 2.0 Web Browser SSO Profile](https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf)| SAML 2.0 | | +| `SPOTIFY` | [Spotify](https://developer.spotify.com/) as the IdP | OpenID Connect | `user-read-email`, `user-read-private` | +| `X509` | [Smart Card IdP](https://tools.ietf.org/html/rfc5280) | Mutual TLS | | +| `XERO` | [Xero](https://www.xero.com/us/signup/api/) as the IdP | OpenID Connect | `openid`, `profile`, `email` | +| `YAHOO` | [Yahoo](https://login.yahoo.com/) as the IdP | OpenID Connect | `openid`, `profile`, `email` | +| `YAHOOJP` | [Yahoo Japan](https://login.yahoo.co.jp/config/login) as the IdP | OpenID Connect | `openid`, `profile`, `email` | +| `OKTA_INTEGRATION` | IdP that supports the [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) Org2Org IdP | OpenID Connect | `openid`, `email`, `profile` | + + valid_values: ['AMAZON', 'APPLE', 'DISCORD', 'FACEBOOK', 'GITHUB', 'GITLAB', 'GOOGLE', 'IDV_CLEAR', 'IDV_INCODE', 'IDV_PERSONA', 'LINKEDIN', 'LOGINGOV', 'LOGINGOV_SANDBOX', 'MICROSOFT', 'OIDC', 'OKTA_INTEGRATION', 'PAYPAL', 'PAYPAL_SANDBOX', 'SALESFORCE', 'SAML2', 'SPOTIFY', 'X509', 'XERO', 'YAHOO', 'YAHOOJP'] +``` + + + + +## `REPLACE` examples + + + + +Replaces an identity provider (IdP) integration by `idpId` + +```sql +REPLACE okta.idps.identity_providers +SET +data__issuerMode = '{{ issuerMode }}', +data__name = '{{ name }}', +data__policy = '{{ policy }}', +data__properties = '{{ properties }}', +data__protocol = '{{ protocol }}', +data__status = '{{ status }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +created, +issuerMode, +lastUpdated, +policy, +properties, +protocol, +status, +type; +``` + + + + +## `DELETE` examples + + + + +Deletes an identity provider (IdP) integration by `idpId`
* All existing IdP users are unlinked with the highest order profile source taking precedence for each IdP user.
* Unlinked users keep their existing authentication provider such as `FEDERATION` or `SOCIAL`. + +```sql +DELETE FROM okta.idps.identity_providers +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates an inactive identity provider (IdP) + +```sql +EXEC okta.idps.identity_providers.activate_identity_provider +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates an active identity provider (IdP) + +```sql +EXEC okta.idps.identity_providers.deactivate_identity_provider +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/idps/idp_users/index.md b/website/docs/services/idps/idp_users/index.md new file mode 100644 index 0000000..4d12b88 --- /dev/null +++ b/website/docs/services/idps/idp_users/index.md @@ -0,0 +1,323 @@ +--- +title: idp_users +hide_title: false +hide_table_of_contents: false +keywords: + - idp_users + - idps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an idp_users resource. + +## Overview + + + + +
Nameidp_users
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key of the user
objectEmbedded resources related to the IdP user
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringUnique IdP-specific identifier for the user (example: saml.jackson@example.com)
string (date-time)Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)
objectIdP-specific profile for the user. IdP user profiles are IdP-specific but may be customized by the Profile Editor in the Admin Console. > **Note:** Okta variable names have reserved characters that may conflict with the name of an IdP assertion attribute. You can use the **External name** to define the attribute name as defined in an IdP assertion such as a SAML attribute name.
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique key of the user
objectEmbedded resources related to the IdP user
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringUnique IdP-specific identifier for the user (example: saml.jackson@example.com)
string (date-time)Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)
objectIdP-specific profile for the user. IdP user profiles are IdP-specific but may be customized by the Profile Editor in the Admin Console. > **Note:** Okta variable names have reserved characters that may conflict with the name of an IdP assertion attribute. You can use the **External name** to define the attribute name as defined in an IdP assertion such as a SAML attribute name.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainq, after, limit, expandLists all the users linked to an identity provider (IdP)
subdomainRetrieves a linked identity provider (IdP) user by ID
subdomainUnlinks the Okta user and the identity provider (IdP) user. The next time the user federates into Okta through this IdP, they have to re-link their account according to the account link policy.
subdomainLinks an Okta user to an existing SAML or social identity provider (IdP).

The SAML IdP must have `honorPersistentNameId` set to `true` to use this API.
The [Name Identifier Format](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider!path=protocol/0/settings&t=request) of the incoming assertion must be `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent`.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
stringExpand user data
integerA limit on the number of objects to return
stringSearches the records for matching value
+ +## `SELECT` examples + + + + +Lists all the users linked to an identity provider (IdP) + +```sql +SELECT +id, +_embedded, +_links, +created, +externalId, +lastUpdated, +profile +FROM okta.idps.idp_users +WHERE subdomain = '{{ subdomain }}' -- required +AND q = '{{ q }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND expand = '{{ expand }}'; +``` + + + +Retrieves a linked identity provider (IdP) user by ID + +```sql +SELECT +id, +_embedded, +_links, +created, +externalId, +lastUpdated, +profile +FROM okta.idps.idp_users +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `DELETE` examples + + + + +Unlinks the Okta user and the identity provider (IdP) user. The next time the user federates into Okta through this IdP, they have to re-link their account according to the account link policy. + +```sql +DELETE FROM okta.idps.idp_users +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Links an Okta user to an existing SAML or social identity provider (IdP).

The SAML IdP must have `honorPersistentNameId` set to `true` to use this API.
The [Name Identifier Format](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider!path=protocol/0/settings&t=request) of the incoming assertion must be `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent`. + +```sql +EXEC okta.idps.idp_users.link_user_to_identity_provider +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"externalId": "{{ externalId }}" +}'; +``` + + diff --git a/website/docs/services/idps/index.md b/website/docs/services/idps/index.md new file mode 100644 index 0000000..5d5db7d --- /dev/null +++ b/website/docs/services/idps/index.md @@ -0,0 +1,38 @@ +--- +title: idps +hide_title: false +hide_table_of_contents: false +keywords: + - idps + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +idps service documentation. + +:::info[Service Summary] + +total resources: __7__ + +::: + +## Resources +
+
+active_idp_signing_keys
+csrs
+identity_providers
+idp_users +
+
+keys
+signing_keys
+social_auth_tokens +
+
\ No newline at end of file diff --git a/website/docs/services/idps/keys/index.md b/website/docs/services/idps/keys/index.md new file mode 100644 index 0000000..7a20b08 --- /dev/null +++ b/website/docs/services/idps/keys/index.md @@ -0,0 +1,424 @@ +--- +title: keys +hide_title: false +hide_table_of_contents: false +keywords: + - keys + - idps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a keys resource. + +## Overview + + + + +
Namekeys
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringThe exponent value for the RSA public key (example: AQAB)
string (date-time)Timestamp when the object expires (example: 2016-01-03T18:15:47.000Z)
stringUnique identifier for the key (example: your-key-id)
stringIdentifies the cryptographic algorithm family used with the key (example: RSA)
string (date-time)Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)
stringThe modulus value for the RSA public key (example: 101438407598598116085679865987760095721749307901605456708912786847324207000576780508113360584555007890315805735307890113536927352312915634368993759211767770602174860126854831344273970871509573365292777620005537635317282520456901584213746937262823585533063042033441296629204165064680610660631365266976782082747)
stringIntended use of the public key (example: sig)
arrayBase64-encoded X.509 certificate chain with DER encoding
stringBase64url-encoded SHA-256 thumbprint of the DER encoding of an X.509 certificate (example: wzPVobIrveR1x-PCbjsFGNV-6zn7Rm9KuOWOG4Rk6jE)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringThe exponent value for the RSA public key (example: AQAB)
string (date-time)Timestamp when the object expires (example: 2016-01-03T18:15:47.000Z)
stringUnique identifier for the key (example: your-key-id)
stringIdentifies the cryptographic algorithm family used with the key (example: RSA)
string (date-time)Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)
stringThe modulus value for the RSA public key (example: 101438407598598116085679865987760095721749307901605456708912786847324207000576780508113360584555007890315805735307890113536927352312915634368993759211767770602174860126854831344273970871509573365292777620005537635317282520456901584213746937262823585533063042033441296629204165064680610660631365266976782082747)
stringIntended use of the public key (example: sig)
arrayBase64-encoded X.509 certificate chain with DER encoding
stringBase64url-encoded SHA-256 thumbprint of the DER encoding of an X.509 certificate (example: wzPVobIrveR1x-PCbjsFGNV-6zn7Rm9KuOWOG4Rk6jE)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all identity provider (IdP) key credentials
subdomainRetrieves a specific identity provider (IdP) key credential by `kid`
subdomainCreates a new X.509 certificate credential in the identity provider (IdP) key store
> **Note:** RSA-based certificates are supported for all IdP types. Okta currently supports EC-based certificates only for the `X509` IdP type. For EC-based certificates we support only P-256, P-384, and P-521 curves.
subdomainReplaces an identity provider (IdP) key credential by `kid`
subdomainDeletes a specific identity provider (IdP) key credential by `kid` if it isn't currently being used by an active or inactive IdP
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all identity provider (IdP) key credentials + +```sql +SELECT +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +FROM okta.idps.keys +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + +Retrieves a specific identity provider (IdP) key credential by `kid` + +```sql +SELECT +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +FROM okta.idps.keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new X.509 certificate credential in the identity provider (IdP) key store
> **Note:** RSA-based certificates are supported for all IdP types. Okta currently supports EC-based certificates only for the `X509` IdP type. For EC-based certificates we support only P-256, P-384, and P-521 curves. + +```sql +INSERT INTO okta.idps.keys ( +data__x5c, +subdomain +) +SELECT +'{{ x5c }}' --required, +'{{ subdomain }}' +RETURNING +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: keys + props: + - name: subdomain + value: string + description: Required parameter for the keys resource. + - name: x5c + value: array + description: > + Base64-encoded X.509 certificate chain with DER encoding + +``` + + + + +## `REPLACE` examples + + + + +Replaces an identity provider (IdP) key credential by `kid` + +```sql +REPLACE okta.idps.keys +SET +data__e = '{{ e }}', +data__kid = '{{ kid }}', +data__kty = '{{ kty }}', +data__n = '{{ n }}', +data__use = '{{ use }}', +data__x5c = '{{ x5c }}', +data__x5t#S256 = '{{ x5t#S256 }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256; +``` + + + + +## `DELETE` examples + + + + +Deletes a specific identity provider (IdP) key credential by `kid` if it isn't currently being used by an active or inactive IdP + +```sql +DELETE FROM okta.idps.keys +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/idps/signing_keys/index.md b/website/docs/services/idps/signing_keys/index.md new file mode 100644 index 0000000..e601d7c --- /dev/null +++ b/website/docs/services/idps/signing_keys/index.md @@ -0,0 +1,374 @@ +--- +title: signing_keys +hide_title: false +hide_table_of_contents: false +keywords: + - signing_keys + - idps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a signing_keys resource. + +## Overview + + + + +
Namesigning_keys
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringThe exponent value for the RSA public key (example: AQAB)
string (date-time)Timestamp when the object expires (example: 2016-01-03T18:15:47.000Z)
stringUnique identifier for the key (example: your-key-id)
stringIdentifies the cryptographic algorithm family used with the key (example: RSA)
string (date-time)Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)
stringThe modulus value for the RSA public key (example: 101438407598598116085679865987760095721749307901605456708912786847324207000576780508113360584555007890315805735307890113536927352312915634368993759211767770602174860126854831344273970871509573365292777620005537635317282520456901584213746937262823585533063042033441296629204165064680610660631365266976782082747)
stringIntended use of the public key (example: sig)
arrayBase64-encoded X.509 certificate chain with DER encoding
stringBase64url-encoded SHA-256 thumbprint of the DER encoding of an X.509 certificate (example: wzPVobIrveR1x-PCbjsFGNV-6zn7Rm9KuOWOG4Rk6jE)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
string (date-time)Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)
stringThe exponent value for the RSA public key (example: AQAB)
string (date-time)Timestamp when the object expires (example: 2016-01-03T18:15:47.000Z)
stringUnique identifier for the key (example: your-key-id)
stringIdentifies the cryptographic algorithm family used with the key (example: RSA)
string (date-time)Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)
stringThe modulus value for the RSA public key (example: 101438407598598116085679865987760095721749307901605456708912786847324207000576780508113360584555007890315805735307890113536927352312915634368993759211767770602174860126854831344273970871509573365292777620005537635317282520456901584213746937262823585533063042033441296629204165064680610660631365266976782082747)
stringIntended use of the public key (example: sig)
arrayBase64-encoded X.509 certificate chain with DER encoding
stringBase64url-encoded SHA-256 thumbprint of the DER encoding of an X.509 certificate (example: wzPVobIrveR1x-PCbjsFGNV-6zn7Rm9KuOWOG4Rk6jE)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all signing key credentials for an identity provider (IdP)
subdomainRetrieves a specific identity provider (IdP) key credential by `kid`
validityYears, subdomainGenerates a new X.509 certificate for an identity provider (IdP) signing key credential to be used for signing assertions sent to the IdP. IdP signing keys are read-only.
> **Note:** To update an IdP with the newly generated key credential, [update your IdP](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider) using the returned key's `kid` in the [signing credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider!path=protocol/0/credentials/signing/kid&t=request).
targetIdpId, subdomainClones an X.509 certificate for an identity provider (IdP) signing key credential from a source IdP to target IdP
> **Caution:** Sharing certificates isn't a recommended security practice.

> **Note:** If the key is already present in the list of key credentials for the target IdP, you receive a 400 error response.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
string`id` of the target IdP
integer (int32)expiry of the IdP key credential
+ +## `SELECT` examples + + + + +Lists all signing key credentials for an identity provider (IdP) + +```sql +SELECT +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +FROM okta.idps.signing_keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a specific identity provider (IdP) key credential by `kid` + +```sql +SELECT +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +FROM okta.idps.signing_keys +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Generates a new X.509 certificate for an identity provider (IdP) signing key credential to be used for signing assertions sent to the IdP. IdP signing keys are read-only.
> **Note:** To update an IdP with the newly generated key credential, [update your IdP](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider) using the returned key's `kid` in the [signing credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/replaceIdentityProvider!path=protocol/0/credentials/signing/kid&t=request). + +```sql +INSERT INTO okta.idps.signing_keys ( +validityYears, +subdomain +) +SELECT +'{{ validityYears }}', +'{{ subdomain }}' +RETURNING +created, +e, +expiresAt, +kid, +kty, +lastUpdated, +n, +use, +x5c, +x5t#S256 +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: signing_keys + props: + - name: validityYears + value: integer (int32) + description: Required parameter for the signing_keys resource. + - name: subdomain + value: string + description: Required parameter for the signing_keys resource. +``` + + + + +## Lifecycle Methods + + + + +Clones an X.509 certificate for an identity provider (IdP) signing key credential from a source IdP to target IdP
> **Caution:** Sharing certificates isn't a recommended security practice.

> **Note:** If the key is already present in the list of key credentials for the target IdP, you receive a 400 error response. + +```sql +EXEC okta.idps.signing_keys.clone_identity_provider_key +@targetIdpId='{{ targetIdpId }}' --required, +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/idps/social_auth_tokens/index.md b/website/docs/services/idps/social_auth_tokens/index.md new file mode 100644 index 0000000..34fa4f5 --- /dev/null +++ b/website/docs/services/idps/social_auth_tokens/index.md @@ -0,0 +1,158 @@ +--- +title: social_auth_tokens +hide_title: false +hide_table_of_contents: false +keywords: + - social_auth_tokens + - idps + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a social_auth_tokens resource. + +## Overview + + + + +
Namesocial_auth_tokens
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the token (example: NXp9GaX1eOA-XVF_H9fn2Q)
string (date-time)Timestamp when the object expires (example: 2016-01-03T18:15:47.000Z)
arrayThe scopes that the token is good for
stringThe raw token (example: JBTWGV22G4ZGKV3N)
stringThe token authentication scheme as defined by the social provider (example: Bearer)
stringThe type of token defined by the [OAuth Token Exchange Spec](https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-07#section-3) (example: urn:ietf:params:oauth:token-type:access_token)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists the tokens minted by the social authentication provider when the user authenticates with Okta via Social Auth.

Okta doesn't import all the user information from a social provider. If the app needs information that isn't imported, it can get the user token from this endpoint. Then the app can make an API call to the social provider with the token to request the additional information.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists the tokens minted by the social authentication provider when the user authenticates with Okta via Social Auth.

Okta doesn't import all the user information from a social provider. If the app needs information that isn't imported, it can get the user token from this endpoint. Then the app can make an API call to the social provider with the token to request the additional information. + +```sql +SELECT +id, +expiresAt, +scopes, +token, +tokenAuthScheme, +tokenType +FROM okta.idps.social_auth_tokens +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/inlinehooks/index.md b/website/docs/services/inlinehooks/index.md new file mode 100644 index 0000000..6842f55 --- /dev/null +++ b/website/docs/services/inlinehooks/index.md @@ -0,0 +1,33 @@ +--- +title: inlinehooks +hide_title: false +hide_table_of_contents: false +keywords: + - inlinehooks + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +inlinehooks service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+inline_hooks +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/inlinehooks/inline_hooks/index.md b/website/docs/services/inlinehooks/inline_hooks/index.md new file mode 100644 index 0000000..c37323b --- /dev/null +++ b/website/docs/services/inlinehooks/inline_hooks/index.md @@ -0,0 +1,522 @@ +--- +title: inline_hooks +hide_title: false +hide_table_of_contents: false +keywords: + - inline_hooks + - inlinehooks + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an inline_hooks resource. + +## Overview + + + + +
Nameinline_hooks
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique identifier for the inline hook
stringThe display name of the inline hook
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object
string (date-time)Date of the inline hook creation
string (date-time)Date of the last inline hook update
string
stringOne of the inline hook types
stringVersion of the inline hook type. The currently supported version is `1.0.0`.
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique identifier for the inline hook
stringThe display name of the inline hook
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object
string (date-time)Date of the inline hook creation
string (date-time)Date of the last inline hook update
string
stringOne of the inline hook types
stringVersion of the inline hook type. The currently supported version is `1.0.0`.
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomaintypeLists all inline hooks or all inline hooks of a specific type.

When listing a specific inline hook, you need to specify its type. The following types are currently supported:
| Type Value | Name |
|------------------------------------|----------------------------------------------------------------|
| `com.okta.import.transform` | [User import inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createUserImportInlineHook) |
| `com.okta.oauth2.tokens.transform` | [Token inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createTokenInlineHook) |
| `com.okta.saml.tokens.transform` | [SAML assertion inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createSAMLAssertionInlineHook) |
| `com.okta.telephony.provider` | [Telephony inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createTelephonyInlineHook) |
| `com.okta.user.credential.password.import` | [Password import inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook)|
| `com.okta.user.pre-registration` | [Registration inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/create-registration-hook) |
subdomainRetrieves an inline hook by `inlineHookId`
subdomainCreates an inline hook

This endpoint creates an inline hook for your org in an `ACTIVE` status. You need to pass an inline hooks object in the JSON payload of your request.
That object represents the set of required information about the inline hook that you're registering, including:

* The URI of your external service endpoint
* The type of inline hook you're registering
* The type of authentication you're registering

There are two authentication options that you can configure for your inline hook: HTTP headers and OAuth 2.0 tokens.

HTTP headers let you specify a secret API key that you want Okta to pass to your external service endpoint (so that your external service can check for its presence as a security measure).

>**Note:** The API key that you set here is unrelated to the Okta API token you must supply when making calls to Okta APIs.

You can also optionally specify extra headers that you want Okta to pass to your external service with each call.

To configure HTTP header authentication, see parameters for the `config` object.

OAuth 2.0 tokens provide enhanced security between Okta and your external service. You can configure these tokens for the following types—client secret and private key.

>**Note:** Your external service's endpoint needs to be a valid HTTPS endpoint. The URI you specify should always begin with `https://`.

The total number of inline hooks that you can create in an Okta org is limited to 50, which is a combined total for any combination of inline hook types.
subdomainUpdates an inline hook by `inlineHookId`
subdomainReplaces an inline hook by `inlineHookId`. The submitted inline hook properties replace the existing properties after passing validation.

>**Note:** Some properties are immutable and can't be updated.
subdomainDeletes an inline hook by `inlineHookId`. After it's deleted, the inline hook is unrecoverable. As a safety precaution, only inline hooks with a status of `INACTIVE` are eligible for deletion.
subdomainExecutes the inline hook that matches the provided `inlineHookId` by using the request body as the input. This inline hook sends the provided
data through the `channel` object and returns a response if it matches the correct data contract. Otherwise it returns an error. You need to
construct a JSON payload that matches the payloads that Okta would send to your external service for this inline hook type.

A timeout of three seconds is enforced on all outbound requests, with one retry in the event of a timeout or an error response from the remote system.
If a successful response isn't received after the request, a 400 error is returned with more information about what failed.

>**Note:** This execution endpoint isn't tied to any other functionality in Okta, and you should only use it for testing purposes.
subdomainActivates the inline hook by `inlineHookId`
subdomainDeactivates the inline hook by `inlineHookId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringOne of the supported inline hook types
+ +## `SELECT` examples + + + + +Lists all inline hooks or all inline hooks of a specific type.

When listing a specific inline hook, you need to specify its type. The following types are currently supported:
| Type Value | Name |
|------------------------------------|----------------------------------------------------------------|
| `com.okta.import.transform` | [User import inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createUserImportInlineHook) |
| `com.okta.oauth2.tokens.transform` | [Token inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createTokenInlineHook) |
| `com.okta.saml.tokens.transform` | [SAML assertion inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createSAMLAssertionInlineHook) |
| `com.okta.telephony.provider` | [Telephony inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createTelephonyInlineHook) |
| `com.okta.user.credential.password.import` | [Password import inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createPasswordImportInlineHook)|
| `com.okta.user.pre-registration` | [Registration inline hook](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/create-registration-hook) | + +```sql +SELECT +id, +name, +_links, +channel, +created, +lastUpdated, +status, +type, +version +FROM okta.inlinehooks.inline_hooks +WHERE subdomain = '{{ subdomain }}' -- required +AND type = '{{ type }}'; +``` + + + +Retrieves an inline hook by `inlineHookId` + +```sql +SELECT +id, +name, +_links, +channel, +created, +lastUpdated, +status, +type, +version +FROM okta.inlinehooks.inline_hooks +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates an inline hook

This endpoint creates an inline hook for your org in an `ACTIVE` status. You need to pass an inline hooks object in the JSON payload of your request.
That object represents the set of required information about the inline hook that you're registering, including:

* The URI of your external service endpoint
* The type of inline hook you're registering
* The type of authentication you're registering

There are two authentication options that you can configure for your inline hook: HTTP headers and OAuth 2.0 tokens.

HTTP headers let you specify a secret API key that you want Okta to pass to your external service endpoint (so that your external service can check for its presence as a security measure).

>**Note:** The API key that you set here is unrelated to the Okta API token you must supply when making calls to Okta APIs.

You can also optionally specify extra headers that you want Okta to pass to your external service with each call.

To configure HTTP header authentication, see parameters for the `config` object.

OAuth 2.0 tokens provide enhanced security between Okta and your external service. You can configure these tokens for the following types—client secret and private key.

>**Note:** Your external service's endpoint needs to be a valid HTTPS endpoint. The URI you specify should always begin with `https://`.

The total number of inline hooks that you can create in an Okta org is limited to 50, which is a combined total for any combination of inline hook types. + +```sql +INSERT INTO okta.inlinehooks.inline_hooks ( +data__channel, +data__name, +data__type, +data__version, +subdomain +) +SELECT +'{{ channel }}', +'{{ name }}', +'{{ type }}', +'{{ version }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +channel, +created, +lastUpdated, +status, +type, +version +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: inline_hooks + props: + - name: subdomain + value: string + description: Required parameter for the inline_hooks resource. + - name: channel + value: object + - name: name + value: string + description: > + The display name of the inline hook + + - name: type + value: string + description: > + One of the inline hook types + + valid_values: ['com.okta.import.transform', 'com.okta.oauth2.tokens.transform', 'com.okta.saml.tokens.transform', 'com.okta.telephony.provider', 'com.okta.user.credential.password.import', 'com.okta.user.pre-registration'] + - name: version + value: string + description: > + Version of the inline hook type. The currently supported version is `1.0.0`. + +``` + + + + +## `UPDATE` examples + + + + +Updates an inline hook by `inlineHookId` + +```sql +UPDATE okta.inlinehooks.inline_hooks +SET +data__channel = '{{ channel }}', +data__name = '{{ name }}', +data__version = '{{ version }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +channel, +created, +lastUpdated, +status, +type, +version; +``` + + + + +## `REPLACE` examples + + + + +Replaces an inline hook by `inlineHookId`. The submitted inline hook properties replace the existing properties after passing validation.

>**Note:** Some properties are immutable and can't be updated. + +```sql +REPLACE okta.inlinehooks.inline_hooks +SET +data__channel = '{{ channel }}', +data__name = '{{ name }}', +data__version = '{{ version }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +channel, +created, +lastUpdated, +status, +type, +version; +``` + + + + +## `DELETE` examples + + + + +Deletes an inline hook by `inlineHookId`. After it's deleted, the inline hook is unrecoverable. As a safety precaution, only inline hooks with a status of `INACTIVE` are eligible for deletion. + +```sql +DELETE FROM okta.inlinehooks.inline_hooks +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Executes the inline hook that matches the provided `inlineHookId` by using the request body as the input. This inline hook sends the provided
data through the `channel` object and returns a response if it matches the correct data contract. Otherwise it returns an error. You need to
construct a JSON payload that matches the payloads that Okta would send to your external service for this inline hook type.

A timeout of three seconds is enforced on all outbound requests, with one retry in the event of a timeout or an error response from the remote system.
If a successful response isn't received after the request, a 400 error is returned with more information about what failed.

>**Note:** This execution endpoint isn't tied to any other functionality in Okta, and you should only use it for testing purposes. + +```sql +EXEC okta.inlinehooks.inline_hooks.execute_inline_hook +@subdomain='{{ subdomain }}' --required; +``` + + + +Activates the inline hook by `inlineHookId` + +```sql +EXEC okta.inlinehooks.inline_hooks.activate_inline_hook +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates the inline hook by `inlineHookId` + +```sql +EXEC okta.inlinehooks.inline_hooks.deactivate_inline_hook +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/integrations/index.md b/website/docs/services/integrations/index.md new file mode 100644 index 0000000..e723d28 --- /dev/null +++ b/website/docs/services/integrations/index.md @@ -0,0 +1,33 @@ +--- +title: integrations +hide_title: false +hide_table_of_contents: false +keywords: + - integrations + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +integrations service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +
+
+instance_secrets +
+
+instances +
+
\ No newline at end of file diff --git a/website/docs/services/integrations/instance_secrets/index.md b/website/docs/services/integrations/instance_secrets/index.md new file mode 100644 index 0000000..0a7f5c7 --- /dev/null +++ b/website/docs/services/integrations/instance_secrets/index.md @@ -0,0 +1,284 @@ +--- +title: instance_secrets +hide_title: false +hide_table_of_contents: false +keywords: + - instance_secrets + - integrations + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an instance_secrets resource. + +## Overview + + + + +
Nameinstance_secrets
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the API Service Integration instance Secret (example: ocs2f4zrZbs8nUa7p0g4)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe OAuth 2.0 client secret string. The client secret string is returned in the response of a Secret creation request. In other responses (such as list, activate, or deactivate requests), the client secret is returned as an undisclosed hashed value. (example: DRUFXGF9XbLnS9k-Sla3x3POBiIxDreBCdZuFs5B)
stringTimestamp when the API Service Integration instance Secret was created (example: 2023-02-21T20:08:24.000Z)
stringTimestamp when the API Service Integration instance Secret was updated (example: 2023-02-21T20:08:24.000Z)
stringOAuth 2.0 client secret string hash (example: yk4SVx4sUWVJVbHt6M-UPA)
stringStatus of the API Service Integration instance Secret (example: ACTIVE)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all client secrets for an API Service Integration instance by `apiServiceId`
subdomainCreates an API Service Integration instance Secret object with a new active client secret. You can create up to two Secret objects. An error is returned if you attempt to create more than two Secret objects.
subdomainDeletes an API Service Integration instance Secret by `secretId`. You can only delete an inactive Secret.
subdomainActivates an API Service Integration instance Secret by `secretId`
subdomainDeactivates an API Service Integration instance Secret by `secretId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all client secrets for an API Service Integration instance by `apiServiceId` + +```sql +SELECT +id, +_links, +client_secret, +created, +lastUpdated, +secret_hash, +status +FROM okta.integrations.instance_secrets +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates an API Service Integration instance Secret object with a new active client secret. You can create up to two Secret objects. An error is returned if you attempt to create more than two Secret objects. + +```sql +INSERT INTO okta.integrations.instance_secrets ( +subdomain +) +SELECT +'{{ subdomain }}' +RETURNING +id, +_links, +client_secret, +created, +lastUpdated, +secret_hash, +status +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: instance_secrets + props: + - name: subdomain + value: string + description: Required parameter for the instance_secrets resource. +``` + + + + +## `DELETE` examples + + + + +Deletes an API Service Integration instance Secret by `secretId`. You can only delete an inactive Secret. + +```sql +DELETE FROM okta.integrations.instance_secrets +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates an API Service Integration instance Secret by `secretId` + +```sql +EXEC okta.integrations.instance_secrets.activate_api_service_integration_instance_secret +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates an API Service Integration instance Secret by `secretId` + +```sql +EXEC okta.integrations.instance_secrets.deactivate_api_service_integration_instance_secret +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/integrations/instances/index.md b/website/docs/services/integrations/instances/index.md new file mode 100644 index 0000000..9a302a4 --- /dev/null +++ b/website/docs/services/integrations/instances/index.md @@ -0,0 +1,369 @@ +--- +title: instances +hide_title: false +hide_table_of_contents: false +keywords: + - instances + - integrations + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an instances resource. + +## Overview + + + + +
Nameinstances
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the API Service Integration instance (example: 0oa72lrepvp4WqEET1d9)
stringThe name of the API service integration that corresponds with the `type` property. This is the full name of the API service integration listed in the Okta Integration Network (OIN) catalog. (example: My App Cloud Identity Engine)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe URL to the API service integration configuration guide (example: https://{docDomain}/my-app-cie/configuration-guide)
stringTimestamp when the API Service Integration instance was created (example: 2023-02-21T20:08:24.000Z)
stringThe user ID of the API Service Integration instance creator (example: 00uu3u0ujW1P6AfZC2d5)
arrayThe list of Okta management scopes granted to the API Service Integration instance. See [Okta management OAuth 2.0 scopes]https://developer.okta.com/docs/api/oauth2/#okta-admin-management.
objectApp instance properties
stringThe type of the API service integration. This string is an underscore-concatenated, lowercased API service integration name. For example, `my_api_log_integration`. (example: my_app_cie)
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe ID of the API Service Integration instance (example: 0oa72lrepvp4WqEET1d9)
stringThe name of the API service integration that corresponds with the `type` property. This is the full name of the API service integration listed in the Okta Integration Network (OIN) catalog. (example: My App Cloud Identity Engine)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe URL to the API service integration configuration guide (example: https://{docDomain}/my-app-cie/configuration-guide)
stringTimestamp when the API Service Integration instance was created (example: 2023-02-21T20:08:24.000Z)
stringThe user ID of the API Service Integration instance creator (example: 00uu3u0ujW1P6AfZC2d5)
arrayThe list of Okta management scopes granted to the API Service Integration instance. See [Okta management OAuth 2.0 scopes]https://developer.okta.com/docs/api/oauth2/#okta-admin-management.
objectApp instance properties
stringThe type of the API service integration. This string is an underscore-concatenated, lowercased API service integration name. For example, `my_api_log_integration`. (example: my_app_cie)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafterLists all API Service Integration instances with a pagination option
subdomainRetrieves an API Service Integration instance by `id`
subdomainCreates and authorizes an API Service Integration instance
subdomainDeletes an API Service Integration instance by `id`. This operation also revokes access to scopes that were previously granted to this API Service Integration instance.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
+ +## `SELECT` examples + + + + +Lists all API Service Integration instances with a pagination option + +```sql +SELECT +id, +name, +_links, +configGuideUrl, +createdAt, +createdBy, +grantedScopes, +properties, +type +FROM okta.integrations.instances +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}'; +``` + + + +Retrieves an API Service Integration instance by `id` + +```sql +SELECT +id, +name, +_links, +configGuideUrl, +createdAt, +createdBy, +grantedScopes, +properties, +type +FROM okta.integrations.instances +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates and authorizes an API Service Integration instance + +```sql +INSERT INTO okta.integrations.instances ( +data__grantedScopes, +data__properties, +data__type, +subdomain +) +SELECT +'{{ grantedScopes }}' --required, +'{{ properties }}', +'{{ type }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +clientSecret, +configGuideUrl, +createdAt, +createdBy, +grantedScopes, +properties, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: instances + props: + - name: subdomain + value: string + description: Required parameter for the instances resource. + - name: grantedScopes + value: array + description: > + The list of Okta management scopes granted to the API Service Integration instance. See [Okta management OAuth 2.0 scopes]https://developer.okta.com/docs/api/oauth2/#okta-admin-management. + + - name: properties + value: object + description: > + App instance properties + + - name: type + value: string + description: > + The type of the API service integration. This string is an underscore-concatenated, lowercased API service integration name. For example, `my_api_log_integration`. + +``` + + + + +## `DELETE` examples + + + + +Deletes an API Service Integration instance by `id`. This operation also revokes access to scopes that were previously granted to this API Service Integration instance. + +```sql +DELETE FROM okta.integrations.instances +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/logs/index.md b/website/docs/services/logs/index.md new file mode 100644 index 0000000..72811f4 --- /dev/null +++ b/website/docs/services/logs/index.md @@ -0,0 +1,33 @@ +--- +title: logs +hide_title: false +hide_table_of_contents: false +keywords: + - logs + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +logs service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+system_log_events +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/logs/system_log_events/index.md b/website/docs/services/logs/system_log_events/index.md new file mode 100644 index 0000000..ecfea82 --- /dev/null +++ b/website/docs/services/logs/system_log_events/index.md @@ -0,0 +1,260 @@ +--- +title: system_log_events +hide_title: false +hide_table_of_contents: false +keywords: + - system_log_events + - logs + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a system_log_events resource. + +## Overview + + + + +
Namesystem_log_events
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectDescribes the user, app, client, or other entity (actor) who performs an action on a target. The actor is dependent on the action that is performed. All events have actors.
objectAll authentication relies on validating one or more credentials that prove the authenticity of the actor's identity. Credentials are sometimes provided by the actor, as is the case with passwords, and at other times provided by a third party, and validated by the authentication provider. The authenticationContext contains metadata about how the actor is authenticated. For example, an authenticationContext for an event, where a user authenticates with Integrated Windows Authentication (IWA), looks like the following: ``` { "authenticationProvider": "ACTIVE_DIRECTORY", "authenticationStep": 0, "credentialProvider": null, "credentialType": "IWA", "externalSessionId": "102N1EKyPFERROGvK9wizMAPQ", "interface": null, "issuer": null } ``` In this case, the user enters an IWA credential to authenticate against an Active Directory instance. All of the user's future-generated events in this sign-in session are going to share the same `externalSessionId`. Among other operations, this response object can be used to scan for suspicious sign-in activity or perform analytics on user authentication habits (for example, how often authentication scheme X is used versus authentication scheme Y).
objectWhen an event is triggered by an HTTP request, the `client` object describes the [client](https://datatracker.ietf.org/doc/html/rfc2616) that issues the HTTP request. For instance, the web browser is the client when a user accesses Okta. When this request is received and processed, a sign-in event is fired. When the event isn't sourced to an HTTP request, such as an automatic update, the `client` object field is blank.
objectFor some kinds of events (for example, OLM provisioning, sign-in request, second factor SMS, and so on), the fields that are provided in other response objects aren't sufficient to adequately describe the operations that the event has performed. In such cases, the `debugContext` object provides a way to store additional information. For example, an event where a second factor SMS token is sent to a user may have a `debugContext` that looks like the following: ``` { "debugData": { "requestUri": "/api/v1/users/00u3gjksoiRGRAZHLSYV/factors/smsf8luacpZJAva10x45/verify", "smsProvider": "TELESIGN", "transactionId": "268632458E3C100F5F5F594C6DC689D4" } } ``` By inspecting the debugData field, you can find the URI that is used to trigger the second factor SMS (`/api/v1/users/00u3gjksoiRGRAZHLSYV/factors/smsf8luacpZJAva10x45/verify`), the SMS provider (`TELESIGN`), and the ID used by Telesign to identify this transaction (`268632458E3C100F5F5F594C6DC689D4`). If for some reason the information that is needed to implement a feature isn't provided in other response objects, you should scan the `debugContext.debugData` field for potentially useful fields. > **Important:** The information contained in `debugContext.debugData` is intended to add context when troubleshooting customer platform issues. Both key names and values may change from release to release and aren't guaranteed to be stable. Therefore, they shouldn't be viewed as a data contract but as a debugging aid instead.
stringThe display message for an event
stringThe published event type. Event instances are categorized by action in the event type attribute. This attribute is key to navigating the System Log through expression filters. See [Event Types catalog](https://developer.okta.com/docs/reference/api/event-types/#catalog) for a complete list of System Log event types.
stringAssociated Events API Action `objectType` attribute value
object
string (date-time)Timestamp when the event is published
objectThe `Request` object describes details that are related to the HTTP request that triggers this event, if available. When the event isn't sourced to an HTTP request, such as an automatic update on the Okta servers, the `Request` object still exists, but the `ipChain` field is empty.
objectThe `securityContext` object provides security information that is directly related to the evaluation of the event's IP reputation. IP reputation is a trustworthiness rating that evaluates how likely a sender is to be malicious and is based on the sender's IP address. As the name implies, the `securityContext` object is useful for security applications-flagging and inspecting suspicious events.
stringIndicates how severe the event is
arrayThe entity that an actor performs an action on. Targets can be anything, such as an app user, a sign-in token, or anything else. > **Note:** When searching the target array, search for a given `type` rather than the array location. Target types, such as `User` and `AppInstance`, for a given `eventType` are not always in the same array location.
objectA `transaction` object comprises contextual information associated with its respective event. This information is useful for understanding sequences of correlated events. For example, a `transaction` object such as the following: ``` { "id": "Wn4f-0RQ8D8lTSLkAmkKdQAADqo", "type": "WEB", "detail": null } ``` indicates that a `WEB` request with `id` `Wn4f-0RQ8D8lTSLkAmkKdQAADqo` has created this event. A `transaction` object with a `requestApiTokenId` in the `detail` object, for example : ``` { "id": "YjSlblAAqnKY7CdyCkXNBgAAAIU", "type": "WEB", "detail": { "requestApiTokenId": "00T94e3cn9kSEO3c51s5" } } ``` indicates that this event was the result of an action performed through an API using the token identified by 00T94e3cn9kSEO3c51s5. The token ID is visible in the Admin Console, **Security** > **API**. See [API token management](https://help.okta.com/okta_help.htm?id=Security_API). For more information on API tokens, see [Create an API token](https://developer.okta.com/docs/guides/create-an-api-token/).
stringUnique identifier for an individual event
stringVersioning indicator
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainsince, until, after, filter, q, limit, sortOrderLists all System Log events

See [System Log query](https://developer.okta.com/docs/reference/system-log-query/) for further details and examples, and [System Log filters and search](https://help.okta.com/okta_help.htm?type=oie&id=csh-syslog-filters) for common use cases.

By default, 100 System Log events are returned. If there are more events, see the [header link](https://developer.okta.com/docs/api/#link-header) for the `next` link,
or increase the number of returned objects using the `limit` parameter.

>**Note:** The value of the `clientSecret` property in the System Log is secured by a hashing function, and isn't the value used during authentication.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
string (Opaque token)Retrieves the next page of results. Okta returns a link in the HTTP Header (`rel=next`) that includes the after query parameter
string (SCIM Filter expression)Filter expression that filters the results. All operators except [ ] are supported. See [Filter](https://developer.okta.com/docs/api/#filter) and [Operators](https://developer.okta.com/docs/api/#operators).
integer (Integer between 0 and 1000)Sets the number of results that are returned in the response
string (URL encoded string. Max length is 40 characters per keyword, with a maximum of 10 keyword filters per query (before encoding))Filters log events results by one or more case insensitive keywords.
string (ISO 8601 compliant timestamp)Filters the lower time bound of the log events `published` property for bounded queries or persistence time for polling queries
stringThe order of the returned events that are sorted by the `published` property
string (ISO 8601 compliant timestamp)Filters the upper time bound of the log events `published` property for bounded queries or persistence time for polling queries.
+ +## `SELECT` examples + + + + +Lists all System Log events

See [System Log query](https://developer.okta.com/docs/reference/system-log-query/) for further details and examples, and [System Log filters and search](https://help.okta.com/okta_help.htm?type=oie&id=csh-syslog-filters) for common use cases.

By default, 100 System Log events are returned. If there are more events, see the [header link](https://developer.okta.com/docs/api/#link-header) for the `next` link,
or increase the number of returned objects using the `limit` parameter.

>**Note:** The value of the `clientSecret` property in the System Log is secured by a hashing function, and isn't the value used during authentication. + +```sql +SELECT +actor, +authenticationContext, +client, +debugContext, +displayMessage, +eventType, +legacyEventType, +outcome, +published, +request, +securityContext, +severity, +target, +transaction, +uuid, +version +FROM okta.logs.system_log_events +WHERE subdomain = '{{ subdomain }}' -- required +AND since = '{{ since }}' +AND until = '{{ until }}' +AND after = '{{ after }}' +AND filter = '{{ filter }}' +AND q = '{{ q }}' +AND limit = '{{ limit }}' +AND sortOrder = '{{ sortOrder }}'; +``` + + diff --git a/website/docs/services/logstreams/index.md b/website/docs/services/logstreams/index.md new file mode 100644 index 0000000..0789986 --- /dev/null +++ b/website/docs/services/logstreams/index.md @@ -0,0 +1,33 @@ +--- +title: logstreams +hide_title: false +hide_table_of_contents: false +keywords: + - logstreams + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +logstreams service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+log_streams +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/logstreams/log_streams/index.md b/website/docs/services/logstreams/log_streams/index.md new file mode 100644 index 0000000..663a773 --- /dev/null +++ b/website/docs/services/logstreams/log_streams/index.md @@ -0,0 +1,439 @@ +--- +title: log_streams +hide_title: false +hide_table_of_contents: false +keywords: + - log_streams + - logstreams + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a log_streams resource. + +## Overview + + + + +
Namelog_streams
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the log stream (example: 0oa1orzg0CHSgPcjZ0g4)
stringUnique name for the log stream object (example: My AWS EventBridge log stream)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the log stream object was created (example: 2022-10-21T16:59:59.000Z)
string (date-time)Timestamp when the log stream object was last updated (example: 2022-10-21T17:15:10.000Z)
stringLifecycle status of the log stream object
stringSpecifies the streaming provider used Supported providers: * `aws_eventbridge` ([AWS EventBridge](https://aws.amazon.com/eventbridge)) * `splunk_cloud_logstreaming` ([Splunk Cloud](https://www.splunk.com/en_us/software/splunk-cloud-platform.html)) Select the provider type to see provider-specific configurations in the `settings` property:
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the log stream (example: 0oa1orzg0CHSgPcjZ0g4)
stringUnique name for the log stream object (example: My AWS EventBridge log stream)
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the log stream object was created (example: 2022-10-21T16:59:59.000Z)
string (date-time)Timestamp when the log stream object was last updated (example: 2022-10-21T17:15:10.000Z)
stringLifecycle status of the log stream object
stringSpecifies the streaming provider used Supported providers: * `aws_eventbridge` ([AWS EventBridge](https://aws.amazon.com/eventbridge)) * `splunk_cloud_logstreaming` ([Splunk Cloud](https://www.splunk.com/en_us/software/splunk-cloud-platform.html)) Select the provider type to see provider-specific configurations in the `settings` property:
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limit, filterLists all log stream objects in your org. You can request a paginated list or a subset of log streams that match a supported filter expression.
subdomainRetrieves a log stream object by ID
subdomainCreates a new log stream object
subdomainReplaces the log stream object properties for a given ID.

This operation is typically used to update the configuration of a log stream.
Depending on the type of log stream you want to update, certain properties can't be modified after the log stream is initially created.
Use the [Retrieve the log stream schema for the schema type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/#tag/Schema/operation/getLogStreamSchema) request to determine which properties you can update for the specific log stream type.
Log stream properties with the `"writeOnce" : true` attribute can't be updated after creation.
You must still specify these `writeOnce` properties in the request body with the original values in the PUT request.

> **Note:** You don't have to specify properties that have both the `"writeOnce": true` and the `"writeOnly": true` attributes in the PUT request body. These property values are ignored even if you add them in the PUT request body.
subdomainDeletes a log stream object from your org by ID
subdomainActivates a log stream by `logStreamId`
subdomainDeactivates a log stream by `logStreamId`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
stringAn expression that [filters]https://developer.okta.com/docs/api#filter the returned objects. You can only use the `eq` operator on either the `status` or `type` properties in the filter expression.
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all log stream objects in your org. You can request a paginated list or a subset of log streams that match a supported filter expression. + +```sql +SELECT +id, +name, +_links, +created, +lastUpdated, +status, +type +FROM okta.logstreams.log_streams +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND filter = '{{ filter }}'; +``` + + + +Retrieves a log stream object by ID + +```sql +SELECT +id, +name, +_links, +created, +lastUpdated, +status, +type +FROM okta.logstreams.log_streams +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new log stream object + +```sql +INSERT INTO okta.logstreams.log_streams ( +data__name, +data__type, +subdomain +) +SELECT +'{{ name }}' --required, +'{{ type }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +created, +lastUpdated, +status, +type +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: log_streams + props: + - name: subdomain + value: string + description: Required parameter for the log_streams resource. + - name: name + value: string + description: > + Unique name for the log stream object + + - name: type + value: string + description: > + Specifies the streaming provider used + +Supported providers: + * `aws_eventbridge` ([AWS EventBridge](https://aws.amazon.com/eventbridge)) + * `splunk_cloud_logstreaming` ([Splunk Cloud](https://www.splunk.com/en_us/software/splunk-cloud-platform.html)) + +Select the provider type to see provider-specific configurations in the `settings` property: + + valid_values: ['aws_eventbridge', 'splunk_cloud_logstreaming'] +``` + + + + +## `REPLACE` examples + + + + +Replaces the log stream object properties for a given ID.

This operation is typically used to update the configuration of a log stream.
Depending on the type of log stream you want to update, certain properties can't be modified after the log stream is initially created.
Use the [Retrieve the log stream schema for the schema type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/#tag/Schema/operation/getLogStreamSchema) request to determine which properties you can update for the specific log stream type.
Log stream properties with the `"writeOnce" : true` attribute can't be updated after creation.
You must still specify these `writeOnce` properties in the request body with the original values in the PUT request.

> **Note:** You don't have to specify properties that have both the `"writeOnce": true` and the `"writeOnly": true` attributes in the PUT request body. These property values are ignored even if you add them in the PUT request body. + +```sql +REPLACE okta.logstreams.log_streams +SET +data__name = '{{ name }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +AND data__type = '{{ type }}' --required +RETURNING +id, +name, +_links, +created, +lastUpdated, +status, +type; +``` + + + + +## `DELETE` examples + + + + +Deletes a log stream object from your org by ID + +```sql +DELETE FROM okta.logstreams.log_streams +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Activates a log stream by `logStreamId` + +```sql +EXEC okta.logstreams.log_streams.activate_log_stream +@subdomain='{{ subdomain }}' --required; +``` + + + +Deactivates a log stream by `logStreamId` + +```sql +EXEC okta.logstreams.log_streams.deactivate_log_stream +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/mappings/index.md b/website/docs/services/mappings/index.md new file mode 100644 index 0000000..c692513 --- /dev/null +++ b/website/docs/services/mappings/index.md @@ -0,0 +1,33 @@ +--- +title: mappings +hide_title: false +hide_table_of_contents: false +keywords: + - mappings + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +mappings service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +
+
+profile_mappings +
+
+ +
+
\ No newline at end of file diff --git a/website/docs/services/mappings/profile_mappings/index.md b/website/docs/services/mappings/profile_mappings/index.md new file mode 100644 index 0000000..2febe86 --- /dev/null +++ b/website/docs/services/mappings/profile_mappings/index.md @@ -0,0 +1,237 @@ +--- +title: profile_mappings +hide_title: false +hide_table_of_contents: false +keywords: + - profile_mappings + - mappings + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a profile_mappings resource. + +## Overview + + + + +
Nameprofile_mappings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for profile mapping
Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
The parameter is the source of a profile mapping and is a valid [JSON Schema Draft 4](https://datatracker.ietf.org/doc/html/draft-zyp-json-schema-04) document with the following properties. The data type can be an app instance or an Okta object. > **Note:** If the source is Okta and the UserTypes feature isn't enabled, then the source `_links` only has a link to the schema.
The parameter is the target of a profile mapping and is a valid [JSON Schema Draft 4](https://datatracker.ietf.org/doc/html/draft-zyp-json-schema-04) document with the following properties. The data type can be an app instance or an Okta object. > **Note:** If the target is Okta and the UserTypes feature isn't enabled, then the target `_links` only has a link to the schema.
+ + + +Success + + + + + + + + + + + +
NameDatatypeDescription
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limit, sourceId, targetIdLists all profile mappings in your org with [pagination](https://developer.okta.com/docs/api/#pagination). You can return a subset of profile mappings that match a supported `sourceId` and/or `targetId`.

The results are [paginated]https://developer.okta.com/docs/api#pagination according to the `limit` parameter. If there are multiple pages of results, the Link header contains a `next` link that you should treat as an opaque value (follow it, don't parse it). See [Link Header](https://developer.okta.com/docs/api/#link-header).

The response is a collection of profile mappings that include a subset of the profile mapping object's parameters. The profile mapping object describes
the properties mapping between an Okta user and an app user profile using [JSON Schema Draft 4](https://datatracker.ietf.org/doc/html/draft-zyp-json-schema-04).
subdomainRetrieves a single profile mapping referenced by its ID
subdomainUpdates an existing profile mapping by adding, updating, or removing one or many property mappings
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringMapping `id` that specifies the pagination cursor for the next page of mappings
integer (int32)Specifies the number of results per page
stringThe user type or app instance ID that acts as the source of expressions in a mapping. If this parameter is included, all returned mappings have this as their `source.id`.
stringThe user type or app instance ID that acts as the target of expressions in a mapping. If this parameter is included, all returned mappings have this as their `target.id`.
+ +## `SELECT` examples + + + + +Lists all profile mappings in your org with [pagination](https://developer.okta.com/docs/api/#pagination). You can return a subset of profile mappings that match a supported `sourceId` and/or `targetId`.

The results are [paginated]https://developer.okta.com/docs/api#pagination according to the `limit` parameter. If there are multiple pages of results, the Link header contains a `next` link that you should treat as an opaque value (follow it, don't parse it). See [Link Header](https://developer.okta.com/docs/api/#link-header).

The response is a collection of profile mappings that include a subset of the profile mapping object's parameters. The profile mapping object describes
the properties mapping between an Okta user and an app user profile using [JSON Schema Draft 4](https://datatracker.ietf.org/doc/html/draft-zyp-json-schema-04). + +```sql +SELECT +id, +_links, +source, +target +FROM okta.mappings.profile_mappings +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND sourceId = '{{ sourceId }}' +AND targetId = '{{ targetId }}'; +``` + + + +Retrieves a single profile mapping referenced by its ID + +```sql +SELECT +* +FROM okta.mappings.profile_mappings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates an existing profile mapping by adding, updating, or removing one or many property mappings + +```sql +UPDATE okta.mappings.profile_mappings +SET +data__properties = '{{ properties }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__properties = '{{ properties }}' --required; +``` + + diff --git a/website/docs/services/meta/application_user_schemas/index.md b/website/docs/services/meta/application_user_schemas/index.md new file mode 100644 index 0000000..bba0052 --- /dev/null +++ b/website/docs/services/meta/application_user_schemas/index.md @@ -0,0 +1,225 @@ +--- +title: application_user_schemas +hide_title: false +hide_table_of_contents: false +keywords: + - application_user_schemas + - meta + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an application_user_schemas resource. + +## Overview + + + + +
Nameapplication_user_schemas
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +successful operation + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringURI of user schema
stringName of the schema
stringJSON schema version identifier
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringTimestamp when the schema was created
objectUser profile subschemas The profile object for a user is defined by a composite schema of base and custom properties using a JSON path to reference subschemas. The `#base` properties are defined and versioned by Okta, while `#custom` properties are extensible. Custom property names for the profile object must be unique and can't conflict with a property name defined in the `#base` subschema.
stringTimestamp when the schema was last updated
objectUser Object Properties
stringUser-defined display name for the schema
stringType of [root schema](https://tools.ietf.org/html/draft-zyp-json-schema-04#section-3.4)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the default schema for an app user.

The [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to apps. All users assigned to a given app use the same app user schema. Therefore, unlike the user schema operations, the app user schema operations all specify `default` and don't accept a schema ID.
subdomainUpdates the app user schema. This updates, adds, or removes one or more custom profile properties or the nullability of a base property in the app user schema for an app. Changing a base property's nullability (for example, the value of its `required` field) is allowed only if it is nullable in the default predefined schema for the app.

> **Note:** You must set properties explicitly to `null` to remove them from the schema; otherwise, `POST` is interpreted as a partial update.

The [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to apps. All users assigned to a given app use the same app user schema. Therefore, unlike the user schema operations, the app user schema operations all specify `default` and don't accept a schema ID.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the default schema for an app user.

The [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to apps. All users assigned to a given app use the same app user schema. Therefore, unlike the user schema operations, the app user schema operations all specify `default` and don't accept a schema ID. + +```sql +SELECT +id, +name, +$schema, +_links, +created, +definitions, +lastUpdated, +properties, +title, +type +FROM okta.meta.application_user_schemas +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates the app user schema. This updates, adds, or removes one or more custom profile properties or the nullability of a base property in the app user schema for an app. Changing a base property's nullability (for example, the value of its `required` field) is allowed only if it is nullable in the default predefined schema for the app.

> **Note:** You must set properties explicitly to `null` to remove them from the schema; otherwise, `POST` is interpreted as a partial update.

The [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to apps. All users assigned to a given app use the same app user schema. Therefore, unlike the user schema operations, the app user schema operations all specify `default` and don't accept a schema ID. + +```sql +UPDATE okta.meta.application_user_schemas +SET +data__definitions = '{{ definitions }}', +data__properties = '{{ properties }}', +data__title = '{{ title }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +$schema, +_links, +created, +definitions, +lastUpdated, +properties, +title, +type; +``` + + diff --git a/website/docs/services/meta/group_schemas/index.md b/website/docs/services/meta/group_schemas/index.md new file mode 100644 index 0000000..199963a --- /dev/null +++ b/website/docs/services/meta/group_schemas/index.md @@ -0,0 +1,233 @@ +--- +title: group_schemas +hide_title: false +hide_table_of_contents: false +keywords: + - group_schemas + - meta + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a group_schemas resource. + +## Overview + + + + +
Namegroup_schemas
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +successful operation + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringURI of group schema
stringName of the schema
stringJSON schema version identifier
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringTimestamp when the schema was created
object
stringDescription for the schema
stringTimestamp when the schema was last updated
objectGroup object properties
stringUser-defined display name for the schema
stringType of [root schema](https://tools.ietf.org/html/draft-zyp-json-schema-04#section-3.4)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the group schema

The [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to groups. All groups use the same group schema. Unlike user schema operations, group schema operations all specify `default` and don't accept a schema ID.
subdomainUpdates the group profile schema. This updates, adds, or removes one or more custom profile properties in a group schema. Currently Okta does not support changing base group profile properties.

> **Note:** You must set properties explicitly to `null` to remove them from the schema; otherwise, `POST` is interpreted as a partial update.

The [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to groups. All groups use the same group schema. Unlike user schema operations, group schema operations all specify `default` and don't accept a schema ID.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the group schema

The [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to groups. All groups use the same group schema. Unlike user schema operations, group schema operations all specify `default` and don't accept a schema ID. + +```sql +SELECT +id, +name, +$schema, +_links, +created, +definitions, +description, +lastUpdated, +properties, +title, +type +FROM okta.meta.group_schemas +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates the group profile schema. This updates, adds, or removes one or more custom profile properties in a group schema. Currently Okta does not support changing base group profile properties.

> **Note:** You must set properties explicitly to `null` to remove them from the schema; otherwise, `POST` is interpreted as a partial update.

The [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/) feature does not extend to groups. All groups use the same group schema. Unlike user schema operations, group schema operations all specify `default` and don't accept a schema ID. + +```sql +UPDATE okta.meta.group_schemas +SET +data__definitions = '{{ definitions }}', +data__description = '{{ description }}', +data__properties = '{{ properties }}', +data__title = '{{ title }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +$schema, +_links, +created, +definitions, +description, +lastUpdated, +properties, +title, +type; +``` + + diff --git a/website/docs/services/meta/index.md b/website/docs/services/meta/index.md new file mode 100644 index 0000000..c789a15 --- /dev/null +++ b/website/docs/services/meta/index.md @@ -0,0 +1,38 @@ +--- +title: meta +hide_title: false +hide_table_of_contents: false +keywords: + - meta + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +meta service documentation. + +:::info[Service Summary] + +total resources: __7__ + +::: + +## Resources +
+
+application_user_schemas
+group_schemas
+linked_object_definitions
+log_stream_schemas +
+
+ui_schemas
+user_schemas
+user_types +
+
\ No newline at end of file diff --git a/website/docs/services/meta/linked_object_definitions/index.md b/website/docs/services/meta/linked_object_definitions/index.md new file mode 100644 index 0000000..45e8681 --- /dev/null +++ b/website/docs/services/meta/linked_object_definitions/index.md @@ -0,0 +1,282 @@ +--- +title: linked_object_definitions +hide_title: false +hide_table_of_contents: false +keywords: + - linked_object_definitions + - meta + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a linked_object_definitions resource. + +## Overview + + + + +
Namelinked_object_definitions
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object (title: LinkedObjectDetails)
object (title: LinkedObjectDetails)
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
object (title: LinkedObjectDetails)
object (title: LinkedObjectDetails)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all Linked Object definitions
subdomainRetrieves a Linked Object definition
subdomainCreates a Linked Object definition
subdomainDeletes the Linked Object definition specified by either the `primary` or `associated` name. The entire definition is removed, regardless of which name that you specify.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all Linked Object definitions + +```sql +SELECT +_links, +associated, +primary +FROM okta.meta.linked_object_definitions +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a Linked Object definition + +```sql +SELECT +_links, +associated, +primary +FROM okta.meta.linked_object_definitions +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a Linked Object definition + +```sql +INSERT INTO okta.meta.linked_object_definitions ( +data__associated, +data__primary, +data___links, +subdomain +) +SELECT +'{{ associated }}', +'{{ primary }}', +'{{ _links }}', +'{{ subdomain }}' +RETURNING +_links, +associated, +primary +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: linked_object_definitions + props: + - name: subdomain + value: string + description: Required parameter for the linked_object_definitions resource. + - name: associated + value: object + - name: primary + value: object + - name: _links + value: object + description: > + Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the current status of an application using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations. + +``` + + + + +## `DELETE` examples + + + + +Deletes the Linked Object definition specified by either the `primary` or `associated` name. The entire definition is removed, regardless of which name that you specify. + +```sql +DELETE FROM okta.meta.linked_object_definitions +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/meta/log_stream_schemas/index.md b/website/docs/services/meta/log_stream_schemas/index.md new file mode 100644 index 0000000..65650eb --- /dev/null +++ b/website/docs/services/meta/log_stream_schemas/index.md @@ -0,0 +1,277 @@ +--- +title: log_stream_schemas +hide_title: false +hide_table_of_contents: false +keywords: + - log_stream_schemas + - meta + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a log_stream_schemas resource. + +## Overview + + + + +
Namelog_stream_schemas
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +successful operation + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringURI of log stream schema
stringJSON schema version identifier
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
objectA collection of error messages for individual properties in the schema. Okta implements a subset of [ajv-errors](https://github.com/ajv-validator/ajv-errors).
arrayNon-empty array of valid JSON schemas. Okta only supports `oneOf` for specifying display names for an `enum`. Each schema has the following format: ``` { "const": "enumValue", "title": "display name" } ```
stringFor `string` log stream schema property type, specifies the regular expression used to validate the property
objectlog stream schema properties object
arrayRequired properties for this log stream schema object
stringName of the log streaming integration
stringType of log stream schema property
+ + + +successful operation + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringURI of log stream schema
stringJSON schema version identifier
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
objectA collection of error messages for individual properties in the schema. Okta implements a subset of [ajv-errors](https://github.com/ajv-validator/ajv-errors).
arrayNon-empty array of valid JSON schemas. Okta only supports `oneOf` for specifying display names for an `enum`. Each schema has the following format: ``` { "const": "enumValue", "title": "display name" } ```
stringFor `string` log stream schema property type, specifies the regular expression used to validate the property
objectlog stream schema properties object
arrayRequired properties for this log stream schema object
stringName of the log streaming integration
stringType of log stream schema property
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists the schema for all log stream types visible for this org
subdomainRetrieves the schema for a log stream type. The `logStreamType` element in the URL specifies the log stream type, which is either `aws_eventbridge` or `splunk_cloud_logstreaming`. Use the `aws_eventbridge` literal to retrieve the AWS EventBridge type schema, and use the `splunk_cloud_logstreaming` literal retrieve the Splunk Cloud type schema.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists the schema for all log stream types visible for this org + +```sql +SELECT +id, +$schema, +_links, +errorMessage, +oneOf, +pattern, +properties, +required, +title, +type +FROM okta.meta.log_stream_schemas +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves the schema for a log stream type. The `logStreamType` element in the URL specifies the log stream type, which is either `aws_eventbridge` or `splunk_cloud_logstreaming`. Use the `aws_eventbridge` literal to retrieve the AWS EventBridge type schema, and use the `splunk_cloud_logstreaming` literal retrieve the Splunk Cloud type schema. + +```sql +SELECT +id, +$schema, +_links, +errorMessage, +oneOf, +pattern, +properties, +required, +title, +type +FROM okta.meta.log_stream_schemas +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/meta/ui_schemas/index.md b/website/docs/services/meta/ui_schemas/index.md new file mode 100644 index 0000000..7efb312 --- /dev/null +++ b/website/docs/services/meta/ui_schemas/index.md @@ -0,0 +1,336 @@ +--- +title: ui_schemas +hide_title: false +hide_table_of_contents: false +keywords: + - ui_schemas + - meta + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a ui_schemas resource. + +## Overview + + + + +
Nameui_schemas
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the UI Schema
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the UI Schema was created (ISO 86001)
string (date-time)Timestamp when the UI Schema was last modified (ISO 86001)
objectProperties of the UI schema
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique identifier for the UI Schema
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the UI Schema was created (ISO 86001)
string (date-time)Timestamp when the UI Schema was last modified (ISO 86001)
objectProperties of the UI schema
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all UI Schemas in your org
subdomainRetrieves a UI Schema by `id`
subdomainCreates an input for an enrollment form
subdomainReplaces a UI Schema by `id`
subdomainDeletes a UI Schema by `id`
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all UI Schemas in your org + +```sql +SELECT +id, +_links, +created, +lastUpdated, +uiSchema +FROM okta.meta.ui_schemas +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a UI Schema by `id` + +```sql +SELECT +id, +_links, +created, +lastUpdated, +uiSchema +FROM okta.meta.ui_schemas +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates an input for an enrollment form + +```sql +INSERT INTO okta.meta.ui_schemas ( +data__uiSchema, +subdomain +) +SELECT +'{{ uiSchema }}', +'{{ subdomain }}' +RETURNING +id, +_links, +created, +lastUpdated, +uiSchema +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: ui_schemas + props: + - name: subdomain + value: string + description: Required parameter for the ui_schemas resource. + - name: uiSchema + value: object + description: > + Properties of the UI schema + +``` + + + + +## `REPLACE` examples + + + + +Replaces a UI Schema by `id` + +```sql +REPLACE okta.meta.ui_schemas +SET +data__uiSchema = '{{ uiSchema }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_links, +created, +lastUpdated, +uiSchema; +``` + + + + +## `DELETE` examples + + + + +Deletes a UI Schema by `id` + +```sql +DELETE FROM okta.meta.ui_schemas +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/meta/user_schemas/index.md b/website/docs/services/meta/user_schemas/index.md new file mode 100644 index 0000000..c143672 --- /dev/null +++ b/website/docs/services/meta/user_schemas/index.md @@ -0,0 +1,225 @@ +--- +title: user_schemas +hide_title: false +hide_table_of_contents: false +keywords: + - user_schemas + - meta + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a user_schemas resource. + +## Overview + + + + +
Nameuser_schemas
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringURI of user schema
stringName of the schema
stringJSON schema version identifier
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringTimestamp when the schema was created
objectUser profile subschemas The profile object for a user is defined by a composite schema of base and custom properties using a JSON path to reference subschemas. The `#base` properties are defined and versioned by Okta, while `#custom` properties are extensible. Custom property names for the profile object must be unique and can't conflict with a property name defined in the `#base` subschema.
stringTimestamp when the schema was last updated
objectUser Object Properties
stringUser-defined display name for the schema
stringType of [root schema](https://tools.ietf.org/html/draft-zyp-json-schema-04#section-3.4)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the schema for a user type
subdomainUpdates a user schema. Use this request to update, add, or remove one or more profile properties in a user schema. If you specify `default` for the `schemaId`, updates will apply to the default user type.

Unlike custom user profile properties, limited changes are allowed to base user profile properties (permissions, nullability of the `firstName` and `lastName` properties, or pattern for `login`).
You can't remove a property from the default schema if it's being referenced as a [`matchAttribute`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/subject/matchAttribute&t=request) in `SAML2` IdPs.
Currently, all validation of SAML assertions are only performed against the default user type.

> **Note:** You must set properties explicitly to `null` to remove them from the schema; otherwise, `POST` is interpreted as a partial update.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the schema for a user type + +```sql +SELECT +id, +name, +$schema, +_links, +created, +definitions, +lastUpdated, +properties, +title, +type +FROM okta.meta.user_schemas +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates a user schema. Use this request to update, add, or remove one or more profile properties in a user schema. If you specify `default` for the `schemaId`, updates will apply to the default user type.

Unlike custom user profile properties, limited changes are allowed to base user profile properties (permissions, nullability of the `firstName` and `lastName` properties, or pattern for `login`).
You can't remove a property from the default schema if it's being referenced as a [`matchAttribute`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy/subject/matchAttribute&t=request) in `SAML2` IdPs.
Currently, all validation of SAML assertions are only performed against the default user type.

> **Note:** You must set properties explicitly to `null` to remove them from the schema; otherwise, `POST` is interpreted as a partial update. + +```sql +UPDATE okta.meta.user_schemas +SET +data__definitions = '{{ definitions }}', +data__properties = '{{ properties }}', +data__title = '{{ title }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +$schema, +_links, +created, +definitions, +lastUpdated, +properties, +title, +type; +``` + + diff --git a/website/docs/services/meta/user_types/index.md b/website/docs/services/meta/user_types/index.md new file mode 100644 index 0000000..7873335 --- /dev/null +++ b/website/docs/services/meta/user_types/index.md @@ -0,0 +1,467 @@ +--- +title: user_types +hide_title: false +hide_table_of_contents: false +keywords: + - user_types + - meta + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a user_types resource. + +## Overview + + + + +
Nameuser_types
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique key for the user type
stringThe name of the user type. The name must start with A-Z or a-z and contain only A-Z, a-z, 0-9, or underscore (_) characters. This value becomes read-only after creation and can't be updated.
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)A timestamp from when the user type was created
stringThe user ID of the account that created the user type
booleanA boolean value to indicate if this is the default user type
stringThe human-readable description of the user type
stringThe human-readable name of the user type
string (date-time)A timestamp from when the user type was most recently updated
stringThe user ID of the most recent account to edit the user type
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe unique key for the user type
stringThe name of the user type. The name must start with A-Z or a-z and contain only A-Z, a-z, 0-9, or underscore (_) characters. This value becomes read-only after creation and can't be updated.
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)A timestamp from when the user type was created
stringThe user ID of the account that created the user type
booleanA boolean value to indicate if this is the default user type
stringThe human-readable description of the user type
stringThe human-readable name of the user type
string (date-time)A timestamp from when the user type was most recently updated
stringThe user ID of the most recent account to edit the user type
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all user types in your org
subdomainRetrieves a user type by ID. Use `default` to fetch the default user type.
subdomainCreates a new user type. Okta automatically creates a `default` user type for your org. You may add up to nine additional user types.
> **Note**: New user types are based on the current default schema template. Modifications to this schema do not automatically propagate to previously created user types.
subdomainUpdates an existing user type. This operation is a partial update.
> **Note**: You can only update the `displayName` and `description` elements. The `name` of an existing user type can't be changed.
subdomainReplaces an existing user type. This operation is a full update.
> **Note**: The `name` of an existing user type can't be changed, but must be part of the request body. You can only replace the `displayName` and `description` elements.
subdomainDeletes a user type permanently.
> **Note**: You can't delete the default user type or a user type that is currently assigned to users.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all user types in your org + +```sql +SELECT +id, +name, +_links, +created, +createdBy, +default, +description, +displayName, +lastUpdated, +lastUpdatedBy +FROM okta.meta.user_types +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a user type by ID. Use `default` to fetch the default user type. + +```sql +SELECT +id, +name, +_links, +created, +createdBy, +default, +description, +displayName, +lastUpdated, +lastUpdatedBy +FROM okta.meta.user_types +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Creates a new user type. Okta automatically creates a `default` user type for your org. You may add up to nine additional user types.
> **Note**: New user types are based on the current default schema template. Modifications to this schema do not automatically propagate to previously created user types. + +```sql +INSERT INTO okta.meta.user_types ( +data__description, +data__displayName, +data__name, +subdomain +) +SELECT +'{{ description }}', +'{{ displayName }}' --required, +'{{ name }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +created, +createdBy, +default, +description, +displayName, +lastUpdated, +lastUpdatedBy +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: user_types + props: + - name: subdomain + value: string + description: Required parameter for the user_types resource. + - name: description + value: string + description: > + The human-readable description of the user type + + - name: displayName + value: string + description: > + The human-readable name of the user type + + - name: name + value: string + description: > + The name of the user type. The name must start with A-Z or a-z and contain only A-Z, a-z, 0-9, or underscore (_) characters. This value becomes read-only after creation and can't be updated. + +``` + + + + +## `UPDATE` examples + + + + +Updates an existing user type. This operation is a partial update.
> **Note**: You can only update the `displayName` and `description` elements. The `name` of an existing user type can't be changed. + +```sql +UPDATE okta.meta.user_types +SET +data__description = '{{ description }}', +data__displayName = '{{ displayName }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +created, +createdBy, +default, +description, +displayName, +lastUpdated, +lastUpdatedBy; +``` + + + + +## `REPLACE` examples + + + + +Replaces an existing user type. This operation is a full update.
> **Note**: The `name` of an existing user type can't be changed, but must be part of the request body. You can only replace the `displayName` and `description` elements. + +```sql +REPLACE okta.meta.user_types +SET +data__description = '{{ description }}', +data__displayName = '{{ displayName }}', +data__name = '{{ name }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +AND data__displayName = '{{ displayName }}' --required +AND data__description = '{{ description }}' --required +RETURNING +id, +name, +_links, +created, +createdBy, +default, +description, +displayName, +lastUpdated, +lastUpdatedBy; +``` + + + + +## `DELETE` examples + + + + +Deletes a user type permanently.
> **Note**: You can't delete the default user type or a user type that is currently assigned to users. + +```sql +DELETE FROM okta.meta.user_types +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/oauth2/app_target_roles/index.md b/website/docs/services/oauth2/app_target_roles/index.md new file mode 100644 index 0000000..1a0b18f --- /dev/null +++ b/website/docs/services/oauth2/app_target_roles/index.md @@ -0,0 +1,307 @@ +--- +title: app_target_roles +hide_title: false +hide_table_of_contents: false +keywords: + - app_target_roles + - oauth2 + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an app_target_roles resource. + +## Overview + + + + +
Nameapp_target_roles
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the app instance. Okta returns this property only for apps not in the OIN catalog.
stringApp key name. For OIN catalog apps, this is a unique key for the app definition.
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
stringCategory for the app in the OIN catalog (example: SOCIAL)
stringDescription of the app in the OIN catalog
stringOIN catalog app display name
arrayFeatures supported by the app. See app [features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/features&t=response).
string (date-time)Timestamp when the object was last updated (example: 2024-09-19T23:37:37.000Z)
arrayAuthentication mode for the app. See app [signOnMode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/signOnMode&t=response).
stringApp status
stringOIN verification status of the catalog app (example: OKTA_VERIFIED)
stringWebsite of the OIN catalog app
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all OIN app targets for an `APP_ADMIN` role that's assigned to a client (by `clientId`).
subdomainAssigns an OIN app target for an `APP_ADMIN` role assignment to a client. When you assign an app target from the OIN catalog, you reduce the scope of the role assignment.
The role assignment applies to only app instances that are included in the specified OIN app target.

An assigned OIN app target overrides any existing app instance targets.
For example, if a user is assigned to administer a specific Facebook instance, a successful request to add an OIN app target with `facebook` for `appName` makes that user the administrator for all Facebook instances.
subdomainUnassigns an OIN app target for a role assignment to a client app

> **Note:** You can't remove the last OIN app target from a role assignment.
> If you need a role assignment that applies to all apps, delete the role assignment with the target and create another one. See [Unassign a client role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient).
subdomainUnassigns an app instance target from a role assignment to a client app

> **Note:** You can't remove the last app instance target from a role assignment.
> If you need a role assignment that applies to all the apps, delete the role assignment with the instance target and create another one. See [Unassign a client role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient).
subdomainAssigns an app instance target to an `APP_ADMIN` role assignment to a client. When you assign the first OIN app or app instance target, you reduce the scope of the role assignment.
The role no longer applies to all app targets, but applies only to the specified target.

> **Note:** You can target a mixture of both OIN app and app instance targets, but you can't assign permissions to manage all instances of an OIN app and then assign a subset of permissions to the same app.
For example, you can't specify that an admin has access to manage all instances of the Salesforce app and then also manage only specific configurations of the Salesforce app.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all OIN app targets for an `APP_ADMIN` role that's assigned to a client (by `clientId`). + +```sql +SELECT +id, +name, +_links, +category, +description, +displayName, +features, +lastUpdated, +signOnModes, +status, +verificationStatus, +website +FROM okta.oauth2.app_target_roles +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + + +## `REPLACE` examples + + + + +Assigns an OIN app target for an `APP_ADMIN` role assignment to a client. When you assign an app target from the OIN catalog, you reduce the scope of the role assignment.
The role assignment applies to only app instances that are included in the specified OIN app target.

An assigned OIN app target overrides any existing app instance targets.
For example, if a user is assigned to administer a specific Facebook instance, a successful request to add an OIN app target with `facebook` for `appName` makes that user the administrator for all Facebook instances. + +```sql +REPLACE okta.oauth2.app_target_roles +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + + + +## `DELETE` examples + + + + +Unassigns an OIN app target for a role assignment to a client app

> **Note:** You can't remove the last OIN app target from a role assignment.
> If you need a role assignment that applies to all apps, delete the role assignment with the target and create another one. See [Unassign a client role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient). + +```sql +DELETE FROM okta.oauth2.app_target_roles +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + +Unassigns an app instance target from a role assignment to a client app

> **Note:** You can't remove the last app instance target from a role assignment.
> If you need a role assignment that applies to all the apps, delete the role assignment with the instance target and create another one. See [Unassign a client role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient). + +```sql +DELETE FROM okta.oauth2.app_target_roles +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Assigns an app instance target to an `APP_ADMIN` role assignment to a client. When you assign the first OIN app or app instance target, you reduce the scope of the role assignment.
The role no longer applies to all app targets, but applies only to the specified target.

> **Note:** You can target a mixture of both OIN app and app instance targets, but you can't assign permissions to manage all instances of an OIN app and then assign a subset of permissions to the same app.
For example, you can't specify that an admin has access to manage all instances of the Salesforce app and then also manage only specific configurations of the Salesforce app. + +```sql +EXEC okta.oauth2.app_target_roles.assign_app_target_instance_role_for_client +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/oauth2/client_roles/index.md b/website/docs/services/oauth2/client_roles/index.md new file mode 100644 index 0000000..0d6bd16 --- /dev/null +++ b/website/docs/services/oauth2/client_roles/index.md @@ -0,0 +1,229 @@ +--- +title: client_roles +hide_title: false +hide_table_of_contents: false +keywords: + - client_roles + - oauth2 + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a client_roles resource. + +## Overview + + + + +
Nameclient_roles
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + +
NameDatatypeDescription
+ + + +Success + + + + + + + + + + + +
NameDatatypeDescription
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all roles assigned to a client app identified by `clientId`
subdomainRetrieves a role assignment (identified by `roleAssignmentId`) for a client app (identified by `clientId`)
subdomainAssigns a [standard role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles) to a client app.

You can also assign a custom role to a client app, but the preferred method to assign a custom role to a client is to create a binding between the custom role, the resource set, and the client app. See [Create a role resource set binding](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding).

> **Notes:**
> * The request payload is different for standard and custom role assignments.
> * For IAM-based standard role assignments, use the request payload for standard roles. However, the response payload for IAM-based role assignments is similar to the custom role's assignment response.
subdomainUnassigns a role assignment (identified by `roleAssignmentId`) from a client app (identified by `clientId`)
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all roles assigned to a client app identified by `clientId` + +```sql +SELECT +* +FROM okta.oauth2.client_roles +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves a role assignment (identified by `roleAssignmentId`) for a client app (identified by `clientId`) + +```sql +SELECT +* +FROM okta.oauth2.client_roles +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Assigns a [standard role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles) to a client app.

You can also assign a custom role to a client app, but the preferred method to assign a custom role to a client is to create a binding between the custom role, the resource set, and the client app. See [Create a role resource set binding](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding).

> **Notes:**
> * The request payload is different for standard and custom role assignments.
> * For IAM-based standard role assignments, use the request payload for standard roles. However, the response payload for IAM-based role assignments is similar to the custom role's assignment response. + +```sql +INSERT INTO okta.oauth2.client_roles ( +subdomain +) +SELECT +'{{ subdomain }}' +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: client_roles + props: + - name: subdomain + value: string + description: Required parameter for the client_roles resource. +``` + + + + +## `DELETE` examples + + + + +Unassigns a role assignment (identified by `roleAssignmentId`) from a client app (identified by `clientId`) + +```sql +DELETE FROM okta.oauth2.client_roles +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/oauth2/group_target_roles/index.md b/website/docs/services/oauth2/group_target_roles/index.md new file mode 100644 index 0000000..f0cc50e --- /dev/null +++ b/website/docs/services/oauth2/group_target_roles/index.md @@ -0,0 +1,245 @@ +--- +title: group_target_roles +hide_title: false +hide_table_of_contents: false +keywords: + - group_target_roles + - oauth2 + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a group_target_roles resource. + +## Overview + + + + +
Namegroup_target_roles
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringUnique ID for the group (example: 0gabcd1234)
objectEmbedded resources related to the group
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the group was created
string (date-time)Timestamp when the groups memberships were last updated
string (date-time)Timestamp when the group's profile was last updated
arrayDetermines the group's `profile`
Specifies required and optional properties for a group. The `objectClass` of a group determines which additional properties are available. You can extend group profiles with custom properties, but you must first add the properties to the group profile schema before you can reference them. Use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to manage schema extensions. Custom properties can contain HTML tags. It is the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting.
stringDetermines how a group's profile and memberships are managed
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainafter, limitLists all group targets for a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a client. If the role isn't scoped to specific group targets, Okta returns an empty array `[]`.
subdomainAssigns a group target to a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a client app. When you assign the first group target, you reduce the scope of the role assignment. The role no longer applies to all targets, but applies only to the specified target.
subdomainUnassigns a Group target from a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a client app.

> **Note:** You can't remove the last group target from a role assignment. If you need a role assignment that applies to all groups, delete the role assignment with the target and create another one. See [Unassign a client role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient).
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).
integerA limit on the number of objects to return
+ +## `SELECT` examples + + + + +Lists all group targets for a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a client. If the role isn't scoped to specific group targets, Okta returns an empty array `[]`. + +```sql +SELECT +id, +_embedded, +_links, +created, +lastMembershipUpdated, +lastUpdated, +objectClass, +profile, +type +FROM okta.oauth2.group_target_roles +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` + + + + +## `REPLACE` examples + + + + +Assigns a group target to a [`USER_ADMIN`](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles), `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a client app. When you assign the first group target, you reduce the scope of the role assignment. The role no longer applies to all targets, but applies only to the specified target. + +```sql +REPLACE okta.oauth2.group_target_roles +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + + + +## `DELETE` examples + + + + +Unassigns a Group target from a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to a client app.

> **Note:** You can't remove the last group target from a role assignment. If you need a role assignment that applies to all groups, delete the role assignment with the target and create another one. See [Unassign a client role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignmentClient/#tag/RoleAssignmentClient/operation/deleteRoleFromClient). + +```sql +DELETE FROM okta.oauth2.group_target_roles +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/oauth2/index.md b/website/docs/services/oauth2/index.md new file mode 100644 index 0000000..29314d1 --- /dev/null +++ b/website/docs/services/oauth2/index.md @@ -0,0 +1,34 @@ +--- +title: oauth2 +hide_title: false +hide_table_of_contents: false +keywords: + - oauth2 + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +oauth2 service documentation. + +:::info[Service Summary] + +total resources: __3__ + +::: + +## Resources +
+
+app_target_roles
+client_roles +
+
+group_target_roles +
+
\ No newline at end of file diff --git a/website/docs/services/okta_personal_settings/blocked_email_domains/index.md b/website/docs/services/okta_personal_settings/blocked_email_domains/index.md new file mode 100644 index 0000000..47dcc81 --- /dev/null +++ b/website/docs/services/okta_personal_settings/blocked_email_domains/index.md @@ -0,0 +1,103 @@ +--- +title: blocked_email_domains +hide_title: false +hide_table_of_contents: false +keywords: + - blocked_email_domains + - okta_personal_settings + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a blocked_email_domains resource. + +## Overview + + + + +
Nameblocked_email_domains
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainReplaces the list of blocked email domains which are excluded from app migration
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `REPLACE` examples + + + + +Replaces the list of blocked email domains which are excluded from app migration + +```sql +REPLACE okta.okta_personal_settings.blocked_email_domains +SET +data__domains = '{{ domains }}' +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/okta_personal_settings/index.md b/website/docs/services/okta_personal_settings/index.md new file mode 100644 index 0000000..a4b8471 --- /dev/null +++ b/website/docs/services/okta_personal_settings/index.md @@ -0,0 +1,34 @@ +--- +title: okta_personal_settings +hide_title: false +hide_table_of_contents: false +keywords: + - okta_personal_settings + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +okta_personal_settings service documentation. + +:::info[Service Summary] + +total resources: __3__ + +::: + +## Resources +
+
+blocked_email_domains
+personal_apps_export_block_list +
+
+settings +
+
\ No newline at end of file diff --git a/website/docs/services/okta_personal_settings/personal_apps_export_block_list/index.md b/website/docs/services/okta_personal_settings/personal_apps_export_block_list/index.md new file mode 100644 index 0000000..40ee19a --- /dev/null +++ b/website/docs/services/okta_personal_settings/personal_apps_export_block_list/index.md @@ -0,0 +1,126 @@ +--- +title: personal_apps_export_block_list +hide_title: false +hide_table_of_contents: false +keywords: + - personal_apps_export_block_list + - okta_personal_settings + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a personal_apps_export_block_list resource. + +## Overview + + + + +
Namepersonal_apps_export_block_list
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
arrayList of blocked email domains
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all blocked email domains which are excluded from app migration
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all blocked email domains which are excluded from app migration + +```sql +SELECT +domains +FROM okta.okta_personal_settings.personal_apps_export_block_list +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/okta_personal_settings/settings/index.md b/website/docs/services/okta_personal_settings/settings/index.md new file mode 100644 index 0000000..e0742c0 --- /dev/null +++ b/website/docs/services/okta_personal_settings/settings/index.md @@ -0,0 +1,104 @@ +--- +title: settings +hide_title: false +hide_table_of_contents: false +keywords: + - settings + - okta_personal_settings + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a settings resource. + +## Overview + + + + +
Namesettings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainReplaces Okta Personal admin settings in a Workforce org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `REPLACE` examples + + + + +Replaces Okta Personal admin settings in a Workforce org + +```sql +REPLACE okta.okta_personal_settings.settings +SET +data__enableEnduserEntryPoints = {{ enableEnduserEntryPoints }}, +data__enableExportApps = {{ enableExportApps }} +WHERE +subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/org/auto_assign_admin_app_setting/index.md b/website/docs/services/org/auto_assign_admin_app_setting/index.md new file mode 100644 index 0000000..e2c76a7 --- /dev/null +++ b/website/docs/services/org/auto_assign_admin_app_setting/index.md @@ -0,0 +1,160 @@ +--- +title: auto_assign_admin_app_setting +hide_title: false +hide_table_of_contents: false +keywords: + - auto_assign_admin_app_setting + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an auto_assign_admin_app_setting resource. + +## Overview + + + + +
Nameauto_assign_admin_app_setting
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + +
NameDatatypeDescription
booleanAutomatically assigns the Okta Admin Console to the user when an admin role is assigned
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the org setting to automatically assign the Okta Admin Console when an admin role is assigned
subdomainUpdates the org setting to automatically assign the Okta Admin Console when an admin role is assigned

> **Note:** This setting doesn't apply to the `SUPER_ADMIN` role.
> When you assign the `SUPER_ADMIN` role to a user, the Admin Console is always assigned to the user regardless of the `autoAssignAdminAppSetting` setting.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the org setting to automatically assign the Okta Admin Console when an admin role is assigned + +```sql +SELECT +autoAssignAdminAppSetting +FROM okta.org.auto_assign_admin_app_setting +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates the org setting to automatically assign the Okta Admin Console when an admin role is assigned

> **Note:** This setting doesn't apply to the `SUPER_ADMIN` role.
> When you assign the `SUPER_ADMIN` role to a user, the Admin Console is always assigned to the user regardless of the `autoAssignAdminAppSetting` setting. + +```sql +UPDATE okta.org.auto_assign_admin_app_setting +SET +data__autoAssignAdminAppSetting = {{ autoAssignAdminAppSetting }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +autoAssignAdminAppSetting; +``` + + diff --git a/website/docs/services/org/captcha_settings/index.md b/website/docs/services/org/captcha_settings/index.md new file mode 100644 index 0000000..046c1d2 --- /dev/null +++ b/website/docs/services/org/captcha_settings/index.md @@ -0,0 +1,202 @@ +--- +title: captcha_settings +hide_title: false +hide_table_of_contents: false +keywords: + - captcha_settings + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a captcha_settings resource. + +## Overview + + + + +
Namecaptcha_settings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectLink relations for the CAPTCHA settings object
stringThe unique key of the associated CAPTCHA instance
arrayAn array of pages that have CAPTCHA enabled
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the CAPTCHA settings object for your organization
> **Note**: If the current organization hasn't configured CAPTCHA Settings, the request returns an empty object.
subdomainReplaces the CAPTCHA settings object for your organization
> **Note**: You can disable CAPTCHA for your organization by setting `captchaId` and `enabledPages` to `null`.
subdomainDeletes the CAPTCHA settings object for your organization
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the CAPTCHA settings object for your organization
> **Note**: If the current organization hasn't configured CAPTCHA Settings, the request returns an empty object. + +```sql +SELECT +_links, +captchaId, +enabledPages +FROM okta.org.captcha_settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the CAPTCHA settings object for your organization
> **Note**: You can disable CAPTCHA for your organization by setting `captchaId` and `enabledPages` to `null`. + +```sql +REPLACE okta.org.captcha_settings +SET +data__captchaId = '{{ captchaId }}', +data__enabledPages = '{{ enabledPages }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +_links, +captchaId, +enabledPages; +``` + + + + +## `DELETE` examples + + + + +Deletes the CAPTCHA settings object for your organization + +```sql +DELETE FROM okta.org.captcha_settings +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/org/client_privileges_setting/index.md b/website/docs/services/org/client_privileges_setting/index.md new file mode 100644 index 0000000..3f24195 --- /dev/null +++ b/website/docs/services/org/client_privileges_setting/index.md @@ -0,0 +1,160 @@ +--- +title: client_privileges_setting +hide_title: false +hide_table_of_contents: false +keywords: + - client_privileges_setting + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a client_privileges_setting resource. + +## Overview + + + + +
Nameclient_privileges_setting
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + +
NameDatatypeDescription
booleanIf true, assigns the super admin role by default to new public client apps
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the org setting to assign the [Super Admin role](https://help.okta.com/okta_help.htm?type=oie&id=ext_superadmin) to new public client apps
subdomainAssigns the [Super Admin role](https://help.okta.com/okta_help.htm?type=oie&id=ext_superadmin) as the default role for new public client apps
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the org setting to assign the [Super Admin role](https://help.okta.com/okta_help.htm?type=oie&id=ext_superadmin) to new public client apps + +```sql +SELECT +clientPrivilegesSetting +FROM okta.org.client_privileges_setting +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Assigns the [Super Admin role](https://help.okta.com/okta_help.htm?type=oie&id=ext_superadmin) as the default role for new public client apps + +```sql +REPLACE okta.org.client_privileges_setting +SET +data__clientPrivilegesSetting = {{ clientPrivilegesSetting }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +clientPrivilegesSetting; +``` + + diff --git a/website/docs/services/org/communication_settings/index.md b/website/docs/services/org/communication_settings/index.md new file mode 100644 index 0000000..8ee0bd1 --- /dev/null +++ b/website/docs/services/org/communication_settings/index.md @@ -0,0 +1,178 @@ +--- +title: communication_settings +hide_title: false +hide_table_of_contents: false +keywords: + - communication_settings + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a communication_settings resource. + +## Overview + + + + +
Namecommunication_settings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for this object using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
booleanIndicates whether org users receive Okta communication emails
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves Okta Communication Settings of your org
subdomainOpts in all users of this org to Okta communication emails
subdomainOpts out all users of this org from Okta communication emails
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves Okta Communication Settings of your org + +```sql +SELECT +_links, +optOutEmailUsers +FROM okta.org.communication_settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## Lifecycle Methods + + + + +Opts in all users of this org to Okta communication emails + +```sql +EXEC okta.org.communication_settings.opt_in_users_to_okta_communication_emails +@subdomain='{{ subdomain }}' --required; +``` + + + +Opts out all users of this org from Okta communication emails + +```sql +EXEC okta.org.communication_settings.opt_out_users_from_okta_communication_emails +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/org/contact_types/index.md b/website/docs/services/org/contact_types/index.md new file mode 100644 index 0000000..b6e98e0 --- /dev/null +++ b/website/docs/services/org/contact_types/index.md @@ -0,0 +1,128 @@ +--- +title: contact_types +hide_title: false +hide_table_of_contents: false +keywords: + - contact_types + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a contact_types resource. + +## Overview + + + + +
Namecontact_types
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringType of contact
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all org contact types for your Okta org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all org contact types for your Okta org + +```sql +SELECT +contactType +FROM okta.org.contact_types +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/org/contacts/index.md b/website/docs/services/org/contacts/index.md new file mode 100644 index 0000000..448e1bc --- /dev/null +++ b/website/docs/services/org/contacts/index.md @@ -0,0 +1,167 @@ +--- +title: contacts +hide_title: false +hide_table_of_contents: false +keywords: + - contacts + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a contacts resource. + +## Overview + + + + +
Namecontacts
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the contact type user object using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
stringContact user ID
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the ID and the user resource associated with the specified contact type
subdomainReplaces the user associated with the specified contact type
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the ID and the user resource associated with the specified contact type + +```sql +SELECT +_links, +userId +FROM okta.org.contacts +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `REPLACE` examples + + + + +Replaces the user associated with the specified contact type + +```sql +REPLACE okta.org.contacts +SET +data__userId = '{{ userId }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +_links, +userId; +``` + + diff --git a/website/docs/services/org/email_customizations/index.md b/website/docs/services/org/email_customizations/index.md new file mode 100644 index 0000000..36e4856 --- /dev/null +++ b/website/docs/services/org/email_customizations/index.md @@ -0,0 +1,104 @@ +--- +title: email_customizations +hide_title: false +hide_table_of_contents: false +keywords: + - email_customizations + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an email_customizations resource. + +## Overview + + + + +
Nameemail_customizations
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRemoves emails from an email service bounce list.

The emails submitted in this operation are removed from the bounce list by an asynchronous job.
Any email address that passes validation is accepted for the removal process, even if there are other email addresses in the request that failed validation.

> **Note:** If there are validation errors for all email addresses, a `200 OK` HTTP status is still returned.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## Lifecycle Methods + + + + +Removes emails from an email service bounce list.

The emails submitted in this operation are removed from the bounce list by an asynchronous job.
Any email address that passes validation is accepted for the removal process, even if there are other email addresses in the request that failed validation.

> **Note:** If there are validation errors for all email addresses, a `200 OK` HTTP status is still returned.
+ +```sql +EXEC okta.org.email_customizations.bulk_remove_email_address_bounces +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"emailAddresses": "{{ emailAddresses }}" +}'; +``` + + diff --git a/website/docs/services/org/index.md b/website/docs/services/org/index.md new file mode 100644 index 0000000..7a66caa --- /dev/null +++ b/website/docs/services/org/index.md @@ -0,0 +1,46 @@ +--- +title: org +hide_title: false +hide_table_of_contents: false +keywords: + - org + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +org service documentation. + +:::info[Service Summary] + +total resources: __15__ + +::: + +## Resources +
+
+auto_assign_admin_app_setting
+captcha_settings
+client_privileges_setting
+communication_settings
+contact_types
+contacts
+email_customizations
+okta_support +
+
+preferences
+settings
+support_aerial_consent
+support_cases
+support_settings
+third_party_admin_setting
+yubikey_otp_tokens +
+
\ No newline at end of file diff --git a/website/docs/services/org/okta_support/index.md b/website/docs/services/org/okta_support/index.md new file mode 100644 index 0000000..1495eaa --- /dev/null +++ b/website/docs/services/org/okta_support/index.md @@ -0,0 +1,170 @@ +--- +title: okta_support +hide_title: false +hide_table_of_contents: false +keywords: + - okta_support + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an okta_support resource. + +## Overview + + + + +
Nameokta_support
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainGrants Okta Support temporary access to your org as an administrator for eight hours

> **Note:** This resource is deprecated. Use the [Update an Okta Support case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) resource to grant Okta Support access for a support case.
> For the corresponding Okta Admin Console feature, see [Give access to Okta Support](https://help.okta.com/okta_help.htm?type=oie&id=settings-support-access).
subdomainRevokes Okta Support access to your org

> **Note:** This resource is deprecated. Use the [Update an Okta Support case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) resource to revoke Okta Support access for a support case.
> For the corresponding Okta Admin Console feature, see [Give access to Okta Support](https://help.okta.com/okta_help.htm?type=oie&id=settings-support-access).
subdomainExtends the length of time that Okta Support can access your org by 24 hours. This means that 24 hours are added to the remaining access time.

> **Note:** This resource is deprecated. Use the [Update an Okta Support case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) resource to extend Okta Support access for a support case.
> For the corresponding Okta Admin Console feature, see [Give access to Okta Support](https://help.okta.com/okta_help.htm?type=oie&id=settings-support-access).
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `INSERT` examples + + + + +Grants Okta Support temporary access to your org as an administrator for eight hours

> **Note:** This resource is deprecated. Use the [Update an Okta Support case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) resource to grant Okta Support access for a support case.
> For the corresponding Okta Admin Console feature, see [Give access to Okta Support](https://help.okta.com/okta_help.htm?type=oie&id=settings-support-access). + +```sql +INSERT INTO okta.org.okta_support ( +subdomain +) +SELECT +'{{ subdomain }}' +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: okta_support + props: + - name: subdomain + value: string + description: Required parameter for the okta_support resource. +``` + + + + +## `DELETE` examples + + + + +Revokes Okta Support access to your org

> **Note:** This resource is deprecated. Use the [Update an Okta Support case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) resource to revoke Okta Support access for a support case.
> For the corresponding Okta Admin Console feature, see [Give access to Okta Support](https://help.okta.com/okta_help.htm?type=oie&id=settings-support-access). + +```sql +DELETE FROM okta.org.okta_support +WHERE subdomain = '{{ subdomain }}' --required; +``` + + + + +## Lifecycle Methods + + + + +Extends the length of time that Okta Support can access your org by 24 hours. This means that 24 hours are added to the remaining access time.

> **Note:** This resource is deprecated. Use the [Update an Okta Support case](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/OrgSettingSupport/#tag/OrgSettingSupport/operation/updateOktaSupportCase) resource to extend Okta Support access for a support case.
> For the corresponding Okta Admin Console feature, see [Give access to Okta Support](https://help.okta.com/okta_help.htm?type=oie&id=settings-support-access). + +```sql +EXEC okta.org.okta_support.extend_okta_support +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/org/preferences/index.md b/website/docs/services/org/preferences/index.md new file mode 100644 index 0000000..51b6f97 --- /dev/null +++ b/website/docs/services/org/preferences/index.md @@ -0,0 +1,199 @@ +--- +title: preferences +hide_title: false +hide_table_of_contents: false +keywords: + - preferences + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a preferences resource. + +## Overview + + + + +
Namepreferences
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for this object using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
booleanIndicates if the footer is shown on the End-User Dashboard
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves preferences of your Okta org
subdomainUploads and replaces the logo for your organization
subdomainSets the preference to hide the Okta End-User Dashboard footer for all end users of your org
subdomainSets the preference to show the Okta UI footer for all end users of your org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves preferences of your Okta org + +```sql +SELECT +_links, +showEndUserFooter +FROM okta.org.preferences +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## Lifecycle Methods + + + + +Uploads and replaces the logo for your organization + +```sql +EXEC okta.org.preferences.upload_org_logo +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"file": "{{ file }}" +}'; +``` + + + +Sets the preference to hide the Okta End-User Dashboard footer for all end users of your org + +```sql +EXEC okta.org.preferences.set_org_hide_okta_uifooter +@subdomain='{{ subdomain }}' --required; +``` + + + +Sets the preference to show the Okta UI footer for all end users of your org + +```sql +EXEC okta.org.preferences.set_org_show_okta_uifooter +@subdomain='{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/org/settings/index.md b/website/docs/services/org/settings/index.md new file mode 100644 index 0000000..37c1f22 --- /dev/null +++ b/website/docs/services/org/settings/index.md @@ -0,0 +1,348 @@ +--- +title: settings +hide_title: false +hide_table_of_contents: false +keywords: + - settings + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a settings resource. + +## Overview + + + + +
Namesettings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringOrg ID
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the org using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
stringPrimary address of the organization associated with the org
stringSecondary address of the organization associated with the org
stringCity of the organization associated with the org
stringName of org
stringCounty of the organization associated with the org
string (date-time)When org was created
stringSupport link of org
string (date-time)Expiration of org
string (date-time)When org was last updated
stringPhone number of the organization associated with the org
stringPostal code of the organization associated with the org
stringState of the organization associated with the org
stringStatus of org
stringSubdomain of org
stringSupport help phone of the organization associated with the org
stringWebsite of the organization associated with the org
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the Org General Settings
subdomainUpdates partial Org General Settings
subdomainReplaces the Org General Settings for your Okta org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the Org General Settings + +```sql +SELECT +id, +_links, +address1, +address2, +city, +companyName, +country, +created, +endUserSupportHelpURL, +expiresAt, +lastUpdated, +phoneNumber, +postalCode, +state, +status, +subdomain, +supportPhoneNumber, +website +FROM okta.org.settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates partial Org General Settings + +```sql +UPDATE okta.org.settings +SET +data__address1 = '{{ address1 }}', +data__address2 = '{{ address2 }}', +data__city = '{{ city }}', +data__companyName = '{{ companyName }}', +data__country = '{{ country }}', +data__endUserSupportHelpURL = '{{ endUserSupportHelpURL }}', +data__phoneNumber = '{{ phoneNumber }}', +data__postalCode = '{{ postalCode }}', +data__state = '{{ state }}', +data__supportPhoneNumber = '{{ supportPhoneNumber }}', +data__website = '{{ website }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_links, +address1, +address2, +city, +companyName, +country, +created, +endUserSupportHelpURL, +expiresAt, +lastUpdated, +phoneNumber, +postalCode, +state, +status, +subdomain, +supportPhoneNumber, +website; +``` + + + + +## `REPLACE` examples + + + + +Replaces the Org General Settings for your Okta org + +```sql +REPLACE okta.org.settings +SET +data__address1 = '{{ address1 }}', +data__address2 = '{{ address2 }}', +data__city = '{{ city }}', +data__companyName = '{{ companyName }}', +data__country = '{{ country }}', +data__endUserSupportHelpURL = '{{ endUserSupportHelpURL }}', +data__phoneNumber = '{{ phoneNumber }}', +data__postalCode = '{{ postalCode }}', +data__state = '{{ state }}', +data__supportPhoneNumber = '{{ supportPhoneNumber }}', +data__website = '{{ website }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_links, +address1, +address2, +city, +companyName, +country, +created, +endUserSupportHelpURL, +expiresAt, +lastUpdated, +phoneNumber, +postalCode, +state, +status, +subdomain, +supportPhoneNumber, +website; +``` + + diff --git a/website/docs/services/org/support_aerial_consent/index.md b/website/docs/services/org/support_aerial_consent/index.md new file mode 100644 index 0000000..4720335 --- /dev/null +++ b/website/docs/services/org/support_aerial_consent/index.md @@ -0,0 +1,228 @@ +--- +title: support_aerial_consent +hide_title: false +hide_table_of_contents: false +keywords: + - support_aerial_consent + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a support_aerial_consent resource. + +## Overview + + + + +
Namesupport_aerial_consent
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
stringThe unique ID of the Aerial account
stringPrincipal ID of the user who granted the permission (example: 00u23ej02I2RLFxS5406)
stringDate when grant was created (example: 2024-07-24T16:01:13.000Z)
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the Okta Aerial consent grant details for your Org. Returns a 404 Not Found error if no consent has been granted.
subdomainGrants an Okta Aerial account consent to manage your org. If the org is a child org, consent is taken from the parent org. Grant calls directly to the child are not allowed.
subdomainRevokes access of an Okta Aerial account to your Org. The revoke operation will fail if the org has already been added to an Aerial account.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the Okta Aerial consent grant details for your Org. Returns a 404 Not Found error if no consent has been granted. + +```sql +SELECT +_links, +accountId, +grantedBy, +grantedDate +FROM okta.org.support_aerial_consent +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `INSERT` examples + + + + +Grants an Okta Aerial account consent to manage your org. If the org is a child org, consent is taken from the parent org. Grant calls directly to the child are not allowed. + +```sql +INSERT INTO okta.org.support_aerial_consent ( +data__accountId, +subdomain +) +SELECT +'{{ accountId }}' --required, +'{{ subdomain }}' +RETURNING +_links, +accountId, +grantedBy, +grantedDate +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: support_aerial_consent + props: + - name: subdomain + value: string + description: Required parameter for the support_aerial_consent resource. + - name: accountId + value: string + description: > + The unique ID of the Aerial account + +``` + + + + +## `DELETE` examples + + + + +Revokes access of an Okta Aerial account to your Org. The revoke operation will fail if the org has already been added to an Aerial account. + +```sql +DELETE FROM okta.org.support_aerial_consent +WHERE subdomain = '{{ subdomain }}' --required; +``` + + diff --git a/website/docs/services/org/support_cases/index.md b/website/docs/services/org/support_cases/index.md new file mode 100644 index 0000000..bc180c5 --- /dev/null +++ b/website/docs/services/org/support_cases/index.md @@ -0,0 +1,164 @@ +--- +title: support_cases +hide_title: false +hide_table_of_contents: false +keywords: + - support_cases + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a support_cases resource. + +## Overview + + + + +
Namesupport_cases
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + +
NameDatatypeDescription
array
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all Okta Support cases that the requesting principal has permission to view
subdomainUpdates access to the org for an Okta Support case:

* You can enable, disable, or extend access to your org for an Okta Support case.

* You can approve Okta Support access to your org for self-assigned cases. A self-assigned case is created and assigned by the same Okta Support user.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Lists all Okta Support cases that the requesting principal has permission to view + +```sql +SELECT +supportCases +FROM okta.org.support_cases +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates access to the org for an Okta Support case:

* You can enable, disable, or extend access to your org for an Okta Support case.

* You can approve Okta Support access to your org for self-assigned cases. A self-assigned case is created and assigned by the same Okta Support user. + +```sql +UPDATE okta.org.support_cases +SET +data__impersonation = '{{ impersonation }}', +data__selfAssigned = '{{ selfAssigned }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +caseNumber, +impersonation, +selfAssigned, +subject; +``` + + diff --git a/website/docs/services/org/support_settings/index.md b/website/docs/services/org/support_settings/index.md new file mode 100644 index 0000000..22d3a1f --- /dev/null +++ b/website/docs/services/org/support_settings/index.md @@ -0,0 +1,146 @@ +--- +title: support_settings +hide_title: false +hide_table_of_contents: false +keywords: + - support_settings + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a support_settings resource. + +## Overview + + + + +
Namesupport_settings
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the Okta Support Settings object using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification
stringSupport case number for the Okta Support access grant
string (date-time)Expiration of Okta Support
stringStatus of Okta Support Settings
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves Okta Support Settings for your org
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves Okta Support Settings for your org + +```sql +SELECT +_links, +caseNumber, +expiration, +support +FROM okta.org.support_settings +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + diff --git a/website/docs/services/org/third_party_admin_setting/index.md b/website/docs/services/org/third_party_admin_setting/index.md new file mode 100644 index 0000000..b7696b4 --- /dev/null +++ b/website/docs/services/org/third_party_admin_setting/index.md @@ -0,0 +1,160 @@ +--- +title: third_party_admin_setting +hide_title: false +hide_table_of_contents: false +keywords: + - third_party_admin_setting + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a third_party_admin_setting resource. + +## Overview + + + + +
Namethird_party_admin_setting
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + +
NameDatatypeDescription
booleanIndicates if the third-party admin functionality is enabled
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainRetrieves the third-party admin setting. See [Configure third-party administrators](https://help.okta.com/okta_help.htm?type=oie&id=csh_admin-third) in the Okta product documentation.
subdomainUpdates the third-party admin setting.
This setting allows third-party admins to perform administrative actions in the Admin Console, but they can't do any of the following:
* Receive Okta admin email notifications
* Contact Okta support
* Sign in to the Okta Help Center

See [Configure third-party administrators](https://help.okta.com/okta_help.htm?type=oie&id=csh_admin-third) in the Okta product documentation.
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `SELECT` examples + + + + +Retrieves the third-party admin setting. See [Configure third-party administrators](https://help.okta.com/okta_help.htm?type=oie&id=csh_admin-third) in the Okta product documentation. + +```sql +SELECT +thirdPartyAdmin +FROM okta.org.third_party_admin_setting +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + + +## `UPDATE` examples + + + + +Updates the third-party admin setting.
This setting allows third-party admins to perform administrative actions in the Admin Console, but they can't do any of the following:
* Receive Okta admin email notifications
* Contact Okta support
* Sign in to the Okta Help Center

See [Configure third-party administrators](https://help.okta.com/okta_help.htm?type=oie&id=csh_admin-third) in the Okta product documentation.
+ +```sql +UPDATE okta.org.third_party_admin_setting +SET +data__thirdPartyAdmin = {{ thirdPartyAdmin }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +thirdPartyAdmin; +``` + + diff --git a/website/docs/services/org/yubikey_otp_tokens/index.md b/website/docs/services/org/yubikey_otp_tokens/index.md new file mode 100644 index 0000000..6637478 --- /dev/null +++ b/website/docs/services/org/yubikey_otp_tokens/index.md @@ -0,0 +1,293 @@ +--- +title: yubikey_otp_tokens +hide_title: false +hide_table_of_contents: false +keywords: + - yubikey_otp_tokens + - org + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a yubikey_otp_tokens resource. + +## Overview + + + + +
Nameyubikey_otp_tokens
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + + + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the token (example: ykkwcx13nrDq8g4oy0g3)
object
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the token was created (example: 2022-08-25T00:31:00.000Z)
string (date-time)Timestamp when the token was last updated (example: 2022-08-25T00:31:00.000Z)
string (date-time)Timestamp when the token was last verified (example: 2022-08-25T00:31:00.000Z)
objectSpecified profile information for token
stringToken status
+ + + +Success + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringID of the token (example: ykkwcx13nrDq8g4oy0g3)
object
objectSpecifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.
string (date-time)Timestamp when the token was created (example: 2022-08-25T00:31:00.000Z)
string (date-time)Timestamp when the token was last updated (example: 2022-08-25T00:31:00.000Z)
string (date-time)Timestamp when the token was last verified (example: 2022-08-25T00:31:00.000Z)
objectSpecified profile information for token
stringToken status
+ + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainLists all YubiKey OTP tokens
tokenId, subdomainRetrieves the specified YubiKey OTP token by `id`
subdomainUploads a seed for a user to enroll a YubiKey OTP
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
stringThe YubiKey OTP token ID
+ +## `SELECT` examples + + + + +Lists all YubiKey OTP tokens + +```sql +SELECT +id, +_embedded, +_links, +created, +lastUpdated, +lastVerified, +profile, +status +FROM okta.org.yubikey_otp_tokens +WHERE subdomain = '{{ subdomain }}' -- required; +``` + + + +Retrieves the specified YubiKey OTP token by `id` + +```sql +SELECT +id, +_embedded, +_links, +created, +lastUpdated, +lastVerified, +profile, +status +FROM okta.org.yubikey_otp_tokens +WHERE tokenId = '{{ tokenId }}' -- required +AND subdomain = '{{ subdomain }}' -- required; +``` + + + + +## Lifecycle Methods + + + + +Uploads a seed for a user to enroll a YubiKey OTP + +```sql +EXEC okta.org.yubikey_otp_tokens.upload_yubikey_otp_token_seed +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"serialNumber": "{{ serialNumber }}", +"publicId": "{{ publicId }}", +"privateId": "{{ privateId }}", +"aesKey": "{{ aesKey }}" +}'; +``` + + diff --git a/website/docs/services/orgs/child_orgs/index.md b/website/docs/services/orgs/child_orgs/index.md new file mode 100644 index 0000000..a1daa08 --- /dev/null +++ b/website/docs/services/orgs/child_orgs/index.md @@ -0,0 +1,170 @@ +--- +title: child_orgs +hide_title: false +hide_table_of_contents: false +keywords: + - child_orgs + - orgs + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a child_orgs resource. + +## Overview + + + + +
Namechild_orgs
TypeResource
Id
+ +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + + + + + + + + + + + + + + + + + + + + +
NameAccessible byRequired ParamsOptional ParamsDescription
subdomainCreates an org (child org) that has the same features as the current requesting org (parent org).
A child org inherits any new features added to the parent org, but new features added to the child org aren't propagated back to the parent org.
> **Notes:**
> * Some features associated with products, such as Atspoke, Workflows, and Okta Identity Governance, aren't propagated to the child org.
> * Wait at least 30 seconds after a 201-Created response before you make API requests to the new child org.
> * For rate limits, see [Org creation rate limits](https://developer.okta.com/docs/reference/rl-additional-limits/#org-creation-rate-limits).
+ +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + + + + + + + + + + + + + + + + +
NameDatatypeDescription
stringThe domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
+ +## `INSERT` examples + + + + +Creates an org (child org) that has the same features as the current requesting org (parent org).
A child org inherits any new features added to the parent org, but new features added to the child org aren't propagated back to the parent org.
> **Notes:**
> * Some features associated with products, such as Atspoke, Workflows, and Okta Identity Governance, aren't propagated to the child org.
> * Wait at least 30 seconds after a 201-Created response before you make API requests to the new child org.
> * For rate limits, see [Org creation rate limits](https://developer.okta.com/docs/reference/rl-additional-limits/#org-creation-rate-limits). + +```sql +INSERT INTO okta.orgs.child_orgs ( +data__admin, +data__edition, +data__name, +data__subdomain, +data__website, +subdomain +) +SELECT +'{{ admin }}' --required, +'{{ edition }}' --required, +'{{ name }}' --required, +'{{ subdomain }}' --required, +'{{ website }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +admin, +created, +edition, +lastUpdated, +settings, +status, +subdomain, +token, +tokenType, +website +; +``` + + + +```yaml +# Description fields are for documentation purposes +- name: child_orgs + props: + - name: subdomain + value: string + description: Required parameter for the child_orgs resource. + - name: admin + value: object + description: > + Profile and credential information for the first super admin user of the child org. +If you plan to configure and manage the org programmatically, create a system user with a dedicated email address and a strong password. +> **Note:** If you don't provide `credentials`, the super admin user is prompted to set up their credentials when they sign in to the org for the first time. + + - name: edition + value: string + description: > + Edition for the org. `SKU` is the only supported value. + + valid_values: ['SKU'] + - name: name + value: string + description: > + Unique name of the org. +This name appears in the HTML `` tag of the new org sign-in page. +Only less than 4-width UTF-8 encoded characters are allowed. + + - name: subdomain + value: string + description: > + Subdomain of the org. Must be unique and include no spaces. + + - name: website + value: string + description: > + Default website for the org + +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/orgs/index.md b/website/docs/services/orgs/index.md new file mode 100644 index 0000000..78b3323 --- /dev/null +++ b/website/docs/services/orgs/index.md @@ -0,0 +1,33 @@ +--- +title: orgs +hide_title: false +hide_table_of_contents: false +keywords: + - orgs + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +orgs service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/orgs/child_orgs/">child_orgs</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/policies/index.md b/website/docs/services/policies/index.md new file mode 100644 index 0000000..5a70a04 --- /dev/null +++ b/website/docs/services/policies/index.md @@ -0,0 +1,35 @@ +--- +title: policies +hide_title: false +hide_table_of_contents: false +keywords: + - policies + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +policies service documentation. + +:::info[Service Summary] + +total resources: __4__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/policies/policies/">policies</a><br /> +<a href="/services/policies/policy_apps/">policy_apps</a> +</div> +<div class="providerDocColumn"> +<a href="/services/policies/policy_mappings/">policy_mappings</a><br /> +<a href="/services/policies/policy_rules/">policy_rules</a> +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/policies/policies/index.md b/website/docs/services/policies/policies/index.md new file mode 100644 index 0000000..2ca50d8 --- /dev/null +++ b/website/docs/services/policies/policies/index.md @@ -0,0 +1,606 @@ +--- +title: policies +hide_title: false +hide_table_of_contents: false +keywords: + - policies + - policies + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>policies</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>policies</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.policies.policies" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_policies" + values={[ + { label: 'list_policies', value: 'list_policies' }, + { label: 'get_policy', value: 'get_policy' } + ]} +> +<TabItem value="list_policies"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Identifier of the policy (default: Assigned)</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Name of the policy</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the policy was created (default: Assigned)</td> +</tr> +<tr> + <td><CopyableCode code="description" /></td> + <td><code>string</code></td> + <td>Description of the policy</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the policy was last modified (default: Assigned)</td> +</tr> +<tr> + <td><CopyableCode code="priority" /></td> + <td><code>integer</code></td> + <td>Specifies the order in which this policy is evaluated in relation to the other policies (default: Last / Lowest Priority, for example `1`)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Whether or not the policy is active. Use the `activate` query parameter to set the status of a policy.</td> +</tr> +<tr> + <td><CopyableCode code="system" /></td> + <td><code>boolean</code></td> + <td>Specifies whether Okta created the policy</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>All Okta orgs contain only one IdP discovery policy with an immutable default rule routing to your org's sign-in page, one entity risk policy, and one session protection policy. Creating or replacing a policy with the `IDP_DISCOVERY` type, the `ENTITY_RISK` type, or the `POST_AUTH_SESSION` type isn't supported. The following policy types are available with Identity Engine: `ACCESS_POLICY`, `PROFILE_ENROLLMENT`, `POST_AUTH_SESSION`, <x-lifecycle class="ea"></x-lifecycle> `DEVICE_SIGNAL_COLLECTION`, and `ENTITY_RISK`.</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_policy"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Identifier of the policy (default: Assigned)</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Name of the policy</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the policy was created (default: Assigned)</td> +</tr> +<tr> + <td><CopyableCode code="description" /></td> + <td><code>string</code></td> + <td>Description of the policy</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the policy was last modified (default: Assigned)</td> +</tr> +<tr> + <td><CopyableCode code="priority" /></td> + <td><code>integer</code></td> + <td>Specifies the order in which this policy is evaluated in relation to the other policies (default: Last / Lowest Priority, for example `1`)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Whether or not the policy is active. Use the `activate` query parameter to set the status of a policy.</td> +</tr> +<tr> + <td><CopyableCode code="system" /></td> + <td><code>boolean</code></td> + <td>Specifies whether Okta created the policy</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>All Okta orgs contain only one IdP discovery policy with an immutable default rule routing to your org's sign-in page, one entity risk policy, and one session protection policy. Creating or replacing a policy with the `IDP_DISCOVERY` type, the `ENTITY_RISK` type, or the `POST_AUTH_SESSION` type isn't supported. The following policy types are available with Identity Engine: `ACCESS_POLICY`, `PROFILE_ENROLLMENT`, `POST_AUTH_SESSION`, <x-lifecycle class="ea"></x-lifecycle> `DEVICE_SIGNAL_COLLECTION`, and `ENTITY_RISK`.</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_policies"><CopyableCode code="list_policies" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-type"><code>type</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-status"><code>status</code></a>, <a href="#parameter-q"><code>q</code></a>, <a href="#parameter-expand"><code>expand</code></a>, <a href="#parameter-sortBy"><code>sortBy</code></a>, <a href="#parameter-limit"><code>limit</code></a>, <a href="#parameter-resourceId"><code>resourceId</code></a>, <a href="#parameter-after"><code>after</code></a></td> + <td>Lists all policies with the specified type</td> +</tr> +<tr> + <td><a href="#get_policy"><CopyableCode code="get_policy" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-expand"><code>expand</code></a></td> + <td>Retrieves a policy</td> +</tr> +<tr> + <td><a href="#create_policy"><CopyableCode code="create_policy" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-activate"><code>activate</code></a></td> + <td>Creates a policy. There are many types of policies that you can create. See [Policies](https://developer.okta.com/docs/concepts/policies/) for an overview of the types of policies available and links to more indepth information.</td> +</tr> +<tr> + <td><a href="#replace_policy"><CopyableCode code="replace_policy" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces the properties of a policy identified by `policyId`</td> +</tr> +<tr> + <td><a href="#delete_policy"><CopyableCode code="delete_policy" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a policy</td> +</tr> +<tr> + <td><a href="#create_policy_simulation"><CopyableCode code="create_policy_simulation" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a policy or policy rule simulation. The access simulation evaluates policy and policy rules based on the existing policy rule configuration.<br />The evaluation result simulates what the real-world authentication flow is and what policy rules have been applied or matched to the authentication flow.</td> +</tr> +<tr> + <td><a href="#clone_policy"><CopyableCode code="clone_policy" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Clones an existing policy</td> +</tr> +<tr> + <td><a href="#activate_policy"><CopyableCode code="activate_policy" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Activates a policy</td> +</tr> +<tr> + <td><a href="#deactivate_policy"><CopyableCode code="deactivate_policy" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deactivates a policy</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-type"> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Specifies the type of policy to return. The following policy types are available only with the Okta Identity Engine - `ACCESS_POLICY`, <x-lifecycle class="ea"></x-lifecycle> `DEVICE_SIGNAL_COLLECTION`, `PROFILE_ENROLLMENT`, `POST_AUTH_SESSION`, and `ENTITY_RISK`.</td> +</tr> +<tr id="parameter-activate"> + <td><CopyableCode code="activate" /></td> + <td><code>boolean</code></td> + <td>This query parameter is only valid for Classic Engine orgs.</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>End page cursor for pagination, see [Pagination](https://developer.okta.com/docs/api/#pagination)</td> +</tr> +<tr id="parameter-expand"> + <td><CopyableCode code="expand" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>string</code></td> + <td>Defines the number of policies returned, see [Pagination](https://developer.okta.com/docs/api/#pagination)</td> +</tr> +<tr id="parameter-q"> + <td><CopyableCode code="q" /></td> + <td><code>string</code></td> + <td>Refines the query by policy name prefix (startWith method) passed in as `q=string`</td> +</tr> +<tr id="parameter-resourceId"> + <td><CopyableCode code="resourceId" /></td> + <td><code>string</code></td> + <td>Reference to the associated authorization server</td> +</tr> +<tr id="parameter-sortBy"> + <td><CopyableCode code="sortBy" /></td> + <td><code>string</code></td> + <td>Refines the query by sorting on the policy `name` in ascending order</td> +</tr> +<tr id="parameter-status"> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Refines the query by the `status` of the policy - `ACTIVE` or `INACTIVE`</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_policies" + values={[ + { label: 'list_policies', value: 'list_policies' }, + { label: 'get_policy', value: 'get_policy' } + ]} +> +<TabItem value="list_policies"> + +Lists all policies with the specified type + +```sql +SELECT +id, +name, +_embedded, +_links, +created, +description, +lastUpdated, +priority, +status, +system, +type +FROM okta.policies.policies +WHERE type = '{{ type }}' -- required +AND subdomain = '{{ subdomain }}' -- required +AND status = '{{ status }}' +AND q = '{{ q }}' +AND expand = '{{ expand }}' +AND sortBy = '{{ sortBy }}' +AND limit = '{{ limit }}' +AND resourceId = '{{ resourceId }}' +AND after = '{{ after }}'; +``` +</TabItem> +<TabItem value="get_policy"> + +Retrieves a policy + +```sql +SELECT +id, +name, +_embedded, +_links, +created, +description, +lastUpdated, +priority, +status, +system, +type +FROM okta.policies.policies +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_policy" + values={[ + { label: 'create_policy', value: 'create_policy' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_policy"> + +Creates a policy. There are many types of policies that you can create. See [Policies](https://developer.okta.com/docs/concepts/policies/) for an overview of the types of policies available and links to more indepth information. + +```sql +INSERT INTO okta.policies.policies ( +data__description, +data__name, +data__priority, +data__status, +data__system, +data__type, +subdomain, +activate +) +SELECT +'{{ description }}', +'{{ name }}' --required, +{{ priority }}, +'{{ status }}', +{{ system }}, +'{{ type }}' --required, +'{{ subdomain }}', +'{{ activate }}' +RETURNING +id, +name, +_embedded, +_links, +created, +description, +lastUpdated, +priority, +status, +system, +type +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: policies + props: + - name: subdomain + value: string + description: Required parameter for the policies resource. + - name: description + value: string + description: > + Description of the policy + + default: null + - name: name + value: string + description: > + Name of the policy + + - name: priority + value: integer + description: > + Specifies the order in which this policy is evaluated in relation to the other policies + + default: Last / Lowest Priority, for example `1` + - name: status + value: string + description: > + Whether or not the policy is active. Use the `activate` query parameter to set the status of a policy. + + valid_values: ['ACTIVE', 'INACTIVE'] + - name: system + value: boolean + description: > + Specifies whether Okta created the policy + + default: false + - name: type + value: string + description: > + All Okta orgs contain only one IdP discovery policy with an immutable default rule routing to your org's sign-in page, one entity risk policy, and one session protection policy. +Creating or replacing a policy with the `IDP_DISCOVERY` type, the `ENTITY_RISK` type, or the `POST_AUTH_SESSION` type isn't supported. +The following policy types are available with Identity Engine: `ACCESS_POLICY`, `PROFILE_ENROLLMENT`, `POST_AUTH_SESSION`, <x-lifecycle class="ea"></x-lifecycle> `DEVICE_SIGNAL_COLLECTION`, and `ENTITY_RISK`. + + valid_values: ['<x-lifecycle class="ea"></x-lifecycle> DEVICE_SIGNAL_COLLECTION', 'ACCESS_POLICY', 'ENTITY_RISK', 'IDP_DISCOVERY', 'MFA_ENROLL', 'OKTA_SIGN_ON', 'PASSWORD', 'POST_AUTH_SESSION', 'PROFILE_ENROLLMENT'] + - name: activate + value: boolean + description: This query parameter is only valid for Classic Engine orgs. +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_policy" + values={[ + { label: 'replace_policy', value: 'replace_policy' } + ]} +> +<TabItem value="replace_policy"> + +Replaces the properties of a policy identified by `policyId` + +```sql +REPLACE okta.policies.policies +SET +data__description = '{{ description }}', +data__name = '{{ name }}', +data__priority = {{ priority }}, +data__status = '{{ status }}', +data__system = {{ system }}, +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +AND data__type = '{{ type }}' --required +RETURNING +id, +name, +_embedded, +_links, +created, +description, +lastUpdated, +priority, +status, +system, +type; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_policy" + values={[ + { label: 'delete_policy', value: 'delete_policy' } + ]} +> +<TabItem value="delete_policy"> + +Deletes a policy + +```sql +DELETE FROM okta.policies.policies +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="create_policy_simulation" + values={[ + { label: 'create_policy_simulation', value: 'create_policy_simulation' }, + { label: 'clone_policy', value: 'clone_policy' }, + { label: 'activate_policy', value: 'activate_policy' }, + { label: 'deactivate_policy', value: 'deactivate_policy' } + ]} +> +<TabItem value="create_policy_simulation"> + +Creates a policy or policy rule simulation. The access simulation evaluates policy and policy rules based on the existing policy rule configuration.<br />The evaluation result simulates what the real-world authentication flow is and what policy rules have been applied or matched to the authentication flow. + +```sql +EXEC okta.policies.policies.create_policy_simulation +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="clone_policy"> + +Clones an existing policy + +```sql +EXEC okta.policies.policies.clone_policy +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="activate_policy"> + +Activates a policy + +```sql +EXEC okta.policies.policies.activate_policy +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="deactivate_policy"> + +Deactivates a policy + +```sql +EXEC okta.policies.policies.deactivate_policy +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/policies/policy_apps/index.md b/website/docs/services/policies/policy_apps/index.md new file mode 100644 index 0000000..d954c23 --- /dev/null +++ b/website/docs/services/policies/policy_apps/index.md @@ -0,0 +1,212 @@ +--- +title: policy_apps +hide_title: false +hide_table_of_contents: false +keywords: + - policy_apps + - policies + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>policy_apps</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>policy_apps</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.policies.policy_apps" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_policy_apps" + values={[ + { label: 'list_policy_apps', value: 'list_policy_apps' } + ]} +> +<TabItem value="list_policy_apps"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique ID for the app instance</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>Embedded resources related to the app using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. If the `expand=user/{userId}` query parameter is specified, then the assigned [Application User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationUsers/) is embedded.</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Discoverable resources related to the app</td> +</tr> +<tr> + <td><CopyableCode code="accessibility" /></td> + <td><code>object</code></td> + <td>Specifies access settings for the app</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the application object was created</td> +</tr> +<tr> + <td><CopyableCode code="features" /></td> + <td><code>array</code></td> + <td>Enabled app features > **Note:** See [Application Features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/ApplicationFeatures/) for app provisioning features. </td> +</tr> +<tr> + <td><CopyableCode code="label" /></td> + <td><code>string</code></td> + <td>User-defined display name for app</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the application object was last updated</td> +</tr> +<tr> + <td><CopyableCode code="licensing" /></td> + <td><code>object</code></td> + <td>Licenses for the app</td> +</tr> +<tr> + <td><CopyableCode code="orn" /></td> + <td><code>string</code></td> + <td>The Okta resource name (ORN) for the current app instance</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code>object</code></td> + <td>Contains any valid JSON schema for specifying properties that can be referenced from a request (only available to OAuth 2.0 client apps). For example, add an app manager contact email address or define an allowlist of groups that you can then reference using the Okta Expression Language `getFilteredGroups` function. > **Notes:** > * `profile` isn't encrypted, so don't store sensitive data in it. > * `profile` doesn't limit the level of nesting in the JSON schema you created, but there is a practical size limit. Okta recommends a JSON schema size of 1 MB or less for best performance.</td> +</tr> +<tr> + <td><CopyableCode code="signOnMode" /></td> + <td><code>string</code></td> + <td>Authentication mode for the app | signOnMode | Description | | ---------- | ----------- | | AUTO_LOGIN | Secure Web Authentication (SWA) | | BASIC_AUTH | HTTP Basic Authentication with Okta Browser Plugin | | BOOKMARK | Just a bookmark (no-authentication) | | BROWSER_PLUGIN | Secure Web Authentication (SWA) with Okta Browser Plugin | | OPENID_CONNECT | Federated Authentication with OpenID Connect (OIDC) | | SAML_1_1 | Federated Authentication with SAML 1.1 WebSSO (not supported for custom apps) | | SAML_2_0 | Federated Authentication with SAML 2.0 WebSSO | | SECURE_PASSWORD_STORE | Secure Web Authentication (SWA) with POST (plugin not required) | | WS_FEDERATION | Federated Authentication with WS-Federation Passive Requestor Profile | Select the `signOnMode` for your custom app: </td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>App instance status</td> +</tr> +<tr> + <td><CopyableCode code="universalLogout" /></td> + <td><code>object</code></td> + <td><div class="x-lifecycle-container"><x-lifecycle class="oie"></x-lifecycle></div> Universal Logout properties for the app. These properties are only returned and can't be updated. (example: ACTIVE)</td> +</tr> +<tr> + <td><CopyableCode code="visibility" /></td> + <td><code>object</code></td> + <td>Specifies visibility settings for the app</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_policy_apps"><CopyableCode code="list_policy_apps" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all applications mapped to a policy identified by `policyId`<br /><br />> **Note:** Use [List all resources mapped to a Policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/#tag/Policy/operation/listPolicyMappings) to list all applications mapped to a policy.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_policy_apps" + values={[ + { label: 'list_policy_apps', value: 'list_policy_apps' } + ]} +> +<TabItem value="list_policy_apps"> + +Lists all applications mapped to a policy identified by `policyId`<br /><br />> **Note:** Use [List all resources mapped to a Policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/#tag/Policy/operation/listPolicyMappings) to list all applications mapped to a policy. + +```sql +SELECT +id, +_embedded, +_links, +accessibility, +created, +features, +label, +lastUpdated, +licensing, +orn, +profile, +signOnMode, +status, +universalLogout, +visibility +FROM okta.policies.policy_apps +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/policies/policy_mappings/index.md b/website/docs/services/policies/policy_mappings/index.md new file mode 100644 index 0000000..7d2acfe --- /dev/null +++ b/website/docs/services/policies/policy_mappings/index.md @@ -0,0 +1,240 @@ +--- +title: policy_mappings +hide_title: false +hide_table_of_contents: false +keywords: + - policy_mappings + - policies + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>policy_mappings</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>policy_mappings</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.policies.policy_mappings" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_policy_mappings" + values={[ + { label: 'list_policy_mappings', value: 'list_policy_mappings' }, + { label: 'get_policy_mapping', value: 'get_policy_mapping' } + ]} +> +<TabItem value="list_policy_mappings"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_policy_mapping"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_policy_mappings"><CopyableCode code="list_policy_mappings" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all resources mapped to a policy identified by `policyId`</td> +</tr> +<tr> + <td><a href="#get_policy_mapping"><CopyableCode code="get_policy_mapping" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a resource mapping for a policy identified by `policyId` and `mappingId`</td> +</tr> +<tr> + <td><a href="#delete_policy_resource_mapping"><CopyableCode code="delete_policy_resource_mapping" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes the resource mapping for a policy identified by `policyId` and `mappingId`</td> +</tr> +<tr> + <td><a href="#map_resource_to_policy"><CopyableCode code="map_resource_to_policy" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Maps a resource to a policy identified by `policyId`</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_policy_mappings" + values={[ + { label: 'list_policy_mappings', value: 'list_policy_mappings' }, + { label: 'get_policy_mapping', value: 'get_policy_mapping' } + ]} +> +<TabItem value="list_policy_mappings"> + +Lists all resources mapped to a policy identified by `policyId` + +```sql +SELECT +id, +_links +FROM okta.policies.policy_mappings +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +<TabItem value="get_policy_mapping"> + +Retrieves a resource mapping for a policy identified by `policyId` and `mappingId` + +```sql +SELECT +id, +_links +FROM okta.policies.policy_mappings +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_policy_resource_mapping" + values={[ + { label: 'delete_policy_resource_mapping', value: 'delete_policy_resource_mapping' } + ]} +> +<TabItem value="delete_policy_resource_mapping"> + +Deletes the resource mapping for a policy identified by `policyId` and `mappingId` + +```sql +DELETE FROM okta.policies.policy_mappings +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="map_resource_to_policy" + values={[ + { label: 'map_resource_to_policy', value: 'map_resource_to_policy' } + ]} +> +<TabItem value="map_resource_to_policy"> + +Maps a resource to a policy identified by `policyId` + +```sql +EXEC okta.policies.policy_mappings.map_resource_to_policy +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"resourceId": "{{ resourceId }}", +"resourceType": "{{ resourceType }}" +}'; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/policies/policy_rules/index.md b/website/docs/services/policies/policy_rules/index.md new file mode 100644 index 0000000..741504b --- /dev/null +++ b/website/docs/services/policies/policy_rules/index.md @@ -0,0 +1,481 @@ +--- +title: policy_rules +hide_title: false +hide_table_of_contents: false +keywords: + - policy_rules + - policies + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>policy_rules</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>policy_rules</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.policies.policy_rules" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_policy_rules" + values={[ + { label: 'list_policy_rules', value: 'list_policy_rules' }, + { label: 'get_policy_rule', value: 'get_policy_rule' } + ]} +> +<TabItem value="list_policy_rules"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Identifier for the rule</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Name of the rule</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the rule was created</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the rule was last modified</td> +</tr> +<tr> + <td><CopyableCode code="priority" /></td> + <td><code>integer</code></td> + <td>Priority of the rule</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Whether or not the rule is active. Use the `activate` query parameter to set the status of a rule.</td> +</tr> +<tr> + <td><CopyableCode code="system" /></td> + <td><code>boolean</code></td> + <td>Specifies whether Okta created the policy rule (`system=true`). You can't delete policy rules that have `system` set to `true`.</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Rule type</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_policy_rule"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Identifier for the rule</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Name of the rule</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the rule was created</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the rule was last modified</td> +</tr> +<tr> + <td><CopyableCode code="priority" /></td> + <td><code>integer</code></td> + <td>Priority of the rule</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Whether or not the rule is active. Use the `activate` query parameter to set the status of a rule.</td> +</tr> +<tr> + <td><CopyableCode code="system" /></td> + <td><code>boolean</code></td> + <td>Specifies whether Okta created the policy rule (`system=true`). You can't delete policy rules that have `system` set to `true`.</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Rule type</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_policy_rules"><CopyableCode code="list_policy_rules" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all policy rules</td> +</tr> +<tr> + <td><a href="#get_policy_rule"><CopyableCode code="get_policy_rule" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a policy rule</td> +</tr> +<tr> + <td><a href="#create_policy_rule"><CopyableCode code="create_policy_rule" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-activate"><code>activate</code></a></td> + <td>Creates a policy rule<br /><br />> **Note:** You can't create additional rules for the `PROFILE_ENROLLMENT` or `POST_AUTH_SESSION` policies.</td> +</tr> +<tr> + <td><a href="#replace_policy_rule"><CopyableCode code="replace_policy_rule" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces the properties for a policy rule identified by `policyId` and `ruleId`</td> +</tr> +<tr> + <td><a href="#delete_policy_rule"><CopyableCode code="delete_policy_rule" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a policy rule identified by `policyId` and `ruleId`</td> +</tr> +<tr> + <td><a href="#activate_policy_rule"><CopyableCode code="activate_policy_rule" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Activates a policy rule identified by `policyId` and `ruleId`</td> +</tr> +<tr> + <td><a href="#deactivate_policy_rule"><CopyableCode code="deactivate_policy_rule" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deactivates a policy rule identified by `policyId` and `ruleId`</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-activate"> + <td><CopyableCode code="activate" /></td> + <td><code>boolean</code></td> + <td>Set this parameter to `false` to create an `INACTIVE` rule.</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_policy_rules" + values={[ + { label: 'list_policy_rules', value: 'list_policy_rules' }, + { label: 'get_policy_rule', value: 'get_policy_rule' } + ]} +> +<TabItem value="list_policy_rules"> + +Lists all policy rules + +```sql +SELECT +id, +name, +_links, +created, +lastUpdated, +priority, +status, +system, +type +FROM okta.policies.policy_rules +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +<TabItem value="get_policy_rule"> + +Retrieves a policy rule + +```sql +SELECT +id, +name, +_links, +created, +lastUpdated, +priority, +status, +system, +type +FROM okta.policies.policy_rules +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_policy_rule" + values={[ + { label: 'create_policy_rule', value: 'create_policy_rule' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_policy_rule"> + +Creates a policy rule<br /><br />> **Note:** You can't create additional rules for the `PROFILE_ENROLLMENT` or `POST_AUTH_SESSION` policies. + +```sql +INSERT INTO okta.policies.policy_rules ( +data__name, +data__priority, +data__status, +data__system, +data__type, +subdomain, +activate +) +SELECT +'{{ name }}', +{{ priority }}, +'{{ status }}', +{{ system }}, +'{{ type }}', +'{{ subdomain }}', +'{{ activate }}' +RETURNING +id, +name, +_links, +created, +lastUpdated, +priority, +status, +system, +type +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: policy_rules + props: + - name: subdomain + value: string + description: Required parameter for the policy_rules resource. + - name: name + value: string + description: > + Name of the rule + + - name: priority + value: integer + description: > + Priority of the rule + + - name: status + value: string + description: > + Whether or not the rule is active. Use the `activate` query parameter to set the status of a rule. + + valid_values: ['ACTIVE', 'INACTIVE'] + - name: system + value: boolean + description: > + Specifies whether Okta created the policy rule (`system=true`). You can't delete policy rules that have `system` set to `true`. + + default: false + - name: type + value: string + description: > + Rule type + + valid_values: ['ACCESS_POLICY', 'DEVICE_SIGNAL_COLLECTION', 'ENTITY_RISK', 'IDP_DISCOVERY', 'MFA_ENROLL', 'PASSWORD', 'POST_AUTH_SESSION', 'PROFILE_ENROLLMENT', 'SIGN_ON'] + - name: activate + value: boolean + description: Set this parameter to `false` to create an `INACTIVE` rule. +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_policy_rule" + values={[ + { label: 'replace_policy_rule', value: 'replace_policy_rule' } + ]} +> +<TabItem value="replace_policy_rule"> + +Replaces the properties for a policy rule identified by `policyId` and `ruleId` + +```sql +REPLACE okta.policies.policy_rules +SET +data__name = '{{ name }}', +data__priority = {{ priority }}, +data__status = '{{ status }}', +data__system = {{ system }}, +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +created, +lastUpdated, +priority, +status, +system, +type; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_policy_rule" + values={[ + { label: 'delete_policy_rule', value: 'delete_policy_rule' } + ]} +> +<TabItem value="delete_policy_rule"> + +Deletes a policy rule identified by `policyId` and `ruleId` + +```sql +DELETE FROM okta.policies.policy_rules +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="activate_policy_rule" + values={[ + { label: 'activate_policy_rule', value: 'activate_policy_rule' }, + { label: 'deactivate_policy_rule', value: 'deactivate_policy_rule' } + ]} +> +<TabItem value="activate_policy_rule"> + +Activates a policy rule identified by `policyId` and `ruleId` + +```sql +EXEC okta.policies.policy_rules.activate_policy_rule +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="deactivate_policy_rule"> + +Deactivates a policy rule identified by `policyId` and `ruleId` + +```sql +EXEC okta.policies.policy_rules.deactivate_policy_rule +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/principal_rate_limits/index.md b/website/docs/services/principal_rate_limits/index.md new file mode 100644 index 0000000..62415a6 --- /dev/null +++ b/website/docs/services/principal_rate_limits/index.md @@ -0,0 +1,33 @@ +--- +title: principal_rate_limits +hide_title: false +hide_table_of_contents: false +keywords: + - principal_rate_limits + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +principal_rate_limits service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/principal_rate_limits/principal_rate_limit_entities/">principal_rate_limit_entities</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/principal_rate_limits/principal_rate_limit_entities/index.md b/website/docs/services/principal_rate_limits/principal_rate_limit_entities/index.md new file mode 100644 index 0000000..a02da9b --- /dev/null +++ b/website/docs/services/principal_rate_limits/principal_rate_limit_entities/index.md @@ -0,0 +1,420 @@ +--- +title: principal_rate_limit_entities +hide_title: false +hide_table_of_contents: false +keywords: + - principal_rate_limit_entities + - principal_rate_limits + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>principal_rate_limit_entities</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>principal_rate_limit_entities</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.principal_rate_limits.principal_rate_limit_entities" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_principal_rate_limit_entities" + values={[ + { label: 'list_principal_rate_limit_entities', value: 'list_principal_rate_limit_entities' }, + { label: 'get_principal_rate_limit_entity', value: 'get_principal_rate_limit_entity' } + ]} +> +<TabItem value="list_principal_rate_limit_entities"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>The unique identifier of the principle rate limit entity</td> +</tr> +<tr> + <td><CopyableCode code="createdBy" /></td> + <td><code>string</code></td> + <td>The Okta user ID of the user who created the principle rate limit entity</td> +</tr> +<tr> + <td><CopyableCode code="createdDate" /></td> + <td><code>string (date-time)</code></td> + <td>The date and time the principle rate limit entity was created</td> +</tr> +<tr> + <td><CopyableCode code="defaultConcurrencyPercentage" /></td> + <td><code>integer</code></td> + <td>The default percentage of a given concurrency limit threshold that the owning principal can consume</td> +</tr> +<tr> + <td><CopyableCode code="defaultPercentage" /></td> + <td><code>integer</code></td> + <td>The default percentage of a given rate limit threshold that the owning principal can consume</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdate" /></td> + <td><code>string (date-time)</code></td> + <td>The date and time the principle rate limit entity was last updated</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdatedBy" /></td> + <td><code>string</code></td> + <td>The Okta user ID of the user who last updated the principle rate limit entity</td> +</tr> +<tr> + <td><CopyableCode code="orgId" /></td> + <td><code>string</code></td> + <td>The unique identifier of the Okta org</td> +</tr> +<tr> + <td><CopyableCode code="principalId" /></td> + <td><code>string</code></td> + <td>The unique identifier of the principal. This is the ID of the API token or OAuth 2.0 app.</td> +</tr> +<tr> + <td><CopyableCode code="principalType" /></td> + <td><code>string</code></td> + <td>The type of principal, either an API token or an OAuth 2.0 app</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_principal_rate_limit_entity"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>The unique identifier of the principle rate limit entity</td> +</tr> +<tr> + <td><CopyableCode code="createdBy" /></td> + <td><code>string</code></td> + <td>The Okta user ID of the user who created the principle rate limit entity</td> +</tr> +<tr> + <td><CopyableCode code="createdDate" /></td> + <td><code>string (date-time)</code></td> + <td>The date and time the principle rate limit entity was created</td> +</tr> +<tr> + <td><CopyableCode code="defaultConcurrencyPercentage" /></td> + <td><code>integer</code></td> + <td>The default percentage of a given concurrency limit threshold that the owning principal can consume</td> +</tr> +<tr> + <td><CopyableCode code="defaultPercentage" /></td> + <td><code>integer</code></td> + <td>The default percentage of a given rate limit threshold that the owning principal can consume</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdate" /></td> + <td><code>string (date-time)</code></td> + <td>The date and time the principle rate limit entity was last updated</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdatedBy" /></td> + <td><code>string</code></td> + <td>The Okta user ID of the user who last updated the principle rate limit entity</td> +</tr> +<tr> + <td><CopyableCode code="orgId" /></td> + <td><code>string</code></td> + <td>The unique identifier of the Okta org</td> +</tr> +<tr> + <td><CopyableCode code="principalId" /></td> + <td><code>string</code></td> + <td>The unique identifier of the principal. This is the ID of the API token or OAuth 2.0 app.</td> +</tr> +<tr> + <td><CopyableCode code="principalType" /></td> + <td><code>string</code></td> + <td>The type of principal, either an API token or an OAuth 2.0 app</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_principal_rate_limit_entities"><CopyableCode code="list_principal_rate_limit_entities" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-filter"><code>filter</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a></td> + <td>Lists all Principal Rate Limit entities considering the provided parameters</td> +</tr> +<tr> + <td><a href="#get_principal_rate_limit_entity"><CopyableCode code="get_principal_rate_limit_entity" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a principal rate limit entity by `principalRateLimitId`</td> +</tr> +<tr> + <td><a href="#create_principal_rate_limit_entity"><CopyableCode code="create_principal_rate_limit_entity" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a new principal rate limit entity. Okta only allows one principal rate limit entity per org and principal.</td> +</tr> +<tr> + <td><a href="#replace_principal_rate_limit_entity"><CopyableCode code="replace_principal_rate_limit_entity" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces a principal rate limit entity by `principalRateLimitId`</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-filter"> + <td><CopyableCode code="filter" /></td> + <td><code>string</code></td> + <td>Filters the list of principal rate limit entities by the provided principal type (`principalType`). For example, `filter=principalType eq "SSWS_TOKEN"` or `filter=principalType eq "OAUTH_CLIENT"`.</td> +</tr> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It's an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer (int32)</code></td> + <td>Specifies the number of items to return in a single response page.</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_principal_rate_limit_entities" + values={[ + { label: 'list_principal_rate_limit_entities', value: 'list_principal_rate_limit_entities' }, + { label: 'get_principal_rate_limit_entity', value: 'get_principal_rate_limit_entity' } + ]} +> +<TabItem value="list_principal_rate_limit_entities"> + +Lists all Principal Rate Limit entities considering the provided parameters + +```sql +SELECT +id, +createdBy, +createdDate, +defaultConcurrencyPercentage, +defaultPercentage, +lastUpdate, +lastUpdatedBy, +orgId, +principalId, +principalType +FROM okta.principal_rate_limits.principal_rate_limit_entities +WHERE filter = '{{ filter }}' -- required +AND subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` +</TabItem> +<TabItem value="get_principal_rate_limit_entity"> + +Retrieves a principal rate limit entity by `principalRateLimitId` + +```sql +SELECT +id, +createdBy, +createdDate, +defaultConcurrencyPercentage, +defaultPercentage, +lastUpdate, +lastUpdatedBy, +orgId, +principalId, +principalType +FROM okta.principal_rate_limits.principal_rate_limit_entities +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_principal_rate_limit_entity" + values={[ + { label: 'create_principal_rate_limit_entity', value: 'create_principal_rate_limit_entity' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_principal_rate_limit_entity"> + +Creates a new principal rate limit entity. Okta only allows one principal rate limit entity per org and principal. + +```sql +INSERT INTO okta.principal_rate_limits.principal_rate_limit_entities ( +data__defaultConcurrencyPercentage, +data__defaultPercentage, +data__principalId, +data__principalType, +subdomain +) +SELECT +{{ defaultConcurrencyPercentage }}, +{{ defaultPercentage }}, +'{{ principalId }}' --required, +'{{ principalType }}' --required, +'{{ subdomain }}' +RETURNING +id, +createdBy, +createdDate, +defaultConcurrencyPercentage, +defaultPercentage, +lastUpdate, +lastUpdatedBy, +orgId, +principalId, +principalType +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: principal_rate_limit_entities + props: + - name: subdomain + value: string + description: Required parameter for the principal_rate_limit_entities resource. + - name: defaultConcurrencyPercentage + value: integer + description: > + The default percentage of a given concurrency limit threshold that the owning principal can consume + + - name: defaultPercentage + value: integer + description: > + The default percentage of a given rate limit threshold that the owning principal can consume + + - name: principalId + value: string + description: > + The unique identifier of the principal. This is the ID of the API token or OAuth 2.0 app. + + - name: principalType + value: string + description: > + The type of principal, either an API token or an OAuth 2.0 app + + valid_values: ['OAUTH_CLIENT', 'SSWS_TOKEN'] +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_principal_rate_limit_entity" + values={[ + { label: 'replace_principal_rate_limit_entity', value: 'replace_principal_rate_limit_entity' } + ]} +> +<TabItem value="replace_principal_rate_limit_entity"> + +Replaces a principal rate limit entity by `principalRateLimitId` + +```sql +REPLACE okta.principal_rate_limits.principal_rate_limit_entities +SET +data__defaultConcurrencyPercentage = {{ defaultConcurrencyPercentage }}, +data__defaultPercentage = {{ defaultPercentage }}, +data__principalId = '{{ principalId }}', +data__principalType = '{{ principalType }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__principalId = '{{ principalId }}' --required +AND data__principalType = '{{ principalType }}' --required +RETURNING +id, +createdBy, +createdDate, +defaultConcurrencyPercentage, +defaultPercentage, +lastUpdate, +lastUpdatedBy, +orgId, +principalId, +principalType; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/privileged_access/index.md b/website/docs/services/privileged_access/index.md new file mode 100644 index 0000000..7760c23 --- /dev/null +++ b/website/docs/services/privileged_access/index.md @@ -0,0 +1,33 @@ +--- +title: privileged_access +hide_title: false +hide_table_of_contents: false +keywords: + - privileged_access + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +privileged_access service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/privileged_access/service_accounts/">service_accounts</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/privileged_access/service_accounts/index.md b/website/docs/services/privileged_access/service_accounts/index.md new file mode 100644 index 0000000..b12a880 --- /dev/null +++ b/website/docs/services/privileged_access/service_accounts/index.md @@ -0,0 +1,527 @@ +--- +title: service_accounts +hide_title: false +hide_table_of_contents: false +keywords: + - service_accounts + - privileged_access + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>service_accounts</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>service_accounts</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.privileged_access.service_accounts" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_app_service_accounts" + values={[ + { label: 'list_app_service_accounts', value: 'list_app_service_accounts' }, + { label: 'get_app_service_account', value: 'get_app_service_account' } + ]} +> +<TabItem value="list_app_service_accounts"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string (regex)</code></td> + <td>The UUID of the app service account (pattern: (?i)^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$, example: a747a818-a4c4-4446-8a87-704216495a08)</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string (regex)</code></td> + <td>The user-defined name for the app service account (pattern: ^[\w\-_. ]+$, example: salesforce Prod-5 account)</td> +</tr> +<tr> + <td><CopyableCode code="containerGlobalName" /></td> + <td><code>string</code></td> + <td>The key name of the app in the Okta Integration Network (OIN) (example: salesforce)</td> +</tr> +<tr> + <td><CopyableCode code="containerInstanceName" /></td> + <td><code>string</code></td> + <td>The app instance label (example: salesforce Prod 5)</td> +</tr> +<tr> + <td><CopyableCode code="containerOrn" /></td> + <td><code>string</code></td> + <td>The [ORN](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#okta-resource-name-orn) of the relevant resource. Use the specific app ORN format (`orn:{partition}:idp:{yourOrgId}:apps:{appType}:{appId}`) to identify an Okta app instance in your org. (example: orn:okta:idp:00o1n8sbwArJ7OQRw406:apps:salesforce:0oa1gjh63g214q0Hq0g4)</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the app service account was created</td> +</tr> +<tr> + <td><CopyableCode code="description" /></td> + <td><code>string (regex)</code></td> + <td>The description of the app service account (example: This is for accessing salesforce Prod-5)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the app service account was last updated</td> +</tr> +<tr> + <td><CopyableCode code="ownerGroupIds" /></td> + <td><code>array</code></td> + <td>A list of IDs of the Okta groups who own the app service account</td> +</tr> +<tr> + <td><CopyableCode code="ownerUserIds" /></td> + <td><code>array</code></td> + <td>A list of IDs of the Okta users who own the app service account</td> +</tr> +<tr> + <td><CopyableCode code="password" /></td> + <td><code>string (password)</code></td> + <td>The app service account password. Required for apps that don't have provisioning enabled or don't support password synchronization.</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Describes the current status of an app service account (example: UNSECURED)</td> +</tr> +<tr> + <td><CopyableCode code="statusDetail" /></td> + <td><code>string</code></td> + <td>Describes the detailed status of an app service account (example: STAGED)</td> +</tr> +<tr> + <td><CopyableCode code="username" /></td> + <td><code>string</code></td> + <td>The username that serves as the direct link to your managed app account. Ensure that this value precisely matches the identifier of the target app account. (example: testuser-salesforce-5@example.com)</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_app_service_account"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string (regex)</code></td> + <td>The UUID of the app service account (pattern: (?i)^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$, example: a747a818-a4c4-4446-8a87-704216495a08)</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string (regex)</code></td> + <td>The user-defined name for the app service account (pattern: ^[\w\-_. ]+$, example: salesforce Prod-5 account)</td> +</tr> +<tr> + <td><CopyableCode code="containerGlobalName" /></td> + <td><code>string</code></td> + <td>The key name of the app in the Okta Integration Network (OIN) (example: salesforce)</td> +</tr> +<tr> + <td><CopyableCode code="containerInstanceName" /></td> + <td><code>string</code></td> + <td>The app instance label (example: salesforce Prod 5)</td> +</tr> +<tr> + <td><CopyableCode code="containerOrn" /></td> + <td><code>string</code></td> + <td>The [ORN](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#okta-resource-name-orn) of the relevant resource. Use the specific app ORN format (`orn:{partition}:idp:{yourOrgId}:apps:{appType}:{appId}`) to identify an Okta app instance in your org. (example: orn:okta:idp:00o1n8sbwArJ7OQRw406:apps:salesforce:0oa1gjh63g214q0Hq0g4)</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the app service account was created</td> +</tr> +<tr> + <td><CopyableCode code="description" /></td> + <td><code>string (regex)</code></td> + <td>The description of the app service account (example: This is for accessing salesforce Prod-5)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the app service account was last updated</td> +</tr> +<tr> + <td><CopyableCode code="ownerGroupIds" /></td> + <td><code>array</code></td> + <td>A list of IDs of the Okta groups who own the app service account</td> +</tr> +<tr> + <td><CopyableCode code="ownerUserIds" /></td> + <td><code>array</code></td> + <td>A list of IDs of the Okta users who own the app service account</td> +</tr> +<tr> + <td><CopyableCode code="password" /></td> + <td><code>string (password)</code></td> + <td>The app service account password. Required for apps that don't have provisioning enabled or don't support password synchronization.</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Describes the current status of an app service account (example: UNSECURED)</td> +</tr> +<tr> + <td><CopyableCode code="statusDetail" /></td> + <td><code>string</code></td> + <td>Describes the detailed status of an app service account (example: STAGED)</td> +</tr> +<tr> + <td><CopyableCode code="username" /></td> + <td><code>string</code></td> + <td>The username that serves as the direct link to your managed app account. Ensure that this value precisely matches the identifier of the target app account. (example: testuser-salesforce-5@example.com)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_app_service_accounts"><CopyableCode code="list_app_service_accounts" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-limit"><code>limit</code></a>, <a href="#parameter-after"><code>after</code></a>, <a href="#parameter-match"><code>match</code></a></td> + <td>Lists all app service accounts</td> +</tr> +<tr> + <td><a href="#get_app_service_account"><CopyableCode code="get_app_service_account" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves an app service account specified by ID</td> +</tr> +<tr> + <td><a href="#create_app_service_account"><CopyableCode code="create_app_service_account" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a new app service account for managing an app account</td> +</tr> +<tr> + <td><a href="#update_app_service_account"><CopyableCode code="update_app_service_account" /></a></td> + <td><CopyableCode code="update" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Updates an existing app service account specified by ID</td> +</tr> +<tr> + <td><a href="#delete_app_service_account"><CopyableCode code="delete_app_service_account" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes an app service account specified by ID</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer</code></td> + <td>A limit on the number of objects to return</td> +</tr> +<tr id="parameter-match"> + <td><CopyableCode code="match" /></td> + <td><code>string</code></td> + <td>Searches for app service accounts where the account name (`name`), username (`username`), app instance label (`containerInstanceName`), or OIN app key name (`containerGlobalName`) contains the given value</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_app_service_accounts" + values={[ + { label: 'list_app_service_accounts', value: 'list_app_service_accounts' }, + { label: 'get_app_service_account', value: 'get_app_service_account' } + ]} +> +<TabItem value="list_app_service_accounts"> + +Lists all app service accounts + +```sql +SELECT +id, +name, +containerGlobalName, +containerInstanceName, +containerOrn, +created, +description, +lastUpdated, +ownerGroupIds, +ownerUserIds, +password, +status, +statusDetail, +username +FROM okta.privileged_access.service_accounts +WHERE subdomain = '{{ subdomain }}' -- required +AND limit = '{{ limit }}' +AND after = '{{ after }}' +AND match = '{{ match }}'; +``` +</TabItem> +<TabItem value="get_app_service_account"> + +Retrieves an app service account specified by ID + +```sql +SELECT +id, +name, +containerGlobalName, +containerInstanceName, +containerOrn, +created, +description, +lastUpdated, +ownerGroupIds, +ownerUserIds, +password, +status, +statusDetail, +username +FROM okta.privileged_access.service_accounts +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_app_service_account" + values={[ + { label: 'create_app_service_account', value: 'create_app_service_account' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_app_service_account"> + +Creates a new app service account for managing an app account + +```sql +INSERT INTO okta.privileged_access.service_accounts ( +data__containerOrn, +data__description, +data__name, +data__ownerGroupIds, +data__ownerUserIds, +data__password, +data__username, +subdomain +) +SELECT +'{{ containerOrn }}' --required, +'{{ description }}', +'{{ name }}' --required, +'{{ ownerGroupIds }}', +'{{ ownerUserIds }}', +'{{ password }}', +'{{ username }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +containerGlobalName, +containerInstanceName, +containerOrn, +created, +description, +lastUpdated, +ownerGroupIds, +ownerUserIds, +password, +status, +statusDetail, +username +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: service_accounts + props: + - name: subdomain + value: string + description: Required parameter for the service_accounts resource. + - name: containerOrn + value: string + description: > + The [ORN](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#okta-resource-name-orn) of the relevant resource. + +Use the specific app ORN format (`orn:{partition}:idp:{yourOrgId}:apps:{appType}:{appId}`) to identify an Okta app instance in your org. + + - name: description + value: string + description: > + The description of the app service account + + - name: name + value: string + description: > + The user-defined name for the app service account + + - name: ownerGroupIds + value: array + description: > + A list of IDs of the Okta groups who own the app service account + + - name: ownerUserIds + value: array + description: > + A list of IDs of the Okta users who own the app service account + + - name: password + value: string + description: > + The app service account password. Required for apps that don't have provisioning enabled or don't support password synchronization. + + - name: username + value: string + description: > + The username that serves as the direct link to your managed app account. Ensure that this value precisely matches the identifier of the target app account. + +``` +</TabItem> +</Tabs> + + +## `UPDATE` examples + +<Tabs + defaultValue="update_app_service_account" + values={[ + { label: 'update_app_service_account', value: 'update_app_service_account' } + ]} +> +<TabItem value="update_app_service_account"> + +Updates an existing app service account specified by ID + +```sql +UPDATE okta.privileged_access.service_accounts +SET +data__description = '{{ description }}', +data__name = '{{ name }}', +data__ownerGroupIds = '{{ ownerGroupIds }}', +data__ownerUserIds = '{{ ownerUserIds }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +containerGlobalName, +containerInstanceName, +containerOrn, +created, +description, +lastUpdated, +ownerGroupIds, +ownerUserIds, +password, +status, +statusDetail, +username; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_app_service_account" + values={[ + { label: 'delete_app_service_account', value: 'delete_app_service_account' } + ]} +> +<TabItem value="delete_app_service_account"> + +Deletes an app service account specified by ID + +```sql +DELETE FROM okta.privileged_access.service_accounts +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/push_providers/index.md b/website/docs/services/push_providers/index.md new file mode 100644 index 0000000..f385869 --- /dev/null +++ b/website/docs/services/push_providers/index.md @@ -0,0 +1,33 @@ +--- +title: push_providers +hide_title: false +hide_table_of_contents: false +keywords: + - push_providers + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +push_providers service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/push_providers/push_providers/">push_providers</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/push_providers/push_providers/index.md b/website/docs/services/push_providers/push_providers/index.md new file mode 100644 index 0000000..8118c54 --- /dev/null +++ b/website/docs/services/push_providers/push_providers/index.md @@ -0,0 +1,344 @@ +--- +title: push_providers +hide_title: false +hide_table_of_contents: false +keywords: + - push_providers + - push_providers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>push_providers</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>push_providers</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.push_providers.push_providers" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_push_providers" + values={[ + { label: 'list_push_providers', value: 'list_push_providers' }, + { label: 'get_push_provider', value: 'get_push_provider' } + ]} +> +<TabItem value="list_push_providers"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique key for the Push Provider</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Display name of the push provider</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdatedDate" /></td> + <td><code>string</code></td> + <td>Timestamp when the Push Provider was last modified</td> +</tr> +<tr> + <td><CopyableCode code="providerType" /></td> + <td><code>string</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_push_provider"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique key for the Push Provider</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Display name of the push provider</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdatedDate" /></td> + <td><code>string</code></td> + <td>Timestamp when the Push Provider was last modified</td> +</tr> +<tr> + <td><CopyableCode code="providerType" /></td> + <td><code>string</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_push_providers"><CopyableCode code="list_push_providers" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-type"><code>type</code></a></td> + <td>Lists all push providers</td> +</tr> +<tr> + <td><a href="#get_push_provider"><CopyableCode code="get_push_provider" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a push provider by `pushProviderId`</td> +</tr> +<tr> + <td><a href="#create_push_provider"><CopyableCode code="create_push_provider" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a new push provider. Each Push Provider must have a unique `name`.</td> +</tr> +<tr> + <td><a href="#replace_push_provider"><CopyableCode code="replace_push_provider" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces a push provider by `pushProviderId`</td> +</tr> +<tr> + <td><a href="#delete_push_provider"><CopyableCode code="delete_push_provider" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a push provider by `pushProviderId`. If the push provider is currently being used in the org by a custom authenticator, the delete will not be allowed.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-type"> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Filters push providers by `providerType`</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_push_providers" + values={[ + { label: 'list_push_providers', value: 'list_push_providers' }, + { label: 'get_push_provider', value: 'get_push_provider' } + ]} +> +<TabItem value="list_push_providers"> + +Lists all push providers + +```sql +SELECT +id, +name, +_links, +lastUpdatedDate, +providerType +FROM okta.push_providers.push_providers +WHERE subdomain = '{{ subdomain }}' -- required +AND type = '{{ type }}'; +``` +</TabItem> +<TabItem value="get_push_provider"> + +Retrieves a push provider by `pushProviderId` + +```sql +SELECT +id, +name, +_links, +lastUpdatedDate, +providerType +FROM okta.push_providers.push_providers +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_push_provider" + values={[ + { label: 'create_push_provider', value: 'create_push_provider' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_push_provider"> + +Creates a new push provider. Each Push Provider must have a unique `name`. + +```sql +INSERT INTO okta.push_providers.push_providers ( +data__name, +data__providerType, +subdomain +) +SELECT +'{{ name }}', +'{{ providerType }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +lastUpdatedDate, +providerType +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: push_providers + props: + - name: subdomain + value: string + description: Required parameter for the push_providers resource. + - name: name + value: string + description: > + Display name of the push provider + + - name: providerType + value: string + valid_values: ['APNS', 'FCM'] +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_push_provider" + values={[ + { label: 'replace_push_provider', value: 'replace_push_provider' } + ]} +> +<TabItem value="replace_push_provider"> + +Replaces a push provider by `pushProviderId` + +```sql +REPLACE okta.push_providers.push_providers +SET +data__name = '{{ name }}', +data__providerType = '{{ providerType }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +lastUpdatedDate, +providerType; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_push_provider" + values={[ + { label: 'delete_push_provider', value: 'delete_push_provider' } + ]} +> +<TabItem value="delete_push_provider"> + +Deletes a push provider by `pushProviderId`. If the push provider is currently being used in the org by a custom authenticator, the delete will not be allowed. + +```sql +DELETE FROM okta.push_providers.push_providers +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/rate_limit_settings/admin_notifications/index.md b/website/docs/services/rate_limit_settings/admin_notifications/index.md new file mode 100644 index 0000000..ce67da3 --- /dev/null +++ b/website/docs/services/rate_limit_settings/admin_notifications/index.md @@ -0,0 +1,159 @@ +--- +title: admin_notifications +hide_title: false +hide_table_of_contents: false +keywords: + - admin_notifications + - rate_limit_settings + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an <code>admin_notifications</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>admin_notifications</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.rate_limit_settings.admin_notifications" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_rate_limit_settings_admin_notifications" + values={[ + { label: 'get_rate_limit_settings_admin_notifications', value: 'get_rate_limit_settings_admin_notifications' } + ]} +> +<TabItem value="get_rate_limit_settings_admin_notifications"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="notificationsEnabled" /></td> + <td><code>boolean</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_rate_limit_settings_admin_notifications"><CopyableCode code="get_rate_limit_settings_admin_notifications" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the currently configured Rate Limit Admin Notification Settings</td> +</tr> +<tr> + <td><a href="#replace_rate_limit_settings_admin_notifications"><CopyableCode code="replace_rate_limit_settings_admin_notifications" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces the Rate Limit Admin Notification Settings and returns the configured properties</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_rate_limit_settings_admin_notifications" + values={[ + { label: 'get_rate_limit_settings_admin_notifications', value: 'get_rate_limit_settings_admin_notifications' } + ]} +> +<TabItem value="get_rate_limit_settings_admin_notifications"> + +Retrieves the currently configured Rate Limit Admin Notification Settings + +```sql +SELECT +notificationsEnabled +FROM okta.rate_limit_settings.admin_notifications +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_rate_limit_settings_admin_notifications" + values={[ + { label: 'replace_rate_limit_settings_admin_notifications', value: 'replace_rate_limit_settings_admin_notifications' } + ]} +> +<TabItem value="replace_rate_limit_settings_admin_notifications"> + +Replaces the Rate Limit Admin Notification Settings and returns the configured properties + +```sql +REPLACE okta.rate_limit_settings.admin_notifications +SET +data__notificationsEnabled = {{ notificationsEnabled }} +WHERE +subdomain = '{{ subdomain }}' --required +AND data__notificationsEnabled = {{ notificationsEnabled }} --required +RETURNING +notificationsEnabled; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/rate_limit_settings/index.md b/website/docs/services/rate_limit_settings/index.md new file mode 100644 index 0000000..85289be --- /dev/null +++ b/website/docs/services/rate_limit_settings/index.md @@ -0,0 +1,34 @@ +--- +title: rate_limit_settings +hide_title: false +hide_table_of_contents: false +keywords: + - rate_limit_settings + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +rate_limit_settings service documentation. + +:::info[Service Summary] + +total resources: __3__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/rate_limit_settings/admin_notifications/">admin_notifications</a><br /> +<a href="/services/rate_limit_settings/rate_limit_settings_per_client/">rate_limit_settings_per_client</a> +</div> +<div class="providerDocColumn"> +<a href="/services/rate_limit_settings/warning_thresholds/">warning_thresholds</a> +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/rate_limit_settings/rate_limit_settings_per_client/index.md b/website/docs/services/rate_limit_settings/rate_limit_settings_per_client/index.md new file mode 100644 index 0000000..da2619b --- /dev/null +++ b/website/docs/services/rate_limit_settings/rate_limit_settings_per_client/index.md @@ -0,0 +1,167 @@ +--- +title: rate_limit_settings_per_client +hide_title: false +hide_table_of_contents: false +keywords: + - rate_limit_settings_per_client + - rate_limit_settings + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>rate_limit_settings_per_client</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>rate_limit_settings_per_client</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.rate_limit_settings.rate_limit_settings_per_client" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_rate_limit_settings_per_client" + values={[ + { label: 'get_rate_limit_settings_per_client', value: 'get_rate_limit_settings_per_client' } + ]} +> +<TabItem value="get_rate_limit_settings_per_client"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="defaultMode" /></td> + <td><code>string</code></td> + <td>The default PerClientRateLimitMode that applies to any use case in the absence of a more specific override</td> +</tr> +<tr> + <td><CopyableCode code="useCaseModeOverrides" /></td> + <td><code>object</code></td> + <td>A map of Per-Client Rate Limit Use Case to the applicable PerClientRateLimitMode. Overrides the `defaultMode` property for the specified use cases.</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_rate_limit_settings_per_client"><CopyableCode code="get_rate_limit_settings_per_client" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the currently configured Per-Client Rate Limit Settings</td> +</tr> +<tr> + <td><a href="#replace_rate_limit_settings_per_client"><CopyableCode code="replace_rate_limit_settings_per_client" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces the Per-Client Rate Limit Settings and returns the configured properties</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_rate_limit_settings_per_client" + values={[ + { label: 'get_rate_limit_settings_per_client', value: 'get_rate_limit_settings_per_client' } + ]} +> +<TabItem value="get_rate_limit_settings_per_client"> + +Retrieves the currently configured Per-Client Rate Limit Settings + +```sql +SELECT +defaultMode, +useCaseModeOverrides +FROM okta.rate_limit_settings.rate_limit_settings_per_client +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_rate_limit_settings_per_client" + values={[ + { label: 'replace_rate_limit_settings_per_client', value: 'replace_rate_limit_settings_per_client' } + ]} +> +<TabItem value="replace_rate_limit_settings_per_client"> + +Replaces the Per-Client Rate Limit Settings and returns the configured properties + +```sql +REPLACE okta.rate_limit_settings.rate_limit_settings_per_client +SET +data__defaultMode = '{{ defaultMode }}', +data__useCaseModeOverrides = '{{ useCaseModeOverrides }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__defaultMode = '{{ defaultMode }}' --required +RETURNING +defaultMode, +useCaseModeOverrides; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/rate_limit_settings/warning_thresholds/index.md b/website/docs/services/rate_limit_settings/warning_thresholds/index.md new file mode 100644 index 0000000..4583e2d --- /dev/null +++ b/website/docs/services/rate_limit_settings/warning_thresholds/index.md @@ -0,0 +1,159 @@ +--- +title: warning_thresholds +hide_title: false +hide_table_of_contents: false +keywords: + - warning_thresholds + - rate_limit_settings + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>warning_thresholds</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>warning_thresholds</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.rate_limit_settings.warning_thresholds" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_rate_limit_settings_warning_threshold" + values={[ + { label: 'get_rate_limit_settings_warning_threshold', value: 'get_rate_limit_settings_warning_threshold' } + ]} +> +<TabItem value="get_rate_limit_settings_warning_threshold"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="warningThreshold" /></td> + <td><code>integer</code></td> + <td>The threshold value (percentage) of a rate limit that, when exceeded, triggers a warning notification. By default, this value is 90 for Workforce orgs and 60 for CIAM orgs.</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_rate_limit_settings_warning_threshold"><CopyableCode code="get_rate_limit_settings_warning_threshold" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the currently configured threshold for warning notifications when the API's rate limit is exceeded</td> +</tr> +<tr> + <td><a href="#replace_rate_limit_settings_warning_threshold"><CopyableCode code="replace_rate_limit_settings_warning_threshold" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces the Rate Limit Warning Threshold Percentage and returns the configured property</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_rate_limit_settings_warning_threshold" + values={[ + { label: 'get_rate_limit_settings_warning_threshold', value: 'get_rate_limit_settings_warning_threshold' } + ]} +> +<TabItem value="get_rate_limit_settings_warning_threshold"> + +Retrieves the currently configured threshold for warning notifications when the API's rate limit is exceeded + +```sql +SELECT +warningThreshold +FROM okta.rate_limit_settings.warning_thresholds +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_rate_limit_settings_warning_threshold" + values={[ + { label: 'replace_rate_limit_settings_warning_threshold', value: 'replace_rate_limit_settings_warning_threshold' } + ]} +> +<TabItem value="replace_rate_limit_settings_warning_threshold"> + +Replaces the Rate Limit Warning Threshold Percentage and returns the configured property + +```sql +REPLACE okta.rate_limit_settings.warning_thresholds +SET +data__warningThreshold = {{ warningThreshold }} +WHERE +subdomain = '{{ subdomain }}' --required +AND data__warningThreshold = '{{ warningThreshold }}' --required +RETURNING +warningThreshold; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/realm_assignments/index.md b/website/docs/services/realm_assignments/index.md new file mode 100644 index 0000000..4d6970f --- /dev/null +++ b/website/docs/services/realm_assignments/index.md @@ -0,0 +1,33 @@ +--- +title: realm_assignments +hide_title: false +hide_table_of_contents: false +keywords: + - realm_assignments + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +realm_assignments service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/realm_assignments/realm_assignment_operations/">realm_assignment_operations</a> +</div> +<div class="providerDocColumn"> +<a href="/services/realm_assignments/realm_assignments/">realm_assignments</a> +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/realm_assignments/realm_assignment_operations/index.md b/website/docs/services/realm_assignments/realm_assignment_operations/index.md new file mode 100644 index 0000000..d9f938a --- /dev/null +++ b/website/docs/services/realm_assignments/realm_assignment_operations/index.md @@ -0,0 +1,198 @@ +--- +title: realm_assignment_operations +hide_title: false +hide_table_of_contents: false +keywords: + - realm_assignment_operations + - realm_assignments + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>realm_assignment_operations</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>realm_assignment_operations</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.realm_assignments.realm_assignment_operations" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_realm_assignment_operations" + values={[ + { label: 'list_realm_assignment_operations', value: 'list_realm_assignment_operations' } + ]} +> +<TabItem value="list_realm_assignment_operations"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>ID of the realm</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="assignmentOperation" /></td> + <td><code>object</code></td> + <td>Definition of the realm assignment operation</td> +</tr> +<tr> + <td><CopyableCode code="completed" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the realm assignment operation completed</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the realm assignment operation was created</td> +</tr> +<tr> + <td><CopyableCode code="numUserMoved" /></td> + <td><code>number</code></td> + <td>Number of users moved</td> +</tr> +<tr> + <td><CopyableCode code="realmId" /></td> + <td><code>string</code></td> + <td>ID of the realm</td> +</tr> +<tr> + <td><CopyableCode code="realmName" /></td> + <td><code>string</code></td> + <td>Name of the realm</td> +</tr> +<tr> + <td><CopyableCode code="started" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the realm assignment operation started</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Current status of the operation</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Realm type</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_realm_assignment_operations"><CopyableCode code="list_realm_assignment_operations" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-limit"><code>limit</code></a>, <a href="#parameter-after"><code>after</code></a></td> + <td>Lists all realm assignment operations. The upper limit is 200 and operations are sorted in descending order from most recent to oldest by ID.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer</code></td> + <td>A limit on the number of objects to return</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_realm_assignment_operations" + values={[ + { label: 'list_realm_assignment_operations', value: 'list_realm_assignment_operations' } + ]} +> +<TabItem value="list_realm_assignment_operations"> + +Lists all realm assignment operations. The upper limit is 200 and operations are sorted in descending order from most recent to oldest by ID. + +```sql +SELECT +id, +_links, +assignmentOperation, +completed, +created, +numUserMoved, +realmId, +realmName, +started, +status, +type +FROM okta.realm_assignments.realm_assignment_operations +WHERE subdomain = '{{ subdomain }}' -- required +AND limit = '{{ limit }}' +AND after = '{{ after }}'; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/realm_assignments/realm_assignments/index.md b/website/docs/services/realm_assignments/realm_assignments/index.md new file mode 100644 index 0000000..d8c2419 --- /dev/null +++ b/website/docs/services/realm_assignments/realm_assignments/index.md @@ -0,0 +1,520 @@ +--- +title: realm_assignments +hide_title: false +hide_table_of_contents: false +keywords: + - realm_assignments + - realm_assignments + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>realm_assignments</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>realm_assignments</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.realm_assignments.realm_assignments" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_realm_assignments" + values={[ + { label: 'list_realm_assignments', value: 'list_realm_assignments' }, + { label: 'get_realm_assignment', value: 'get_realm_assignment' } + ]} +> +<TabItem value="list_realm_assignments"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique ID of the realm assignment</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Name of the realm</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="actions" /></td> + <td><code>object</code></td> + <td>Action to apply to a user</td> +</tr> +<tr> + <td><CopyableCode code="conditions" /></td> + <td><code>object</code></td> + <td>Conditions of applying realm assignment</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the realm assignment was created</td> +</tr> +<tr> + <td><CopyableCode code="domains" /></td> + <td><code>array</code></td> + <td>Array of allowed domains. No user in this realm can be created or updated unless they have a username and email from one of these domains. The following characters aren't allowed in the domain name: `!$%^&()=*+,:;<>'[]|/?\`</td> +</tr> +<tr> + <td><CopyableCode code="isDefault" /></td> + <td><code>boolean</code></td> + <td>Indicates the default realm. Existing users will start out in the default realm and can be moved individually to other realms.</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp of when the realm assignment was updated</td> +</tr> +<tr> + <td><CopyableCode code="priority" /></td> + <td><code>integer</code></td> + <td>The priority of the realm assignment. The lower the number, the higher the priority. This helps resolve conflicts between realm assignments. > **Note:** When you create realm assignments in bulk, realm assignment priorities must be unique.</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_realm_assignment"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique ID of the realm assignment</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Name of the realm</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="actions" /></td> + <td><code>object</code></td> + <td>Action to apply to a user</td> +</tr> +<tr> + <td><CopyableCode code="conditions" /></td> + <td><code>object</code></td> + <td>Conditions of applying realm assignment</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the realm assignment was created</td> +</tr> +<tr> + <td><CopyableCode code="domains" /></td> + <td><code>array</code></td> + <td>Array of allowed domains. No user in this realm can be created or updated unless they have a username and email from one of these domains. The following characters aren't allowed in the domain name: `!$%^&()=*+,:;<>'[]|/?\`</td> +</tr> +<tr> + <td><CopyableCode code="isDefault" /></td> + <td><code>boolean</code></td> + <td>Indicates the default realm. Existing users will start out in the default realm and can be moved individually to other realms.</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp of when the realm assignment was updated</td> +</tr> +<tr> + <td><CopyableCode code="priority" /></td> + <td><code>integer</code></td> + <td>The priority of the realm assignment. The lower the number, the higher the priority. This helps resolve conflicts between realm assignments. > **Note:** When you create realm assignments in bulk, realm assignment priorities must be unique.</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_realm_assignments"><CopyableCode code="list_realm_assignments" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-limit"><code>limit</code></a>, <a href="#parameter-after"><code>after</code></a></td> + <td>Lists all realm assignments</td> +</tr> +<tr> + <td><a href="#get_realm_assignment"><CopyableCode code="get_realm_assignment" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a realm assignment</td> +</tr> +<tr> + <td><a href="#create_realm_assignment"><CopyableCode code="create_realm_assignment" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a new realm assignment</td> +</tr> +<tr> + <td><a href="#replace_realm_assignment"><CopyableCode code="replace_realm_assignment" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces a realm assignment</td> +</tr> +<tr> + <td><a href="#delete_realm_assignment"><CopyableCode code="delete_realm_assignment" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a realm assignment</td> +</tr> +<tr> + <td><a href="#execute_realm_assignment"><CopyableCode code="execute_realm_assignment" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Executes a realm assignment</td> +</tr> +<tr> + <td><a href="#activate_realm_assignment"><CopyableCode code="activate_realm_assignment" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Activates a realm assignment</td> +</tr> +<tr> + <td><a href="#deactivate_realm_assignment"><CopyableCode code="deactivate_realm_assignment" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deactivates a realm assignment</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor used for pagination. It represents the priority of the last realm assignment returned in the previous fetch operation.</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer</code></td> + <td>A limit on the number of objects to return</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_realm_assignments" + values={[ + { label: 'list_realm_assignments', value: 'list_realm_assignments' }, + { label: 'get_realm_assignment', value: 'get_realm_assignment' } + ]} +> +<TabItem value="list_realm_assignments"> + +Lists all realm assignments + +```sql +SELECT +id, +name, +_links, +actions, +conditions, +created, +domains, +isDefault, +lastUpdated, +priority, +status +FROM okta.realm_assignments.realm_assignments +WHERE subdomain = '{{ subdomain }}' -- required +AND limit = '{{ limit }}' +AND after = '{{ after }}'; +``` +</TabItem> +<TabItem value="get_realm_assignment"> + +Retrieves a realm assignment + +```sql +SELECT +id, +name, +_links, +actions, +conditions, +created, +domains, +isDefault, +lastUpdated, +priority, +status +FROM okta.realm_assignments.realm_assignments +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_realm_assignment" + values={[ + { label: 'create_realm_assignment', value: 'create_realm_assignment' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_realm_assignment"> + +Creates a new realm assignment + +```sql +INSERT INTO okta.realm_assignments.realm_assignments ( +data__actions, +data__conditions, +data__name, +data__priority, +subdomain +) +SELECT +'{{ actions }}', +'{{ conditions }}', +'{{ name }}', +{{ priority }}, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +actions, +conditions, +created, +domains, +isDefault, +lastUpdated, +priority, +status +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: realm_assignments + props: + - name: subdomain + value: string + description: Required parameter for the realm_assignments resource. + - name: actions + value: object + description: > + Action to apply to a user + + - name: conditions + value: object + description: > + Conditions of applying realm assignment + + - name: name + value: string + description: > + Name of the realm + + - name: priority + value: integer + description: > + The priority of the realm assignment. The lower the number, the higher the priority. This helps resolve conflicts between realm assignments. +> **Note:** When you create realm assignments in bulk, realm assignment priorities must be unique. + +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_realm_assignment" + values={[ + { label: 'replace_realm_assignment', value: 'replace_realm_assignment' } + ]} +> +<TabItem value="replace_realm_assignment"> + +Replaces a realm assignment + +```sql +REPLACE okta.realm_assignments.realm_assignments +SET +data__actions = '{{ actions }}', +data__conditions = '{{ conditions }}', +data__name = '{{ name }}', +data__priority = {{ priority }} +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +actions, +conditions, +created, +domains, +isDefault, +lastUpdated, +priority, +status; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_realm_assignment" + values={[ + { label: 'delete_realm_assignment', value: 'delete_realm_assignment' } + ]} +> +<TabItem value="delete_realm_assignment"> + +Deletes a realm assignment + +```sql +DELETE FROM okta.realm_assignments.realm_assignments +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="execute_realm_assignment" + values={[ + { label: 'execute_realm_assignment', value: 'execute_realm_assignment' }, + { label: 'activate_realm_assignment', value: 'activate_realm_assignment' }, + { label: 'deactivate_realm_assignment', value: 'deactivate_realm_assignment' } + ]} +> +<TabItem value="execute_realm_assignment"> + +Executes a realm assignment + +```sql +EXEC okta.realm_assignments.realm_assignments.execute_realm_assignment +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"assignmentId": "{{ assignmentId }}" +}'; +``` +</TabItem> +<TabItem value="activate_realm_assignment"> + +Activates a realm assignment + +```sql +EXEC okta.realm_assignments.realm_assignments.activate_realm_assignment +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="deactivate_realm_assignment"> + +Deactivates a realm assignment + +```sql +EXEC okta.realm_assignments.realm_assignments.deactivate_realm_assignment +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/realms/index.md b/website/docs/services/realms/index.md new file mode 100644 index 0000000..69b4ac3 --- /dev/null +++ b/website/docs/services/realms/index.md @@ -0,0 +1,33 @@ +--- +title: realms +hide_title: false +hide_table_of_contents: false +keywords: + - realms + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +realms service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/realms/realms/">realms</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/realms/realms/index.md b/website/docs/services/realms/realms/index.md new file mode 100644 index 0000000..d2f543f --- /dev/null +++ b/website/docs/services/realms/realms/index.md @@ -0,0 +1,375 @@ +--- +title: realms +hide_title: false +hide_table_of_contents: false +keywords: + - realms + - realms + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>realms</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>realms</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.realms.realms" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_realms" + values={[ + { label: 'list_realms', value: 'list_realms' }, + { label: 'get_realm', value: 'get_realm' } + ]} +> +<TabItem value="list_realms"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique ID for the realm</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the realm was created</td> +</tr> +<tr> + <td><CopyableCode code="isDefault" /></td> + <td><code>boolean</code></td> + <td>Indicates the default realm. Existing users will start out in the default realm and can be moved to other realms individually or through realm assignments. See [Realms Assignments API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RealmAssignment/).</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the realm was updated</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code>object</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_realm"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique ID for the realm</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the realm was created</td> +</tr> +<tr> + <td><CopyableCode code="isDefault" /></td> + <td><code>boolean</code></td> + <td>Indicates the default realm. Existing users will start out in the default realm and can be moved to other realms individually or through realm assignments. See [Realms Assignments API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RealmAssignment/).</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the realm was updated</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code>object</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_realms"><CopyableCode code="list_realms" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-limit"><code>limit</code></a>, <a href="#parameter-after"><code>after</code></a>, <a href="#parameter-search"><code>search</code></a>, <a href="#parameter-sortBy"><code>sortBy</code></a>, <a href="#parameter-sortOrder"><code>sortOrder</code></a></td> + <td>Lists all Realms</td> +</tr> +<tr> + <td><a href="#get_realm"><CopyableCode code="get_realm" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a realm</td> +</tr> +<tr> + <td><a href="#create_realm"><CopyableCode code="create_realm" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a new realm</td> +</tr> +<tr> + <td><a href="#replace_realm"><CopyableCode code="replace_realm" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces the realm profile</td> +</tr> +<tr> + <td><a href="#delete_realm"><CopyableCode code="delete_realm" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a realm permanently. This operation can only be performed after disassociating other entities like users and identity providers from a realm.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer (int32)</code></td> + <td>Specifies the number of results returned. Defaults to 10 if `search` is provided.</td> +</tr> +<tr id="parameter-search"> + <td><CopyableCode code="search" /></td> + <td><code>string</code></td> + <td>Searches for realms with a supported filtering expression for most properties. Searches for realms can be filtered by the contains (`co`) operator. You can only use `co` with the `profile.name` property. See [Operators](https://developer.okta.com/docs/api/#operators).</td> +</tr> +<tr id="parameter-sortBy"> + <td><CopyableCode code="sortBy" /></td> + <td><code>string</code></td> + <td>Specifies the field to sort by and can be any single property (for search queries only)</td> +</tr> +<tr id="parameter-sortOrder"> + <td><CopyableCode code="sortOrder" /></td> + <td><code>string</code></td> + <td>Specifies the sort order: `asc` or `desc` (for search queries only). This parameter is ignored if `sortBy` isn't present.</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_realms" + values={[ + { label: 'list_realms', value: 'list_realms' }, + { label: 'get_realm', value: 'get_realm' } + ]} +> +<TabItem value="list_realms"> + +Lists all Realms + +```sql +SELECT +id, +_links, +created, +isDefault, +lastUpdated, +profile +FROM okta.realms.realms +WHERE subdomain = '{{ subdomain }}' -- required +AND limit = '{{ limit }}' +AND after = '{{ after }}' +AND search = '{{ search }}' +AND sortBy = '{{ sortBy }}' +AND sortOrder = '{{ sortOrder }}'; +``` +</TabItem> +<TabItem value="get_realm"> + +Retrieves a realm + +```sql +SELECT +id, +_links, +created, +isDefault, +lastUpdated, +profile +FROM okta.realms.realms +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_realm" + values={[ + { label: 'create_realm', value: 'create_realm' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_realm"> + +Creates a new realm + +```sql +INSERT INTO okta.realms.realms ( +data__profile, +subdomain +) +SELECT +'{{ profile }}', +'{{ subdomain }}' +RETURNING +id, +_links, +created, +isDefault, +lastUpdated, +profile +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: realms + props: + - name: subdomain + value: string + description: Required parameter for the realms resource. + - name: profile + value: object +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_realm" + values={[ + { label: 'replace_realm', value: 'replace_realm' } + ]} +> +<TabItem value="replace_realm"> + +Replaces the realm profile + +```sql +REPLACE okta.realms.realms +SET +data__profile = '{{ profile }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +_links, +created, +isDefault, +lastUpdated, +profile; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_realm" + values={[ + { label: 'delete_realm', value: 'delete_realm' } + ]} +> +<TabItem value="delete_realm"> + +Deletes a realm permanently. This operation can only be performed after disassociating other entities like users and identity providers from a realm. + +```sql +DELETE FROM okta.realms.realms +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/risk/index.md b/website/docs/services/risk/index.md new file mode 100644 index 0000000..2881d99 --- /dev/null +++ b/website/docs/services/risk/index.md @@ -0,0 +1,33 @@ +--- +title: risk +hide_title: false +hide_table_of_contents: false +keywords: + - risk + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +risk service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/risk/risk_events/">risk_events</a> +</div> +<div class="providerDocColumn"> +<a href="/services/risk/risk_providers/">risk_providers</a> +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/risk/risk_events/index.md b/website/docs/services/risk/risk_events/index.md new file mode 100644 index 0000000..adf6edc --- /dev/null +++ b/website/docs/services/risk/risk_events/index.md @@ -0,0 +1,100 @@ +--- +title: risk_events +hide_title: false +hide_table_of_contents: false +keywords: + - risk_events + - risk + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>risk_events</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>risk_events</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.risk.risk_events" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#send_risk_events"><CopyableCode code="send_risk_events" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Sends multiple IP risk events to Okta.<br />This request is used by a third-party risk provider to send IP risk events to Okta. The third-party risk provider needs to be registered with Okta before they can send events to Okta. See [Risk Providers](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RiskProvider/).<br />This API has a rate limit of 30 requests per minute. You can include multiple risk events (up to a maximum of 20 events) in a single payload to reduce the number of API calls. Prioritize sending high risk signals if you have a burst of signals to send that would exceed the maximum request limits.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## Lifecycle Methods + +<Tabs + defaultValue="send_risk_events" + values={[ + { label: 'send_risk_events', value: 'send_risk_events' } + ]} +> +<TabItem value="send_risk_events"> + +Sends multiple IP risk events to Okta.<br />This request is used by a third-party risk provider to send IP risk events to Okta. The third-party risk provider needs to be registered with Okta before they can send events to Okta. See [Risk Providers](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RiskProvider/).<br />This API has a rate limit of 30 requests per minute. You can include multiple risk events (up to a maximum of 20 events) in a single payload to reduce the number of API calls. Prioritize sending high risk signals if you have a burst of signals to send that would exceed the maximum request limits. + +```sql +EXEC okta.risk.risk_events.send_risk_events +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/risk/risk_providers/index.md b/website/docs/services/risk/risk_providers/index.md new file mode 100644 index 0000000..4e13861 --- /dev/null +++ b/website/docs/services/risk/risk_providers/index.md @@ -0,0 +1,381 @@ +--- +title: risk_providers +hide_title: false +hide_table_of_contents: false +keywords: + - risk_providers + - risk + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>risk_providers</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>risk_providers</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.risk.risk_providers" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_risk_providers" + values={[ + { label: 'list_risk_providers', value: 'list_risk_providers' }, + { label: 'get_risk_provider', value: 'get_risk_provider' } + ]} +> +<TabItem value="list_risk_providers"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>The ID of the risk provider object (example: 00rp12r4skkjkjgsn)</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Name of the risk provider (example: Risk-Partner-X)</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="action" /></td> + <td><code>string</code></td> + <td>Action taken by Okta during authentication attempts based on the risk events sent by this provider (default: log_only)</td> +</tr> +<tr> + <td><CopyableCode code="clientId" /></td> + <td><code>string</code></td> + <td>The ID of the [OAuth 2.0 service app](https://developer.okta.com/docs/guides/implement-oauth-for-okta-serviceapp/main/#create-a-service-app-and-grant-scopes) that's used to send risk events to Okta (example: 00cjkjjkkgjkdkjdkkljjsd)</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the risk provider object was created (example: 2021-01-05 22:18:30)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the risk provider object was last updated (example: 2021-01-05 22:18:30)</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_risk_provider"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>The ID of the risk provider object (example: 00rp12r4skkjkjgsn)</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Name of the risk provider (example: Risk-Partner-X)</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="action" /></td> + <td><code>string</code></td> + <td>Action taken by Okta during authentication attempts based on the risk events sent by this provider (default: log_only)</td> +</tr> +<tr> + <td><CopyableCode code="clientId" /></td> + <td><code>string</code></td> + <td>The ID of the [OAuth 2.0 service app](https://developer.okta.com/docs/guides/implement-oauth-for-okta-serviceapp/main/#create-a-service-app-and-grant-scopes) that's used to send risk events to Okta (example: 00cjkjjkkgjkdkjdkkljjsd)</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the risk provider object was created (example: 2021-01-05 22:18:30)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the risk provider object was last updated (example: 2021-01-05 22:18:30)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_risk_providers"><CopyableCode code="list_risk_providers" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all risk provider objects</td> +</tr> +<tr> + <td><a href="#get_risk_provider"><CopyableCode code="get_risk_provider" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a risk provider object by ID</td> +</tr> +<tr> + <td><a href="#create_risk_provider"><CopyableCode code="create_risk_provider" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a risk provider object. You can create a maximum of three risk provider objects.</td> +</tr> +<tr> + <td><a href="#replace_risk_provider"><CopyableCode code="replace_risk_provider" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces the properties for a given risk provider object ID</td> +</tr> +<tr> + <td><a href="#delete_risk_provider"><CopyableCode code="delete_risk_provider" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a risk provider object by its ID</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_risk_providers" + values={[ + { label: 'list_risk_providers', value: 'list_risk_providers' }, + { label: 'get_risk_provider', value: 'get_risk_provider' } + ]} +> +<TabItem value="list_risk_providers"> + +Lists all risk provider objects + +```sql +SELECT +id, +name, +_links, +action, +clientId, +created, +lastUpdated +FROM okta.risk.risk_providers +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +<TabItem value="get_risk_provider"> + +Retrieves a risk provider object by ID + +```sql +SELECT +id, +name, +_links, +action, +clientId, +created, +lastUpdated +FROM okta.risk.risk_providers +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_risk_provider" + values={[ + { label: 'create_risk_provider', value: 'create_risk_provider' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_risk_provider"> + +Creates a risk provider object. You can create a maximum of three risk provider objects. + +```sql +INSERT INTO okta.risk.risk_providers ( +data__action, +data__clientId, +data__name, +subdomain +) +SELECT +'{{ action }}' --required, +'{{ clientId }}' --required, +'{{ name }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +action, +clientId, +created, +lastUpdated +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: risk_providers + props: + - name: subdomain + value: string + description: Required parameter for the risk_providers resource. + - name: action + value: string + description: > + Action taken by Okta during authentication attempts based on the risk events sent by this provider + + valid_values: ['enforce_and_log', 'log_only', 'none'] + default: log_only + - name: clientId + value: string + description: > + The ID of the [OAuth 2.0 service app](https://developer.okta.com/docs/guides/implement-oauth-for-okta-serviceapp/main/#create-a-service-app-and-grant-scopes) that's used to send risk events to Okta + + - name: name + value: string + description: > + Name of the risk provider + +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_risk_provider" + values={[ + { label: 'replace_risk_provider', value: 'replace_risk_provider' } + ]} +> +<TabItem value="replace_risk_provider"> + +Replaces the properties for a given risk provider object ID + +```sql +REPLACE okta.risk.risk_providers +SET +data__action = '{{ action }}', +data__clientId = '{{ clientId }}', +data__name = '{{ name }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +AND data__clientId = '{{ clientId }}' --required +AND data__action = '{{ action }}' --required +RETURNING +id, +name, +_links, +action, +clientId, +created, +lastUpdated; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_risk_provider" + values={[ + { label: 'delete_risk_provider', value: 'delete_risk_provider' } + ]} +> +<TabItem value="delete_risk_provider"> + +Deletes a risk provider object by its ID + +```sql +DELETE FROM okta.risk.risk_providers +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/roles/index.md b/website/docs/services/roles/index.md new file mode 100644 index 0000000..83433cc --- /dev/null +++ b/website/docs/services/roles/index.md @@ -0,0 +1,33 @@ +--- +title: roles +hide_title: false +hide_table_of_contents: false +keywords: + - roles + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +roles service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/roles/subscriptions/">subscriptions</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/roles/subscriptions/index.md b/website/docs/services/roles/subscriptions/index.md new file mode 100644 index 0000000..61d938f --- /dev/null +++ b/website/docs/services/roles/subscriptions/index.md @@ -0,0 +1,249 @@ +--- +title: subscriptions +hide_title: false +hide_table_of_contents: false +keywords: + - subscriptions + - roles + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>subscriptions</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>subscriptions</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.roles.subscriptions" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_subscriptions_role" + values={[ + { label: 'list_subscriptions_role', value: 'list_subscriptions_role' }, + { label: 'get_subscriptions_notification_type_role', value: 'get_subscriptions_notification_type_role' } + ]} +> +<TabItem value="list_subscriptions_role"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Discoverable resources related to the subscription</td> +</tr> +<tr> + <td><CopyableCode code="channels" /></td> + <td><code>array</code></td> + <td>An array of sources send notifications to users. > **Note**: Currently, Okta only allows `email` channels.</td> +</tr> +<tr> + <td><CopyableCode code="notificationType" /></td> + <td><code>string</code></td> + <td>The type of notification</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>The status of the subscription</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_subscriptions_notification_type_role"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Discoverable resources related to the subscription</td> +</tr> +<tr> + <td><CopyableCode code="channels" /></td> + <td><code>array</code></td> + <td>An array of sources send notifications to users. > **Note**: Currently, Okta only allows `email` channels.</td> +</tr> +<tr> + <td><CopyableCode code="notificationType" /></td> + <td><code>string</code></td> + <td>The type of notification</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>The status of the subscription</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_subscriptions_role"><CopyableCode code="list_subscriptions_role" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all subscriptions available to a specified Role</td> +</tr> +<tr> + <td><a href="#get_subscriptions_notification_type_role"><CopyableCode code="get_subscriptions_notification_type_role" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a subscription by `notificationType` for a specified Role</td> +</tr> +<tr> + <td><a href="#subscribe_by_notification_type_role"><CopyableCode code="subscribe_by_notification_type_role" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Subscribes a Role to a specified notification type. Changes to Role subscriptions override the subscription status of any individual users with the Role.</td> +</tr> +<tr> + <td><a href="#unsubscribe_by_notification_type_role"><CopyableCode code="unsubscribe_by_notification_type_role" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Unsubscribes a Role from a specified notification type. Changes to Role subscriptions override the subscription status of any individual users with the Role.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_subscriptions_role" + values={[ + { label: 'list_subscriptions_role', value: 'list_subscriptions_role' }, + { label: 'get_subscriptions_notification_type_role', value: 'get_subscriptions_notification_type_role' } + ]} +> +<TabItem value="list_subscriptions_role"> + +Lists all subscriptions available to a specified Role + +```sql +SELECT +_links, +channels, +notificationType, +status +FROM okta.roles.subscriptions +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +<TabItem value="get_subscriptions_notification_type_role"> + +Retrieves a subscription by `notificationType` for a specified Role + +```sql +SELECT +_links, +channels, +notificationType, +status +FROM okta.roles.subscriptions +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="subscribe_by_notification_type_role" + values={[ + { label: 'subscribe_by_notification_type_role', value: 'subscribe_by_notification_type_role' }, + { label: 'unsubscribe_by_notification_type_role', value: 'unsubscribe_by_notification_type_role' } + ]} +> +<TabItem value="subscribe_by_notification_type_role"> + +Subscribes a Role to a specified notification type. Changes to Role subscriptions override the subscription status of any individual users with the Role. + +```sql +EXEC okta.roles.subscriptions.subscribe_by_notification_type_role +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="unsubscribe_by_notification_type_role"> + +Unsubscribes a Role from a specified notification type. Changes to Role subscriptions override the subscription status of any individual users with the Role. + +```sql +EXEC okta.roles.subscriptions.unsubscribe_by_notification_type_role +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/security/index.md b/website/docs/services/security/index.md new file mode 100644 index 0000000..b52d39c --- /dev/null +++ b/website/docs/services/security/index.md @@ -0,0 +1,33 @@ +--- +title: security +hide_title: false +hide_table_of_contents: false +keywords: + - security + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +security service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/security/ssf_security_event_tokens/">ssf_security_event_tokens</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/security/ssf_security_event_tokens/index.md b/website/docs/services/security/ssf_security_event_tokens/index.md new file mode 100644 index 0000000..86c524a --- /dev/null +++ b/website/docs/services/security/ssf_security_event_tokens/index.md @@ -0,0 +1,100 @@ +--- +title: ssf_security_event_tokens +hide_title: false +hide_table_of_contents: false +keywords: + - ssf_security_event_tokens + - security + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>ssf_security_event_tokens</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>ssf_security_event_tokens</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.security.ssf_security_event_tokens" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +`SELECT` not supported for this resource, use `SHOW METHODS` to view available operations for the resource. + + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#publish_security_event_tokens"><CopyableCode code="publish_security_event_tokens" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Publishes a Security Event Token (SET) sent by a Security Events Provider. After the token is verified, Okta ingests the event and performs any appropriate action.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## Lifecycle Methods + +<Tabs + defaultValue="publish_security_event_tokens" + values={[ + { label: 'publish_security_event_tokens', value: 'publish_security_event_tokens' } + ]} +> +<TabItem value="publish_security_event_tokens"> + +Publishes a Security Event Token (SET) sent by a Security Events Provider. After the token is verified, Okta ingests the event and performs any appropriate action. + +```sql +EXEC okta.security.ssf_security_event_tokens.publish_security_event_tokens +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/security_events_providers/index.md b/website/docs/services/security_events_providers/index.md new file mode 100644 index 0000000..4a5d766 --- /dev/null +++ b/website/docs/services/security_events_providers/index.md @@ -0,0 +1,33 @@ +--- +title: security_events_providers +hide_title: false +hide_table_of_contents: false +keywords: + - security_events_providers + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +security_events_providers service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/security_events_providers/ssf_receivers/">ssf_receivers</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/security_events_providers/ssf_receivers/index.md b/website/docs/services/security_events_providers/ssf_receivers/index.md new file mode 100644 index 0000000..c1ac611 --- /dev/null +++ b/website/docs/services/security_events_providers/ssf_receivers/index.md @@ -0,0 +1,409 @@ +--- +title: ssf_receivers +hide_title: false +hide_table_of_contents: false +keywords: + - ssf_receivers + - security_events_providers + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>ssf_receivers</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>ssf_receivers</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.security_events_providers.ssf_receivers" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_security_events_provider_instances" + values={[ + { label: 'list_security_events_provider_instances', value: 'list_security_events_provider_instances' }, + { label: 'get_security_events_provider_instance', value: 'get_security_events_provider_instance' } + ]} +> +<TabItem value="list_security_events_provider_instances"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>The unique identifier of this instance (example: sse1qg25RpusjUP6m0g5)</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>The name of the Security Events Provider instance (example: Target SSF Provider)</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="settings" /></td> + <td><code>object</code></td> + <td>Information about the Security Events Provider for signal ingestion (title: Security Events Provider settings)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Indicates whether the Security Events Provider is active or not</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>The application type of the Security Events Provider (example: okta)</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_security_events_provider_instance"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>The unique identifier of this instance (example: sse1qg25RpusjUP6m0g5)</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>The name of the Security Events Provider instance (example: Target SSF Provider)</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="settings" /></td> + <td><code>object</code></td> + <td>Information about the Security Events Provider for signal ingestion (title: Security Events Provider settings)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Indicates whether the Security Events Provider is active or not</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>The application type of the Security Events Provider (example: okta)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_security_events_provider_instances"><CopyableCode code="list_security_events_provider_instances" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all Security Events Provider instances</td> +</tr> +<tr> + <td><a href="#get_security_events_provider_instance"><CopyableCode code="get_security_events_provider_instance" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the Security Events Provider instance specified by `id`</td> +</tr> +<tr> + <td><a href="#create_security_events_provider_instance"><CopyableCode code="create_security_events_provider_instance" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a Security Events Provider instance</td> +</tr> +<tr> + <td><a href="#replace_security_events_provider_instance"><CopyableCode code="replace_security_events_provider_instance" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces a Security Events Provider instance specified by `id`</td> +</tr> +<tr> + <td><a href="#delete_security_events_provider_instance"><CopyableCode code="delete_security_events_provider_instance" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a Security Events Provider instance specified by `id`</td> +</tr> +<tr> + <td><a href="#activate_security_events_provider_instance"><CopyableCode code="activate_security_events_provider_instance" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Activates a Security Events Provider instance by setting its status to `ACTIVE`.<br />This operation resumes the flow of events from the Security Events Provider to Okta.</td> +</tr> +<tr> + <td><a href="#deactivate_security_events_provider_instance"><CopyableCode code="deactivate_security_events_provider_instance" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deactivates a Security Events Provider instance by setting its status to `INACTIVE`.<br />This operation stops the flow of events from the Security Events Provider to Okta.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_security_events_provider_instances" + values={[ + { label: 'list_security_events_provider_instances', value: 'list_security_events_provider_instances' }, + { label: 'get_security_events_provider_instance', value: 'get_security_events_provider_instance' } + ]} +> +<TabItem value="list_security_events_provider_instances"> + +Lists all Security Events Provider instances + +```sql +SELECT +id, +name, +_links, +settings, +status, +type +FROM okta.security_events_providers.ssf_receivers +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +<TabItem value="get_security_events_provider_instance"> + +Retrieves the Security Events Provider instance specified by `id` + +```sql +SELECT +id, +name, +_links, +settings, +status, +type +FROM okta.security_events_providers.ssf_receivers +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_security_events_provider_instance" + values={[ + { label: 'create_security_events_provider_instance', value: 'create_security_events_provider_instance' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_security_events_provider_instance"> + +Creates a Security Events Provider instance + +```sql +INSERT INTO okta.security_events_providers.ssf_receivers ( +data__name, +data__settings, +data__type, +subdomain +) +SELECT +'{{ name }}' --required, +'{{ settings }}' --required, +'{{ type }}' --required, +'{{ subdomain }}' +RETURNING +id, +name, +_links, +settings, +status, +type +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: ssf_receivers + props: + - name: subdomain + value: string + description: Required parameter for the ssf_receivers resource. + - name: name + value: string + description: > + The name of the Security Events Provider instance + + - name: settings + value: object + description: > + Information about the Security Events Provider for signal ingestion + + - name: type + value: string + description: > + The application type of the Security Events Provider + +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_security_events_provider_instance" + values={[ + { label: 'replace_security_events_provider_instance', value: 'replace_security_events_provider_instance' } + ]} +> +<TabItem value="replace_security_events_provider_instance"> + +Replaces a Security Events Provider instance specified by `id` + +```sql +REPLACE okta.security_events_providers.ssf_receivers +SET +data__name = '{{ name }}', +data__settings = '{{ settings }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +AND data__settings = '{{ settings }}' --required +AND data__type = '{{ type }}' --required +RETURNING +id, +name, +_links, +settings, +status, +type; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_security_events_provider_instance" + values={[ + { label: 'delete_security_events_provider_instance', value: 'delete_security_events_provider_instance' } + ]} +> +<TabItem value="delete_security_events_provider_instance"> + +Deletes a Security Events Provider instance specified by `id` + +```sql +DELETE FROM okta.security_events_providers.ssf_receivers +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="activate_security_events_provider_instance" + values={[ + { label: 'activate_security_events_provider_instance', value: 'activate_security_events_provider_instance' }, + { label: 'deactivate_security_events_provider_instance', value: 'deactivate_security_events_provider_instance' } + ]} +> +<TabItem value="activate_security_events_provider_instance"> + +Activates a Security Events Provider instance by setting its status to `ACTIVE`.<br />This operation resumes the flow of events from the Security Events Provider to Okta. + +```sql +EXEC okta.security_events_providers.ssf_receivers.activate_security_events_provider_instance +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="deactivate_security_events_provider_instance"> + +Deactivates a Security Events Provider instance by setting its status to `INACTIVE`.<br />This operation stops the flow of events from the Security Events Provider to Okta. + +```sql +EXEC okta.security_events_providers.ssf_receivers.deactivate_security_events_provider_instance +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/sessions/index.md b/website/docs/services/sessions/index.md new file mode 100644 index 0000000..0c60d56 --- /dev/null +++ b/website/docs/services/sessions/index.md @@ -0,0 +1,33 @@ +--- +title: sessions +hide_title: false +hide_table_of_contents: false +keywords: + - sessions + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +sessions service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/sessions/sessions/">sessions</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/sessions/sessions/index.md b/website/docs/services/sessions/sessions/index.md new file mode 100644 index 0000000..90fe2d7 --- /dev/null +++ b/website/docs/services/sessions/sessions/index.md @@ -0,0 +1,447 @@ +--- +title: sessions +hide_title: false +hide_table_of_contents: false +keywords: + - sessions + - sessions + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>sessions</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>sessions</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.sessions.sessions" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_current_session" + values={[ + { label: 'get_current_session', value: 'get_current_session' }, + { label: 'get_session', value: 'get_session' } + ]} +> +<TabItem value="get_current_session"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>A unique key for the Session</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="amr" /></td> + <td><code>array</code></td> + <td>Authentication method reference</td> +</tr> +<tr> + <td><CopyableCode code="createdAt" /></td> + <td><code>string (date-time)</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="expiresAt" /></td> + <td><code>string (date-time)</code></td> + <td>A timestamp when the Session expires</td> +</tr> +<tr> + <td><CopyableCode code="idp" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="lastFactorVerification" /></td> + <td><code>string (date-time)</code></td> + <td>A timestamp when the user last performed multifactor authentication</td> +</tr> +<tr> + <td><CopyableCode code="lastPasswordVerification" /></td> + <td><code>string (date-time)</code></td> + <td>A timestamp when the user last performed the primary or step-up authentication with a password</td> +</tr> +<tr> + <td><CopyableCode code="login" /></td> + <td><code>string</code></td> + <td>A unique identifier for the user (username)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Current Session status</td> +</tr> +<tr> + <td><CopyableCode code="userId" /></td> + <td><code>string</code></td> + <td>A unique key for the user</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_session"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>A unique key for the Session</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="amr" /></td> + <td><code>array</code></td> + <td>Authentication method reference</td> +</tr> +<tr> + <td><CopyableCode code="createdAt" /></td> + <td><code>string (date-time)</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="expiresAt" /></td> + <td><code>string (date-time)</code></td> + <td>A timestamp when the Session expires</td> +</tr> +<tr> + <td><CopyableCode code="idp" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="lastFactorVerification" /></td> + <td><code>string (date-time)</code></td> + <td>A timestamp when the user last performed multifactor authentication</td> +</tr> +<tr> + <td><CopyableCode code="lastPasswordVerification" /></td> + <td><code>string (date-time)</code></td> + <td>A timestamp when the user last performed the primary or step-up authentication with a password</td> +</tr> +<tr> + <td><CopyableCode code="login" /></td> + <td><code>string</code></td> + <td>A unique identifier for the user (username)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Current Session status</td> +</tr> +<tr> + <td><CopyableCode code="userId" /></td> + <td><code>string</code></td> + <td>A unique key for the user</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_current_session"><CopyableCode code="get_current_session" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-Cookie"><code>Cookie</code></a></td> + <td>Retrieves Session information for the current user. Use this method in a browser-based application to determine if the user is signed in. <br /><br />> **Note:** This operation requires a session cookie for the user. An API token isn't allowed for this operation.</td> +</tr> +<tr> + <td><a href="#get_session"><CopyableCode code="get_session" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves information about the Session specified by the given session ID</td> +</tr> +<tr> + <td><a href="#create_session"><CopyableCode code="create_session" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a new Session for a user with a valid session token. Use this API if, for example, you want to set the session cookie yourself instead of allowing Okta to set it, or want to hold the session ID to delete a session through the API instead of visiting the logout URL.</td> +</tr> +<tr> + <td><a href="#close_current_session"><CopyableCode code="close_current_session" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-Cookie"><code>Cookie</code></a></td> + <td>Closes the Session for the user who is currently signed in. Use this method in a browser-based application to sign out a user.<br /><br />> **Note:** This operation requires a session cookie for the user. An API token isn't allowed for this operation.</td> +</tr> +<tr> + <td><a href="#revoke_session"><CopyableCode code="revoke_session" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Revokes the specified Session</td> +</tr> +<tr> + <td><a href="#refresh_current_session"><CopyableCode code="refresh_current_session" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-Cookie"><code>Cookie</code></a></td> + <td>Refreshes the Session for the current user<br /><br />> **Note:** This operation requires a session cookie for the user. An API token isn't allowed for this operation.</td> +</tr> +<tr> + <td><a href="#refresh_session"><CopyableCode code="refresh_session" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Refreshes an existing Session using the `id` for that Session. A successful response contains the refreshed Session with an updated `expiresAt` timestamp.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-Cookie"> + <td><CopyableCode code="Cookie" /></td> + <td><code>string</code></td> + <td> (example: sid=abcde-123 or idx=abcde-123)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_current_session" + values={[ + { label: 'get_current_session', value: 'get_current_session' }, + { label: 'get_session', value: 'get_session' } + ]} +> +<TabItem value="get_current_session"> + +Retrieves Session information for the current user. Use this method in a browser-based application to determine if the user is signed in. <br /><br />> **Note:** This operation requires a session cookie for the user. An API token isn't allowed for this operation. + +```sql +SELECT +id, +_links, +amr, +createdAt, +expiresAt, +idp, +lastFactorVerification, +lastPasswordVerification, +login, +status, +userId +FROM okta.sessions.sessions +WHERE subdomain = '{{ subdomain }}' -- required +AND Cookie = '{{ Cookie }}'; +``` +</TabItem> +<TabItem value="get_session"> + +Retrieves information about the Session specified by the given session ID + +```sql +SELECT +id, +_links, +amr, +createdAt, +expiresAt, +idp, +lastFactorVerification, +lastPasswordVerification, +login, +status, +userId +FROM okta.sessions.sessions +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_session" + values={[ + { label: 'create_session', value: 'create_session' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_session"> + +Creates a new Session for a user with a valid session token. Use this API if, for example, you want to set the session cookie yourself instead of allowing Okta to set it, or want to hold the session ID to delete a session through the API instead of visiting the logout URL. + +```sql +INSERT INTO okta.sessions.sessions ( +data__sessionToken, +subdomain +) +SELECT +'{{ sessionToken }}', +'{{ subdomain }}' +RETURNING +id, +_links, +amr, +createdAt, +expiresAt, +idp, +lastFactorVerification, +lastPasswordVerification, +login, +status, +userId +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: sessions + props: + - name: subdomain + value: string + description: Required parameter for the sessions resource. + - name: sessionToken + value: string + description: > + The session token obtained during authentication + +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="close_current_session" + values={[ + { label: 'close_current_session', value: 'close_current_session' }, + { label: 'revoke_session', value: 'revoke_session' } + ]} +> +<TabItem value="close_current_session"> + +Closes the Session for the user who is currently signed in. Use this method in a browser-based application to sign out a user.<br /><br />> **Note:** This operation requires a session cookie for the user. An API token isn't allowed for this operation. + +```sql +DELETE FROM okta.sessions.sessions +WHERE subdomain = '{{ subdomain }}' --required +AND Cookie = '{{ Cookie }}'; +``` +</TabItem> +<TabItem value="revoke_session"> + +Revokes the specified Session + +```sql +DELETE FROM okta.sessions.sessions +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="refresh_current_session" + values={[ + { label: 'refresh_current_session', value: 'refresh_current_session' }, + { label: 'refresh_session', value: 'refresh_session' } + ]} +> +<TabItem value="refresh_current_session"> + +Refreshes the Session for the current user<br /><br />> **Note:** This operation requires a session cookie for the user. An API token isn't allowed for this operation. + +```sql +EXEC okta.sessions.sessions.refresh_current_session +@subdomain='{{ subdomain }}' --required, +@Cookie='{{ Cookie }}'; +``` +</TabItem> +<TabItem value="refresh_session"> + +Refreshes an existing Session using the `id` for that Session. A successful response contains the refreshed Session with an updated `expiresAt` timestamp. + +```sql +EXEC okta.sessions.sessions.refresh_session +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/ssf/index.md b/website/docs/services/ssf/index.md new file mode 100644 index 0000000..44d8bf4 --- /dev/null +++ b/website/docs/services/ssf/index.md @@ -0,0 +1,33 @@ +--- +title: ssf +hide_title: false +hide_table_of_contents: false +keywords: + - ssf + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +ssf service documentation. + +:::info[Service Summary] + +total resources: __2__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/ssf/ssf_stream_status/">ssf_stream_status</a> +</div> +<div class="providerDocColumn"> +<a href="/services/ssf/ssf_streams/">ssf_streams</a> +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/ssf/ssf_stream_status/index.md b/website/docs/services/ssf/ssf_stream_status/index.md new file mode 100644 index 0000000..a4d78fb --- /dev/null +++ b/website/docs/services/ssf/ssf_stream_status/index.md @@ -0,0 +1,138 @@ +--- +title: ssf_stream_status +hide_title: false +hide_table_of_contents: false +keywords: + - ssf_stream_status + - ssf + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>ssf_stream_status</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>ssf_stream_status</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.ssf.ssf_stream_status" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_ssf_stream_status" + values={[ + { label: 'get_ssf_stream_status', value: 'get_ssf_stream_status' } + ]} +> +<TabItem value="get_ssf_stream_status"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="stream_id" /></td> + <td><code>string</code></td> + <td>The ID of the SSF Stream configuration. This corresponds to the value in the query parameter of the request. (example: esc1k235GIIztAuGK0g5)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>The status of the SSF Stream configuration</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_ssf_stream_status"><CopyableCode code="get_ssf_stream_status" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-stream_id"><code>stream_id</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the status of an SSF Stream. The status indicates whether the transmitter is able to transmit events over the stream.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-stream_id"> + <td><CopyableCode code="stream_id" /></td> + <td><code>string</code></td> + <td>The ID of the specified SSF Stream configuration (example: esc1k235GIIztAuGK0g5)</td> +</tr> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_ssf_stream_status" + values={[ + { label: 'get_ssf_stream_status', value: 'get_ssf_stream_status' } + ]} +> +<TabItem value="get_ssf_stream_status"> + +Retrieves the status of an SSF Stream. The status indicates whether the transmitter is able to transmit events over the stream. + +```sql +SELECT +stream_id, +status +FROM okta.ssf.ssf_stream_status +WHERE stream_id = '{{ stream_id }}' -- required +AND subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/ssf/ssf_streams/index.md b/website/docs/services/ssf/ssf_streams/index.md new file mode 100644 index 0000000..eb25c03 --- /dev/null +++ b/website/docs/services/ssf/ssf_streams/index.md @@ -0,0 +1,362 @@ +--- +title: ssf_streams +hide_title: false +hide_table_of_contents: false +keywords: + - ssf_streams + - ssf + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>ssf_streams</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>ssf_streams</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.ssf.ssf_streams" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_ssf_streams" + values={[ + { label: 'get_ssf_streams', value: 'get_ssf_streams' } + ]} +> +<TabItem value="get_ssf_streams"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_ssf_streams"><CopyableCode code="get_ssf_streams" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-stream_id"><code>stream_id</code></a></td> + <td>Retrieves either a list of all known SSF Stream configurations or the individual configuration if specified by ID.<br /><br />As Stream configurations are tied to a Client ID, only the Stream associated with the Client ID of the request OAuth 2.0 access token can be viewed.</td> +</tr> +<tr> + <td><a href="#create_ssf_stream"><CopyableCode code="create_ssf_stream" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates an SSF Stream for an event receiver to start receiving security events in the form of Security Event Tokens (SETs) from Okta.<br /><br />An SSF Stream is associated with the Client ID of the OAuth 2.0 access token used to create the stream. The Client ID is provided by Okta for an [OAuth 2.0 app integration](https://help.okta.com/okta_help.htm?id=ext_Apps_App_Integration_Wizard-oidc). One SSF Stream is allowed for each Client ID, hence, one SSF Stream is allowed for each app integration in Okta.<br /><br />A maximum of 10 SSF Stream configurations can be created for one org.</td> +</tr> +<tr> + <td><a href="#update_ssf_stream"><CopyableCode code="update_ssf_stream" /></a></td> + <td><CopyableCode code="update" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Updates properties for an existing SSF Stream configuration.<br /><br />If the `stream_id` isn't provided in the request body, the associated stream with the Client ID (through the request OAuth 2.0 access token) is updated.</td> +</tr> +<tr> + <td><a href="#replace_ssf_stream"><CopyableCode code="replace_ssf_stream" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces all properties for an existing SSF Stream configuration.<br /><br />If the `stream_id` isn't provided in the request body, the associated stream with the Client ID (through the request OAuth 2.0 access token) is replaced.</td> +</tr> +<tr> + <td><a href="#delete_ssf_stream"><CopyableCode code="delete_ssf_stream" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-stream_id"><code>stream_id</code></a></td> + <td>Deletes the specified SSF Stream.<br /><br />If the `stream_id` is not provided in the query string, the associated stream with the Client ID (through the request OAuth 2.0 access token) is deleted. Otherwise, the SSF Stream with the `stream_id` is deleted, if found.</td> +</tr> +<tr> + <td><a href="#verify_ssf_stream"><CopyableCode code="verify_ssf_stream" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Verifies an SSF Stream by publishing a Verification Event requested by a Security Events Provider.<br /><br />> **Note:** A successful response doesn't indicate that the Verification Event<br /> was transmitted successfully, only that Okta has transmitted the event or will<br /> at some point in the future. The SSF Receiver is responsible for validating and acknowledging<br /> successful transmission of the request by responding with HTTP Response Status Code 202.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-stream_id"> + <td><CopyableCode code="stream_id" /></td> + <td><code>string</code></td> + <td>The ID of the specified SSF Stream configuration (example: esc1k235GIIztAuGK0g5)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_ssf_streams" + values={[ + { label: 'get_ssf_streams', value: 'get_ssf_streams' } + ]} +> +<TabItem value="get_ssf_streams"> + +Retrieves either a list of all known SSF Stream configurations or the individual configuration if specified by ID.<br /><br />As Stream configurations are tied to a Client ID, only the Stream associated with the Client ID of the request OAuth 2.0 access token can be viewed. + +```sql +SELECT +* +FROM okta.ssf.ssf_streams +WHERE subdomain = '{{ subdomain }}' -- required +AND stream_id = '{{ stream_id }}'; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_ssf_stream" + values={[ + { label: 'create_ssf_stream', value: 'create_ssf_stream' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_ssf_stream"> + +Creates an SSF Stream for an event receiver to start receiving security events in the form of Security Event Tokens (SETs) from Okta.<br /><br />An SSF Stream is associated with the Client ID of the OAuth 2.0 access token used to create the stream. The Client ID is provided by Okta for an [OAuth 2.0 app integration](https://help.okta.com/okta_help.htm?id=ext_Apps_App_Integration_Wizard-oidc). One SSF Stream is allowed for each Client ID, hence, one SSF Stream is allowed for each app integration in Okta.<br /><br />A maximum of 10 SSF Stream configurations can be created for one org. + +```sql +INSERT INTO okta.ssf.ssf_streams ( +data__delivery, +data__events_requested, +data__format, +subdomain +) +SELECT +'{{ delivery }}' --required, +'{{ events_requested }}' --required, +'{{ format }}', +'{{ subdomain }}' +RETURNING +stream_id, +aud, +delivery, +events_delivered, +events_requested, +events_supported, +format, +iss, +min_verification_interval +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: ssf_streams + props: + - name: subdomain + value: string + description: Required parameter for the ssf_streams resource. + - name: delivery + value: object + description: > + Contains information about the intended SET delivery method by the receiver + + - name: events_requested + value: array + description: > + The events (mapped by the array of event type URIs) that the receiver wants to receive + + - name: format + value: string + description: > + The Subject Identifier format expected for any SET transmitted. + + valid_values: ['iss_sub'] +``` +</TabItem> +</Tabs> + + +## `UPDATE` examples + +<Tabs + defaultValue="update_ssf_stream" + values={[ + { label: 'update_ssf_stream', value: 'update_ssf_stream' } + ]} +> +<TabItem value="update_ssf_stream"> + +Updates properties for an existing SSF Stream configuration.<br /><br />If the `stream_id` isn't provided in the request body, the associated stream with the Client ID (through the request OAuth 2.0 access token) is updated. + +```sql +UPDATE okta.ssf.ssf_streams +SET +data__aud = '{{ aud }}', +data__delivery = '{{ delivery }}', +data__events_delivered = '{{ events_delivered }}', +data__events_requested = '{{ events_requested }}', +data__events_supported = '{{ events_supported }}', +data__format = '{{ format }}', +data__iss = '{{ iss }}', +data__min_verification_interval = {{ min_verification_interval }}, +data__stream_id = '{{ stream_id }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__events_requested = '{{ events_requested }}' --required +AND data__delivery = '{{ delivery }}' --required +RETURNING +stream_id, +aud, +delivery, +events_delivered, +events_requested, +events_supported, +format, +iss, +min_verification_interval; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_ssf_stream" + values={[ + { label: 'replace_ssf_stream', value: 'replace_ssf_stream' } + ]} +> +<TabItem value="replace_ssf_stream"> + +Replaces all properties for an existing SSF Stream configuration.<br /><br />If the `stream_id` isn't provided in the request body, the associated stream with the Client ID (through the request OAuth 2.0 access token) is replaced. + +```sql +REPLACE okta.ssf.ssf_streams +SET +data__aud = '{{ aud }}', +data__delivery = '{{ delivery }}', +data__events_delivered = '{{ events_delivered }}', +data__events_requested = '{{ events_requested }}', +data__events_supported = '{{ events_supported }}', +data__format = '{{ format }}', +data__iss = '{{ iss }}', +data__min_verification_interval = {{ min_verification_interval }}, +data__stream_id = '{{ stream_id }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__events_requested = '{{ events_requested }}' --required +AND data__delivery = '{{ delivery }}' --required +RETURNING +stream_id, +aud, +delivery, +events_delivered, +events_requested, +events_supported, +format, +iss, +min_verification_interval; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_ssf_stream" + values={[ + { label: 'delete_ssf_stream', value: 'delete_ssf_stream' } + ]} +> +<TabItem value="delete_ssf_stream"> + +Deletes the specified SSF Stream.<br /><br />If the `stream_id` is not provided in the query string, the associated stream with the Client ID (through the request OAuth 2.0 access token) is deleted. Otherwise, the SSF Stream with the `stream_id` is deleted, if found. + +```sql +DELETE FROM okta.ssf.ssf_streams +WHERE subdomain = '{{ subdomain }}' --required +AND stream_id = '{{ stream_id }}'; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="verify_ssf_stream" + values={[ + { label: 'verify_ssf_stream', value: 'verify_ssf_stream' } + ]} +> +<TabItem value="verify_ssf_stream"> + +Verifies an SSF Stream by publishing a Verification Event requested by a Security Events Provider.<br /><br />> **Note:** A successful response doesn't indicate that the Verification Event<br /> was transmitted successfully, only that Okta has transmitted the event or will<br /> at some point in the future. The SSF Receiver is responsible for validating and acknowledging<br /> successful transmission of the request by responding with HTTP Response Status Code 202. + +```sql +EXEC okta.ssf.ssf_streams.verify_ssf_stream +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"state": "{{ state }}", +"stream_id": "{{ stream_id }}" +}'; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/templates/index.md b/website/docs/services/templates/index.md new file mode 100644 index 0000000..2894a9f --- /dev/null +++ b/website/docs/services/templates/index.md @@ -0,0 +1,33 @@ +--- +title: templates +hide_title: false +hide_table_of_contents: false +keywords: + - templates + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +templates service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/templates/sms_templates/">sms_templates</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/templates/sms_templates/index.md b/website/docs/services/templates/sms_templates/index.md new file mode 100644 index 0000000..71914b9 --- /dev/null +++ b/website/docs/services/templates/sms_templates/index.md @@ -0,0 +1,437 @@ +--- +title: sms_templates +hide_title: false +hide_table_of_contents: false +keywords: + - sms_templates + - templates + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>sms_templates</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>sms_templates</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.templates.sms_templates" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_sms_templates" + values={[ + { label: 'list_sms_templates', value: 'list_sms_templates' }, + { label: 'get_sms_template', value: 'get_sms_template' } + ]} +> +<TabItem value="list_sms_templates"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Human-readable name of the Template</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="template" /></td> + <td><code>string</code></td> + <td>Text of the Template, including any [macros](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/)</td> +</tr> +<tr> + <td><CopyableCode code="translations" /></td> + <td><code>object</code></td> + <td>- Template translations are optionally provided when you want to localize the SMS messages. Translations are provided as an object that contains `key:value` pairs: the language and the translated Template text. The key portion is a two-letter country code that conforms to [ISO 639-1](https://www.loc.gov/standards/iso639-2/php/code_list.php). The value is the translated SMS Template. - Just like with regular SMS Templates, the length of the SMS message can't exceed 160 characters. </td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Type of the Template</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_sms_template"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Human-readable name of the Template</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="template" /></td> + <td><code>string</code></td> + <td>Text of the Template, including any [macros](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/)</td> +</tr> +<tr> + <td><CopyableCode code="translations" /></td> + <td><code>object</code></td> + <td>- Template translations are optionally provided when you want to localize the SMS messages. Translations are provided as an object that contains `key:value` pairs: the language and the translated Template text. The key portion is a two-letter country code that conforms to [ISO 639-1](https://www.loc.gov/standards/iso639-2/php/code_list.php). The value is the translated SMS Template. - Just like with regular SMS Templates, the length of the SMS message can't exceed 160 characters. </td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Type of the Template</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_sms_templates"><CopyableCode code="list_sms_templates" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-templateType"><code>templateType</code></a></td> + <td>Lists all custom SMS templates. A subset of templates can be returned that match a template type.</td> +</tr> +<tr> + <td><a href="#get_sms_template"><CopyableCode code="get_sms_template" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a specific template by `id`</td> +</tr> +<tr> + <td><a href="#create_sms_template"><CopyableCode code="create_sms_template" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a new custom SMS template</td> +</tr> +<tr> + <td><a href="#update_sms_template"><CopyableCode code="update_sms_template" /></a></td> + <td><CopyableCode code="update" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Updates only some of the SMS Template properties:<br /> * All properties within the custom SMS Template that have values are updated.<br /> * Any translation that doesn't exist is added.<br /> * Any translation with a null or empty value is removed.<br /> * Any translation with non-empty/null value is updated.<br /></td> +</tr> +<tr> + <td><a href="#replace_sms_template"><CopyableCode code="replace_sms_template" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces the SMS Template<br />> **Notes:** You can't update the default SMS Template.<br /></td> +</tr> +<tr> + <td><a href="#delete_sms_template"><CopyableCode code="delete_sms_template" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes an SMS template</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-templateType"> + <td><CopyableCode code="templateType" /></td> + <td><code>string</code></td> + <td></td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_sms_templates" + values={[ + { label: 'list_sms_templates', value: 'list_sms_templates' }, + { label: 'get_sms_template', value: 'get_sms_template' } + ]} +> +<TabItem value="list_sms_templates"> + +Lists all custom SMS templates. A subset of templates can be returned that match a template type. + +```sql +SELECT +id, +name, +created, +lastUpdated, +template, +translations, +type +FROM okta.templates.sms_templates +WHERE subdomain = '{{ subdomain }}' -- required +AND templateType = '{{ templateType }}'; +``` +</TabItem> +<TabItem value="get_sms_template"> + +Retrieves a specific template by `id` + +```sql +SELECT +id, +name, +created, +lastUpdated, +template, +translations, +type +FROM okta.templates.sms_templates +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_sms_template" + values={[ + { label: 'create_sms_template', value: 'create_sms_template' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_sms_template"> + +Creates a new custom SMS template + +```sql +INSERT INTO okta.templates.sms_templates ( +data__name, +data__template, +data__translations, +data__type, +subdomain +) +SELECT +'{{ name }}', +'{{ template }}', +'{{ translations }}', +'{{ type }}', +'{{ subdomain }}' +RETURNING +id, +name, +created, +lastUpdated, +template, +translations, +type +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: sms_templates + props: + - name: subdomain + value: string + description: Required parameter for the sms_templates resource. + - name: name + value: string + description: > + Human-readable name of the Template + + - name: template + value: string + description: > + Text of the Template, including any [macros](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/) + + - name: translations + value: object + description: > + - Template translations are optionally provided when you want to localize the SMS messages. Translations are provided as an object that contains `key:value` pairs: the language and the translated Template text. The key portion is a two-letter country code that conforms to [ISO 639-1](https://www.loc.gov/standards/iso639-2/php/code_list.php). The value is the translated SMS Template. +- Just like with regular SMS Templates, the length of the SMS message can't exceed 160 characters. + + - name: type + value: string + description: > + Type of the Template + + valid_values: ['SMS_VERIFY_CODE'] +``` +</TabItem> +</Tabs> + + +## `UPDATE` examples + +<Tabs + defaultValue="update_sms_template" + values={[ + { label: 'update_sms_template', value: 'update_sms_template' } + ]} +> +<TabItem value="update_sms_template"> + +Updates only some of the SMS Template properties:<br /> * All properties within the custom SMS Template that have values are updated.<br /> * Any translation that doesn't exist is added.<br /> * Any translation with a null or empty value is removed.<br /> * Any translation with non-empty/null value is updated.<br /> + +```sql +UPDATE okta.templates.sms_templates +SET +data__name = '{{ name }}', +data__template = '{{ template }}', +data__translations = '{{ translations }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +created, +lastUpdated, +template, +translations, +type; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_sms_template" + values={[ + { label: 'replace_sms_template', value: 'replace_sms_template' } + ]} +> +<TabItem value="replace_sms_template"> + +Replaces the SMS Template<br />> **Notes:** You can't update the default SMS Template.<br /> + +```sql +REPLACE okta.templates.sms_templates +SET +data__name = '{{ name }}', +data__template = '{{ template }}', +data__translations = '{{ translations }}', +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +created, +lastUpdated, +template, +translations, +type; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_sms_template" + values={[ + { label: 'delete_sms_template', value: 'delete_sms_template' } + ]} +> +<TabItem value="delete_sms_template"> + +Deletes an SMS template + +```sql +DELETE FROM okta.templates.sms_templates +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/threats/current_configuration/index.md b/website/docs/services/threats/current_configuration/index.md new file mode 100644 index 0000000..b91bf45 --- /dev/null +++ b/website/docs/services/threats/current_configuration/index.md @@ -0,0 +1,190 @@ +--- +title: current_configuration +hide_title: false +hide_table_of_contents: false +keywords: + - current_configuration + - threats + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>current_configuration</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>current_configuration</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.threats.current_configuration" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_current_configuration" + values={[ + { label: 'get_current_configuration', value: 'get_current_configuration' } + ]} +> +<TabItem value="get_current_configuration"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="action" /></td> + <td><code>string</code></td> + <td>Specifies how Okta responds to authentication requests from suspicious IP addresses (example: none)</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the ThreatInsight Configuration object was created (example: 2020-08-05T22:18:30.629Z)</td> +</tr> +<tr> + <td><CopyableCode code="excludeZones" /></td> + <td><code>array</code></td> + <td>Accepts a list of [Network Zone](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/NetworkZone/) IDs. IPs in the excluded network zones aren't logged or blocked. This ensures that traffic from known, trusted IPs isn't accidentally logged or blocked.</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the ThreatInsight Configuration object was last updated (example: 2020-09-08T20:53:20.882Z)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_current_configuration"><CopyableCode code="get_current_configuration" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the ThreatInsight configuration for the org</td> +</tr> +<tr> + <td><a href="#update_configuration"><CopyableCode code="update_configuration" /></a></td> + <td><CopyableCode code="update" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Updates the ThreatInsight configuration for the org</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_current_configuration" + values={[ + { label: 'get_current_configuration', value: 'get_current_configuration' } + ]} +> +<TabItem value="get_current_configuration"> + +Retrieves the ThreatInsight configuration for the org + +```sql +SELECT +_links, +action, +created, +excludeZones, +lastUpdated +FROM okta.threats.current_configuration +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `UPDATE` examples + +<Tabs + defaultValue="update_configuration" + values={[ + { label: 'update_configuration', value: 'update_configuration' } + ]} +> +<TabItem value="update_configuration"> + +Updates the ThreatInsight configuration for the org + +```sql +UPDATE okta.threats.current_configuration +SET +data__action = '{{ action }}', +data__excludeZones = '{{ excludeZones }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__action = '{{ action }}' --required +RETURNING +_links, +action, +created, +excludeZones, +lastUpdated; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/threats/index.md b/website/docs/services/threats/index.md new file mode 100644 index 0000000..46f0717 --- /dev/null +++ b/website/docs/services/threats/index.md @@ -0,0 +1,33 @@ +--- +title: threats +hide_title: false +hide_table_of_contents: false +keywords: + - threats + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +threats service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/threats/current_configuration/">current_configuration</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/trustedorigins/index.md b/website/docs/services/trustedorigins/index.md new file mode 100644 index 0000000..e0d3d91 --- /dev/null +++ b/website/docs/services/trustedorigins/index.md @@ -0,0 +1,33 @@ +--- +title: trustedorigins +hide_title: false +hide_table_of_contents: false +keywords: + - trustedorigins + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +trustedorigins service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/trustedorigins/trusted_origins/">trusted_origins</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/trustedorigins/trusted_origins/index.md b/website/docs/services/trustedorigins/trusted_origins/index.md new file mode 100644 index 0000000..155c4e7 --- /dev/null +++ b/website/docs/services/trustedorigins/trusted_origins/index.md @@ -0,0 +1,493 @@ +--- +title: trusted_origins +hide_title: false +hide_table_of_contents: false +keywords: + - trusted_origins + - trustedorigins + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>trusted_origins</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>trusted_origins</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.trustedorigins.trusted_origins" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_trusted_origins" + values={[ + { label: 'list_trusted_origins', value: 'list_trusted_origins' }, + { label: 'get_trusted_origin', value: 'get_trusted_origin' } + ]} +> +<TabItem value="list_trusted_origins"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique identifier for the trusted origin</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Unique name for the trusted origin</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the trusted origin was created</td> +</tr> +<tr> + <td><CopyableCode code="createdBy" /></td> + <td><code>string</code></td> + <td>The ID of the user who created the trusted origin</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the trusted origin was last updated</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdatedBy" /></td> + <td><code>string</code></td> + <td>The ID of the user who last updated the trusted origin</td> +</tr> +<tr> + <td><CopyableCode code="origin" /></td> + <td><code>string</code></td> + <td>Unique origin URL for the trusted origin. The supported schemes for this attribute are HTTP, HTTPS, FTP, Ionic 2, and Capacitor.</td> +</tr> +<tr> + <td><CopyableCode code="scopes" /></td> + <td><code>array</code></td> + <td>Array of scope types that this trusted origin is used for</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_trusted_origin"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique identifier for the trusted origin</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Unique name for the trusted origin</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the trusted origin was created</td> +</tr> +<tr> + <td><CopyableCode code="createdBy" /></td> + <td><code>string</code></td> + <td>The ID of the user who created the trusted origin</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the trusted origin was last updated</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdatedBy" /></td> + <td><code>string</code></td> + <td>The ID of the user who last updated the trusted origin</td> +</tr> +<tr> + <td><CopyableCode code="origin" /></td> + <td><code>string</code></td> + <td>Unique origin URL for the trusted origin. The supported schemes for this attribute are HTTP, HTTPS, FTP, Ionic 2, and Capacitor.</td> +</tr> +<tr> + <td><CopyableCode code="scopes" /></td> + <td><code>array</code></td> + <td>Array of scope types that this trusted origin is used for</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_trusted_origins"><CopyableCode code="list_trusted_origins" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-q"><code>q</code></a>, <a href="#parameter-filter"><code>filter</code></a>, <a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a></td> + <td>Lists all trusted origins</td> +</tr> +<tr> + <td><a href="#get_trusted_origin"><CopyableCode code="get_trusted_origin" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a trusted origin</td> +</tr> +<tr> + <td><a href="#create_trusted_origin"><CopyableCode code="create_trusted_origin" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a trusted origin</td> +</tr> +<tr> + <td><a href="#replace_trusted_origin"><CopyableCode code="replace_trusted_origin" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces a trusted origin</td> +</tr> +<tr> + <td><a href="#delete_trusted_origin"><CopyableCode code="delete_trusted_origin" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a trusted origin</td> +</tr> +<tr> + <td><a href="#activate_trusted_origin"><CopyableCode code="activate_trusted_origin" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Activates a trusted origin. Sets the `status` to `ACTIVE`.</td> +</tr> +<tr> + <td><a href="#deactivate_trusted_origin"><CopyableCode code="deactivate_trusted_origin" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deactivates a trusted origin. Sets the `status` to `INACTIVE`.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>After cursor provided by a prior request</td> +</tr> +<tr id="parameter-filter"> + <td><CopyableCode code="filter" /></td> + <td><code>string</code></td> + <td>[Filter](https://developer.okta.com/docs/api/#filter) trusted origins with a supported expression for a subset of properties. You can filter on the following properties: `name`, `origin`, `status`, and `type` (type of scopes). </td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer (int32)</code></td> + <td>Specifies the number of results</td> +</tr> +<tr id="parameter-q"> + <td><CopyableCode code="q" /></td> + <td><code>string</code></td> + <td>A search string that prefix matches against the `name` and `origin`</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_trusted_origins" + values={[ + { label: 'list_trusted_origins', value: 'list_trusted_origins' }, + { label: 'get_trusted_origin', value: 'get_trusted_origin' } + ]} +> +<TabItem value="list_trusted_origins"> + +Lists all trusted origins + +```sql +SELECT +id, +name, +_links, +created, +createdBy, +lastUpdated, +lastUpdatedBy, +origin, +scopes, +status +FROM okta.trustedorigins.trusted_origins +WHERE subdomain = '{{ subdomain }}' -- required +AND q = '{{ q }}' +AND filter = '{{ filter }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` +</TabItem> +<TabItem value="get_trusted_origin"> + +Retrieves a trusted origin + +```sql +SELECT +id, +name, +_links, +created, +createdBy, +lastUpdated, +lastUpdatedBy, +origin, +scopes, +status +FROM okta.trustedorigins.trusted_origins +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_trusted_origin" + values={[ + { label: 'create_trusted_origin', value: 'create_trusted_origin' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_trusted_origin"> + +Creates a trusted origin + +```sql +INSERT INTO okta.trustedorigins.trusted_origins ( +data__name, +data__origin, +data__scopes, +subdomain +) +SELECT +'{{ name }}', +'{{ origin }}', +'{{ scopes }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +created, +createdBy, +lastUpdated, +lastUpdatedBy, +origin, +scopes, +status +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: trusted_origins + props: + - name: subdomain + value: string + description: Required parameter for the trusted_origins resource. + - name: name + value: string + description: > + Unique name for the trusted origin + + - name: origin + value: string + description: > + Unique origin URL for the trusted origin. The supported schemes for this attribute are HTTP, HTTPS, FTP, Ionic 2, and Capacitor. + + - name: scopes + value: array + description: > + Array of scope types that this trusted origin is used for + +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_trusted_origin" + values={[ + { label: 'replace_trusted_origin', value: 'replace_trusted_origin' } + ]} +> +<TabItem value="replace_trusted_origin"> + +Replaces a trusted origin + +```sql +REPLACE okta.trustedorigins.trusted_origins +SET +data__createdBy = '{{ createdBy }}', +data__lastUpdatedBy = '{{ lastUpdatedBy }}', +data__name = '{{ name }}', +data__origin = '{{ origin }}', +data__scopes = '{{ scopes }}', +data__status = '{{ status }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +id, +name, +_links, +created, +createdBy, +lastUpdated, +lastUpdatedBy, +origin, +scopes, +status; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_trusted_origin" + values={[ + { label: 'delete_trusted_origin', value: 'delete_trusted_origin' } + ]} +> +<TabItem value="delete_trusted_origin"> + +Deletes a trusted origin + +```sql +DELETE FROM okta.trustedorigins.trusted_origins +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="activate_trusted_origin" + values={[ + { label: 'activate_trusted_origin', value: 'activate_trusted_origin' }, + { label: 'deactivate_trusted_origin', value: 'deactivate_trusted_origin' } + ]} +> +<TabItem value="activate_trusted_origin"> + +Activates a trusted origin. Sets the `status` to `ACTIVE`. + +```sql +EXEC okta.trustedorigins.trusted_origins.activate_trusted_origin +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="deactivate_trusted_origin"> + +Deactivates a trusted origin. Sets the `status` to `INACTIVE`. + +```sql +EXEC okta.trustedorigins.trusted_origins.deactivate_trusted_origin +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/admin_app_targets/index.md b/website/docs/services/users/admin_app_targets/index.md new file mode 100644 index 0000000..d2b08b2 --- /dev/null +++ b/website/docs/services/users/admin_app_targets/index.md @@ -0,0 +1,250 @@ +--- +title: admin_app_targets +hide_title: false +hide_table_of_contents: false +keywords: + - admin_app_targets + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an <code>admin_app_targets</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>admin_app_targets</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.admin_app_targets" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_application_targets_for_application_administrator_role_for_user" + values={[ + { label: 'list_application_targets_for_application_administrator_role_for_user', value: 'list_application_targets_for_application_administrator_role_for_user' } + ]} +> +<TabItem value="list_application_targets_for_application_administrator_role_for_user"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>ID of the app instance. Okta returns this property only for apps not in the OIN catalog.</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>App key name. For OIN catalog apps, this is a unique key for the app definition.</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification</td> +</tr> +<tr> + <td><CopyableCode code="category" /></td> + <td><code>string</code></td> + <td>Category for the app in the OIN catalog (example: SOCIAL)</td> +</tr> +<tr> + <td><CopyableCode code="description" /></td> + <td><code>string</code></td> + <td>Description of the app in the OIN catalog</td> +</tr> +<tr> + <td><CopyableCode code="displayName" /></td> + <td><code>string</code></td> + <td>OIN catalog app display name</td> +</tr> +<tr> + <td><CopyableCode code="features" /></td> + <td><code>array</code></td> + <td>Features supported by the app. See app [features](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/features&t=response).</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was last updated (example: 2024-09-19T23:37:37.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="signOnModes" /></td> + <td><code>array</code></td> + <td>Authentication mode for the app. See app [signOnMode](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications!c=200&path=0/signOnMode&t=response).</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>App status</td> +</tr> +<tr> + <td><CopyableCode code="verificationStatus" /></td> + <td><code>string</code></td> + <td>OIN verification status of the catalog app (example: OKTA_VERIFIED)</td> +</tr> +<tr> + <td><CopyableCode code="website" /></td> + <td><code>string</code></td> + <td>Website of the OIN catalog app</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_application_targets_for_application_administrator_role_for_user"><CopyableCode code="list_application_targets_for_application_administrator_role_for_user" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a></td> + <td>Lists all app targets for an `APP_ADMIN` role assigned to a user. The response is a list that includes OIN-cataloged apps or app instances. The response payload for an app instance contains the `id` property, but an OIN-cataloged app payload doesn't.</td> +</tr> +<tr> + <td><a href="#unassign_app_target_from_app_admin_role_for_user"><CopyableCode code="unassign_app_target_from_app_admin_role_for_user" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Unassigns an OIN app target from an `APP_ADMIN` role assignment to an admin user.<br /><br />> **Note:** You can't remove the last OIN app target from a role assignment since this causes an exception.<br />> If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment to the user and recreate a new one.<br /></td> +</tr> +<tr> + <td><a href="#unassign_app_instance_target_from_admin_role_for_user"><CopyableCode code="unassign_app_instance_target_from_admin_role_for_user" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Unassigns an app instance target from an `APP_ADMIN` role assignment to an admin user.<br /><br />> **Note:** You can't remove the last app instance target from a role assignment since this causes an exception.<br />> If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment and recreate a new one.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer</code></td> + <td>A limit on the number of objects to return</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_application_targets_for_application_administrator_role_for_user" + values={[ + { label: 'list_application_targets_for_application_administrator_role_for_user', value: 'list_application_targets_for_application_administrator_role_for_user' } + ]} +> +<TabItem value="list_application_targets_for_application_administrator_role_for_user"> + +Lists all app targets for an `APP_ADMIN` role assigned to a user. The response is a list that includes OIN-cataloged apps or app instances. The response payload for an app instance contains the `id` property, but an OIN-cataloged app payload doesn't. + +```sql +SELECT +id, +name, +_links, +category, +description, +displayName, +features, +lastUpdated, +signOnModes, +status, +verificationStatus, +website +FROM okta.users.admin_app_targets +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="unassign_app_target_from_app_admin_role_for_user" + values={[ + { label: 'unassign_app_target_from_app_admin_role_for_user', value: 'unassign_app_target_from_app_admin_role_for_user' }, + { label: 'unassign_app_instance_target_from_admin_role_for_user', value: 'unassign_app_instance_target_from_admin_role_for_user' } + ]} +> +<TabItem value="unassign_app_target_from_app_admin_role_for_user"> + +Unassigns an OIN app target from an `APP_ADMIN` role assignment to an admin user.<br /><br />> **Note:** You can't remove the last OIN app target from a role assignment since this causes an exception.<br />> If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment to the user and recreate a new one.<br /> + +```sql +DELETE FROM okta.users.admin_app_targets +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="unassign_app_instance_target_from_admin_role_for_user"> + +Unassigns an app instance target from an `APP_ADMIN` role assignment to an admin user.<br /><br />> **Note:** You can't remove the last app instance target from a role assignment since this causes an exception.<br />> If you need a role assignment that applies to all apps, delete the `APP_ADMIN` role assignment and recreate a new one. + +```sql +DELETE FROM okta.users.admin_app_targets +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/app_links/index.md b/website/docs/services/users/app_links/index.md new file mode 100644 index 0000000..4ef49ad --- /dev/null +++ b/website/docs/services/users/app_links/index.md @@ -0,0 +1,182 @@ +--- +title: app_links +hide_title: false +hide_table_of_contents: false +keywords: + - app_links + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an <code>app_links</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>app_links</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.app_links" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_app_links" + values={[ + { label: 'list_app_links', value: 'list_app_links' } + ]} +> +<TabItem value="list_app_links"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="appAssignmentId" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="appInstanceId" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="appName" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="credentialsSetup" /></td> + <td><code>boolean</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="hidden" /></td> + <td><code>boolean</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="label" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="linkUrl" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="logoUrl" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="sortOrder" /></td> + <td><code>integer</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_app_links"><CopyableCode code="list_app_links" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all app links for all direct or indirect (through group membership) assigned apps.<br /><br />> **Note:** To list all apps in an org, use the [List all applications endpoint in the Applications API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications).</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_app_links" + values={[ + { label: 'list_app_links', value: 'list_app_links' } + ]} +> +<TabItem value="list_app_links"> + +Lists all app links for all direct or indirect (through group membership) assigned apps.<br /><br />> **Note:** To list all apps in an org, use the [List all applications endpoint in the Applications API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/#tag/Application/operation/listApplications). + +```sql +SELECT +id, +appAssignmentId, +appInstanceId, +appName, +credentialsSetup, +hidden, +label, +linkUrl, +logoUrl, +sortOrder +FROM okta.users.app_links +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/authenticator_enrollments/index.md b/website/docs/services/users/authenticator_enrollments/index.md new file mode 100644 index 0000000..014f251 --- /dev/null +++ b/website/docs/services/users/authenticator_enrollments/index.md @@ -0,0 +1,333 @@ +--- +title: authenticator_enrollments +hide_title: false +hide_table_of_contents: false +keywords: + - authenticator_enrollments + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an <code>authenticator_enrollments</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>authenticator_enrollments</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.authenticator_enrollments" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_authenticator_enrollments" + values={[ + { label: 'list_authenticator_enrollments', value: 'list_authenticator_enrollments' }, + { label: 'get_authenticator_enrollment', value: 'get_authenticator_enrollment' } + ]} +> +<TabItem value="list_authenticator_enrollments"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>The unique identifier of the authenticator enrollment</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>The authenticator display name</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the authenticator enrollment was created</td> +</tr> +<tr> + <td><CopyableCode code="key" /></td> + <td><code>string</code></td> + <td>A human-readable string that identifies the authenticator</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the authenticator enrollment was last updated</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code>object</code></td> + <td>Defines the authenticator specific parameters</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Status of the enrollment</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>The type of authenticator</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_authenticator_enrollment"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_authenticator_enrollments"><CopyableCode code="list_authenticator_enrollments" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all authenticator enrollments of the specified user</td> +</tr> +<tr> + <td><a href="#get_authenticator_enrollment"><CopyableCode code="get_authenticator_enrollment" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a user's authenticator enrollment by `enrollmentId`</td> +</tr> +<tr> + <td><a href="#create_authenticator_enrollment"><CopyableCode code="create_authenticator_enrollment" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-userId"><code>userId</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a Phone authenticator enrollment that's automatically activated</td> +</tr> +<tr> + <td><a href="#create_tac_authenticator_enrollment"><CopyableCode code="create_tac_authenticator_enrollment" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-userId"><code>userId</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates an auto-activated Temporary access code (TAC) authenticator enrollment</td> +</tr> +<tr> + <td><a href="#delete_authenticator_enrollment"><CopyableCode code="delete_authenticator_enrollment" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes an existing enrollment for the specified user. The user can enroll the authenticator again.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-userId"> + <td><CopyableCode code="userId" /></td> + <td><code>string</code></td> + <td>ID of an existing Okta user</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_authenticator_enrollments" + values={[ + { label: 'list_authenticator_enrollments', value: 'list_authenticator_enrollments' }, + { label: 'get_authenticator_enrollment', value: 'get_authenticator_enrollment' } + ]} +> +<TabItem value="list_authenticator_enrollments"> + +Lists all authenticator enrollments of the specified user + +```sql +SELECT +id, +name, +_links, +created, +key, +lastUpdated, +profile, +status, +type +FROM okta.users.authenticator_enrollments +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +<TabItem value="get_authenticator_enrollment"> + +Retrieves a user's authenticator enrollment by `enrollmentId` + +```sql +SELECT +* +FROM okta.users.authenticator_enrollments +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_authenticator_enrollment" + values={[ + { label: 'create_authenticator_enrollment', value: 'create_authenticator_enrollment' }, + { label: 'create_tac_authenticator_enrollment', value: 'create_tac_authenticator_enrollment' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_authenticator_enrollment"> + +Creates a Phone authenticator enrollment that's automatically activated + +```sql +INSERT INTO okta.users.authenticator_enrollments ( +data__authenticatorId, +data__profile, +userId, +subdomain +) +SELECT +'{{ authenticatorId }}' --required, +'{{ profile }}' --required, +'{{ userId }}', +'{{ subdomain }}' +; +``` +</TabItem> +<TabItem value="create_tac_authenticator_enrollment"> + +Creates an auto-activated Temporary access code (TAC) authenticator enrollment + +```sql +INSERT INTO okta.users.authenticator_enrollments ( +data__authenticatorId, +data__profile, +userId, +subdomain +) +SELECT +'{{ authenticatorId }}' --required, +'{{ profile }}', +'{{ userId }}', +'{{ subdomain }}' +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: authenticator_enrollments + props: + - name: userId + value: string + description: Required parameter for the authenticator_enrollments resource. + - name: subdomain + value: string + description: Required parameter for the authenticator_enrollments resource. + - name: authenticatorId + value: string + description: > + Unique identifier of the TAC authenticator + + - name: profile + value: object + description: > + Defines the authenticator specific parameters + +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_authenticator_enrollment" + values={[ + { label: 'delete_authenticator_enrollment', value: 'delete_authenticator_enrollment' } + ]} +> +<TabItem value="delete_authenticator_enrollment"> + +Deletes an existing enrollment for the specified user. The user can enroll the authenticator again. + +```sql +DELETE FROM okta.users.authenticator_enrollments +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/classifications/index.md b/website/docs/services/users/classifications/index.md new file mode 100644 index 0000000..676208d --- /dev/null +++ b/website/docs/services/users/classifications/index.md @@ -0,0 +1,167 @@ +--- +title: classifications +hide_title: false +hide_table_of_contents: false +keywords: + - classifications + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>classifications</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>classifications</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.classifications" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_user_classification" + values={[ + { label: 'get_user_classification', value: 'get_user_classification' } + ]} +> +<TabItem value="get_user_classification"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the user classification was last updated</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>The type of user classification</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_user_classification"><CopyableCode code="get_user_classification" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a user's classification</td> +</tr> +<tr> + <td><a href="#replace_user_classification"><CopyableCode code="replace_user_classification" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces the user's classification</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_user_classification" + values={[ + { label: 'get_user_classification', value: 'get_user_classification' } + ]} +> +<TabItem value="get_user_classification"> + +Retrieves a user's classification + +```sql +SELECT +lastUpdated, +type +FROM okta.users.classifications +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_user_classification" + values={[ + { label: 'replace_user_classification', value: 'replace_user_classification' } + ]} +> +<TabItem value="replace_user_classification"> + +Replaces the user's classification + +```sql +REPLACE okta.users.classifications +SET +data__type = '{{ type }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +lastUpdated, +type; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/factors/index.md b/website/docs/services/users/factors/index.md new file mode 100644 index 0000000..b5e33e1 --- /dev/null +++ b/website/docs/services/users/factors/index.md @@ -0,0 +1,499 @@ +--- +title: factors +hide_title: false +hide_table_of_contents: false +keywords: + - factors + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>factors</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>factors</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.factors" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_factors" + values={[ + { label: 'list_factors', value: 'list_factors' }, + { label: 'get_factor', value: 'get_factor' }, + { label: 'get_factor_transaction_status', value: 'get_factor_transaction_status' } + ]} +> +<TabItem value="list_factors"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>ID of the factor (example: caf8m6jbcvUH8mAep1d7)</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the factor was enrolled (example: 2022-08-25T00:31:00.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="factorType" /></td> + <td><code>string</code></td> + <td>Type of factor</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the factor was last updated (example: 2022-08-25T00:31:00.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code>object</code></td> + <td>Specific attributes related to the factor</td> +</tr> +<tr> + <td><CopyableCode code="provider" /></td> + <td><code>string</code></td> + <td>Provider for the factor. Each provider can support a subset of factor types.</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Status of the factor (example: ACTIVE)</td> +</tr> +<tr> + <td><CopyableCode code="vendorName" /></td> + <td><code>string</code></td> + <td>Name of the factor vendor. This is usually the same as the provider except for On-Prem MFA, which depends on admin settings. (example: OKTA)</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_factor"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +</tbody> +</table> +</TabItem> +<TabItem value="get_factor_transaction_status"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="factorResult" /></td> + <td><code>string</code></td> + <td>Result of the verification transaction</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_factors"><CopyableCode code="list_factors" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all enrolled factors for the specified user that are included in the highest priority [authenticator enrollment policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) that applies to the user.<br /><br />Only enrolled factors that are `REQUIRED` or `OPTIONAL` in the highest priority authenticator enrollment policy can be returned.<br /><br />> **Note:** When admins use this endpoint for other users, the authenticator enrollment policy that's evaluated can vary depending on how client-specific conditions are configured in the rules of an authenticator enrollment policy. The client-specific conditions of the admin's client are used during policy evaluation instead of the client-specific conditions of the user. This can affect which authenticator enrollment policy is evaluated and which factors are returned.<br />><br />> For example, an admin in Europe lists all enrolled factors for a user in North America. The network zone of the admin's client (in Europe) is used during policy evaluation instead of the network zone of the user (in North America).</td> +</tr> +<tr> + <td><a href="#get_factor"><CopyableCode code="get_factor" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves an existing factor for the specified user</td> +</tr> +<tr> + <td><a href="#get_factor_transaction_status"><CopyableCode code="get_factor_transaction_status" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the status of a `push` factor verification transaction<br /><br /> > **Note:**<br /> > The response body for a number matching push challenge to an Okta Verify `push` factor enrollment is different from the response body of a standard push challenge. <br /> > The number matching push challenge [response body](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/getFactorTransactionStatus!c=200&path=1/_embedded&t=response) contains the correct answer for the challenge.<br /> > Use [Verify a factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor) to configure which challenge is sent.</td> +</tr> +<tr> + <td><a href="#enroll_factor"><CopyableCode code="enroll_factor" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-updatePhone"><code>updatePhone</code></a>, <a href="#parameter-templateId"><code>templateId</code></a>, <a href="#parameter-tokenLifetimeSeconds"><code>tokenLifetimeSeconds</code></a>, <a href="#parameter-activate"><code>activate</code></a>, <a href="#parameter-Accept-Language"><code>Accept-Language</code></a></td> + <td>Enrolls a supported factor for the specified user<br /><br />> **Notes:** <br />> * All responses return the enrolled factor with a status of either `PENDING_ACTIVATION` or `ACTIVE`.<br />> * You can't use the Factors API to enroll Okta Fastpass (`signed_nonce`) for a user. See [Configure Okta Fastpass](https://help.okta.com/okta_help.htm?type=oie&id=ext-fp-configure).<br /><br />#### Additional SMS/Call factor information<br /><br />* **Rate limits**: Okta may return a `429 Too Many Requests` status code if you attempt to resend an SMS or a voice call challenge (OTP) within the same time window. The current [rate limit](https://developer.okta.com/docs/reference/rate-limits/) is one SMS/CALL challenge per phone number every 30 seconds.<br /><br />* **Existing phone numbers**: Okta may return a `400 Bad Request` status code if a user attempts to enroll with a different phone number when the user has an existing mobile phone or has an existing phone with voice call capability. A user can enroll only one mobile phone for `sms` and enroll only one voice call capable phone for `call` factor.<br /><br />#### Additional WebAuthn factor information<br /><br />* For detailed information on the WebAuthn standard, including an up-to-date list of supported browsers, see [webauthn.me](https://a0.to/webauthnme-okta-docs).<br /><br />* When you enroll a WebAuthn factor, the `activation` object in `_embedded` contains properties used to help the client to create a new WebAuthn credential for use with Okta. See the [WebAuthn spec for PublicKeyCredentialCreationOptions](https://www.w3.org/TR/webauthn/#dictionary-makecredentialoptions).<br /><br />#### Additional Custom TOTP factor information<br /><br />* The enrollment process involves passing both the `factorProfileId` and `sharedSecret` properties for a token.<br /><br />* A factor profile represents a particular configuration of the Custom TOTP factor. It includes certain properties that match the hardware token that end users possess, such as the HMAC algorithm, passcode length, and time interval. There can be multiple Custom TOTP factor profiles per org, but users can only enroll in one Custom TOTP factor. Admins can [create Custom TOTP factor profiles](https://help.okta.com/okta_help.htm?id=ext-mfa-totp) in the Admin Console. Then, copy the `factorProfileId` from the Admin Console into the API request.<br /><br />* <x-lifecycle class="oie"></x-lifecycle><br />For Custom TOTP enrollment, Okta automaticaly enrolls a user with a `token:software:totp` factor and the `push` factor if the user isn't currently enrolled with these factors.</td> +</tr> +<tr> + <td><a href="#unenroll_factor"><CopyableCode code="unenroll_factor" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-removeRecoveryEnrollment"><code>removeRecoveryEnrollment</code></a></td> + <td>Unenrolls an existing factor for the specified user. You can't unenroll a factor from a deactivated user. Unenrolling a factor allows the user to enroll a new factor.<br /><br />> **Note:** If you unenroll the `push` or the `signed_nonce` factors, Okta also unenrolls any other `totp`, `signed_nonce`, or Okta Verify `push` factors associated with the user.</td> +</tr> +<tr> + <td><a href="#activate_factor"><CopyableCode code="activate_factor" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Activates a factor. Some factors (`call`, `email`, `push`, `sms`, `token:software:totp`, `u2f`, and `webauthn`) require activation to complete the enrollment process.<br /><br />Okta enforces a rate limit of five activation attempts within five minutes. After a user exceeds the rate limit, Okta returns an error message.<br /><br />> **Notes:** <br />> * If the user exceeds their SMS, call, or email factor activation rate limit, then an [OTP resend request]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/ isn't allowed for the same factor.<br />> * You can't use the Factors API to activate Okta Fastpass (`signed_nonce`) for a user. See [Configure Okta Fastpass](https://help.okta.com/okta_help.htm?type=oie&id=ext-fp-configure).</td> +</tr> +<tr> + <td><a href="#resend_enroll_factor"><CopyableCode code="resend_enroll_factor" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-templateId"><code>templateId</code></a></td> + <td>Resends an `sms`, `call`, or `email` factor challenge as part of an enrollment flow.<br /><br />For `call` and `sms` factors, Okta enforces a rate limit of one OTP challenge per device every 30 seconds. You can configure your `sms` and `call` factors to use a third-party telephony provider. See the [Telephony inline hook reference](https://developer.okta.com/docs/reference/telephony-hook/). Okta alternates between SMS providers with every resend request to ensure delivery of SMS and Call OTPs across different carriers.<br /><br />> **Note:** Resend operations aren't allowed after a factor exceeds the activation rate limit. See [Activate a factor]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/.</td> +</tr> +<tr> + <td><a href="#verify_factor"><CopyableCode code="verify_factor" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-templateId"><code>templateId</code></a>, <a href="#parameter-tokenLifetimeSeconds"><code>tokenLifetimeSeconds</code></a>, <a href="#parameter-X-Forwarded-For"><code>X-Forwarded-For</code></a>, <a href="#parameter-User-Agent"><code>User-Agent</code></a>, <a href="#parameter-Accept-Language"><code>Accept-Language</code></a></td> + <td>Verifies an OTP for a factor. Some factors (`call`, `email`, `push`, `sms`, `u2f`, and `webauthn`) must first issue a challenge before you can verify the factor. Do this by making a request without a body. After a challenge is issued, make another request to verify the factor.<br /><br />> **Notes:**<br />> - You can send standard push challenges or number matching push challenges to Okta Verify `push` factor enrollments. Use a [request body](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor!path=2/useNumberMatchingChallenge&t=request) for number matching push challenges. <br />> - To verify a `push` factor, use the **poll** link returned when you issue the challenge. See [Retrieve a factor transaction status](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/getFactorTransactionStatus).</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-Accept-Language"> + <td><CopyableCode code="Accept-Language" /></td> + <td><code>string</code></td> + <td>An ISO 639-1 two-letter language code that defines a localized message to send. This parameter is only used by `sms` factors. If a localized message doesn't exist or the `templateId` is incorrect, the default template is used instead.</td> +</tr> +<tr id="parameter-User-Agent"> + <td><CopyableCode code="User-Agent" /></td> + <td><code>string</code></td> + <td>Type of user agent detected when the request is made. Required to verify `push` factors.</td> +</tr> +<tr id="parameter-X-Forwarded-For"> + <td><CopyableCode code="X-Forwarded-For" /></td> + <td><code>string</code></td> + <td>Public IP address for the user agent</td> +</tr> +<tr id="parameter-activate"> + <td><CopyableCode code="activate" /></td> + <td><code>boolean</code></td> + <td>If `true`, the factor is immediately activated as part of the enrollment. An activation process isn't required. Currently auto-activation is supported by `sms`, `call`, `email` and `token:hotp` (Custom TOTP) factors.</td> +</tr> +<tr id="parameter-removeRecoveryEnrollment"> + <td><CopyableCode code="removeRecoveryEnrollment" /></td> + <td><code>boolean</code></td> + <td>If `true`, removes the phone number as both a recovery method and a factor. This parameter is only used for the `sms` and `call` factors.</td> +</tr> +<tr id="parameter-templateId"> + <td><CopyableCode code="templateId" /></td> + <td><code>string</code></td> + <td>ID of an existing custom SMS template. See the [SMS Templates API]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/. This parameter is only used by `sms` factors.</td> +</tr> +<tr id="parameter-tokenLifetimeSeconds"> + <td><CopyableCode code="tokenLifetimeSeconds" /></td> + <td><code>integer (int32)</code></td> + <td>Defines how long the token remains valid</td> +</tr> +<tr id="parameter-updatePhone"> + <td><CopyableCode code="updatePhone" /></td> + <td><code>boolean</code></td> + <td>If `true`, indicates that you are replacing the currently registered phone number for the specified user. This parameter is ignored if the existing phone number is used by an activated factor.</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_factors" + values={[ + { label: 'list_factors', value: 'list_factors' }, + { label: 'get_factor', value: 'get_factor' }, + { label: 'get_factor_transaction_status', value: 'get_factor_transaction_status' } + ]} +> +<TabItem value="list_factors"> + +Lists all enrolled factors for the specified user that are included in the highest priority [authenticator enrollment policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) that applies to the user.<br /><br />Only enrolled factors that are `REQUIRED` or `OPTIONAL` in the highest priority authenticator enrollment policy can be returned.<br /><br />> **Note:** When admins use this endpoint for other users, the authenticator enrollment policy that's evaluated can vary depending on how client-specific conditions are configured in the rules of an authenticator enrollment policy. The client-specific conditions of the admin's client are used during policy evaluation instead of the client-specific conditions of the user. This can affect which authenticator enrollment policy is evaluated and which factors are returned.<br />><br />> For example, an admin in Europe lists all enrolled factors for a user in North America. The network zone of the admin's client (in Europe) is used during policy evaluation instead of the network zone of the user (in North America). + +```sql +SELECT +id, +_embedded, +_links, +created, +factorType, +lastUpdated, +profile, +provider, +status, +vendorName +FROM okta.users.factors +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +<TabItem value="get_factor"> + +Retrieves an existing factor for the specified user + +```sql +SELECT +* +FROM okta.users.factors +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +<TabItem value="get_factor_transaction_status"> + +Retrieves the status of a `push` factor verification transaction<br /><br /> > **Note:**<br /> > The response body for a number matching push challenge to an Okta Verify `push` factor enrollment is different from the response body of a standard push challenge. <br /> > The number matching push challenge [response body](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/getFactorTransactionStatus!c=200&path=1/_embedded&t=response) contains the correct answer for the challenge.<br /> > Use [Verify a factor](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor) to configure which challenge is sent. + +```sql +SELECT +factorResult +FROM okta.users.factors +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="enroll_factor" + values={[ + { label: 'enroll_factor', value: 'enroll_factor' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="enroll_factor"> + +Enrolls a supported factor for the specified user<br /><br />> **Notes:** <br />> * All responses return the enrolled factor with a status of either `PENDING_ACTIVATION` or `ACTIVE`.<br />> * You can't use the Factors API to enroll Okta Fastpass (`signed_nonce`) for a user. See [Configure Okta Fastpass](https://help.okta.com/okta_help.htm?type=oie&id=ext-fp-configure).<br /><br />#### Additional SMS/Call factor information<br /><br />* **Rate limits**: Okta may return a `429 Too Many Requests` status code if you attempt to resend an SMS or a voice call challenge (OTP) within the same time window. The current [rate limit](https://developer.okta.com/docs/reference/rate-limits/) is one SMS/CALL challenge per phone number every 30 seconds.<br /><br />* **Existing phone numbers**: Okta may return a `400 Bad Request` status code if a user attempts to enroll with a different phone number when the user has an existing mobile phone or has an existing phone with voice call capability. A user can enroll only one mobile phone for `sms` and enroll only one voice call capable phone for `call` factor.<br /><br />#### Additional WebAuthn factor information<br /><br />* For detailed information on the WebAuthn standard, including an up-to-date list of supported browsers, see [webauthn.me](https://a0.to/webauthnme-okta-docs).<br /><br />* When you enroll a WebAuthn factor, the `activation` object in `_embedded` contains properties used to help the client to create a new WebAuthn credential for use with Okta. See the [WebAuthn spec for PublicKeyCredentialCreationOptions](https://www.w3.org/TR/webauthn/#dictionary-makecredentialoptions).<br /><br />#### Additional Custom TOTP factor information<br /><br />* The enrollment process involves passing both the `factorProfileId` and `sharedSecret` properties for a token.<br /><br />* A factor profile represents a particular configuration of the Custom TOTP factor. It includes certain properties that match the hardware token that end users possess, such as the HMAC algorithm, passcode length, and time interval. There can be multiple Custom TOTP factor profiles per org, but users can only enroll in one Custom TOTP factor. Admins can [create Custom TOTP factor profiles](https://help.okta.com/okta_help.htm?id=ext-mfa-totp) in the Admin Console. Then, copy the `factorProfileId` from the Admin Console into the API request.<br /><br />* <x-lifecycle class="oie"></x-lifecycle><br />For Custom TOTP enrollment, Okta automaticaly enrolls a user with a `token:software:totp` factor and the `push` factor if the user isn't currently enrolled with these factors. + +```sql +INSERT INTO okta.users.factors ( +data__factorType, +data__profile, +data__provider, +subdomain, +updatePhone, +templateId, +tokenLifetimeSeconds, +activate, +Accept-Language +) +SELECT +'{{ factorType }}', +'{{ profile }}', +'{{ provider }}', +'{{ subdomain }}', +'{{ updatePhone }}', +'{{ templateId }}', +'{{ tokenLifetimeSeconds }}', +'{{ activate }}', +'{{ Accept-Language }}' +RETURNING +id, +_embedded, +_links, +created, +factorType, +lastUpdated, +profile, +provider, +status, +vendorName +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: factors + props: + - name: subdomain + value: string + description: Required parameter for the factors resource. + - name: factorType + value: string + description: > + Type of factor + + valid_values: ['call', 'email', 'push', 'question', 'signed_nonce', 'sms', 'token', 'token:hardware', 'token:hotp', 'token:software:totp', 'u2f', 'web', 'webauthn'] + - name: profile + value: object + description: > + Specific attributes related to the factor + + - name: provider + value: string + description: > + Provider for the factor. Each provider can support a subset of factor types. + + - name: updatePhone + value: boolean + description: If `true`, indicates that you are replacing the currently registered phone number for the specified user. This parameter is ignored if the existing phone number is used by an activated factor. + - name: templateId + value: string + description: ID of an existing custom SMS template. See the [SMS Templates API]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Template/. This parameter is only used by `sms` factors. If the provided ID doesn't exist, the default template is used instead. + - name: tokenLifetimeSeconds + value: integer (int32) + description: Defines how long the token remains valid + - name: activate + value: boolean + description: If `true`, the factor is immediately activated as part of the enrollment. An activation process isn't required. Currently auto-activation is supported by `sms`, `call`, `email` and `token:hotp` (Custom TOTP) factors. + - name: Accept-Language + value: string + description: An ISO 639-1 two-letter language code that defines a localized message to send. This parameter is only used by `sms` factors. If a localized message doesn't exist or the `templateId` is incorrect, the default template is used instead. +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="unenroll_factor" + values={[ + { label: 'unenroll_factor', value: 'unenroll_factor' } + ]} +> +<TabItem value="unenroll_factor"> + +Unenrolls an existing factor for the specified user. You can't unenroll a factor from a deactivated user. Unenrolling a factor allows the user to enroll a new factor.<br /><br />> **Note:** If you unenroll the `push` or the `signed_nonce` factors, Okta also unenrolls any other `totp`, `signed_nonce`, or Okta Verify `push` factors associated with the user. + +```sql +DELETE FROM okta.users.factors +WHERE subdomain = '{{ subdomain }}' --required +AND removeRecoveryEnrollment = '{{ removeRecoveryEnrollment }}'; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="activate_factor" + values={[ + { label: 'activate_factor', value: 'activate_factor' }, + { label: 'resend_enroll_factor', value: 'resend_enroll_factor' }, + { label: 'verify_factor', value: 'verify_factor' } + ]} +> +<TabItem value="activate_factor"> + +Activates a factor. Some factors (`call`, `email`, `push`, `sms`, `token:software:totp`, `u2f`, and `webauthn`) require activation to complete the enrollment process.<br /><br />Okta enforces a rate limit of five activation attempts within five minutes. After a user exceeds the rate limit, Okta returns an error message.<br /><br />> **Notes:** <br />> * If the user exceeds their SMS, call, or email factor activation rate limit, then an [OTP resend request]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/ isn't allowed for the same factor.<br />> * You can't use the Factors API to activate Okta Fastpass (`signed_nonce`) for a user. See [Configure Okta Fastpass](https://help.okta.com/okta_help.htm?type=oie&id=ext-fp-configure). + +```sql +EXEC okta.users.factors.activate_factor +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="resend_enroll_factor"> + +Resends an `sms`, `call`, or `email` factor challenge as part of an enrollment flow.<br /><br />For `call` and `sms` factors, Okta enforces a rate limit of one OTP challenge per device every 30 seconds. You can configure your `sms` and `call` factors to use a third-party telephony provider. See the [Telephony inline hook reference](https://developer.okta.com/docs/reference/telephony-hook/). Okta alternates between SMS providers with every resend request to ensure delivery of SMS and Call OTPs across different carriers.<br /><br />> **Note:** Resend operations aren't allowed after a factor exceeds the activation rate limit. See [Activate a factor]https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/. + +```sql +EXEC okta.users.factors.resend_enroll_factor +@subdomain='{{ subdomain }}' --required, +@templateId='{{ templateId }}' +@@json= +'{ +"factorType": "{{ factorType }}" +}'; +``` +</TabItem> +<TabItem value="verify_factor"> + +Verifies an OTP for a factor. Some factors (`call`, `email`, `push`, `sms`, `u2f`, and `webauthn`) must first issue a challenge before you can verify the factor. Do this by making a request without a body. After a challenge is issued, make another request to verify the factor.<br /><br />> **Notes:**<br />> - You can send standard push challenges or number matching push challenges to Okta Verify `push` factor enrollments. Use a [request body](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/verifyFactor!path=2/useNumberMatchingChallenge&t=request) for number matching push challenges. <br />> - To verify a `push` factor, use the **poll** link returned when you issue the challenge. See [Retrieve a factor transaction status](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserFactor/#tag/UserFactor/operation/getFactorTransactionStatus). + +```sql +EXEC okta.users.factors.verify_factor +@subdomain='{{ subdomain }}' --required, +@templateId='{{ templateId }}', +@tokenLifetimeSeconds='{{ tokenLifetimeSeconds }}', +@X-Forwarded-For='{{ X-Forwarded-For }}', +@User-Agent='{{ User-Agent }}', +@Accept-Language='{{ Accept-Language }}'; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/grants/index.md b/website/docs/services/users/grants/index.md new file mode 100644 index 0000000..f290007 --- /dev/null +++ b/website/docs/services/users/grants/index.md @@ -0,0 +1,497 @@ +--- +title: grants +hide_title: false +hide_table_of_contents: false +keywords: + - grants + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>grants</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>grants</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.grants" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_grants_for_user_and_client" + values={[ + { label: 'list_grants_for_user_and_client', value: 'list_grants_for_user_and_client' }, + { label: 'list_user_grants', value: 'list_user_grants' }, + { label: 'get_user_grant', value: 'get_user_grant' } + ]} +> +<TabItem value="list_grants_for_user_and_client"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>ID of the Grant object (example: oag3ih1zrm1cBFOiq0h6)</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>Embedded resources related to the Grant</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="clientId" /></td> + <td><code>string</code></td> + <td>Client ID of the app integration (example: oag3ih1zrm1cBFOiq0h6)</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="createdBy" /></td> + <td><code>object</code></td> + <td>User that created the object</td> +</tr> +<tr> + <td><CopyableCode code="issuer" /></td> + <td><code>string</code></td> + <td>The issuer of your org authorization server. This is typically your Okta domain. (example: https://my_test_okta_org.oktapreview.com)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was last updated</td> +</tr> +<tr> + <td><CopyableCode code="scopeId" /></td> + <td><code>string</code></td> + <td>The name of the [Okta scope](https://developer.okta.com/docs/api/oauth2/#oauth-20-scopes) for which consent is granted (example: okta.users.read)</td> +</tr> +<tr> + <td><CopyableCode code="source" /></td> + <td><code>string</code></td> + <td>User type source that granted consent (example: ADMIN)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Status (example: ACTIVE)</td> +</tr> +<tr> + <td><CopyableCode code="userId" /></td> + <td><code>string</code></td> + <td>User ID that granted consent (if `source` is `END_USER`) (example: 00u5t60iloOHN9pBi0h7)</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="list_user_grants"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>ID of the Grant object (example: oag3ih1zrm1cBFOiq0h6)</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>Embedded resources related to the Grant</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="clientId" /></td> + <td><code>string</code></td> + <td>Client ID of the app integration (example: oag3ih1zrm1cBFOiq0h6)</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="createdBy" /></td> + <td><code>object</code></td> + <td>User that created the object</td> +</tr> +<tr> + <td><CopyableCode code="issuer" /></td> + <td><code>string</code></td> + <td>The issuer of your org authorization server. This is typically your Okta domain. (example: https://my_test_okta_org.oktapreview.com)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was last updated</td> +</tr> +<tr> + <td><CopyableCode code="scopeId" /></td> + <td><code>string</code></td> + <td>The name of the [Okta scope](https://developer.okta.com/docs/api/oauth2/#oauth-20-scopes) for which consent is granted (example: okta.users.read)</td> +</tr> +<tr> + <td><CopyableCode code="source" /></td> + <td><code>string</code></td> + <td>User type source that granted consent (example: ADMIN)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Status (example: ACTIVE)</td> +</tr> +<tr> + <td><CopyableCode code="userId" /></td> + <td><code>string</code></td> + <td>User ID that granted consent (if `source` is `END_USER`) (example: 00u5t60iloOHN9pBi0h7)</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_user_grant"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>ID of the Grant object (example: oag3ih1zrm1cBFOiq0h6)</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>Embedded resources related to the Grant</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="clientId" /></td> + <td><code>string</code></td> + <td>Client ID of the app integration (example: oag3ih1zrm1cBFOiq0h6)</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="createdBy" /></td> + <td><code>object</code></td> + <td>User that created the object</td> +</tr> +<tr> + <td><CopyableCode code="issuer" /></td> + <td><code>string</code></td> + <td>The issuer of your org authorization server. This is typically your Okta domain. (example: https://my_test_okta_org.oktapreview.com)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was last updated</td> +</tr> +<tr> + <td><CopyableCode code="scopeId" /></td> + <td><code>string</code></td> + <td>The name of the [Okta scope](https://developer.okta.com/docs/api/oauth2/#oauth-20-scopes) for which consent is granted (example: okta.users.read)</td> +</tr> +<tr> + <td><CopyableCode code="source" /></td> + <td><code>string</code></td> + <td>User type source that granted consent (example: ADMIN)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Status (example: ACTIVE)</td> +</tr> +<tr> + <td><CopyableCode code="userId" /></td> + <td><code>string</code></td> + <td>User ID that granted consent (if `source` is `END_USER`) (example: 00u5t60iloOHN9pBi0h7)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_grants_for_user_and_client"><CopyableCode code="list_grants_for_user_and_client" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-expand"><code>expand</code></a>, <a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a></td> + <td>Lists all grants for a specified user and client</td> +</tr> +<tr> + <td><a href="#list_user_grants"><CopyableCode code="list_user_grants" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-scopeId"><code>scopeId</code></a>, <a href="#parameter-expand"><code>expand</code></a>, <a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a></td> + <td>Lists all grants for the specified user</td> +</tr> +<tr> + <td><a href="#get_user_grant"><CopyableCode code="get_user_grant" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-expand"><code>expand</code></a></td> + <td>Retrieves a grant for the specified user</td> +</tr> +<tr> + <td><a href="#revoke_grants_for_user_and_client"><CopyableCode code="revoke_grants_for_user_and_client" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Revokes all grants for the specified user and client</td> +</tr> +<tr> + <td><a href="#revoke_user_grants"><CopyableCode code="revoke_user_grants" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Revokes all grants for a specified user</td> +</tr> +<tr> + <td><a href="#revoke_user_grant"><CopyableCode code="revoke_user_grant" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Revokes one grant for a specified user</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-expand"> + <td><CopyableCode code="expand" /></td> + <td><code>string</code></td> + <td>Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute.</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer (int32)</code></td> + <td>Specifies the number of grants to return</td> +</tr> +<tr id="parameter-scopeId"> + <td><CopyableCode code="scopeId" /></td> + <td><code>string</code></td> + <td>The scope ID to filter on</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_grants_for_user_and_client" + values={[ + { label: 'list_grants_for_user_and_client', value: 'list_grants_for_user_and_client' }, + { label: 'list_user_grants', value: 'list_user_grants' }, + { label: 'get_user_grant', value: 'get_user_grant' } + ]} +> +<TabItem value="list_grants_for_user_and_client"> + +Lists all grants for a specified user and client + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +createdBy, +issuer, +lastUpdated, +scopeId, +source, +status, +userId +FROM okta.users.grants +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` +</TabItem> +<TabItem value="list_user_grants"> + +Lists all grants for the specified user + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +createdBy, +issuer, +lastUpdated, +scopeId, +source, +status, +userId +FROM okta.users.grants +WHERE subdomain = '{{ subdomain }}' -- required +AND scopeId = '{{ scopeId }}' +AND expand = '{{ expand }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` +</TabItem> +<TabItem value="get_user_grant"> + +Retrieves a grant for the specified user + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +createdBy, +issuer, +lastUpdated, +scopeId, +source, +status, +userId +FROM okta.users.grants +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="revoke_grants_for_user_and_client" + values={[ + { label: 'revoke_grants_for_user_and_client', value: 'revoke_grants_for_user_and_client' }, + { label: 'revoke_user_grants', value: 'revoke_user_grants' }, + { label: 'revoke_user_grant', value: 'revoke_user_grant' } + ]} +> +<TabItem value="revoke_grants_for_user_and_client"> + +Revokes all grants for the specified user and client + +```sql +DELETE FROM okta.users.grants +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="revoke_user_grants"> + +Revokes all grants for a specified user + +```sql +DELETE FROM okta.users.grants +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="revoke_user_grant"> + +Revokes one grant for a specified user + +```sql +DELETE FROM okta.users.grants +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/identity_providers/index.md b/website/docs/services/users/identity_providers/index.md new file mode 100644 index 0000000..5e8a0d1 --- /dev/null +++ b/website/docs/services/users/identity_providers/index.md @@ -0,0 +1,188 @@ +--- +title: identity_providers +hide_title: false +hide_table_of_contents: false +keywords: + - identity_providers + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an <code>identity_providers</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>identity_providers</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.identity_providers" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_user_identity_providers" + values={[ + { label: 'list_user_identity_providers', value: 'list_user_identity_providers' } + ]} +> +<TabItem value="list_user_identity_providers"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique key for the IdP (example: 0oaWma58liwx40w6boYD)</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Unique name for the IdP (example: Sample IdP)</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was created (example: 2016-01-03T18:15:47.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="issuerMode" /></td> + <td><code>string</code></td> + <td>Indicates whether Okta uses the original Okta org domain URL or a custom domain URL in the request to the social IdP (default: DYNAMIC)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was last updated (example: 2016-01-03T18:15:47.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="policy" /></td> + <td><code>object</code></td> + <td>Policy settings for the IdP. The following provisioning and account linking actions are supported by each IdP provider: | IdP type | User provisioning actions | Group provisioning actions | Account link actions | Account link filters | | ----------------------------------------------------------------- | ------------------------- | ------------------------------------- | -------------------- | -------------------- | | `SAML2` | `AUTO` or `DISABLED` | `NONE`, `ASSIGN`, `APPEND`, or `SYNC` | `AUTO`, `DISABLED` | `groups`, `users` | | `X509`, `IDV_PERSONA`, `IDV_INCODE`, and `IDV_CLEAR` | `DISABLED` | No support for JIT provisioning | | | | All other IdP types | `AUTO`, `DISABLED` | `NONE` or `ASSIGN` | `AUTO`, `DISABLED` | `groups`, `users` |</td> +</tr> +<tr> + <td><CopyableCode code="properties" /></td> + <td><code>object</code></td> + <td>The properties in the IdP `properties` object vary depending on the IdP type</td> +</tr> +<tr> + <td><CopyableCode code="protocol" /></td> + <td><code></code></td> + <td>IdP-specific protocol settings for endpoints, bindings, and algorithms used to connect with the IdP and validate messages</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>The IdP object's `type` property identifies the social or enterprise IdP used for authentication. Each IdP uses a specific protocol, therefore the `protocol` object must correspond with the IdP `type`. If the protocol is OAuth 2.0-based, the `protocol` object's `scopes` property must also correspond with the scopes supported by the IdP `type`. For policy actions supported by each IdP type, see [IdP type policy actions](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/IdentityProvider/#tag/IdentityProvider/operation/createIdentityProvider!path=policy&t=request). | Type | Description | Corresponding protocol | Corresponding protocol scopes | | ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -------------------------------------------------------------------- | | `AMAZON` | [Amazon](https://developer.amazon.com/settings/console/registration?return_to=/) as the IdP | OpenID Connect | `profile`, `profile:user_id` | | `APPLE` | [Apple](https://developer.apple.com/sign-in-with-apple/) as the IdP | OpenID Connect | `names`, `email`, `openid` | | `DISCORD` | [Discord](https://discord.com/login) as the IdP | OAuth 2.0 | `identify`, `email` | | `FACEBOOK` | [Facebook](https://developers.facebook.com) as the IdP | OAuth 2.0 | `public_profile`, `email` | | `GITHUB` | [GitHub](https://github.com/join) as the IdP | OAuth 2.0 | `user` | | `GITLAB` | [GitLab](https://gitlab.com/users/sign_in) as the IdP | OpenID Connect | `openid`, `read_user`, `profile`, `email` | | `GOOGLE` | [Google](https://accounts.google.com/signup) as the IdP | OpenID Connect | `openid`, `email`, `profile` | | `IDV_PERSONA` | [Persona](https://app.withpersona.com/dashboard/login) as the IDV IdP | ID verification | | | `IDV_CLEAR` | [CLEAR Verified](https://www.clearme.com/) as the IDV IdP | ID verification | `openid`, `profile`, `identity_assurance` | | `IDV_INCODE` | [Incode](https://incode.com/) as the IDV IdP | ID verification | `openid`, `profile`, `identity_assurance` | | `LINKEDIN` | [LinkedIn](https://developer.linkedin.com/) as the IdP | OAuth 2.0 | `r_emailaddress`, `r_liteprofile` | | `LOGINGOV` | [Login.gov](https://developers.login.gov/) as the IdP | OpenID Connect | `email`, `profile`, `profile:name` | | `LOGINGOV_SANDBOX` | [Login.gov's identity sandbox](https://developers.login.gov/testing/) as the IdP | OpenID Connect | `email`, `profile`, `profile:name` | | `MICROSOFT` | [Microsoft Enterprise SSO](https://azure.microsoft.com/) as the IdP | OpenID Connect | `openid`, `email`, `profile`, `https://graph.microsoft.com/User.Read` | | `OIDC` | IdP that supports [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) | OpenID Connect | `openid`, `email`, `profile` | | `PAYPAL` | [Paypal](https://www.paypal.com/signin) as the IdP | OpenID Connect | `openid`, `email`, `profile` | | `PAYPAL_SANDBOX` | [Paypal Sandbox](https://developer.paypal.com/tools/sandbox/) as the IdP | OpenID Connect | `openid`, `email`, `profile` | | `SALESFORCE` | [SalesForce](https://login.salesforce.com/) as the IdP | OAuth 2.0 | `id`, `email`, `profile` | | `SAML2` | Enterprise IdP that supports the [SAML 2.0 Web Browser SSO Profile](https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf)| SAML 2.0 | | | `SPOTIFY` | [Spotify](https://developer.spotify.com/) as the IdP | OpenID Connect | `user-read-email`, `user-read-private` | | `X509` | [Smart Card IdP](https://tools.ietf.org/html/rfc5280) | Mutual TLS | | | `XERO` | [Xero](https://www.xero.com/us/signup/api/) as the IdP | OpenID Connect | `openid`, `profile`, `email` | | `YAHOO` | [Yahoo](https://login.yahoo.com/) as the IdP | OpenID Connect | `openid`, `profile`, `email` | | `YAHOOJP` | [Yahoo Japan](https://login.yahoo.co.jp/config/login) as the IdP | OpenID Connect | `openid`, `profile`, `email` | | `OKTA_INTEGRATION` | IdP that supports the [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) Org2Org IdP | OpenID Connect | `openid`, `email`, `profile` |</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_user_identity_providers"><CopyableCode code="list_user_identity_providers" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists the identity providers (IdPs) associated with the user</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_user_identity_providers" + values={[ + { label: 'list_user_identity_providers', value: 'list_user_identity_providers' } + ]} +> +<TabItem value="list_user_identity_providers"> + +Lists the identity providers (IdPs) associated with the user + +```sql +SELECT +id, +name, +_links, +created, +issuerMode, +lastUpdated, +policy, +properties, +protocol, +status, +type +FROM okta.users.identity_providers +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/index.md b/website/docs/services/users/index.md new file mode 100644 index 0000000..8b2474a --- /dev/null +++ b/website/docs/services/users/index.md @@ -0,0 +1,55 @@ +--- +title: users +hide_title: false +hide_table_of_contents: false +keywords: + - users + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +users service documentation. + +:::info[Service Summary] + +total resources: __24__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/users/admin_app_targets/">admin_app_targets</a><br /> +<a href="/services/users/app_links/">app_links</a><br /> +<a href="/services/users/authenticator_enrollments/">authenticator_enrollments</a><br /> +<a href="/services/users/classifications/">classifications</a><br /> +<a href="/services/users/factors/">factors</a><br /> +<a href="/services/users/grants/">grants</a><br /> +<a href="/services/users/identity_providers/">identity_providers</a><br /> +<a href="/services/users/linked_objects/">linked_objects</a><br /> +<a href="/services/users/oauth_tokens/">oauth_tokens</a><br /> +<a href="/services/users/role_assignment_governance_grant/">role_assignment_governance_grant</a><br /> +<a href="/services/users/role_assignment_governance_grant_resources/">role_assignment_governance_grant_resources</a><br /> +<a href="/services/users/role_assignment_users/">role_assignment_users</a> +</div> +<div class="providerDocColumn"> +<a href="/services/users/role_group_targets/">role_group_targets</a><br /> +<a href="/services/users/role_targets/">role_targets</a><br /> +<a href="/services/users/subscriptions/">subscriptions</a><br /> +<a href="/services/users/supported_factors/">supported_factors</a><br /> +<a href="/services/users/supported_security_questions/">supported_security_questions</a><br /> +<a href="/services/users/user_assigned_role_governance/">user_assigned_role_governance</a><br /> +<a href="/services/users/user_blocks/">user_blocks</a><br /> +<a href="/services/users/user_clients/">user_clients</a><br /> +<a href="/services/users/user_devices/">user_devices</a><br /> +<a href="/services/users/user_groups/">user_groups</a><br /> +<a href="/services/users/user_risk/">user_risk</a><br /> +<a href="/services/users/users/">users</a> +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/users/linked_objects/index.md b/website/docs/services/users/linked_objects/index.md new file mode 100644 index 0000000..e9efa62 --- /dev/null +++ b/website/docs/services/users/linked_objects/index.md @@ -0,0 +1,185 @@ +--- +title: linked_objects +hide_title: false +hide_table_of_contents: false +keywords: + - linked_objects + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>linked_objects</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>linked_objects</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.linked_objects" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_linked_objects_for_user" + values={[ + { label: 'list_linked_objects_for_user', value: 'list_linked_objects_for_user' } + ]} +> +<TabItem value="list_linked_objects_for_user"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_linked_objects_for_user"><CopyableCode code="list_linked_objects_for_user" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists either the `self` link for the primary user or all associated users in the relationship specified by `relationshipName`. If the specified user isn't associated in any relationship, an empty array is returned.<br /><br />Use `me` instead of `id` to specify the current session user.</td> +</tr> +<tr> + <td><a href="#assign_linked_object_value_for_primary"><CopyableCode code="assign_linked_object_value_for_primary" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Assigns the first user as the `associated` and the second user as the `primary` for the specified relationship.<br /><br />If the first user is already associated with a different `primary` for this relationship, the previous link is removed. A linked object relationship can specify only one primary user for an associated user.</td> +</tr> +<tr> + <td><a href="#delete_linked_object_for_user"><CopyableCode code="delete_linked_object_for_user" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes any existing relationship between the `associated` and `primary` user. For the `associated` user, this is specified by the ID. The `primary` name specifies the relationship.<br /><br />The operation is successful if the relationship is deleted. The operation is also successful if the specified user isn't in the `associated` relationship for any instance of the specified `primary` and thus, no relationship is found.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_linked_objects_for_user" + values={[ + { label: 'list_linked_objects_for_user', value: 'list_linked_objects_for_user' } + ]} +> +<TabItem value="list_linked_objects_for_user"> + +Lists either the `self` link for the primary user or all associated users in the relationship specified by `relationshipName`. If the specified user isn't associated in any relationship, an empty array is returned.<br /><br />Use `me` instead of `id` to specify the current session user. + +```sql +SELECT +_links +FROM okta.users.linked_objects +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="assign_linked_object_value_for_primary" + values={[ + { label: 'assign_linked_object_value_for_primary', value: 'assign_linked_object_value_for_primary' } + ]} +> +<TabItem value="assign_linked_object_value_for_primary"> + +Assigns the first user as the `associated` and the second user as the `primary` for the specified relationship.<br /><br />If the first user is already associated with a different `primary` for this relationship, the previous link is removed. A linked object relationship can specify only one primary user for an associated user. + +```sql +REPLACE okta.users.linked_objects +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_linked_object_for_user" + values={[ + { label: 'delete_linked_object_for_user', value: 'delete_linked_object_for_user' } + ]} +> +<TabItem value="delete_linked_object_for_user"> + +Deletes any existing relationship between the `associated` and `primary` user. For the `associated` user, this is specified by the ID. The `primary` name specifies the relationship.<br /><br />The operation is successful if the relationship is deleted. The operation is also successful if the specified user isn't in the `associated` relationship for any instance of the specified `primary` and thus, no relationship is found. + +```sql +DELETE FROM okta.users.linked_objects +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/oauth_tokens/index.md b/website/docs/services/users/oauth_tokens/index.md new file mode 100644 index 0000000..5d22d9c --- /dev/null +++ b/website/docs/services/users/oauth_tokens/index.md @@ -0,0 +1,352 @@ +--- +title: oauth_tokens +hide_title: false +hide_table_of_contents: false +keywords: + - oauth_tokens + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an <code>oauth_tokens</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>oauth_tokens</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.oauth_tokens" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_refresh_tokens_for_user_and_client" + values={[ + { label: 'list_refresh_tokens_for_user_and_client', value: 'list_refresh_tokens_for_user_and_client' }, + { label: 'get_refresh_token_for_user_and_client', value: 'get_refresh_token_for_user_and_client' } + ]} +> +<TabItem value="list_refresh_tokens_for_user_and_client"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>ID of the Token object (example: oar579Mcp7OUsNTlo0g3)</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>The embedded resources related to the object if the `expand` query parameter is specified</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="clientId" /></td> + <td><code>string</code></td> + <td>Client ID</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="expiresAt" /></td> + <td><code>string (date-time)</code></td> + <td>Expiration time of the OAuth 2.0 Token</td> +</tr> +<tr> + <td><CopyableCode code="issuer" /></td> + <td><code>string</code></td> + <td>The complete URL of the authorization server that issued the Token (example: https://{yourOktaDomain}/oauth2/ausain6z9zIedDCxB0h7)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was last updated</td> +</tr> +<tr> + <td><CopyableCode code="scopes" /></td> + <td><code>array</code></td> + <td>The scope names attached to the Token</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Status (example: ACTIVE)</td> +</tr> +<tr> + <td><CopyableCode code="userId" /></td> + <td><code>string</code></td> + <td>The ID of the user associated with the Token (example: 00u5t60iloOHN9pBi0h7)</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_refresh_token_for_user_and_client"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>ID of the Token object (example: oar579Mcp7OUsNTlo0g3)</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>The embedded resources related to the object if the `expand` query parameter is specified</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="clientId" /></td> + <td><code>string</code></td> + <td>Client ID</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was created (example: 2017-03-28T01:11:10.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="expiresAt" /></td> + <td><code>string (date-time)</code></td> + <td>Expiration time of the OAuth 2.0 Token</td> +</tr> +<tr> + <td><CopyableCode code="issuer" /></td> + <td><code>string</code></td> + <td>The complete URL of the authorization server that issued the Token (example: https://{yourOktaDomain}/oauth2/ausain6z9zIedDCxB0h7)</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was last updated</td> +</tr> +<tr> + <td><CopyableCode code="scopes" /></td> + <td><code>array</code></td> + <td>The scope names attached to the Token</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Status (example: ACTIVE)</td> +</tr> +<tr> + <td><CopyableCode code="userId" /></td> + <td><code>string</code></td> + <td>The ID of the user associated with the Token (example: 00u5t60iloOHN9pBi0h7)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_refresh_tokens_for_user_and_client"><CopyableCode code="list_refresh_tokens_for_user_and_client" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-expand"><code>expand</code></a>, <a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a></td> + <td>Lists all refresh tokens issued for the specified user and client</td> +</tr> +<tr> + <td><a href="#get_refresh_token_for_user_and_client"><CopyableCode code="get_refresh_token_for_user_and_client" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-expand"><code>expand</code></a></td> + <td>Retrieves a refresh token issued for the specified user and client</td> +</tr> +<tr> + <td><a href="#revoke_tokens_for_user_and_client"><CopyableCode code="revoke_tokens_for_user_and_client" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Revokes all refresh tokens issued for the specified user and client</td> +</tr> +<tr> + <td><a href="#revoke_token_for_user_and_client"><CopyableCode code="revoke_token_for_user_and_client" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Revokes the specified refresh and access tokens</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-expand"> + <td><CopyableCode code="expand" /></td> + <td><code>string</code></td> + <td>Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute.</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer (int32)</code></td> + <td>Specifies the number of tokens to return</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_refresh_tokens_for_user_and_client" + values={[ + { label: 'list_refresh_tokens_for_user_and_client', value: 'list_refresh_tokens_for_user_and_client' }, + { label: 'get_refresh_token_for_user_and_client', value: 'get_refresh_token_for_user_and_client' } + ]} +> +<TabItem value="list_refresh_tokens_for_user_and_client"> + +Lists all refresh tokens issued for the specified user and client + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +expiresAt, +issuer, +lastUpdated, +scopes, +status, +userId +FROM okta.users.oauth_tokens +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` +</TabItem> +<TabItem value="get_refresh_token_for_user_and_client"> + +Retrieves a refresh token issued for the specified user and client + +```sql +SELECT +id, +_embedded, +_links, +clientId, +created, +expiresAt, +issuer, +lastUpdated, +scopes, +status, +userId +FROM okta.users.oauth_tokens +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="revoke_tokens_for_user_and_client" + values={[ + { label: 'revoke_tokens_for_user_and_client', value: 'revoke_tokens_for_user_and_client' }, + { label: 'revoke_token_for_user_and_client', value: 'revoke_token_for_user_and_client' } + ]} +> +<TabItem value="revoke_tokens_for_user_and_client"> + +Revokes all refresh tokens issued for the specified user and client + +```sql +DELETE FROM okta.users.oauth_tokens +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="revoke_token_for_user_and_client"> + +Revokes the specified refresh and access tokens + +```sql +DELETE FROM okta.users.oauth_tokens +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/role_assignment_governance_grant/index.md b/website/docs/services/users/role_assignment_governance_grant/index.md new file mode 100644 index 0000000..f8fe9c4 --- /dev/null +++ b/website/docs/services/users/role_assignment_governance_grant/index.md @@ -0,0 +1,152 @@ +--- +title: role_assignment_governance_grant +hide_title: false +hide_table_of_contents: false +keywords: + - role_assignment_governance_grant + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>role_assignment_governance_grant</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>role_assignment_governance_grant</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.role_assignment_governance_grant" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_role_assignment_governance_grant" + values={[ + { label: 'get_role_assignment_governance_grant', value: 'get_role_assignment_governance_grant' } + ]} +> +<TabItem value="get_role_assignment_governance_grant"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the resources using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification.</td> +</tr> +<tr> + <td><CopyableCode code="bundleId" /></td> + <td><code>string</code></td> + <td>`id` of the entitlement bundle</td> +</tr> +<tr> + <td><CopyableCode code="expirationDate" /></td> + <td><code>string (date-time)</code></td> + <td>The expiration date of the entitlement bundle</td> +</tr> +<tr> + <td><CopyableCode code="grantId" /></td> + <td><code>string</code></td> + <td>`id` of the grant</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>The grant type</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_role_assignment_governance_grant"><CopyableCode code="get_role_assignment_governance_grant" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a governance source (identified by `grantId`) for a role (identified by `roleAssignmentId`) that's assigned to a user (identified by `userId`)</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_role_assignment_governance_grant" + values={[ + { label: 'get_role_assignment_governance_grant', value: 'get_role_assignment_governance_grant' } + ]} +> +<TabItem value="get_role_assignment_governance_grant"> + +Retrieves a governance source (identified by `grantId`) for a role (identified by `roleAssignmentId`) that's assigned to a user (identified by `userId`) + +```sql +SELECT +_links, +bundleId, +expirationDate, +grantId, +type +FROM okta.users.role_assignment_governance_grant +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/role_assignment_governance_grant_resources/index.md b/website/docs/services/users/role_assignment_governance_grant_resources/index.md new file mode 100644 index 0000000..98953e7 --- /dev/null +++ b/website/docs/services/users/role_assignment_governance_grant_resources/index.md @@ -0,0 +1,134 @@ +--- +title: role_assignment_governance_grant_resources +hide_title: false +hide_table_of_contents: false +keywords: + - role_assignment_governance_grant_resources + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>role_assignment_governance_grant_resources</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>role_assignment_governance_grant_resources</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.role_assignment_governance_grant_resources" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_role_assignment_governance_grant_resources" + values={[ + { label: 'get_role_assignment_governance_grant_resources', value: 'get_role_assignment_governance_grant_resources' } + ]} +> +<TabItem value="get_role_assignment_governance_grant_resources"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="resources" /></td> + <td><code>array</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_role_assignment_governance_grant_resources"><CopyableCode code="get_role_assignment_governance_grant_resources" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the resources of a governance source (identified by `grantId`) for a role (identified by `roleAssignmentId`) that's assigned to a user (identified by `userId`)</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_role_assignment_governance_grant_resources" + values={[ + { label: 'get_role_assignment_governance_grant_resources', value: 'get_role_assignment_governance_grant_resources' } + ]} +> +<TabItem value="get_role_assignment_governance_grant_resources"> + +Retrieves the resources of a governance source (identified by `grantId`) for a role (identified by `roleAssignmentId`) that's assigned to a user (identified by `userId`) + +```sql +SELECT +_links, +resources +FROM okta.users.role_assignment_governance_grant_resources +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/role_assignment_users/index.md b/website/docs/services/users/role_assignment_users/index.md new file mode 100644 index 0000000..aad69ca --- /dev/null +++ b/website/docs/services/users/role_assignment_users/index.md @@ -0,0 +1,306 @@ +--- +title: role_assignment_users +hide_title: false +hide_table_of_contents: false +keywords: + - role_assignment_users + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>role_assignment_users</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>role_assignment_users</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.role_assignment_users" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_assigned_roles_for_user" + values={[ + { label: 'list_assigned_roles_for_user', value: 'list_assigned_roles_for_user' }, + { label: 'get_user_assigned_role', value: 'get_user_assigned_role' } + ]} +> +<TabItem value="list_assigned_roles_for_user"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +</tbody> +</table> +</TabItem> +<TabItem value="get_user_assigned_role"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_assigned_roles_for_user"><CopyableCode code="list_assigned_roles_for_user" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-expand"><code>expand</code></a></td> + <td>Lists all roles assigned to a user (identified by `userId`)</td> +</tr> +<tr> + <td><a href="#get_user_assigned_role"><CopyableCode code="get_user_assigned_role" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a role assigned to a user (identified by `userId`). The `roleAssignmentId` parameter is the unique identifier for either a standard role assignment object or a custom role resource set binding object.</td> +</tr> +<tr> + <td><a href="#assign_role_to_user"><CopyableCode code="assign_role_to_user" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-disableNotifications"><code>disableNotifications</code></a></td> + <td>Assigns a [standard role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles) to a user.<br /><br />You can also assign a custom role to a user, but the preferred method to assign a custom role to a user is to create a binding between the custom role, the resource set, and the user. See [Create a role resource set binding](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding).<br /><br />> **Notes:**<br />> * The request payload is different for standard and custom role assignments.<br />> * For IAM-based standard role assignments, use the request payload for standard roles. However, the response payload for IAM-based role assignments is similar to the custom role's assignment response.</td> +</tr> +<tr> + <td><a href="#unassign_role_from_user"><CopyableCode code="unassign_role_from_user" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Unassigns a role assignment (identified by `roleAssignmentId`) from a user (identified by `userId`)</td> +</tr> +<tr> + <td><a href="#assign_all_apps_as_target_to_role_for_user"><CopyableCode code="assign_all_apps_as_target_to_role_for_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Assigns all apps as target to an `APP_ADMIN` role</td> +</tr> +<tr> + <td><a href="#assign_app_target_to_admin_role_for_user"><CopyableCode code="assign_app_target_to_admin_role_for_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Assigns an OIN app target for an `APP_ADMIN` role assignment to an admin user. When you assign the first app target, you reduce the scope of the role assignment.<br />The role no longer applies to all app targets, but applies only to the specified target.<br /><br />Assigning an OIN app target overrides any existing app instance targets of the OIN app.<br />For example, if a user was assigned to administer a specific Facebook instance, a successful request to add an OIN app target with `facebook` for `appName` makes that user the admin for all Facebook instances.<br /></td> +</tr> +<tr> + <td><a href="#assign_app_instance_target_to_app_admin_role_for_user"><CopyableCode code="assign_app_instance_target_to_app_admin_role_for_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Assigns an app instance target to an `APP_ADMIN` role assignment to an admin user. When you assign the first OIN app or app instance target, you reduce the scope of the role assignment.<br />The role no longer applies to all app targets, but applies only to the specified target.<br /><br />> **Note:** You can target a mixture of both OIN app and app instance targets, but can't assign permissions to manage all instances of an OIN app and then assign a subset of permission to the same OIN app.<br />> For example, you can't specify that an admin has access to manage all instances of the Salesforce app and then also manage specific configurations of the Salesforce app.<br /></td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-disableNotifications"> + <td><CopyableCode code="disableNotifications" /></td> + <td><code>boolean</code></td> + <td>Setting this to `true` grants the user third-party admin status</td> +</tr> +<tr id="parameter-expand"> + <td><CopyableCode code="expand" /></td> + <td><code>string</code></td> + <td>An optional parameter used to return targets configured for the standard role assignment in the `embedded` property. Supported values: `targets/groups` or `targets/catalog/apps`</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_assigned_roles_for_user" + values={[ + { label: 'list_assigned_roles_for_user', value: 'list_assigned_roles_for_user' }, + { label: 'get_user_assigned_role', value: 'get_user_assigned_role' } + ]} +> +<TabItem value="list_assigned_roles_for_user"> + +Lists all roles assigned to a user (identified by `userId`) + +```sql +SELECT +* +FROM okta.users.role_assignment_users +WHERE subdomain = '{{ subdomain }}' -- required +AND expand = '{{ expand }}'; +``` +</TabItem> +<TabItem value="get_user_assigned_role"> + +Retrieves a role assigned to a user (identified by `userId`). The `roleAssignmentId` parameter is the unique identifier for either a standard role assignment object or a custom role resource set binding object. + +```sql +SELECT +* +FROM okta.users.role_assignment_users +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="assign_role_to_user" + values={[ + { label: 'assign_role_to_user', value: 'assign_role_to_user' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="assign_role_to_user"> + +Assigns a [standard role](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/roles/#standard-roles) to a user.<br /><br />You can also assign a custom role to a user, but the preferred method to assign a custom role to a user is to create a binding between the custom role, the resource set, and the user. See [Create a role resource set binding](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleDResourceSetBinding/#tag/RoleDResourceSetBinding/operation/createResourceSetBinding).<br /><br />> **Notes:**<br />> * The request payload is different for standard and custom role assignments.<br />> * For IAM-based standard role assignments, use the request payload for standard roles. However, the response payload for IAM-based role assignments is similar to the custom role's assignment response. + +```sql +INSERT INTO okta.users.role_assignment_users ( +subdomain, +disableNotifications +) +SELECT +'{{ subdomain }}', +'{{ disableNotifications }}' +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: role_assignment_users + props: + - name: subdomain + value: string + description: Required parameter for the role_assignment_users resource. + - name: disableNotifications + value: boolean + description: Setting this to `true` grants the user third-party admin status +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="unassign_role_from_user" + values={[ + { label: 'unassign_role_from_user', value: 'unassign_role_from_user' } + ]} +> +<TabItem value="unassign_role_from_user"> + +Unassigns a role assignment (identified by `roleAssignmentId`) from a user (identified by `userId`) + +```sql +DELETE FROM okta.users.role_assignment_users +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="assign_all_apps_as_target_to_role_for_user" + values={[ + { label: 'assign_all_apps_as_target_to_role_for_user', value: 'assign_all_apps_as_target_to_role_for_user' }, + { label: 'assign_app_target_to_admin_role_for_user', value: 'assign_app_target_to_admin_role_for_user' }, + { label: 'assign_app_instance_target_to_app_admin_role_for_user', value: 'assign_app_instance_target_to_app_admin_role_for_user' } + ]} +> +<TabItem value="assign_all_apps_as_target_to_role_for_user"> + +Assigns all apps as target to an `APP_ADMIN` role + +```sql +EXEC okta.users.role_assignment_users.assign_all_apps_as_target_to_role_for_user +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="assign_app_target_to_admin_role_for_user"> + +Assigns an OIN app target for an `APP_ADMIN` role assignment to an admin user. When you assign the first app target, you reduce the scope of the role assignment.<br />The role no longer applies to all app targets, but applies only to the specified target.<br /><br />Assigning an OIN app target overrides any existing app instance targets of the OIN app.<br />For example, if a user was assigned to administer a specific Facebook instance, a successful request to add an OIN app target with `facebook` for `appName` makes that user the admin for all Facebook instances.<br /> + +```sql +EXEC okta.users.role_assignment_users.assign_app_target_to_admin_role_for_user +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="assign_app_instance_target_to_app_admin_role_for_user"> + +Assigns an app instance target to an `APP_ADMIN` role assignment to an admin user. When you assign the first OIN app or app instance target, you reduce the scope of the role assignment.<br />The role no longer applies to all app targets, but applies only to the specified target.<br /><br />> **Note:** You can target a mixture of both OIN app and app instance targets, but can't assign permissions to manage all instances of an OIN app and then assign a subset of permission to the same OIN app.<br />> For example, you can't specify that an admin has access to manage all instances of the Salesforce app and then also manage specific configurations of the Salesforce app.<br /> + +```sql +EXEC okta.users.role_assignment_users.assign_app_instance_target_to_app_admin_role_for_user +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/role_group_targets/index.md b/website/docs/services/users/role_group_targets/index.md new file mode 100644 index 0000000..d9ddffc --- /dev/null +++ b/website/docs/services/users/role_group_targets/index.md @@ -0,0 +1,245 @@ +--- +title: role_group_targets +hide_title: false +hide_table_of_contents: false +keywords: + - role_group_targets + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>role_group_targets</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>role_group_targets</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.role_group_targets" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_group_targets_for_role" + values={[ + { label: 'list_group_targets_for_role', value: 'list_group_targets_for_role' } + ]} +> +<TabItem value="list_group_targets_for_role"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique ID for the group (example: 0gabcd1234)</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>Embedded resources related to the group</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the group was created</td> +</tr> +<tr> + <td><CopyableCode code="lastMembershipUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the groups memberships were last updated</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the group's profile was last updated</td> +</tr> +<tr> + <td><CopyableCode code="objectClass" /></td> + <td><code>array</code></td> + <td>Determines the group's `profile`</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code></code></td> + <td>Specifies required and optional properties for a group. The `objectClass` of a group determines which additional properties are available. You can extend group profiles with custom properties, but you must first add the properties to the group profile schema before you can reference them. Use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to manage schema extensions. Custom properties can contain HTML tags. It is the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting.</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Determines how a group's profile and memberships are managed</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_group_targets_for_role"><CopyableCode code="list_group_targets_for_role" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a></td> + <td>Lists all group targets for a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to an admin user.<br />If the role isn't scoped to specific group targets, an empty array `[]` is returned.<br /></td> +</tr> +<tr> + <td><a href="#assign_group_target_to_user_role"><CopyableCode code="assign_group_target_to_user_role" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Assigns a group target for a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to an admin user.<br />When you assign the first group target, you reduce the scope of the role assignment. The role no longer applies to all targets but applies only to the specified target.<br /></td> +</tr> +<tr> + <td><a href="#unassign_group_target_from_user_admin_role"><CopyableCode code="unassign_group_target_from_user_admin_role" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Unassigns a group target from a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to an admin user.<br /><br />> **Note:** You can't remove the last group target from a role assignment since this causes an exception.<br />> If you need a role assignment that applies to all groups, delete the role assignment to the user and recreate a new one.<br /></td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer</code></td> + <td>A limit on the number of objects to return</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_group_targets_for_role" + values={[ + { label: 'list_group_targets_for_role', value: 'list_group_targets_for_role' } + ]} +> +<TabItem value="list_group_targets_for_role"> + +Lists all group targets for a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to an admin user.<br />If the role isn't scoped to specific group targets, an empty array `[]` is returned.<br /> + +```sql +SELECT +id, +_embedded, +_links, +created, +lastMembershipUpdated, +lastUpdated, +objectClass, +profile, +type +FROM okta.users.role_group_targets +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="assign_group_target_to_user_role" + values={[ + { label: 'assign_group_target_to_user_role', value: 'assign_group_target_to_user_role' } + ]} +> +<TabItem value="assign_group_target_to_user_role"> + +Assigns a group target for a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to an admin user.<br />When you assign the first group target, you reduce the scope of the role assignment. The role no longer applies to all targets but applies only to the specified target.<br /> + +```sql +REPLACE okta.users.role_group_targets +SET +-- No updatable properties +WHERE +subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="unassign_group_target_from_user_admin_role" + values={[ + { label: 'unassign_group_target_from_user_admin_role', value: 'unassign_group_target_from_user_admin_role' } + ]} +> +<TabItem value="unassign_group_target_from_user_admin_role"> + +Unassigns a group target from a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to an admin user.<br /><br />> **Note:** You can't remove the last group target from a role assignment since this causes an exception.<br />> If you need a role assignment that applies to all groups, delete the role assignment to the user and recreate a new one.<br /> + +```sql +DELETE FROM okta.users.role_group_targets +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/role_targets/index.md b/website/docs/services/users/role_targets/index.md new file mode 100644 index 0000000..c600554 --- /dev/null +++ b/website/docs/services/users/role_targets/index.md @@ -0,0 +1,164 @@ +--- +title: role_targets +hide_title: false +hide_table_of_contents: false +keywords: + - role_targets + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>role_targets</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>role_targets</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.role_targets" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_role_targets_by_user_id_and_role_id" + values={[ + { label: 'get_role_targets_by_user_id_and_role_id', value: 'get_role_targets_by_user_id_and_role_id' } + ]} +> +<TabItem value="get_role_targets_by_user_id_and_role_id"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="assignmentType" /></td> + <td><code>string</code></td> + <td>The assignment type of how the user receives this target (example: GROUP)</td> +</tr> +<tr> + <td><CopyableCode code="expiration" /></td> + <td><code>string (date-time)</code></td> + <td>The expiry time stamp of the associated target. It's only included in the response if the associated target will expire. (example: 2023-08-25T12:00:00.000Z)</td> +</tr> +<tr> + <td><CopyableCode code="orn" /></td> + <td><code>string</code></td> + <td>The [Okta Resource Name (ORN)](https://support.okta.com/help/s/article/understanding-okta-resource-name-orn) of the app target or group target (example: orn:okta:directory:00o5v1t2W4OSF9r4N0g4:groups:00g5vhi3rEJMOog1S0g4)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_role_targets_by_user_id_and_role_id"><CopyableCode code="get_role_targets_by_user_id_and_role_id" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-assignmentType"><code>assignmentType</code></a>, <a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a></td> + <td>Retrieves all role targets for an `APP_ADMIN`, `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to an admin user by user or group assignment type.<br />If the role isn't scoped to specific group targets or any app targets, an empty array `[]` is returned.<br /></td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-assignmentType"> + <td><CopyableCode code="assignmentType" /></td> + <td><code>string</code></td> + <td>Specifies the assignment type of the user</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer</code></td> + <td>A limit on the number of objects to return</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_role_targets_by_user_id_and_role_id" + values={[ + { label: 'get_role_targets_by_user_id_and_role_id', value: 'get_role_targets_by_user_id_and_role_id' } + ]} +> +<TabItem value="get_role_targets_by_user_id_and_role_id"> + +Retrieves all role targets for an `APP_ADMIN`, `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assignment to an admin user by user or group assignment type.<br />If the role isn't scoped to specific group targets or any app targets, an empty array `[]` is returned.<br /> + +```sql +SELECT +_links, +assignmentType, +expiration, +orn +FROM okta.users.role_targets +WHERE subdomain = '{{ subdomain }}' -- required +AND assignmentType = '{{ assignmentType }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}'; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/subscriptions/index.md b/website/docs/services/users/subscriptions/index.md new file mode 100644 index 0000000..4429b90 --- /dev/null +++ b/website/docs/services/users/subscriptions/index.md @@ -0,0 +1,266 @@ +--- +title: subscriptions +hide_title: false +hide_table_of_contents: false +keywords: + - subscriptions + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>subscriptions</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>subscriptions</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.subscriptions" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_subscriptions_user" + values={[ + { label: 'list_subscriptions_user', value: 'list_subscriptions_user' }, + { label: 'get_subscriptions_notification_type_user', value: 'get_subscriptions_notification_type_user' } + ]} +> +<TabItem value="list_subscriptions_user"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Discoverable resources related to the subscription</td> +</tr> +<tr> + <td><CopyableCode code="channels" /></td> + <td><code>array</code></td> + <td>An array of sources send notifications to users. > **Note**: Currently, Okta only allows `email` channels.</td> +</tr> +<tr> + <td><CopyableCode code="notificationType" /></td> + <td><code>string</code></td> + <td>The type of notification</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>The status of the subscription</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_subscriptions_notification_type_user"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Discoverable resources related to the subscription</td> +</tr> +<tr> + <td><CopyableCode code="channels" /></td> + <td><code>array</code></td> + <td>An array of sources send notifications to users. > **Note**: Currently, Okta only allows `email` channels.</td> +</tr> +<tr> + <td><CopyableCode code="notificationType" /></td> + <td><code>string</code></td> + <td>The type of notification</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>The status of the subscription</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_subscriptions_user"><CopyableCode code="list_subscriptions_user" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-userId"><code>userId</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all subscriptions available to a specified user. Returns an `AccessDeniedException` message if requests are made for another user.</td> +</tr> +<tr> + <td><a href="#get_subscriptions_notification_type_user"><CopyableCode code="get_subscriptions_notification_type_user" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-userId"><code>userId</code></a>, <a href="#parameter-notificationType"><code>notificationType</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a subscription by `notificationType` for a specified user. Returns an `AccessDeniedException` message if requests are made for another user.</td> +</tr> +<tr> + <td><a href="#subscribe_by_notification_type_user"><CopyableCode code="subscribe_by_notification_type_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-userId"><code>userId</code></a>, <a href="#parameter-notificationType"><code>notificationType</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Subscribes the current user to a specified notification type. Returns an `AccessDeniedException` message if requests are made for another user.</td> +</tr> +<tr> + <td><a href="#unsubscribe_by_notification_type_user"><CopyableCode code="unsubscribe_by_notification_type_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-userId"><code>userId</code></a>, <a href="#parameter-notificationType"><code>notificationType</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Unsubscribes the current user from a specified notification type. Returns an `AccessDeniedException` message if requests are made for another user.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-notificationType"> + <td><CopyableCode code="notificationType" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-userId"> + <td><CopyableCode code="userId" /></td> + <td><code>string</code></td> + <td></td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_subscriptions_user" + values={[ + { label: 'list_subscriptions_user', value: 'list_subscriptions_user' }, + { label: 'get_subscriptions_notification_type_user', value: 'get_subscriptions_notification_type_user' } + ]} +> +<TabItem value="list_subscriptions_user"> + +Lists all subscriptions available to a specified user. Returns an `AccessDeniedException` message if requests are made for another user. + +```sql +SELECT +_links, +channels, +notificationType, +status +FROM okta.users.subscriptions +WHERE userId = '{{ userId }}' -- required +AND subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +<TabItem value="get_subscriptions_notification_type_user"> + +Retrieves a subscription by `notificationType` for a specified user. Returns an `AccessDeniedException` message if requests are made for another user. + +```sql +SELECT +_links, +channels, +notificationType, +status +FROM okta.users.subscriptions +WHERE userId = '{{ userId }}' -- required +AND notificationType = '{{ notificationType }}' -- required +AND subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="subscribe_by_notification_type_user" + values={[ + { label: 'subscribe_by_notification_type_user', value: 'subscribe_by_notification_type_user' }, + { label: 'unsubscribe_by_notification_type_user', value: 'unsubscribe_by_notification_type_user' } + ]} +> +<TabItem value="subscribe_by_notification_type_user"> + +Subscribes the current user to a specified notification type. Returns an `AccessDeniedException` message if requests are made for another user. + +```sql +EXEC okta.users.subscriptions.subscribe_by_notification_type_user +@userId='{{ userId }}' --required, +@notificationType='{{ notificationType }}' --required, +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="unsubscribe_by_notification_type_user"> + +Unsubscribes the current user from a specified notification type. Returns an `AccessDeniedException` message if requests are made for another user. + +```sql +EXEC okta.users.subscriptions.unsubscribe_by_notification_type_user +@userId='{{ userId }}' --required, +@notificationType='{{ notificationType }}' --required, +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/supported_factors/index.md b/website/docs/services/users/supported_factors/index.md new file mode 100644 index 0000000..b688d5b --- /dev/null +++ b/website/docs/services/users/supported_factors/index.md @@ -0,0 +1,164 @@ +--- +title: supported_factors +hide_title: false +hide_table_of_contents: false +keywords: + - supported_factors + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>supported_factors</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>supported_factors</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.supported_factors" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_supported_factors" + values={[ + { label: 'list_supported_factors', value: 'list_supported_factors' } + ]} +> +<TabItem value="list_supported_factors"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>Embedded resources related to the factor</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="enrollment" /></td> + <td><code>string</code></td> + <td>Indicates if the factor is required for the specified user (example: OPTIONAL)</td> +</tr> +<tr> + <td><CopyableCode code="factorType" /></td> + <td><code>string</code></td> + <td>Type of factor</td> +</tr> +<tr> + <td><CopyableCode code="provider" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Status of the factor (example: ACTIVE)</td> +</tr> +<tr> + <td><CopyableCode code="vendorName" /></td> + <td><code>string</code></td> + <td>Name of the factor vendor. This is usually the same as the provider except for On-Prem MFA, which depends on admin settings. (example: OKTA)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_supported_factors"><CopyableCode code="list_supported_factors" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all the supported factors that can be enrolled for the specified user that are included in the highest priority [authenticator enrollment policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) that applies to the user.<br /><br />Only factors that are `REQUIRED` or `OPTIONAL` in the highest priority authenticator enrollment policy can be returned.<br /><br />> **Note:** When admins use this endpoint for other users, the authenticator enrollment policy that's evaluated can vary depending on how client-specific conditions are configured in the rules of an authenticator enrollment policy. The client-specific conditions of the admin's client are used during policy evaluation instead of the client-specific conditions of the user. This can affect which authenticator enrollment policy is evaluated and which factors are returned.<br />><br />> For example, an admin in Europe lists all supported factors for a user in North America. The network zone of the admin's client (in Europe) is used during policy evaluation instead of the network zone of the user (in North America).</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_supported_factors" + values={[ + { label: 'list_supported_factors', value: 'list_supported_factors' } + ]} +> +<TabItem value="list_supported_factors"> + +Lists all the supported factors that can be enrolled for the specified user that are included in the highest priority [authenticator enrollment policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) that applies to the user.<br /><br />Only factors that are `REQUIRED` or `OPTIONAL` in the highest priority authenticator enrollment policy can be returned.<br /><br />> **Note:** When admins use this endpoint for other users, the authenticator enrollment policy that's evaluated can vary depending on how client-specific conditions are configured in the rules of an authenticator enrollment policy. The client-specific conditions of the admin's client are used during policy evaluation instead of the client-specific conditions of the user. This can affect which authenticator enrollment policy is evaluated and which factors are returned.<br />><br />> For example, an admin in Europe lists all supported factors for a user in North America. The network zone of the admin's client (in Europe) is used during policy evaluation instead of the network zone of the user (in North America). + +```sql +SELECT +_embedded, +_links, +enrollment, +factorType, +provider, +status, +vendorName +FROM okta.users.supported_factors +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/supported_security_questions/index.md b/website/docs/services/users/supported_security_questions/index.md new file mode 100644 index 0000000..7144624 --- /dev/null +++ b/website/docs/services/users/supported_security_questions/index.md @@ -0,0 +1,140 @@ +--- +title: supported_security_questions +hide_title: false +hide_table_of_contents: false +keywords: + - supported_security_questions + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>supported_security_questions</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>supported_security_questions</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.supported_security_questions" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_supported_security_questions" + values={[ + { label: 'list_supported_security_questions', value: 'list_supported_security_questions' } + ]} +> +<TabItem value="list_supported_security_questions"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="answer" /></td> + <td><code>string</code></td> + <td>Answer to the question</td> +</tr> +<tr> + <td><CopyableCode code="question" /></td> + <td><code>string</code></td> + <td>Unique key for the question (example: disliked_food)</td> +</tr> +<tr> + <td><CopyableCode code="questionText" /></td> + <td><code>string</code></td> + <td>Human-readable text that's displayed to the user (example: What is the food you least liked as a child?)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_supported_security_questions"><CopyableCode code="list_supported_security_questions" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all available security questions for the specified user</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_supported_security_questions" + values={[ + { label: 'list_supported_security_questions', value: 'list_supported_security_questions' } + ]} +> +<TabItem value="list_supported_security_questions"> + +Lists all available security questions for the specified user + +```sql +SELECT +answer, +question, +questionText +FROM okta.users.supported_security_questions +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/user_assigned_role_governance/index.md b/website/docs/services/users/user_assigned_role_governance/index.md new file mode 100644 index 0000000..cecd627 --- /dev/null +++ b/website/docs/services/users/user_assigned_role_governance/index.md @@ -0,0 +1,134 @@ +--- +title: user_assigned_role_governance +hide_title: false +hide_table_of_contents: false +keywords: + - user_assigned_role_governance + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>user_assigned_role_governance</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>user_assigned_role_governance</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.user_assigned_role_governance" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_user_assigned_role_governance" + values={[ + { label: 'get_user_assigned_role_governance', value: 'get_user_assigned_role_governance' } + ]} +> +<TabItem value="get_user_assigned_role_governance"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available for the sources using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification.</td> +</tr> +<tr> + <td><CopyableCode code="grants" /></td> + <td><code>array</code></td> + <td></td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_user_assigned_role_governance"><CopyableCode code="get_user_assigned_role_governance" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the governance sources of a role (identified by `roleAssignmentId`) that's assigned to a user (identified by `userId`)</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_user_assigned_role_governance" + values={[ + { label: 'get_user_assigned_role_governance', value: 'get_user_assigned_role_governance' } + ]} +> +<TabItem value="get_user_assigned_role_governance"> + +Retrieves the governance sources of a role (identified by `roleAssignmentId`) that's assigned to a user (identified by `userId`) + +```sql +SELECT +_links, +grants +FROM okta.users.user_assigned_role_governance +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/user_blocks/index.md b/website/docs/services/users/user_blocks/index.md new file mode 100644 index 0000000..db6f068 --- /dev/null +++ b/website/docs/services/users/user_blocks/index.md @@ -0,0 +1,134 @@ +--- +title: user_blocks +hide_title: false +hide_table_of_contents: false +keywords: + - user_blocks + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>user_blocks</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>user_blocks</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.user_blocks" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_user_blocks" + values={[ + { label: 'list_user_blocks', value: 'list_user_blocks' } + ]} +> +<TabItem value="list_user_blocks"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="appliesTo" /></td> + <td><code>string</code></td> + <td>The devices that the block applies to</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Type of access block</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_user_blocks"><CopyableCode code="list_user_blocks" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists information about how the user is blocked from accessing their account</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_user_blocks" + values={[ + { label: 'list_user_blocks', value: 'list_user_blocks' } + ]} +> +<TabItem value="list_user_blocks"> + +Lists information about how the user is blocked from accessing their account + +```sql +SELECT +appliesTo, +type +FROM okta.users.user_blocks +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/user_clients/index.md b/website/docs/services/users/user_clients/index.md new file mode 100644 index 0000000..a83674c --- /dev/null +++ b/website/docs/services/users/user_clients/index.md @@ -0,0 +1,152 @@ +--- +title: user_clients +hide_title: false +hide_table_of_contents: false +keywords: + - user_clients + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>user_clients</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>user_clients</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.user_clients" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_user_clients" + values={[ + { label: 'list_user_clients', value: 'list_user_clients' } + ]} +> +<TabItem value="list_user_clients"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="client_id" /></td> + <td><code>string</code></td> + <td>Unique key for the client application. The `client_id` is immutable. (example: 0oabskvc6442nkvQO0h7)</td> +</tr> +<tr> + <td><CopyableCode code="client_name" /></td> + <td><code>string</code></td> + <td>Human-readable string name of the client application (example: My App)</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="client_uri" /></td> + <td><code>string</code></td> + <td> (example: https://www.example.com)</td> +</tr> +<tr> + <td><CopyableCode code="logo_uri" /></td> + <td><code>string</code></td> + <td>URL string that references a logo for the client consent dialog (not the sign-in dialog) (example: https://www.example.com/logo.png)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_user_clients"><CopyableCode code="list_user_clients" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all client resources for which the specified user has grants or tokens.<br /><br />> **Note:** To list all client resources for which a specified authorization server has tokens, use the [List all client resources for an authorization server in the Authorization Servers API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/AuthorizationServerClients/#tag/AuthorizationServerClients/operation/listOAuth2ClientsForAuthorizationServer).</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_user_clients" + values={[ + { label: 'list_user_clients', value: 'list_user_clients' } + ]} +> +<TabItem value="list_user_clients"> + +Lists all client resources for which the specified user has grants or tokens.<br /><br />> **Note:** To list all client resources for which a specified authorization server has tokens, use the [List all client resources for an authorization server in the Authorization Servers API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/AuthorizationServerClients/#tag/AuthorizationServerClients/operation/listOAuth2ClientsForAuthorizationServer). + +```sql +SELECT +client_id, +client_name, +_links, +client_uri, +logo_uri +FROM okta.users.user_clients +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/user_devices/index.md b/website/docs/services/users/user_devices/index.md new file mode 100644 index 0000000..ff74a42 --- /dev/null +++ b/website/docs/services/users/user_devices/index.md @@ -0,0 +1,140 @@ +--- +title: user_devices +hide_title: false +hide_table_of_contents: false +keywords: + - user_devices + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>user_devices</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>user_devices</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.user_devices" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_user_devices" + values={[ + { label: 'list_user_devices', value: 'list_user_devices' } + ]} +> +<TabItem value="list_user_devices"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the device was created</td> +</tr> +<tr> + <td><CopyableCode code="device" /></td> + <td><code>object</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="deviceUserId" /></td> + <td><code>string</code></td> + <td>Unique key for the user device link</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_user_devices"><CopyableCode code="list_user_devices" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all devices enrolled by a user.<br /><br />> **Note:** To list all devices registered to an org, use the [List all devices endpoint in the Devices API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Device/#tag/Device/operation/listDevices).</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_user_devices" + values={[ + { label: 'list_user_devices', value: 'list_user_devices' } + ]} +> +<TabItem value="list_user_devices"> + +Lists all devices enrolled by a user.<br /><br />> **Note:** To list all devices registered to an org, use the [List all devices endpoint in the Devices API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Device/#tag/Device/operation/listDevices). + +```sql +SELECT +created, +device, +deviceUserId +FROM okta.users.user_devices +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/user_groups/index.md b/website/docs/services/users/user_groups/index.md new file mode 100644 index 0000000..e22f852 --- /dev/null +++ b/website/docs/services/users/user_groups/index.md @@ -0,0 +1,176 @@ +--- +title: user_groups +hide_title: false +hide_table_of_contents: false +keywords: + - user_groups + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>user_groups</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>user_groups</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.user_groups" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_user_groups" + values={[ + { label: 'list_user_groups', value: 'list_user_groups' } + ]} +> +<TabItem value="list_user_groups"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique ID for the group (example: 0gabcd1234)</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>Embedded resources related to the group</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the group was created</td> +</tr> +<tr> + <td><CopyableCode code="lastMembershipUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the groups memberships were last updated</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the group's profile was last updated</td> +</tr> +<tr> + <td><CopyableCode code="objectClass" /></td> + <td><code>array</code></td> + <td>Determines the group's `profile`</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code></code></td> + <td>Specifies required and optional properties for a group. The `objectClass` of a group determines which additional properties are available. You can extend group profiles with custom properties, but you must first add the properties to the group profile schema before you can reference them. Use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/)to manage schema extensions. Custom properties can contain HTML tags. It is the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting.</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>Determines how a group's profile and memberships are managed</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_user_groups"><CopyableCode code="list_user_groups" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all groups of which the user is a member.<br />> **Note:** To list all groups in your org, use the [List all groups endpoints in the Groups API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups).</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_user_groups" + values={[ + { label: 'list_user_groups', value: 'list_user_groups' } + ]} +> +<TabItem value="list_user_groups"> + +Lists all groups of which the user is a member.<br />> **Note:** To list all groups in your org, use the [List all groups endpoints in the Groups API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups). + +```sql +SELECT +id, +_embedded, +_links, +created, +lastMembershipUpdated, +lastUpdated, +objectClass, +profile, +type +FROM okta.users.user_groups +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/user_risk/index.md b/website/docs/services/users/user_risk/index.md new file mode 100644 index 0000000..ce5488c --- /dev/null +++ b/website/docs/services/users/user_risk/index.md @@ -0,0 +1,166 @@ +--- +title: user_risk +hide_title: false +hide_table_of_contents: false +keywords: + - user_risk + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>user_risk</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>user_risk</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.user_risk" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="get_user_risk" + values={[ + { label: 'get_user_risk', value: 'get_user_risk' } + ]} +> +<TabItem value="get_user_risk"> + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="riskLevel" /></td> + <td><code>string</code></td> + <td>The risk level associated with the user</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#get_user_risk"><CopyableCode code="get_user_risk" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves the user risk object for a user ID</td> +</tr> +<tr> + <td><a href="#upsert_user_risk"><CopyableCode code="upsert_user_risk" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Upserts (creates or updates) the user risk object for a user ID</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="get_user_risk" + values={[ + { label: 'get_user_risk', value: 'get_user_risk' } + ]} +> +<TabItem value="get_user_risk"> + +Retrieves the user risk object for a user ID + +```sql +SELECT +_links, +riskLevel +FROM okta.users.user_risk +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="upsert_user_risk" + values={[ + { label: 'upsert_user_risk', value: 'upsert_user_risk' } + ]} +> +<TabItem value="upsert_user_risk"> + +Upserts (creates or updates) the user risk object for a user ID + +```sql +REPLACE okta.users.user_risk +SET +data__riskLevel = '{{ riskLevel }}' +WHERE +subdomain = '{{ subdomain }}' --required +RETURNING +_links, +reason, +riskLevel; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/users/users/index.md b/website/docs/services/users/users/index.md new file mode 100644 index 0000000..4e1db98 --- /dev/null +++ b/website/docs/services/users/users/index.md @@ -0,0 +1,1011 @@ +--- +title: users +hide_title: false +hide_table_of_contents: false +keywords: + - users + - users + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>users</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>users</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.users.users" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_users" + values={[ + { label: 'list_users', value: 'list_users' }, + { label: 'get_user', value: 'get_user' } + ]} +> +<TabItem value="list_users"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>The unique key for the user</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>Embedded resources related to the user using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="activated" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the user status transitioned to `ACTIVE`</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the user was created</td> +</tr> +<tr> + <td><CopyableCode code="credentials" /></td> + <td><code>object</code></td> + <td>Specifies primary authentication and recovery credentials for a user. Credential types and requirements vary depending on the provider and security policy of the org.</td> +</tr> +<tr> + <td><CopyableCode code="lastLogin" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp of the last login</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the user was last updated</td> +</tr> +<tr> + <td><CopyableCode code="passwordChanged" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the user's password was last updated</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code>object</code></td> + <td>Specifies the default and custom profile properties for a user. The default user profile is based on the [System for Cross-domain Identity Management: Core Schema](https://datatracker.ietf.org/doc/html/rfc7643). The only permitted customizations of the default profile are to update permissions, change whether the `firstName` and `lastName` properties are nullable, and specify a [pattern](https://developer.okta.com/docs/reference/api/schemas/#login-pattern-validation) for `login`. You can use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to make schema modifications. You can extend user profiles with custom properties. You must first add the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to manage schema extensions. Custom attributes can contain HTML tags. It's the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting.</td> +</tr> +<tr> + <td><CopyableCode code="realmId" /></td> + <td><code>string</code></td> + <td>The ID of the realm in which the user is residing. See [Realms](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Realm/). (example: guo1bfiNtSnZYILxO0g4)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>The current status of the user. The status of a user changes in response to explicit events, such as admin-driven lifecycle changes, user login, or self-service password recovery. Okta doesn't asynchronously sweep through users and update their password expiry state, for example. Instead, Okta evaluates password policy at login time, notices the password has expired, and moves the user to the expired state. When running reports, remember that the data is valid as of the last login or lifecycle event for that user.</td> +</tr> +<tr> + <td><CopyableCode code="statusChanged" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the status of the user last changed</td> +</tr> +<tr> + <td><CopyableCode code="transitioningToStatus" /></td> + <td><code>string</code></td> + <td>The target status of an in-progress asynchronous status transition. This property is only returned if the user's state is transitioning.</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>object</code></td> + <td>The user type that determines the schema for the user's profile. The `type` property is a map that identifies the [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType). Currently it contains a single element, `id`. It can be specified when creating a new user, and ca be updated by an admin on a full replace of an existing user (but not a partial update).</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_user"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>The unique key for the user</td> +</tr> +<tr> + <td><CopyableCode code="_embedded" /></td> + <td><code>object</code></td> + <td>The embedded resources related to the object if the `expand` query parameter is specified</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="activated" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the user status transitioned to `ACTIVE`</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the user was created</td> +</tr> +<tr> + <td><CopyableCode code="credentials" /></td> + <td><code>object</code></td> + <td>Specifies primary authentication and recovery credentials for a user. Credential types and requirements vary depending on the provider and security policy of the org.</td> +</tr> +<tr> + <td><CopyableCode code="lastLogin" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp of the last login</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the user was last updated</td> +</tr> +<tr> + <td><CopyableCode code="passwordChanged" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the user's password was last updated</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code>object</code></td> + <td>Specifies the default and custom profile properties for a user. The default user profile is based on the [System for Cross-domain Identity Management: Core Schema](https://datatracker.ietf.org/doc/html/rfc7643). The only permitted customizations of the default profile are to update permissions, change whether the `firstName` and `lastName` properties are nullable, and specify a [pattern](https://developer.okta.com/docs/reference/api/schemas/#login-pattern-validation) for `login`. You can use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to make schema modifications. You can extend user profiles with custom properties. You must first add the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to manage schema extensions. Custom attributes can contain HTML tags. It's the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting.</td> +</tr> +<tr> + <td><CopyableCode code="realmId" /></td> + <td><code>string</code></td> + <td>The ID of the realm in which the user is residing. See [Realms](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Realm/). (example: guo1bfiNtSnZYILxO0g4)</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>The current status of the user. The status of a user changes in response to explicit events, such as admin-driven lifecycle changes, user login, or self-service password recovery. Okta doesn't asynchronously sweep through users and update their password expiry state, for example. Instead, Okta evaluates password policy at login time, notices the password has expired, and moves the user to the expired state. When running reports, remember that the data is valid as of the last login or lifecycle event for that user.</td> +</tr> +<tr> + <td><CopyableCode code="statusChanged" /></td> + <td><code>string (date-time)</code></td> + <td>The timestamp when the status of the user last changed</td> +</tr> +<tr> + <td><CopyableCode code="transitioningToStatus" /></td> + <td><code>string</code></td> + <td>The target status of an in-progress asynchronous status transition. This property is only returned if the user's state is transitioning.</td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>object</code></td> + <td>The user type that determines the schema for the user's profile. The `type` property is a map that identifies the [User Types](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType). Currently it contains a single element, `id`. It can be specified when creating a new user, and ca be updated by an admin on a full replace of an existing user (but not a partial update).</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_users"><CopyableCode code="list_users" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-Content-Type"><code>Content-Type</code></a>, <a href="#parameter-search"><code>search</code></a>, <a href="#parameter-filter"><code>filter</code></a>, <a href="#parameter-q"><code>q</code></a>, <a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a>, <a href="#parameter-sortBy"><code>sortBy</code></a>, <a href="#parameter-sortOrder"><code>sortOrder</code></a>, <a href="#parameter-expand"><code>expand</code></a></td> + <td>Lists users in your org, with pagination in most cases.<br /><br />A subset of users can be returned that match a supported filter expression or search criteria. Different results are returned depending on specified queries in the request.<br /><br />> **Note:** This operation omits users that have a status of `DEPROVISIONED` in the response. To return all users, use a filter or search query instead.</td> +</tr> +<tr> + <td><a href="#get_user"><CopyableCode code="get_user" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-Content-Type"><code>Content-Type</code></a>, <a href="#parameter-expand"><code>expand</code></a></td> + <td>Retrieves a user from your Okta org.<br /><br />You can substitute `me` for the `id` to fetch the current user linked to an API token or session cookie.<br /> * The request returns the user linked to the API token that is specified in the Authorization header, not the user linked to the active session. Details of the admin user who granted the API token is returned.<br /> * When the end user has an active Okta session, it is typically a CORS request from the browser. Therefore, it's possible to retrieve the current user without the Authorization header.<br /><br />When fetching a user by `login` or `login shortname`, [URL encode](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding) the request parameter to ensure that special characters are escaped properly. Logins with a `/` character can only be fetched by `id` due to URL issues with escaping the `/` character. If you don't know a user's ID, you can use the [List all users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) endpoint to find it.<br /><br />> **Note:** Some browsers block third-party cookies by default, which disrupts Okta functionality in certain flows. See [Mitigate the impact of third-party cookie deprecation](https://help.okta.com/okta_help.htm?type=oie&id=ext-third-party-cookies).</td> +</tr> +<tr> + <td><a href="#create_user"><CopyableCode code="create_user" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-activate"><code>activate</code></a>, <a href="#parameter-provider"><code>provider</code></a>, <a href="#parameter-nextLogin"><code>nextLogin</code></a></td> + <td>Creates a new user in your Okta org with or without credentials.<br><br />> **Legal Disclaimer**<br />><br />> After a user is added to the Okta directory, they receive an activation email. As part of signing up for this service,<br />> you agreed not to use Okta's service/product to spam and/or send unsolicited messages.<br />> Please refrain from adding unrelated accounts to the directory as Okta is not responsible for, and disclaims any and all<br />> liability associated with, the activation email's content. You, and you alone, bear responsibility for the emails sent to any recipients.<br /><br />All responses return the created user. Activation of a user is an asynchronous operation. The system performs group reconciliation during activation and assigns the user to all apps via direct or indirect relationships (group memberships).<br />* The user's `transitioningToStatus` property is `ACTIVE` during activation to indicate that the user hasn't completed the asynchronous operation.<br />* The user's `status` is `ACTIVE` when the activation process is complete.<br /><br />The user is emailed a one-time activation token if activated without a password.<br /><br />> **Note:** If the user is assigned to an app that is configured for provisioning, the activation process triggers downstream provisioning to the app. It is possible for a user to sign in before these apps have been successfully provisioned for the user.<br /><br />> **Important:** Do not generate or send a one-time activation token when activating users with an assigned password. Users should sign in with their assigned password.<br /><br />For more information about the various scenarios of creating a user listed in the examples, see the [User creation scenarios](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#user-creation-scenarios) section.</td> +</tr> +<tr> + <td><a href="#update_user"><CopyableCode code="update_user" /></a></td> + <td><CopyableCode code="update" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-strict"><code>strict</code></a>, <a href="#parameter-If-Match"><code>If-Match</code></a></td> + <td>Updates a user's profile or credentials with partial update semantics.<br /><br />> **Important:** Use the `POST` method for partial updates. Unspecified properties are set to null with `PUT`.<br /><br />`profile` and `credentials` can be updated independently or together with a single request.<br />> **Note**: Currently, the user type of a user can only be changed via a full replacement PUT operation. If the request parameters of a partial update include the type element from the user object,<br />the value must match the existing type of the user. Only admins are permitted to change the user type of a user; end users are not allowed to change their own user type.<br /><br />> **Note**: To update a current user's profile with partial semantics, the `/api/v1/users/me` endpoint can be invoked.<br />><br />> A user can only update profile properties for which the user has write access. Within the profile, if the user tries to update the primary or the secondary email IDs, verification emails are sent to those email IDs, and the fields are updated only upon verification.<br /><br />If you are using this endpoint to set a password, it sets a password without validating existing user credentials. This is an administrative operation. For operations that validate credentials, refer to the [Reset password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/resetPassword), [Start forgot password flow](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/forgotPassword), and [Update password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/changePassword) endpoints.</td> +</tr> +<tr> + <td><a href="#replace_user"><CopyableCode code="replace_user" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-strict"><code>strict</code></a>, <a href="#parameter-If-Match"><code>If-Match</code></a></td> + <td>Replaces a user's profile, credentials, or both using strict-update semantics.<br /><br />All profile properties must be specified when updating a user's profile with a `PUT` method. Any property not specified in the request is deleted.<br />> **Important:** Don't use a `PUT` method for partial updates.</td> +</tr> +<tr> + <td><a href="#delete_user"><CopyableCode code="delete_user" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-sendEmail"><code>sendEmail</code></a>, <a href="#parameter-Prefer"><code>Prefer</code></a></td> + <td>Deletes a user permanently. This operation can only be performed on users that have a `DEPROVISIONED` status.<br /><br />> **Warning:** This action can't be recovered!<br /><br />This operation on a user that hasn't been deactivated causes that user to be deactivated. A second delete operation is required to delete the user.<br /><br />> **Note:** You can also perform user deletion asynchronously. To invoke asynchronous user deletion, pass an HTTP header `Prefer: respond-async` with the request.<br /><br />This header is also supported by user deactivation, which is performed if the delete endpoint is invoked on a user that hasn't been deactivated.</td> +</tr> +<tr> + <td><a href="#end_user_sessions"><CopyableCode code="end_user_sessions" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Ends Okta sessions for the currently signed in user. By default, the current session remains active. Use this method in a browser-based app.<br />> **Note:** This operation requires a session cookie for the user. The API token isn't allowed for this operation.</td> +</tr> +<tr> + <td><a href="#activate_user"><CopyableCode code="activate_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-sendEmail"><code>sendEmail</code></a></td> + <td>Activates a user.<br /><br />Perform this operation only on users with a `STAGED` or `DEPROVISIONED` status. Activation of a user is an asynchronous operation.<br />* The user has the `transitioningToStatus` property with an `ACTIVE` value during activation. This indicates that the user hasn't completed the asynchronous operation.<br />* The user has an `ACTIVE` status when the activation process completes.<br /><br />Users who don't have a password must complete the welcome flow by visiting the activation link to complete the transition to `ACTIVE` status.<br /><br />> **Note:** If you want to send a branded user activation email, change the subdomain of your request to the custom domain that's associated with the brand.<br />> For example, change `subdomain.okta.com` to `custom.domain.one`. See [Multibrand and custom domains](https://developer.okta.com/docs/concepts/brands/#multibrand-and-custom-domains).<br /><br />> **Note:** If you have optional password enabled, visiting the activation link is optional for users who aren't required to enroll a password.<br />> See [Create user with optional password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-optional-password).<br /><br />> **Legal disclaimer**<br />> After a user is added to the Okta directory, they receive an activation email. As part of signing up for this service,<br />> you agreed not to use Okta's service/product to spam and/or send unsolicited messages.<br />> Please refrain from adding unrelated accounts to the directory as Okta is not responsible for, and disclaims any and all<br />> liability associated with, the activation email's content. You, and you alone, bear responsibility for the emails sent to any recipients.</td> +</tr> +<tr> + <td><a href="#deactivate_user"><CopyableCode code="deactivate_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-sendEmail"><code>sendEmail</code></a>, <a href="#parameter-Prefer"><code>Prefer</code></a></td> + <td>Deactivates a user.<br /><br />Perform this operation only on users that do not have a `DEPROVISIONED` status.<br />* The user's `transitioningToStatus` property is `DEPROVISIONED` during deactivation to indicate that the user hasn't completed the asynchronous operation.<br />* The user's status is `DEPROVISIONED` when the deactivation process is complete.<br /><br />> **Important:** Deactivating a user is a **destructive** operation. The user is deprovisioned from all assigned apps, which might destroy their data such as email or files.<br />**This action cannot be recovered!**<br /><br />You can also perform user deactivation asynchronously. To invoke asynchronous user deactivation, pass an HTTP header `Prefer: respond-async` with the request.</td> +</tr> +<tr> + <td><a href="#expire_password"><CopyableCode code="expire_password" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Expires the password. This operation transitions the user status to `PASSWORD_EXPIRED` so that the user must change their password the next time that they sign in.<br /><br><br />If you have integrated Okta with your on-premises Active Directory (AD), then setting a user's password as expired in Okta also expires the password in AD.<br />When the user tries to sign in to Okta, delegated authentication finds the password-expired status in AD,<br />and the user is presented with the password-expired page where they can change their password.<br /><br />> **Note:** The Okta account management policy doesn't support the `/users/{id}/lifecycle/expire_password` endpoint. See [Configure an Okta account management policy](https://developer.okta.com/docs/guides/okta-account-management-policy/main/).</td> +</tr> +<tr> + <td><a href="#expire_password_with_temp_password"><CopyableCode code="expire_password_with_temp_password" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-revokeSessions"><code>revokeSessions</code></a></td> + <td>Expires the password and resets the user's password to a temporary password. This operation transitions the user status to `PASSWORD_EXPIRED` so that the user must change their password the next time that they sign in.<br />The user's password is reset to a temporary password that's returned, and then the user's password is expired.<br />If `revokeSessions` is included in the request with a value of `true`, the user's current outstanding sessions are revoked and require re-authentication.<br /><br><br />If you have integrated Okta with your on-premises Active Directory (AD), then setting a user's password as expired in Okta also expires the password in AD.<br />When the user tries to sign in to Okta, delegated authentication finds the password-expired status in AD,<br />and the user is presented with the password-expired page where they can change their password.</td> +</tr> +<tr> + <td><a href="#reactivate_user"><CopyableCode code="reactivate_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-sendEmail"><code>sendEmail</code></a></td> + <td>Reactivates a user.<br /><br />Perform this operation only on users with a `PROVISIONED` or `RECOVERY` [status](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!c=200&path=status&t=response).<br />This operation restarts the activation workflow if for some reason the user activation wasn't completed when using the `activationToken` from [Activate User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserLifecycle/#tag/UserLifecycle/operation/activateUser).<br /><br />Users that don't have a password must complete the flow by completing the [Reset password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/resetPassword) flow and MFA enrollment steps to transition the user to `ACTIVE` status.<br /><br />If `sendEmail` is `false`, returns an activation link for the user to set up their account. The activation token can be used to create a custom activation link.</td> +</tr> +<tr> + <td><a href="#reset_factors"><CopyableCode code="reset_factors" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Resets all factors for the specified user. All MFA factor enrollments return to the unenrolled state. The user's status remains `ACTIVE`. This link is present only if the user is currently enrolled in one or more MFA factors.</td> +</tr> +<tr> + <td><a href="#reset_password"><CopyableCode code="reset_password" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-sendEmail"><code>sendEmail</code></a>, <a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-revokeSessions"><code>revokeSessions</code></a></td> + <td>Resets a password. Generates a one-time token (OTT) that you can use to reset a user's password. You can automatically email the OTT link to the user or return the OTT to the API caller and distribute using a custom flow.<br /><br />This operation transitions the user to the `RECOVERY` status. The user is then not able to sign in or initiate a forgot password flow until they complete the reset flow.<br /><br />This operation provides an option to delete all the user's sessions. However, if the request is made in the context of a session owned by the specified user, that session isn't cleared.<br />> **Note:** You can also use this API to convert a user with the Okta credential provider to use a federated provider. After this conversion, the user can't directly sign in with a password.<br />> To convert a federated user back to an Okta user, use the default API call.<br /><br />If an email address is associated with multiple users, keep in mind the following to ensure a successful password recovery lookup:<br /> * Okta no longer includes deactivated users in the lookup.<br /> * The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses.<br /> If `sendEmail` is `false`, returns a link for the user to reset their password.</td> +</tr> +<tr> + <td><a href="#suspend_user"><CopyableCode code="suspend_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Suspends a user. Perform this operation only on users with an `ACTIVE` status. The user has a `SUSPENDED` status when the process completes.<br /><br />Suspended users can't sign in to Okta. They can only be unsuspended or deactivated. Their group and app assignments are retained.</td> +</tr> +<tr> + <td><a href="#unlock_user"><CopyableCode code="unlock_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Unlocks a user with a `LOCKED_OUT` status or unlocks a user with an `ACTIVE` status that's blocked from unknown devices. Unlocked users have an `ACTIVE` status and can sign in with their current password.<br />> **Note:** This operation works with Okta-sourced users. It doesn't support directory-sourced accounts such as Active Directory.</td> +</tr> +<tr> + <td><a href="#unsuspend_user"><CopyableCode code="unsuspend_user" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Unsuspends a user and returns them to the `ACTIVE` state. This operation can only be performed on users that have a `SUSPENDED` status.</td> +</tr> +<tr> + <td><a href="#change_password"><CopyableCode code="change_password" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-strict"><code>strict</code></a></td> + <td>Updates a user's password by validating the user's current password.<br /><br />This operation provides an option to delete all the sessions of the specified user. However, if the request is made in the context of a session owned by the specified user, that session isn't cleared.<br /><br />You can only perform this operation on users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid [password credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request).<br /><br />The user transitions to `ACTIVE` status when successfully invoked in `RECOVERY` status.<br /><br />> **Note:** The Okta account management policy doesn't support the `/users/{userId}/credentials/change_password` endpoint. See [Configure an Okta account management policy](https://developer.okta.com/docs/guides/okta-account-management-policy/main/).</td> +</tr> +<tr> + <td><a href="#change_recovery_question"><CopyableCode code="change_recovery_question" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Updates a user's recovery question and answer credential by validating the user's current password.<br />You can only perform this operation on users in `STAGED`, `ACTIVE`, or `RECOVERY` status that have a valid [password credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request).</td> +</tr> +<tr> + <td><a href="#forgot_password"><CopyableCode code="forgot_password" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-sendEmail"><code>sendEmail</code></a></td> + <td>Starts the forgot password flow.<br /><br />Generates a one-time token (OTT) that you can use to reset a user's password.<br /><br />The user must validate their security question's answer when visiting the reset link. Perform this operation only on users with an `ACTIVE` status and<br />a valid [recovery question credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/recovery_question&t=request).<br /><br />> **Note:** If you have migrated to Identity Engine, you can allow users to recover passwords with any enrolled MFA authenticator. See [Self-service account recovery](https://help.okta.com/oie/en-us/content/topics/identity-engine/authenticators/configure-sspr.htm?cshid=ext-config-sspr).<br /><br />If an email address is associated with multiple users, keep in mind the following to ensure a successful password recovery lookup:<br /> * Okta no longer includes deactivated users in the lookup.<br /> * The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses.<br /><br />If `sendEmail` is `false`, returns a link for the user to reset their password. This operation doesn't affect the status of the user.</td> +</tr> +<tr> + <td><a href="#forgot_password_set_new_password"><CopyableCode code="forgot_password_set_new_password" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-sendEmail"><code>sendEmail</code></a></td> + <td>Resets the user's password to the specified password if the provided answer to the recovery question is correct.<br />You must include the recovery question answer with the submission.</td> +</tr> +<tr> + <td><a href="#revoke_user_sessions"><CopyableCode code="revoke_user_sessions" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-oauthTokens"><code>oauthTokens</code></a>, <a href="#parameter-forgetDevices"><code>forgetDevices</code></a></td> + <td>Revokes all active identity provider sessions of the user. This forces the user to authenticate on the next operation. Optionally revokes OpenID Connect and OAuth refresh and access tokens issued to the user.<br /><br />You can also clear the user's remembered factors for all devices using the `forgetDevices` parameter. See [forgetDevices](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserSessions/#tag/UserSessions/operation/revokeUserSessions!in=query&path=forgetDevices&t=request).<br />> **Note:** This operation doesn't clear the sessions created for web or native apps.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-sendEmail"> + <td><CopyableCode code="sendEmail" /></td> + <td><code>boolean</code></td> + <td></td> +</tr> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-Content-Type"> + <td><CopyableCode code="Content-Type" /></td> + <td><code>string</code></td> + <td>Specifies the media type of the resource. Optional `okta-response` value can be included for performance optimization. Complex DelAuth configurations may degrade performance when fetching specific parts of the response, and passing this parameter can omit these parts, bypassing the bottleneck. Enum values for `okta-response`: * `omitCredentials`: Omits the credentials subobject from the response. * `omitCredentialsLinks`: Omits the following HAL links from the response: Update password, Change recovery question, Start forgot password flow, Reset password, Reset factors, Unlock. * `omitTransitioningToStatus`: Omits the `transitioningToStatus` field from the response.</td> +</tr> +<tr id="parameter-If-Match"> + <td><CopyableCode code="If-Match" /></td> + <td><code>string</code></td> + <td>The ETag value of the user's expected current state. This becomes a conditional request used for concurrency control. See [Conditional Requests and Entity Tags]https://developer.okta.com/docs/api#conditional-requests-and-entity-tags. (example: W/"1234567890abcdef")</td> +</tr> +<tr id="parameter-Prefer"> + <td><CopyableCode code="Prefer" /></td> + <td><code>string</code></td> + <td>Request asynchronous processing</td> +</tr> +<tr id="parameter-activate"> + <td><CopyableCode code="activate" /></td> + <td><code>boolean</code></td> + <td>Executes an [activation lifecycle](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserLifecycle/#tag/UserLifecycle/operation/activateUser) operation when creating the user</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td>The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).</td> +</tr> +<tr id="parameter-expand"> + <td><CopyableCode code="expand" /></td> + <td><code>string</code></td> + <td>An optional parameter to include metadata in the `_embedded` attribute. Valid values: `blocks` or <x-lifecycle class="ea"></x-lifecycle> `classification`.</td> +</tr> +<tr id="parameter-filter"> + <td><CopyableCode code="filter" /></td> + <td><code>string</code></td> + <td>Filters users with a supported expression for a subset of properties. > **Note:** Returned users include those with the `DEPROVISIONED` status. This requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `filter=lastUpdated gt "2013-06-01T00:00:00.000Z"` is encoded as `filter=lastUpdated%20gt%20%222013-06-01T00:00:00.000Z%22`. Filtering is case-sensitive for property names and query values, while operators are case-insensitive. Filtering supports the following limited number of properties: `status`, `lastUpdated`, `id`, `profile.login`, `profile.email`, `profile.firstName`, and `profile.lastName`. Additionally, filtering supports only the equal `eq` operator from the standard Okta API filtering semantics, except in the case of the `lastUpdated` property. This property can also use the inequality operators (`gt`, `ge`, `lt`, and `le`). For logical operators, only the logical operators `and` and `or` are supported. The `not` operator isn't supported. See [Filter](https://developer.okta.com/docs/api/#filter) and [Operators](https://developer.okta.com/docs/api/#operators).</td> +</tr> +<tr id="parameter-forgetDevices"> + <td><CopyableCode code="forgetDevices" /></td> + <td><code>boolean</code></td> + <td>Clears the user's remembered factors for all devices. > **Note:** This parameter defaults to false in Classic Engine.</td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer (int32)</code></td> + <td>Specifies the number of results returned. Defaults to 10 if `q` is provided.</td> +</tr> +<tr id="parameter-nextLogin"> + <td><CopyableCode code="nextLogin" /></td> + <td><code>string</code></td> + <td>With `activate=true`, if `nextLogin=changePassword`, a user is created, activated, and the password is set to `EXPIRED`. The user must change it the next time they sign in.</td> +</tr> +<tr id="parameter-oauthTokens"> + <td><CopyableCode code="oauthTokens" /></td> + <td><code>boolean</code></td> + <td>Revokes issued OpenID Connect and OAuth refresh and access tokens</td> +</tr> +<tr id="parameter-provider"> + <td><CopyableCode code="provider" /></td> + <td><code>boolean</code></td> + <td>Indicates whether to create a user with a specified authentication provider</td> +</tr> +<tr id="parameter-q"> + <td><CopyableCode code="q" /></td> + <td><code>string</code></td> + <td>Finds users who match the specified query. This doesn't support pagination. > **Note:** For optimal performance, use the `search` parameter instead. Use the `q` parameter for simple queries, such as a lookup of users by name when creating a people picker. The value of `q` is matched against `firstName`, `lastName`, or `email`. This performs a `startsWith` match, but this is an implementation detail and can change without notice. You don't need to specify `firstName`, `lastName`, or `email`. > **Note:** Using the `q` parameter in a request omits users that have a status of `DEPROVISIONED`. To return all users, use a filter or search query instead.</td> +</tr> +<tr id="parameter-revokeSessions"> + <td><CopyableCode code="revokeSessions" /></td> + <td><code>boolean</code></td> + <td>Revokes all user sessions, except for the current session, if set to `true`</td> +</tr> +<tr id="parameter-search"> + <td><CopyableCode code="search" /></td> + <td><code>string</code></td> + <td>Searches for users with a supported filtering expression for most properties. Okta recommends using this parameter for optimal search performance. > **Note:** Using an overly complex or long search query can result in an error. This operation supports [pagination](https://developer.okta.com/docs/api/#pagination). Use an ID lookup for records that you update to ensure your results contain the latest data. Returned users include those with the `DEPROVISIONED` status. Property names in the search parameter are case sensitive, whereas operators (`eq`, `sw`, and so on) and string values are case insensitive. Unlike with user logins, diacritical marks are significant in search string values: a search for `isaac.brock` finds `Isaac.Brock`, but doesn't find a property whose value is `isáàc.bröck`. This operation requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `search=profile.department eq "Engineering"` is encoded as `search=profile.department%20eq%20%22Engineering%22`. If you use the special character `"` within a quoted string, it must also be escaped `\` and encoded. For example, `search=profile.lastName eq "bob"smith"` is encoded as `search=profile.lastName%20eq%20%22bob%5C%22smith%22`. See [Special Characters](https://developer.okta.com/docs/api/#special-characters). This operation searches many properties: * Any user profile attribute, including custom-defined attributes * The top-level properties: `id`, `status`, `created`, `activated`, `statusChanged`, and `lastUpdated` * The [user type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType/operation/updateUserType) accessed as `type.id` > **Note:** <x-lifecycle class="ea"></x-lifecycle> The ability to search by user classification is available as an [Early Access](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/guides/release-lifecycle/#early-access-ea) feature. The `classification.type` property cannot be used in conjunction with other search terms. You can search using `classification.type eq "LITE"` or `classification.type eq "STANDARD"`. You can also use `sortBy` and `sortOrder` parameters. The `ne` (not equal) operator isn't supported, but you can obtain the same result by using `lt ... or ... gt`. For example, to see all users except those that have a status of `STAGED`, use `(status lt "STAGED" or status gt "STAGED")`. You can search properties that are arrays. If any element matches the search term, the entire array (object) is returned. Okta follows the [SCIM Protocol Specification](https://tools.ietf.org/html/rfc7644#section-3.4.2.2) for searching arrays. You can search multiple arrays, multiple values in an array, as well as using the standard logical and filtering operators. See [Filter](https://developer.okta.com/docs/reference/core-okta-api/#filter). Searches for users can be filtered by the following operators: `sw`, `eq`, and `co`. You can only use `co` with these select user profile attributes: `profile.firstName`, `profile.lastName`, `profile.email`, and `profile.login`. See [Operators](https://developer.okta.com/docs/api/#operators).</td> +</tr> +<tr id="parameter-sendEmail"> + <td><CopyableCode code="sendEmail" /></td> + <td><code>boolean</code></td> + <td></td> +</tr> +<tr id="parameter-sortBy"> + <td><CopyableCode code="sortBy" /></td> + <td><code>string</code></td> + <td>Specifies field to sort by (for search queries only). This can be any single property, for example `sortBy=profile.lastName`. Users with the same value for the `sortBy` property will be ordered by `id`.</td> +</tr> +<tr id="parameter-sortOrder"> + <td><CopyableCode code="sortOrder" /></td> + <td><code>string</code></td> + <td>Specifies the sort order: `asc` or `desc` (for search queries only). Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. `sortOrder` is ignored if `sortBy` isn't present.</td> +</tr> +<tr id="parameter-strict"> + <td><CopyableCode code="strict" /></td> + <td><code>boolean</code></td> + <td>If true, validates against the password minimum age policy</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_users" + values={[ + { label: 'list_users', value: 'list_users' }, + { label: 'get_user', value: 'get_user' } + ]} +> +<TabItem value="list_users"> + +Lists users in your org, with pagination in most cases.<br /><br />A subset of users can be returned that match a supported filter expression or search criteria. Different results are returned depending on specified queries in the request.<br /><br />> **Note:** This operation omits users that have a status of `DEPROVISIONED` in the response. To return all users, use a filter or search query instead. + +```sql +SELECT +id, +_embedded, +_links, +activated, +created, +credentials, +lastLogin, +lastUpdated, +passwordChanged, +profile, +realmId, +status, +statusChanged, +transitioningToStatus, +type +FROM okta.users.users +WHERE subdomain = '{{ subdomain }}' -- required +AND Content-Type = '{{ Content-Type }}' +AND search = '{{ search }}' +AND filter = '{{ filter }}' +AND q = '{{ q }}' +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND sortBy = '{{ sortBy }}' +AND sortOrder = '{{ sortOrder }}' +AND expand = '{{ expand }}'; +``` +</TabItem> +<TabItem value="get_user"> + +Retrieves a user from your Okta org.<br /><br />You can substitute `me` for the `id` to fetch the current user linked to an API token or session cookie.<br /> * The request returns the user linked to the API token that is specified in the Authorization header, not the user linked to the active session. Details of the admin user who granted the API token is returned.<br /> * When the end user has an active Okta session, it is typically a CORS request from the browser. Therefore, it's possible to retrieve the current user without the Authorization header.<br /><br />When fetching a user by `login` or `login shortname`, [URL encode](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding) the request parameter to ensure that special characters are escaped properly. Logins with a `/` character can only be fetched by `id` due to URL issues with escaping the `/` character. If you don't know a user's ID, you can use the [List all users](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers) endpoint to find it.<br /><br />> **Note:** Some browsers block third-party cookies by default, which disrupts Okta functionality in certain flows. See [Mitigate the impact of third-party cookie deprecation](https://help.okta.com/okta_help.htm?type=oie&id=ext-third-party-cookies). + +```sql +SELECT +id, +_embedded, +_links, +activated, +created, +credentials, +lastLogin, +lastUpdated, +passwordChanged, +profile, +realmId, +status, +statusChanged, +transitioningToStatus, +type +FROM okta.users.users +WHERE subdomain = '{{ subdomain }}' -- required +AND Content-Type = '{{ Content-Type }}' +AND expand = '{{ expand }}'; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_user" + values={[ + { label: 'create_user', value: 'create_user' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_user"> + +Creates a new user in your Okta org with or without credentials.<br><br />> **Legal Disclaimer**<br />><br />> After a user is added to the Okta directory, they receive an activation email. As part of signing up for this service,<br />> you agreed not to use Okta's service/product to spam and/or send unsolicited messages.<br />> Please refrain from adding unrelated accounts to the directory as Okta is not responsible for, and disclaims any and all<br />> liability associated with, the activation email's content. You, and you alone, bear responsibility for the emails sent to any recipients.<br /><br />All responses return the created user. Activation of a user is an asynchronous operation. The system performs group reconciliation during activation and assigns the user to all apps via direct or indirect relationships (group memberships).<br />* The user's `transitioningToStatus` property is `ACTIVE` during activation to indicate that the user hasn't completed the asynchronous operation.<br />* The user's `status` is `ACTIVE` when the activation process is complete.<br /><br />The user is emailed a one-time activation token if activated without a password.<br /><br />> **Note:** If the user is assigned to an app that is configured for provisioning, the activation process triggers downstream provisioning to the app. It is possible for a user to sign in before these apps have been successfully provisioned for the user.<br /><br />> **Important:** Do not generate or send a one-time activation token when activating users with an assigned password. Users should sign in with their assigned password.<br /><br />For more information about the various scenarios of creating a user listed in the examples, see the [User creation scenarios](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#user-creation-scenarios) section. + +```sql +INSERT INTO okta.users.users ( +data__credentials, +data__groupIds, +data__profile, +data__realmId, +data__type, +subdomain, +activate, +provider, +nextLogin +) +SELECT +'{{ credentials }}', +'{{ groupIds }}', +'{{ profile }}' --required, +'{{ realmId }}', +'{{ type }}', +'{{ subdomain }}', +'{{ activate }}', +'{{ provider }}', +'{{ nextLogin }}' +RETURNING +id, +_embedded, +_links, +activated, +created, +credentials, +lastLogin, +lastUpdated, +passwordChanged, +profile, +realmId, +status, +statusChanged, +transitioningToStatus, +type +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: users + props: + - name: subdomain + value: string + description: Required parameter for the users resource. + - name: credentials + value: object + description: > + Specifies primary authentication and recovery credentials for a user. Credential types and requirements vary depending on the provider and security policy of the org. + + - name: groupIds + value: array + description: > + The list of group IDs of groups that the user is added to at the time of creation + + - name: profile + value: object + description: > + Specifies the default and custom profile properties for a user. + +The default user profile is based on the [System for Cross-domain Identity Management: Core Schema](https://datatracker.ietf.org/doc/html/rfc7643). + +The only permitted customizations of the default profile are to update permissions, change whether the `firstName` and `lastName` properties are nullable, and specify a [pattern](https://developer.okta.com/docs/reference/api/schemas/#login-pattern-validation) for `login`. You can use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to make schema modifications. + +You can extend user profiles with custom properties. You must first add the custom property to the user profile schema before you reference it. +You can use the Profile Editor in the Admin Console or the [Schemas API](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UISchema/#tag/UISchema) to manage schema extensions. + +Custom attributes can contain HTML tags. It's the client's responsibility to escape or encode this data before displaying it. Use [best-practices](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) to prevent cross-site scripting. + + - name: realmId + value: string + description: > + The ID of the realm in which the user is residing. See [Realms](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Realm/). + + - name: type + value: object + description: > + The ID of the user type. Add this value if you want to create a user with a non-default [User Type](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/). +The user type determines which [schema](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Schema/) applies to that user. After a user has been created, the user can +only be assigned a different user type by an administrator through a full replacement (`PUT`) operation. + + - name: activate + value: boolean + description: Executes an [activation lifecycle](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserLifecycle/#tag/UserLifecycle/operation/activateUser) operation when creating the user + - name: provider + value: boolean + description: Indicates whether to create a user with a specified authentication provider + - name: nextLogin + value: string + description: With `activate=true`, if `nextLogin=changePassword`, a user is created, activated, and the password is set to `EXPIRED`. The user must change it the next time they sign in. +``` +</TabItem> +</Tabs> + + +## `UPDATE` examples + +<Tabs + defaultValue="update_user" + values={[ + { label: 'update_user', value: 'update_user' } + ]} +> +<TabItem value="update_user"> + +Updates a user's profile or credentials with partial update semantics.<br /><br />> **Important:** Use the `POST` method for partial updates. Unspecified properties are set to null with `PUT`.<br /><br />`profile` and `credentials` can be updated independently or together with a single request.<br />> **Note**: Currently, the user type of a user can only be changed via a full replacement PUT operation. If the request parameters of a partial update include the type element from the user object,<br />the value must match the existing type of the user. Only admins are permitted to change the user type of a user; end users are not allowed to change their own user type.<br /><br />> **Note**: To update a current user's profile with partial semantics, the `/api/v1/users/me` endpoint can be invoked.<br />><br />> A user can only update profile properties for which the user has write access. Within the profile, if the user tries to update the primary or the secondary email IDs, verification emails are sent to those email IDs, and the fields are updated only upon verification.<br /><br />If you are using this endpoint to set a password, it sets a password without validating existing user credentials. This is an administrative operation. For operations that validate credentials, refer to the [Reset password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/resetPassword), [Start forgot password flow](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/forgotPassword), and [Update password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/changePassword) endpoints. + +```sql +UPDATE okta.users.users +SET +data__credentials = '{{ credentials }}', +data__profile = '{{ profile }}', +data__realmId = '{{ realmId }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND strict = {{ strict}} +AND If-Match = '{{ If-Match}}' +RETURNING +id, +_embedded, +_links, +activated, +created, +credentials, +lastLogin, +lastUpdated, +passwordChanged, +profile, +realmId, +status, +statusChanged, +transitioningToStatus, +type; +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_user" + values={[ + { label: 'replace_user', value: 'replace_user' } + ]} +> +<TabItem value="replace_user"> + +Replaces a user's profile, credentials, or both using strict-update semantics.<br /><br />All profile properties must be specified when updating a user's profile with a `PUT` method. Any property not specified in the request is deleted.<br />> **Important:** Don't use a `PUT` method for partial updates. + +```sql +REPLACE okta.users.users +SET +data__credentials = '{{ credentials }}', +data__profile = '{{ profile }}', +data__realmId = '{{ realmId }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND strict = {{ strict}} +AND If-Match = '{{ If-Match}}' +RETURNING +id, +_embedded, +_links, +activated, +created, +credentials, +lastLogin, +lastUpdated, +passwordChanged, +profile, +realmId, +status, +statusChanged, +transitioningToStatus, +type; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_user" + values={[ + { label: 'delete_user', value: 'delete_user' } + ]} +> +<TabItem value="delete_user"> + +Deletes a user permanently. This operation can only be performed on users that have a `DEPROVISIONED` status.<br /><br />> **Warning:** This action can't be recovered!<br /><br />This operation on a user that hasn't been deactivated causes that user to be deactivated. A second delete operation is required to delete the user.<br /><br />> **Note:** You can also perform user deletion asynchronously. To invoke asynchronous user deletion, pass an HTTP header `Prefer: respond-async` with the request.<br /><br />This header is also supported by user deactivation, which is performed if the delete endpoint is invoked on a user that hasn't been deactivated. + +```sql +DELETE FROM okta.users.users +WHERE subdomain = '{{ subdomain }}' --required +AND sendEmail = '{{ sendEmail }}' +AND Prefer = '{{ Prefer }}'; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="end_user_sessions" + values={[ + { label: 'end_user_sessions', value: 'end_user_sessions' }, + { label: 'activate_user', value: 'activate_user' }, + { label: 'deactivate_user', value: 'deactivate_user' }, + { label: 'expire_password', value: 'expire_password' }, + { label: 'expire_password_with_temp_password', value: 'expire_password_with_temp_password' }, + { label: 'reactivate_user', value: 'reactivate_user' }, + { label: 'reset_factors', value: 'reset_factors' }, + { label: 'reset_password', value: 'reset_password' }, + { label: 'suspend_user', value: 'suspend_user' }, + { label: 'unlock_user', value: 'unlock_user' }, + { label: 'unsuspend_user', value: 'unsuspend_user' }, + { label: 'change_password', value: 'change_password' }, + { label: 'change_recovery_question', value: 'change_recovery_question' }, + { label: 'forgot_password', value: 'forgot_password' }, + { label: 'forgot_password_set_new_password', value: 'forgot_password_set_new_password' }, + { label: 'revoke_user_sessions', value: 'revoke_user_sessions' } + ]} +> +<TabItem value="end_user_sessions"> + +Ends Okta sessions for the currently signed in user. By default, the current session remains active. Use this method in a browser-based app.<br />> **Note:** This operation requires a session cookie for the user. The API token isn't allowed for this operation. + +```sql +EXEC okta.users.users.end_user_sessions +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"keepCurrent": {{ keepCurrent }} +}'; +``` +</TabItem> +<TabItem value="activate_user"> + +Activates a user.<br /><br />Perform this operation only on users with a `STAGED` or `DEPROVISIONED` status. Activation of a user is an asynchronous operation.<br />* The user has the `transitioningToStatus` property with an `ACTIVE` value during activation. This indicates that the user hasn't completed the asynchronous operation.<br />* The user has an `ACTIVE` status when the activation process completes.<br /><br />Users who don't have a password must complete the welcome flow by visiting the activation link to complete the transition to `ACTIVE` status.<br /><br />> **Note:** If you want to send a branded user activation email, change the subdomain of your request to the custom domain that's associated with the brand.<br />> For example, change `subdomain.okta.com` to `custom.domain.one`. See [Multibrand and custom domains](https://developer.okta.com/docs/concepts/brands/#multibrand-and-custom-domains).<br /><br />> **Note:** If you have optional password enabled, visiting the activation link is optional for users who aren't required to enroll a password.<br />> See [Create user with optional password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#create-user-with-optional-password).<br /><br />> **Legal disclaimer**<br />> After a user is added to the Okta directory, they receive an activation email. As part of signing up for this service,<br />> you agreed not to use Okta's service/product to spam and/or send unsolicited messages.<br />> Please refrain from adding unrelated accounts to the directory as Okta is not responsible for, and disclaims any and all<br />> liability associated with, the activation email's content. You, and you alone, bear responsibility for the emails sent to any recipients. + +```sql +EXEC okta.users.users.activate_user +@subdomain='{{ subdomain }}' --required, +@sendEmail={{ sendEmail }}; +``` +</TabItem> +<TabItem value="deactivate_user"> + +Deactivates a user.<br /><br />Perform this operation only on users that do not have a `DEPROVISIONED` status.<br />* The user's `transitioningToStatus` property is `DEPROVISIONED` during deactivation to indicate that the user hasn't completed the asynchronous operation.<br />* The user's status is `DEPROVISIONED` when the deactivation process is complete.<br /><br />> **Important:** Deactivating a user is a **destructive** operation. The user is deprovisioned from all assigned apps, which might destroy their data such as email or files.<br />**This action cannot be recovered!**<br /><br />You can also perform user deactivation asynchronously. To invoke asynchronous user deactivation, pass an HTTP header `Prefer: respond-async` with the request. + +```sql +EXEC okta.users.users.deactivate_user +@subdomain='{{ subdomain }}' --required, +@sendEmail={{ sendEmail }}, +@Prefer='{{ Prefer }}'; +``` +</TabItem> +<TabItem value="expire_password"> + +Expires the password. This operation transitions the user status to `PASSWORD_EXPIRED` so that the user must change their password the next time that they sign in.<br /><br><br />If you have integrated Okta with your on-premises Active Directory (AD), then setting a user's password as expired in Okta also expires the password in AD.<br />When the user tries to sign in to Okta, delegated authentication finds the password-expired status in AD,<br />and the user is presented with the password-expired page where they can change their password.<br /><br />> **Note:** The Okta account management policy doesn't support the `/users/{id}/lifecycle/expire_password` endpoint. See [Configure an Okta account management policy](https://developer.okta.com/docs/guides/okta-account-management-policy/main/). + +```sql +EXEC okta.users.users.expire_password +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="expire_password_with_temp_password"> + +Expires the password and resets the user's password to a temporary password. This operation transitions the user status to `PASSWORD_EXPIRED` so that the user must change their password the next time that they sign in.<br />The user's password is reset to a temporary password that's returned, and then the user's password is expired.<br />If `revokeSessions` is included in the request with a value of `true`, the user's current outstanding sessions are revoked and require re-authentication.<br /><br><br />If you have integrated Okta with your on-premises Active Directory (AD), then setting a user's password as expired in Okta also expires the password in AD.<br />When the user tries to sign in to Okta, delegated authentication finds the password-expired status in AD,<br />and the user is presented with the password-expired page where they can change their password. + +```sql +EXEC okta.users.users.expire_password_with_temp_password +@subdomain='{{ subdomain }}' --required, +@revokeSessions={{ revokeSessions }}; +``` +</TabItem> +<TabItem value="reactivate_user"> + +Reactivates a user.<br /><br />Perform this operation only on users with a `PROVISIONED` or `RECOVERY` [status](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!c=200&path=status&t=response).<br />This operation restarts the activation workflow if for some reason the user activation wasn't completed when using the `activationToken` from [Activate User](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserLifecycle/#tag/UserLifecycle/operation/activateUser).<br /><br />Users that don't have a password must complete the flow by completing the [Reset password](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserCred/#tag/UserCred/operation/resetPassword) flow and MFA enrollment steps to transition the user to `ACTIVE` status.<br /><br />If `sendEmail` is `false`, returns an activation link for the user to set up their account. The activation token can be used to create a custom activation link. + +```sql +EXEC okta.users.users.reactivate_user +@subdomain='{{ subdomain }}' --required, +@sendEmail={{ sendEmail }}; +``` +</TabItem> +<TabItem value="reset_factors"> + +Resets all factors for the specified user. All MFA factor enrollments return to the unenrolled state. The user's status remains `ACTIVE`. This link is present only if the user is currently enrolled in one or more MFA factors. + +```sql +EXEC okta.users.users.reset_factors +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="reset_password"> + +Resets a password. Generates a one-time token (OTT) that you can use to reset a user's password. You can automatically email the OTT link to the user or return the OTT to the API caller and distribute using a custom flow.<br /><br />This operation transitions the user to the `RECOVERY` status. The user is then not able to sign in or initiate a forgot password flow until they complete the reset flow.<br /><br />This operation provides an option to delete all the user's sessions. However, if the request is made in the context of a session owned by the specified user, that session isn't cleared.<br />> **Note:** You can also use this API to convert a user with the Okta credential provider to use a federated provider. After this conversion, the user can't directly sign in with a password.<br />> To convert a federated user back to an Okta user, use the default API call.<br /><br />If an email address is associated with multiple users, keep in mind the following to ensure a successful password recovery lookup:<br /> * Okta no longer includes deactivated users in the lookup.<br /> * The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses.<br /> If `sendEmail` is `false`, returns a link for the user to reset their password. + +```sql +EXEC okta.users.users.reset_password +@sendEmail='{{ sendEmail }}' --required, +@subdomain='{{ subdomain }}' --required, +@revokeSessions={{ revokeSessions }}; +``` +</TabItem> +<TabItem value="suspend_user"> + +Suspends a user. Perform this operation only on users with an `ACTIVE` status. The user has a `SUSPENDED` status when the process completes.<br /><br />Suspended users can't sign in to Okta. They can only be unsuspended or deactivated. Their group and app assignments are retained. + +```sql +EXEC okta.users.users.suspend_user +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="unlock_user"> + +Unlocks a user with a `LOCKED_OUT` status or unlocks a user with an `ACTIVE` status that's blocked from unknown devices. Unlocked users have an `ACTIVE` status and can sign in with their current password.<br />> **Note:** This operation works with Okta-sourced users. It doesn't support directory-sourced accounts such as Active Directory. + +```sql +EXEC okta.users.users.unlock_user +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="unsuspend_user"> + +Unsuspends a user and returns them to the `ACTIVE` state. This operation can only be performed on users that have a `SUSPENDED` status. + +```sql +EXEC okta.users.users.unsuspend_user +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="change_password"> + +Updates a user's password by validating the user's current password.<br /><br />This operation provides an option to delete all the sessions of the specified user. However, if the request is made in the context of a session owned by the specified user, that session isn't cleared.<br /><br />You can only perform this operation on users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid [password credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request).<br /><br />The user transitions to `ACTIVE` status when successfully invoked in `RECOVERY` status.<br /><br />> **Note:** The Okta account management policy doesn't support the `/users/{userId}/credentials/change_password` endpoint. See [Configure an Okta account management policy](https://developer.okta.com/docs/guides/okta-account-management-policy/main/). + +```sql +EXEC okta.users.users.change_password +@subdomain='{{ subdomain }}' --required, +@strict={{ strict }} +@@json= +'{ +"newPassword": "{{ newPassword }}", +"oldPassword": "{{ oldPassword }}", +"revokeSessions": {{ revokeSessions }} +}'; +``` +</TabItem> +<TabItem value="change_recovery_question"> + +Updates a user's recovery question and answer credential by validating the user's current password.<br />You can only perform this operation on users in `STAGED`, `ACTIVE`, or `RECOVERY` status that have a valid [password credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request). + +```sql +EXEC okta.users.users.change_recovery_question +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"password": "{{ password }}", +"recovery_question": "{{ recovery_question }}" +}'; +``` +</TabItem> +<TabItem value="forgot_password"> + +Starts the forgot password flow.<br /><br />Generates a one-time token (OTT) that you can use to reset a user's password.<br /><br />The user must validate their security question's answer when visiting the reset link. Perform this operation only on users with an `ACTIVE` status and<br />a valid [recovery question credential](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/recovery_question&t=request).<br /><br />> **Note:** If you have migrated to Identity Engine, you can allow users to recover passwords with any enrolled MFA authenticator. See [Self-service account recovery](https://help.okta.com/oie/en-us/content/topics/identity-engine/authenticators/configure-sspr.htm?cshid=ext-config-sspr).<br /><br />If an email address is associated with multiple users, keep in mind the following to ensure a successful password recovery lookup:<br /> * Okta no longer includes deactivated users in the lookup.<br /> * The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses.<br /><br />If `sendEmail` is `false`, returns a link for the user to reset their password. This operation doesn't affect the status of the user. + +```sql +EXEC okta.users.users.forgot_password +@subdomain='{{ subdomain }}' --required, +@sendEmail={{ sendEmail }}; +``` +</TabItem> +<TabItem value="forgot_password_set_new_password"> + +Resets the user's password to the specified password if the provided answer to the recovery question is correct.<br />You must include the recovery question answer with the submission. + +```sql +EXEC okta.users.users.forgot_password_set_new_password +@subdomain='{{ subdomain }}' --required, +@sendEmail={{ sendEmail }} +@@json= +'{ +"password": "{{ password }}", +"recovery_question": "{{ recovery_question }}" +}'; +``` +</TabItem> +<TabItem value="revoke_user_sessions"> + +Revokes all active identity provider sessions of the user. This forces the user to authenticate on the next operation. Optionally revokes OpenID Connect and OAuth refresh and access tokens issued to the user.<br /><br />You can also clear the user's remembered factors for all devices using the `forgetDevices` parameter. See [forgetDevices](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserSessions/#tag/UserSessions/operation/revokeUserSessions!in=query&path=forgetDevices&t=request).<br />> **Note:** This operation doesn't clear the sessions created for web or native apps. + +```sql +EXEC okta.users.users.revoke_user_sessions +@subdomain='{{ subdomain }}' --required, +@oauthTokens={{ oauthTokens }}, +@forgetDevices={{ forgetDevices }}; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/webauthn_registration/enrollments/index.md b/website/docs/services/webauthn_registration/enrollments/index.md new file mode 100644 index 0000000..fa88e88 --- /dev/null +++ b/website/docs/services/webauthn_registration/enrollments/index.md @@ -0,0 +1,327 @@ +--- +title: enrollments +hide_title: false +hide_table_of_contents: false +keywords: + - enrollments + - webauthn_registration + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists an <code>enrollments</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>enrollments</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.webauthn_registration.enrollments" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_web_authn_preregistration_factors" + values={[ + { label: 'list_web_authn_preregistration_factors', value: 'list_web_authn_preregistration_factors' } + ]} +> +<TabItem value="list_web_authn_preregistration_factors"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>ID of the factor</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp indicating when the factor was enrolled</td> +</tr> +<tr> + <td><CopyableCode code="factorType" /></td> + <td><code>string</code></td> + <td>Type of factor</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp indicating when the factor was last updated</td> +</tr> +<tr> + <td><CopyableCode code="profile" /></td> + <td><code>object</code></td> + <td>Specific attributes related to the factor</td> +</tr> +<tr> + <td><CopyableCode code="provider" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Status of the factor (example: ACTIVE)</td> +</tr> +<tr> + <td><CopyableCode code="vendorName" /></td> + <td><code>string</code></td> + <td>Name of the factor vendor. This is usually the same as the provider. (example: OKTA)</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_web_authn_preregistration_factors"><CopyableCode code="list_web_authn_preregistration_factors" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Lists all WebAuthn preregistration factors for the specified user</td> +</tr> +<tr> + <td><a href="#delete_web_authn_preregistration_factor"><CopyableCode code="delete_web_authn_preregistration_factor" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a specific WebAuthn preregistration factor for a user</td> +</tr> +<tr> + <td><a href="#activate_preregistration_enrollment"><CopyableCode code="activate_preregistration_enrollment" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Activates a preregistered WebAuthn factor. As part of this operation, Okta first decrypts and verifies the factor PIN and enrollment data sent by the fulfillment provider.</td> +</tr> +<tr> + <td><a href="#enroll_preregistration_enrollment"><CopyableCode code="enroll_preregistration_enrollment" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Enrolls a preregistered WebAuthn factor. This WebAuthn factor has a longer challenge timeout period to accommodate the fulfillment request process. As part of this operation, Okta generates elliptic curve (EC) key-pairs used to encrypt the factor PIN and enrollment data sent by the fulfillment provider.</td> +</tr> +<tr> + <td><a href="#generate_fulfillment_request"><CopyableCode code="generate_fulfillment_request" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Generates a fulfillment request by sending a WebAuthn preregistration event to start the flow. The WebAuthn preregistration integration for Okta Workflows uses a preregistration event to populate the fulfillment request.</td> +</tr> +<tr> + <td><a href="#send_pin"><CopyableCode code="send_pin" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Sends the decoded PIN for the specified WebAuthn preregistration enrollment. PINs are sent to the user's email. To resend the PIN, call this operation again.</td> +</tr> +<tr> + <td><a href="#assign_fulfillment_error_web_authn_preregistration_factor"><CopyableCode code="assign_fulfillment_error_web_authn_preregistration_factor" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Assigns the fulfillment error status to a WebAuthn preregistration factor for a user. The `/mark-error` path indicates that the specific `FULFILLMENT_ERRORED` AuthFactor status is set on the enrollment.</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_web_authn_preregistration_factors" + values={[ + { label: 'list_web_authn_preregistration_factors', value: 'list_web_authn_preregistration_factors' } + ]} +> +<TabItem value="list_web_authn_preregistration_factors"> + +Lists all WebAuthn preregistration factors for the specified user + +```sql +SELECT +id, +_links, +created, +factorType, +lastUpdated, +profile, +provider, +status, +vendorName +FROM okta.webauthn_registration.enrollments +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_web_authn_preregistration_factor" + values={[ + { label: 'delete_web_authn_preregistration_factor', value: 'delete_web_authn_preregistration_factor' } + ]} +> +<TabItem value="delete_web_authn_preregistration_factor"> + +Deletes a specific WebAuthn preregistration factor for a user + +```sql +DELETE FROM okta.webauthn_registration.enrollments +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="activate_preregistration_enrollment" + values={[ + { label: 'activate_preregistration_enrollment', value: 'activate_preregistration_enrollment' }, + { label: 'enroll_preregistration_enrollment', value: 'enroll_preregistration_enrollment' }, + { label: 'generate_fulfillment_request', value: 'generate_fulfillment_request' }, + { label: 'send_pin', value: 'send_pin' }, + { label: 'assign_fulfillment_error_web_authn_preregistration_factor', value: 'assign_fulfillment_error_web_authn_preregistration_factor' } + ]} +> +<TabItem value="activate_preregistration_enrollment"> + +Activates a preregistered WebAuthn factor. As part of this operation, Okta first decrypts and verifies the factor PIN and enrollment data sent by the fulfillment provider. + +```sql +EXEC okta.webauthn_registration.enrollments.activate_preregistration_enrollment +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"credResponses": "{{ credResponses }}", +"fulfillmentProvider": "{{ fulfillmentProvider }}", +"pinResponseJwe": "{{ pinResponseJwe }}", +"serial": "{{ serial }}", +"userId": "{{ userId }}", +"version": "{{ version }}", +"yubicoSigningJwks": "{{ yubicoSigningJwks }}" +}'; +``` +</TabItem> +<TabItem value="enroll_preregistration_enrollment"> + +Enrolls a preregistered WebAuthn factor. This WebAuthn factor has a longer challenge timeout period to accommodate the fulfillment request process. As part of this operation, Okta generates elliptic curve (EC) key-pairs used to encrypt the factor PIN and enrollment data sent by the fulfillment provider. + +```sql +EXEC okta.webauthn_registration.enrollments.enroll_preregistration_enrollment +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"enrollmentRpIds": "{{ enrollmentRpIds }}", +"fulfillmentProvider": "{{ fulfillmentProvider }}", +"userId": "{{ userId }}", +"yubicoTransportKeyJWK": "{{ yubicoTransportKeyJWK }}" +}'; +``` +</TabItem> +<TabItem value="generate_fulfillment_request"> + +Generates a fulfillment request by sending a WebAuthn preregistration event to start the flow. The WebAuthn preregistration integration for Okta Workflows uses a preregistration event to populate the fulfillment request. + +```sql +EXEC okta.webauthn_registration.enrollments.generate_fulfillment_request +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"fulfillmentData": "{{ fulfillmentData }}", +"fulfillmentProvider": "{{ fulfillmentProvider }}", +"userId": "{{ userId }}" +}'; +``` +</TabItem> +<TabItem value="send_pin"> + +Sends the decoded PIN for the specified WebAuthn preregistration enrollment. PINs are sent to the user's email. To resend the PIN, call this operation again. + +```sql +EXEC okta.webauthn_registration.enrollments.send_pin +@subdomain='{{ subdomain }}' --required +@@json= +'{ +"authenticatorEnrollmentId": "{{ authenticatorEnrollmentId }}", +"fulfillmentProvider": "{{ fulfillmentProvider }}", +"userId": "{{ userId }}" +}'; +``` +</TabItem> +<TabItem value="assign_fulfillment_error_web_authn_preregistration_factor"> + +Assigns the fulfillment error status to a WebAuthn preregistration factor for a user. The `/mark-error` path indicates that the specific `FULFILLMENT_ERRORED` AuthFactor status is set on the enrollment. + +```sql +EXEC okta.webauthn_registration.enrollments.assign_fulfillment_error_web_authn_preregistration_factor +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docs/services/webauthn_registration/index.md b/website/docs/services/webauthn_registration/index.md new file mode 100644 index 0000000..442d4bb --- /dev/null +++ b/website/docs/services/webauthn_registration/index.md @@ -0,0 +1,33 @@ +--- +title: webauthn_registration +hide_title: false +hide_table_of_contents: false +keywords: + - webauthn_registration + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +webauthn_registration service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/webauthn_registration/enrollments/">enrollments</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/zones/index.md b/website/docs/services/zones/index.md new file mode 100644 index 0000000..5311665 --- /dev/null +++ b/website/docs/services/zones/index.md @@ -0,0 +1,33 @@ +--- +title: zones +hide_title: false +hide_table_of_contents: false +keywords: + - zones + - okta + - stackql + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +zones service documentation. + +:::info[Service Summary] + +total resources: __1__ + +::: + +## Resources +<div class="row"> +<div class="providerDocColumn"> +<a href="/services/zones/network_zones/">network_zones</a> +</div> +<div class="providerDocColumn"> + +</div> +</div> \ No newline at end of file diff --git a/website/docs/services/zones/network_zones/index.md b/website/docs/services/zones/network_zones/index.md new file mode 100644 index 0000000..9348fb2 --- /dev/null +++ b/website/docs/services/zones/network_zones/index.md @@ -0,0 +1,483 @@ +--- +title: network_zones +hide_title: false +hide_table_of_contents: false +keywords: + - network_zones + - zones + - okta + - infrastructure-as-code + - configuration-as-data + - cloud inventory +description: Query, deploy and manage okta resources using SQL +custom_edit_url: null +image: /img/stackql-okta-provider-featured-image.png +--- + +import CopyableCode from '@site/src/components/CopyableCode/CopyableCode'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Creates, updates, deletes, gets or lists a <code>network_zones</code> resource. + +## Overview +<table><tbody> +<tr><td><b>Name</b></td><td><code>network_zones</code></td></tr> +<tr><td><b>Type</b></td><td>Resource</td></tr> +<tr><td><b>Id</b></td><td><CopyableCode code="okta.zones.network_zones" /></td></tr> +</tbody></table> + +## Fields + +The following fields are returned by `SELECT` queries: + +<Tabs + defaultValue="list_network_zones" + values={[ + { label: 'list_network_zones', value: 'list_network_zones' }, + { label: 'get_network_zone', value: 'get_network_zone' } + ]} +> +<TabItem value="list_network_zones"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique identifier for the Network Zone</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Unique name for this Network Zone</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was created</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was last modified</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Network Zone status</td> +</tr> +<tr> + <td><CopyableCode code="system" /></td> + <td><code>boolean</code></td> + <td>Indicates a system Network Zone: * `true` for system Network Zones * `false` for custom Network Zones The Okta org provides the following default system Network Zones: * `LegacyIpZone` * `BlockedIpZone` * `DefaultEnhancedDynamicZone` * `DefaultExemptIpZone` Admins can modify the name of the default system Network Zone and add up to 5000 gateway or proxy IP entries. </td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>The type of Network Zone</td> +</tr> +<tr> + <td><CopyableCode code="usage" /></td> + <td><code>string</code></td> + <td>The usage of the Network Zone</td> +</tr> +</tbody> +</table> +</TabItem> +<TabItem value="get_network_zone"> + +Success + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><CopyableCode code="id" /></td> + <td><code>string</code></td> + <td>Unique identifier for the Network Zone</td> +</tr> +<tr> + <td><CopyableCode code="name" /></td> + <td><code>string</code></td> + <td>Unique name for this Network Zone</td> +</tr> +<tr> + <td><CopyableCode code="_links" /></td> + <td><code>object</code></td> + <td>Specifies link relations (see [Web Linking](https://www.rfc-editor.org/rfc/rfc8288)) available using the [JSON Hypertext Application Language](https://datatracker.ietf.org/doc/html/draft-kelly-json-hal-06) specification. This object is used for dynamic discovery of related resources and lifecycle operations.</td> +</tr> +<tr> + <td><CopyableCode code="created" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was created</td> +</tr> +<tr> + <td><CopyableCode code="lastUpdated" /></td> + <td><code>string (date-time)</code></td> + <td>Timestamp when the object was last modified</td> +</tr> +<tr> + <td><CopyableCode code="status" /></td> + <td><code>string</code></td> + <td>Network Zone status</td> +</tr> +<tr> + <td><CopyableCode code="system" /></td> + <td><code>boolean</code></td> + <td>Indicates a system Network Zone: * `true` for system Network Zones * `false` for custom Network Zones The Okta org provides the following default system Network Zones: * `LegacyIpZone` * `BlockedIpZone` * `DefaultEnhancedDynamicZone` * `DefaultExemptIpZone` Admins can modify the name of the default system Network Zone and add up to 5000 gateway or proxy IP entries. </td> +</tr> +<tr> + <td><CopyableCode code="type" /></td> + <td><code>string</code></td> + <td>The type of Network Zone</td> +</tr> +<tr> + <td><CopyableCode code="usage" /></td> + <td><code>string</code></td> + <td>The usage of the Network Zone</td> +</tr> +</tbody> +</table> +</TabItem> +</Tabs> + +## Methods + +The following methods are available for this resource: + +<table> +<thead> + <tr> + <th>Name</th> + <th>Accessible by</th> + <th>Required Params</th> + <th>Optional Params</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr> + <td><a href="#list_network_zones"><CopyableCode code="list_network_zones" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td><a href="#parameter-after"><code>after</code></a>, <a href="#parameter-limit"><code>limit</code></a>, <a href="#parameter-filter"><code>filter</code></a></td> + <td>Lists all Network Zones with pagination. A subset of zones can be returned that match a supported filter expression or query.<br /><br />This operation requires URL encoding. For example, `filter=(id eq "nzoul0wf9jyb8xwZm0g3" or id eq "nzoul1MxmGN18NDQT0g3")` is encoded as `filter=%28id+eq+%22nzoul0wf9jyb8xwZm0g3%22+or+id+eq+%22nzoul1MxmGN18NDQT0g3%22%29`.<br /><br />Okta supports filtering on the `id`, `usage`, and `system` properties. See [Filter](https://developer.okta.com/docs/api/#filter) for more information on the expressions that are used in filtering.</td> +</tr> +<tr> + <td><a href="#get_network_zone"><CopyableCode code="get_network_zone" /></a></td> + <td><CopyableCode code="select" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Retrieves a Network Zone by `zoneId`</td> +</tr> +<tr> + <td><a href="#create_network_zone"><CopyableCode code="create_network_zone" /></a></td> + <td><CopyableCode code="insert" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Creates a Network Zone<br />* For an IP Network Zone, you must define either `gateways` or `proxies`.<br />* For a Dynamic Network Zone, you must define at least one of the following: `asns`, `locations`, or `proxyType`.<br />* For an Enhanced Dynamic Network Zone, you must define at least one of the following: `asns`, `locations`, or `ipServiceCategories`.</td> +</tr> +<tr> + <td><a href="#replace_network_zone"><CopyableCode code="replace_network_zone" /></a></td> + <td><CopyableCode code="replace" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Replaces a Network Zone by `zoneId`. The replaced Network Zone type must be the same as the existing type.<br />You can replace the usage (`POLICY`, `BLOCKLIST`) of a Network Zone by updating the `usage` attribute.<br /><br />**IP exempt zone**<br><br />If you have the IP exempt zone feature enabled, you can allow traffic from specific gateway IPs irrespective of Okta ThreatInsight configurations, blocked network zones, or IP change events within Identity Threat Protection with Okta AI.<br><br /><br><br />When you enable this feature, Okta creates a zone called `DefaultExemptIpZone`. Gateway IPs that you add to this zone always have access to Okta resources. See [IP exempt zone](https://help.okta.com/okta_help.htm?type=oie&id=csh-about-ip-exempt-zone).<br /><br />> **Note:** You can't add trusted proxy IPs to this zone, delete the zone, or create additional exempt IP zones.</td> +</tr> +<tr> + <td><a href="#delete_network_zone"><CopyableCode code="delete_network_zone" /></a></td> + <td><CopyableCode code="delete" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deletes a Network Zone by `zoneId`<br />> **Notes:**<br />> * You can't delete a Network Zone that's used by a [Policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) or [Rule](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/#tag/Policy/operation/listPolicyRules).<br />> * For Okta Identity Engine orgs, you can't delete a Network Zone with an ACTIVE `status`. <x-lifecycle class="oie"></x-lifecycle></td> +</tr> +<tr> + <td><a href="#activate_network_zone"><CopyableCode code="activate_network_zone" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Activates a Network Zone by `zoneId`</td> +</tr> +<tr> + <td><a href="#deactivate_network_zone"><CopyableCode code="deactivate_network_zone" /></a></td> + <td><CopyableCode code="exec" /></td> + <td><a href="#parameter-subdomain"><code>subdomain</code></a></td> + <td></td> + <td>Deactivates a Network Zone by `zoneId`</td> +</tr> +</tbody> +</table> + +## Parameters + +Parameters can be passed in the `WHERE` clause of a query. Check the [Methods](#methods) section to see which parameters are required or optional for each operation. + +<table> +<thead> + <tr> + <th>Name</th> + <th>Datatype</th> + <th>Description</th> + </tr> +</thead> +<tbody> +<tr id="parameter-subdomain"> + <td><CopyableCode code="subdomain" /></td> + <td><code>string</code></td> + <td>The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)</td> +</tr> +<tr id="parameter-after"> + <td><CopyableCode code="after" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr id="parameter-filter"> + <td><CopyableCode code="filter" /></td> + <td><code>string</code></td> + <td></td> +</tr> +<tr id="parameter-limit"> + <td><CopyableCode code="limit" /></td> + <td><code>integer (int32)</code></td> + <td></td> +</tr> +</tbody> +</table> + +## `SELECT` examples + +<Tabs + defaultValue="list_network_zones" + values={[ + { label: 'list_network_zones', value: 'list_network_zones' }, + { label: 'get_network_zone', value: 'get_network_zone' } + ]} +> +<TabItem value="list_network_zones"> + +Lists all Network Zones with pagination. A subset of zones can be returned that match a supported filter expression or query.<br /><br />This operation requires URL encoding. For example, `filter=(id eq "nzoul0wf9jyb8xwZm0g3" or id eq "nzoul1MxmGN18NDQT0g3")` is encoded as `filter=%28id+eq+%22nzoul0wf9jyb8xwZm0g3%22+or+id+eq+%22nzoul1MxmGN18NDQT0g3%22%29`.<br /><br />Okta supports filtering on the `id`, `usage`, and `system` properties. See [Filter](https://developer.okta.com/docs/api/#filter) for more information on the expressions that are used in filtering. + +```sql +SELECT +id, +name, +_links, +created, +lastUpdated, +status, +system, +type, +usage +FROM okta.zones.network_zones +WHERE subdomain = '{{ subdomain }}' -- required +AND after = '{{ after }}' +AND limit = '{{ limit }}' +AND filter = '{{ filter }}'; +``` +</TabItem> +<TabItem value="get_network_zone"> + +Retrieves a Network Zone by `zoneId` + +```sql +SELECT +id, +name, +_links, +created, +lastUpdated, +status, +system, +type, +usage +FROM okta.zones.network_zones +WHERE subdomain = '{{ subdomain }}' -- required; +``` +</TabItem> +</Tabs> + + +## `INSERT` examples + +<Tabs + defaultValue="create_network_zone" + values={[ + { label: 'create_network_zone', value: 'create_network_zone' }, + { label: 'Manifest', value: 'manifest' } + ]} +> +<TabItem value="create_network_zone"> + +Creates a Network Zone<br />* For an IP Network Zone, you must define either `gateways` or `proxies`.<br />* For a Dynamic Network Zone, you must define at least one of the following: `asns`, `locations`, or `proxyType`.<br />* For an Enhanced Dynamic Network Zone, you must define at least one of the following: `asns`, `locations`, or `ipServiceCategories`. + +```sql +INSERT INTO okta.zones.network_zones ( +data__name, +data__status, +data__type, +data__usage, +subdomain +) +SELECT +'{{ name }}' --required, +'{{ status }}', +'{{ type }}' --required, +'{{ usage }}', +'{{ subdomain }}' +RETURNING +id, +name, +_links, +created, +lastUpdated, +status, +system, +type, +usage +; +``` +</TabItem> +<TabItem value="manifest"> + +```yaml +# Description fields are for documentation purposes +- name: network_zones + props: + - name: subdomain + value: string + description: Required parameter for the network_zones resource. + - name: name + value: string + description: > + Unique name for this Network Zone + + - name: status + value: string + description: > + Network Zone status + + valid_values: ['ACTIVE', 'INACTIVE'] + - name: type + value: string + description: > + The type of Network Zone + + valid_values: ['DYNAMIC', 'IP', 'DYNAMIC_V2'] + - name: usage + value: string + description: > + The usage of the Network Zone + + valid_values: ['BLOCKLIST', 'POLICY'] +``` +</TabItem> +</Tabs> + + +## `REPLACE` examples + +<Tabs + defaultValue="replace_network_zone" + values={[ + { label: 'replace_network_zone', value: 'replace_network_zone' } + ]} +> +<TabItem value="replace_network_zone"> + +Replaces a Network Zone by `zoneId`. The replaced Network Zone type must be the same as the existing type.<br />You can replace the usage (`POLICY`, `BLOCKLIST`) of a Network Zone by updating the `usage` attribute.<br /><br />**IP exempt zone**<br><br />If you have the IP exempt zone feature enabled, you can allow traffic from specific gateway IPs irrespective of Okta ThreatInsight configurations, blocked network zones, or IP change events within Identity Threat Protection with Okta AI.<br><br /><br><br />When you enable this feature, Okta creates a zone called `DefaultExemptIpZone`. Gateway IPs that you add to this zone always have access to Okta resources. See [IP exempt zone](https://help.okta.com/okta_help.htm?type=oie&id=csh-about-ip-exempt-zone).<br /><br />> **Note:** You can't add trusted proxy IPs to this zone, delete the zone, or create additional exempt IP zones. + +```sql +REPLACE okta.zones.network_zones +SET +data__name = '{{ name }}', +data__status = '{{ status }}', +data__type = '{{ type }}', +data__usage = '{{ usage }}' +WHERE +subdomain = '{{ subdomain }}' --required +AND data__name = '{{ name }}' --required +AND data__type = '{{ type }}' --required +RETURNING +id, +name, +_links, +created, +lastUpdated, +status, +system, +type, +usage; +``` +</TabItem> +</Tabs> + + +## `DELETE` examples + +<Tabs + defaultValue="delete_network_zone" + values={[ + { label: 'delete_network_zone', value: 'delete_network_zone' } + ]} +> +<TabItem value="delete_network_zone"> + +Deletes a Network Zone by `zoneId`<br />> **Notes:**<br />> * You can't delete a Network Zone that's used by a [Policy](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/) or [Rule](https://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/apihttps://developer.okta.com/docs/api/openapi/okta-management/management/tag/Policy/#tag/Policy/operation/listPolicyRules).<br />> * For Okta Identity Engine orgs, you can't delete a Network Zone with an ACTIVE `status`. <x-lifecycle class="oie"></x-lifecycle> + +```sql +DELETE FROM okta.zones.network_zones +WHERE subdomain = '{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> + + +## Lifecycle Methods + +<Tabs + defaultValue="activate_network_zone" + values={[ + { label: 'activate_network_zone', value: 'activate_network_zone' }, + { label: 'deactivate_network_zone', value: 'deactivate_network_zone' } + ]} +> +<TabItem value="activate_network_zone"> + +Activates a Network Zone by `zoneId` + +```sql +EXEC okta.zones.network_zones.activate_network_zone +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +<TabItem value="deactivate_network_zone"> + +Deactivates a Network Zone by `zoneId` + +```sql +EXEC okta.zones.network_zones.deactivate_network_zone +@subdomain='{{ subdomain }}' --required; +``` +</TabItem> +</Tabs> diff --git a/website/docusaurus.config.js b/website/docusaurus.config.js index 66b4f57..8f608d5 100644 --- a/website/docusaurus.config.js +++ b/website/docusaurus.config.js @@ -7,8 +7,8 @@ import {themes as prismThemes} from 'prism-react-renderer'; // Provider configuration - change these for different providers -const providerName = "snowflake"; -const providerTitle = "Snowflake"; +const providerName = "okta"; +const providerTitle = "Okta"; const providerDropDownListItems = [ { @@ -111,7 +111,7 @@ const config = { organizationName: 'stackql', // Usually your GitHub org/user name. projectName: `stackql-provider-${providerName}`, // Usually your repo name. - onBrokenLinks: 'throw', + onBrokenLinks: 'warn', onBrokenMarkdownLinks: 'warn', // Even if you don't use internationalization, you can use this field to set diff --git a/website/static/img/stackql-okta-provider-featured-image.png b/website/static/img/stackql-okta-provider-featured-image.png new file mode 100644 index 0000000000000000000000000000000000000000..657833a209ec71f47682ed8207047cbc5932e480 GIT binary patch literal 21149 zcmeFZS6owF`z?yTs0cPhM5!V#AYG(M7o~_a={+<7={59#1(1$P?@~ew5RhI&4IsUQ z9#BF{sDVJ}*$cn_-uqmgi*s(j3w~sUEY_Se&wR>w#+c!6)s=2i(o>R=k=;~&Ew4pJ zMqW-vcG-jCD)0_VG;SOCMQ$snCPzjF?-9Eafd#IwyS_H`AS1igdGT{8f#((j@a98L z1p`lQ7aLD+3wLWWxpyv>){m5(ENrc{tS#R8y7gL1k&$W9E6dC2_<%OiRCQ=w2<Iv7 z-Mde@g45<cDfbvq=&y&!$E$SvQhg@3kr?Xevfq?+w+o?+-TRcPb22z?9#ZtG#B*t} z>9f&4{i?QgYp=6rs2ABU<+;-oh5mczY2nuw9{&ahH=We(Ef8LKxF3kyo)JO*SwpM7 zF&iZHV8{W8)J$4$3|g<{aCCSL44Le0p=oi@W#Gk&Z{!9SZ`@P+aOL81<iD5yU5)=5 z!+-a}e_g?UJ>mb0Cj<gXq4PgvWKUxp(G4QaJMC0<nAR75P`4B4KpISTx?cPXb1H{= zx&hOOfTdJPz$qU0el=e;Gu_KB>Z6@@LB90CREN(Gugkn-WFOpCdaE7A8o=wLt*tM> zLp>XnLo(R4+?e8+HM-l<r>=en)3&hOZz&RBdx_s4{uyNzve6;F0R87)%d_Ks>>nj& zJH44GsHM#@0eiVbW}LEIQBu?hgDYf<RrTMj)&~nLWna5bM%Ma#hbVib?DxCvT3Rh1 zG3QpP8!d(x$*}ZqD-aIXJTwjW2xA&lWouy%Yz5~n=j8bRK1D`!!rI~~{lz=iD|!?z zV&!l_j$z|YgtJ|Ufx|>e(bmTi8uLqJWQ6SZh0X5EziK*QhbNoo@-*JZ8tY*6h(k+m zmRIMYakbxmp?6d8{l+`M^9b4g+l>NFGgU<r^hV^=+6C%r*BD)2q)r^JF7?KZIX7<V zond2&)^IM8R0Wo*PV-ITPK*y;uTPXZT-Dx;`tm?~+vj8!#`Zw`5-_(HS>bP4FPCIo zp(_223#<1?BL$CyRUG6hu`r4DMBwjVN~}P>H+)F}jNLZV?-+}l7=HZv&XcElY!8)U z;YPaXPv8DCg_MG<z=l%$2R+tx_<I;Z`i748*MZ!K?6}8u;3r#Cs*tTZnEa?eRm7p- ztg_t|LlgS=@9MD)m71BM>1Qs!pV~)RUPzQc&`}@mepD106&cx&SjVaI?1pM9Kaget z<Y2l0cqwq&A*)ks{_gKygS;EdS9^7Uh*&oD->SC-9-)@<%(}-qSdiZ;p#43?{|w<$ zTYPUE%=qiVR^v7ZJtKJOelGie9^WA{GH=b<Nb?dM%8>Q+-o=`bktzJ06WLqg|Ie2% ztbql$J8NAb^zWsO;>>O|t#EF!_}HoJi+xm2EicV(xCtzN?8$+tH#D4vQ%?y_`=>u$ z+~YrX8l^$~Qu^mX2w`oE^fmA}(hPbMB>I)vkfdd_H<!N|WYHeXl;qzudT6JXU9g#| zK1;fZ?K$((P-1@0#}xP*4mEQ*^?(<})sl{$?=Q_%+b#b}kYxJIndPYkCg1$e7e;+) zLY5Y#(-(AXax5D}GBMg+^Wbs{5C?`sFWcyNyZCW=1m@e!OtN}+yu_!{(r8jR2F(do ziJ9RX$ZEDd9;iQoo)PDqP8OIr$qmN;W8X^T2D4q?5hSneF>LBdP)qYq`$^N9FFJ7& z!^*ZQv^GxDi8fmz?52bXvHY=EwCsSiPb^M=AaLnEnELNd_=aaR?;33-1rBLrW4Ddc zCQ5?1pj?ff9Od-t<VFHwfnHhh=X<?EqtkmfgiWniz>QqLRe|*T!-zkjh;9_B!lFJV z<EDSy42QpQ5Oq<r!{t3|huw*_A|f$%ho2FFk2lYHt+B62`yW>@S7+ERtl$Ty0vTc6 zVM|5nbh_ED_Z7lXR8J$0Dr*IaagZ7$?Z(~2h7F;U=J)Gqv6%@&x<M2-{!aIWM)<iN zux}VNZadyCds9?nuTQ|FN^n88r`7D{%}&c7zANhal>K)ftX&_$a3@j@p7-wt-6&J6 z^fy<&dc}~sr)#wRQ2OKK-HX}3Z88qp@k~8X@+M)l+CaC<KmvhT21bX(^|7iD?*fLT z(xP)RiVNpL7D0=8U173gh9+P(qlf*SihjTD+7<(A9XHSFi6+sOu}qnqU5aw~&u0l4 z-GS334fgzWC0=+2F?xgxFHaN`72>=jOV_*o@b6Ce@jUAkrZjeaQl?zG4p+PUX|p(y zHuF3|DXke{F7?-B-o_g|JH*ni*AN?W>hoNC|3Rp_G~!O^n}nRzrY7E^Z5Vz2=nFuv zF`Ff29v+2Ot)$!>IN1vHIb8WLR<M;AlhPctcOdwM`RjorW0vc9|BB$-EY8650Hd+z zW-KPv{L%<F?Y)CkBt%kZFWO%;Fuy>$pv%|)#oj?0JyA~mcB!Au$&_P2ez2E}ih7BR zSU?Qf`1-6jI^l23Xr7oTH6HsvTPU9WSbFnpdYQ|~7fSLsjYdvvjuF90Ln<fR^~QT% zc9|xPqNOJF?gdsmOL6MOF+U(c2%w{hYGeUrBuZE1i}!~0Dyj<##)Q8PHs)lMhSl`G zK4oUODypl5F}_aIqF4A#uUiy3$n27=#YCMb-IVXvQsx|b$!$<3%Wh7|;LfT&IR!Wq z#+I-?w^gv01I_y_7+7l^J@mbi!D_D!=`cZA>i!-Qnm)ytRO$E3(Fr0htk-VyC<%14 zT#sb=Xy81S2pAP|{d=3&O-E(f<F(nbxzEJHttVf|A{!{mkKd|NAdX8}@@JD|6Q#@T zl~iNs`ejQ5H8T@p%8F}{xN!wDXLX!ifFAmw2&YF}@{^t?Wm=6@C#4%QMVon-_>{P{ zoY(mdu27bQ(tOlQFQ8gs$yCqsHUPV<F4L=^Wds%>#P|>~o12VD0`=uE3&mi)TKJ(G zW^d_Z$w!o{k=(k1ZU1)4Q_fGT+6-`#0iOghuc{pX&r`kT2j<ep<5U-$X3~UPDNVE` zUC)HTfUOhv*Y}Q>`=DS-ZU9*lART-pgv{!BdgchGABrC32(3b|?A>A+lb8RnAKM_U zIV7U#;7bTqL0Wgo1^+WSS0e>kHooo2TSfmSn4QIEsKWI6jbql<Vz#D+y@=a3Czs9h z7AyZnT3_F;r?xQ-KsFI1NvBh|%xBljKa3KLKA>*E&o@A4Ws142cT|8u@N#ecBRKth zv1zD)s;s5DaEDv|%GC1YLdr^J?Y|iwU3>$P0e;3h#O3&t1^ot!GJX?xhrRT$*815$ zx?$aSV%eFsrD}YlsyH)YffR7d>vJNtaG(9kym)~di$Z+NLvpL2lrjT9{XMtK!)BJ# zzp3>XIGgB8k$a-ssR)PA55wE!2GYDO`?0u?y1H$oR@=7-b}jr(aOL95uc$c7pUi#X z?h(J=NvXcMc1^!Nt0R4}qWTlBMcZK4p2q>LnC(s0Mru%3(xW|Dcc;C+P%T-NMR8CQ zq0IB}OQP^+(PI^pq2bI!Ui`eOY&e==Ln`pso<aX?6HKXb5F!s)Iob*mqy*nJ-!H8D zkQLNhEnQ#2&+Ng|qlFzYw(K=_78Hzjt;|wbew_|yzorkTi`6xFT9y1laanh;cygUz zx-$2VZos#lK^6FVih$h9CNufr`w5mU6j&CP#y^9eOGiQTH?*hg^-yQF&JD97_aJ|I zVDys@X@nhyEO$FSTN8Lv`}TgAT`%`jRZX?z0-3ZD8z_F}$USXlMS=)jMIDQ9v@RMa zps9Q3lAKP=QpqSbUeDl;MWxFrNz?R?Zo#os7bdp#QOoNmPSd`Pk6k0XSrA_;rdcxI zH{~M`OEtn6h`vb2L-_jeVzYS51M%I{p@Id{snaK3zlrHdbk@Wv&bsmDik5UNCx1Qs zNMlXuatZTjs_?#c^&4UD0<nN)W7!hE;PBq}8=aFHM!Mgd>F?aQZ{eY1Ww<hS@<$i; zCx92dc@6L1xvOMV8C2DtQuyrd;Eino#QqDR9to$Bq%m(D_R&`@hqbW<#(_Usq00HW zhHB|wTZsMeQBD$W1b1sqU|!Hqo+&QhIdb!)8?)unj7v3M&)7NW3zir}t+AkP>wf>- zmG|s&J-(%LwWLeT7Q(W%bju$<vp>7~I*e>?YC{&EIYwzac-GI?o?_AYeI}@WtuN7X zlqP5TkY%po%>t}JH6>Z*ETdq|oB6~Ve2sAXl3wf+w=ZoK4TXYkxniANu4rlZoL>c# z{xemdRzNtgh!!3s3_7t?c$!kV{rhCW!|`~-w?Ic}KO!R0XA@VP!z*_hSdsVj+@pK9 zJN1vM&co}rUS-wygg)`A2y&sQC(nmtK7$>k5S(*6=9S7a1e!~Fx5IiZ5hC@OM@TF- zIM+r`DZWe_rD=AihxwGRv~QKL^fsr#vFXYcYS8ix4q!(gd>4Y{`gK{w$~a==n)JK2 zRe~Y}#Et%_k{h<CWGj3{8ATl71<tCW$@eh3#>~ogeLN`Y>QpJg4DhRMka0&0ML8uM z9pl;5@8cXHU9<g&<foq8@!=nS&<XtP*7iZ&m22}U3hrS7b?su+L-o&0sO#A9CzKV( z#;{*K&H){f#eEL++mofC+rV0?Re0_cFGoADL*Noti@}6wlt7;3`Iaq;Y51hc|K8Rv z!`4P0I}6~GjEjxq`S}ARv8l6(`n7%?J~!Y-mc4oik%ge<xl6-9^c!}ZnZK^dE;io| zyU#jtcxO_{3*%r$xaYvvb?TRe@Yc=`IwDDrGeF=q&a)u)ntJ@+=)|V1fb;Y@O)cj9 zaPQC`>L9g1)pGEDrlA^Nmwg+U>HP$O3<HU})p7Lbb)}&htcH4pr%kMwYEjG+L)EJi z%>ny7(Nr5Cqx;_*i@XKGpRRQFZ{KDQU!JY+fJwp+&6Va!ITB@NqKXeneKwH}h#EYw z2Ah%VeI8|X%P45_@O3eM<G2Z_g}Ros=h+PfPpMxkyr{-6d!EWPLi^@_njH@z_VcR< zW~55b?)onU)~if$TZb9-*q{us!QS6N<B4e`1V#0mn^j(DcF1B7L0^&{3BNu|Up#v+ zzYNME7;f}*yL|J{IK}Z>g~FW|RypUti@|o&uN+3vw@aCI!Bb)kG<Dw&5E9jHa;cTR z?g9*To7$+-W3a=~NWyB?cYdR{=g-CpU9pO<@2t9#4|NaDBaVjJm`(OoXNI2(u<5`m z{e<)%#I4T_LO`8){M`NS*mpkrZ>?^0mIY)?&?j+j{XRR};(oh^JUJYQ98@n5li9=F z``B7U<x&!(=rU5z2@Q$P!gIVV@VVt7VRLW^+hNN%Sz#(8$)2dHh%!`nn@1ug@E9uO zIexQo>kSR3dPxk3r`T<!KPB!~iePR-0SLd4M!+NM_)3qtU&4|=%0k4{?=pd>AF+8I z2WlR-=W~xc4!TBr8iAeKaDHtl?_{z$c{JYimoY~@ez^)qvo}_9mapeMzJ5{t{z~BS zmbj`RV|NOf7xcPZ@)7`*e~V|8#_Wc*a`VS{h-$=!1B(ZD4rScb$(G+cU_tME!xcjC z3*pMXrjO$zk>gghG<7@<^SUM41KU<Nn9sA>O%2;6X52=VD?GP0y2SK>P46a>IxNn; zmMAhf1SA`xxK>{!_fSFhs|JAaBs21xxm);+F%V0(iZnQfW=CTBz6Cl*>2hWUU7DC0 zr#7!{D#H8TO;|X)I|y9eJdliDwf`f|30^vj@JqO7Zn__xmDjf&$PMic36`KXahgfx zPYZf+j938o6uyLImz;OKI3E4UIa+`?sr>n=q;z)FP$-BG9nfYBlf<#N=I{gaUe0_0 z&dFit=o>*iN&IkA#5ZDIfIW~Q)nS*Krrw4B9E~fi?YiPF=FQIoE(ul-CKtq>zwj6p zk?oUz%<RE?En1Cr;xynDc)MqLUK(CS28-F@Zg0u8-8MsO!wv515PvQ__$P8uTD-3= zYAAXNBFz18T`CI~=yKmYS}o&}o=SS8pqK1i-F@7$YyK7)Y?*NMMFh^UfX)^e=z+(R zIsAt5+0C>!YNr~#*w^L7`@5+aou&zmvLi$|)iSgetRhwqJ-lTy`AKP<HTsze<(}@C zKCBXHi^=ex#%zl6LKTbZ=qmXxd46hgPfKw<lRJS2P1>VlDgrL&V!07E<#j$$=-RcL zXakAo2ISe$h!44Cy<X{@g5hWQB!0V0jd~6vP2W2o&2?%v*G?Ukwswkzo0&lhy5<>w zbeqm&=UtUOZY<F!;kUzEIgtKQCk^tii&-WP?{80k_QpiMc@gTRgpsI1?MTlvSX7-a z8pBehlN+|W_^?%<^Yg($r)5>HZ5Gv``mCSQ`qceB{I)dI-|NYUoV)|iZpDp~PWH3( zt_`P=8-)C-E?Ha@S^+~Ntd(e%uk76(GtO4(?7|rod%jei?|#gY4h~|IrN<}ZD6i+d z`8QFbE4XFQgMDylISWyKbUs`bcpGl{%-=B7x|1*C7Cfh&-}X?{fR{GPEk&r#uld2Y z;1=7X$h{x8G$9X$XyiMH7=dQ>4x(tM?fkYted+YhnSe8*Tf8&O^gJkY<9xI&TA%<* zS{cBu(=|(PB37r$G?eUt$~mp?z&U7PF8*qbBmDAuVmQqxpDZXV)3@bZ^q;qMm-Id^ zE}ED8k?YGLW|*LHF>P`aUAF!3EvToJlPYr@(PyBWyM<3+AVegDToZCvB^^ge0TQ_U zxo{`q>SRYqG~VdI-v|7wouN_>WePs$Vxoe#(>a@hRCLYBlQM2BTAp_MKK<@mZHhlN z@j4TOu}v`#$|rn7ABGa;F%80^{Ng~?DwZUO+%<bJsMeR|*e}{x=UGM>nd5sTzIWSh zek*Y-2-8}%rQKbSQjz}D&lTL~OfyE8!+pyyo(%S)V$AGTg$X=9qJZM3gm{V-VewO7 z3GD~LqbO5^Vx_86d7&pa_OZB<^~`#8dyDgabND3J<%q(c)8Bj?(S?f}@e=JYby-`t znDG%fzaOWf>vZ(cHwt}^;NNgMm0YzZ-)0KioL}#eCuR1bLd8*`_qP*9KEtZ-jU9Ck z21p&tf??rDiTb0)1sdwc=ZB_Dv%W6RHP5P#W9JiM7QBgDAqLTtxzpw?WFyz86yJP6 zb;nRY5Tq0@&ID?hS{)MO$-ja4Q5XH%27$y!%i~5i6Pq8Nv@bJ-7_`H_ts_13y2bAz zlsNr3w^XHK!NCUX%?0J?%rS|^JliLwt{lZtZ*JO#!jd=h3?d%NB|?*zxmX|gT)+pZ z`vTwsU*BMTe>G*<x{ZuiqSV{@+ku`SiOt`3rZ*}$@-8ZLFj+HD|2J{-Pjt^LaB-82 z`hN4vcx?13TD|&wx8){0_qcehuiuNK*wKhpPxWig>bD*Hca{&|7i3jF7jt*18!nv> zm()@UgHpnzRAk-s8tncUVuN3LHANCb^q$km=_&u||3b%@)Z)E=1?&ARKrTKK7~^ym z7wP-%x8s?J0<F~1kfN0dC%Y8}FQ-s__Q*gJ>YrdJ=R}_AXo9!2A(N-Zbxiy`TPx10 zo^zIfU`)9F8CLfA-a`jkJ=K465E`}1^RyKV7TvCk`whN-rkOT<$8S;}o0R{%t^Qqb zu(9HXFtMKc=D5`nNO@7JS93soN~9J{k`9^l+ivO@6}wMzcDu;Lpqog#?IE+%o`={X zXp-21_q;H2`MAC+(NgiNHJ6Py06x|?pro@v6=jlr*J_<rVofH{l#5>Iy%9`<cJ{=f zOQ6dpvMTULBPK7{?ael|`F=&A$w#lQkQIY&RYFrl=9|yei8L_^Ta<C%BJ885Xa$of zt~a3e?4N5&Pj3Iw)d4NfU`6EXMoT$};zQAeO^wzg(<n{DG6~YSAaR_5*ZYy03^Y{e z!iznE1-o*zcpi3&bLK0Rkva%nDub`P`{&&RI@EzbR^Qvhm>oON#+sJ9ng3`&F%e4w z_@Vj@Zw;&P%Y<Cn0EbiwYb~(Sw52bmST?|T&&_+TtT9iL#V=o?$7N>x&q)l}KYbK% za*z^K-=&#vR&<q-gQo=xK3(6xR;Wwmrk1BI1gw@#)Ro106L<^}A^H_Jp4md3c<nY7 zI}W@$F%6;^t@f3>f+`sidhQoy;2_qbRUDP0g>Tf)$~q@5F7V}l;v1}7gBdPr^#|5k zbnIl^+$6t|yDuhttRVCVTbNXn&qL};8~qCutlb<jKS!Le2PKY18W;OZyc^}m^2inn zwAw34V(x)7KIr~PUwGC%sKY;Mrxf!h=JpLur|LC`6<qZAW$4OoZbD_MVB)PBzu*yZ zaIpS}05A9FhGp2ou?5&+BZs@ZioFz0XW=sl4feJzDb51{tBhy=)3ypS)af94iw(vV zn)@#u#|raIy|Fu%@!?vT)Hh&#TT5{@)Bz;pySs$b3yj=?<YW4-*`CiVc~0B8l*Rb< zUDHTTnLkFNC1-CtTqN2F`^_#l#ab)_WKK3JQPfozqn?YK1?qK?iwgZs-9xS5bgR;( zu<+%#D29<KND18twN&Tb81=|K4*dibscYi&vqJ6{6W}RHqgAQ@i~^Of%>h`jm2C=S zn@c>M%So)IE-{L-<{~+=xniuWB8W)^rf^(hhG;1@r6`!t`M3{&xDtqeoy}DmmgnkG zaxTZXlbDSF+KJBVvq}CFKhStu46WkJ54weiqEZD@hR$2QDx)DP&YN#2UQD~|hyh^4 zaGR>?E?s|+lS|1+7?dKTX5&wQE<MYXa*q;Z5dvRmho!gKpUOZt&PCIc<CPv|zS0>! zl-f{Z|01MmO(;`=3vi@|6N?JX0au{e=H(YUw8&_rB52#R&3$u0=mh&Kp+nCMMGFe? zXE9rtUjA%c3mv<KW@8ew-Nwbt-&0{BZ3>=v)lkCl66k#ci0)fpJvG1%-InP{pO9~N z%xQ5`si{x8pH*nn%};HhcPbdR91q@F1VmD8Rj6-SU6wMzY%?a%P<MJYe1E$7EH~2Y z?yhDm1>9XsV%y7y*8M7sE^CCLQKWjwL^0XJ<EjLF+;yc*cOB$(curTlpso6xhSu@I z*;RhxOSDXU+op%p>Ic!Hc>n1TM#kVu{<&2MFPMwaWk^ksW~%gcIL2t-F1_V9%egT7 z2V_9Qk>>(0-cC=GfgG2kJ_v$zEd=jgBz{x%PPU6_Cxs0u0D^)2fmC><y1O|0lI|8p zBc?dti=!1E?Hlu}y-NjQipE7<6AEdf-dzSU_Ydwn0E5<xUoL)+i=V;@Pj*U99;p!% z9sprhGr-Vb#yJ3Qcuz$z_tR$OYKE5T6=MgkmHMoDg$|;o-{Ci<(9#ylYfL`oU><}^ z$=vV_MG4FG8exwiE@?9e>h4W+Y?ffDhpxfMHHUpFlw9CuROJJ>pmVnAMUpO}qUs~b z+Hw}53?lrBunu+0rlmnRIGbg^gbj6ddFqHnE2!R`$sp^#+fWfvG1Kc(>2c)>6@8qu zL_yh(echW5b>Bx;<wh?biD`)^{`)0e?veEq!F1m<=Kv_Vq1#rFPn+8SWlh@sOx=F1 zMae|j{68m8N(?J)rtFgr_Y5Xb>OCSxMAC+S2CQ|af$t29@X-bjv)n)5LvB|tC*TVI zp(hpDEc~SJd>)CP7_5uJQ*8qFQDWRDkt4yw5tw8av<jm&8gbSBfeLch5sJ=(YxC~+ zRP?P}WH9Jr{Xu+YBb@0~<nog<Mo<Wzxg;|g8}JLI6t#QfmTiuP9@hn8kTBJB+8j;% z<idN7CN#qYp4b$0zjqsso=<9il4wzC)Z9>NjvJn?gc%=|0wq9q((O!lPw}h)@pL}| zgSKD&=Svg(_=dA$iJtAS`VO(lST_cYcil4l4!OaV$lk!~ar1{OPm4XTUNb6X|B~u_ zQ0BAguDYu<Gs&eyN@Y}Aovp|gJn+CKa7;Jz&nMj%XogAr!W8dmaB(+L;#<;R!LP!) z`v>*2HzHHc=_a+IAwtjyVgumQ?6J!O8O$n%pq@cA$va5Q(T7%-{~D9$+tQnJEWX7p z%kN2@6HeIDYb~ssB4Bs0Qc&0=zNCX_e;&vr=$2H4OWMDpgg@!5V<@BKIR`~qJ%}NL zx$0+lzoCXOUS()n+G+KWNt^e@f(LNCXO(^`G2Hpdr!iG<?U-|C!K;$^n_j|;1FTA@ zhaHiE)Y~fJrry|;fnFD7_pAKP5~3bgBg8-3|2jB!&97RAeV4ytyg`^MHt%~#A2-=d zM2k5-AKqPe3G@KNm^EaGmO^*1VNSE7;!0b_OoXJdm94RQG8o=n8f0}vFU(EMq?O*1 zvD+s!gW8;ypTA~tmh`<#E3t4e;@q&kWd2)jgq?7o3ER%E5n(_4<gVWIM$aC@o~q+Q z6@m=r3^-kj0ik6+!M=xegk9w2`u18Alp`TV?|J2cL(+BInLDiK-f$U2{a7w#%}*)9 zPRD??{-%x@lYhS;N)wVfv!k_YlO%xnJ}+(y$NfMsdcW5(2fu&#C-}PEa^-%|EoSi2 zHz!?-E}s~;o3DV};X|Ek821Oz)93vWEruhA54)Z3f=c3QlBJN&=DBW~q36ycjrsb> zNzaAd$ugkC>vZpwJgy3Nh3jW6QHF}Rvn&J)ZANA==YHbz^3!RXfCQ1^vhr-RAT^~s z+=;G0OZd!UXiUIyYwlJsJdd#QPrmN8vt_lDmTV7NgPZGDL1oS;PUOOdVdV^Eg{28q z#e)bkm=ZxN40RV$sc!0HB>^5u(tStEp|n40;Af~HTgZr_srP3>Eho1ha|%AAj@h@$ z%2VI;q-r*IeNJQclfpLienOgN+kHuC#Vctth8c8mCx82_JKSC$Vg6Y2zSyjFbA|O9 zCp(h#$(~dOkfFSZ`(oyv)YW+%`)xl1YbWKg(qH4ne$TQ(2tYUQvQCHraL<sb4xj&f zaOGnjudBHyIrd!LgT{1O;y+h5;oc)DR`B+S3U)@Qvu3GJ+jnCpqf3|<!9qdD*$a0E zt5_2)k=1sD-U!N?u~p(qS$^}s9Ool!h3H=}3aS_xTp=#=Sb87EH}E2lEq~Jpy{6HP za3jX(T9o=$;2XfNqq@HZ8?a&V$iqjiI6=+&U5tR~Xq=>yLba-nRSLP6eoQg6uqA?O zvf{ASfBrjrlxY)T7R6Vn!7J3baqOa}^a9}zd2Yoyoe@b{1I>C4Gi<xBBB)!wOuXoG zPJ6e+i8{^byz`-zxF76@PK?QtsaYQ$9aww!qPD*Bl4ew&mp4Zgo*5&9lqCmH$%x2e z7g7FvOJxiA<|A5Kp#t8fk(y=GyQnvK`Y7F)400<*fu0>Fr;V^8%1HIFiu-9g1ge3) zY-#GjxvI4dn*~lUe(ottt`(rK!rJ-k$+780Q)%jVF_httuJ*OhU$NQ}Rh?xj`C$9& z7Hj5+(nNy^dQ26Q;Fc9o;*kMg$^C^JisAn7D~6iAk2-NNjHow)6YdZi2>zj!ap=@8 z%H^!QK{vnA$!1v0GA<%;I{oFI`vXvb+%ABAf+c`5&>`e$RAG6nnq`a>X()~1h@$sW zkJ<;+H6yu+U3R+sNdG+idz10>=0lsl>yl40*9#v#geh$I5pNPkDv3j*uaBu}OP?mL zCHrh^?N37LFV}%gzH6Md?Cqp_ZrM63D`k?7Jk>BliVuXU+E^DZs%ST<1DUiYJsnto zicrBO=mjSG(m`m_aihQ}Qk{Q&U1#B^oKfTZ8a5;(ilpwO_+lE!iT`c?FqG;2#?KFM zpEldnHVGyvw9%bI_NwIAD1o_#rUnr|>KOjyARlnNQq)*QM7Y9+U&^fNETQtB0kZRm ztt&g-HgnSDNjw%;D92g3!{))*eXJS(v3rBnkrk?W<8^QVf^;++9Kht>6ZH@q?2VAz zteJIo+P{T+6NYNb*lVfHMj+};8u80Gy=$KC^_Cs4y+;18C1gdggQ#t)xhu=0Nb!#m z)-i#qXXD!W?=+#pdLxzgB?Gf&0^Agp!X6}}b0|~2S5`!%AFbpWG))cdk@@*{8E(K; zWcAq~Xq{a-kXkWlCBJbjifD=|d4xml<!E315)hP<{WI;LE11OO5_A&g<+lDVOvHnz zj4Hjg_O5m8%EHM}BoizOx3qpABZ#z?{G%JS_h7r@%oIs?Y2x{v1VcK$<VnX<8Q0l@ zRFolrMHMB#;Q4f|4}qhlOA~K-XzIDuiz;oB*~zqm8Ryc`LcB|QPMmxP!#96^>7JL$ z`q}w??s;tkYxn4^t9Pgx6Y$FB9^Z&(DxQn`PVT3*-yU$sgIX;)VPRG?L&cww#=%!I z>;oY?3>@Gx*2CcI*p$_iy>upk!LUldC<cPF5pn%7F#wC@p{5TiA)4YzCYb|c1g>OC zxgh=p5B~#%mJiJqC@EKh3#nvE(;WFs#A8U)TGU{0p;rI%Wv{JIFqh3=&zemB;C_Db zt7L_gMN_+9`AA5l$kZ?<0Jt)Avgi?g=vTN&sp;Iz^$N@SiR1lsm_N?raGq(SV>Y?# z{2dwz1O+L4pBcF1n49q_coL@vu{;G*2P2=Z<i8#1(0qeb>ILU+a@N(_IZ2whux&Gl z9C+LpFPYV_gT%cjJYEVnFaNhbur~QAf=gSYkSUzqP@F%?s@GA6X~o^%>U$hUD$M%( zNLI|`ul>^+Hqhrahr~us!&CpDQ>e;M0XRA(`8EGw6`RqPN4~S>b@#vUD{|#*TU^xC zzc&RnvbOA(6)h0ANX4-m=|-a)Hv%h~RYPJ#&Ve#iPsuvst3Z2mdLLMct;O?9(PB~; zT2E{_x!^Pzx3%_iqE60tdl7!ZkmD9xt<>?4^x=H)Je~!JYr{s>xx)qo^HT&%Y-s_& z(+po`I>cV<1rCQ|+BZ1J*w(2Hy>I1-8!sBL{`~YFt-&eHXP&A+ud(h?a8l-UQ_s*y z!TTqI+2d@5%=H}g74ia~LK_0zA+VE>S>$|4V7Zl$+6IQ$*WCH-pzCBZLqDMWD6Vl; zv#F-w9fg46W81C`egBfnqPAUSlqEolbYD~Mp5zi_BUEzpYb_1+?pfC+F^_GCw72rC z&H0OdmF>UMpKzczK05?1u4XN!ai{iR&oMSc$*to)F=j{&5J96S*N4yM-!hG}A<?c0 zpIDI<I}v{<%BPA7pM-JD0*z6f2lC0f`W?p7pLQduh!kItafhMOwhvN;p7dOdvZ@_c z_$-20l}4A5A^kP>jtob4#$7YvrQHOi_?QZW0$wk&;On`lx$NZplDXm)h?gdcX*cJ4 zVKCICLa>KUKs>h&2fO>K#V0mKK-<N>$xNuJ_8jR_)g1q{xEkj^-sYcIRsHHZQ1oHX zv(C6n0geTFgk=%jwA{TeNoOtsf={2Qm)_cqTqr;@U9)2Ba3wdWDy6mQ8Vs%IXRV#< z^9#el0MH7V<nT<-A|qL_)m|^{NU;$EpcV0xyx$^c-OQY+-+KKl@-K50;W#j>6LDF# zG+jK3wjX9(>`Mk2N%ZbK4vQANODhiypKH68`Z;O43z5cLe||e{QWN?_d@0glfZ|x9 zUbr!->nCiw(xzH>dH1kb7gc&{v(fAihP~p@Q1zA>Kaz<DAFsTU)v%kqr9NV&Y^N7Z zYar`K7y<ZQmUGC%Xtx_3)aHWR_)-IcTCZW(&I>wvR$`?dA{PI|RzcZBO5nm%3wzZk zdX8om(xXR$1-D>qVTg@mNy&+ENZV<^8TaFW^$_k7Mh2~_rGWFbvcgBlhe_uRhI02* z7Ty?g97+OP1hS2zN|jEZ>=Y4bQ=y9EWNWdr9w={8&m2zEv{AvZ2iKN`*`~Ddh zd)yR%umu1K;1Rw#5^J~hPn|GCto-eYL}ZXXNqXImh6YoTVR{WSWOe#dlH4H5D8PfM z&)r?1i!~NhR9N^bATqsDLwzvZS;qn!f_nHWM4ykkbM*%2tElEmx`nxKPv5sS1;k1- z6BpqLrWFsP*FAL2LWqb}J`|syuFjpV(b~dC5i1+)I(MoQTcq93lt$@f-4z9O1KGa> zXlC4JHB&~}HD7QC9eL9Ij%{UO&dbD!e-?)8?*KqX)yh%Qs5DO&Y-`O479{w!rPj;p zTGDN2m4bnpT!|idhTDCN2$HW#<wI9;XUH^wCBtH#D5z$3`y-&~5ckJRJrBo0uKT6Z znwz72p;U0A#qDM1B_`HB!$<%&!R_UXZKa5Oh$Kd7CDkeF8V}+W`mXsK>)dHxA6-ua ztc6fYUO~91WOs3+wa;Z$-rD!jwdwLK@jxX?SvIOCK^^=Z5%x*ob)3Vj+e|u^3+x_u z(n~XjAgy2kxZ`As6u=8bbLuKF4f|xMXPPefqe5>o07Y;Fo*r|5hP~CY-yISuJ)asq zi9J}B<zIYUo%UG12NnDN<XL-wt^t0=^YQNo(LRG0918Gw+RRP(%cdGJf&PVY>G>gv zk#T9Suz@0NlocCw?CPg}tKA$S2!7PTk}=@_22wv)-G>mN*c3=BOl3i)>35xFVoSn< z-Rk18$4imFi{rn-7fvh1Jwi*{iz~mKoW3e3Ah;LQJa$Ze&I-Zc=|&^64!me5ay6QV zr&l(!@e&!HQ!+qlUJ>AG`@caDL7RI17ml`>8iO)|&AfgV%kKDxdoW{P`BqJ%xA$l= z3vWfv+u^7DD&9E$`$t!$=}XsOaJ_<pHo8wi17OZfWLU77NL&AjR%kvD<nVCbrH)&> zZ6Grxlyl6_9d=8G_-p0as8&n5ION=70P3>Pe0+K_2m0M=`bzlOj5U3w_Y0lM8~Xcq zag-J6nT=+viFayLGvWtZ><(@Iu=|rHnX!)hy6>CRy9cHlC3;|JJoGr?8$jXsux9+1 zh+$y$+qu{Dk|3xnSll)%8I<TTi7;@EcbKeA)O)M*Ne}3I$Cg$-vU;u=Ej$zcPWVpC z&(MtP81d4RX8)0sUD4dw^1}E@nZek?Cj(rG&1o-^1m@!`zcgVOCS{>IcS0scYcF!{ zWT*=?GyuBQ@|;;UO9nE<T{4g+reC{zfsopsnCniQcC2`!!~(UL_7eftnlh1e+BK+W zra*#;@9WCly1?_cDm5S|Gl2Q0cl!`m8#tBzwjZ%Hvl60gNArtf>PffHHe}z=?R-hA zy9~^(BiVKG>-SDEG!Ga$HRyjLt4WnP=z!f<@LSZf3s~lhpkTjY2yMgJOm`45oyXZO zlSRCXj-4(mr8f0@z#^CwIlFDQ^_7lR9!hxUzz4Y~<Q4cJJmO0{PQ)%e$K{egjwNmn z{~Wo@BKC9*v^nzoNGsthT1}w4(X&C@LFZL_D1Bp)GE3NGQRK|Sf*rrhCGA~ZbH86a zPMsPg^;8c;CTcBFQpBL%diO6H8#H%<csN??Urro~ihH+G8==%Q%6>YAkV`tmpedid zxn0~%5324&a1z~Dd~SK)yR#DCNXgTQkvV;(BEkH))Ax=QzxT54TZnGHPf$2z&J?SF zUw6XKS0D$hF-*|^x>do_*X<nSk?zb^BnDMwL0><)IiAY^58^yAuU4HEVZyHx3qB^* z=y=ET6@RrM9o<fiZN$*Shq&+(sJx61RkJ{Y;NMp6xtLV9?%nd_8(krw+Rr6*YyG<T z+-nn4kUurcD88%47u8p3g)xv_R`Ys0T~W}yiMn1fF5DjO_41RCqvoX<?1xh0t)|7# z(`Fc-%=G}LTuL6|-N`#yvIU|@>tISjw=!cXCBX^H{^k3+_L>T>d;^1eO9v=(z9+Vz zt9DBClUfq)`61OmK|=yc(R3ujD}=5pc*aNUFGTEp;rUbR^^*qEfEL_0{e7f;Fh<5( zW0eQ>5`*wPjk2?Y7onLr(aZ$|j!Sxfye6XjUBA-Oon@4L4eRZn)}Kq?{InOGyQ|TH zjPp735U9n{)d~dh&Mryv53Uz_U3cSG5Yfr_;~8Kagv${S^G;*vt!D_TWze-m--$y> zye#o?T6e?+n&xv?F@+0oKi-LQGgSIYOPYT`l!RSnggFS5ZXadKc8=DrO#^{#UQ%FT zu=1>M98EXvT#Ig4&_7tn5@v%Am=?CDK4&dGLiJ&t^dX3bT-EL7l@?FZF>=+8^8{4w z=*w;zILeBWBgQ{f$4b-Gi0IUEshSMOdQSI#I{G43dlDNo;VVcT_nV3#mQTNOr?BPt z97U(2lrfn;F2=EHMN4~U!O`T<>s4^FI7iS(kA&Z)gvT7!;z&aR{Ffnwn)NNZPbAm! z-$dRPlC;aivDz8x=kizH2H&wNbqs&Y>9r9_8N%o;9s5r$q_`nr=>7cXFEm37Kmj?S z2X!6T<QWBsafVDNw!km9bujL{eZe(fwqzZzZi8K<s8z1zzRBaSmwDxm(AbYy!;F_g zT?I3(l-fd8)5mF0uPXY?3%J4F|IVLSMd6%uTU-{vlV2ODk)zc>oX>k@(_gsNE0Bm+ zJCV04@v`zYnc98hw+_-Cm1dDHD>Z#6i8akK{?<b5qti|uhZ=qV$Y(d3b+(85!K_hc znx<D~Qa>i>)84pXI_L1}2!Q_>);syz<0&fDrR?=;K;)XzcjA7}(GZ=#a5OWUE4-ja zQCpRUMp7NI1Yy7Dv?veI_A5NNr^4tS-s{Z^reF7%FY`GC7@tBJQxB{v-dWjR(vqs7 zAYYVfZWOFpr<f^gB=qw(zDZy-4>2f?b4c-2AwSUkqdVz45$;;ej<gOK?A#WftBb-l zw_$$9Sbvfn4HtOr4hgNgygsVx5+FK0JyytYNiS;BrzO`#TR`_Vn5Q)YR|UF$G*vcx zN$+qt2=eGG31PO-{DUKL6`+gho&A|j?W1qpOj#9!`UahUwh1wq%!~sn0a?G3bF4<7 zzcW}#dggk$x=ioSKt*++4Pipp@mZnnZuBTy-uwMG;x%p-h+L{#3VG)Ds{EGj%yCiI z7-(V}8RB9jIM&&NFV<zb_+EJAk;y>0NBC14pnXxCThU9~P$mC^K?UEyH<&$K^t6<{ zd(Y7C11*js7$-HkcqS=&QrK8*_ng`pd?MIcuW8$5tiqHv&0cg;SsHgqk6fQ>NLp~+ zR*n<=tTkef^KuJ_3YcOr8IKpa)Z)<ACWuzA51BMJS{W#vA%yVnTiH5n%z|Dqg9t;> z^l)Xd#G5t3nUR0l1*FV<{skIyO*-jv$^?&fQeyH41$H@|%FYn4Q%0Xb+p%$>^A6dg z@Dm{Yb7u|;QW{wDsNfl&+APtZd2JG)=sVlj-6_OzBED3XCk~mn7`Rg~yEwPu=|lTi zxU{lBo6FhI)9XNu!*be$mk4{+l!bgYq*p%8hrR`WsnbyOfK?uBPN=mPv9Wzmy_-;T z^0?V<tIc0HEyNqDd1OB3rM7w=n<adru0X593DgDYgDqR<Rlgl#^M%1$-W@RHy6eOr ze-txFE(5SndX0fPt50Bj%5n%t^S_sa8ELu>Lz~B);2wNM;r8uw3%lL&PxM<S93GE{ zvqzutbGVE=lJ<UduelgkED`P@-kyf%ZC}<}7+Xs>I6eTd^Y@}QleKoMkCz-oY+{E* z+i1m43xpQZNApWjnsl2oTo4TQqh~9E<b1qjCOxw;qFYe-v;oH;tLz`-ZrETwAS+Bd zF(oc05~hQkK2!Ro0R#c@+EW2j)u$$pqSeZZbKd_lDXuGwS$-|vd4H+CORF4z-%=r& zCVS9FJcx~=D0hax*aV{zDKWmE>@RmZU+jp4`vgTOVq#55-w0i?>8w4Bioz8xn=NZi zthJbxjSO{3&)6+}i;%*=)Eb9l0%S;-q2Da9kIimh;A*jKKifHk`m0()6MmaCs6Csc z;Z=z%h8DMQXVX213L%3%o%N<#C$WpOa-3F>M~+11_lW!Lb#?_}=}PG`QVM#5c)ygg zJ$<0Tsuz`1xb@H_uH6R_VY=uZ0nM^C(==nLehx=W`;@xt$0n%yhy((u{gl(sYQn(o zNVbS9ks-^FdYA94)3A7~5G7(e;G{>o$3|bMF)L!a-(i+F9n|o6;F#b&Mn^ip+YFVB zgptfnNef;mfZx_a(UaPDr4dyKQPMFR0b~&&NA0D3jiY_}W0u$v-PJ53CP5>!IwxPS zgX5dB7W<<Mh|}pVNI$_U*q|cUMmF+I9sU8RT3%Oa>&LUi8c^N4jkKpX*ts8IMAnIS zcmfe?XY5V%K{5X)34We{mZV-)Zi-dtp+nidl#yU94&?V$!ZcU_d`Rh#un&O#p~_}& zf^aQpPhMgXcQP6r8_3hV?!g0~NYro8Rj0j#eU@`x$ZCa|D9LyIcBb<@OAvFAz<J;) z>HIf5>ow73$^_&}OFwjCy?6U9M8OQ`1#x(tta}68<9ENVtV}I!BzS3lyuinhDvpy` zuXMx}tF4&$jh@28uFinNJiL!q1sI8aZjS@txkdgP97ah#1D3UubFq#0O3ih3w+}~+ zjt|hVAv%*=xu|5w<|O}Eaz>fK>FgIEfw#CcVNNZfkX3Bgn7=LESY((%n>}7n+AF{k zpt9;0{8EWC0Twk9F0nh6*qznA;J{BEMOs)wk`TdA!1emf%kH_*56KcPUDC6##J<}2 zH3<*aKU$h8a&J5B@Lyq=GHLu*F~Lela)O;>qyiiy8*)VxOgMuHxNeDddbsYjpR!tS z;2!jSTE81B3F?^Zd(_A`-$4$;L_%FQBPsiVHru|vmDgHgkv0dE1Rnfj&BxC8hFp{S zy}}a_>&1gCilRkM=k7E7D)g$}XOYb9*#$8%we%^Ux#4SoeS}|EB)EiSvY#EO`Ko>h z(f5_#e_OV)**sp$#Zg#cY<a6b6Ok?dWa_qsoP(hrZ|o9F*E++tZGFbi9pp^$KgO0v zZv&7^GY_(jjjV(?R%P^$%^a|^+A0FIgwmUzz0CsPzvL<1R%UO#DH!0+%RccL_Q}K? z$()JZD%tul&)LeY6JT{eZlSOT_eEKea3$h;xw0bjNSKroyy}5*bIlTmKBCO$9B1+q zb(f}0$))aJ<DCg*YG>q6p}wD9yq8gPji+68QVwnqHMH@f5QpDy`PS6N?<F)*1Nhu( zLMbX44elIXG-+9j^7S&ydtaMQOpF(GDUB)A#rQhQEDS3FYY^$aUH3jxSqrZI!HP?l zaOH7UmsumMK}57!2k51)%9maDE?aebuF17C(1n;S@xzAfJ!iI((#zi4v6NboiM6yH ziAB5Gf_2~&1{moE{duZIH^oPejt7WI0mz=;ZN8T+dR7OrXTvT<>bdVL;$5eGyYm22 z2aef(#3vBr8?(xA91b*UI=hTjKN!<Qk0JzFq%L`}CQLH%FsnEOwq#4tr$r9&B79F` zmWtaWR^6sM9Ex*~yMjxW9>Ku#NUNysH~xzde&Y9SgT<L}%C<Y(BX~*qr}v~EsGJ5o zWHdQa#ky1w_~<K*k42l>8U>2gbCa4*${}Nm3+W>aXXSn)D#l|h%_l!r_HLXhen45} zFiP?N&I0-QRuYv=#*=<_KIM=uRSv!G3UNPZ!J#72>5UxxpqUizk~Skbz3U%6Pixt# zT<2rd2pzx9KmpVH-V-z9XZw#IL@-BH2n!SkHln`>o}W~lp4y5*cpY46CF`^jr3*F> z?5z$Aj`Iai2D?tG&~#WZ6&+(uGs{HcCvT1o1%N|<AqKrVj$6nyMqfI!Zm$W&iAwWw zh<nR6NdOHbwT6>yl;JU3H5-Q`kT6x&Q|Sm0ABS_N0~`Varf5**C#ajIVUkI#kTC3n zpU-#KLE2hj|BuUe{;1W$ByxW82WCD0;-NcrlYMX&paMF?Ogd-P766#ONAH}$&AGq2 zmCh4aVT+-oa|XEXM)_oExp;f#to~`8peRe<u0%DDjJD;GfioR{ef3eJ{O{yS*|&ql zmAk03>8ndbfP+i#zFJ>uT$}%Y@=R=|Vb-~`5lw<Yb9t^Aws_^x_`IXBv1R>toWo>( z0+0Td=Z(w&t)R^aRa-!0qobO~3@DRIeQjPfG`d+Z(G*`}G1EW8uE|3c1K0u`F*&m5 z525R4qmP8W&iu@yhBT7rePVC{>Xy$^c;?pj-=w7vDFl<V^QlBEI8ArJ(pESAapM;| z7oT~X2cFNI@@Y0+by7w+H0e9_+&PSYmg#XO^Ep9ShOIFC(Rv$l`{C+>fvmn4$IFsJ z@;>VMF8|Xj`bs|4(u6^#8!N{*xOCB3PA>wR@0wpE9S7%e+fd=@_8)>5{8FM)cflEP zBanyeuedJy)o1^6sgdLl@;&>0f+J3R4(@*_tsgMP$iFx{MNVF27b3>~usV4ry2_Vv zx4GdlWAUqi`{<^f4Z$lu_!Mso48B=rCnm^y<A7>7){niF@&d-PF{^(JMT;=9R0A|h zma|6hy!va~n&=VJ%e=S?c_%V&@D5Llsv)5zPO&M?N#_|q=y;QWa=D4VA?r7+5XAQ( za7^Wr-e2k+b&!|Kn=!A_t!yU-Gj$&R<7m&h^k$f3g9aeg8MnVoW_33@&#K;x$?|C9 zLZlP(e0vXI+3O2`F3RrIYM~g*QJSCIOWY6!`uD5&ZSo(DIqvUKoGS&w=C<wBTu+-m zNfZG?`dL_c*P-0Tto+QZaUDZ5<oEz=)<m(ev2v9V2ZFWQ+wpUr#uD>{?dYP>Uxdop z&(?BX1Z<{%n{$^JMpE*UJ&L6G=nV2afJxt5zbmIJ9LI7hl&HqU-*`S~6Dv;E;4l%W zJ?4?+H+isQ4}{?6CdCcWsY63z5hn5m{D(Rq$a|DFw#t-vQ8HJ5F%a*1)}?)ae#+z% z#S8BXzQD`@i@It7lN28`sYZ`DT6L5_n83!3AvKy|Vd$&bV}R=Qg<i!!HbA~G4%ers zAp5nuA32|S{(k<_fQ*Ll4M*i9#zvRpHtTIw?SiR_Z+K-uc>Iozbz*nOEICHJO7Lin z+97lLtEl6g4%4M!r=Z<gkFlRrv1-^ZzS*R~XeGSAOMo~U|FIs6^N20p3jX^K#w`Ic zft{XZGfBD`NJfvno3YXUdP-#RztLYd(?kQ0J3VLQv}>;!Vw5pN>A)=Xs7H|dOTTSn zAj|~gRe&Lk12*g+ATDI;d(MTDwvNc4(0Fcd115i=Y}sqV%XMnD%Ge^^i6dU!#-9Ls zHx<%A+L*Vj1bmwA#vMQ#$>cin$=B}a`)=Yr#mXZW5Wa2YRs>o6W`8ZycnPv$X$?|K zMB-|#Ls0H*K_~0}&}jYi<iV7n*ZbFA{JozVQqdB$f5i@9@#_*j^@HsyIyIMRUu=ij zm#kf>28i{w0z4aE9`P`fS`U^#$sT)ezcxE=wi2=b!u0q4>Ycf`RFuJm60o6Q@3DO3 zQ@)oXWPU>c9UstJD*oQH|B7-@p}KZOpGW32amBsuVkexj?)d#J<u8#**aJahbP?(e zwZ2_iwpFAbY%^)<o^P}H!tDPc0<H$HPYBx%rh5WCOqBGQ1&|JpqJk>9`Ra)&@f>1- z#NI2D_Kty2e5J_Qtkr=UX^14!xcw5wIa#L0qhB_MeIRv|_pG=A%Lf?Rk9B6FebwW3 zr@pbxJ{Fas+m6Ls1Dswjn+~InxXV7cSx8+q;QL3wNttw(Suo17P%T;tD2(4|dnwy# zU9!;A`O-Xom?FV-wi;)fSGhW{HoLO%Kl?huy*r{imDUi5102$ahYh&-Z{aH&fPgSj zUCK`nll4W+`xW^E0i?$V5d$6Tvs(Ww^~pKXUe!vy8rNon3ZRVe<QR@<<xZq%Ien8_ zPjtrS)V2s_1a6#TEW>~N)i;uT$mx34!5P@Xdf|Nc4%>8x@@{@EuFBUy^D$}b>UG_1 zOL0ke4uABt?0Wfmk!|Ked?JZZPY60cudiAfS*;=VM?7^{<e!y%r4cq8o%Jo^D|i0* zNT7oQtr1WXnYxe5*qv`kkGTw@1pwZ+^DJrWIqQX*;Noxrna8d4AYPGxcbin$kpdFy z8G#P*hDdUJB>nRoy4iQjDuVIjL=0v1<HF+nVNFBu5&%|wJK4;Pk#aSXIBhjkLChc8 zBKU7QCjDnFfDAs2%)xO{+|OccqRO|A2irAZ4D+v@-MiVC-y7$ptX-g5y!B@v&{0GG zi3|dyz(2&~ckb%yR1jPMe`2;rL!^TL0J<6%;`IOjC#?)CT_|SJGZp$Z&ZW+Bt2f1D zES~&l;y-7d8+B{FHZD$N0OazK0xcJx`-9~CkK%b)>G7i}3HbzF9fTC=bPq+nL>yHS zxM^rji_!Yf^}iMW1nd~hSW@)q)3@kPr<s6kA2$)RiFZKg0jCB0kIcK7I0IyORe;?B z1CZH_f<cJr+J-A^fA!dFY{01orOulMyxT_g?$&^)zXa6mH^s5p5v>7GYA((N7-IAs zmV0&3MoIl_&VK=dqK-nlVz`hPfF`QV)YkK#qX+uit}*GL>5T~O5yNsCyhzJ`F>8M* zWl!DzXIGM~(OeuBF;i~w3M^bz7!_`9>N4kosOo0+&+Cojy#2qnJNQn)=_4;<tykaS zo^6)vHQPMjPnw<W67bxKSqDR{A1fZaVtw!5w^tm%Q5Vqp4(&=EpsCj_vSz&EF+66l zoGkcPY1W4RCHA*Gj)k=Vo9KpO(;!DVaEL2qWSP(C+JFC@zxCAEFY~Uw-nIC8jl2EZ zj*sTm*K{6=CaZyVsJ{pfR2A*r>>d=$y7S16?vLicRXwldBy2(F6FA6Q|5~xQC88uo zdr#L#c1y^a2Qe)iz(r{j1iJe=fOAW}6|SJF2Y778gX{PIJS%x)c-$nPd(#T%?3km# zReo%iH(Lc57!u}m-hBq#MLnI3jcrx6+p$X<{(ZS{n14BF1(cQ4%#2HQ2N>CJ%$;-# zY{jvaD`r$aY!$zBtg-Qn*W+*Az$t+GO~u80wp-rDzIY*PC>Lh;ucCBIaj=@d-)@s* z2ezyXzARV$CebFq8hWn6WoBSp0&_Yzx)?NOfueSlI~p3mR4|$tM)SgGQ7~E*j1~px eC1HfufBQcv|9Y9b%l-gEhr!d;&t;ucLK6V6PpusQ literal 0 HcmV?d00001 diff --git a/website/static/img/stackql-snowflake-provider-featured-image.png b/website/static/img/stackql-snowflake-provider-featured-image.png deleted file mode 100644 index 343a76d474317621aea3592db290806598396f73..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 27769 zcmeFYby!sGyEcrEEoC7B0wM|m0@694Qqm&b-5tZwC`f}K(kUQ0z(_ZUl++MINDe)~ z5YjNzd(Wf4{qFt#|NZrCj>E&n%vy^(uj{<d^SndeC`b|Cpu9mqKtL@0TKp{m!KH5m z1phc+y8=F;jac0T|6MYFDgTmy0P&OWa_9>9{kp?zO=kiEk{|eg7s#H<yaOLnxJYQY zDBGL4zzm&C30|7m8<{?owly?2eQRoH;_ldKDoj9dA;?li!$m`0PSDuimdy}<51X5< z19+N%Kv>kx!O+;+)a9X(skx;cgmJU3iSePO34~FdNB+6IgP5s><!cWoQ)LeY6=M%; zV*wLJQ4!)B!ft}#4YsB(h7a9rZS0%{-5`(teX$_8#(&KINJQAl#7yw5xa8kEz;BR8 z7A`Ihg6!-t7>o_Z#b)nh&dwnqAi(~dlbw^372Lt<>~7~`=*DX2O#k-<;-=2VPL>WX zmiBfJ@h>zqvWL1r9zmg&CW2;$W;{kFCOoW0hFm7B92_QwtcE6B9IPf>Tqb-x9Q>SS z97d1+{&^Qmv;X_|?VSG(0~io?{5R|zY|rsc#$O96I$4^6R^b1n2#4^$-~W%#gxT>8 z`ELyq`SS_rE4ccvk--nse~qrG9T-v=7`taN34{a$R>soeFIC+1)~DRPhKJvupC2@g zIg8z{eEf{z68Xr@A+<r~L0Xp^wwH5KnI8pn#kMisOR$9VtW=>iZ%d^rT*#mg<C1te zRQyc!+eP~JkIe-<kDpc(TrYiWQ}f=&q^3#qF_D*vv{PTh!DRC2&en2PWXF-t@94=s zc@cys@~GNNBwg{}`6qanJ&C;V=khzlrDuPxG$P(z{&NMt1=c10$AIUbdw;G9CBOgk z@725EYZ`w(`bK#HbPE5YMsM)vZQrf__htV(W&{NPyEF(0{&zbO5d3e{_}}1&PZ0nA zODOSum>q$u|7OKylJW8J-Tg+zUB_WZ)!`Jin291i$nDtS+<3d14azogDWUV%uXPW- z6jLqVD9eTozKt&QZhXh|CzZaaQigWH86zdIv8%kPR*p2MDv?j)8z(2SkGzv(hO6Rt z9Nq*>>|B=nn}cg3T82Bycip1(1g8rED?jRzbW~?MLb59I)QbX%Uc+ce@*F%HUwpaw zC&f>_S{YErO+*^I6xLYBH$yUYwUWm2COD7zNiU06L-Zd;{Ym%l>}IL#hv6r3aOY}e zP9t3p9(E<Ajqm6?tdnW%H(%HL{oB=B_UpwmO~z4=sUcWYQ@q#017769&gmHPyQu!d z{)G4c;)`GlMyq<9Q;oJcTiKDjxkPtvZwqpDeE0jaUcxF2;iZdQf0}k{9m8ny?27c; zFddI=@l5Am3HXLT|J(3e-IyIqYt<O%U-lD<<@p);odRoB_#3|c=LYM8=BxriYadKX zpj!G_^}#!E>+HVQdjq;ZXywsJ#%DcD6vz9+x{F(|O2P#+@uk0z=4OdPT0V?~!kKgW zr19<lct}lNcgF9H@n$oUt_eTxegS__Q?Q1}&V+O-=5x2e!vAQ;|2H7&;nSpv@f5LO zhhC9%=WENi|KPOm)o~+g4JVj`JyK69?$bUfZW5czb5bEl>|LQ&)#NC7uvwr!&{2Uq zTz16JN+ft-=VeY8P9>*yFoF?B^OnT!d*y+f{8{X0Tjgi9<$9v0dD8Y?4&RSD-jVzr zweWG=mXh~TuO#blk|Ad)t=+gP`RO>t$cnCPdU=rs*HYDUXn!_hBLW5MqS~GPWQ=UO zVmKE;N@6iC1Woe!mOG-#gH@d7O|^*|$4pRL$DO$qs499psg;o&jPOktpwbU~=MJ^s zvHV@n;TG1`C{nag(N$6pm%M!A?#tdHE2JIT+>8Ehr^cGG%#rC%BA4!MA9>+WQn6YZ zdbysYdm};>)W<%uZ;ujrr*uCRs&1~qX#Qaf`!iF&wUhgDn>-QHO~tM>D+%|~%lE}I z8DgZYr;9z-5hAl**Pd;Sbj0FDg!XDNpVK^6+>&+JF!aU6@@x>j2`O2a&w}tJo!fuF z?+p3o3RlvWoxh%-k6r4Q^vZObVd~9}g5^DkpsxC+aQICDuTn`gS{LC-vOiReqE2^& zKIx_!+(SiD4Yyx8ufFkj=Gd`{t;?+TaOYp_=H7$86-51z%_Enbl1}&gFV!5^Vj620 zwWvN;bS-#ao_Gv_e$({*wfBDKro*j2&wuF#=-x+rc<lkNnWAoT<Ca}nrI*)``?Z%2 zmD#F&YXw88p2jY7g`F<Yl3t}mB;CxTzwssh)NoX9-TIo&uc)sVBSgFpzDVga=c5W> z`|z5!p0^S@dbYZ$H}uh2eN6*jd_~5TbG80ChMcu@-sAn<LH4&&&{catTc5}kL^-kR zW=lJ@<(gGV%|9nhbP<HU^2U=d3~`k!<g6D}(3HO%hKq+WgS7k9t|S*R|9O1>BOm|! z`B%r3ULG?qqL<bRMmwY;g-El)WJLJC*f*lS(9$XnZ<Qgl-d71RO$b~{k@{1PxQq?t z^iM%HhCdh88r!GPJcW;b^bSf18n^&zohGl%JEx1<dr9tjRj%pRrw(>3lz$sP{c-ir z)b*S8io`oV&C~K4th`f{q?=esP7-7={wCoV6PXmFpPD&kuC;h$z3T0SX){8@kAD`= zGH3i+K8fhrH|fZFeS|UN7}1H9h@g|)LHx+dnArO|e-rb7>hxx({|qj%OgW~sw3qR; zpg>iBjJhaydOEjO(#%9al}0o>eGQV|N!yC8P|nb1b7RuHzF!|_K&wZMPnqx7sFq4L zOSk3VyC{@5v^zOsyx+Ne$DwKuTX0YQY2-*PJ%<|GD3w>BcaMYnegg{s5W$c3ua$}^ zVk7($OM{J92xaAihbsA{)^06sTdqPak%lwE|5+|}w5~;0+R8j{op3d(m*e*2{`+(+ zxz<6|_3QTEzB)|2<vb*CN$11gz0<90X&3Q2)QRMx`eO9%=tZO50IDkjq!-BlhKG~r zL3-(?8iAL-!^znnmQyzO_;dWQ^NX&Z868aPU;W!iALlw9<_DkhEH7#;8lzowB+9it z_!p~}ri6dFU#ouncS8g}t<pYs@-8@|FVnLu>1qFwO}tgT=Vex8hE7-q8}QzrSu_~Z z*GVo`w+kOx`$aDk;z}a{i%ne~jC`wT)zW*ti<<kp`~B)if8WWk_^O`fY>s&RNFwqq z+dcx<DoFc&!^pu;mZcQC+r=tfYwr@5`D^or?sqtzlp(nJT*<B~C!$)iiDF4v@<I2F zx@0BDByK9gkup7YR``<3jX$lp>2T`7fF0#a8RkP}Eo2%?)VswiIvYnWkKIy|365~2 zxgz+ty1o`#KHaeU>zjB(f-2lTM~Y=YzB82D+vw}nE0Wj)daXTw_USLJhi(|LcWi&h z)X!@7%LNY`4Zq58n~@=rflT9oCXK4y^<^;+Q<s=Vn64k^@ve)=rQd{q8*}^AV{fP_ zLayKWqBVEH)%e`m)$WF@a`$CTh||QIz2A=oNiRzNCiypIU&~KMG)OkpGAT(|>VcV! z?!$OpvbnP!ebzLsq?M`(KmRGM;;Lnj5hKX@3k9N_YjkRz4_};aIEUbxD@u?p-(JVa zY6%MKu{hu6vHMMcF?{&&FG~RL=?+JgUNDcL=v&gLtl=0d!W8EZ=<hBf{jRb7ofW}5 zh|S!1`;REJdqM2oMd45b*|1m|dBiXwAH!-+^C&;*#S4G;y9N_4gCzRsq+*=2P!qjO zRkYDxVl#2Z@<c1?j;A<c@_v>*G1bHPFipp6#PNL{`)<qC<2Z)c4WWXrRZ3Nr;n&f6 zEC>gYHLkaiEy~zbHfc&8eleyrw+QOQMX&n=EzIzSg1q8^;!~+b2r4fW|BPoUY29lz zt<ciJx3ST85lUkeT{5z&W?G>;hVS&d_SL;{<C8Fz)tSENiN4dx8O${T7kwTmu}98H zlv;Z48!_u;c2o0%$dMMl$NWL3rH2Oys~U_M#-V>N<kP+Ek!9_cD^I(6C&@q1Tp(0e zsce!##L~WT)C_Q47b*x{Rm_TI(zMLSH#4gg#lvg<<~y4t_^bIj#RCG9te01<Cn?sI z+VpGuxnff8V;*dbgm$y2=(xT>#QJ(5J%}4Nl!dqOPgh0u+*qy|*UUlMQk_9^kYTR8 z0Ucddh|q4*<%-ga;}uP-Ugew_r{+J`1^l^P7am%l^`;J-%|<oZ;L<Jz6WQ9@I%!j~ zk)#(4D3W$qp-M)gkQyG}HmF%oaQv8W`f8^KR35?}U!D0ajC2Qy4(PlOa^(J9YC$@l zKMWW&4#d9yFppVB4367wS}AwxWsxgWgZ@M@V2B6S>8~<jCJR}8<(b_i+f1*fv`oF7 zYNr(n@<R?C7%zR$DbnB{7MNVOnXXY!mf5!ej~h3yTD=wCN=o4q|GX2p`jJB{CCI;h z$eL*gBQbWyEZ?JVymlNv7oy%7?M@d#5j(7BJ6<DYT@_17tfr2l(ZVQp60S5gae?9D zX7Y`2u14L+iBvvwDI-@Rs7*JnFfU(n3wIqUUv5AZS$&daQX1qtZnGHqZm|~`=6d!i z3fJc^@3A{yhMfK4&V6R=&0=2;Qg`w+^C&v~dT)@mU3|HdNqzfXrM3S)sY2E2iXzeq zyLE54;<YpfTg1lf2)T!(wVG(vobj56?xW||H2CeO_TREjRCDE#Q>uTCjVm}(?y%TS z$nen(PN@AEaVewm4IeaPWaD(0@YKWh102j<oc*(bvI&_8iO6D^tyb*x^%}bCS8|Z+ zZ_>!$2dis`ZE)>hcwt^Np;urI`hC=RXgxGT1mQOgHw*8B(v*hgA4q^L=(`3N%*a(> zu)>zy8?F+F^kE)<G8MBnB7WdFCBQ9q-O;t@!+DF8R7EkH#FN~l;er`tm%IDxtYYlw zsK8o0B&dM<sAUG}CF4@ZU1A?&_BiG3#+Nf>3!UR2c9?x%1=}=rx;LB1tGl5+!PuUS z*s~ouajEjizH|Unx<r0~P^+pzC7^HpTBi*hnUKP#vXdLWGWeEOnY`xH!x-|_Xm0z? zD@9Xks}D9xH(Z<5G}l#Uaq1C1#PUf3bn2H;O?S(qOjjpKhTWCGSJOYp3~3Qo*yP={ zN?3(givo*p+*h}`y_pye4+pEX*zS+lH3(kiR}{&2pOq`JP@!B#V2Q6BuAk27;Cv8T z@)Sl=Yf)bhL<I_@A{ns}Notskchw>T+3|MLP9#)Y*?g-mc`KYx1|C+)CJpjw`KAx# z`80S4k_L%8%Z8nmmA_@79CWG8p09btBkA!~y{J*Z=H1TCM;}rNlWyHLJ%)4V&rtO0 z);D(%lH|%i@dQh+H<!GS`qvuyetzLTB`JG1?}m!4_h)DRITbZe9?*5-<c8M6(f+R$ z6EZwD`?q_wOEa{+^iPzu(O)ek*zbp_N58s_7_ntno%SR1uozae_KkDHQmR(_1O-kv ziFfm@yU<7`uuSMLKKNk@Ug>V%E-@|QB%|+Mrq@k5C`5*Myz=_9B3fur3^kpvyz;&U z%p8Y}L0}q1Y98a&lmVWt)Z+t}w%zJGNIK)3wo7LXtW`nUeZ++WcUtZghN$}<9_BTk zxn`ZMyPy@?SfmRq<7f(GMp8;WRB1}gRd4ms89<dmGgQFTNSd)-(smqsze5M#W`-&I z>w*>RNOIJxJ(>pwBc<h5w#6yQBCC!ewAx9lt|&&s;c~^Ed{RPF`*QSpY*@|}9zC*n z^<}~^wZPt>hk^$_Tm1z^lp>x?v>(Kyg4FGYg9Q|=ruKikM-s(CCuDiN_TNHqC)Ot< zm)AvIb;?9T)l7{skKUt%Dr{@ZGJ|}obM-d8jW#ezq71rdMRxSvT!}QRJ>ve>2|Ajp zjn0~O0h^wNmg9Wil%sBFx+3MLyV;rC2p@OlOuI&2hx5RXR+hHI`=zA2eA!SO@@3>c zpUWxFO7!k(h?;lZBWd$hs+6ExOFikgzG;Cu-C*-jA}tzU6~5~l+D&4CLjEKn|FnR5 zBKf|i`l**)kn__=`1nYEuSjJUM=fc-a!J<nS%S)MqVz-khi|r+HI9XcNBCA|hqZY+ ze>c%3Fc(<kLl=!+L+q&8hrGh#fs3-dRx=RA<pGTT{ISR7=~_v$B6P+r=eX7P*;Lmx zr&O%9lN<Fvec=jJ8$a?IL_}6vtxD1Kx>f1bk<vJdJYJqNGUh(t8C~^l>K7AThqYS} z$$WHLDe=iABl|AI&G3X_d8_b>L`^M?bBg5SnhLuaX*>wPg8`O}xr5dB^hqbK{!6LL zxuc4S+MJpL%P3Lm=LZMPB=3dh4N~{Ra$YADak}@s!Q6bd2R7)%dxoGB<?a|gjDv=C z`V)%c_cO0R{O8_1d-7~2<el4a<LpUk#3zn2yRr7vF70oAqh^;ZBe`14@0bf3O;x^) zNGMa$XK|B6aIutVAAtgJ9Ln&V{J?&sd=+_0bGj7+p>yww@)>{LRn&aljLo-+>$xQT z6*K;z2r5)lBtvdu4b{xAG`rK)_Dc~pjXTHJuXZ^HA+3<_AA76VvkmGl!-j3QISE-Z z69oJX8(!#e2aGQWpKr(o&uBH$eIu{`<n&S(Y(#fiUh&pvorLaK%GfFgi7Nd$XZ2Y^ zNpz6Edr$*di1ZtnVB}>7z2r|F+M{kFNIBnKiMbxtyI?KDFZX@BTSn!cUsL7$GjEAE zp603b;QV==I+XbR5kXnmTgY_}LyhE(P7Ag2S{k{HW$Nt2i+(VQ(=2N(sI$}Pxu>+! zAo__aHh;Dx^y4ZHZTxmG<g<qb%>Qhw<-4Rp`q%h<YG)Gq@Ug8MlHWn-p_^k9TvDW% zf8du5q6YCHjQ|+%A3lo7`~43TJawTXlWkPB>x~*aaW>CuH)ndT*Lc|Mi(?#K+yzUi zCXDZr&An{mCAR4=LF!U!{O!5C@oU5CglPk#H`3^kIugfkdu}<WnJ}4MvbM7vX#b2< z+M%4#(SlYsHEv_fSf|ln#TYLh*BMBCWjN>;C0Wl#Pxa?{UKMAlxbr!=eJ^y-H-{G0 z=X9Hld?G}2IXC9(<01+Qc*pI1rd+8Gb~GXcW;y%)zAg21;ilJyR$Kd}O#yv{qh|Up zG%62KPn(6Nu~srzBG6llmwz8oajp1c`h{!SApC^qnfgb^fV5gdzn*v&%0f7@mRB(` z4J8SPc%AaZT>xy%@%2~D^-rk613MG%I8_+Us(?=SXqUbWz|uRX3*?$o!K|jEiIIll z!E@W8JC0@`U(fZBsi=*n=!YJ)<mwwTnSEe_3ug+7dFn&O_cSft+cdqQuyP-@?F`DK zSH2s>E9p73`srWP?L!AzIy<1orN_~p@_XTN3<nW|Nj@DF9x9pbBvfl&uivz`wJ#?d zJMF=#?vz(|y!5Vt#oV4upK4+rSRX8cWbLASa(9EYZ|}`Ow`8zW-ACWP2>BF9iZUZm zRU-S#@lwgEqjO&3Gxe}qRdY)EgNxN0f$zv>0ld9c)4X?*-_v-5yls)}Wf&(wM1hO! zV^d6e721`K=2eN;4F&b&kyMmJZl>EcLH;1^glOC<_Kv#+o39hJ*UgHvpLF+WfyEg~ z2I`UprHZ{A=wC(kQE_o^rJC8EJlsvLmyKqm(<`&@8VTcb-*wfi_wg0;AJKP~X=>OH zKV!^QwVxglI~RGRr2im#{UnQS*0pYLFF6P+>U3LGa3pJ;UVGOlPQ8i3OHw<KcO`Y= z_FmYexI9HPML+S9P(e+$1Pgi^5wbYoG3%DBwKukW&!Wg_<y5gCwdI;}hOa997aFYw zo=5RslR}2&&e!6!XugiAum789G>e4V;jYf)_QBP?2dQ#bzbN^0l{+ap%ni4|t0=uU zW<LZELmc=Tk(yOSyC-jZ&{Bt<u&;1?D_4@s!=D(^8)5v?sB@iMdHY!Sij76OqL89a zq1|$NPM>aa{-@Dh)c5IpWROPNqSH!}2n1@p|6<W(A5}r&T^Otu?b4+UC!-x+{a8h{ z*SaE7V0*f@R%uXRFNl5cDxq|q?BlzqY=~=JgUxpp>)V%zYUj@7@BpVX#1UzzkykoS z6*D>$kT!Ksultpp{VKJBBr&poJrGT6Q|g6M$hu$wpq(viE&J0=Uu<Rk726d=(TE+( zdgXBiRBAE;F%NLA3v3|F=8&YRVbK<aPVXH23QOAE4w~A5WxPfWju)IW7xnAM)a}}* zSC=E`%4ctU>R8-4a#NLfib_AJq5?I<=MJJHZUv|jZNcB7O7}Rjpt|rCB9?l2aP1qb z!~t}*iADPJjWmv0cPD=M#Gx_f&G$>IJZ?OZeTjKTpV#%xaKBfJ=t3@KT`_;!b_X%J z=929;$1YfD?Hg;gN?Boz9$-sNr#5A7PY|q<PbUXmvDz?l=5mwsZV=40@r~WSSL{G? zRp%JHy)Rqe)a1(cG~rMWHbQtA<<gNrhcwLkfAIXSBXTzQpu*2Q9NlWH;u_e<wHWth zYLQEW#`}zijA9za23m2X+-`9e!|~ER((l}-tW1TJ?}Hh8E{kRi8T@GM(;nrxQ=ujc zOL7Hv_nb9tN1Ae&UdEZrm^<HonNN+c4e-#j#}OVig27Ze(EcSX6}QQYB<K5v!SBd2 z01zG8+~`PY@u5iOdVLwy0Tratl?L@mgPP9^u=QLm?#ZZW6-;Y4d>8OiHN~)XT{Im% z%kr>@Jx_icNtu$-anVbi<1@O6CBMjiu>Uyz61Sg@g1SCqGd^j`vv@TNJh-VFfdu6Z zSv+ljPIQAV2{PV@v;EioZ*m=Qu#{xtdX(|SYLsKMuzek_c5SVX*!S{0R`L6`;=_N` z>UzpmdQ+mPI2;*nUckQMVpw24-*CJD(VuCm5-A?q^@pUk&|yCBR*2Yni_RBv9{)Nx z5zMMARv;AFU5VsTZyajm8P3igt&3UP;wKG=9lRK%>cT0pIdo;d(Jyu0ReE!wt@92! zR`|nn@$aE;a@fE4ab#tej>8wJWC27U?A8-5(%~NNQWTTd^$PE$_{thkmeOLFZ*lrD zYPzOpWHi+8?sZV-)xusCFDZ6%Inm*PF93@whm$0#DzH=DUpbp;=GxymPp6aTLPke2 zk7GWkZV2DK2_tW~|J$^Qi*cdA02d!#&&C38(5hS4#g|xLFv?%h$?~T}bOx6dLK*eI zO{+qmJMO!$2g-c8s8%Pm9cXd3z)@Rt$C0ub<x;6x)j0MP;eE&SvGf*OdgCOY+Ci%t zc4yR7kW?E12BYji#&^S@hhnOwC^v}t8U4tnsBmTlw9{i^f<YVpW7(t%V8%mlTSv>a z_hcEou?Z78&WoA(7b4Z8V-n*sJIoY^X7@-f!AD&(b#C*mVBSDk++abpf1_=%nGixX zcYYSz19G<k`2=7q$mD2qA&Trn#$}9@b^S65;i&Mf8V~zDKiRZ&Y7oB17$)b3mr^}1 zQX<S0ehweQ$*tOc<hSd^Ct5Ofi5_^cUo)s?ViWrAqcN4TW9J3Rk`&VB%OH_Mnr4NL zO~x46cqR2WsTUtqN@n$C_YU{gVhj{dr#7xoiwy6PBK?ZWwq&BGAyYZW2VOYymbMLl zDen0x4_3jLuT@rS5$e(00=R1DYlh)q2gtF)-5k0SqI!&Kh61)1>gjHAcsB`YR5c7C zGzA4=TN{ycr57)pi#M|T<L(?#BH*u5YLd2{8%ela!)feQEE9)B`6~<3RMJEAVgWcN zC3;40N51B!s*N_`Zq&s`z1U}o=G;00PZ-;od~y5@O&%FrR6*q|UUpI%QxE@nUuLJB z-&k$&gsKtt!qGi|Mx#`Ten~h#-QMG~^Up^I2bL<YRE~?~;+&+DBP%S7G|TU8p1dZO zcWv^iy^R<TkZl!Injfb3L@p!t-FMC8;XB`;#UZd2Bpn6P@B_y`YL^O%?6-wz%2}#0 zvdD}twa-l;{7?Ga@5gP!jJLr=s<Ca0x;{JDaliDVo<PFSZ)Ltb+d=L7Kkt>Dj8bTl zAxi9b<?5_#bZRWDT07t&N7muU0#74k>laW<X;o&lF7Md$Ilr=dBc=nkaphg)s*29~ zQ;>&!zFCDi-=ER|eQMPDO$3|Az5^T=q}~G_*r!(@mF_DKf&xbDrb(i==ZgIukRH{n zY<4W&#cCNEP?-^)k^H3Ev%jV7<L6cD_Jg5^U%fF>V#;M|O=bG}Op$|#kGP@LGGQN| zanZf3MyO0M;bc(lH4)HXW*+WiE2ruHcgVTraEf_nf7c6_&H<D?gk1dH%w&v@!@62I zt{GsH7UG_awf1o5?*Ae$@V4K$&m|5>2~=Kl{FzJlQo~QVYvT1c_D2gra*H}$rAg;f zV!5Y4+}ZaDYzXe#&8Z-PRjfiTyZ%3=jd9!n8NS3V_vtvwPDoMA;MrWVF=ZU5eKbyO zXN5ZW_;`gKU4Wtsd(=1kS<l<MY69UlyfKBc#o_F#RBr+G>B<x?R}!K&AyvV84?*T~ z=(K4O(G-X6cnvrz(}+j+GYI8+Jdy+qcWcfM&L1^8oWhYAQA}P)o5vRVX7_r2IWh^1 zt;C0GG?Q>N-@Cpgb3stbuL3p~+jBpiDk_*P7(ssWIof4W^Gov}jd@^SB_C49w%z7= z(S%w7D8@?fa($R&i>IObRTy6VJ47S8{8%peY}LCejRmfvoqRs<lePj1)pB{LWlmI_ zBZOjRousASUi?5TFOM5Tl0wgm)lw^6TFzy+q`R;b*|gc|jx?_>Jv6xRJg0OVdvK-z z2(dK%D+e<w=kXDC%wyJVxwG#Ryvf!~&D5h)?!!ckK+aVyHPP!AlY4&oksb&q<huw> zP@!&7v3;=GY?Zw(-fDC&&U-}EDL$>QN!FOPW<Is5c*`rr-C#u$KGy?dKxdxo3afJw zdA%^XA<H3#Z9jul(D!8pMMtvmh6|2_n61z%><;lwTlQ1Y9{Tdl73USfQEQMhR;v1x zH=7|9hMR`+Ub&j0_CEnbde~Dd6B3v9KqJ@O`OdIt5n|{0BZ3Qr@uoN<s!x5bJs$|o zb;0&Nf)I8Crofa+CZ*-2Ij%T3BbZwKbISc(^6lKq(7voUc_2qlJ~7*TEC4pl>$vwx zB76Wz4T3N!7$j!ZeyG!gmP(1U=RSt|pErt_1?w@VnChkgus2j&x3y@Ji_O2R>|${$ z)|D=zkm$oU%9riUv;-&xFkwHzge^_R6zS`ae$iH5ZxEWzu7~BwAJD881uQ~6c3NbP z{9J_UceYl`kKBgYe%%59v5faDUk8sDH)&Tg=;fP_w324xxOrG*nrO!h5qhu{Th^Nt z*EFgN!A?mP`)&$~`=isOP8r!@YU4m1?vcine%c)K1Q#{a3iUSAB@yZe$y`q#mt@g% zqTW6d(E}9c{DFu)`He+tO8GP@kQW*>p7#pa1TZeiZF?#<5GIlgKJOUecb=U(1eIRJ zBjjVo_LWa{_M;oB=wW5TTnm*-YI5(`VIEAp(b?}6^@Oea;$m07u8?Ql*<0X&Qr@K% zL6zvRtz^&JCOPKiHts1jOyjBtk8Wo9-9n6CW-)3wnN^ba$dyLJy9c$Wzn|C1)dGTl zPgC!7;<tGA!OEg=_%-~Fs@Pm4aQP5Ym(ZJz8-qBvf9%;l{!x}$%kVYbD><#Ggj2jE zt1hhEO|`PAYgujrw4bOmaGm-Sm|C(c@wYv&lw!CvKX{n{Quv$6{88Q3*v(QGyPP>% z^1gxYfU?5G=A|O*q3sBvBArl*6$ahp3^e*dZu(x{P{Q-%PZd~~<PCve%IFDQAlNAi zkRGp}OkMH63A(Vo@qzY%NKT?}@u;5|jrZVv5w2pL=nbGNkaJq^&dJkE#X$OxZi+tz zVQ>4u==@ax7WP|KP_VUC?xQC=*F?b#&AB-hE7!LgFZClKuJu;{;iaPKiJI>OyYW~# z1g0f$bqYM-wytWxK3FXU$*oX(aFyHDByJ%41A-z&HRO9K4-#KjUqI1TS+yKYNSdvH zHCXOB{Li8yt$A<GCOKQ%$*F>~sIsGb2?s~*{L(EgAweayT%;>aWs>4xyKzy{kzwI# zAFmK8EU~kW*j4S}hJuFsNzBGHIU-fhU#S0TCn+LgxKHx&^1o6F-H%(}9!0H$O@LB< zc_Wj&=xFiAK1a#RBT(qar#5g1*yo{}#5c!bDs6O!yOsEWGMb|s$~gVAeSf+BMJv2W z;y`zwhn6U(#ftxF!r2qdoA|^N938*SN3P1L2zD-3iO5OsI)G?jD6*y)4ZrQF3)3@c zIe6&l@;c=#W0Ywx^m@8!Ky*1GL!PvLw2(g6Dm6&32!N=t{p5xT1M|dsp;_94wb7JF z;~%RVe$m`d2eM5^hgK#=KWrQ@ez<pm<yAy4#lnN_?wn`{C9h}566@H_=xYRZi3wA? zGcnyki3_d#^2j<j`@&)kyBT*^HOHD7P09m3x@|fK{JoA_T_zgTJp3(5bxpeRAgKbV z1to!nR26?p4>Igp;@=teGk3ves*becU)6g*9X<tbgvS$_uaI064U@Of4;A>G##pEo zN|8TlS7r9GYlx+0uxENtCiq5r)Sjd~{47&$T*-0LJ+H+IyXw-E?x_c~9<%+(!Jadv z)jRXT<Bkmbtsc0(tGlC8#}@ixhtDY1$T1@ao)1u)_Ti{j>vfIWANwB~NaRft*k;zd zYUeX7A_jhs$?k#Ti5XD2Ue{_9=eBP&v2REbBdb^2(F|q^Hq2vpb`w7^#8dP(y;=}6 z0L(@6&+T8XOlgNv9V`?ia8iY%wP`3XS50{TLNCQlugdmBP`{<2f1hHKr^^|Tlf0a= zSlSxdI(63m@ar{dJqBe^CbO?H(lUdh3tzE{`oZci`##HT(YIbwR!){hi{3}f=L()T z%O3}>Z{lttBo7>{yPw9N%?65}wh)Jmb9QA9Kx%y`HWXW#Ar7w<-CE4EcHVEXu~NLr z9c`Q$s87Di!pk71=W;EfI9=ddQixEMuCxR+BF=U)zdnFv$QL)CRAu51Lf0aBkloML z!kmvf1m-!}_Y*ZWs?St0Z(gi(-gO59@Vrs@zWTlVEg4MQP?C|Ar1G~(4zu7ALVINl z->bfMeq~MFEI<xdY}k1L0PJDae7B*><2`_014$G%>#`iVqPR>RSq^$t9hdSmK|WdE z`zxsOMv)rb{l0~K%dHi2DdW@@^@YtI_|qfqEdB5_8s_ZX*Mg#HK<ZW`jWyd1Q;MnG zufSThG7BdbsEvvGvkkDa$`y{pCC}|vU=tk!&c#6O10Vws;`kZss*06B>1VYuM~q*- zc(exiLyM!F)SmuO2fR?lJU0JeBj&E6R}lNVO`hk@M(dR`(~XlVPZNaOKPFz7lK3(= zJZwgJMK(X<U<q&-h1Z-?O^u{WiPF&Df+8H--T6ecU#S6j*~oQtZ(VOs7n1H9&m$Yc z7r$l-cH&B6bfGWBr$XXUp5-vedXx6-=EsWV)|HP}(=XHFYK3>0Wkeuxj*_Ajw-F|h z9qt;PG?6}>kM$x=Q?^))SP#F=`|kHfGQTRl;B8+0L|!^<WF$om;?`Xe8fMx~#wPha z)POp1`1UojVIDx@s{m%r!zXZLN`n1%`J<?iF}c*SQA?1F>0x6!0N)DSy~&`z$zYbA zVH`TL8NBTF#DDgQPRr_gAd*q}IJjAaygf1Zo<a!&vT#Dps`pHT9EVGw^T>CIJA-ZM zSa0lV=;#@m#PJu~Ex&Uq>XaYSrEo<T{kBP#6%t+hwN}sCk+j#5^s$33x9+&jYPJ6i zIop>YSl+a;F<O&oNRBg(P}KeiT~i2a+n7euVNaH8`A=Qk{5U;u=f@(C?p$E;0};Tw zO#%U?4QP)#cgx4)A6#)}AnF0YpVR3RddxdjZcX3V2zB%^FW=gQ1e(Z7uK39gu!Cg9 z=-CJR-FKWBw8#)H8{T7=sC?R8+VX6ixnkr4t$yK00Xr97<W!2<8}efkEI*^ehy6Ap z-b;O==$pCbxb%K?Ty-6P?$h60bI1HaY?h{`9hv>v;Xpq`ldc`E-#GU%fa`l2L3e95 zim*6e`lw7D5qUras0XGGH(acv+3AP;I${pwQ0z&wXcHkJuXX4&Y^tM00g+*7TVALr z@pj}#4vsKO8{`*-O{|HLFQ2`x@f(rm=?ZkuGx9rSNCzmk(ihigGT0@d%wt@yOJ2|5 zFI(NnD}P1ea|WfWb34U^PgAKhzLu#u-rwQ+B`0b8t9#uQOUOqwxc!Od^wE4mpvPL> z&`I9n`F>_?v~I2t%@?*IMoBGi|IO&`E9{J8^8>3?Ub>A!hEnO+G_HMC+Ik)ynWnm8 zrE?eW&{EV|I$dCY*{1GgNjydi5x4_NnX!t^JQ}SE)fO{$I<tUVcghlKOM7^@ShHI^ z&2*(_oz2Y0bV3ip6A34Jc7KOontgl|l&s7JYuZL;oYgM8FD6=5ytsIhiD$DQNU!Zl z(qJy?=b+p?t9JXS$ClDYRB5+Rnc=@zmwbD7UN3iuYdlT9MUfX~W2d2>zV)?HiQM+r zv=S2}8jwJv`?s*m&Jf3uw0E&&n}eT0t^x>($K^%R&T|LNONDj@V4CqHhk#8sp)r0R z6eQIB)UX5#q=|hT*b1Oh<Oh9;=z!mgDoVO{co7H{kwwz#7p*MP%sNeC$@DIFW*ySK zjhKm&#}$cYL-<jSRS`Xd%7i%<2L+dV46qEDnUj<oj+QUHr0&ShR6q;$B_1cAt@z)W zq8#^M^jjAGM~&~6!Y%j|NSH}6O_G40Gn9-omFv;lHfM*I(3gexq&;sKRr(UnSv`5Z znGd#gC98Yi=2oH5)IYN`Klr(PyY2&`+axD@8IK-4;pEHt0m{D^Szb{KxXYl~?fZBA z^O>tGR<vZ~I*hc`jr-z^i?-85<{vaN19u!?&x~a+qzdA6gmCtxf#(8a1&Ga%fh@%4 zz)GzL#&D+en#R;mz+jBOb<zKI`c@UV7r?YCDJ8T9zE%gDdjY9Us<1w}w63s|ixVY; zSFaH`-o1bUkZ<w{Rkh{ieqwyn^f%9MIObf8zBA7aCejswD+UvpEwo+B%R=S4HNv;t zDeC=IdXZz?p+39C@rgz;cE+?nk49G;39HvkI(;t-YA&Q$ysEZ(?ig*gOTDpYiLWGB zkb5E2o;u%BY(JlsnZ9FaoX8<}rB$&`hGg8?e`EmVGL|y4>_ZW@Y$KHbIJ9`%%%yWF zFd;-!7H~?;0vt$zNu~pZ`?inU?-lzF3tYNiWsO!kH5k5!dH(L&VmQ~N^nRBeRbuvD z<Ye{~{GLVo2OWA*^erzT1#WDZeT9XkZtW_oE*!RA0zqcTCMA!xQ4c?9@T`?TKa=h- z9%%BtoefijL8e`HYe=L^&996EeB?Ra%`(o%btUiNmX|re_&x$_@TmZYg7yt_JjEm# zXLwoJaqI%9AMSkWcKq@3-|_-@E>g|r6#M|+oMbbD8V9_8VnDzb4G_S)`Hp;dE@~eF zjj&%Aj}rRG<&@6=vnuBBQ%-gOzYyDgFo_pFcd9MclK|5SoS&uxBD3kUuF_Q`y{;ts zgI^mtYI!QK&6p#4^9sX0L(Fe;n_tcveY67D2OHnCm35Pbs*EpSm$=T(NoZfkMu^BC zKh=Yy#}IKN#jLsF3-kt1W3G10YQr$$4>ptaaac?+*&_xs7Srr(%HzklW~MV%F`Fva zi8>@5y#5|Ta_{^qhz>k9b~Fw=HhLsFx}cAuUN|!1^oE$Co5h)xjna5(xiy6m3P^GB z?dLN)N4q~Z{Bd1%ML0y<1wm`fSNKl*L8zKpdKz-JTg#(CHp|mx-Kj>E4dTTuEjl*g z*17lrEE!zqv?TtMBI?G-nKnB)SL>BM>hm(+Ph8@f_iXcgnJQQZjVrvlkJhi)B4!SV zywpaKuf=2bqd)<kMnm*DLaG4@YzBw_bYJ(+1I+@+Krl$CXoki){RPG(mul>_2arDN z<8E@JZs;3~q+gc1T<xF}9r@j}q5c($)*Fyn&xS$i6T+eHV7TCE&?%`(`OEyy`-7z* zGThR{9&Vsyh;4J~u3U*-`dKjy!>g{i@3y=9=7_9hgxYfC)Kg^YYeVY6F2z)nlossk z7{aZ><7aMPNfrnyxR>a@c5W(fl}%LrDNQeH(O*|46?S|qI2iD(#s6V0We2=H9J=nq z&COI*Mwg3!kf*d<i^3P`VySU}m0hUMKpHj)^S7P%PJ-@^s|=PvZVA$}O!XWYufC#k z{XN2CrKPm|k5}>g<q5VF^B=eG-n<4TXmvyaz6;QJd5sC+1lWFi;Q71SPd~{e@ov}C zX+~W81T<+&njOBu=EfuXS|FPWcK{{Pk8Qdoi`j2YD(}wqJ^7+{e)zJ1VSW3k0y7)| z5u`<o%h&Vj`VMz&=R1)frYrxoj#|IjI;I7lQ>s;5VsJ1osL}vL+&bwg?7+yCZ!0eW zp7K^jZg_8;?d~~NSin9Qom?f<d*9xyZ1e}FhkgAy^nl4;m!8Y@k=#>0D4#pY#yD-7 z<M0BfLbB-cONSvK-2+`7_1!bAAL#Uf>+ZLnkxMp0ub8>g^G}b#-oP4_5wvQ#c_%K( zwfv4xmjTOY2}LuXLhVMY5YKOweB_h0CatnspH*uzE1XJL8(GcJ4O3q~Gfj|+Bnnk^ zQgQRTqmB2nvf^A-la}I#;d8&FF=G7@E~n4Lt3H9*I{MsUAv^nQ*!HBP^6peFpdt&e zYvHXoV{(BTMj#*2r-$E@JCAn$8SKfpAPCB`%v#B0Skh_v<U)Y0W6czmedZ1z<%Vn5 zGiuzpN_N$v^|&0AgWf!M<O+2K*cwUaatE-<yWa;RD4(A?0`r040><R)qwRny(FfKe zkgLk7s~v?IZ-Sx6<z5D<?Ge>T_dHZIgod@#PU&rjJ)4Ej+n92<H(~l9TW4lv?ykRd z#C1klVCb+7PMNB{HH?y;BmtX54u?VS0u-o(IAxDe9h!H_>!A@IBir)TEvX@6(#FnL zF0Z|^Z_MbOl<(oJi|X{XuMYf2XAJ1tuS$vfRCHL`xcELZCCE+PZ&tY`?xqR+M|cl` zzD{{Gg}D051w#Aul)M4ac-mpV1Il4a5jgU(w3x6RM5rHbcoCHvR9onaxO?g&o~+MR zQoGttV~4-S9dI7hEiRP1u~KW~mjC*l5Hh?W2j})~lETZCxSV2i^R3xVAgKLVTfbJx z!iIPQLU4oY#<{;C;IJD?+=_v7?*EEcc-|`RhbD41igVAt8yF6AG9VdjrlXBnl0F=4 znw*LPV@p0`i7LOtKkYmO5>^YA)`<k>nbX)v{Rx=f)I18dAe}%r8Q<A`l_h&zoCAzC zWR$h^Nh{6_{r{y(>2f;1Dpq@z0=!k+%9~|?y<qaKt)ViVIWI^5G&yQdr9+zt15zF0 zbg+&zgckxQ85H=<*hbew0c_ZfHf>T5@V_|BxTm37e|9Vm--+6LYy9;pgptR2h$qzP zDg*cM$neS;Bz?n{jEHalx9`|Y><|yP)mS=9MdcH*2-{h*G9z7)Q`01EG!|W;$Fwv@ zvqqLsMmaSez*YWH`23q1TT(&dot`yi7lFEcYSYLs1RT&$+Df`vc-7!IJ;d#abT==q zN%J(oiCFiSCzdjT-BG*)@S7DC%OXGz?fbQs?FxJ_^4vGs1zQ%v$0`hYFODpP>zWxz zGy)492q#J{=InR@I8az`tPn(CQS@$(WRLq>(r07$x7`AeLb~b*Dd2wxpyhg<8xMbT zc2KeP0Ik#4V@dPN&-6O`(=@2bK-nUl_Q4Hu(neM8?iRL060Vl6fuUc6j$j7ER7JeA zdy3Az4&G^LwP2xPNWv4%AUjr&lDXP_ao6|Ka>=bgVs2+Y8!wTHa>t8#S1nz`Six4~ zp%jx3{0AlbV1Q$Ni<wbK7vyJ;41=VthfM%T;Msm>euMUpYdEt?g+4nLVz~FUc>Cut znkkXN$s^*rdOf`i1etIaV4ba|c)5;W;8?g=Rq@2k)EWyFy*|*szz$kD^0P#WRfmhJ zJs4GoRji0=Us<+sV7N!|=>aPw#Yv~>T*q&TXf1zefd(0LN&NXEwdZrg0j0RzLDFK` zewG>~9ClgkMs94t^u3jVq-k8cPy}w~H-H}EQQuP?--&tl0CDOcvP%Xb{wt=Cs2ihA zs}EN1#ZjdMK<k>{0lfE4v0Q8h0DE?=NAVy|0RpgonS<dO-VB*sn;Z%U6UaJYu#s~8 zD=^cj8ZOTXvas?L#wpCLf~8z;=b4Y6FMU?G_N0Re{K9maeTFZ4d+%?a%gf4@2yFjb z@Pqo~3tKOVdJsI)a--PewD&!~Do;Qkl2Zw2da-N`oTc(*_C0DYD!*asq$aI5T<dG! zkSb>0u%jvfCzPzb5Hr5IrzN??@@O3Y%X6Gz7G=^8Obd@o%265d^1G9jdAxKrph=WX z_v@NKbj9Yu0Ci%D5@6hOJKe=nTXfB=q!|Uxz(mK_8>DcE@I9nEy9%$oVyk=rzE2U; zt+bg}FviF|OsuAp5c;ey`T<Y;{zWY+U^QB_5j~Pl;-FJMuX8H~+;#Q@5i)5vsQ1$* zfa6FhksqoZr?RTiXBZRs4_oyG-v&CpND^$ubbiLv!PA>CM!C@Fd*;W!RWE%_bN5C< zl|qt)p0~UIv?4ANfq3U>!byV0!YHX<eSh_H!6et(dca$f{$9`ZcnY%j1~_CK1G`ID zH_110wJ04ny^8L15u`=RP|fIc`44ix+x`rZ90&N+&g_NUph%X$!tN(~Kau8Q40k1= z>%p(Wt8sQi!2+@sUh@hpW;ZL?y(b#1-lu6jZ%fkj;gxE{vuoKuG}XPD+OuuXeg}hS z66X9%tHf?)VjxH*1&h+(FEh_#_zYttYMr`ry62Cb+XF5U<zw+~YRT>!>b`@SQ&%JT zf!ppxw3|Q_bN~yqD1bsr#&J1zP3Y)OZzsU>@laY}*rspBd>=^FWd)9x8jFIhh<cU+ zYZu_xLK@BkW<C5$HE{Z9aZ$D81HZw*SlBaKBK!Z2MUc^n?TME8z!lZHBa7xltyQ~K z@ND-cM0tvAk8ujIPP+A_D9x5U4(NUm%YN{2a4Exl@29O;>;Tu8JO2XiKxWHRV0PKL z`-*L-`np{YO`b1R;up-75sMhw^L7I(i@g=b;m+-ViQQK^N^bSIn*(y*p;J@5RHS&> zyYTP{PYm$Pg|AEPu5i9`F8c;@-^=R{bW6Z40PN<>0}>YM2z9}O25&m_NzMlFcKMa& zANO3RK8Crfd^3xLN&=l{iPA?Nncj7keKrRKyhxGrq$|@qAMny>-Tp+0{ZigqIOrOl zJ+h8#9J_xsZl2pvg+n=*$}SM9!@Ehahnko??_xz4OQ>1V89k%Ym}Nt1P|;jpnnspq z^`1-ce*J3re>+#ON9?aVjRt~oul=Sg@S;J_*8U;l+9M2J(Y!g8*y(NbW323oucfbp zOq%mgcF^WRLWzH^A9KV&vPT7*YX4jgMz+H77{h~(09LC7tV-YG!=?exHz3pk1Ogro z-w0LoF(9??H*`vYuy#O+o4Nd69r)=<pH1ZfeqDV4M?K=j?<_Tavq6Vn)>lV37quzy z-pG2v8l7<Z8RPT4eJ$|NOT_lAFXo$S>6|W3sqgdnZjE>ZmGF1>Us}2$8nZwUuF+we z67c$R=3rcI*6~0s(gFneQl@<^%*`Jf9evL}6oI7D_|3w!pZ5w08H(#+ExcFgfO3kF zAtkXMtFPc%TT<6pVNEK*YZ0lwju$xDOmuny_paL*^#I_R$g4BR55S>x4LFaQA!dA8 zXh3xEppWqkp>ih;Fxu0ka0U`CKmP{iyHV|TIFPopdANdI?D}%>_2Vf$OtWmacjTuz zc8Z+7*)v^bB`O>C;6cjrpt3)5xoIcbMc*zib8;3|Gfq=tC*Oc0$_C|^AsK>gK{|M} zrHW)AS^xKPI&LU05;763`}I&I49UwU6m%=+$0qfK)Jjleje{luAI=*vplUiQI>4I* zEKJv+2Mvgn5z5IP$W2&LnPH_e_?o;84vraw!xMp#2}rwuW$!xaG!AF)+yQ{!?j5k- zw__+%1D+5z9sr+jZQZiOJnXGJu(CJjo0%*BNC7sZQ!i99B?m?t^35cxg!JLbaO3WJ zKQ5?H3uorMP`17i_G#&R$!8=TOZe*S$fjh6<&Q5uNHIe^sl+bHxYBuRt83*JbU@Eo zL|Oonxw{bTc53AER-+wGC?QqD<GsLx+w14e*1lf?j)Bc4p@62(^pDyHIMk+H7g(sb z?-f3;tctvz^Uq5*P!|;0_>y^s2oz4KSv@QLNS$aZ?6B-Nrtm&3e}0JOdU3gctLM+> zdptyUeSxS>M%Zh=+6Wv?vR7Vxmh1a5Sc8E8U+c@rYj__xSg%`&>PGvq6~L6|0c2HB znyQc@rmcFZx5wifE9`shTC6*ke)0kG1-sFBKc6JEeExwY`R2Z*!kQt3OIYT52?w&p z(Dp6*{^`<^xc6>04es~kxd`qpDgJl)RVvN%k+X)kyI88Ey@<wv5s5%C#<erZU25|Q zYr;TXE3OT2z6BUUUjqC??EbR=*w2%<jB%MILRyt2tpb;%1F-r~5~ybLF8gJZ8f(v| z%(buNI4yUO4U`_|(IgUn`xIZANo+Do0n(aB&x7Ff53V7VLuB;uwt8yvOWr@$WS*yG zC4kp`gLi)))LX>^2j&SuPv(bn5N%#!D`S0@4pQGxfR*2eK|_6303%m0g;(;zyw+j* zC!@zrM!jq0uSX{bmmb^*5#bn|d_OQQTrWZD?HDY4-OShZ(c$3n?%+KA?Om@pb@b~< zwO2#K@k&?3fE^z=P(p#}vACS#Ab<`I97SLHqVN)Nc_w-I=??+duSa2sjjyHS)?PL8 zUw^5Tj{a(cnQ6(qFsobEdG=JNiT;aYZFT)CK$i`a|3IeJttWfJf`VgH?vqCa1Ao2L z3qGj6rNzDRYyec0#WwXb0XT_Bl_kd?XaHl{FlY0^w@Bk|HG=d}3lLO1Y8>M5SsM|_ z0mF>FHUS&7F04A?Ddx?aw%V^vAtGPZC8bubjy`z`S7gVCy(-8Ts5g?5g;T%We#K`- zIyB#MyWG?yEN3_3Z624J&WGMLEK)}#y$?x!GQ)?->7vGKclgsZpxVB0YMKd}zH`t1 zd8OuIUNeP<@s<uaa|CP}7H`ieF%G#vL;K^kdZ|?I6Z9#p2~@d5C!PC~Mm~pY*^+wZ zpctS?_2$T*NqomX+5<#s5Tt-5qFg`SYIKCp5(FdQq(W^bvf_p3H_zpbiPx=-R<RmY zTOHtNG;|Sih(DjhtjXDj*u=y>LzgS#z3&frS5b9`-niOb^Tht#fm2;@vcqcOK~wbA z-0%V8vR?Z^G;*l#CTdf8cFy{8-v=8e9T3c63&cuiQ}h40>Lu+i?;tL_@M4C;sS~pS z=K3|k+^UBzQ}lH%M>z98Z3hXL6h#%2Ix^w@)C7NeG+qm}my0UGeU-Md*<+G<D-+J$ zdM7(MiDU&)yq;x^+jTh`h{_Z8k!d<wu6AwT8x4ZmZdbl$lXkST)QHy3Qr6<>bygcS z+jRu@xq}1K5G|B;ox)YoO5mVJ_SFp6Nx5zE1S$eqHKB>z6;z*=PSZE1M4Y1Z$tlRk z>zxrm&{`SYsf~Ffbw`<;Hsgi{h;{faq|lpJ15}>+ec^`ZU$)B1<N|66%T@4D)w#MG zM1?Nx>K~g3cPT(}S=lJW+4WI;?I|B(x$+gH7ytqOobpn?FRK6KUs`X2d2#btr|!k2 zXVM;SduqnrUne4fgAnMom)C^3_ITEV!P|keHxnpE#kksM6Z+5r>>xT}T&el+UF%R^ z)V_gjvWjAT37Vem$=wSqJCj#0?X=kFm%q7ONO8xhg<%_d6&fLr(~<tH<;Ts=(9SwF z!X?8coXd?r@;4jBuZ;deY~Pd{k(S|+yT7W`w!UrYgtq9#YUW~(0~pS{U3RP0(&dKi z;o8s&^ED@F{SE3O`y&#o$zW_@b#hi828BS2el@4^u!Pydb(-Cen1q_M)!QEnfaG&c z<5t%YdkZ-wuu;~Gt$^cB>1dWGFo*UhzK-xB`?o8NS=%6|fchAmWCKU&sIUEOt0f+2 z9U2u<xzIf%ck2$!iK__s4h_rV`Ge|ORa`8q{>wq>vMxLIkE4%XNC+Y~|JUujcTfEL zwqCs#9tG7!OqGGecXJ+Hc{MGopXp*>%<C(-_PAQr-k*)#>v<QO2*TM))$!>x8FMp{ z#yVA5koE$W?Oxm{HhaDZ07|^0o%DEQrS_%-En|9Lu6~2>Yf-rLa7meN9no2LxdlY< zvD$!Avu5bn$Vko!1d4-J?7Z&KNnajp@va|f6-!Ot+qbaQZ-6aXF(G}?@`Zzb+Qq=n zFBc%v_UNJ9)YvBez(hGH9e~=DA$|1kkr3R}X@aow*$US=7It8a=llVA_y!y*iJz34 zzPoW_v593pc7%ddp=5J^8(^yTjT3VZhF)MhvB<uByb8=!7hQeyIss$yPi^jJR=sBl zW+x1H@S^1rLm8sO^*==@q+XC^2<Wc73#2afuiWl~FwRbn6l~%UV(V+KW1lNK%d~8A z{#ku|rPX3DPuzMg_VFo7O1=xBu;Nr7{S~cRwJa(MC}5I=iXg4p2jD1Di$}VdIs-O9 ztl1N({u$Qt@D$g6$-BgShJJ=x)AiZu2Z~FD*M?Gg=N0}%3HuVC9ZJDG(vyc8JNK~i z@bnHvC+Qx4q&$!D1*(hjd)CQtum>hCI$(q*fc?dC5%?he`^Dgul)jM4?oI`~VHBJ; z>;mdmk+-7Q@1BGxINsUBPKGo>=fFXauqW+nl~dlg()Y3r{f9-_p2z!n8|yO5>=euh zdg@)Ir4h+#Vk$z7i}fPKbhk|;;M3=ifAi&x`L0#_xPI^HRXjsW$>U~^_XJ(HV|L!W z7MH52aMB3B2hO_Q|MC$kD-&}iccKhUc|x85WBmY5{-~#l-LeK%;)&k^qjFj3Mg{*5 ze5?bT7vm8BjBj_Zwm&pLxlXqgYy#`W9~;hROD4Jhr@b=`hr0jw_$Z;eWh+9|ol17H zWmk!8X%pFHiIFW^ma&u~lBg(5Qz0YE*vVSS5@iWl$0SXI!Q91+EW`ivQ|CJ8f1M}i z$$4^4k94^je3#$%`&r)a*N@$~f(V(|hCuc~T`h`_!^L2!Hx|FLdw1v(Ax-b2-^@pn zRKKne1=PIX7@WCyO|%nz>V6(oF$wYV(9ODcPjRX0Q#-~slDB+1U|{hNV&}0wPmtLC zc9MSfTS}gC#o|1(Q55T`!uM7-8!U7r!ig@yV^Uf`Wau|9SZWLHmK+$yBYD_vUVq<W zg|xLr4|-dXt4!-{1tIgZ&$3&V`{7~!_P*|@!woYUKmVff6@M?ThZ<F;<%pG5a4=oG ziO-uUS1^~8HuyE-?7PR2tk-9^7bAr%D}VdSnuE1Y@40vEtUs0k-PoSE4V8&QzZyrl z?}JV%Vs-)c|CyOtYKH{F-2{ml=r`6QV+9QvlY~i<!P-F1`QmW>eC^_oI`o2WZ!e>+ z`C%_`EzIjEGR(1EwYKy$zdeR)e$SNm2!Dz=MeB*D?GD@~JU3hyQ!a%H)x)|c*=c^v zZy2I<Bg#;{ghi5vhE$!I945%8wqkU9COhAY?KB2$xlgX6z~y=eTDMxO-NKQLMe2?8 z@G0Kpy35x*5i6#`rDVUI*s{w`xBT$Nmmg#LW=A(?CfG)^qf^FVjp;u#Zh?F~`9aE% z3<Q*L+ue?7gWZiD<z4fB<D-W3o;*}zEq~p>30M0#6WTfsH_Xpy-1DAPQ9M@j3==pM znx})s>VMrD(WC!YFQZ$Qd7Rck7>n~Yjt~hrVeLmu)BYm#Ql_fM7BCO1*;f;12ZZxx z#5qlEtFI|@Vls|3Yg!8o)TLWtWSLWVGkb~nj|dtfTlpV*Lf);!_`Wv^{qEFOeqy(3 zb<be;O!BPA!1I~PeFwew7_*C=o*=n6^cFIs?BhkyQS~>%fLKT<Tjci|odvrx)J0rf zr$O$JHx#0{%yakyPO~|Vvuq<$5q%(y?e~O1LoH}a>+@M^MY<YJZa);jLLb|?tppE0 z)5<@TR~hPVzr<*1^5aOg=&n~-7Vl(6CJc(53NhkhYKot3FU;*Z)!8S<6{=@QGK&95 zi^(v5J@C|saW#W$b9LO*y^xi0HdATOp0rOaXcZmb$>eQHWs{9!h+bdAzeK-gqx|yJ z8MHMfq_!fle)atI^CIfmX+u3w1hZYU%Uv3bWi4oUu0I}nd=kx9G9oJ>r)<=DDTF>w zJ+oaTfZnh0hL1GJQF^8OoYrALX-Ek35Z)^U<g`J#r|}z~<=G&^dAPF%*%V9rWy#=R zhWe46Ueh&jAJLn?yv(SX30iDd-7NtXizg+h@K{6-r^?@{T>sahUWoJd=LafEW2jX~ z!7FUlb_7$L{_v{jO%=>&rh#|tS<=H!{_ENbvRX=q&qq|t7$$BrJ6Ewk-HE1kuE0Bt zJJX!q+Fz4Zbx5k<Fo>zFgUQ_|JGFoG*R$b7*W|5&>S-U}Dbf)a?_7DmTN7T7NfXdq zqOvIbuzBXpY2@Q>db0Mh2o^6~%C62O_J+G?ugPycvvu5TJU-qYTZ1}a_XyPb&X?x` zd)l9FkbuQ=;v~{Ldi!Zt5DDX6{xZ3CtKy<iFSc+sxP@3=wv*njD6^!C49G&!*;4|l zw+TE)vzg_KFuoO=Nj6A~M6A}hjY;aC-_*#3V;|ijc2q94OeNaSPb8!hmp*(}Tnb>g zdkPL^^*7wbt3C3KD{=4(G(>|H4R$T{G3J&!@r$OAW()d*_jWrnCs7)|ky9I!nQto0 zVDpL~bWDj*&%dUBA9^H^^PyjL!s7Z#kMRI{$R(58tMUg7gX=D4M6mKeR`C=>j30&L zDM;Ox$2aLaJgHXQ3A2{`ZlDp_IVdFq1<L7^k%vPBkgV?P+HXArn)V)0;tOr{eys#m zcO>YWwiA2J8(Xsiw!r`k$ImJO-m1`bLZov@@QpL%|EpG|CXtct4ROU>=vy+BwUr?q zoUP|DOl~Ki!HJ3@{vv$-YPCvc;xp-i@fXC1h_G`(wM2Z2$1=X6ufcSJY3@fnLAgsh znW3_~NqyW0tiC#6^#xU`?G8qCe$~KEPQkm+M~*O+FFRC+So$=gSW~rVM>%3a*-amv z+GGW~^Z`3ms`R6r#d}a(a6Y(QyRuQOcmJ5u@(UsyzRj{#rWg^z0TBKn4QA*BI{Jzx zBH6|91s<#hB7PXBoQ7t{uVVEcn1{3A$!}icj6%8(qxN-o`(0H(+blINEdPLQ(dqqu zm9P+TW6-_mys<}K_-U)Bax~4%2Ca$i`kP%h^8)KXS;BZOK2vYV4c}7>UM4Jih}$=4 z)c=Svz{W&9fnG5m)D_UiWBGFeLeFJCZzR9j>JXlE$OBSWpgZ_(3wn3`?1yQI9haZG zIzqn^Usd}?ZI?WprWZs?hB}AAf})gyaZ$gFm?l!g<e&_FP?0r2wy4nZusMxjhlgCH z_y?u^##kIqBFPh4_E1oY&-NDa86yfj!m<s|3<RAxJL+|6EZ6Qu(LS3^$-~JmY016c z?gfTemw&!%ptxp3SlGr}!mSRS`2+A+Ky9QC3?P#?uDOHft3Pf3O;GL42?*Mt*ze@l zrMsTwAeoh!jw%=XV0>I1ZSh*pgWOpFc0hWr9o9OYoUb0A(XlL7ev)3T;R0HS;z7Q0 z%H$2Jm#ty<sreA^&%^#y|FP1j-)Qbq-mezTZEP5))1a^nz561CWpjuxnur2CDhvzU z`sD{K94@Muj?JJ~PNg|%Bo)81U`EYK#l>)F1K4aFivkg1c7Gce{+IbnzC`DYf%C5{ z1r8=oYTb$d-pO)wGSM<K#C2@gG9Didn$TWQqjZeP21n43ItjGcmO~T=Hv#l@wm2zH z%Zf|Mn1hVn4RlF&ag~sQBRdGvR-||7cW?rN1^0`qLYcG%fMZBrP?vKqehI<7sm20S z$?U{PId=dIaSlof<Xwzm@N|~tIuk1RiI@B%_S~a=P}wryse(#!2S8X_@E*fUM{8U9 z`c^(fx{>X1pFyzISy@|%YZ?}L$bO(|zI_Zg`+$uV*ea<Aouh`a+x)nB0$@b$LI_gB zSX8xDg8m!K@%?mcA$(Di)M%X8q<aw5+_}A-gv5Q>AzwBwDI@Owc;T^K1m~X~Ne@zl zenbX5g**=M8*Y%aND}R{;bIR|iz~xb0;)qjVsvQUTLxx1O?Guy*14TJ*xNuks#2#N z{|oO?0|=03)y*`Vl*J)P`_IcBD(yE%D!a0yKH4Ga+pa$kzd0b;r8A7uOM!rF;^h*6 ztSn1AqW_t_CemlSF=bzNOSS(c{oAwCgHKkqK6LD3m%RZ!)f%5p9N0+A&tX(HK;-Nj zeu1x{YC~X^{GI8ch;yTg0x`+?^XFV1TQ@fc$2%acQz%yYY!g-hwX<C-?wiFcXl-`Y zHVJF<)q*s$3yw%TB{tMVHJ>u5!n+SLD_)ouXooT)tJ7w86%94j*jDSz;=d)->u>gT z)gEDiKLQ|eM<ws_NWrXL3vCWq@~S`@Vucar9+kG?iYstCu6uLkQBU~NtgXsi`;RaU zF!p^F(WGn%7V6r3q8~N14z28RLWlDAD-MJ)!|_sAUm9!8P>q<{X)3BXU!quo^o?@A z_Gs0pR~w9u`yB{Wzr%vcg1dc*Jju_Ty0>#?>$t{N-Xd+PpM)2&r`q0LP+1Q`+Kxuu zR0LWTxnqM!@epL@l8VePb?TCNXzfyyqD*L4wh>2APp(@H56xd5JR+mhW32q4BXcY! zG9bABZOuHyl4<^0iX{$g2&>1^367++nybfBy*0VFKo~b3bbvMT#8(ibEYOtEbH(xl z*t+W+mKF;OgT+h3(v0S7YwP6R$Wt#N5QhFHZ6!hXO%&`zzPWyokGu=!K>2hO#x+(` zh)c0?784I~vl@BeP*A_Ra(|AyYaJ@+@E~K_A3ke#fifE>xGmNa<>M|FarK<ys!fgt z*L;`ts0zi=f1_;b{KxMqm>H&<ObFq$H^yc%jHBys1Z?Gig&zO`S`KXYjF^1$)8?6J zieshoJg5zmnPM$UbDeZ6pVmy(I#0CIc$ycX*n9~SQ2HMleAo#9H<H?mQ23<4*5MAF zCOGvp87#q19fn+JJ{&0GyE!sDJt2{|tY>&ileJaceZ2U*X}FwG(~cH6;@j6h>w$b0 zj_8oE4n4}>dHFU<=5U0o#jrdXzOcy9W;TrHqA$C&?I@fcxPbd68r#EQ_H`V4wSRs2 z=-<plGn4l-WF$-=i-JolO+j1J^%jfn6Q#<si5Qyd1nJ~L06^pNn#5%^A3h=Na^*6# z5kVF$`UZ?1Y1jiW#!qz1EtrHdD1o}#u|#HB1Y(}pTa?EJTTJ9Pt4xk@bxa}E>0_^s zBRr%%`CrX;=Opi+Qv&YI+^MeZ;NydU&K$Y|bKEF@V-MT6VLvbRy*o_#&2{6@0MYQ! znZw2qQ*A}JBE=8n{s}X7jbe%9G~(Lz30W)oE(zhhp>x(2lwE8c2sSUWNEzY?@QR&* zixx2v!_J}{yZsRUwcq%gJ4irgl{iq_8niqXmM@+u^UGQ;Q9~(J7^aVc@R+T`Z!t_e zMPef=GPW2F<sGRaT^{5eNYQ`JCk9w5${>9~YEclyKFDY-VMA4AxYK$ku~zM_4vSfY z90L#65rvt2_pUEJOl+e37jHH_skJ3mXkCQYlLMI2+VZOGkGkcoa2lm%oi9u2;@)|4 zKCMJ7PeFtznnAtQdIVv+@f1M)61*ud@Gp|~%?!aoSlv9=au%>n0bU?lRJ#sd{x)eT z)I@Y=UAWaKKgDh0w#gN0(*5yj@{-vCd5bgmmdeP0u{mPdLTq@*p$jo-)3*{Uv-I4F z3AZ{Nb=S8L3bmr};^%E4tC_0&UH$C^JH+_5lUEy>uDsrI^f~L?;-_9^x1m{;nY>D| ziwP$Ksi~^L8I6(7i@fUy>`3y(?Mqi5@KAuiAkxzr(`2`u;Nz0}n6>Wk`y4@L+5?Bz zsWQ#vT`a4Ko8(R-I5FKSBTmPFo!pd<Usx`kTe-0hL-D)5Lzr(ojH7UGwn1|Ep{&%= zm7~{04b`6B=k^LADW>T~wU76$le#8Ky5GHS$T#t?nJ2!L^n59C-oBw8Hz!}cNBe*k zsowXl-8=Ul+ez8uHym7vMK>FP@mKq~;TIQfZ!;xb$9LN%ll#U??elJ)f`j>+Ds6Ip zR#{Sxea^9ykdWM!l0~w!AjoCut8uaSR{d4FeCzL$-zZI6MuOwul<?;Vq2IkGy~h)$ zBE0W><ZI;ZC0LkIjyVhzMG1zu`ae^#wI^uwj9g*As{e^{cBJjyH0}3>grQeUgQ=8n ziPdX7%QDq0&*1F@ZLZLQkfld)WF6>YnUoZo?QR(1rfE9&+V|eqh>48<{ma7_0}1Lb zZ_`NcnehNV$fF7=Jr8mi-&{D`v0A*;IqxL&MFGcy)Y-63`f4#z@ed=&>+@CpV7eYt zCZTF1mi*r4qHA+aS(q;N)7Jy&fk=OfV|43)<Mr~fZ>&r_MIu{2eRGQa%=o9N)3=O_ zoY$mm9z6;YSYNTqlqtimw5Qs{=@#3~Iym0!CM`+&j}N{}ZFE5ZpXmb3b@_@SJ?6Bw zRt6F8!B-<%vRaa8y{3J8Fks?gVM8hMQ&2upzd;u4UlJuh^?f&O0FcEbX&Kw?2aGeS zYT~KOCXqomVn}E1g}McvxA&}9JECKvRoHtntUaXp#9Ht2ebL=X_zC>y(Mj&H-ylo* z12Cne_8L2Dg9>C>(EcUXn`h%MP5umnrckQaj9@m7p^>dKl8k?MY{_<hXLQU2{vc6D z-CD!z&gmnad_vgil$P(zl&oI2Nrv5Nfbd1zy-Rvdac(0oO^-*m`!0sn-?`+wJ_7aJ z50oAp+KTRrNl$)eEA;s5r+~+w-`6fKru5TGf7(!rcp?<{SS|La6Kf<!9@EIR*26ED zbWiAKyZam6zbU?nvYgP`^w&CUURU>}t!%=iU_mI`TeMM#N!OPhM=$wbxnG~elL_DA zB{;DDLfQQ<;gk2Kw3Bx!wCu<Ewf;L2_IxL7$h!*P#TjZbEBs!a0v!CmAa#2#(&t%a zIq2y8plyrm%v<T-h{v}=T~bYI&L(?SXLVPwGaD9zHb(u1<?H1qJ!0M$^$2&$jXs#_ zC32`07_~h8&e47Ug&XU}*JF)67A{O0E{LuIk{ZcI*1{6NyOzIcd$A1c=ovVq%c#%D zJwc)DUOKt|#=$KJLdVsohPA1UxRCB>z3}J(pFn~FGmMtFbsB!nYml6UbsSk=!@VB> zuxha=xRye3d0Rb?wgZi46po7*8RtH`*U0|?&ae2!^j_8HRN<_J*ucr|sDvZ&M-T$8 z?nSoscL6*ZK5T<AF-{Z*Utj^+jXFT~xos`fuV@t?(uZz^M{6u{3xe_eO-AgRIfwl* zl`Gc0#C-QZ;ujZGRH)R|(fBYn0XF8!IXlRKd6&*SW24VxTNl>oD|EAYv%9^z(Yet3 zh)ub?4DWp<xx7<A{x^jeP}9Ztgx3fA2R;td@aN48{~zJwzmBXw_<iIY`11t(c>-V? n{CRB+3iaphJpbq4XvAFO)j1m|?i!MfoPCDJPwEvOb-4B~$%|vm diff --git a/website/static/img/update-ssfeat-flowchart.png b/website/static/img/update-ssfeat-flowchart.png new file mode 100644 index 0000000000000000000000000000000000000000..a63648a5f21e1b474c24c54318368e3b06ded10a GIT binary patch literal 130472 zcmeFZWn7ePw>}IAN{ED%NC`-nQYtBpC?(w~9fAxnG>C+Bigf4D4MQVc(%m^U3?2V# z?&rSu^X|Rn`SgC=U*HE^tn<9iwbrqY73T!V%SvKnl42quAz@2Pi76r>-IqW@y4Q|= zANUQ2suBwl5*3oP*jptho$XnS`VY#t9S8H=1Jw2b)Og?sB}Lk3x+iIhKf@v(;-ykE z8DTzuu0;Kk_<3|x>S8z-V^msD+{=M0-TBemnf2P;n$zCXhsoDq_#ywcKIC-DCE5PO zv8W<KHsRIh7ByU9BxKY(zIdVHN>P(Yd#YpwqEmSyq5S#F0xG)1E4({IAY@bN15e;* z<>oTnAps#8H^}zU-D`LXw*XJjzW?}9;jYaBD^ZawlKrRG`HDwHBK;#PEA7uO^4A** zbF{p^^HqUAV9*G2L~wlgAdYwUN}hUO?e9KSWK?_!Pd!@wpFabs|HDen=<9c#IO4x( zgOHk~TDZ6g#s9-f-gy0YDi`>J6bZ6-_*XM?rojKO5-Lr?z5j4tVH_x^G#JApN(BF5 zCBQ%){GWmRTT%aKApgS}{?9=EyZ8M6VIab7KH=CNw}yM{7egvVm(x7fv&Qk2J9Zw{ zGZ&#de73LNX{?AvMbUH`h~<#ty?Gx-Vwt2t<&mVNQfm5^S-CtVn&ogWnXsFnEWWV7 z+=PG+o8u1brD8*)#t$k`D;rv4x#~ir{vLBn6dR_5>E(o9U8><s95$m>7pTmp%9NBR zq5VHJ|M!nn&1fy8L9PwksxV$qq1*8)dsnYCs3mY^!UV01ygWfYM5CXjgT?RiD92dl zP0~W&TR5J7LetP=_3gm}OVF7U58oI5{LA^ekhM}PzoRJ(nRjfR4&2P@11h{~iCgOu zg|=iE|NV^r%N@}ph1I;nlgBK}Zw!UXtJc{Z+WV7Me-L&x44_e8aLVBOu>0l;OtPZ9 z#Uc|5H<}JvaX=2Z;kV<@pI%So9Vw=O6jm`EQ(;W~Apdg&6JEpk%1^TS$~G|gM>$oE zgt7e|$8~Hp2kntY91RU_N>j;W>B<vf{nKQVO<NP~r*rU1q|?q%cc8BD8s=9PlF0^( z<k_Q@rzg!z$y&kvofSQ3)HS7KeKVwXUr=$;H5L{QEZN8=ZHrT;$AeXsN)86*OtOi4 zpB^_%BHs~)aizV&P-$dT3+z)nyDQ?gaqZk2`cxP$y`;u`44-)lqoRT+x~zouSoJaA zF~zX%wuF;L_ed;slA+vnu))HE&7C8mjTLp^kTM#{&>D^myM{h%Y6l`zTz@%aUusNA zf(WC5m{GbD3$wmLD1#ug4CD?2*+uonl!z%*v#8j8x-Al}_}Wo3(^Yfnkv}G|wJDUw zZC2~2IE1!~oe{jX8o}MhDI))+;Qt<}({!j7^u+7~wLZ^NY1V+SQl&<CInl(Z_)(H< zGYls2E6;*Ee%RCU_ihvZ`MpFKaBVs4K3;}fr#WCJJ1BU;pRwTAi6D8Y;h%v{<E+(K zKXl&QeBUw1-H5tF1im~~ieAQY3M0?b4w`iu{5#f7djd6v(~`U~DnE)}h)J0ZC>r#* z)X`LD{F`GPHrZXCXO4FDNWxvCY$%V%?U%BYfcS{vS2TcOXbKBRjM$6ygbpW_GOfOQ z&Vybd`N#9{$|2n6BdN(>f92w`tH?()&X)h<bT0=&f+mXO)rna!quR?u#$xI?C*KMv z>B*#zJ=Yz3X_7>4^bQ}0y*5{^px6Rw=MPd^Gq3`h78XV!eP_|tUq=4R#PE$K;EgCg zcMuM-L{HsjscS#U2}#`>1Hey;?VKwmwT&5YQP7PFn|@wrPfy+R-KqT<Z8_IN{<4aL zjQr0!!j%$jTGumb{~4^3xyczL(DNeSVTv+_dlNMUaH}S1lnz<i$q0}BN}7(cDLLSf zx_h}>o_POxTMBdw_8f;-FiQ1PJWhyF|18M8fmJ~TI}mt{A?p33xuwcYdE}>qsU-sL zw+=&!EZtsz7KHu^IoT(Ciq&r-ZM9K-^eVnUEd;v%4B&HSm{)GElCP_?Gqlwq^{iy$ zXwUCBW~w|?S4;_>tLxB2^+vzvlNfb*`=mWB92yFv{si~EOz~g2Q+EkYEA-2%ML?3r z=ldBz8eD{-rFTG+H`W<JP*74sCxz>Y74uKSBJD7bkHSXJ-$fPQd+=zYP`j=`*b5~_ z$iscQSYK55GVoYpJ;6TY8a}QITIs}7-5r+Y>$~<~%^P2A^|R^-ArEI$Y3k^S=Pe>+ zRBRiAXgdBDEH&==WRmC*bA5BUx4ZY9kogn6Y(g<avkEMr!ZkXt2~|21@x`1>5^&kx z7)nR36E|<&o-CuU^0}gc60mBFlz!?nkLR^{bT%lo&1j~HvtFi}Tt7TD12%5D)EB+$ zoJLRt(P%=k6Rkz(F50@+CqEh6?LEwS$oZ+an0MZFm`N!|4-Ol5#F??F-J~OCIxE{q z{d{|KZMDD9{8peE4*vn35VRO$vG|=4kmxw)ygO0nxL2uZ109_M!&sTsOEa*<t?PDp zbRFaBb>dzc7r0%XoJ<&oo<kv3*hx-H7<E^NJ&9IZ#%KGBSr_$}yLDqFhLXgd<z~Zl z&J|B>>W3(t7LYAws!Ie8J88yp6lg9lU`4Y$Xjnw$mwS!#pZXKbWMWu8-!zZSC%@~d zQqEV|ojIuFG96rq0s}wvflszKTUc20Rf{TR6W`Q?F^_!jsB(afA@9ABOXBBoyZAEf zTnLi?@wmG^_NCzEb{S~WIJU+vh?JWtrL~ApzSDhLx2<-@Ef{;()k64EkLIp}Btsme z;|YmLq@b30^pRC1{_ATG`Fy{v;j9m3->{!fwFNxh8Q1lwu%4|&Q=&w}15*|Gt>n7! zqn5Wm<oVsYNyMsAO_gCY-=I=rAWrO^<Jj&;>2Av2aF&KeilV+-w<lP)9KyE^ygrW6 z5m%M-VHZ8*Q{PXs`!qBXLB+1;hw42stUJGD*elkPT>1-Z)_$&BKP2VqL{r989nlfG zIZKCc4tD@MS@TAVu2O+$6lM=xz+paxjY82ek=}8~-grCg4$!RkaZ6w(MkK|(n4xsZ zY2c7;O3~pFzj+7UbX|5TcBjy3xsF$VG{ls+obG~##EH=e&T`4(aaOAcU1ZdbU=|b8 z*P0iKTw`zlh@{A<)YJ<fITTO5h_}mZRHntzc+^t2FR$5tcz*@nrY4DSwL97#D&BB= z<8q3mrY{;y%FP03xbjmUDQu>uY-hf4ULXt#ydsNgp_cXafZ%1XK<BvTHl_v_ZG;FC zbhdB~yYc!Y{_+wq#|{ejGyQQ+ab)2Tvez?$Qxz8L6hE0)2B**X9CyD6V3g0I5o;}+ zq*uX5BZYB>bv>>fR0oK4oSNado3nLQu;;0%<rJ>_Z%=InO!^ZF$uP~`Z_Z6%qxrE| z6pzT?7|}?El-Jm=*Say7Rv&gVYyU`Fcx$uBuG=s}PQ%F9b+S8aQ3O5tnVaq9O~Sf$ zokArnpqvEWVr15=EJ$=-i?h~N2iwa$2{N7EdM2N%_*|7eS_U5T9h@IT&Nn9DIX-XU zyazqiLO<NhPOiO$-2MuBVz0=NrX#fVA}x&B_*!}VndrCbmlS-U-nD^b8%&LIhLP%{ zem+*m-I<g1WRIT|wLOYE5U^<ttgudNHlD}o=h_8)YgFcu#Fs*+e2;E$Zom0n`*&h` z92_2pEhXY@*Zt-P{hI4jPfQXPwTv^5<W{vRE#sK8i4wmv#eQ490EB9}6lm4_u1Msa zZ}G*--c+dlV&+(wsiRV$rVoJOmmP=>AMcE<51-@c{aO_Q#SJZ&^VL{wXM#h^nd+f8 zUp5xLW!If8eV=vCJrZ00fkK4_@`_S0j_hNtnpwKRGMaRz4Rx!#d|0=&gju;zA$e~S zZTio!jD(_(x6erOx@c&)5<E*(w_WZK!<+9Rs+&8qrCeg%Lo|-{7H5Evx*kx??v955 z`q=(^(w9;=1M9tU%P9A-b>YKuLX#_9kr3yjHI>YFgs1Di#5$&-LO0b|6b)C0GVvVx z-cJRkabn;c8mZsBBl48<Yag_O(F>oY6Xa~9-a5{^ty5gVnu{pxm}v(EkBhaR`HMWj zZp_fnIN6zAN5RET&h&$U86bW)q&HiE%!S3-$?j9wI9a%QGu5B1J(%h!_F>2sU~erq z_$ZsFLJi=RtKC^C67b!jbU&C^>OuzK*Yt4zFkkOyJBAyBsciM?z;PeW(3#ahkAKUs zu^b+gDC}oYpuc2M&Wjq&{n&x_IH^f$u?c!Q2Man*(MArX=!7BH-&p<5klx)>JRwo2 z>s-n&YIs-J2=0GK!qJ4yoK-9iHQyS8z!C^Va<8`BsAaGXGv(jn9C5G2hGdI({7xV` zl(D$BX*j2wlx&Wzx?p}UrCt=J`eD3Kd-gTGjqkIm0l>4gYbd}Q&v=WzZKYAYU-S_n zM04KaPCxoIlqO#I5VM+q#1x&&rom3CM|9o4-*2Rcz42<PpB>&k^g5^M9daKK%d|s@ zwb|cPf_E8uKgJOT22l#lRfJEiE;Re>-sU?-qEII;=lL}nE2)2R^$j4^VGT2$FCjY_ z6*4XmiCd~P9~<`C_O|*nF-Gz#Mh8OpO3^6bltM-hm_;R)(jC`q{@}+9VuP-PV9)#q zy_ix2Q5z6<_^-h<-qq1%VVvAinzv9P0#MHBSBiZmB!!~K1M(W+&VnWysGb;3037!w z&Lrvc5#5IV^}%w7cGHqG=WQ_WoGnfQVOUN9I0b?$YOJu3>bHqWG?Fj+EM)GNsttxf z!dNTlg9-#!#6giAT|jR<OnmF@;px0bondYQ;9d<_76fFb$&7x#-w7xwZRv?M2dwY7 z*;r$SDBh>hu$iv3>i_s1Ou2E(Ofr;)^w#R&>S&<OQ>@iIcm0>Ls`lzhdTE}Z85#{{ z9Y0((^joOlMJJqgNZw3?fR3?O{xYv{T-z}bcAh>c0i`>(u~T}L@!)!^EA>eDHfihv zvyflZEK~J%1g@xQG2}d0X{9;-%iIQy8B>CP-ET_$@o$$PAe0yqOKc=4bgn(weQ*3R zJ|9YGo3WZN+!F7nRnNK=oM9^?Ao#@^?2Y%@8AS*UR7>=Qyb}z>!G2k2?nr;>v1N9c z<SI@^P*M`_)@<6G#toaKoKeYuV^o=|v)xqE^VX}`1o$1LL$6|tuL2}PPfx*31yy4e z84o20L~<nGc8lW-R1}J!!L#H$Qz#ySWp0NgDIIW}p=dPVV#pj`5(Ujq)fRiL=(md^ zTjDs&-1SiuEU@PCkfJ0e@EOGU{Yd`XR4<BO`78)`y=L^m!?w?mr-r8`(E?^c&G2xr zSR(KHNxEGoaS%gFH9%A%U4jUhReIrigAqxZ-GDv(TJMWr2e+6iyygn8r6*CaLBb}_ ze3mdG^Hu<DL~}V(PVln;Eq`Q-2|-ZK2Y%7eOfGr$)Sc<7x;X~353)jrzaH{FxuEp8 zS_E(8och=Q)(|qbjncVxxQc=+3a5$-C@RUK8EOy&F)$n?P;Pl;%+X=emUn(=^*7VS zH2(6)^q{;B<sllL+4)w&;ach(ebR}PStgaNKoo%ygWAy5>m*N60WAWiya(YZoN`j> zo|4F2K)_q=-pu`el8+?!EI@?ZqbJ8+?mHOS%)c<|Xz&b7Pfc>590>ojPf`6wP@d+8 znVDf}VEERql?N+uYy$ja9B;w)y5GU348nu_<fLpeP?qClu#wZ6$3(4zg&jwluqe(r zH}O|6RgTHGwL&Stj*CUXDces-rEn5Q`QEmEHv7T!fv(VRjw$;_2P$;Tp=<B8p$`RP zGBC(XEyU@z4I7Hse=#LTBcBQ->SIikUQ_1nvr6+A$JN2Kux>bC`{<2FE`zfwfKx@N zmJ{o1!T<q)Uf_JOo|kv@xiLqY-!fAu{X==vjMv=!&Hhs&0vbjTkB|Eq`u(+EHkU&3 zizW3%B%1w$j`y_}eJI8(!gIfY6!#wc;wJf>myY^?;0r^=8hJ(F8&iLFI7PUe2CV1z zupuq<!lnO(9P~?wsWW_3Rh#`$qMU{+w!}yXA{VgWWX0^}Y7BUP35TtZj>r4;>!Ok6 z5@Vlc&Apz=o)U&C09yfPyI$^8>G<F!UYdXOrOT`GCL`Ci4>GkTvRU`6ddXC9_)sR> z_QQBoBbKPyIrFcJKUY6+8IhB{!}aKN$H~ZaT@QR+I3S4Ee$ci>n7ZhDY^#0ra-$ha zp=05GPk?s(ig;@?#cvpFuLC6|__h)3hW2<%AVpaCv0MJS57;+@FvwIEBU)VFi=qJ5 z><Z8`Z8;2bRpj7GzP<XRnfSx0Sa5KTswah-#ZZ_8X|0q13L?x*Dic9hi(WE`4Qbw9 z%uh9b>;IknlS~JSTMj`%mLo|sWFYvRF}GEcdfg=>K=K<?qP`|qQX1h$lcVwC9;zwA z$i)0Pj$RaL`7CxSuepPMY;9w(E2#?L#(K4o>3ZW;_yrM`I(@_ch?_bmK-%!mUe~nY z;i!!McN7}9w=-~zi4gA;O82v7IFYo)wJ#Pi-2<9UAXq@TJp4@*1h{d6`w3Ya07z98 z4K$lzO0=+36d=^djSc73wV_DD*o0~?B<aY$(FHU}u(UZd#?QtSd6HUVML?351Q3?> ztp3QT^{+y_&*^keCBHlT8Lp@z{&!k%dZr~f5D!aA^(s&G#uHdkK}yk2B;X-n*O}S* z__#P<_1iZUMV$N4io#R~LCA)F`5Ku*aZ1h0!<DXOaClCvKONzCT2~!hPaD}!1PARA zqaU#%Ng4%~23M%hNoJTh6zTX|1D*JI+B5%=qqoTZCU&;hPzvGv-l-x0m7KY^qv%%# zZPl5|wsMxubnpZoj$d53K!c0+#py^XEJtz_to>O(fFOo>jzQUMq@?e0vK+LoZ3b** z=Vk~N7=jes%7xIFr?OGdSus6E(uGC8=9+|{Q1`7;7nKbN@;S5NLzoTWuK@4T6Z7%` zTRH*f)B9p6*CU!qS<944R4zU@g!IjO9N4IZ#P>B91t)4lR&x_L?%{Fg;CyC91I2Fs z3})hQ1UWS`Wg19J>EP6_zbX8@{EIE2%ann&Z$6dc@tcA296{1YGRQLEhE3-TM`W}9 z$2FVvGUN@;Pv6O;Mu3^k&{+n~vq6Usan^Roq>6${$7&Yi?AzDB-`uLsxH2?CCNx`q z>gu-6?cVMs@UZ;ZkvxUD5VV1x=SwZNGwd;QvPpb&*Y)0@SOW`KN)sULyj=3&?_kc2 zXJugg3@w8Drazd_=yHh#a>hkLtYG=V+v7o@bny-a`GqHkOsf}|%Amcu9WcbS0S}FH z3vEfA>uUr>y~{T=88?>E(}J>oyH*iKGO3yzN&mH(!7ExuVypBEm#wtYO)vLuzl*u8 zl|EMZh26*vL68&CK(Qg_eS-I!ULNl}`f}5xt45ESlf}Q~$#ff<xd^PVE9Hb?6)Cc9 zHK#X;JZ{R?s)r=oC6;d`m+ItBHzk8JbW~Tv(?tLS7l1h(?W+(~__ffX3E!}7CVH49 z-rI~;(C;Bs)mj86pq3W=k3^WNPVebmi7*So;?uL)OCKb=O$V+`SP-ww6U2D8wa9XB z$IeaZmYashn^3C|`##vhP7jk3kom1KLL=51VdhT<-$DlhF5cE+3ewiew2fn=|AV?S z#Ui~>yxkqblw3c*7H;@^#epm-_MaO%0`epIlF$GYb@z#nzbh&FO^O7avny)g-NK+| zp1ahk_NTH?#1}go|KcbXOvgOlL+-b=-`s!8>y^|hK{Q5>_cguz)-t6m6hg`Rj!Ml( z^Hwl=MAdbp-yWIfm;|m7VYDyFKt(<$*zSq8nwtFv_q~pM((Et73_k_~S<gMpf{<jX z(g9FZ+2a@^*gCw5Gcb|J`sGRJ9i^``79crJgN|CiZX;s7?aN!6H)^-rhMyx9_#>eN zJl{WEbUj&4iU1i`99G(D#kS?~SNyrP>6Jsg|C+@41|C{)=^v-^a^0FwXg(&Vhy+ax z$*ULd%-QDi^p_k@?2W+*ipJa8UPe^OKMO)etw%p2`>St}$L02`)a3Q23farnQo0RW zjRa|Qss-(Zi2z#7!+}ZAij&Hv+0;js8ZE}^KT`%IuN-_}TMD@_A^sM@i$h}Oco)Cu zo-%<vCJ}w02Y!S$wk<R}M!{e?K3ZUOq_Z1#j+Tacmol0DE~OHwJ;D2D762%#-Z=g~ z(D1z})>02aLG)~2dHHmdO-3Y|)ZJcB{*Z*o!ZADVN+=cR7gRaYe$S8ECqM-pa}&cY zVwHO@9Y>V?QGf#a8u~w#-aeZgeVbE@xYxc5Id^UEK8pJT8lme-pz7@MYv&{l1qP8n zxkp9gDeR54%^xw{Fzc4}@$B=~N0m%|`|q@8j6k>MzZc>Eb%_2N$c;XDqZ!Lhj64Rv zQFx=q+R<)H6CUOgR$#wx#zn7cN?o4Zj@QndmDeEOEwE^<n<Ls4E%ms|LG`>m0e-ZT zbwab_(=Jp)L9_L`1*qu;Fs39?Z@sWvCRE<OCZ2vyhf*Q&#}ba$4?Of&f3;S$KhNs{ z&4IG$?wV<))oFar=q#Xcj7#dJdqPwd?1!n=UfOPT@Kk%}*xOmO%<$xn$}##^X+*PO zRlU|AakSPZjQlk?$d>j!cAGVxzY4M(Lxg~)iss=jLzQ&9NmEv))w_BY5okd3qdYd3 z(!;_LPPX2Hhn=tddj8WI*&?baRR|haZ0CTBO!Z<JLE!uC@!vnST@=X1f8-$w%l})2 z!u%Mh<U#0$n}HRefk>N)?h4JBuiNYE)7v8Wh`tOvvhOoYae@#f7R{DlLN3XpIa+iL zOwxCxpHzitBKSd4QuZMXWJ6!KH4vSs?zOo^@4sYOA)`IBz#*u_et=aQXqx8WOWn(e zKfUvA^N;2rCFT`|Mnh2_;*&MuUqwu-$wW5fp<qo5t=SL6wCTk|<^8<$rU;LjH5S zVsX~``zBby>Cd(xrR5d&fF|wAtWN?abRvrAZP3R9T>$0?w`9Vul7Z_u-!R(G1Fy^} z;3yq(w3C%I&Q{Zl^}7Q=KcM#Iyt61aY-kIduUM!wGVX<P*PO;2Y72gl)1#B~QeDXW zM9s-iY$GkDP?v1AXNF#-k9EWe(6>~7bh@t46Z0h@2Ivr>V~`1iw?85u_~aLAQYH$l zbqj@=vJv|y6lbg`YN?h*z%3noMswY*zrOngz{a1gbRXj@H^~8k3((!*F<F#5xk;n6 z8akYBQGI$6goN@857Bh3+w9H*+3zr^#8FT`dtprfzwH2F8@S{sco-6jDh{plx7D6T z@Y+VJ<uUC_v*|*Q+nL&)lWidqa;B&j8?Re9`@YM^d0zj{x32863l<WR;)iSf`k8@A zpE3i9$|J-vYlWDj7}rq35n;dyK7oHnU&i0S%l`q5g5}#G6kMsiu`w$LgYz7u%1@8~ ztVhHNP%{g2;H&Rd^N}`7&2Tdk-sL1q8o*dhVLb0uGz|$x;|s|@pB}I;^h98GW`pIi zog6T_GP$ipde>gnf%%vpR<#=pubQR4l;6v|Q{w&yPrWu?`msZ5V16j~uI>*Nt_(0N zQ!=8Vpr+y-&R|Ip`1MZ?ium1vGB5%VNy7kaAmwa=<c<vrQ?&pB@$QFKwc-V}X?|Cv zyyFz98qm-smg?MEb@;r)iyzw~-SHff7cM4l&{teeJV$Yk2!Dud;vXGV7|CmbkcuQ= zw(@&m#N!|_aZY*kyCfo00!zDoHK-^DzQ5wU!={l@4Wt3>#b_{N_Ppc3_YD>azw^m@ zV2iePsLuhbAfS9o^GA>a&QMGZ5ZJPC0D9#e?qs2`byv@^tqQOP*D9L{3rP-qkinz7 z<Wb>@0NTJcpj#>g#@R|nb2<M2u75dI9YV{~AO!_G@9-Sc`<Qpy!$LYzvwx_3K};o5 zGrGzBJLGu^vtZx`wJBPN>#Ji(q!lYL;NSJ6rz)~Ho@_`8FmUI+WN3JoPQ1{uaD&81 z_~#x0uWZBm&h3t~_Bta1w7hqM?XrU|(IVT6e8+Rhs3Hu2Hbi>GW(b?5s4L$%{5ie? zT2=*=0-9!HdMC?)PuM5?>`sZU1XLskc!8t8fh{cd-syS%&jF>VnL`*@n46^tcreB9 zLI>P^Ccrnl@S*^1%ez_vKzRow>H`ANeLAKW0gr)*=i=P;+&rM=gV_fCBJyUbiGbI4 z$@3IO2Mk}tKhD1nn5Aq}$?pI2x}L(@fL*s)Pm7Cp0a{Lb!hm|m%ATH~z|w*uB^pz} z_k<^R$U{OYp#_v810nP^eohk5B9SU}=aV`J-+b+jPep<e7#e(s&jU!z0tnRKcj6;! zma4B{fZx>!Thauy+%V0%T>&65--`!#Y7adX&<6U8$DdVEX#ys;MxNXObpG0aQYNhG zau{AWODS>P^Sx8zz5;;6k_;*`z!tu8-n&DdFjWlTA_ln?X~hMoGzt?81a}Pw2{+{f zzDX}B4;=N|gOV3_=|uP|aD>zkDQx^`NCK*eG6nBAYhhQw_1YXSzd=E$H2U;wNOwF3 z#Bsm@FrIy)-VM~F#nViDa~IH+Ai`sv6*1v+dXj*^Pbs)}N)!YP><qo#+zi-)?WemE z1@yKEKq)L0Dg-gndbF5NeX0M<BLRbV0)oKe3i>-h+YEv{clkW7e=#8NYxDAsE#NU@ zX(JEr(2Bnepye~``Qq^qJ=*OyvOlsP#Q#!#1+?+3?R}dzUJ$K8{zsELfQ||TD8-;^ zCoOFS(DKkjg1aV_gn{7|Z#>FWHC8L&d;h~b<RM0U06@$f>&_^>IqdjUBq`V^O?he~ zG_bMbkoe9dwlgEbUhS@bMn;uIU|G<<^upg6%6WOAN#@g{9D}{aiT)xhwY$t8h_|+g zxcref<OI4utqYOOPjw&NI4VhmoQSVqRA4jHgqflkny{6q1Y11UsK{miqnXCh0kg|y z$0d#nYqK3wE6($0O8b0Ux|Wgm%MZ=8RYa&1(C$OeOB|l^wB84q8))xAc@&=H@cvO2 z9wPoTI9gI}Uyj0dTBehaa`AiUPs_0en0JP23%&|dV;;L6Xv2hdTUYW<O`V}|i+K(_ z#+*L~&A+8>Q*Jk#&`)h_ejkQN#cLK719KkCC(JU~xWJ6ww0q=sbS{?M<fUkz`E*WF zU+Who(Dy&XE}*4F{(YH+Q0(cQg!tt5j`7@O$tCvvEKB3=>QB7H@T$`<NnA|kUKWi) zq3#ax{3#A;w(@d+)EqS%;9s8)CxrCIi9by&98hMfhj;AOjNKQQqCH`j2KH9cl;rjR zVm3a6NC1qg*J0)=rDi@;YB%*YFSTL`{~Y3)gaAvstyi1wt=yY3F}8MUIU#@bB|>s; z=C#%A%=$KvSbhdF1_Bfq&rb0tZOQ51gfLf7u0l=F2lA0$-BB#tM?8qq$)CLa3E<#H zmTjbF==_`)_h8)SC(^gSPZ#f>jNId0@<l>nL~YQln1d6jAC0RtYIjGoZGl6yoaW-( zZF=tiNgg^?*k24qLKsCdgu)&w!DBVOTFI`Skpg1{QrI!ilMV^=w)7_N%zSNzQp52E z&wSNtJsskZ5s1RG1-Ig7f7~Vdl^lT4WzY1y7HvGt6Yqa;n8txk^}d;Nc4)dZ5Jg@3 zp!e%)b*vm_0a|JcNXd_hiZU9$FQE5fOBoBSyZuLW@Dd{iX8eyisX8x`U1Zp+{B-AG zPgjyA$h^+*NcijnDt7svtq_t9=lfQeYca1}8vCJt)m+#kcbRz>NZ3!gD_Y`#Y9Q+g zqgneIgn~d^dJJ32^{;>f9;5QJ%WU~dB2r{F0H-$0Lw_&@Hz4VNPLB$Eb)oQAIQ0g3 za0bh2)W4mGMysyMEAgk=xJwcC^v&c8lvJWYllDGxiJ$5beNPTJk_l7qfAV<2+62cN z?vq?ZMBQb<eraIQO$^iip$9j&nO)=H3cVY7Sz^?*_W;OtlhUdLE}x@Re`$ZCx&lmJ z9yT$nkcQfQ`;fB!eNW@|Gvzm{+a&UT+-<vK5eXfYxyeMl*xQnF07Z-PV5W8i8yF9K z>v`!!UH;NRjLO#Qpsdl3M%pw)hxKQqYP#^u@Iq;mV|NUY94Z2@8D>ZKt6$Lr`FP}~ zE$xe`WQ{D=!OD4B7vrrK{{#M!g392nNq&QlWnuI)U?JZ|gMwr!V4;AKsS#lIaY+GK zh`*A_L4@iHiuSknWvP$XvTIuVS+^#`*gl9la-0Ae5Het`sPAKcJOy8(NWF^qv3{@O zMs*=%*Kj-0xre&{v&;1skFzk$pEC9ybyzr3GT{@9gS`NjCU|%!L~a&On2G|mI<!NS zS@8jC3r#U-88j|qbTiI8EFcV(VXmE{F_uZBNb)XLMaA6*a*Q^5I+X}v30))%$yajt zAM^$qd;k+Oz1-;0eF@n@6z7KTSCm{i+Z$^<dBuUkh;~-6;40iyhcy1c<N;vExYH;z z9foz+3<4;N1Wu=Ad$X?8nvT2hO%8FaRn9)X-}`yDXXS#-Kv8W2LHuk;V_lBnSX7Hr zT0BD0??m-xv&hE^V5UdCWsz}G+)S}0xd2qeMfh@-k&rz_PQLd=kolE5zJlkT;@^yD zNg8p86?6`7smf8@Bt7(?l6{X%v)!h6igm24ADU|N062lTh2woB;}5yMM(Mm)^z{`h zer?1&L}L#eSa5D(G4d*kS$hOdR<mEvnV$8YfVKqntU#*ZB&+fU!`AI=y?qMsd*O1x z*h4FcQu)!v{F?e_FSXgjH;-Z;D5q$`l<lFCn1r2=N8AzF=+$F@oDVQBjy*a?yje>k z6UN6yG#S-8d83X(HwD%87PO;U+YIYqOa)aQOoDk7R~3NsDAp~YRttI`8Cn29OI3ze z9clu?vUNpG`?zpqoDXqG#yHXR*ZIMsTbmQSIoq<Ow0`RPrSer~AP}6xoh(OjM;RyB zJ-^aCGe-wK=0@RMW3S56)-8KXFDv#TPLY@vm`lpS1~>g2$tS8X&d@t}4p_cx1$_ku z1ZiB-RABNcLVae)yUXE3>rUux-<tfTu?m3Nqdw#IzIBzl-<m^fsSOAytkNS0l0*h0 zZXRN}1ib@l4$vCD#jK-9uae38BBHUp&yXLC>}bIskOi3y%4QiHjDQ!TUhY)@u-?lS zI7OUTmP>JfejG<+Bw+=`!^PE@hf0T5v*wS%2jRegZVNpSR0OAg%-ZKPBH@R$ZRZL% z-|FfO##3rm>2n(N8|r1#jlt(E3=3xnUhx3B@(%{3Ma9toM*n)33^7%V9*uN*ATM1? ziMk{yY#(ec7;fXPLmd82+tvLE?;iS*zr@#gAKDy%d3p2HSDE|407aqGYZUxfSXN_g zfd3trKlR8pr+@Su2;8tFen&_S`0vorqbLMfLRSK8FU8K%PxuNmDET@X#%Q;)QR1)i z(xtMXaJ^Fio9+9?=hq}C0YKp+f`N5MRG{@5EzGvfPeLy`2j6tsCIb4>L0>7FF|6eu zun7AwdEe_J@Jb6AceoYq#!I80*ohoMWOXOb$%&dHWzV#KUepURQ+s;a0L-u9b^EnO z_yqtK_@~*5GfMk^W5rUIVAXh$b>xHckoXJv@Ls%yGHUyo*XEY!wr*__d<yRXvulb+ zI{n;_4P1U={5Mpjqh!rx5^C>-muAX_1|9;%jHR~#+)`+~=zJq~fwgek68@6MM2wGF z<&{Smx1K$!2z{~1{9B7DhjPSKh16-YsO?R}Q1Vm?PmGXFAp;{`yZ>{q-pc|83wsIv zUK4SaL>3G+mBLU|%P)CA>iPM3lN*2G&&X~n-14TnWVgMw$CI`8HiMU#tB(SSy4Tmp z&74L(L~1loe1%&8=0|Hee5-lTi+JUT1$vz*6_3ABM6;IqWn`}LeNkZI-Eu31M<vT> zvG)~!N05S7?`;7US-{Xo`e%WC@NnF|_s;>S3;~?3<MXm2H!2G51|Pr;1k6E5niAHL zf>uw}ig<V>c0I{3yj~&5-S9VfrbgUf+Kg2(NR+~Gtulwg7)#fRAmML}vdFWwHq!tT z@Lf-gGc#UjDxtv@NGAMBQ(`|xD=S?ih@TC~Wkf-5%LdH!%u?0dSC|Tg&vDNYDwZ{% zOVPQ8H@`Lp9@W|l7ePA|yP6=w^>PBP=LN*Z9G6iH9U^RK;F}@57@b9}cFLEU543~T zbCdo#+ZSuiVNq(9lrXKtDT?tOYT90zw=L~ES?oYOG^q7QUXkE#Ey{!+0GfFUp|}nl zAo|z-HeLg<kjgPPx(S;XCuv6Kzs0TI?-8kFziEUmUp~wPEg}-%SWALE-l+z_8^sQ~ zB9O%6UwG7T?_B&$eD#?c+1$mBFft+nQ1F8SX{b4dsv}cEiSV(z%Kkp@@|a<;Etaj@ zSIr;S2+FWXxFATOqk9qp)NO)(lsCP3lz=ZIE|^)+S~vR%C|w6{zL9rAeJKi980QG* z!H=N};B9Fi%LSqe9#6!{6gbRdV6g1ljCLHG>qAJ#-#I-%x}nFtMjUQJQ5-!00nR66 zh*SaH7Xbkbr8uYty29*|Th2|@>bh<2#=Ql`={>VHE>NT{pfAw?6pzl<2#77jFNuX) z!mD5P8D!!6%w0{?V#nigu3|gBeegHgpYhYbeL;oGhgj)_?VEOOyc)r!Lg`#!_@4F$ zuoS9=ZQgfJV&uLTdFNsc=g!(%PyRuhfM3dGig6r>Bn6N6Cy1OG5nt0b3j*d#|49SR zAbOtMu%SaRY`j6=Q?pE+AH8kP1Z`1@Kf$p?@j+pzni*qv06=InSex7u5UD#Yhx>_Y zVRmPDddCtz?Y|MH=R$!IRfG{h(06?dv#JGd$h2euzaKNo29EwsO<v`G*vLPSFPq}Y zGdUXE`yn6!72bAN!3`0+?jn4EwsPU`Bawj#(Aq&Dm_M#P&*ewy`iGy;f0bG%f?G<( zW??9(G6e{y0Epw&-QEc*`Abg{vc)9KYvi*X6MRQ8?P|F+x--)-)vB(08j?3nWG{wM z4Q>$@IV_um`if&*5{2ufGSHW-CIW0?yiaBo;2?TCzjg{^JFkjVFUsBP3zYVL2Ns@6 zO)6%0$VBHnKzRl@9|ohzmmQWdL}(BjKPTwPoGjZ*;of;O1#}i;)e0rVdfc`9-tkz; zKkZ58RTT^EX{Kh!6+-AOT*zhV)*oPc^S?%L0RpB8;J0fPdxdBdv6rLJ<y;?qsl&RC zu1aW~!@q%MsnA*p-AfOkE8c`bzju~b5kWmFN$-VHfkQk<t*kKJYBTWcrxGjv2l;fn zC-HA`f}<JLU*Y>Llf+Sl&6%`&6-lZUl1<7nDrf$3vs|6(bC2aQ39;lk%{&>)8_+!I z_-5s9v)6N<o9S`L*;3n^28_0ON5(>&d5xqBfC}g!2%L<JA`U7F@js}vz~`UNdRcCz z2c4QBk>pNeLPuo>G+wVivh!^2FE5>CB;rK7upR}Ee>CdT)iliN9a0&z%luxOL_?h9 z_^F&Q_z;ybY{<mdJN#U?s8rS`E8$DVJg;Tha);cR+cA(08d!W1GK{v_u@Jg#=-S(H zoAtD9Q)L{Jk)uk7(Wt<y1q~`z8G!s3ptf!^x-Z5gsTxp0yK{TsfcMFb{0&S*Mpo7k z)jl`{qY{-|n2Uiu>Jq}M1*cxr5FK2g4SswJZ5I4HZX{HYjbc>%J4KS;d$V}*?<{F? zi=v3|WVKABx${^qM)Nzpj*#y&ix?Ijn6KaVg+?^1jADdaBN(bZ3eMS?a~!OlbAiC! z_vw1#`LeO(vs~+Ye>zfHXc9jxrOsYO+_jqQBiE^%Y@MDmK7Cle%6x0*(YTm?qq1Cx z4EntK^2D-Elf|*0EQZ(dQC&tmQr$ry(}`02Q&y7`%Sz)8in@dF*cs3q5yj0fSlrV% z@VT9vSQhQ#Ys_&;C#^|lpt>Fk0K$eD);n+EPw1`<mK7DdoXzgbXkA?AJ+W-&hTy8= zH>2ln$xqhlJA(esmr~w6-b3Jm_ZtCx^W`T;v6{n$MUw%KZyHCF<mKI!c>Yb`);d%Q zNP|%t+*KGzhH9~5uVb`=)v+4vZM3ofl_FLESLvF3L*>dFnswqT2a`x&PlMRV48F$} zm8{SIFcHwuv8iBVG0802Gjm`s)LTx54gff8u;+H;bA51A25P_dvFdWPC@>25t~^*q z25rs`Oh=D)PcQUWO%-|ESP5O#Hh+`58X*dS8DR3!yH$@|IGV0>JGe&*ZXO=)^O6oU zY_LZbjY}Sn(_Z7-xwV0@6y1RggATwh`+Ht(M1y;eujll-)byOHrVB)mYM&H!lA^bj z0DLTg%R0>!0a=lcd4fj&$x4GHrM9(0H%D7ExC^5v&|he|cnC5BbG@B0eUHfABxo(W ziPAIwGYjx}&t0E9DcL}C4X0exFH|Fvt*F-H>0n8?@~ix6?UDNAiaKZrHu%VpSs}wy zV5Gbf_BIX4Xt+|lOVrG2wx;9e=8Jr7v(!+nw$-$d%MMiEYA1_1U!%|EK`jNtR?V?% z$FG>9h?BxoX)qR!hvAt~-`BKDdp9GI0}*$r!qBkDQsCN6rx8G<<7SY^D7@Yi49bLq zA8}ZZ5yz<oPVjx{k%*0VUxtZG5upO9j2`VH4S^wq)3!BBKh0v=(6<CwZcDi%2!=;8 zksIJL(TA^za^tR&0gM1N7wK|+$V#$PFb%J`XytJjyf>D!>l?#rLB!{}lC#>G)Ms8r zYVh>tro)26PNHPk^1A+}OF-gFh?%ZNL*mGAo-&IYCTO|8XrcgZ-edxu|Ee#{pRiYp zJtLkks63N-?0M9KaY+$w-e_^4d0idKIr2p-c|nOy8@Z45uekQQq@lxitGxQ`>ZSD@ z-WnlxG{a@U-)#o2?w>gb6E?VN!xlYoX*er{Q=aORob<8{;}7CWUr+I((o3MCoEJ#3 zlc>KwGMjc;2-9{o@t~JaegB!S$nrBEtFAS#))>~~wdvx3WQ|RHU&{knXwA9g%~UDp zYm&)Qw<@bk%VO>MUGezS_JKm;&g^u`51b@VCYK)#$G@*(-&qKWW|xz-kiSHUhweX^ zuDcDBV{K~HP5yxo$`mdPb!u6<@XsF0U_+<P0$j9|$E2;bw>9oZwnxi2_-eaIOD;SJ z96`^obRTK5%-BIda@WlEi4r<3qA&80*D=ilVVR4Oylvt(f3tW0)9&4u_)a<MR!>LE zoF(!P_TpG@H%!FA&Hi+%d!uV~b(dY^RyQ81lYyI1OCX<S!yQtqxUJby=bc=PU9Ou% zTTjyGt)Mj1y*=~85}gvd4T16)mgJ6iZ4Y=9U%G@=h3al@fPJ0TNTeqX#Uk(BT<GZX zCU<?LnJ;tnt8h4qAt)N}L*Q;18;*xt*1H_Sdr-k8>;M?eoJQ0IRoE*ah~HXS>@Ek` z_kSF|#rX2%W#2d1AA6hu?(-|%;nz`cX6{`>=5gy2XQ3p*Q6KkRnH`97a@96a9=w_p zOvmQB?Z67<mf4j~9=b?9JN>6TQNn!UCHx-v;E6Ud&O{BV2BaiQMMU`HOe44HYTGy` zdtb7*A^2-9u8QS{cCi&M%HP??BLf^uQduuOLFV6B5}0c}R`YVszY!I?z#`A3EgtrX z&_?TWI3>IaKbx2%_$VJ^1c1!7HL^`XgRC8$EAQ2T_?{_2-mb!i6@ClQj=1$@#nUQH zfFRWAiKTWdNZJT&KJZ+7VkW<iQnlOMDp_#3ug-I|BX^y(oa!}i^cngVARhcJK+<EF zuSowd4zM-fc1#wq$C)(cjCwr%7Am&p0sYNRaNQ7h3ul6HZLD-nddwI1^%-yM+4aYX zN4T`zUR~08@DA8shdAn3iPmuin{uRyjMkN>!35IgO<2&|>JS!F$)SrhY|YgYPQoAO z!%#XWYx8$f^mg0#gXlBcziG;8Q~Yx<D)oW-XK-_U46_M{*F&mX-2U6PkkhL^3UZ)y zQU>8WtsNyS-e?r!-Rs1awQ)>TE-i-WR6TEX7zRew8s8qY_x%b7Vlv)$7!8qT@JpJo zAAsVa*K~Ab(!I>opUtm#P3G&)#rPZPuX3Hi?C!>W5$&I#`(fI;`K89v?@ISniyT{# z_kie$eVHGN4Cj;R$#c*w03Y2{TJPGctdzT2lN7yye4ENZhFD%D6cvp3l+A)Y`gcqW zKe3g-J@(2?re_Um?AMCxYwRbUv)-RT+^o)?nlXJ{W>Ut=cQO$iT5r^&dgGwzKoC^F zul5lbA^NV&qB#Q~xB+Xjd(T|lY4E1w1bq<*xRooTKE@(lX?W_MKM(rKdbuj+a_IF` zYtJ1!H1m*mPjF07?J818sj%>;W5%NL?STcKiUiddqHR^seunbH-3KqEZ32T_@AJ6T zlzv}rh-|gA-My8-&QG-`S&z&kXMCurAFNX80QIZRjWTb)`vI=!wr;j=w1?+F(aiq= zfZa14%ZvP3k8ZGz$*;ZO6mXjj+|D#TvC~lB9(S2J*D>!s%Zsa3o&pO_U=n%J#c_Me z<ezx^hF_?i$K$YG^EP#Tu97(~x{A$FcNyGjbLA2nuUmo`=-QoSw;b*mnAY6$u);Zw zUm2UfZ09&Vh4JhbHz(RSKsP<k9DJ~o&vJp=uI)rD+E$3`h1YyscB^k1rIRD`G7odK z^2e-8ylmW!NUhaUKP<k{wp<(Z+g_Ve-T~SK8cABOwFV+?Z_39Ct38UzHBU<WE)Pvy z%nnW1W;$cIzd!x<DlAiO`u<pcU$B>DHxGK-SHNQ5a}788u3)9u1dG2~ivL(p2%pV^ z14+iu#>!vjgiDn(tM7;bRAl4d>#c?uvM2=&V9sj<@GiUA2Ub;73%Xh;0JJqh4GZXo zvIDG;*M4`o;dP0MCA#T^4jhPec)e+Qw33yUpoPK3m05;r`Lhz^8)3dLXF1%Phk2J( z$mCDeeaix;)p?J<cy+bdcvJ}S?%1|ohU~aiLEpHAV^iE7NQ;{7sJ~>H)ypuQEv(#0 zhGyw|+tilkjn+G+JZ+H?P)ypJn6T6NeUl-*BG4=qo=;J>Q+J}?c!IriaJf~NS}_tS z>eZ1TE;Qx9J>V#+dtGMIm^i*+MjT{XT{2hH3wjm?K6@|>yFp~&O^P|fNqT3KL|!>S z$1$M$)9VU(SLEZORCLL!qrm72xP-3=9<;d`KN01x<lDbtrbJA~a{%+U*V%L-S+$_3 z55B02W%qX#5!W5CteYqHl&1sVE7Jczl|6Kwp!YTm5Fgz})1U7JR?`MWo_z)TAG=k1 z!QxUIdm^59=_FQm!k5%IFQ4SQTIddw(QKm8Z0)4FnVo|a<?>ZZju{t%`5Fz%h+LDe zPLop0OSO*oKvwaimEi)r9M>LjtvJEz;CK^Ndp-(2_m&Sxx~cj$syc9yA$bj^J*>y; z(}tqi4@R3-Wr!<YKsAAng}Ca+!Hft_mjwvQ*3Xp@6!9Zs;Sawul-vNOq(CqI3g6)a zzLM9cUR~=Cbq#BR$DA5mb6Inr(A#6PgF@OHlbOQ)-IDO3_eL4IQpbCHzY(Wh^j>3^ zft^optzf@Ub_Qg=bU1jA>^s)DBugc!u>_SMTFYn3P`FDuJ8PfY4Ds`^02O3xi%k7I zk%|oBpn`<+@*M%&PPT@!Mm{aym+d?CrR}q*dzTGl*19+QbujhAz5&>FCohfFOac4$ zIqzB`LC`i3H(;Z79(xDYlv_0~?7B^?86Z*3{w={V!E9ACu^?O6YER@a=}1G<C-$pm z;Hp@Z*6c`RQT9WLkydf!KByejjMBZN#XW9ly40x4KsjE}@UL*T?q)cyt1}67yW08% z@_!K4FAascQj*W@@W2M^t#f{Uy`~D=1XAR<In+&JDk!^WZJeO1X5tF@hF1w)$`+St z-qUQ3nePz?h<q!)YOgY4oPYOp@mTygbJuZV)JkXHMN^lTitIp{sdoJ7zgjel86qI) zsRmFe2sdu5PTV<j_3yhn=Cc@GXLW%N2!Q5UxwSnb)=NV``}^U=%Ce6kR@xk$Y>kd# zmuUpu;<{j+-N_l9q{EuJetYeyIp45UEfA}FGo8m-@Y7hXRba09m?wBH?;uKUIVa?2 z?S95}4xdf_uL==$qmxx}Dl#0b7GH?;2s}OGrj=$po!tXtT>ol{9S8erDX=D5^s^h; z?TN9=Mf53TZ{yT0&!dYPZ71|J*};aQ;q)A5taz9qxl*Pk;#b;Oya&zv`OKb`XbtkX zBm?&(F$y{=HEyq)77i2lnn&!j;mAght25ZIl)a&w5yPQsHkAx{!Tgc4mGgU7lad@T zJ4zghP%BPR;l@??rS76AL+r74_#DpM3LQ)1|6pC9Nr8K_WHbZ8aTZXCK9Ie8d1HEE zT@n8q(>w&Dtnj!Ycd`0q;HW#4W-IbIpLxRR^Px9zp9tP?28T9S3r1#3G??r?vakU1 zru8-Cp<?}{=TJSP^_J9=%L|A~dOH$vUN6~2%5{x%wzAFK0FXn3eMq>}<-MBlx31De zv}^0R`KE4sZl8*<kf{2;xquWAQ>)|pI{?*t2J7aa2BfXj&3hjTi{Aw&SCUPZO-`C5 zSYJ=`B0}M$gO%h2y>8J%&7G0wd;7m*x5JSEBG_D5=pQ=onD|ukMFQ5M)GLS9#=W;T z?v}IP`d+OHht7K>3QQNKVo8vWUWdZS4~K1@T3wp>>`X^{Ojh7v<G3s$Y8(w;OufsV z&qFXa4+wS{R)&Z<K3v5>z<hk5D<`SYR6V0^$(|YFtf=q6mCc{ezmse8ysU9Og@cFZ z60S!XSBK+YV3w%0&;ykO@v{)Ji6r=^kMVS>Q+$+e_P>d5n@)&oAx@^aZ+c9pKIRnS zpwYPLxXoX$_oPv#0CW4X&c7l~jN?aO8y%PX0a!CDNpVnHH>1D$9{8$M6PMK{rcbY} z;jXu)0MmOrpMGr?-d-g1>B1dSa?5G4D43*vNH(sE+{c(VpS=}_w*}}VL$6`x<T{ET z^1iEOw-}S*7{92Sb8qz#Xvdgvc7AWtqcem;;FE{dq#5ztO#-89UovlOh1>2t#<=dT zvme&OWAC*R!;aY%n1|(rwGSnf+nIqClI<+Pr5iv5nRYv4d3tk_O|Psjz^UU@pneEq zbP3vc@^-!w`~Bos6B5>F?SXOr#b9?wvmx5Uq(k5C<E5jXYG=tGx?D<W+w^4sMR_SB z=(Burh$i1G1^ZROA{i_xI~8Ah4!JTcQ*JD4)CLA!>yVjQUfXW?yEJV(9~GPA!?Xhv zIbC?BOASM3&pKr)T~~EgvM*|QT+Ui|*9v(@xKl?WY3BJ>Nl0}MI)@B*ce>acZfCO| zxi(?zW)RdaH|6qx#_+590Pa@MHA-B&FTs1&?~`4FdNW_>E`2hPbnoPB{|Vd3>+8IZ z8J^ljq2XPkVcL%$?+fZh_e6iue!?B66aWsLE+D2Tg;^+9vPesxTyMca%COW;5Y}G> zMgboK_}?=PT;uPa1Z`Mh!AXYBZ;~-hYCm%c>7L}z0@L-ZPCE+u@>xH~1wb=&?)&pA z))3OjkF5e`@B2SYgW|#bGazk;x+|geiAi38&5&H!T6}=Ow)b?B11wYL_WRy=0&oSU zE=y5mAvLQ4ax@E<%^e2P#pIFYr2>3ktG)!2f-yIrZD9CAn^zO+m7wBweE+7fU36!; zNJZniXTWjXS0pe-E|eFW`J^j9QA@k@lXNM0-KpkvC5`1IyT?!OaJL7K;=uk48$ard zd}n9$GcFg`FkBlh7IBKk<9E5?l<q@<<g;DZgTwKCW~@LdWsfe<5CiJTo=kW{Q6W61 zRY*SqOpO=3t5F;~%2cley3s|aXLzCWYZP2YeLvf8E{8S7SG7)e%}9?b<=yjV&Hb6Z zcc(9!KfBct&*J#!Pd~JW2~O`4^(1oot@b6hvYEYTvaU~i*OdI>W{ewt!Ow-R!ckj^ zvkDJ?Nir0=Y{3TEaQ82qE^pl`CpGu5o(tD<p7mP~GF_)@;|GcY%5~|<So^~l{i{0^ z0x5=ujt||E%&yF_y~4)e8A%K`T1Cy}xZ{!>U`t?L#0&lFlHe|e1O++&sN3zv3xgPe z`P?q)(+zxaOsDIl^gVXokvt$(JAY*3;TmL>bXza*`!;c9zAib$eFWN+L0qO-RJ11m zTnM$9U;lXNdIZ85b}WthKBqHob0ti?yX@6nqMd>IYv86EPB3Jj)vIwl`#v(-=Ik;# zGB5?EaAan#cr^0eUC82?h!q@AJrgHx1yoF*sJv}l9$->`wGc1_=l}4yE!%<Rx}h<p z<;h9w7WOlb=HDM*j4J<?uB(4@Fh)a714e{tF*SdUvwO|~A75p148q}o$E4McZ#HMo z*=~OsAI)0KM_kYlNcc_6<yJFXtoieYbcX;iv2^Ly&$){{?lVwtrM+A8YfIZMi7;=r z9ke45R*+e9k89}To`St)%Y)kr-A~7Ml&F~UQRc8`1t{@+z~zv~mla%4c;lCL4VQz1 zX;z!v1eJ_kL!QN&ONhcO7I683y(S==-{uxZ1#Y@J7UivTbLGh@!?NJAUdpS`)Os?K zDL?y&8>1@1?)d`g-V3O&EiI<p$(O(pMD70h=-_)sRXM=7_<`FhN5ais6l;!8-t;B9 zknVmE@??X6D`ypM4aNyi>Xbbu3&q(dLS`>#8aJEWy3)`f#(M|5`h_NkT#4ybBQ;Hd zI<wq;@E%?#rq{yqll9sk8G9fW)Q}gi3DxrWtO1@7ML-9>QF5Fs-zqccli(eS|3%}r zwR&0rq+2EVY=wH6g*&_7mTPN3%Dh@JExoDQKWqKQw^jjy?~#<StHBh;TQxghoOL9h zvxy;bERk3RV|6(H&DTm{t}-nFx1`Xd*N=)F8y~>*$WQguY#rV#Gwg4noQ;>M#mROE z9dDhB6QwK#K5(pp(p}r;n!;?Q!3j2(c(K#TKDTY2y*gk>JUhhh%<w&Lb$|n#_!yS# zF^$t`UA*{MsKR%-7WHa!#YTHrBiZkMs(kO2+t-VWeN-A!9tGgG?dPi+vux;jFZ5(F zf)FGVm|A*FE_13e`|;@)*U1w~{w0)^@&^0O3uzbyq*w>19g%B3rB+UsWSr+Y(UQX) zaD(cI4l!v_rpg;p0^{i4g>!b7lk~*c{~up(-4<2YwtX8QA|TS;-Q6Y9Al=>4AVW8Z zbhnbyNO!{!Lkma_T|;*_%(J}i>wdTQk7s+n!OXdib;NJq&tvWEIh@fN8r5V}wUghG zc6hcJxf1@^z9Ehot&)p2&ZvPXmX|kGyD1;Lueu#Kxiko6yGYO;!$IFgM16~J#6$wp z4-OvccSw(q9v-1$&(4@pqIU1Lg#_>?d^HIPD1U@Jcml5}kx~$=MA7_T<cnUfx7Q@J zLH|WEy#O+d`sfJ=6+H(BH!DwfuXb7R?`~6Kk1K8#TRXN_blOY2#GqJ`Sb}>|x&1cN zc>h^m$8$omyCPk#pZ`r{wWj94y$RT;aC~%YWt?FLO!m&`W-~FW2VS@$CNqm0SER&W z3Zw99`R-TjDjq(6?cl>M^}YL|ZFjrNbPe4mIevNc58RESj5(usvHn(@MGHs<0j)NA zi(B+`_n;Jxf_@MasaqJ7T77?LvS6g_7>>R>H(0o7wfvV$!l@?#HR6??xQN$f7njD! ze`Tb?wzhhp5sO!m<@9@QVx5~(Q3i&blTe>YPLEA0-jk>t2LMMb1+$D3BLQxfV{hk@ zu;E6;;AKfmLPGfmHS(MLHsgYp=f6$cZO)Q7oYp%0PEZZ{70)wN!xSw)Qtx924~K)W zbW*b%KWPlSucdS;3sO!j<GPpmhT0dtH_~AX3L?VT(bj4vh~j$Os6V~qW^8z<1@M1z zY<34$HBF=K(gqRz71St}`*SqFwHouP&;$>_(~lylbohJsJ*ZIg)0H=AUL6BXwyrHc zQIlNM8;{yT^C@^KH$wPlsC)&iTiw3Aclz2+2N!?IH4-~dcGARn^$Y71Zac*V?SSno zvLw;Fb?Yr0WUYAIjmJw#kEy?kbr`}#Wl!3*&>5U=c9SJ+yif>5y2II^2LLyG8^H#Z zk;R`!e&tN}q2lIjx;wlRuFb4Z>E)Sz*|~#yvhb&2N`Oyn>sdp#_REu2Tlv0#V~Nh_ z%aVlm*gvctdx3;0@ACA|$oKRNxHyfgz{+~UXWo!8<YO2{er((8kaNMCwGyOI?+EKe zm()3&5)T`xn{x4SEu9blF`d)fvIGPS7DLS?otX9&jnNuX09-xPFs&c5TKPEj4sY<l z+or&X(8Is4(SFq&umK#lBHK<fbx7sEpx)|T24=HR@4rMhz(sle=}Nf81IU-JOsBD# z$Vyd0-eM$uCWQf5#nJJR`!1z;U{IIl9Zdkm%=d9`E;?XzrnMBAveW8G_?vU-;YxN8 zTCK*vMliq`pI_qRIaQhOmmV*WZ(?zpku%4}<&&d^isr-VeNX9goDiC-QE|iouRPsM z9JV}44+~vvO7d<c)!OGtoV{lV%T#lscY-GOppNHV=sEo?Gzx9Min#LjYSiX^3cS$D zVN`r*HIX#D!g=(pRCe1D^SmuNST3wqht^p=PP{|&X)~eT+C1<+Eh4`ZYZA#Ij@}jb zV2A4Ozq4ts100dfx%Ze3Kd*<Hj{QqXJ+!r$@J=n<0PKHzaEL4|+?^XLe&HTh<$X+0 z2~F4u3L?ea)srh52p2`UoKJ2Y2;a^<TLQa{B3}F_@4?II4@6Pij;g;Ke-x`HBNAM8 zb*l24Xn9G-ZUB`T&aIyw$zRvRYqrzr4YQr=PrmWO5w&DbT=D8S%JDNgnE>EI_Q4QV z^ew0(^gNdcedd*@)cl8_W}NWZ2T$p4S?^VsX|C(wKBgs<Fa|udhJ55So-gp;rWyCu zsu>@P6TIF@gH<d?zQfB%=*fkplkY}>x%Cf8zhdQ<T`n26r0-_yqNMNoAd503l`e5h z|KsvFLzPJJ%sbOG7a^Nyry}hBh8U#t&-Rd*`ffAKSFc<4Yzk$rKkiL)E*|$%FsVvP z%Q`aOb;An3*!ie}V=RV9yW{*Wh|ehq_lnl$zY+kSeM)HgBpyf1QzdflG!cZ$Dts2G zpv3&15blEDm5;_9$E&%O|Afj>Q}*^n2gmkX_b0lRT&>F&hu!*B!Zi33`rNODcp91U zo`^Pfzmzt42zL(>^eNT3INjZ#Wu|cDG<G1ppYMZ<b(U_EPViqnw<8lAtPcWPv>bNC z+RCjHc4c8W(d}F(L_&3*6bJqRes&%{B;YD$L|gz&y1NkE)>>dk?`DdekIM4NM9_Wx z+tP8;Wh&%-_=6?q@jJ>3Zr?c3E*?CkkrgN1pK2iv>vOEEnZNy?bsZ}a6zNlE?+wGo zs-5U=Tt%e0B~zR1<RuKeaIeND4QPM==Tc<OvxjD@=8YCv3_~fI-@8wucivlazzc>o zb>)Ae?$o-%1|K_0>N8Y+C(W%qjCN!M8d$y@x+rpdya(+Q$lKYUv;}vrsA<bXSEt1t z66qQ*3OlGel=v$-5UB`fPsc}vmi^8q+A7^eb{};Cb?4Lyt_Q`6E*VJJ-dA-JbGo^e z(Vym0<UG1#p7<&z2zEP}b<=2-%-t05;l_)9bqx&d0Hb=lUpKVc`la4qSd@FN!KZ2K zPr?*vYxt+?71jO8eQw3NaD(-n#4?Oc_+%Q7f09XqzY1NMJuka{KjmR%N9@OT^yE!} zgiLJfcx1A|unBd?h4<*8Rr^Z5`Wvd1N;+lsjghPL*&lP=+#q2ivTo1nBRE3dm8b+! zh&H+235)=dYR_+6HBO8r-AN_N=&PV}&k}J)+3FE&d$`<ak6HcX2>OM&k*w%ZNZEA% z>dGwMik{_PkE_gGu{wHpk^QLKVYN!ZXJuW2dko7>j6Qz)e(s@24@9@t>I9k2iRy|m zYP6%Kd|LL$oJO>A?F=IEPvo?~IGFeA=c^}*DicWxi8{xs7Ub+PCiNx3C0!_xCCzb& zZfalyaT%nNEce%Zb}Q!PC^VO+T2466o&FgQe4{L<(}OpM%cc$$vmsmMo*j-w&dOKh zH<N8S9_UA+#Pci1Ugt4M+hVdn(`Z^5Ix`uzsdyx_@YFQz>XK@WxdVV{yEF|3bDB!8 zCB@Unsruq234KKJY<5WrKN~ew#oCqapAo!pFw;@nka9C}6|k`5GNfKRBjfOx&e$WV zxvYKPX6+~YB9u19mH&J`kH-B9EyjLU$Z4L1@2M(mw9RE(4<>Y6Qy3*$!$<eIG0lj? zMIMK6NoRE>i?jPuqD~!3cQ_i6v@Cdcu~p}e-dNkI?AByIuXHR0E0ds~y+EMK_OoHl zIA%FmT;?;}pE?Hrf9C9*S*Uy`0+liNs#&NB8{c9ibq4LMNN(ulL}aC7qL5-6C@(Yr zF6j~}u{w>$Iu7zb1*+-rd*7S!@r9+<&q6Z{GsFmXza_9NdiZn{{nOA~Iwtie^!@&+ za8MJ;mynZ#CcPNk*9Nx&F1x|U-R;Ab0KUF1cQ@)SKDyW2Su9gt*{U=hMcPD`o~B~P z29mjV%73h+s=L^wGz(Q6%IyERi(yI>?yyr#Rp;Lhn-WrO0+t|uEsOfqX?V6E{sh>k zZQ!7@3aL#Q%sFt`pGLakeZ1US%tQ@Ualjd8btFtx#A+?Zi%w=U<SrSf4LH~zxu1Cc z`|GNg#9?eH&VJ^`Sik!fVq#e`jj`&(##D>@JPlqOI78T>$jxWNMjyPsdQtVv<5nR9 zm8o#ANbh9-?w6G;Rxg62zI%P^cV(#D7@hjnm<(uOcTP87RxB;{x}=p?!<BX&y<K!x zbJSQFf)g&s4pw)B53Wcn<i6qgKV&RFOcU|$M+i-|XR87GRSc_uMam3R(qOpALKQlg z3G&9~9c08WbQ`VeWBtki*E{LSHmCiEpQNWee)jbhi}lN?N{0!LlPTUq`!`n;<^wEH znxkc6JHq#Z6<1Z2&PE`h7M&!WHmWT6?1*L)>=Tf2=><R$e6q^6?;XnV&H$TSHism3 zc`lw9&q74DqRrer$O>2PnB_$I%nS8;|9`yz+)l;YzZC2WlB8g*Iticd%GF>2#+c`p za=NU>vvHS#_ar5F*;k8+h(XrC^^>8^S>)}o_HP(5Hv78VpJT6YzQTuiVQ?`E*Vh5H zS7?sSNFt|xds*XvF*bmX0ZPQakCrE8zUo0HIx?#K%h3tzVflns4w@G>z;jHv)_LfK ztIQ5^%fMT*$a^QiEfcZw8R~pVQ5^Qh`}Izewoog(<krLXj+kQ5_fR^u9~Yw#Qb!_@ zcrE1*9fsvwfB<W7^4jm#n$rOwDSyTExUolW)U!YPFB*`QGlr2?KD0>+5_>hPYiIC# zr9ag^Dllo*es`E_9vTDhf)18)E3S^`M@hXdofjMZ+G2=#PYX&d#<Q2-ZH_yQqvD&L ze9o|$qU$iV92XqvgrCv1U2p3<thp#J23H(kHQiI_i@C9H%%53mj=R5<^EPB~d#1;p z;6Hk1zUP>%@}uH2j<Gs-8z-jneo?`uudTu4L>B7{$r=%ab9cL>6pc3nYq~ndbPb6F z;XL1?ywz<~PcS-a%Bx2&LLKxD>`1ZQT)>Yj;+0`Q$r{e_E^Ml7y5H41|8tlBi*rjw zFWt4%Y4J^Jvc*uZHQ=Y38%54FkyHqRlg-MzAQ*Z+xUfPlrxmaiL-)NE4EfNY#a|_J zHA+&gJNtov%oaQ_D!!=DgpDl!fZDKh`)b|VmH8ZsMTP1eX-ODVSN1K67{UMHGskml z7Qzkjo&4kFcd}`U`=;sYQqa}yqqgOY6d>-0x8&#lM^pa9{*S-RK(F%ea>Yl&78Z%H zXcr|aPU_Oa(Bvx<za{kL_?n~{YxVYnpJE$MmX_ZLFOCo{`{p08aGqt^%;qYfKUiOL zw-r^wJ05)-F5Eim{jGf(XYPu}F%dufbn~Of_X42#vVM<u$=2Rc;doM8j&JW(`sWs4 z*V*OG%9tG*$^H>(1=&#RNf{C>Ke)KaOJt^f2R<i+vRfKki3V=AbM|1u_V8eH>|4(I z_!atLDbg+hp}4tC-I`%iZ7EWpLF>6848E=KX>%omNoGa2EQ<CgSKSR4X!}q0yw5j9 z*v!IpHBC<HKp2ZRyVEH`H0OAAOqRmOvWsSXY3fcBr;`T8Tkkb|DvAmh3&qQ_ag(bU zMmqwI*qss~H9x$O`|TW<y7OU=TX=$=+Sj|A@sr>0Ar`-Rm?0-vJB=!*g)XEXcz5v! zGaDX?I{huyK5Kt8w_-MxiQY@Lwz)kHfK!|fnrreHZe|*bNMlC2+O+?MCUn(omNP7Z z4Q4kzWJm>wxdW`RlK&hupZIy~b_>QR28LqrHCC1Jwn9$HGaNP?2LfKWsT$(C{!Z+_ zaS7TY3qw#$9NkZIdTxkRlf4RWV-m2W5}$ga^OD}k683-AdlJ-4y!AZ0uefKcrzWBX zao!!Tj!TRXZmb&G5PRM2<J9gjg=PwL_I+8+QE70O5Pp2Xh&@_-&*2|#x|!1iH(Afz z6CYmcP!7m^+Ir;<ZzomF^F0%2J6SW`!j<9$FQt6riq_doIDlodF!?pSWPQ`#N_sIJ z7Rr@`K$W)E{A{Qv=eJ>`<d{4-cbelqcKl|qF39icP1-8Fjv|IZW)DA8v^#|j#;jfn zG2XKoV$*);>quSlMrIYTZAWA^Mpf@La?o5tlc8pbt64*(0=94ADqh%z{4KB*FHn3I z<MXQY*8bivRv=)+`-<A}bDb?BN4W%#C4LRH7d%{b66`Ee-%5Pv_^yK04qiE<_<FwD z_xzH8*J(LOL?4>(8et|+6J=WPwc9s5gFA~e($#*7GqAPe9<8TOLA%;KDXsxOGnK6X z-Ql+e>Jms@MQI@7Y&3C+M|AU2e-go&yx-hT{p*upfq>qAJWnFcSVjYkq2SE6qP=l* zYX7!c3TYcHJ5Y6-ps~gUdDnpy{WDd8m-><>p!*;zKay-F-rcQKI`20&G}m0`d>bZf z7S)Gdj5&w|UNqMsFB)~?g6$4TcJewrnQDlE-K3#*IX`BrL>FdQW8Y%*z@GE*WE067 z?>jO0W<cfzDs{;C(~Y&~<>Uuy^IUeDEgwe_LAy>f&Aj`mKMI)m$S9riYlfeym+%vU z(`upD8&}}l&H-k(52IjH$!%N#;!FlNN;fJ+vzy2Pls<O+76XNW>jg+(Co!QJ<x3XK zU#1Ynij7KiFTUSpceX(M%y*o;VAQCJVm(@<Z_>pZCl;UmW6Zp3hA-g1&z;U^gB_^* zGqLZ~VV0R6ejt@hZ;S?P&6GMKoKgAhtDDTC`HI7=`NrGKIus*{^J;iU9Gr@i!nT5V z5cg{|d@FsQXw~v_Yz0?q36cCpsl(kk9S==TLdZ|C0%ScX<NgPn2EqPMK=38QdHvMt z%hZY8Ms~y@r|T*DpX|&}_z_I--%a!m6|$EU5B+=WpEKz(Hu|EX2wb*dlk?{LStcCO z1#(%K44m6tcUVXXu*LG1)5dMiD0&SikybaA46qU*b!)N(-1$v&RaEMY*g!i5kH$Hu zn~S=l{?WRu4Uj(g6Ol*m(*u8QpUuD)*B;bX8PYxu4f_xl34JAn8mZeJwe@E^vxbpx zwFRt)<}bV^{w~R*umic5BdPX3VY@wA5V>^Hlq1>1?hW^pkV|`vVyaNK`eHgzv&vyU z<G;npX!iYdxM4qd8K(Ig(?{0v`PxzMefHFBnM6<0!*uTv(s;5$XF?WOCRr8(qs%() zMJR?d4x6LJgYx2wmR!ngM97CEZt+8tt;yFq5d(~?k3ioMflx2`FRRqQ5!+mTu^gl6 zFUt2&wjgw~8#RA{XSxrm*<HwuSzYa8ueIMI+#Jo~>f$05Y0CqJ)b4u(7=nMFm#@|% z0!<PLLn2-8b&Op+i^3PMRnOKlCcR3ToI!l%<5B1~Bnhi4N``x&u@{eH;O5u%X8uQU zEcSi;kpvC_Blrbd<*Hv^M$vc{4UKKuP)v6n@1FD*k$3yxaeZFqF!cQ}VX5JgIf@mS z^gV&JS$}kpL5Tdu^$dz^HnYtOx40bP7)nb<*xs@j2A>k~6<-BdjQQQ*%%gJ7bMKYU zJpq~bp<VKPI|BdskESET!j|lvvoSRJJlV0!T|PIFV`1NIMvL+R1cc~oLn=NhYTYIE zgIwgkC!3I-`40^y+BC;2Eh4JS9{1#ERC&<90vXPye{zO1hGsI*XV$ZVt>9f156USA z_lOc18v_kt)2k5n#FMZZewV$}R&h!W(LRSK>^SfJP`Snhs?)PSpY7*7Nb`4`)UTW} z=A~MWF>j#VLxo6{xCDJ8fe@)!BBoZ57=7hX=VO2dB$hyNkHKrx_)b9Ul729ar6Ka= zh~%p=@{hgYTqU7uMflR2!$*6oPOZ7_T6?yy#917ba-I+o<&y_S!uURL^}~IO!nWlP z?ql?26ZsQbIVkrQu86EB8oA5{VncGEe#nEYatB2EdOXq1txnaV10R5gg4H`%#s}Zu zm+0YO8CLs5^<g@6YYrpW`SO+ln@L-$54Ywq<Dl&@{3kt*66sP1u+0>ae!=RA_VSuI zT3>tYVEf4wLxXo3(h-;~S}$Rz{hakL#x9~$^?HBQekJAm(xz5cjlsU)5krbb1+F40 zT{5?P^bfcF9D&4F?>AG0N(I8Quy0CdtZFXLX*Y|D)Mo^z>3}hB)cx5U@BJ@D3YPR9 z;y5Tn<H0xH;_XhZ4m$D#(zcgBf)x(HklCvo$CZG6yb%uimY&&z%d>h&5w<ehxpCzm z28tC?Yvu`=MH@qTLg}UHPv|+FpLnncWi|`R9oc&b@gNhUw79!0Q$keEk2<lef`jK{ znL=@oeIx5Ly%{f;OhUfk%O&zM(Z-Sl(V`vPrL_5`pua&S!7(u(p^?8WldP(&FTa{O zw#}}rR7QbKCREmc&%qt|AyQdST^Yl*iUU%RSK8mTanb$OI<oiK4rVL>5^kA1%4-1W zJ4T0_N+!0;K#qE5#H#KPjoEZ+Ujc@}D4P}Y*Vy_kU;KQr#6(lsGR+;_lt!%L?A}xs z_TZY2PQ?7~J6pFV8P&@M>PlT>PTA$Q@UiD)rBVKfFe}~MYP(;UK6>{0Y;f`ZblbhQ ze<z&#BeTkUa=AJ$-!R^ABnYvN@{F(YF4bMw#v!ew@PyE(zh%Y1#vx}Or|-hzV|355 z=70`QWkY1x-fBwf(xJ5q2b<Ore~i3TXNdOr0;9W4BIqfZslpuZ`BT%G-L&a0da)HF zpIKVvsy3f=9?oHCz-qw9eEGW?v(E|;=E>KXFb!0ypLXxn@A_tD<8?DMpJ*<=Kmb1o zN9n~)_i*76>7$gOb0H0f*5+D{??8ty3%s+hEMVpC2@GEixO)IIzAs&>MrIt!q;Xtu zc?Rbe$d0+X=X;)=7e+1<@i00S&7r9lqffGL^oLGeAaxj!WzROfq})8hW)`1sPhX$^ zV7Z{E<+Ukqwq-VtLE+2473a1Vt(g8*d($>Qy!x$;v&+M=VKgx(`3q<`1{J-wE~wVy zd1FiG7Uqi08js#|vLy9T*`ZRP^72pm##ZABak^=NS%Up8G%s)QTh#*+RYn(4v8!Z+ zFhO#Ff^NyO|1GMU_xM#?-xbhAT8zgtzfczV*=|3ATu*pSbNZ7;DuNgTp8X?M*Y5o< z^{2#L?k_Z79uQo6-7IRtTHi53EmpICghpl+neNmm@HV9xz!ZN{XRq$zD7-}8=!fL{ z8PQKJDX{c>Q&2|tEMsa1VXY6cK~-{L+)Z%`GDyZvyOn($xap>nN=m#{M))yh*l$1h zE)$$Yz6+`AftF>p7BR~yagFM9tRB6@uoQO4n82wBW9z+Yi+k;A$x&(y_rj(gFM5rq zl0N`-eCI%_!7Kc0Msc-^D0MtrOlEc|<m@JYz&|vh4s7tT)68<Ft<deF-xK~ULaX#M zf`&<J{m(?lU_5ID8g*t8Pd&N=j&Fw)qG#hfeBejGdX3QFLPAV|tD84uqGmlChPkb& zD8E;cQl-l57%F1XeHIhP5vfg*y+V)n4PNPG4OHlsg{4Ge%<j&P!P2V4R2=<zkHz9( zV51uex-%R`ywTVNOPAcfn~>hf<nafpU;hGnprs@~ZSBCp4zG8qJ4Q1aJ%R%CRov<7 zX?>NQa`g(dXx`VDWG!UYvOt6d)v+miueQpx@y2fOaCBHo3mRHjbGU=W@3WW689jKE zurBr-9gN~rwn%GJii-Ndd=paZKRl?`*{d-q`nQILRHyciKQ<fAq|;I_YSKgK`vfai z=J&XZU8qup8@5NF1S~ztJHYuW7hLyaSr*+lhVQV#v4k3pjUswIT~Bzi8RM0o98*rb zFG=`OJ&sq@#iH~#o=HVi^XPXtDsGr$hGcrf^JN!wV^c+U9aJf#HazL|$?MX81uKC3 zRCqb^uy-Th;9M{$_>5+|R9~Gs=?K-3FycJn)<j)v%z`{<Jn*F?wMS@Y4!}+n-j~+? z`y+Czx)-?qAyis_et4d(35xpO2CigFX#90ou+?e8-5$#%?xIO6^Lk^2&yY-2u>dJm zWi<JN4L?5;a>H>G+1}WT;$y{lh*PABr*t;Jp?2um$Qq32#7K>`ec7_DU%n-od3z<e zd0&q3X=M3peWKj`L-qR^@@`lkTK1)>LL%1F29gG@7-+PyFP_FYCMsV+IC=HYp_|Mv z!=nwIj*EKE_Y3LY9(HRDdU5Xh)-Vh(VMB#rQgZEW?74t@MlE}xtyyORF(uRn0b{`c zT7A{;>Bdp!%>2FKmu$$T&{i#sL6)LliTSHI<L{MvU^`W+<L0c#V*U{rBxPlNk2fM; z%rAmaa?jng-XL>(I$X&5>RTcB!w>ueZJGT&u~M&9YTGz<+jQ6De=@rvu2d(lMn#ps zQPfA$xpZ1=K{84zHizd@?N4yhM42xQQW&>DL1FLJtYpa+{L)jjPZFIr9>=c=0t84z zL=P>=Lov=MjyhcVIwOd%K;Z>8Gv5YPov8gEE=C5lR2T~UPsG4lP&GYLvg<~g92D6u z`U}*>nHGe4!8rXoEp#S=j;e{HtO0oY)7!;Z1IVld*z{o{${#;Niz%GqsPxnOC-#u6 zz|>B=9?r24ND!Cy#Ftx;?CJz4F_<2cOmgx<+X;h8Z?nq4MmL%iRHu*#p+DmHrg8tX zA9@~ATe3Rj5FSS+_B;4T6d#FtWxc5HV*x4)==4178D*{RfcZVkVa)e4GYW+YQ$~}A z>z{_?Vc#}C?2t7*OJBEA&A0%ajAkk)(jT$~1ey!MXCLG1xG}?)7?(8gqsR5+(F?~x zi=$f4J4RRQDatMiGmhx+#dXS%bMrmrvWbQ?y8al#Z|O6oC5x0yS`T^pC(m;&^LShG zY152)!&@I;aYyriDC&^1Sr6{~9Q5b(=U?0nt*xAZ)%*tpGUmCjl8EW|tm>eGlD}j* zX9RqWvHd5|WAllk{2%jRj1BCA-<8)6*$Z;OBz*HsMa#MzQmC)AHrbjxoRilsYkQL& zEUc^6?KAHf@>_1^l@4!dVXG~@Hf$+j$r9W7dnNqohU{3(Gh7lGi(IWhHkO|Avn2v= z^q>R9JR}i~!fujH`<Na!$V0~#Z{bW86`|L$U6Q1fN{y1V6Gpq<wI`<X`@+={KS5pj zr|si7xHwY_++;`Wt#sL)jN|jV<Z63PL*tN}#AoMP1#0ZH5|F3lhy5oT_e9JeBIdLz z(cglvXGEGE&3RN*qF8%j_l80<(ew6l)rwf~fo|CCN1oDgRq{crC5Qr45I+2M&MvR2 zHG~qTDr#U6M6C_A6xXfqOUw8KGV3$LC-~cn`KGBXFIq^=DTS45+HC!HveWjA93_cI zXuKrkcU!;ZeKK;2s$?{`-sdrV^B^>;+S>|ET0FrSwxG<PpLW&;J^I>`rZjWtr|rLy zJ?}jcnk=ul#Glb?cWpT($~aOlFAHcbdnT^!WBJUeLR$(?<o}ctitNw_=UwXCjAKV^ z{EkDq`<iIAnMKK`L3>@E?`YQHck|M(xV-nz4AOLpZ3`|bi@e2EbhG0JsyyaLg~sen zkJs{!Sq?vEbz>9+LUP*H@ikboNklS|r4pUYm;@jtF6T`|I$XIdor*cwKh@~^FSOww zQ5j6-t{ri|7b;naKI~uFNxmhc2vlA9d8MoGu0pn8hI(PI%g}{Zx;E^xd0VXo%zhAd zPI;xb&)|dCXMW5V?U}cWejA+M^z9-h^!k4mt||m7pINeyLC%$Q>JCr|y;xPGEj&i& zyE!-(ZmXM)?hHNxMapVUX^iIAmY49Uo}s}fhaXGgB-1Elti)r+9l>f2wChh{%AU@i znC>KCR9&CJ)lKqWTm8)#(B0Vd0T$`RJ*J!AF-sQ6FnXBmLu+5w;+c+j2?Ft*A=a!j zYtQgY@fOP(_wg1LOAo6zcPqF~SQITmc)ewZX@<?-csb7x<H`nSxD;V8f?c$kA80UL zBxk+43+sol)+Xw-J)g$gUg(x5jASh_yG3PmcuAy}h)8=-b3_Y!-J@nS9d~6{9H_QR za?phKv8y$kh(Z+8l?bE+8*K<aLX4i?tZx)D&D9JIkmS`V;b8#?ps%apR-7%Pr&jl2 zcis*)y#;xhFhwgv8>Fd1d${V0RF;<d`5tsG<}#XViy<(R-w7(bf~F>ff1nUvh<ilt z$VgG=lS@oK3j6t*Fz?HrLCFHJFs?})#0fvYXUiC<jW~=gu*we?@(j@`?qjE<TLspn zY7|>IC}OI7R;tQr^_-fOsTgA;YVAl*mbw)-ZVOBrWoq$CC~q(3jFxRDh@xQg%4^=A zRezkD!01r9sd5yMiXoPJ8aqGPz!*(YwSL?nk<Fo`*w-E`<BhoBCWh_EmznlGS{u-a zrK1{rFSkiD^Bl0<Z;Y^yuE3vqXQbf1KHWzYKWaNq9Hm(w2DAkIbCs~P=@|5uKFW66 z>&zo7d<=ZE<b(`<rluUVm+KZ&`~V>E4_c>`My=XE1AlPYYEDLHC#!Oo&EoEyaj^Ox zjoTZ3Yh9_vEac708vJU0YOWwXpEtlVVWCJ%)zX6h>4D|3{)l?JQl$J|YK=%1H{YbY z2&Q`5=DIK691VRr#YZnzGm$5)B@I%5Cnp7qk=<)P0nVWS29HRPgcOkH9ol7Jocqg^ z#k)+nV@0Se=Py~HxqVWziNFykRD}@5-TS>Al!-`&)=HadoQR@K<V$y_BRgn_8Mo~) zOS@GD$zt?UDb*OwaW#c;&W#N9G4YY+g{3{A=*c+X&P@-}jvm4#^c__qoR<lMa{~-w z3CXT`gYcy->}A18aay`|!k*`9EwXQIDrinnT3YCzRy@Xam*z!r!^REOPvV~|7;~*F zFJ*OY0wXKT<tj7lf??ffrcTQ1F4QKUU+HBJysnzDWSM#j;~Z{?%M?u2Uj;4rbX~@H zx>-c(1)yd($oV~_4yVcakqr_qS=+f<{ehw9w5y$A6g^*Vk^l5XiU^W?U%|eY6G+wH z64DdiqR-)aoyJf2xu24~-P{e;M!T;<Ue~d$KMD_zYx~bYVcmd+uW^(qwc>uVYyt<; zSPp+U@#+^e@`HsK{lBGt+QMxfXuwy_JjzJRm+la(@tsA@%j~{Fk^C<9L&%9*K!vJG zBjE`WkNCq3CeFVpiRugqQ`NjtGwP%q?1#pm(WoLe26{@o7TE)yFv1nyo;}cIG~#OO z;l2e0Zw~o8;aEwEo*TFO+wqXeSQe;4RH@<GvA}V@R#;dBrA%k*QGZBVBCer(4&}MJ zL(jzJhtCoiPJbyy(8cPNovoKkUhm3_Te2@b;6M)>e<HBeM8Em0LZ@)fO_+b)$uE32 zG9H9V#nQ?4U7#~8S%Hl}0u%*!lqC0Ge|9V!q^-9n9NG3N@Xea(ugj#y%`c=zMx~>R zPtrcU<cgLh0@Cj5kPKy&^AVY)+vA301)=%N_lzwdgEz4b7>u7^TYl&bw|AF6?c8XY zLJF5MiAs<4)*iHZWJQx-U%VXB5KD`B*%EPfz5MWkFa8^6ba;ZKqm|AInb~GG*J;>` zCv`_FP5MkUxBJHuN1s8@cp~~*Q|65KnBP^FEak|Wng`wu6~^Nq^|4jqZ+gJzNNCP2 zE{RY!M!Y9ZzwBE)|7z5Xr&ExJu+C25mK$%m^?wonfxvm&d!D;&HK})Lrz_r2(J`b7 z>&?FJV?RIcm1)SO<-0DZ67#!5f5$^o6;0G#(ZFidwzKm|33VRS{4p9PhY67mYo%G6 zXm4MQ`Is=0;^O|5m|yg8kHR+;AzJaH@<ns`Oy89F(TZ59Gy$}Oma|Yk+TJa+j3<(~ zG(N^ppoS&v#TIXbZxf+S%<-X@LFW$SBV}02rq*WswdTYX{02K(1T(rKD<6o?L`Z4E zA{9tBO%9H*8JI=fg))@VT2^0=FCF^-Bw@eSuWyH@=+%livsa$5oM8~>l)>@=#eczx zb-PyTHh}c>qmpMj0@7vEH=DH2-G=ZzacvUr_Z(e<*jmc;4G79wuQp3PIyX%fgU7*s z<N0g#WTu?1P>i4CTMM9Bz22D_acw$6sZ0rjrJ3*tBALR_?28)j0RkDE9qrgm)Fdo3 zj0^YoUuQHq4RpBPCQwSL_)USCSab(RDi~T`rB^PjeW;q$WAqNNeS_;D9D1FvRbot{ zzo2c{d*y_mkU@%>Y>3L9=qTnHn&?3Ld(>tqhepw?!I_oro=Q6W7jN+E2ewo+i1V^7 zg(?9$IL4mCBC;*Ni=p~~9UkB@(`^3_OvKp1PTgk|f>J%@LAD&_49q9*=F4%+7gv(B zlksbZ7~f!W2+BSZJL9dd@?<RiXst76X6BRL+z!2zk>g~|COws|6OWpxmBw&Gq4&G$ z-gnyAmOmd>#BRwl^OAn19nb9WMOl1r4Eavl@bvtp!c@|cBytJY!vn~eq0K|Pg8n@F zsU!JIzC)f3d;&goT}Ca@kD0#K`rEzL`vj?H7^$tV+a?qBNid=EK)S?WZ*E9M*tsOr z9~daBXmz%8CZTi0QK-MxV#T9ru^oFKi#Q;o<Bgm{^Ad*ncS@LbwGosw9+3E2$~p2z z1Hii#ZLr;w>T<TtwUF}Vm|AI%En(JBe~$R@2Wsbvy04yG;TaUPewbf3`I|m`@KAS< zW**4KO1nZ1QDb^#iSniUkwQ`9P>Y2cel`(HDi&h4Ra!DfnHu2Ymqx;YRoF8W+}0V{ zLVrf+<MY11f(h;du0+hD4|aL`mwkh{(v)##hV0U8E`IGVXyayoG)&%Iw?4DQRpCxD zS%-Y%TxK$|qWG`t-#h?BpIxvzQdz9icW%(c1}}-qWidZ%hhjvqP>TEa)|y(f84yYx z((GjK2*&D02#6w)=y{b=pE<iMT5nM*DADRCHos_VaHx-rp*k*qHGrS+%T$~1{lHb5 z@*}UG1m@w;bHp%DJdJ;_JtNrn!s$hCcxGfm+^dl<Kb!Fu{4YJ+$|Qh(hqMh-%t5G- zH)avaa12ywvLa;pE7h5*3&%K0fhmSG$<&xbGR7TkXCi=F6`c>#dR}3!nqG9H7~jz~ z?5;&R&*vH;{~`T5n0sV%-E-)tJvdtObm5ch$#n99?^mTge&~2k?#8U}ir9pc`bS5S z2-Pt#Qw2880~1v)4Sqd>LeBcUN?#X7lT)IFi}w9Wc#D|1YZ{@fp%=NMh-c{%r$4`l zL?3>FN3=*NhL@GxW9Sd5&S}ee`cw`&z5>XPq_YPKcQ*`eN8C9Ya<baUzz$e%X;1JF z_8dFq{P78C6+OrE+yC_fm@U^6wldE(q~hN(hbFY^sxvg{C8eFH@*%0yMiehm4clzJ zwt80KX)^<&?DfAWdkaJvW_3s)*N(G*$=Usp(B^|_Ii}o3qNP$2{)3XCYAA++Jv}@$ zp)y9E$SmeK*2}=LFHXPyHRx3Bnp7*==C>n^Js~jQRY!*(hs_=7CufQv$SOn&i7WVm z*|dUwqjIUu!_cm-jXEcwH(X<`&`RuZ#p8uGynP$bx5H%U9sLhBwj!?pFFYN!t@Nui z#m8Hn&abfw7M3)}Gyw4SxkJ)#<HGwUuE|K}(06a#aPYbQv9mf-L8W5xGoWrtBig5y zK|n4A07J8_)5g^R3Myv2-jeiS(a+3JxHqC8ZynlsWD#428wSij+G;gR1mr|bS^ed% z3|@p%29b-VDG@ow0;ZdT^}enOGe~{>K;6b<_8uC<eTziyFeC1HzM&Z34Yj&<D!B(| z%I4JA282^a=vM*=wM6IbDkS3N?~C)8u$QP*0BKUs=wF>7EBvMoud!(cQQ$IpYhVv% z6Uq%=sYA!M8Y6v^<qWVDP{Yzic1oHlHk4#H;DeNtX80Is#-LBSzO?AsEyw^x)L=Eh zOgk!5vPDeE6k**;u3!3W4ibLp1Hfc8HAnc>wNVrd{9O1brr`UFpzJ1p@s{V-*Rc^) zI0xEQJ4~N4T>f+pB-dLK5}7JUtgc}Kqm8d+c-`fAHkRL4K)gP@t7+p*=iB8ozLFC- zS}B3QvV5Dsp;I%(y*U^!9B3-pABAsekvXdGq0`b*O%1QC_vT|MHuxHWGJr@FOE17# z@cFy!9k@BO4$8g}JNjzi=3S~ag~`cnb=og{Y2IUSpru%jid~VsRIT_@`{=bm$*c%a zUt^7%kD(`2GLbJ%jNB6Hp6O-D^#!t+r9bNC48^blUs?pJ>k)x(EP`y8(W|lafw0D^ z(hZ}*Ag~Bs)!N1a#fP*`&>TH~?_l6;iW^wk<3^bEfHz{9l5TkGMT~Dg*S|1S;3Ly+ zlIdwxWwVU*cq0%_4_h#l>#UM?Ej`|OhN^<X7iVnzh!C0+oD}9aVjqe*Dw2hq1n}v? z@}ip3@z)kd($6hAn3^QhHQ6i_-P5*_?eV>?9|dZ+S);*ZBG+8e|1|J(9HyuQi8sIg z@5ocZ@{8p$#lP5X*4Hen!v$h@rC8U?ZCFc*Wthio-o9ehgA@WUeN=h`kAUN@z1LyI zaCXp&mKc!1rc>0(Fv;~2Z{x>TJ&89h9`<maW?X7*XdNvqs1$hXd$x|PabC+<<f%e1 zu$Q$%4Zz1jmRS;rAIyUg{8E`NH=d8idUqH<*4uxQON^s(Hl=JTVV1kEL5Rl%pMfYv z3;NQV<y&i=@i#*wsX2&;<?h;J`tK2q#V#ILECUnz!l?y*CxD0esbk6X34|f|l(lju z_IKe4h*`}3@3v)wtyL)*`1H+o2OoNMt|)G-bMPX$Z+dD_0>sUP21i-sIFE&k9ZyjL z@v&vCVio2Q@Zh(f$EZxk+bDfPE%@2NX`mo_x%+f`)bN^5D=+P6>!mu*y{1<;wZeS6 z?)jp_qxhUpsNh=1oDwZtwUDla8mcGtXb)XmH1#J9(YJ3JewX{RZAHD5ex(@IRuLg` zfS@xC78WL`F_Y8`#Y6sXD+hEm=R#2w($B`5@%SIj{><~8M43W1zKrOdAFnW1YbkBl z#RQ7LdK(F!)AUiPCI?vLW)-ab!4Y{Zw2TrKU+q|ioc3<A2FiQZt~KK~Gv;g!hL0pT z?uXj`x-58W)^qI~uDR|2W54#P048}*HRjiTVOCbh@hXA>gFyMjhDcu&gO0l<PO~U| zYu&|LFvt1!k&j{3L<47>f_<OAI#lBQEBo|GWSl4q6g#~2i#Jr{VYW2K;gAY6g+!w5 zjbkBTa5QD0{XG8O+EA`<r2+C5P2KdF6gLjf62+oFadhB_QO%Kig!EJ8oBSD%>_1^H zP|{C3HD%?j%GdMM+2O?8GiLAX@i7Scq_l#IDxCj|mm@kHc1S%HvtysaVoP#Hl9^+j zslt4>j1-~-)o2Gk08>2&ah6sj7w)%iWF{i8?j*HpjhF>&c$ONg)c!bfgj^w!6E+YV zG%&u5^*Kr!LtkGt;|{M}EKezxUoax7JmV%ua8puVrFLk$9Kja5SN5x%8TX(}S~Jag z&Zazk^g;QXa05kX8g>Nio&fZXQU82U&OgdWSf;M7NLWB*vQ<mfu9j07A9?PfGG1L{ zPn{NWSLV@~eq%ZH@fj;Wn?^2^G=hkdkISNNHUN$(A(d`%mQZp1*7EcMo+<1!A|(Cl zMi=Y5YQIwLcjr&UD6_w2hQ9>y)N;lhAsmvBHA1oPu_$6*!=H>+$UqtF%^Ci=(9LFI zVzOBCp+wn0ghQ&ea-g=AO2=RhmEwQH9lC0khAs$;TK17%X6}~7SK?2}FH?V^d<it@ zU&DRjY)fCKZP{!4F>mq_>x%mx;>ga%7jNQQBmgB-qQ~l!J`S1ctoAb9ZHfNQXc?Xw zk`m;Uf#cnliFQo3%hwI)!SGWRWS~OhQvW+To{}G1gq`~Q2_{}iz_MSoS<6&eaMA{= z(tGCN^&y+5{d@q5|Dz|zV%|a2$YxBv;T>B;6<8eAgW?wRWo2_Vg7RA<;Xj{<D3ofl zDN=<>94y_0lpNi|mtutRN^a#a(LI;5U7Ak^4Et`nkI(kmW1ICFX(J9C?`CfT$OqGR z>N9s{4xr&5L|^5}#1&a`Fl1o;YxfXJVp%73QN(3Nem9(3V^8QseODy)avq8Js!Ppb zlM%=q@7uAE=RUu*fIDq6*|K41$`O5wUf|em%@N&96{?|=u4b2kXgU!x{zkbA2i6<@ zC?Fa=S2`Vma484)Tl|iSX1ol{7<fsmRTy|Gocv@_@n|vMe*U;5F~Z_vHwnO+iF#Y{ zXyf+Rd+O90mEZadeUC%)XGRSKTzRawX$M(cTSVCU-`zF-+)z~}NhN0Y3l@BV%VKL` z`89rZWL4^ozzgAOMN78~!=?A&cp~82vn4<1$;6(+{8^YjE+LO7K3pXUnmnx-pDs4| zd`O$D4WMwFSI_n|Pne6}Nc22zmH5GRiUhbBXlIW^c6PdH3P566KSM|c{Ix5)w%o&( z4)O37pQrNHN0Se<;g0$e8zK!(etm!Ke=Fs**j6U?Dgdwns02z2Nhsorgptx1i=KNl zH=XL*s!;Pvy&vp0NrBB@&aZ5dkmp7>y<d&_Yg;I!VJnv5NWyK1I@Od=O+n{sX2H8O zHg0tv*&Z)xi|Yo$Ry@DcvJJ>sf4}v>B!8)mwI=LH<XkZh1E&5xk57gho#7)C|Bi93 z>t~rYm#<d|AEXbh-P1H4zbO&oNg)<zT>sjPJArd^Hf(8=zY!v_j4GEV9K@*;KC+es zURL3grLJn87Ok&tI$u#~yNN4pcV4!m1l(D&nqGm7`Ud7vD57#s%Ab2DN9p3Z#qBkK z!Ce)_T@&2YObAe|K`T2i(3FHl;^O_rjMS2)m0S|O)2iPoSM+y{N_=UE4wviL7h>Uy z;#P_scz-}#za@K%vd9)=z+m|(g}dlkBgcOXaCT!SzQ{=NT<Y)Ks7fTWqlru2{5#56 zLf|M52!RZAz`w_nc1w%{8*G5bA?0a{MAJ7lTVUpgYdu91CU~g`o*9}ND%knebqTWk z7}0t~Og4)FyRDAJa!GiB+?@Sl$NAvLfh8#(wCpz%`XgL%laxM7tj_HnXWH+#;dZJK zLX<UMgB4DcN4xT32LAd_zf0Mgo9rBBISus#mt+tHO+{AFIqz>Mx+y?FL`DV<A|h)s zUxIPVh;T8JrUNix-#2jpPfxwIfa~x3ItXP-4$98w;w7zrwuk$UB~Fa|9DM0#5su~U z^V%YXJhMP*rW1mXv8-qccLdU(7_~Qml^|N`L)5j(Mm0!&v=vuO2eXYF%{RLO?|3pk zm<5!o^EPcz`2P7p9c%fZDz^R%!wbh?;Vinb3s2>Fmw^#N;Z|fSX*D_=Vls#(ogY3X zSf8~qtO@ldb(#4TDo2E{2^$$G%QF6;;2>*h#1MU7`C+wN4hvE<gy*T!@sTY9ar>xy zY-Xth)~h<rFG?(xxE22bnLp~q&RP7>zB6gs)Li26A-;k(&ln;98+s4OQU$)C&~65r z^0l&tGbeM#<766jrSyU62zk)l7H;@f<9GYZoEBFU9{DW|K4~?L!>Ud;LXAIRnlL@s zq99fESeu9u*e}diELwAux>IGFJAxu((+vM?*$o$vrqu)LfY=#TI};}OkpI==%7;P0 zaVE-i^ZeeFH|^$fi)gEnQ9g)`Pi3<|yctEv^BP?Ys6kuDg6_y@jN5&sB*m(~2b)g! zb%_YnY1ABhn4N<HbVXDUzvi_2Dpz-ydk*a5PgX|0^j4nJ0N|^lC9wb?{xZsLbVeVm zQQ3!_+b9A>QW9&_B;$j@+c%>?050Aqthj)^FREGvYA@z!I?D2V?wGL0N*yC1kr<jc zt@v^;J-|${%-4Yk9^<M`7S%di*t3lUhBGpKfX*%f0o%ySXt1V|VDyBkzx<6fHdpZY zxR8F?tZPyh`-e>MrAJ)cUm92C_p#_VU#%*rKfY=NUUgD#u8uJnrbMo!om0VQOmt9W zRs_N~s%mGrmz$5IS?H~@zLl$Z%Qsz>jtAzg6_2~!)Mj5;?z_%sKx@KrlH9QVH$SyX zsRHwph3rpR0_jGwj_}xgZL@*$O4$@{(SKvGqqpqZc~LN~>G%*+bF=$f3v^0g6zV3F zj)i-ZxFGRqIfl_R4s;`S%&=f^M9-;bH#fIFU(ln%&#eAj3xvCry;)ny$J1%w`;lWx z-3;pcb#Y_FRzByhc9ssfG8SeSilTWj1C0{D@_RqCSso&1V)jS<c8mx=3*SQtipzPH zh#{@30c7lbD@#v8XsD;F5@1)$;w8uX_L3-88Y9cy0x5j?uZyVG2|p|_QRlk|LNk7K zSo%S>^G@3*r7wLkIEH@F2x*grvVnFPGNtOeV7QyuoNwxsK9A3sD#}Cy)?%*OgcC-a zwesV`bMVZ^t5#i;hHrnYv0i$_qGuquseXw?#|!$x104E$sxB{Ka`}#Nm^q%~K;RzH z1mHVmCYtFnefo|_5Elp;wdOJtxXx@oEH;=PO!#UEV=s`$G=4h15<4NUT-X%KSFSt9 zU+uu%yl!bu#!NG~dKkMv>3n|fm643a#yEG{V&$s7*~HljJ$OtP_b0{JG)aYEV?b9x z5*A0<b&QS?)FUw%0*5pJI{Xq=uv4|d2vsn{uW4#$nG(#mJv%II9~d{z|1@AjpU%_) zoOc1JZ+EJ})TXeBT0n#L4Y`812T0Ig^fJSk7-!^U1ozLkJBf69KBLdZSn=-0)$8H+ z!G}`WdKiCa2!8HGy+EV7x2<|H38J_~M2evlJchi-?1249`2jP37;;9^bXqVIoMsA| ze@*yPE1-kk@u2OK?||r>h>@X$n8zJ2CL|`JO=y5J0OmXhIQwX?ON05GR;m8UmJfSO zIL)V!D(K9&htoV!`X3@JD*=z;0V|zh(=4GFaobxn48MUdf0x81@U)HnO4xZNys%R^ z3_m@?l5foZZmmky4YXBTU@aw1x16<n+^oV2t54a?zt=kKn|f9XY+nKo1rr#xdwc2F zDs10%IN|CPQgh9J?wUO_bwL#L3WQ0}p-FMb1tN4(c6mLbVCMgUX}139YNWzTi6V5? z?3Dz*owj>)6eSn5^f5xH46kaHu{Rt}y~+qQ!`)j%=+igh1;E}MRSs$D=9VSWGqN8` z=jBVH3BR^BY)2NbxxBG0-y-i5_zXvp@^E7I#TCB#jg<C{iSN_x=`A2p8~l$_$EJbf z&BK6lvf?H&YITijj%z>AML>iT3fRKe_xmy8^?5(vQvrqUd4V|)^2PY=Bz@k+`@@fC zTdoP2oMs@jm&hi3MNEFSt)cF7b~Rgu6exl%?!a9NN#eV$^vFGDCn!I*y&!1_SfRKw zLm@K<P>M>>BY@LmGHw9unA)OF18gfnmkgMB{vqxA!`|y(uuczu@x9M!D|)8&lTi{V zEa!evcwyNysmk)#uZK|fh2(FU%0Be;7P-5r(QJyJf~H$yLqjxYg+3S0SX)eU=@!YO zuk2hcNf(jlI7RK*3?G!g`dWiy=qZrnKMo@B#}$WWGN#3-chCu><g^Zd+^V%68r-(l zs)%3F%zIR#t#-X|22$61z4>%zfHs}F>F4mN`6K^j{Wpd0{HSX*yvb~j1|1dOTc$~T zJI@*^U;|76yJa2Ul4r|N#0jNP|9X*>e}g6(?gFE5u!5y?5c20;RsH1`CX;wC?N)JS zfx;mR0)%2~qmFpa@bI9GzdbAa8XDQs#*d#AR6gCcNHRIOI;voDiY8Hq$Gmq_D0!v| zO?!wlzHOOI9Mxq|sHDvSdm~{`ejfn5KKs&<eJ2%}m)^Cj`h5f#y^)!3P*|L&__#kk zwtc8}_r;IF9SEBMHWS7NdLaWQV6ZA=(#IpGIr^NW)1LSEt_Eosd(eI*R&lg~lKi-W zIyMwxu#v{{fBHTR4)H&k7EX#A5u3xAJ%8{ICk-8G<(3GXU1;Ur-w$<vqJ8>ThQu6j z@(RA_1HoYyAA5kngZpm~i)I%H3(TanF)S-_d1v)oiOyuSjk4NQvNC^lo@4f;KYR(Z zCbJYXO&hR`<<I}>(_t@X_%D;E7l~y#Dyxi-VqzhyYAn$e#G{mcTjhHbiEfNs%@B&E z5RKs+N7E$timpX&(qfJB$`1Lt$rOZSQNd$i7>xeEe?Q>WY&1F*&}Ff!*{R_H%_&8f z*AoAe$zxvDX=WqoKY{+3tc}WY!?RyCHl07DYiB%XMzpI3O(sjNQx(NQvo5@q0h4tp zji37SHAcMCqJ$M(16|<|_in{<66qzO^yP$-mYhv$2zd;pmK&0~m0r^h@xJ$;VCL8# z#1bEI<$;?5s%`d;1K5LVOVZ@^9wE2Ie(eF2jBeSnBr*ZoXCl{QM+99dT9J`YDXP7g z*oNN-hhq}N9G@!8l4LQ>he!C}W{2O7h7D&ow|v+w`;34RtK3J)F!Ke|QOtK6;Kx*v z2=-}<bhz+Nx8d#np9)Qnk9(147Lo(|vf2(`OCFo|h!`oqy#4mk8rDnymtQn`GI2T> zL6)5T<ru7g4-1oc(F&^TYNPXR>Vbzn)@&N`8=<ITsd(v<GepV6cJ+SPk0Z(aEpVj- zRohV*(zKVf!M92g%aB~ip9Q35C7Hv8chQ|60C}+CNp8I1|L4Z?){?-g9f-qv-Dz|* z{YD^(<L&qB%Ku<N<C*_rK}5qFGII;SI<)&g?w?2vIT)2*x8s~(KFTo8pKtriR^ri2 zBQi}8Alq>a?2ubbWC57&(d!|hRqoude-jYui{34;O8=;YX`8RK_U>OtKxh)c4Ue7d z{qAKEw##2Ob|k<Ir+px+F7%X({HY%)6ubz0elZiu%Y{<Fi5P+eN{wRCWfCj|fYPc* z)8%DQ#$ujf5U}hOJ?TIP101V!0&PTqN7YvU<sS#VS4d+9n#W#Si@|$#uL#s=A&<F= zDx7TK6Ov`IjkH6wh?MDSGtqKl=)y!_oiN=$jPZXMd+VqwyKa3LHe01-gCH&4DUE=1 zcS)y&l!%0+Al=>F-61Uvf*{=>ND4}W2!h|beV_L|XZ*hN{mwUre>k2oeD1a8n)8}< z&AHK3R}2f(9=_uaYi_gpR_$}l!!!_UYk;$`@&*(YG^G(&B#k7wmX9#M8P-~g>rXRh z%Y5|NSjCg=di@7XAv|IE_1-C&Xx{S#Jx@9+fSDv1aBeR51diV`J*xXMLlXD|c(;#y zwKJ@2En0Du7F77JB@JlW|6PMhN}0$v@%pJ3qeBI_LqxVeGyF3M8VW)?_Hx{&oKTb7 z%xer<zLhVq6*G57v?hJM9M|G2r~$Gtr2t_D<`MVVu3fhOo@fN2R3CqjBy1KpX7mL} zMZVxE{-LJeJE6@AX_mBf67stjZA|szmrvOmBD2igafvCaI)GL%0jLOee`#h<L=#XE z$tT_lFXNWm|2#Ms+WtB%wFImErlevu#7tr>V)P?M@LO`E1KkD!^_wAORpsVWP6r+J zpO1z`%_1a+zvvS2v9MMDj*m^D0ak)Z?f3T2=MRT7XlY$?U(<v<E@(|M38m@^<nqiy zLSFSH^(h(aTXVj&hDS7kJE2zg|AJD}d;~~MBM2Io$qC%_zG{bu!tE$I%nr0MGdmWN zWH8g+{s!GqB<EueCIUI>ZR^%rqn~cECQ5zete$;5=@s=2isk5<y2_W<h1}qIR+0BF zqmEzCR!A4zzsFq!&V&Tuqg!e5No~?Rjju(UKdGuAlxFFkYm^L1@6@xw+88n$xg4*X zC4HplKsGE5qghjgWejG@&GA?~68T9V_Wnd0c|Mxu*o4A$&V)~smE>nOC?2!itHmtL zz#kr><Zhu=&(~CDcH#=BMzwq5gaF}!subACuh+l*e3A~}QNscocD(!{Mz`0OqJg9r znX&vnEWw<nV%xOi{|ZmdjgYi$R&&gZDv0L>hL=BC!eO(W%yoqdVMR0Od4C$P($v$_ zJJW2id(q5)T#lE01!uJ<8kPcQWddh4lv;E@A6k69oJWS)cOcXk#IC!H@}8)c)Kl4j zx4r5XpGBVoWBdM#JOgU3mLv#BCp<16YnAr>NO+T>xCq4&V0>pC_nQl)Y<@^@8w>+J z{_2xFK4u!DHH>U8vFkf>WXNCu{Oqb~t*9F9NjZt;_N60=v$h-z3Vmq+eEV^%s3tVO zNYtnPaQiCRZ+@lgi>%hg#YKO?mS;qPdQIz@jXJ?<$9|glvq~lbk6T{A2a@YwU*>2* zak7#t)lySpeuza)_rjxt75?G@r`(`(d>Ts8%f9)*r4`LK*YY1<%5VpqD{~Ez8B?dw zc7GU(<%dkQ!I_U_d^h}8{NSKAccui2MV(8B#rDPHZ@R?qn$5X!*@#~irbm}AQ9ly# znG6t$BA`<5L)}Y~t=|hIHRK+t_ZOWzE{8^F62`KL0Kcv#A1?A$5n>a@R}Bo$j)=!d zBO+Z${lhjIpFg}(*0oaoVfV~dJbLlS+GzFS-midl)ZH!UEbFaVY!85)N^z;l0-eT1 zO#+nzZ#Qf}WAqE~n?GNP(u*;IJy%$co%--)`W-)ZyqMXUyilw`ss?|BBEbV!7|1#N z`dW!*etBZrX$XA3QwI-50H88uI9H3Ag@9@|{}GYYFc^9&iKntuaY`$2sm!w+6ur4Y zj9<0AlSa5cbHiP`bfov5Rf3+ylpa9Ecgz*7cg>Ty$$GWslKr7uH=q(j>K5ALfhD?j zy7SrQsi>J4A!TEkuH?!Cw1;dNh-uCQZ2Grtez=t#iOSbIKgDxNUtkqxXC>yEN`9`i zD*mo#2!#_?{wK8@2%UfX)v!-V&$~DGX9yZcwt3U{rsvRMdfv~*8O)?MIK!vV9KHC- zIGKS|D3FVB*Mtr<+m%@j-qk2@T>Jw|%9Y`P>Hb{}iPumpX~_Hp)W@7{HTC8M2@Nk1 zuiu;PejhCXBq*P()rH-?J?W>!(#}(wQTUp+P-I8C)X6f+3j=*fDZ}WNH&<UH?eFjL zyZz?pT-%?)2J!!7Ey0781$e_nRgPNU0_)g`J!RLiDF*8{=xS0R{{Z+?)xle<od>1| zH$I;7@z>Wq1*xXR5A#nlux?y_$8DxXOyj7hFP~207h*Evnca@lF{CDcIoEs1ANoQg zFOd&Qcvn02@}5oA={;O{a5BMR7G{a9Cs)Y=Df27(>6pE*=9&@IbIwgTb@xpFGAILl zWPapYby_u?K&SHZR=H37+G{sAk%1ZwR8Zh5K$%56gSP_y0BXkg2Q6A}Cb3c;nYD$H zx0=hbjh<sKl$&zkP<bbe9+%zK*>FgK(r@%0+uAjGJ%Uf$`Fr*kJOM6Ff{3>3J6O~Q z4#<3ShX+tZ<ZysgA%f%wD)D()g9aI`))h#0w}}a(7XPB1iRfp;E9lk^-0pzji4UKv z)emVfm?WoO9@1(@3J{-Q2Yk!R0|5K5g(Rxm%4;As`!0n;g*97Q>P(8CZ~s<ok_*{t ztzb|?KC=Mpdo{;8&|OEbpC$DrZ1SRSn#xBHic1YbNbnSU4>#LFfaCq6zc@odlwiT> z^>Z-CFjhH)Rrrh{Lu=(hC_Z%=iH%jF2mM+VbRdsIf$f;=jb73pimV_*i%<YUx?OZV z`)yCi{Th$%tON_>hv&sew6olPk=LJr-A8A2%qC=@ZS-rtm$XS3E@f<Ch&YEI+};@6 zG5fPWX8wtI9F=T8vF6rv+nFCgHEEP)_MKJ_N(K_c^kNt3ua{@{%082udzF%Sj1BIQ zSz+c|`-i#L+8B`Z?n+24OLUPPhJg&58u0}mtVo}=!9xa>0Y^?Q=nbu-00xZm$c4aG zJkMabwvrCvLzS_>_3tVm%a^;u_zr}{(h(!IJAD>PLwZdn1fL#F!e7LB=cBnZ1l+(0 z?D+G{7HO1l?m>1~G#&b#JwhcY6gY3w9;=FA!$v5+)43TKT689@$9?UEy=T;qeJ*cu z;Va!b=Z|jf@5}rJpF7Mtf0Qxs9L_INVbz}jaDgUA?BVp)zqtTXz<o5%Gj)$_3fQ9z zurK<3^xn$_jKC}0tjWC~(U&ic74<p?D^D)|1>db&ceM|6U?5WHcKfNzU8;vOBHid{ zx6U$Z13*(Ja+s7TvjaL8>CKR=9(GD60+d7MD&=t_RNvt~j`gKRYyJwsCAEHpMN1se zEan&WY=1RN2xwN6)m{ZIyYX9Jp~wLW!>|DUjvhR<d`Ty5Eta`Wc#?xil|!`G<>kjh z8Y-!X9EVWua-*Tb^Sa0X8o_WXJqJxR7UES*Kwta*TVA*K8DKb>7GH+>g7zwRSWW%6 zMBjh%zk|Nw4~8o|sa0^-Z3sIJUGAWhz`@(OVnC-E=L4s?dht|&VgnGEa};{juMin= zdr@70$X(J*UHtaLH{69&3x&#mC1AAYwYYP5g!Lv*?vBl)F0c!?EKi-oYNW?GdX#Z! zkY(5b3Yf}FJ@JFU8;{CE&Z!InZx2MW(_Vrv*D83W-3Bhz@71V|UNss(b7Fiup`1|W zI<xf+-kr1vi7`b+M@x&hfTL{m=$(eVA@1exU-gR*b(+^pG`3#;lMos37ti+gtf+{Z z(S}agABSvPkEM&Ty~H7wHi$BKiZ5sb8Jo{yMqH4h325|`0199o;iOGmV0`s6{b{yz z{c<XGHh+ZUCL|Gm7wj?=AP?Ao$;0{sRO|!ewOR&Jq18iR*pQCHeoMqTyJmoKM)8OK zBf#%<m0w`d^n|l`mx5wEe@#yE1)RHCk~@O1-LJRINC)y`0gZPq+h<X~|JR6!9v;^5 zMxSr>vnRj}%e}5sqcF#F?1N5W{u9AvJ9uomJzIPLbXOXLzXsQp&7csLVE^>aox0-g zP>Y)eb`Dx@xF3pDRo>{)*5&C1b?|OHrG@yvMh#9pS1CnZ)S<z}G99_eXzl2i{#W=X zdy-D(A#%MToQo5sdh>0N&X$h$^sLB=Rtbc?+D!8&5RFo$^&SowW)T0AAC>d*@pnp` zBnX5qaCW#nsJf1Gi)ZsHAcH#M0ot;7hz~q?_rT3g?am-Mg9b(Y#hs#nAc~{!TTht| zh8Bf)dJ0rB>sqvgV&Bx}2bYqHRH(p`bf`gS+8?F6a#k9kTnH-h#aKHwwf2yY{klhB z=3PbSczUZbeVT%C{9^xrW@B`)oJ^fQ^3Xv|=fg*|`BTVsY-SEf?!ER(DXA@G0-8e! zX^v}s)uIn^<Q2OrTSy;10uQY@uIpdaR?D_B(!c0jZZ=o%HADyp<1T*7Sc7Zp@yYZ2 zh18wwzcM)=O!*Oj;z>?y165ul<YF5p%@TSS;G4tw%YUQl`f~IpF99_QJ}I;QkUd@^ z9Zs}MdXo|8$u7w15o?zm`r#VJKy{$tzG{Ww=I08i0tk~r*-rB8eW|mO*hXd+S}q#o zmRg$kGUURZ_K80KLFpG-K9-Mp{cfjtO+ZLH%s@4OpqqoTHl7SD4F&7J)tsqm&Az)Z zEa4sV^C&J}q4kuCzXkkP_M{qw3Y5tAaBH?9ph5AgXD|fk8P|HP27Z<o8TT>_fbtL5 zFhFvFGWQBV+<vM#R&6N8m}-i)-24;%4-rmcy4J3nB?ZioPtsfu)UcGK*u$$<y+Qyq zeH~qL8_rB3eP`h$0$fJM=XpmS_<Kl$9F>#;?I@tw`O~q0buXUj$l||vVGMSGM=x+4 zsr+IfW9LT*h0oprXk*BY7f1tQ5I+;>(JXhMp(XkEnHBFID&UyY;W|F_TV3r;Y4B2s znfdt-04s3MmYc#12P%8OGz5QeOHCwTaZ=h*YvI3v%sW;uxpiK_1Q4JJ+Z@|EqV;bK z{%9w16xm{xpK<~84Hs2CL?@P7o*}MyW(%A`!z@)oFcdx8fdck2uTj;oVe<kUP#H;* zXR)MOAD|g%vF=m)Rim=3cp0pa|2jI3ztS%VK}@s8TFzj^5}?85);<;L5B&s0kM}4T z9=X8mX||q25j0UvY<O~@NnD+GVi+J9i{@R{MpUr5P$QS4zF}Pm?9`amO`OY8#PgUA zk~uxO5E{0U?P7&rRykt0YM0@GMx5XahOoaGMmJ83d%H>eaR?4Me^bMw51~Bc8Uw7$ zKtcGxZVa+B8$D$dTs1fs-sRRX*`@=(9wq;K8ww{2Wm8Mi=@oPsYY<B}phQfxdr-2F zPb`Pgr_izh*MNp0EE4Y6@&OLN@^avP0dV*C)4vcMPZ_1`)Cxg#6kF0(tnU=sk>R>? zUxnx(keKuGn+KVId~^oiq<NFZ<bR~JOxRpw8S~BE8o6t0|Gp-UtH29Z`l?jft`&Im z>}xlS-SS(&rxPvZjZYY-PxcfSI^z(C25x-J+%_yupgTP;wX}c?KKnx;7;MBi`gLmc zBn$gew%KtVgs)IUjs04e#TULT=6i_lrfQYx0fN`u<fOd6&ishS56r}yPPg0d-3KKZ z$qlAEA#x~ioAWe(tm`q5+TMTgG4&tmtm%FJRQWRd0MMsHTs(cml7k94I*d`S(bqM! zp;UuO@zVoRWaXppBs4fee%{4Zc~yf3Lf*#%4vPN;&mRvSUs9korz3%Y#{qe^+5$Y( zKY6n#tQ)V{bqDcS^U>F2%9pdCL#FYTY6{7(KRqgUYrJrGDGxT_R$Yi3%J41~&9TyI zd-lD`Pu6>HrOprPV+3D#85ljq1pdCRnnDDh30Ri6R39cKVh#TJRt!dohm)OWM%v<f z9XnbwS*%zRL3Ji!!zCz^!wK_xW?do15LE=+r*)YC111!F=_uv=TBFrz-FoBu`)Q<o zpmgGizTsUi!Qd`1{6k?|xgJ8sm4@C!F5<<%quHk}*M$x<*w;l4)$OE;Y1!rg>>Qkb zct^5Bau8D*SEv5L2-+$OtCDc9_}cbOamfzn!(z78hE~F3>Teq}%9%JORLC88Yi;6( ztg^o{<$O1KQ=N5rp~LV8cY$ucYSBtUHTvgdRvzWbBWLA8mKi!2#JwZ^;tx$?8saWV zMx~M|`PvH0;PJ?~3)5ej42N}C>s3-DMcJ8R7p~;cVo^KzIutMobd!|wl!kMmwg0=X zSg2ZFs>)vu>Y~ij)2gSBQP6h%z!P~`(+=;lfhRhk`s@KBX4x(uSmBcL!0psCe-;z4 z@B@r&SKkDl$_3-h`)pD%xuyD9&Y+uu$~!h=d|-?(XqnB{2NP#6xctUta?S|i=geOp z4l<Sftz;+u3I>56(u|^%(>p#5Ta9NjIM%xYkILOL(3%*2g~UZO(&2L8B6l)JOs7rv zPXN;)RZ7?bUG*5>*JvyYUZlV*(VF7GP|F&alO4l<SEw&V;nq9ReEswF??#IUX427S zGhCk}VNrBljam7jX~pd?_anLv->wX{Q!0&v0hm*U197Dnf8kHNA8j?HQa&?7Dd%q+ z>h)2%%|9I|fi{mM6&M?Rms{XSY`r)c<PFr!)ifb*fTY>wg4Ry1t|#1ywfAhT65-~S z0!{InzHTzPDZmCL?&7w7(;GTkZ~{4!RqzXsiblbq3U0X`p``QNjqxb*&k=rTAkGs( z(7`g+dIO^Gr>As*_8+I~y6aQejlNb7NZ%9{1IkEJ!E;DE814~390OC@p`E|a;R2T) zT?zsw9H?iSdpP-ZKCUx&+x+ehE<fl^C)f$2Ws)THVSWx8tBfd&7v%uYVLn%r3~7^E z(aQ7l%dPX?7y%_S&+xCWyCXk;&VKrqjtsXZ8HxUl=f`6KT;G$2j6T#OV3<F%z72tf zMwkRn0oG12Z6kqGVEYbH0qB?Qx&sHRE~1=g?ymO^s%Xz_Z_E(5jBM31v2zJTiw+zH zQ-}u~*=WRuLLg)-?54`6oGGv$-4poqpr_o*{_KVJDu37uNxW6U30a9<EllMj4|{>( z$~&;$9lLIhmerL`rXbgnqC2q+C}{kF-~`Iu!{S)tz(6Rl<aoddFjaC^hVWC~AJoiv z5ZtnnMX?>%2tEbIDtfKP%;EOKlvHON0}OLGE7P(h!o?}N8p+#abWqQ-n~*mMeyE-% ze==8$f{4K8?rBxr%11@EPE6nbH55u0KFJMqkb6bw!PqF!!R2M7iY&<CRZuvd{WfNp z7$$)R<HDBzjC=(~xR)?$KgIRwyABNKv6#f?Uxdq5=+e#=2lG9;#ArIu^_eL+6>8wv znb#T}Z)q}hX77VAl#=xxwDrc1V^rq>{Tr?(K^NBtP&NtZ5Z0OC!g?<$hj)}AJ1qFz z`uE{^VUM1A_gvr4K03IOX}>-~IK{ag7nu)t$btOw#^=vr+kKy3n?Dr~sE>Y5Jp)|> zj?R&k48AwZbC^X{skXuzd><sh6nn2uMu#(o|DtyHkTUm?Abju7L-F1a>KAD>EXqf8 z;CE!db3ncrlNMu=9}>f==!4IdkQl<U6XSs?il(48kkyi&&OPe>?iV?p>k!J3*dLrJ z1C<eKe|6n~#x(>U)43T*v82M^{S~~F4jLG%BFf*k*Sfn3rcDDI`9%&PfA$^Ql&T9& zMDg;n<|D8PvlDC+s`Fn}9BSqoTIrw&G#?Rh|8H_*iONl0g98Znfwa`=`MQnbX|dt& zzz=!4{~|v-x#-^%IUmn|Mf8;tIT;uDtion2-37oM&6R!4UbqB^%4)feyb^ogunPey z-*Z8k`G~eE8Y!n`0JZ;<sjUJXsDP=bch&0|;s8_sPem?H6dHR642a7&jZ!O4?y_?E zaA@q(0PtQwgM9vRWxaG^fsQm}>uUP5jUM=*K?>EvjFd*YL6|Y8?Xb3JO~~oE(JIcP zd{mY5Niaeld@{d@<s4lRIOhvAT+}S2!F!(fAk5!Q77dJ=s@cD!{VmkNRrX+{%2-N~ z!oBm+z}NS-KOMm^IgQGLIXJO~R3*-uo(eN-?n{B7(S>&q{Ft?Ht%2_2mA16R<P=9< z?!b6HL&n<qyiI~GGw?+d@(QZhR>0HrEClFwW&zRewwyCO0l>O|w)ukl?hf0RflhZ} zH6~-a`i=31TQEE84-#J;p*(@KXT?igN_<J(0ULUsO|bUpT$;#QLYNFKDL`Sg8B866 z*8Dd*xd<&*Eb0Lpm1NsqwAHO4-CRFF^fSvDC}5(*U2A(s765-o-*w!*Dh5>=uV`a( zG#?4MA4{)@%O+F#`QUT<Z6+!8gW9#(w;=+$@f0STK%_Yjy%%WSBgbd`BsA6IkN$N2 z@g3E8lB*X=dZjH(4P7%fXuO;dTyxPWK_3IUrZ}_e-Df!9n)nI2!A8(Ep<mkkd(C$D zYjVzT=Vyc>8Cjtrh@Nz^(4zCVV0e2{izEWT;Km}DBqgAYE7~e_9H0a*`f71<B@F`9 zd!KLpx_^|JfL`1I!64506o*-erE@lJ#@fnY7SDb*P~@wZ5;i7ez+5Ue`V6*dK&^1h zwRje~DZS&jE0pKu!lWN@2f9}>H_obK(73H1J0i60ghQ1y1oJ#T9xCQ=YE8qCtIiw7 z(FbC>zv9+_4IuL(_2rxiPW2$IYHmS3GZLnM)A62S%Z(nO#IjtrOIsX3iK>Fp)-!3q zKzPY2?GB;D8ipTeNXitBO{p=+=#lC#ChIthnye4xTMOF}dGIoZ%XRGUiJFC3!$I&u zl#Ab(>wkDq4+4|>ugs-->;2;!C=<pCK__?zYuDjepu4T@j?RZHV4Hb6v-#hfAkh-& zeX`{Rz+`FrYEJ=1WAXrYI!h+q7R#*qLENZ<{L27?4Ut~-zS|>aH@(14g>Z8P>raoJ z&241`s?NEm2?ZZ+9Tr!|G=EQS*@x&FfLt=h<MiPYT=N5#Gb=Lv8$-TFfo@#TH39Oj zT0j9lk&SkN1o)<)9e0=_q(Mk`KQBh8oi^nG5)2?;r7Jp%=Q!4*@!#&dEHCpCm&WzY zg-$=v_zc|N)a(5hDi^;a2iMOI`8Yd0S<md%#5`epid3K`JZqwdmyFjws~2#x3l+*d zY*>eh2|#=p5J;ZQBM36C{P!H^)X2CTOn%$`$tK^DHd1Eai?s4G*=zD(6+inNDw0xX z#;zS@8ySRuN~HXhsX!P=_C>YQ8H*ZVPjlFgB2P2LW9+vt?d#$z4Jr4A(53l_18Yx- z1)sCDb9ue@DH{28)04)gC{W#U$w&!@d`*LNj`Pw-D7)iTJn$thbh1$r8pgx)n|U&p zle^;uO5Ma7*R%BWxQ>EAZ!)3)2diS)2mR@pamZ%q*RNwywMCOFM8jZj4Q3e~`)U73 zatN*f=sZT6IpJz%!^P=Ddr>_@bWxAYyP){=2UOm^&m$rM$@YLgrt`|=x62OaSQV-7 zvaWioF@?MdzTeXQEK02{WUx633P&6Eh%Bl6Y5)?kvz%SpnZSOMcZi;#8*f*Q><3f6 zPU{PJa2Gg|0OTxPa{H;$Crx%sq0Bof6w2S{eQbiGQ*mT|I!NTgjH|M%P7I?vQG(aU zRy_B1!nWk|Kgg&gFzC&*l$6k;%|jc-{#_r1e8Jy8)<L3Rr1bcB>g^lQhVKl;li+ev ziy23IVEvdJMA%)x&|+9jGsYj8VE?T~;rQ7#25(HB-_zk}VAPvo$)o&uMvo5c)|M+- zVYy7=8H-UTI@w}FR|TVy&pDv~9UW9Ms53lGx@{mf^mI2{E}<;Ztqf~rtut$6Z#_SV z&P?}Kt8$i09vMZK6WxcP#{)x6<QdN8<uP@Z@LRtCw9Z#jE*1W8XDMKv&qk$8fpscM zb~%~xNjD6=@pdi?<>m`2TcNAyK1;klnwr<P)@1y^nUF`&N&~QmEq(Nd_<N#GQVd>F zHE9HA6vu)Jki+#t>bBhfYrMX&?f)FF_f@F&@pn9)#Q#3OX-;gUnE<I>7@(EyAGD zLdRQS6m(dweWKyEkz`*oQ$wUowirn}^2~G~`t*aiT8F%pok2b6SJ&F$K~WanTKTO| zd@ee{_b($6{=x`OGs%4F0-w8dKx5Vh3T=SG&>a1NLk*3<bR|(RFnn~~n!B0D1tWNL zlew4N2Rg4Vbi(~Ed_Yl`S6~%y7e3RE+l`xTNh>VB;Qa6RqESvjJ^tF?A0cr1>f3kD zz7WL9XO1{J7x{vr6qFqmQpu>7^>^3mTsH_BY`_AR14D_+qjja;h_E={4me@{pplc; z*bH3o{HQBTtFzhpfH00$>0R5;18V&&s@<7N>LBdha5mxV_2YQ@6afoyqzNjiuz>km zGt*7}mlYR=(T&Uxsg=q!!A8NC491n%bP?o17nSL4dStUQFl^ec<8{>xmIz3c+%hJk zV_eqbFGZLLJ_h~ZYO_%mL4WYr4^Vq3blp|(Nu<sC!1P)rlnW&io<51|s=TKX+j=6Z zwFx#X$>Q)8QHS$s>2gP;l(qcOm<3BTL`oi=JYdW>3w{$#^394cl!)uD6FyVu(ld4n z_qqaPCIO!l?y!W?h+?-tlFR&OD=&;Oju?gUOd`mI-;-P15A7OxRvja3%(?mLn3ebX zHlVDL<m>vEXh*v*t|7+~nABj$%RRsozF(Je;C;36o&90W_0D++E^Xa#J=nJ?8A>YE zV*Q*7Sr`w*Kd<-ITp_DL&FtzcY+K`WCtI9l3u^Hv3BE;oZ5<_=C2j6_aAGgC%!Ldl z&nGjy9>^|1IO}?yBG%fVb#Hy3gC3%OFg?7P#bkOSB?FSacQZPHdYIJaGMEDs8^x*> z2Ke~;eJ3xg4(q5b^ECP09Uq=-eZ&`a&puBdUwX~qU?}jCg<(1fUP04ED6IX?jMor% z{(o2rnVP`%Un?O+--E3=>q`~7j<<8+3~HUkc~aqFi#%ny>c8q3^veQTV?hNP6oijW z1GEdUA-%=nMplRjiv>&v)g`7r;9<Z3UmxH}K$}1I5<lllU@_FSfx5%a0Re~G%|AVi zf9lq}d=VVhD!sCVYpGjmfZ;J>ncR+4b?ZLLe(BL2hp)<EY@~QfPJ*QH-^LGh9o1BD zQAK?@J?1GRlyhE3ccuuxMHDHMhF6g-UY0Tk#ab}WQGlPmLB@G=_C0JEf4J<+jmu5Z zaJ|nIfx+buw*uKL%q6}mu_l(($f(Gx)BxZz<cQO3;($Mi`ggR-LbO0ST895P^Hy4Q z{wsFnYyY^E^^g42($*Soy8v9Cl+-Izay-AVjL2xi2fGA%&U~;?`;`G$&!degM&IF$ z5c0ew)qVYN;7c_5HIZ~5nLJp<#pyJJ)Znm6c=+YRU>_rwmg)+Z%ugzb)&@&)X+ycL zXe9Hq8ZN@ju5a}pazsN<-uybcYc>#q=;FYQW3JribD)&_D!DfhQeZpxGDm7@EQIU{ zfsfHoT8bxlXuFx<8msy-Cx7#caromI!Z5&{iu6A9$kXg(e{Yd`CIuFb%*kpFpg@Z| zK??Cr;f;Jb5#(u$7!~P<RF;%;k9`9pT<`~yicM)EkVcQ*nDmD1var<=bK6Jed%n+A z_47jSZOZgq<8c?fcqEwT!=_QkKM+ZJlIY3G#gQLHV?qg3?K_4vz2o+>`zE^)b~X7b z=GtB62107NNz4AeTI%rvQ{ktQBhP-Bbd9Syf3QANHmADb7g3y^*GvRCF*iJ`<M+K| zg$wPgP61y0iF}{X!~sbVA&G!<rdE$O=GFGe#_7m?QwI<~O5I46bg&5`EjOhiZ$IM> zpGeeoY6`GKYw=+cZk%sC8i#arJaYY;_jst^%-1ef+V<#j|2*I{gKse@d{r4WZYRZf zn-SG>=VbjNv(5TT<HN8AOuo7r?aNgU?@%DifJDX-E|v5*++L)r0X%ZB5C{t-W`lQD zxyQ9P_+`@`vKv#$Z!&}s^Mv`!Kj-`>jnTgLxVgSXf#}-sn>UtpQ~~#^y>odOD6y!C z?H+_d_aTKvOqgdh70`*{)ikSn-TbUXy8Ehy^Rew}Pc?ZM@D)Zv%~AIsiR8TB!NG4> zi6fq^3~b?|zvuW->VPK43dC_94#LCAP^=+_M=1Q3<nHKlz${NV)F$sMK!Mo{x(p`S zKY6wF8?7&tY)R$o5hvc=qj$B#Zo*gCq(M*I4oijbM-rvqMrSdoHPm1?6oedrMDwp= zWBC1pK+O#f40Q!c;vB9}9{}6hE8uSqPYWJ-HqK0>9{2L_!ym^#-4ZnNDM(<yz+>jS zdrB}dK!`9I1mFjC`Aa6ud3nj2eF604+y5|I#EZf8mJ;p!NWg9!h;6S2Z%zf%(7kQ% z^JH^>>s(FQIRDrReU%@SW7){G*EAG1)44m__SDtkLaJqwRxSxnstjrY!PGoje*e&e zYayaO=$@21yCu|toI9*QZUim4Er0U&Y0Cl~t!Seh#d9F)UUG3rRR8%iKp9ifP7ifq zxSnE(W>qjo=BN1a#J;SfSIIU7vG{zwi?Dq1rP+8Lp)~r#Pr=P{Q;hktgS@OLF}pJ_ zaoCJn-;t$zVJe1{fzsM;tmvVfE$52`hc`dV{6XUSP3_M65yjq+rF79RFc9}2UgV!G zQUj?i+TzKB*Z*$^5nubf6deNw$w6$Hhu*H7eQ>q=Fsaw(fA!(2Ha`Yft!Fx!vsT)I zj?UJrqwf|c(3s%<JCguag;$@*Fa6~jTr1LmV3LZz$>*E)IV&j#{w;-Af&d+=4Wxts z;0Ps7F9Z0uo7I(;X*Hhn#VcVb9&wN0Y_dbdQmyNM_pLRgPr=Ccu;##2+gmD!41P;7 zX<;%z@E5+<^IQ!XmGobXF6jkWYVGwPd4V~^7ya%#Aag6@iznoX@;4$CwFX%VY9!7d z2TLe3a`4^*+MUA(%K{Cl-+5%aQx!t(9<#IQmqm$lA3Qhm2UT))T9}xcLbkpbe6f)E zBw6Zsvc|SK63>i8|KD7oo{y%G9dNA}Bu_=ig#75)S1H6wMPw6cL>wGQlr;aN*+Ga4 zK(&DTt%D-ueDqUuo$E5f#oRRNu;)ZHIdZVygyYZaRT(0o;)bk*DkkLIYu<^1ogC1B z0L!BlT(HNn<|~@z1kA7N)uXnv@4+kA*lT;)bHCqJKV;EGzH_?O&wW^nELmkx|5>6r z;@?~Vk<QRZk47GjO}t}D5DSK40Mq<$vYV0?LPubMQ~MJElvrx1@z~8poWvl6eS^P4 z;TpVpsVIMq7+N}em)MW0IRIp_Y~7#ao#jECT#O}C3&qJYYd68smqnV7+HZHrd``*U zy_~w|-11zILQtK*#&mPxbZ027jpNqmZ2mKc(?v4I(6b5_X>20j*-?^>o9mw`{1$Xc z6*__cI4Hr%lsubIsGI<(dmq*7&S^-6uJ3(OaODLh3)goW=EkUw@2pfPkguT{)YB&- zrR+ez01=#_(iW5unv?i!K>|pD?1@JD!4U+xDxzRX*v9R_@dZKe&ax;4ph8RHJk-TX zYZ{p7SW+z!6``H^|8O*XC0$G|ia@u>__DAi4>_*rfA4yt?$f)7j!p`=P}DX_7MM!v z|Hysvg1>ve>LWu<5U8SnYEBM=GA$@kX&l!%W<nvFJBqp&IMEbN%8%DLAZU?n#1*J< zx1pcfwU?IqZ@$D*Gh6UU3b;D<-Qlk=94J+Vmc)UDBkL3GLf__PK~h2D$LT2wO3@3{ zP^}*X0iUB(_QJulT-mV8@9P15uG$)11W_+EK5s9>GWh#kh67B3Mtnc(=;(*0m678S zpz8J<>%h##jr4{rQBXx@X|bQf&C&efT-BdFkQ}`wY1KkeK62>)JnZs!=7x`=|9u+x zhIYQ0G#<cQ4%2)M3-Et3#Dylnp$cUun59u(SZ<y669-`dn5&!fsIqb>B7Q0SCTu$K z9taE+=lQCOQ#IW}ssKd5^W8Dl;V)O4inmSaMSErEiR$3qpj;vT=!YcZiUg<}3oq+3 zL&iEUzP6YtGo<Pr;;{+snFM`*eR3-!G90KS2{w*k@V$?e1`9)6C^)62F+kFCHmQD< z$mMj)w%2h6QkyHS9;LV`j<0k_(xpjw?P_{)9?kwBmp{lE6I}V9T5gtf9D_e`1fy=z z{-Gayis-3negCKt21cxdq5+eFHF>bcL!EOD4~X&n)2O!j3HlA#Y2+y+yk^fk(_6s~ z7(CL}2QdEb^tPK)?|GmUxV%1IdQSoBjH~FYse^xc=_veqRu;nNCft&hYnh5K*BC(! z<zee&<qKE*r~AIX5cQX;JDfIz6Az6)49GKz>Z8*;>KH)9Hn`kiTg}Xf8j7XDO~3-_ zY%MZDy^j(EaCgw=|CM?k%XuS!JdJ-yy)aY&@@#C^CHX5)d58%xbaaCQS!)!_fj?M) zvZM!xKG{5h>!x=$Rqa18nHplS|E;3inZe;7+*w}ay~`NiH<f$$01wc+e%A6yj%KW3 zO+;w+D1j5a!h55=?*t67nN)yz8UZRXWIO~?fPcq9>t~^_oU^djKNQb{KlXe2O9JMn zyoUDpe3{4yzQLk2DT}>tFc5OJAk}>=x87|*0)_d3Qv57v<@LuG^F<<9)J?}`2cmHP z?s|n7-y7(<*<{(%4?+FzY{n>Iwh@%O4Mx%%|8|}#;eCKk5Q|*NYzp?PG>MG;7Njyk z>$?5d`dvktI1No!@NOz2mFAcWtr7ZxspWs7JL-|b%f5ZRG!~cYlI(w@##t++Ci>mM z{k)!}tqrBE?TJxa8wLs{=J$afN!16MC!Us$v8yX1t8H#>pM|2Mhm|vajT(%N{XYD3 z+_f&{J)Wcf>Si}VvV+1@l4|^F5%cEV++1v-kDQoq0D_T0gT#qKv{M{AUzB$!5lQ%w z6B$umI4TY@6_SrPL7Q~AVX=$p3XUd|hHuR-C$bdMh06iicuQzJ`Okz_I$GqbDtcP` zUb_+Rep5vQcQ|Nb`s+`H1)+(VRLc<}P@}@6@N$fgxbZ@K9bq&Ps8%wxF5yVO&{v4r z>$LS?XI`=+>3Y;KNng|w3Ew*gR(^8|1fT9?XPVD2%DcP7_);Nxe%?;3^-{DY`;MH- zA_F@!REf&ZGv=+GqWV6K`ebHEnNM9k6A6vFtUfOz6bJei>;I2$<;+c2>eOCS1-X?) zrlJ`9*Vlf1b$@mK0U<b#@>n+tzT1{XDkJs5&g@u9CnNT@vfOn2h~R2QAl6f&CuGR? zyu;(_PW2(R;td{v8EUi1!qzQGU$4LnX@9#|5@ZjNO<t<!_Yo8@$u)LASmeOQucgoY zZ8kV%0uQLT?~3~V+B(~Qar|S_3uTwpMGYOg9Qtt3%D{qcv|9cktf4{!d&#Pqh!>N` zQ>7;)t&73a0Ct9vWeG>%D1*ma|6WqyfS@qW)!&esl~?f1y8psm!xqRA2U!aZ%mVoe zc0A12xy@*P@0n57&yXF3SMxeEM27uo*Wo7S=BG5VK~IV85kDmFx%gg&-S=2-Sy#E5 z;fy7ERXAgn<ON?cXB-b@2`4yICCa0Gx=9v8G~V*af$u6!7PM|ELidyjwwvMw_iPY` zO^ZPHq<97E-9GHkP%7qVHpKcwHkrXego-@Z&0O;*<NjC$X~^Cd28nESX}TG1&Y=e+ zFe1O7w_jrFXJzNN>IeKg@KD2u;j)BkC<GQtvc5juQxz1j9<&$^stmHkX;#=Kv$Jjc z5Gd`BpHi~Ew26ciHHQiL;)2x^<LBndZON8(u?^>N@djL)bupS~U&Z8GiT3VFURc!6 zpijwRU2}(&y8<ryd84(L_gQLfqi_|N2O6ZMN1WAD<$vr_`qdnv7P#()D}I}z>@u$+ zzff&wi{+pq*Y__;B{;py`Dt1%78M)@SEo$d6+ZNA$U%09f(VhbBO&cCRs_x>3ctlU zI&=36%e2gQT>bv0;d5p)A&y^Ua8=IKW#sN$88Ja*4#mJ-?lZ=Ny)zej4v%A>#=X?p zYDQ_7(tK^AVMRDDbxiG~iP!Zp-iK;dX&Vi^cLh|)xYC+%sRdkm(Qx-PB1utx@E-!| z^W$2jz$-XJKGX&L&NG7C?Ns&1zt7K!)?CdW5y~8GBAULZ!}0yC8LyPfNJQ668~gga zDcw`rK4lCwDp(nANJNBq)|L6ug?Wy=l#|uxfM+trJwptM^1m4I5VBFC-2)rP-$$+5 zMR>9P=vYzdFyR6eky1^F3_zrzNQzE@r<&kaD^sZge~H~6iZN8j&3TVnSfFH&fP@i% zhk8j6@wl>R{X7_n)Nu0QITHb%5mDl_0PK6D?Zr0FlFoCIh=dSdL3q-^k?0qqB`v19 z=g*nXUdYWgmcqjyGt#b2n-WwlpZA}$Qma*2lNbJCl;8%px27uyL9%x(M16$M3n2^P zC7dJYAikO-r@N?%PR@6gs^Fs-JOl|bjs<)D=SgJl=|xVHhFXTstO{QQ9W#%-?;TFd z?ufT<*nC@bi6du~62Cq5GaIE_?+*X@(Y2w(9((x<m(d?n)%<8RiSNKcymd&94C z#0tO0HJ0yV#d75BQ<qp=zo=IjK@lC@htA~eaXIvc2Q{Wz6=?5_E%YKr_t{;dfRYMR z;1CmFU(Zgx`t$3FUHW>Ewj5kx*1t;qVH_nGiiTyh-4d?q%j8yMV%1W?Y!H`+Lt4&+ zZIla-(~F$NukYedmnA>O^V>vqe)T2b{9b#FrTCL(o=VvoO&ZajkgyyE{jYHA`f$s; z{{u3FDFA6aNM@f=hU6iO=9k#Up0_hy>BwdgK0*>ySir<o-V66oS_#8%V>dgU9<$c} z(2o5xKyi)$xxZ05wDC}f>QOr{)?Cty>8dPT!cG%*%a=ldrQYc#4f=+{KMJ?oq<TWO zQ;9Vr8x|~7dzCV0IDj;`F%!z-S&>ih>&S>7D`LQRS;bjJi|Im<08TLBI)3NCcy@SY zc7Ex)yC?s0xhzEKu#R=vg8;?quxH-koTJ6fykq~7i>wzIx4O>xmV+P4+wj&$1(1N{ zy{Jp>_)~FMoO4F#yW*I)&h{pVoOvqDbkmzkYN;o%tHBx;r11PvQR#tf99=cl--9<9 zuRNx*?WY%gi3t0gq6eS~xEuwOkqKLCK1*SFf=_|zOESIlL$WJO3?H&^_}70Sxm>eI zpQc^R^R%UBorSeh@*wjD&l`kg+B{iU@2k62PZ$3|gyg47qHNaJ;|)?KI?MYumPo?0 ziVx)oCopCFD+77kFkN>`H$cMD6LObA9bZrkn5!}-9uXrYvPZb8`26$(2sA~dz&Hj= zU#e|1$J^aM95wbX_zG&g-ZV#h-bg32kNk1(yj~w0tG$|++KY$7#|+<sp}3vF7vH{@ ziIr@t%D$T|MU$YeF&QDkOsglk(SO$4v(AcHdHwEMp(n(|Su+NaGs>2B?|(oIW-RC! z#ADOwe~*C=L+=(eu3~9!^u~OwlTxZ4ak9(l=Nxr|AV-9b?<<@&Cr|U#qBRh961OR@ zY>xh}P7-z<%fpj3<KmmXN<M7$U7c#mwK^Tv5h-fSHB)W-LK9IE8G+tMCz@`^{pf#k z%fyh8aA%a_1F#73WrFLlAkjtDyuoFug40r&eDNT55ccr53Z|ocdr$!nKt-i;+*r3w zu;t23K3^3?xA<WPpOFX*@qG-l{b?*c7n(j%Sjsi4Y+cRr#QQcFxMXg8bxB{|HuZpL zbP@<OF}+}fsy{zIBOEu;cs4@?w4p38{4pMcRg#olRiDk~tSv^LcdLYN4kxK4xR$7| zP>owo3)(&LAq#$ZF6J-a?=teHPFowUW7oof^o$oPInnTWgb!lgYm;~}+AzB5e8e1B z5C{<vP>2xXh?Q%z`2BH!T9HVY6mXrjL+Tw))F9q+pccOv3PkFVVn~jqcmnK_<2j6F zO%S79q+P@Q6X}}G5JSmfEvllP3mh-$(LhG`C`W;}l9>b?j!^CMHVI_(iKPh8l$C-# zQCSroLD=pN^WwWR)&W?e;}|AS2GBSW@jrXcn)j%>CwTy*@2FJ%1!*LMj(v<l?0S== zfrM-V#tgnEuP9*|zGm^Y<+f6wCmU6QgWQPLM<DeeP>xiMgc?6Y#^lSwQnS~!Ku-_# z8`6T^57cY>Kkw{xWK&qpVlo&Dz5KMZzCPjpSf`-BJFp|vN(cb-IQT6f<i+pu2oWZ` zHQ+5ckI+m+SLlsRMg5fwwZefUN(k71`-32x-){_$*R)rR{men_j)F|%<eMAK+ymU^ z)9L$#dWwDusj%i|hmZr;0G2s)zdlI>u1v$@2ObO7{yqw?&L)K$ueNJlIhd9nYL-V( zKBqJ7!;#kQ6PdJ34sk5C>3~3C^**P|(S3kT-1s4);y?!}N74Ukpevf4uq&CpOtpWD zu8n~K-vf)V-}#3AB`&%MRIG5(v=eXB#0gmT=h37@`{xnuXf*U;G5l1AwNv=}?Fa3? zuVrT5vft?EV_tmvR>iy$Kdp=_P19fbHgdu;`8JaATviZBLUu4sZ;}msd~r*qawHnk zfe)ON;gAlnz_L-^=7cR72%X*dGI|r6E6#ZY-SPD($MyRiIk4WZ{}%q{lT^{!H%%sq zRLpc=raaV8>L6hm?io+MpMPo&e2e90+#N{o7RNO)ZSgcH0>8KzV%z+oVWH48M>A6l zL1EgL6SS1`M4_`MCpcU1QM4};hGpy9v?8p(2w(uau{!Ab`eWyp^hE!;go)jA8V7&P zHf7wBIXAQ@<IeksmHDc(W7723qS6X7qKSuZjw^Eyy(S~0I~)7V!sdBN%Nz7rZIb(= zQVkQgxu!9}0rrN<Cth9<D5;n3e!%-BbN@nF_HneKh%Jv^eubpy2h^JP6Td&)$~I^y zxMd7Zl9BID)uCTCRHRvxyE;FyrNg*+C*Cok03yFLC!JCaV!E8Mcc}!!#6c=EAH%xd zv0AkVqbzCvHA7Pze&=;;;`=&dPdrV;*tx6JCpiR_J2cZpKbPv)I{lRTo-u><r`)32 z)t$+NA3psn>R~pz_YPNvd)~LKC|xI{sabNBrbV!wqbFB~T#2ue?;O|@p9G_WOaT0% z^iZ8thTtb+j-xCSbr%WQ^=<8SSnr#wtN7trf`*TGe`aA#6lM7jTQE=~#(AOVB}cX~ z9)kz4q`b&w*+I}Q1>lC<u#A&Fl#d-oqdhuxV<>aYjJEx0lqYj4uftgsIbK!*nl~w( z2mI3PBECd7hMak??NN3)UDQyKDZd=ck|M;@hWqGoPM9D3B97=U_B{;kF};@4FLI%D z{D?zg8c-B04`*BU3S)9O)f_G#+WfZ_U|P_@u4LC{uGv$XPf%wc9jUi?W~TF-ibvla zil+|$KaN}lSFbZEiZpMDVp^aL5H<S@8+}DdQyQTP3wv+-8pMd<`#}^hm9MH;6ACF4 z%-Ne8$vUuC(pyZn=9_}XE%x%$;OZx2>^>Ts_h$lB76g!8S!vqHAJ;mAC8`OGC--CJ zgCJxU)}$Nv*wnLox?ZV%tL-vux`fG>c%n{6Wr7NK&F=izAM5#fmGOteF-)L^VX~bL zFrv`I9}h)=>~R4Lji|r^mZrloC9XT-FFR@*AnF7iGm@f6J^_dS@CH89I=a)66k*q2 zU0)~(kE3?{b@95{Im<r{KWuF}3>hAd+DDla3iLNN?rDJ>U4UpQfrjHwsc}Xg8Hs>d zZ$XrJ8CS_;puW?N#TE4;Dyw<UBc)7QPPW(932cgG1@biv@nSfaN3<ar)Xc7is*7K; zMwx*?gKC=OtGU@NC}97AdFyyzx`&?{RA;wk)t4A)bB60hUkeo`l(s*H@wBpcE$l~& zJriN3mda*EZNDK5dAk=CWbeQ%^prcb3&)QTR(8pg+dT9Loz|*(%QdUrFNu1#582Ue zj=v_^fss}PIF&R?8^kWB1%~#ImION@LCZ1%^<g_vIJR*!#?QpyR~y~?G@gb{C0NUz z+>*V+w3s27E?Qrpkmx<4@D`PlVgNEIap`x%*6F^2kQnWwlWv=yn%|&B=rv@!9rd(Q zmS`6F-nu4v6sf_Awyvmzs9<XElWZG|$`swuN;c*KF5-UYsyYSfS1BL%^M5<{MRBy% zLx5rcmjR*8Sw;YY$3#sVBwrYIBvDEPcRb_Yb*PDjqJm#Ghr|5EFH2(s^*_^vT7qQd zH*qCMz7Qf*IrSjF+WkHryG~3+vHjQNiD}BDabe<FchWZEFeAlyoIor<&dznY^O9UN z{mx{OBwUkLHD}_D(A(?OY{Fb`Y^~C7FGVPQlo+s1g2g`)S+>j{i#$3=_oZ^L#KH?m z>!350R5D2*BjkO{zHKL%$PkuGW@CDh^A-&cprITNzxx&?T@^n}C3^?Wi9dNb8cmoa zrzxN8m>MRi0wTGw`;;!C6v&JO;Bg7~`85^QVT|qs)=>(AnjT+tro@;X*V^yPKll`g zVSA4{pSHud;HQ68H}>pqEs|BW@HVHkP6a|fNP&VDoR9}PVd*o6uVKA=_%SaIym!1z zY|H|J63;g7#)0pKDW?S>CJ_6^D8`+4s8u>Re@CXze_Uq4G9pV4V<Gx<UOhEUO_f6l zqx>Mw>HXu?r^Pquxu)x!jYYgX-A7T49K)4tlZ8r^xw9q2R5`)`P8$ZZ^k&JC8UL#0 zD!<0aFq-vO-5i0c46ZFz<(xmCGIiQ-NIy4Q=sj#G-N|Xk*`k2e{wM!%veU1z?PVmQ zLskO%xe4iKu}6!hg-2<Y?yP_Ya!6cb;2t4;KYkF10lBCW_=37NwPZMbe&zB@(w#d5 zyjt1AqXjNE0q3asIKjBo<=|=~C1ZvZ{gk<(EP++_cZlyQ4k&H#Nyw3@`T6ofGS)UV zVF=%ZbN>P$n(TFXR@OcLO6qP?B{pw10|MCvt;QuCAhI)7dh6O5!w0&XG*y<(`+;#9 zl^NoMuN;3>=^+o(GWqQ%v$)^TM1+K;GO3_J3BQlcX2%~sBPHx|%-;<mrJ=9n%L?lx zyC_g4C8f;{il$QPt_VAWf4{S6Z6I8#BoA^fK{KbO_BRpD<i-SY#5B(+P4?x5#8^bc zKo2t$!r&g<;_hiRA1Ug6HvVc^+M&kwd~*KD```mYm89XYt{{J-T_IDv+h-%>Ppn+x zp-AEq-gjgxUP<?sAtB?$3Ei~d=g`k#E)DDnG?w&O|My}&A-g4|ehD}x$OZStR{P7L zoZdt%pAiIbImCX<Zr;C2V>gly^Bwxlz#Ys(y~^;53?xN^AuG@ArqZ~Bi0OrF=v`10 z`im6b6v)c4?k8nEbGts)=Xc8p%>K{|9Q)m5K1_+UX*!Qp+r2Cu_?YKYu||i}Uj`?u zg7OuXB}PQJI8)VVKiGar<Zi~X%k+fs8wAeE_k^fAX(~IxqzqQv)1xn>{wM*{MxFtz zdmnNI*9@62Nm>){wX|k1)Rn1n%ptR$_l<2~!i$-Lj>L4I#NvUU?*r&ah`Y)v<t*dY zLRlYfFv}wdK$wRbwpl+rm8Jf^fC36Ko3I9{G_IUck5ZVW;-`Z!QDxWX0$k%E^pQ)Z zHkCY8)KI5Jqh`!4rnWezuZgBAxsP#_e=QeguGgv}cP*UK{FP(*8TmvfC2_5<u*B8z z@8+M@zQDk20?@T^m4H<XS;2mxyGMmjYkz#zt%zY!YK7c5h$;&yU9muMgs8>)mgYC7 zM4w%q<&3Axbrf|GR~e`@3KWkYqYqeko(d@vn!?a%Z|Eorjq&9F!eS_NuzDd4JrZy* z+7gtlbE|rVdnV<kRQ9f=$O_@Q=L&=qRI*rnN<AS#etU@=dG5T66|r7{yx&Ih?FHDO z_#s-rj6vIa1K6hnL%qU{PZRLD`q73vcao!Q0#{kfN{rDGDPW;EHKlySFGb)d<qh+R zdI@JhF@LA2ra@+)pc55<7_FU_RHBKnewX)YUscGNeMDw>S-qEo{jhP@cMe2}Bpa1D z(s#GRVAm3IZE%9iLhu)m+YkDA1#YJn6-b}p1Ia$Ma504>bCdeg=^&Ih8{n~17SUp@ z{Y2AiLJnK{mtNMvdMU!Y#y<$fEB9#q<PEpiCM$P@E(I}ql;xhHSpyxSmA_SGXldR8 z^&?Cfr5W*_kRsXPX7a`FadT_qfDJPsk;+38!9Y#(V+YvkV7gb}8@s@1#ZGZlo*Slo z1q@3)hW)wac>R}~M-Un;Rg7l|gL*<wZ7++1Xg#q-ji<8P4<ZTHeOf<P^I3C{=ci13 z!KW6Sn;j7$_9)(5n+u3ShSc~riQ1HA3zJ6|1&unbfN`qTx?aHuMIznsg!sP2Yz#+U zL`*|=Jg5P_Ji-53i?7c03!QTMtT=*=4LnQ5(^C~?;n*qQ(G8TjBs`lKI@uSN7S;x4 z)fTw|^k(&8=E>xJ(>#OY9jO@FQTFBUZ@8zUK7Oo5BSV1zUkYdjjm2+nLjdkdc!{Ro z4GXl@V!5Mi?vcTdZ9y4ST6Xa>sG~>o{X##UM=wqF3dFIwQj<>p3);~F49P}A$3Q38 zk{2jD$X-6Z`!%~Y-@TWGf)^tK7-5K*$@!|nu82E^jW)wO4d%Nc6Y!Z*TA0(Bt+-mu z(+BcEBi1+j808>Cw$Ng>cl~I?4|4VY+tr;vM2J8UZN>GeDz<RUDRgygE=fHSGvn+; zo_Jc3%*ampa9jkAf0tZ!aLJS>!tS;H`mfxNX53;fHh#Vt0G3ICKE~$bQTH^5YK1{b z@o<R|c=-tvB$|jJTmA$+pmXYyah9OgD73uE+-J^QU<nGIs#8B6Up1H%1=cxyma^Bc z#`qhne8&B@_~rFBLE3%8ev%41V;pkZdkS;>jn8A?<R5;AP*okYAA(?oga*ZXzkv-n zt4|*vm8pQ6pQncEz6(Hbej6@u0AK$o`kT|Aw{4S$e7J(rRFa7D#ZypE5?cM|`zQF~ zCEpx~ybYk3(`_f8mvyet%5S@w*D8$Lo_*038^!X+X5_iG5gMo{#}=8|^yi@cz9PHJ zHF%rh_vIteP%4kV*y;HB*nXTb-f-IQT#rrgzR}6^E#Q6AYcThUN7;xl#aZwm{oBa> zM2st)fQY+zjVs-^q0}iZ)Ff_0XG|H8=8!b8bBBvH!R58G&4`Vm7l=1(ZJR>A930*8 z<n-KNTpb71pYabaJjW!31R-6IV7ld4{(t5kHFsLj4C9YV7&s^RvR(1ymH;Uz11Zet z%EiV*jUd|=ti|t>CrEv^S^tX^jEE%uM&3WS3wc>)xBg1OGUAQ>-8+B8t3jr9KJT(R z)I{W9tyP@y21|WZk^%t(d3$$eu@9Khen|X`Q7*zchP7g(_1|0oU$$!y<bo4{?M8?h ze!0Z(07R**Z7mr%5!G+Ww4(pJMYL)S#6SVUY-I~$W8>9dMDUmmnOc?ja(`FAf*IsQ z!zBE*6;DCwE_8};Mjj5TuGOD$Nq@FSZ<*`mgOXLB{2=PCzcF4|#_wDwCxARwG#1#n z(gg*Tg-zf^6xQOcll~X6C=*HiOF6cS6O#7+V#080{;wuwL-&v@jrU(c_CCMe)N?^( zxUL#e#W5-LqD&1RW=QWauy~WqS*7o-xVIvkNR=Q%2R{P{Atisy;SNrMnyLFW0XPuS zs=Bg7-nQpFq@bMlf5V4XwSkzw_z)?;l$dyR3E`v7g>@4d??V~3#po}&>m|TS_UW2r zZkKg=mQZJ;;nNfxJ`0qJM&1t`l$gy%16*wq3Mv+9a-u<Gs&W!67Z1L_TY+0libnm_ zF;S}$z*PA<uuh}i+-XQrsp7Z+e12UA8cMED$phdrAno_a_&cJUz`EZ%r4I=9{^CR! zQ9&xN!&4uBs59|L;E|DOd|6@5ScmXqD~>ru6io~Sj;u-l0md$m3(1}qOHjVT6?#Qr zn4FwwHb9O4hqAYds^eL^y#qmmI|K{v?!gjdL4v!>!ZlcMcZcBaA!v}`4hwe)?(Xi+ zY4+ald%mmv|ISS=7$c)sbyro_Gv{wU9kq#uMN=RHHrfeTxIO3Q^#y0(#s{b57tM<j z6A%QZ1+V0a4HHSmjffqc+tUIn4-x3I5h3vKjM^<!<<fL4p#R!CVS=g!-khZZE4%sZ z!+(BlIl73<vawmmqqB!u4&zA!eXV2A>m0&!$IWl{;zmoMJ->R8OU5Szdql%M&Xa!? z`-BRE>bCef&Ua9uSpM7MG8+h$ItHa5ofW2y`aARwVQER(1&AbBK`HHetY8$_d|1Xu zc|ZF6WYxCxz#AuHJ1JPh?J5xGN^8;s5m3rUm7TZ%d8#=m;J;6?{yJo)WUMF@ruZ#> zz3%FvAFrj5!3gD=W3MokVs8U2o)~@N2urgf{TCQc>D8Xj8QK|>kAF=5bQM%pacc9c z6nudW+MEfnr|`y4O0Nx!S)cl?P#xyzw-ylw?IC-=c3k8f5)vXp)>~RQ#)uXn6LEUo zp{Bj`@Gi^4+ZL)TrxGPhrK%?e7VY%@+lL8LnQ*wb;p?-x!Da%@yh9wnKrUvKP7N!d zIE?PIr$L*=kK6FnKOYfpBY#myoyIY!IkkxVcwyPB9rXEnbbev4NCPY|>axIV;29x} z#hJ(c!|1Dk(Z`YCY0?fljD#5{kO=_??e0_=$bO{f*RBZxCOokq$5N_Nc6xCbG0M~B z7ef2#_x)N3Ev+!WsC&q3K`Ka8`XRuKW;hS_?l;%M?~nhB+z@6I!ba=vC1uoa9c4Q6 zXlJoyIJvKY|I0km&invL`IZOmJfT10>TP+B@=-eNs(xUB+LPVJDPcX6UDphnaHVM& zS}HONYRTfZ`oatS{4gWDR0$`-1CB43XIb{sq5bXs84c=i!>C-b`dl)FP5;oWzyu+x zjMa}OGms0ZTjZsxxk5wBB?}#3D_#~&=h(j<0XlO3`w~BA5JfWCG892F-io*+3nmi= z?nI5SKUO#ud#k(W?82Pc3hy5u1j^6teXV%2go`ZEvf`OUDWP#g2>5^Wus&jMqUF8b z0Yt=ifyRlPY@O=GPR!V}Hi3Car0tZEZ0TCt8(D&_j~IH(LD_Ceey8r2C@<K9ech<n zCs>0dc2JZxDRx6Dn$+eI6~As0i~?i64QA-a&LarXJlY=Alcq*9!2bLiSbidE>#;{s z&s65441zws#QaDH^@BAQ+NDu3{`FZazK-=w-UJ1aVgTXG10S%3oc+%h^13K>fkjz* z?=mK$;i%e}tTber1Nd^U8cFu5-XD;tgSLAo)<eAHv^4Hxyky(-RJAF3jWmoh<*D4# z_~T95P7m0Y-n_(sZh#sVitQ;C``WS!Py*)hK(UQqEg$N&5IpcOP2DOitJEKVxSOtQ zOpn*yV&I2G%njcn{;1^`IQKaS!>2e4j2X+qP+zz?361$%l6l&we!jSdlofY^Dcy~W z1$>0y_<O9Z!oP&xj2>Vr^Do9(02}pxJ4o~w08@F26iJh|WK<gOYvDbk*s?a<4UPn> z`4mP%V?rnWTaRez&p;(64@0L~q+crS0LSBBo+S*pr1Euz*^ivPuwX3hkZv=eIHkSL zx>$3pE>=R_Xq<t^`U}*;Iv?b7o}{&#ZZMm6zDoed;qM(r{uK%;ZNIGXg$3~Rhg%2n zdEJw0WxkBH<~)d6XW@VOihnkHi~P%k+V)#aQuJIoDHs9qo#^d}q?eBBk#68!jam*F z#;gE@(7GT={QX561fj{x(vgLwI@2OLV%p^PdJnHQsu9B>LDdSpxtB01uq_!Ln(wL= zv!-ynju*k$Fa$Odp#d4)jO{mmetqs3KmTEl)8;WCnYfOHSqA2?#BcFZ(^Y=SF!e>G zz)~Yw^H%=yAH}gx(;6SpkLB|v{RD)|nIRCS9aj5sq0d`^*tvYn0jX}r%u8-Tj(}zQ z>_fwHD|ao8zmf;l*r=*pPCg(5Q!U-@c>0d{km>z6=98w%)E}-%0gCJ>y}#US)Dfji zC!tVPP8JLCVhcP*-n44q&8dt}=~^%G@Cv37xF+Vop$TlKgg+bYrS7}Dqfq8d(s$<3 zO{U9vQ`qiaRCrjTsS&hL2SDSMx#2h@hVJ66_8QOf+ah%Fh?rSOUpeWTy6`G}v}x?9 z5XU#-t4_mFIWxW@<TeYb0Wq5Ym$Qd?TLd#xa*Z5=9TKu@4&w|PhCx!}s0i>R0Hd-{ zBL|_${(bo}Jm4${G(V%G8-j>;a(SBz(WE0H0be=_Fz9p4YZM<jKfPDN@<6_gy7x?4 zozCOwi|rsPP(u|1Bv`Oj{5z=6WQBh%F-(wcx2(lLAn<fg9IaU#${f2!?w<wi<&oz* z!I%yRvJ4z^?~X&&+3uDE_GlJXUeaOj)kArOr7Dln*DTameM*0txpc`}!&sWLR|S-> z+VfY96nxY=IO_#TOESFZ9Ihb;zK!GW(eS5G1rLy}?LUl}-a9ca?D@uI9O%2f{IX~5 z&$gDIDKC0!35dqnBXPv84gh&8#j)sq{aO|GcIl$Hrl$b-M?1hJC8y#W0ygs_j6!2| zk=;!Ssl|6aAC?tA*EuB1;1AB%5x3Z<#3>xfhIeI1+W1Aftrd!GDwO41sLY26?N)MG zc)Oflc^{V)_{wwcMH}8xV1Q$I>z)ZRb)SZMS(9|&CU-Rv_Sk>+gyy5Ixik2{8=FGS z>fOVfe%h<O)~K+#*YR+{g_%*HT7CJ5k5|{cx`o7N+>KQ}s*QhleTFCd+l|N}0rw%j zo8WBmE_TPbV?}3vQ*;F4?GGsth*3<A35dalo(x=nT{8;*@Lrf_qS*G+XcCNTbrjX1 zm6Fp;#|;!fdI#=07(rqM2V|_fJPDx_(l~dW4c?5qte)c=rs%WTNIHD~wjKa_n@F~) zhCfpFKEz=rOMl_)z~gO<^*fv=XY%XegV3M^sqEf(CJ(I81VgpImzlLF0I#sNoA3UZ z8UrM2{kyYh7bi37I*%_$%~DWt_=iD0z1lD@kCB~t#|CTDRlIE`tU~b5?X&st<3M%7 z+z4<sCAiY58y0I{xj6{&sHN%3hW<z<!2u^w$nX>a)w|6JZBb<`j33GE)iu3rCjC&~ z&35~|@f0UWpa4ym*mAV&eSigO;OR<C$?Ym>0GQa4On@8{*d0JEVciOiw%?NZQQCje zWsH@1xt1=w6X>-*wO2&d0D3qBuTyehl0?CI64Y$^-gq-+8@KJNb^(wLe$2ya`*lFc z3I>Wr#GzLE8MVoS`tM7mfAE;u3)EPsgSZ1RRJM(QlMXpWu8aQFY-l$!8@p`6ZfI1+ z3I?kTRz?;g;~F?d;5p<^m##b_3gQlpLUjV5bKtrnF60k0BZ5oDumR!c%@>dc0L_f+ zS8NP=72T5Fkf5;Un2Nd*6l_fYDE~3@CKmX|g|-TG2wU~%`s&O<N00VkBe`&bCTCQ{ z1H4(k<0-A<Km@hocgA<hzcLn@k^G@!JH&2onYSJ&vXtqe3ZklR5z%WKI30W#CgM+m z@0q*r`h7d`PI3Vfrj%d>Rj)1B7K-v(MH6U}B%_K?@NXSFFe;L$609ikJ)@ogFg_r& zvk1C`!8!feIJ}#75;$UPu4YjsfefFwmkMkQj)deY8X$_((uunhlcC|{hcM_=<k<%> z+(efmJBVqwd$oY<u<PdhecCI>OC|%A1N>84f$*m@L05R7t{$|LVxGl}YvF-5a&O|b zI9$?a7e}l2%U;N0p)WGqcfd!!ho7|P-#xjc>>WfIUar5b7%=OQ<7WqNZg<YSztGyh z{F2e!c!-wOa)(S!(hxr~DtA;EyU83;I05fD0H_E;ktUd)uX+j!J0NaY3dCywe`FV# z@REguxHR{xh4iXQ4sS95(t<1jpySW)rCe)GZ3X_h-uq(n`D<q2teSbH5{XQ4qFAwV z(XEOK;0%ZJp=9r>09)&J?KrK{W)=*w$<4)sH%d<?-%<=y6;*C-E;{g`qqk*v7VKmi z;4aI*wq6N|>s^u=%i*>Y2V}plEd3O8_NmP*{|%qC%#WEzl|&-H5VwXo!VB0fKOnL^ zMmth}H(wuu#kjTsstrAa|ImCFJTE6F1m!GC6GdJ>yUL6HDo{sMU=g|=M6Y!x+qQiV zh7TH9c$>ryYiqZJZdAq&lQlB3tp<0U-k7j+0QjnaAr=^xvAud8l%p+q1_<xoze3m` zvI52Hbp!KrtANpiIAk&-@yD%Ows9XVg;lY9)Sy1Te^i`4X#(~Kh2{CoX8?!0wo)wj z!URoj<i|At{F81c=)X%wKUpZI{50+}`wPT%bZ7^IvpExgUTVlAP*`5;1Ub-Y5na~% z1MZpO*Q}mfVqDacV$qH7l(npXzAH0)H{VCDdiUf?;*_A6H$Y{#3n2!KF#-^%=v7$v z`m?&WjL6E)E&_0B8weDKx=yu4ndKeoy1jq><Ir(QFeoBuxzp0W&YxS>&W6U(lnb3V zAC}z^qUmjHHL>{V|0Pn3ip(II2jn9>v9iUpE!f#2bn2iACGx{+1YjQ90R76mqt}ON z&McpxS;TsUb18{^<L|i~8I2*5%jqfL1zRGPo`4vtg;D<u)d;4DW<DVl=d2cgrC<$# zl|*x$v0Nt&uT;ueOR^p&{t&v7=reUn0PE`kEcVK$`ns=P4DN}SwkLBReCLFspDGM) zU>zGNc+0t;z%DMl&~09#sti-Ip0pqP12C>L{PGR%9Bjb>NR-#GvCRg6M$(}q7Vih> zqkby739kiY&p!xQU$j62uvOK9ae9{X+O&hwL63|RT~*oWAoU*?M;wb|2DcVOO&+8( z+|irPzf8;71Y~;+ktkrF`v(G%os9eH^Wp6PV_lgsBP+?(&gGqM^AmEg6Gy%J9~)gX z;9$|WGGOdnrdNN5Ox$bTe$HlH->y(PM~U5^^!hdVRj3&p8jwL-;2?Jv$-UPnfYumq zsKkmkpQw0IBx-PxJ6#<kk_%y`y~T^tZSLJ@uMlReXO&|7h7e8)5yPPNQy_=F|N7xa zH*+E86P)lvOXoVJLTr!^^<(PC#A142AtW4b`A$>JKwb{eh%^@APoDg5dzxSF__W8$ z*SXO;`KQ*~C{px{I%c|0fvrO>qj~?f^8$}0&#mRxY}<w~=eN@v&K=**-qrcyw`F<) zk&$V2hW!Ivh|*@tZK$Y+ixD=TKjZUSA#;D58@W)|RL_<}<B@*PgGo(2U})5Z3&M_^ z#k&he($xMy7e~5nV&{p2NU=YJaCQ;PN-kvhyAF_6HA($=;r>D3-W!l?(N8QhJ-7an z5%|Z$J;yuId|yK!67mp6kzBoxQ1;9Ny%oN*RWVB~_fSb#u@T@*<Wd<3<aok4CJMiP z$=p#h!v`@hj=s&0-qS>jbK?>zRt{+ZF~~&?2|Ob-r3P4QS1|m68=ea!TmX?-TPS&L zO$W1lzP*2<@n*O==yokU<i^9Z5!$#yJCYCYWd+kHs7qrx#rh)h(aGEk^v?AtrB0gv z;I=*&fou9GLl#icChT=b;-9cowNkA~SKpwzX=ezOA)+6Cj8qDHJ)>@{vtaqsh01+W z0$$uwqoqWB8%mot@uyt~Soa!4jMTAgq+2bH*!Is2#i5}T`C77pD+T2OpB}bQI_rIU zpzApFYOM<3(bAa{R}>4P_cv8~Nv}zGk+o`1dOEdq`%*gJdz~!j6}E7|-JAp><^|`S zWMiDZoWn}tiDms!pj1*)`dL@qwMpPmX?P=aI9ChhYHhXZa6@9jWfi2Mv^3uNJ5R9+ z3k!rDI7|1pc<bFczUkpZ5X5;eoORvv6s7gyMWluqcEi@7V?piaT%<{3OFu>Y3J<^R z*fVhK2ZFMNX-Rw&H3#4pd`V^h9sXMUvHnACo60_~&MNhn<E}1uL`37cW!w{~+XI(9 zUoMzPmEd%>+dbiPB??6vQHo(%y&|>|G>9zi(B<-6)UQ#U(8@3rk(Cjr-!ihGT$qfU zoqf(pBZHBpBrcR9^=l)0Z__o2PiL>}dgZ8!kz|(8uLlsW#+vIjKG9&(hVVkGJ84j~ zU9VP~^W%%7g=%LZ*k8UOSBc2zVf3yGf!xYpE=GOK{JMwfL5bJKNe2AOEyQO8o%TPj zTy%}U!kp0YcHYQ$kziz;zvbqbZ=0^e@}u?qFqH>kIQ80C5FeA(y`<uv!gP{~pILVw zoUvJU{1mCe*2a#1o1NM)csyPb=<Y=MhmuO;Bi<4CIWpkVSnT`c<k?<a6Q>LPK{KBa z%NqFTyoQN)kwHux@5I6f4#44N;|`J{(3-Sk4x_&gTvZ;xy=RUHc#3LIT~-_WX2Peg zSws`@h>9w)b$yp$KVt+32y0)IemMf@RWn@Bf3L?w^+0O4L+f#4x=6*$@inG70$R^R zw{JB#G|Yy0-EcXB*guOmvi81)+fdT#@=RxB)ob;gq)C%m?e{JfT2rdc4^S@&1u!{& zMM(S&y1FxuVd8hnd-<Wj>uSbhp<05eBzs02@RV)QAmZKi!+<tXxWFa5$b>xmEzE3< zB;Gfn?tjVUG@7<QDN&)$E!S;jzWjDf5AP@vyF{FrH5VBTvU~QvPlvbQv50CFY&^HD zI$o(qZh{25kWfcxHylSs9clK`DYb+lh0WpkjxIeEYL}1=4Na`CP@^c+siI64Y7%U3 z@2zi|K8S?o`(&eg8K?Z|D*J0smqB{PfU`4`RypbZbDzbVwnPueuIIkViu0;>-zO#~ z&z0|EW1#08^j8KIRTv&J&8mz<H5KFuJ6I*ci)-iVN!EKGzdcTO3oa-1CYSo=;FU`u z(Q&Cy1JYeV+1zStMgcwBtJ<2!MJI&<ug6xr5QZjQvc4BQ`vv1q`A&D>Og1ibSnZ{o zcW5kLVvUzY;KXHYf<O6GV6lXbp91@@?CO<EXhs@$Qx|pV+&zHSGLFVigCLS$5vg@D z|39{%9iTUBXt(Z9mLU=L?q5oTH8WE8{FbnhudHS|-;`&mF!OlW)j;>|+7#+dVLhk% zfF2x`*`AX3ApiRhQgALhD4jlDw1=ox8+&i6#(_xRUm~I#ND|tuua+fesqM4VY#T`y zi8OS>OEaNE5tFqWd;!p<$Oh3=L))hJ9}Q}bQyTOKHN5i4sg^#VJ6gIzi#{L|MQvG5 z8?L4A?aowL4(&+e-`On4#xp6=%cg++?{jpIc1`yKPZ%;yS2{ZD9ZsO^cLqW?;GJ^K zVjyhB21vJbIbE`s0`41VzurkQMF=!)M=LRq=BY+QSY<3Dq_p(1A#JYumRYb2?k?m_ zzp3!PE(;?<0IhP|v4{ds)Jg9AbH=iGy_uc$isj=YNsxDM{3Zlpuy?;=z%VL2O)vYC zE5j^LA2CG)t7@8rOJ`0fiap*i!ii{k%rd>^ql?QL1s<sQdtdZwyS(<|IdpfiW*lp5 zEF#Dli{{lPOeOe-O|F@}8iSEUD~D^)b3@&%t&6@lAcp#F(#3~t0erJP=!)8Vci7nC zqlv0)`l9%qxC<gvh~%}^+z&b>5YRgW4$a2xtj-b#IBE&Jd~oi-JZ*4;q6(Yq_O0A$ z2Y=riNAo?&?Cc9M2>j{sOCIH3TEA~`DY@<r8A$aE8xksDMz=pQnX<Z!d^>xeojOIG zy&sC9T6r_PK&#h)>nGG25ZK@<tu;_KaqfBdetNFz42yzM@WwM#cIp0ur<)Yf93k<K z464X<{JRTcX)PL16tl;hIL;nhzy&PcINOQ_Ob8gRCfs$1WZYVJOqDI%BPwEVqnFya zlbZ&90XGDYhhs`4;XGc>3DE?ERzr7as<SrQ17mtKv&Ni28oDdL^K8ymArjTe>K{S) zu6CWIbx{vFclC<;P%EviXdP$y(W|xf&{0fYA%Mchc72%TikIT>3-Dr&Xae8SQUQ;^ z4x>`bM~N<<S{H8q5HtEWKH$B?{wU_oA_IKG<gIbX*mA(-SU#LMN;RiYe>^jEHiq{= ziVD5Rwg|Uh=2g8U6A&Qs)oUXwQ5ldmFC3sO@{q=-yFU?owgW_;J4aL$`h+(~`vdE) zg|WLD@`14?7k!RV3;{8rh7#?|4IiV4*`0ef@xfgX2vI(9$?9+%e_sNJ1QD%TnQLc* zn;^`splA;=0Vh&~1qHMlNPjvg4!_ctw2{-UNAu>|ZJPhiQ9^cIG7))uQMd{pcV4og z$`rB??K^LlT31x|(quOXkD6ey{?MytSJt6O9ihHc)tSB*H&!<FVsPK+`oJ8K$qHLe z`apZsX2AwJ&x@)e2IwIe+#fnxY@picroeV*GQ0b(vhsb_1z#kJ-v#pyIppl*?--ig zbB8(I)s1BR2NyigHU~@tp29x$9GcudaS#Fi%nn5IaP`3E*t>hp^=8~L#V~@^{$_~( zHa#MW1DC%hSsku7NkFWj=Ow$sf%|zpL6GtGV>iCS$30sAdzh}}!;jC~#67xAuqP%c z>-aNghsN=vCa@2sDdXFh-C`)t!>0b8t>suxj8gNQvwC&!>5qg-b{r1Ao9wFd3cKM( zwsNpmZsHO7eUy;hXxnF|HB3k`ZFpS6!d-MlI2qNGXK+Rx`py_G?d``<Ioe4<F@E?H zet%(8B-&_S)f;9#@dKDLA10rPB@jrdjE?nYwT)f6EV^?Qs8vWzrKh6B0*1fKMV5#7 zd8^2P>j((I3S1m?GE%3O5KNqXc*+zpw`Jc>nuGFO|4o-XFE5SKqut?z%@N9V2!=ky zOmTf^H)OufXhEq9eJRr7lzj$rU50>S(w8`gdAPg*6j=T`MHl>>+FNc@I=m%{XLsRA z3N5-yhbw2K?|BLdl{VYg3~jBapk`PydwPZ!?gXdLl=AK!ZS{9dJdoZ&+QEhuc2buM zL5aAyyMH@T;(8(jLPJC8P0TputiWOlc5}JhkDCZhC#i^3dlMjdVj0Gw2S&5WTO)d@ zxOte~#LEqb@tJ5HnHU#Et}JDzlD|>-4%!*lSc4_#pkH$D;YS%}))cFRqM34Uo4)t2 zSM-_qTjI&)q<il1svOQcql<!~l*~Kn@|_f2U*(MHqnpjPl~iS>z^4oMeL&8DcolWW z#0@@lHpDX>3%UpUanJq8-<L1VnuW@E&re2A|89>6epSsZnf4IV(jCCK@u%`pUt|Hb z)%SOASzh=9wZgnyu_BolaJJcu%p#?ZCM7Q5!@@H3Qo+5Du;jMtX-o)TQ*I?%ZoU$Y z_VQmlR2Py({{7QRMiw9JJ6)2<6f!R>zNYx=jdVnw+!qU}|0~~P5Z7(ZM6(9K1d<tY zb1+A+l2M9Y*F*ZGvOX>H?FDNJhJVn~MG|N_MjOp&WrOqu?|e4nEyOQB8QF6_bw5Sn za>owC00{{oL4F&0Jz^tD{a*>+&S>qe(Xb&@@3!l$DNT|vND~R`BOCeNUy~1!p)GTc zhc%=<I&B%B@XfuiG3kw})}ecDDt2LyYfW2uFVC53r%StDvU+9_+9=5H+DN^hf~E^t zAbDSiHxeh^|Az%oPfdl;s?d9&A#FhV*6ycbICMTT>n@_)zN@>)R9EQ^MIt&=5>v*W z&u9o>AQd)rKBA{h<3bV&coZA%EMOh1WPEv{v?0YW_!=nAyk!{1F>bWB6pXL%%jHk5 z)Yk$OAT$=AUA>i$4*LE?@bTrCf?B&Rl1nAS0FFlDBZqo&s)a`dpw{tDB){udqdZ~w znZ9Es-=`MBGo$ibqYrd?4S)?ljlo89yVJYZ<w%DB^ri;<H}Li+wMkk%7^-KU6qaVC z)Kpc5?iGD$bDa~p(XN|SJ=!IE`t$7}Xdv5KX)!8(neu$I53OQ_^T$V3)#k*vv%>h{ zn?UncU^-vv+Rd?G*gU_X?Tc<Qs~a!c_TI}DQX+FQP67S@pGxM>HrKPO0VE_BV@L5$ zVJQdQ;^X{TNo~Z2jt%9e#+VCyY~dJp9Zn``YQ(<-Z$JH$i&N$3o2INKBKR_sQG7p> zxm*doDPQ)!yKsJ^+Y<hK1ElW^!+;8R7H#gL-ET$6^;&@X)-8~}Mj=OAgE5s~P*&+G zwf0luP)eoi(mO{sc`tH(+gFeL&H=>$3J6kkt=^aaMwOzABGQ~CR2jhSI_kAi0Llxa zayBBpk<pG};GkBrBcg!OWz*zx@#WUm4VRm^)ep#l<hXO-l@cxBsx*!G_eK`v&gT|t z7q&IIKA;XXOtweMmB%n=Xhi%T5@ynBVfH;b3{0>g^}xWz4I-oH?RA~YS8-4))%++t zlA!&?QHTxPwH(#rlFOT7iG=GS=robYdcH6FVdS@W7+__e$C1$_3i_qw(-k|?C;wzU zzbqEkT|)FZ=!-=_id>};fnIspJd?m?18K_AcN!+9tKTDtmuTkc!<OKK1D-sdd`bk$ zz6d=G)jLi`>$P<cEDBy^>J4`vB0doNzO6bw^EqXF4v9CPi`ezt>H@Mx^HItQ(#Jn3 z`Jk+AoUWL3DSwToWj42$?XcJt>R!PRk-&M0KINI(7Kl?YM^s#L^9CSMWR_jEb8F%h z4ftZ2srBJ59loP3G`;F9a5?8f=v}@A8`gwrBh1}BQcVlHMH!;x`ZFv&VTSbdj;?7C zsxkjqJV$FsXR+C=s`lw5Ws@lN1uTWizA&Y7q5zBrVbKy2fsTu8Qhd!~+Sb6JoKJ94 z&)T6elK2?@7T+^A8Dej66h|DmNdPD+?Vxy)@jC@?Eh_}K!K%aDJTo!NC%I}5yN6jY zIr|Qf<H7Px?<+=PNwT0@^Um70>YYxgoJRJ801+!&KJ)PQUNC?qp5-@b*t_nFGlqi9 z=KH=E<^}5GUldp%z@HPd2ySJwPGHHzQ+pxwmEGVuKZrA!vD7hy@kXk7<y`ZzvuJGY zpzE!l&R=0ebrs^C6=kEeEnmFtbD>L1oyaVF0zlCRHBEKbA791vOu~@9ZO!vqq0*lb zCeodRf0-l>9Q75p{dV=CB63gQs>e2M*3Ww=_H9M&fKQ9*x3v)^;pYpq0@L-q1G&OU z<1+eAY?|n?!0(DEu%0hb>s#9L#bRtk^DQ_i&(?v_Swfu$i*~GMqH|NoZ-b(swSH#3 zma@<3@<Ko*JMmNYt*Hcj%|p@zbUz|R>G9+*>POArjU(a;4OX9d6GK|PHFv9iD7tSX znL?9djaZd(0EPWKK!gz;&O|yr8)8&9u3jA#!KriAo=q9cgIWmyvb&HGC7yOaJZ~W$ zermnW=RsRDFbm*qbibXbI`^U}=*&4nW`09CjankL@THH)bo5)_C@bK}49i7Tw)uMp ztuO7Adk01fllL9mKq0()PB7vzw88Jf0|Clopbi0z$NeGctAbiItJV08c!8Xg6Walo zajT&4n@grR)WR+w=#}CBiKyNBM8ur2lP#%hDX_@nEB{6E6TO|0#|@mB)(R9&Gf8`8 z0Fz?c`#j~G#l>JYwp`g0adp8~;?ybHPC2_p&+Xv%OL(?zy&emBNu&w_-m($8e@K&T z+S-rjmTtc+-aLQa6|^QqO}~NS&uIc|L@zG93s?ZRg8<wVM%xh(h{%?x`kGv^j{b6- zx-7uds+-<h?qEn0-7PEfnEuNuEFz-o0gW_<sRZXGv%n&ZDWc+JhK<H<5c|_MWf}cc zA}b~aZm7dS*4p0G?!lb>obji~vcP&?Ncl*rZX&#Tv}ZzMOehAPfKc0gM>iTS(bKh^ z@b~l`A9xbdvva36Xk#N~a|TzHAC7vcLF!9`NJl0K{s2~S%C`nTn!)0lreUAfnJ*(m zG8iy?#!-^x0~=@>3hQn9d6A(GILuGoN!%$@e&{w)I|)}?Q~mjgDEzw3!(TS=LNqR| z(dzHjW|}j;*A|>CPjTSm9@9p3e;1CE;+AyYd|~~IdIamA-DA;3q}u_xl!~r0F}p?g z_$>P`mR3WsDXt@170+i5*rVw&vJr*6b;x9C%8(FdVbP89m7v~-XoP16_K47MEsOeg z<p7^lKuErsj4AK)+w=&GzetZ{2Y8HOM`Nx6qt{h_zJ6+iPe_>4yZIY`B8S={o+Uy$ zA$WBmI*X0EA`b6i`>LzqK(1nENCpUS0K^TbZ<QV2R25~@2Au@p?0Q**$)(_sfGB}a z3Zbme(!*lwXV~UDbc8fFyK=Y?mWYbsZ%!?$q0kLKYDI+8HQ7GMwhSdhSr;1u&YZvq ze3J+mAj6U?9$E2N;YODtVYNmezs<!<Q^rsM!m$(3`|E*?XiB;id~E}yHUB>FY^}=z zp`O!+c?0B>I`|8othE;t!jqH|<j)EVM9tD8niOZtFIvb*-8C2}_e|a6QaAA^O1W7y zI6sx92B<Hs@M##_-?lpCZSOARF?h$FK1U8#Fc5hrFkpeov~NJYPQN$ei*&nTyAQ+K zcaA-k%cg$7Up&@*5uN<4@|LSuHOk?Hiy>K=RZhiPm1||ET)5(UaPY)o;@(8ALCT}q zs$zQ9dtkq;o?urrQr}tjwIQk@tRiu`v)4B$57OQ>4BrP@{QAPOFL`cLFOy_NN!4Xu z>=-F0HEJK;6&#x>GpNy0le)iMxaq@go$KQ!c2GBNZ&KoTB|k2$bos`exJeqx#d#8H z6{<uqNGO7=t-2q<klu2$4pA}>+Go_KizR9EZg2JqhF)N|p#a3;3a~f!OYO)I&onk& zD=Wlnq^!?kZW$%hG`geGgD>-Hwx0v&ImkA9^_@|rToI9jI$F-QC9(KgL5N)63?})7 zWqm)YG==eO&uS4XET~6>@F_urh>iU#tP+-CK(K`0Q<HRz_bn2Y+VQPHU-J_FVk`Ch z6if7!JIlsk9Vz~FCHFT0mq0hqBp)5?0k0L(R$Dxzy3Fo|DSr%f><ESMYX{O~3QIVn z5+UTzN!u5ADzk%3K;C)7E1=~QR+}|-EiI-y*>=BgXkP*oh5ZysDB$vo6GK~vk<;zr zV}bUsG=}ts3Qr(q)J*LSG)dJ|5wuqC&>}b2B`i1$6PiZKmcC|;1dOKKhI-;5p@go^ z=u;)+UIbA578e<(yEKK7mX6dnA|Dy78Tj~x2EcPC{73WW4=uhCda|UGXSm;dHiSq% zg3WY3kp5Dk#oFm@BPSobo#jJj(23BiRPos9zy}*GXTZBW3F0HsgW7U>VG<{rP}fA_ zKB_ytumKB)wbts(Wy^P<yMkcyMe3nnJS3z{NR*I7Sc1E%de=e?{pM|J?r=)Dx^ksJ z@y?&=P5INt|2?Z3eYXEsIR_UQfN{3%X3xa|r9YOg<3|_`EH0kwU!_7pTo23_SXj$w zx@VEv;vZY=-vA-m2)?C`<2Vy&sHTr#tGfFNmUFa;Cgk<G6v+-*rHZ;m4TA!P*`?7? zM2ePYHNMZJ$syy8>n7=X9K5nEhmr2rs;h0Hs^{z+aGc_RMBThB@vzvzttwTU3=M=u zZ)>z+38N)e16{T8D+kO*<g$4k)4Ly3hI7zOP;JFi&!0~9Phf66@57!soL8@-*aU(Q zn#c!%_$6nN>N{1H;GS7tAP-Ms<Z!;9hu?PiL;snMDR~y-Ug&MG;a%#LI<M)+`>VtE ze_^md&kMC!#)I);e-A4@KgpLnT_SGbwU)bNdcvb^jI_Y_WiZf0k<Rv?RI5^UpDf4E zm+hTf9ece)FxWxl(y7V5PiCDcs-#doY(>D0NS^C0v#+ZCN(!JESX)3G6|!PsENn^+ z&mYqbgH8>hD_guLx+MneRar&+FQvrPBD)6cfItnThQ0i#bu^Wpc^-rpjEoCx&NqiJ zB_8z`yChe<AAKrg?9vZpy3B(2DWUH{?SN7BECQG_Md+>$DXorjH1`yNyqKgg51HM% z$>5cR*)|RI?@q+@Qiq)E3qEzl-0?^hK!263f>_IcHz9Zo=m#kK$FPZxBg@t2svC8- zT9oqejCUq1M=sVxLDc@Lt3P@(D0^3j27DjgbrQ-hZs}y$;>yCvBM^aYZ1HMK&6I7s zn9>@FqIlL!(iO;M`-~?VR53K*Q>5~;{V7$1HR6&A=LCWJ%rj9LS=}GImM@pC52-*2 zbR)v=ZSOw9#aH;3{6-mR_Cy;+%Q7_h(2RD6xZ~Md(W)u_UC22loKc!c<6)P;KCM7B zi5&J8N85lBkgEKPT^zqsMeOc#TxJ_%C8u<G{?#v>K@kIqpDC%Q$^sFU)ZLZ)J~hfC zhM$=`R?7b>z!Ij?V_|Krz+FW@nNV5wBZmlvTu-I1aor<H#??q^F|kNy)6@b}#q^>( z$|Mo4HAB2OoU>hJ+*|F;0i*VXambx6@#Or|OA7zpOG;rbI;+7=Xa+ub<^%2e_X-(( z0QF%j;7Df0Y+BY+!}D*UBH?F?>8!W1@#>yg>=>@+y*OI;@RI2qx}q@*h?xj<xZok& zpaGiO$k%9-c?|?)2$|1hLwf~0ZbML;j@R}D^&V|z_md6Eqh&VK9%#i#jSb@`cK}%* zvNwt&FR~xvZ4fZE=6S(ApjH-`9nG?_$o2b>o@phi9GoFYD9i?#a9By&o&1e9QBc<v z)8cJd*mu{}H+ZARszyx%n!O?g(pvsHt-DFgv*vWQ8lB&cBZv)+W)8mrA93MCvmFo< zbW$t=$SmdwDyoQzI`B$n@`zkS1z)N<e?P1f9{Wr{qPct#uLa-y*$U3P7|}E5$1FCo z07Q!T*ATunblA!6AuJ-`JI7uEiQXmokeXMM@yP~2wSXo%4CP@hZz_OhEt`dWm_U&m zf*~?H^-Jl2JG6mBWBj<<OXhYj=GGj593HVv6hjg1jv1o#CyFUV8nf*Qba2JhY2NyY z#5S`t&>;X3K><O^eo06OWpd3zh>(?2cQjipz5=emQ^d+jcKG3bsmC4@Yfmc-+NsdR zv>?fB1{H2{OGz*uE-(Kn0BLSMJi)hVmgs!eLS{6l8E6MQA6j+s5@kIgT#`wa^}@A2 zI^9;wO&iO0-$&bo%NQNV2YSSy<Kp85CR(h?V&nf#G^2l4`b8SM(65yZH|rb@zEzby zfF=mg^1EwAXDrH7jz)IM|Iuew=SABTwot6Wj=t%Dfp$9gv!4Bf^`5as;A28Kp)7EU zttj!Htw93x<**e!>WHqgq)-mP3<Wg^SAGTTRNTk77V$oqIP`LHUe7BG3qIV>AA6w$ zmP6LN`bJlB0Gx)v1n2(3gmEJO^MBBX&5^{=mEaNXc+bpR-<GR;o2!XOFH5JVPQ+1o zwqKQ4RENdnPDhDjoZe;*$X0}&ilT9QJxrv$%Eh54q<Y;Aa8fC(1{tHM4!`6?np9uH z*-S64b?^nj?{tN)$A5;>Pf>C9gp8SfrplY_>w@8Rn&CsL7~yuArOVsML>qJNxyJ9v z13J{SF^3ORINcwR9!NjVbK`RC4EMGtdyuxlbi6zgO&(PxkBVM{4(C+-ffHH4VAnjj z(xEz|D|KW37_UYSCgjsO%xoyewkYX|^Nw9Ft$DCd{4*<XzU*{>Iu>%ryLhr0tY$V- zXku(556{3?fB~7Zlq}8*1?ia%7}NpXIee`-7AuUJ-~lSl7b3Id>hUpAy*c(jOh+ih zXk}`)rYNClXv<5j^yfith&(e8qM)LY<pU(~HTn`w6yquep-X`5@kB!s?av5i?a$$~ zc!|RjZD|IlEn{L0cDFqHlug7=O(q1g0r6D?&mcH=w+#t({B3^z)o-6ZXlAvB=+u;C zry~@U0hRGd<p;eO*#5hBbUS>6#=u2@%6OX52#QDx9}I!zr|RI=(m1`?kb21JoJ9c| z`%K|u1yz@a^7*Ho9n>c4+Z$*IW8cycN)z9oM$XSd!-Zo_v}jO8=(zdxis{>ZRt{yu zY->9U#K0{~g<Y`{b`l)Xc8_>)@7ZuaW!bc3O~h-db){^3-oM_cqy1|^|B@ntpHh2` zug6<;OSzFq(&Y==;vx-?ODn`m3uDDLx@=<V*!J*<a;OPcdq%|1Do_&LO${#4jBT1A zYp}y|=;ZykBB`#wH{0LUm8_S*Wwgm#I#)q(pvoMibZ75!F^wj8j}la6=n8!4S!>F? zu+jr4X-D$U^BP6TCcjs2I2%>DcN@}>jr#Q<zbIkwBSOS@oPHBFP4Dk@ggzGkV8-IM zi}BC+V*q8jgZgcRCvbKOS2r!lVJ)WncZ1su5B17^OH#Y+*UGzTR|qwUb1)*yp@y-V z4b`+P5V_!5qN>@)a)>H1MgZVYu}}8Uj6DeM<9;pD9kO|^bYRgV*a{rrY2yGiI0A4G zd*8#pbs>QYw>u|}bp(otcMr>s2jhhGsJi`n*!qyRhQDt-+M3@Sy1%&y&LHGJJJCUT zVCjwt5AFRv2mr7gaP<b;_gITrVKK-m*kDE!MSL(1B8?-zrD7J98puB`HUI+!5^t$u zzi>Ezv5tc}`8)B=OkVkl{7E0dqV+fe?yqqu*JZfi?1|?M`7P_4Tbv$1NHcx#)HD21 zz%#m?EXa_kR^}5?q|{3Xf`n+BR$d>*=CP93neK{@IZL<N!SAeyxA{WKMhTTCP(g=Y zNGL#Xf)klj)p3&{w_HwoKuwZwG=&%_-*{%GiZqsBS=~9x?Gj==Fa~73tx~2_klr#@ z1{RAh5QG4lfgv>3r&&k>mD82n1-RrchzY3~po_Y>v<{h^uCMu#lKZ;?f9Qb`kl#f$ zSV$?DKdv5}JrK6(;_`Hv?x>SkrBG3uDW3>sA(1iGSjv;U$m|jARELY;@2$5Y!sA`8 z7l73b3cmacKk)%9=7(a1Rs>-Mh){TaWyFe&^@^J&QI)!_Q!TGr7oUP<gxE*A+={jB zBYxT)#kayjEm2scz8Ux$wQf4lN=!_Qr$_!Q5D0|TXw!wHS|>)6%elKa|6)VCKVMc) zDVB!~{L@N-kc6_@iwc*KQ&@N@URm)*Lo)PtXo7JXC*wDia3+Xid!0USb($}p&6BIV zhSWv%E{8RL&s8DX0ps4?mE)l%BQ@urWC{wrqwxM2%YAMV$w%*+Lsy-{NDU_zUMx^% z+g-X5f9i2u@l_0ME<N3V1k7dJoA9{rKuZY{tz7UH=Kb6k;JfA6&p$jz=RNPK8)fE) z^n$>4%l6NRyTe^E6HEYUYV$8uB3!xa4R~FM-)_iYqT)nHbmyo8XnBG^Pj<g^c(3ZD zv!BUP2T)im3^E%VYUx7e92Ug2#BF6~<7`F>0Ug*{fJ=CR#Qb>k>QO~=I0f&lNQ{UO z{19xTLLHIS#%4H-$BAyi#OoZINXwl|R-6?echggeVPww-oxSIi|D}5j<FFNX;=CyI zj5^x#1Xd!)`a0Ry@nW)f<X>LzwTc3${vxgHDGD`8pGn#U$ptVo7xdOEXJ~%1aReD& zG}G=Tt884zE07^l<mM#EbsN|?^%oQjFd;@qh}pWpu>Xw0)vb;JG7yB5fpv6&tmKOy z_oS$AkYNLZ&Ri&doh@@t{Y?1ZSMK9h&XMZ~BN<>&YOB?4$20rP1u-mip}Y!Ff2~AQ znOx%B8EnQwa9y5zghAi+X%uza&?N1&Q3DmMHu$XHE0KhMUW(_gp|i3#ifYLHymT&d zaR3RjGcuxF_P!0V()g`^ztc^c^Ca`7VHSdbHKRR%{poGe`eOiE6T4_a{DkS}1n&4P zaP6NRs%HUXwIC1F$BuB0&oLSFU~;`jY<^NK*tx73QfSOgsbXT|Yx8>to#c(wV~!~a z;4P*Neb_bsIhtQxxbp2sE+=vU_7B-8-pPVeZp#i%#76d^8TX6;9Urah6%rR2N-ln` zd6C6oC#KauCXUgg^Bug|gQq>4E|1U0c_U<xJL1EBWlwf#`hBPq9#3d>PQ{y(1Q+PO zI?IVe4$0k-@X=#M9cl~)LMh}mDTs;$P(T_30LWJYCMx>U;bJgiZXfCKCGdnkEwwsn zugX($k2*!P1m>#zRwymzT3$r!I-`mnGgg2N2nHD}%%&AiH@qoD`q{f>-P-)DDfn(< z;8^YU@|@qI9>?z`ZMRWNmf3%ZPvxPt_;?ZMlA&YpF*)lMp)vbM!+&1=P4CHY$Vd%a zi=Glmxxe)>J6T}2r2Y&dfk7^c;T0$Yk;2L$QYS%WC7%}$G~55qF^(t`*3o);3P`m$ zI&SuTBhS`={)Y9^+4z+CxG&=bOGD*~{=vKOnfC`R=CCvnteXq+mUCL<e;|ow_7u4| zv+G1=<!@_7?2)}$u+>@*nKbEHygqquYha!5a^ho-pq)sJ;gN4n<@!3+k8@F_Ck#2e z+&9Jk9ZL-8bqIho&(%_%J^sVs7UPuAS++&uHMjCS%HpkmV?=tXeiR`iT9#+g3*D#n zQPYU8c9-lAUPXZCQvi+PWL6-e6aal8hOw9bi@f~w54UHL-Cq4o70S^y3d1QDEr7pn z&p7=1wn)6*mR4m(>u>?S+;UXxR3O)mP@|(ZFitd+5JS!%>T?SNVq6S<Z8vAM^HG2s zhU)J1rrfLlpgm7Yz=rgN8b`|)JB{$Zy#(Cs_`(>hRBVt}a6spc$(vVuV_NAjhAmhl zHg4Uw7vAOAqhCCssbHn^<q8d`T=G}TbF|U-SbL$;f^>I8WTpjhAFIN(^iC~T>1ziH z?gNx4Xb>qZ+9#$;Uq={|_ur#C>q$AV6}J%yHJ=E31`w#8`I=0^GB_ucb4@=hQDRL4 z!7YJWWe$unacF65@VaE3w@!tHwwBJJpYDS6v;5s@EG=eIj50(rCTwn<^Kt)MHh|dP z=IK_4aRD$&)~1pEnb@p~?$pw|T)=(TUU+%`Im;`@<Yt#QTv}ga=7e5TmaemW#e%Dw zB;`4TQO&6hhTl`MMhR*wPUaI3>V^6Aw}$+692oyFj){0+9GvM`mVw+6HN8UPXS4Qj z{yT@$AqtGRXh?p{lv^X2h%5fyYk&y)1=sYZ_@VWp_hihLOr}sLXbE;y)+sPhVrA{O zMJ`|2zup_j!EgT6Qg=(Uh4Xsk2+T`7lao2&-1!qeTr4KQ>L)rVHk>Ut6pNz99mm%d zq~s-z+oTu{Ya&PA(umc!5uj{g8NNQ{aB2liQ~#Ato5C64`!0kg&4V`Z@^0-SVu`!! zD?ieg%5xt`f-9Lhbu!ikieGv6|AGjs1>v?&RH{~s5%x@QsO5{RWCgy7Zg4r@r+95; zGgz0E=Tt7v%EbnBMSi=gJ&^dq52P+`GFwE4Nsvyrv{;|hCJ2Tt6MQuSpF>ms*t#IS zHgTiw0X;gX_5f)dpeab^OO{SkJ2wWQ8eOPzk>Xia%gsyB{u1u#YE}Qz%&5ougu-u^ zr!Z_BobI>HXz49T3sHI!<u58df5v}T0vzaQ5}**140-*BH&9S$j|?tXC>kV6fFVfT zC?4V+5QRaGeuLCJVj!kc%YpzPizsM5QJ3l}-h~uP;~^=OVU$q{q`;hF1I4DY{)h6| z2q9-Yaj@|wG0K2-GTmF+u;FdoC2M4M?5Z8-SsR;#gB{R18@(QF4u{Cj>8tTIfwqkw zzXIof*pg;?AlKm<3IE?C2645>Og{M=GQfSU#GQzxABDW8q)xlx<C)V5f#!MHfJX+z zAL!BEtN^FpL*bpyx1FTwW8qmul|b8GAY+rKG29gxlVG@zyU>PHxv_~Nt>;d(BI;#0 z{Yj0p+&p>>>Du7BM`?GZ@qMz(gv~bUqw_8O0B%jkv#a14kYJvjB#d+gcr~ES67Ax5 zk@Rm8Ao16pa?EZOC6<7X9Wy@(b7ybdap@(a(ELf3`LH66{(#1*9q3=d`pZ%<IsVAM zj;7$^F9QJR!t%pzR5>sLEvG_+{?^fiCvMmONRcoO@d2aj8~l;l;R6^)n&Tr9Q~ZqS zaoyr|G{<U7i!_;B$%#H>aeTxlf{u;AO@=tw{DbF6XNYWa1)l2kb&KEEBdcbCL!19$ z0q%B8XN0!SzR&~8!%YW|izCgO8aLeS&vSCj-Vsh5gB=t5HWkh_G)C;OfDB40lQJ#- z8b!bd+Bv*NXMzGSj01i?0sW`WT;j^nqksQM?N>v{q4p%ud=oyJ&K=QhS{jNQFNg#* za_s%xYa^d;MRq9Q`ZieLxZVALmXomYo%`rw7+cPlDaF@<)J=NM565tx5@5~aKCCTE z0e#8bHs^V_SLTJ_xTjNI0g$2hw=6&kIZ%=5*DBy2W|p@~*(p2F27oVadJrgp1~D{Y zK8O@LIt=7BqAR>v@a{}q6f0=9#LbwaXmX%#*{VCOMO@jpY-R4A%cSD&q_U%3e`m7f ziv|}d+5QsEbRqxz7~=Dc>GF6^5mw*muQT53RUjYB17-XyzdUW(^AS@#c88V+yji(J z!%3(`?>nxy3}*-g=Ku3ve7peOi<PbcJZRY?Fj1Qme;Kmu+^*taH1;o<p%?yWoOT^> zjFg5x3z)7U7cLYaOeCkRI@|I_F}a4^$oc7~PUGWfZDSo(BUq*Z&13{_{*(btPB*y( z{^7mHZ)^s|Na8%tiu;PF(cCarl>8y5$kR74=-T*Je`6H_w1e^w#XQ^z&HoALCQ3BY zZ|sPh*Iy2o5Svl9HhRy>Emx9q8RueYjaDcuLl_gT0Sz&pONz{>AD8J~g+7)_q?XYb z5AzQt`9rK{QR&M}#PL(p@fM@=c6tg&)`i<un7c{l){{VQddf+L>kz+8nI{3b?_g9# zZ6fw}JePyplh6}WzGR~ELv;FNGfo=UX87IqMq@;hU9V(QLCJnvAOJ5K4*wG7TK(Iw zO-ykHOOe*LXUuGr)$moK>d<>cFXZl}2A04%PT<9sPjJ#L-h}CiYgvfB_b53uKJ=3j z;-lkw#NCNZY*(lwc-TE=ssZ6BGO3LaGwe2V(g~iTRcke!iCM2P7wJV;@m%@KI_G{C z2VOj*3g*Rlp;IdY=y1|ea!&iuzVFlH3^KD5pQV6DO^|+9lDydp4SwZlnqi=4ZAbi2 zB{_c0>Cwg(mVVP@gT7T#Y0K9AgT`&CGnU|kJOKxO!}tNHLo&~zo74DIivCX7+W{ro zQg8UZ@>p+6rb5}gjoD3y;Xo#p|9!28dQS!|!QXs#9?zY>uKVl;#RL)6-oH}s%zj(y z2|qPTq1EEsb?Q^P>BLWN%`aCRfmRK)iS{{665XOQF;1L@?A&+A^C{53K##Bdjb<Uq zMK&*g*6JCYgMKDK%UB9;*OZ`L&%)~n@s`b*57Vbqo&c8yhwFg5q6;kkVSvXQ-M|35 zUI%DpHgL65bvi+TV_b@5@Q7P|wlFr%LecEfZ1TlZ$RS^7|Ll8n^h6_-r^VA%r@r9A zlalA%l3e9SW5&X7rG&B7Mp8?0JS8J~^@T_7QOOIN&4O_z(H6$f0@i^}`%e~v4hx@1 z^NknTVufVB8kf&)1!Xsx-u!*0pi#bV@ICw1NrX16{Sz04T>QiR%D@qa+rbD?3J_ty zSV8lS3Xbt>w;O(mp~OF1p~u$3j0h0n8*;R*WEgsDt8)cB&1sig3zUu!mYlIxIaY%# zp5Av4R{nG;hT^OiYb(7{H0@624hGi1AP29mG+1$|SMGH5P)OV4kKkm&%ok@)IA;vG z!WdRM1&3GHLE+_D8bU+bA6g_gS}Q-Az)+ixJe4duE{~o3bw4=Y8f<LpNMl=2rgbYw z^tx{x;2|)Y#xi3y5ZLg3X@=U)tK6?4_7t7eYxNQ}G%cMRW5Mg13*sZ0Z;-S`5cBh? z><Ouy4yn{tN`bhN=SXGl`Im2iDL>h2BUxc1f}k({xLf*RGzAjN3*j{pu_DZH`iAR_ zyhqdfO@@C)g*|_R2s*sjRtINUvr;*fB7lYo9$eO7W|_@pOOIkv<QiIqkQ_iYs>AlM z!&d@5qq<BR%(1G`!r6Pm-{k$TN&8&l6D!dlux6Mlo{w^`wnuw!ygy&4S*tvB#KnI! zwvXI9tA4jN_{)L??QibX!jObn%Xo9G3G;HHui*}zN|@2M4*eW^0S}&Xw65Xic$DG# zn_;~M@wfBblY`NV<-H#xV=6%dOAX(Y(h7=cl^T`l$4;57A1=mFzz=oi*;@xMtavGH z*WE;DquM`JVHTO?EBEx79*l!q3Fj0Y>2dAdodssR^m;{k{DC{-aftwe=BaW(^TXhG zBv#}G?g%^j3zz?YzaxAPV&{kzIs@tI3si*5_BPiVl0-Q9I9blImC2150@}^rH7vPb ziZq!(`<p3k!}^<hAM-c9f9UnssW~}C<hXQsYIr~JgFC-r_)KYM(qwg}lBE2~b!F%3 z`_Tj&l5^(MgWiQK8U=5tt|6sR&OFn~-%d2_@senjFxQ8H1cr|uht-;wS=lzYrA>5) zZNib0&Qe|~c{4&0b5VRG%MFr82=yA-UQIW{W3#tB!|GX~Ne?jOXH8_iHLKfX9g?=+ zoQ}j<4U$Uz2eu57{NY3~@tV@PNLn>TS=Xg#t52{ZW_N}wAwmoKU$@mUB2ufaL%V=g z9KcsuD>Y59b$_AJmvvB^w(M(Hm1)$%)zXmIHy&qdQ?HSEShv3@yyLjLTU3$F+S>_{ z%|{T6_*7NbI!5z1afNd%GI<1KEAhxj(wP51G~-7~=NGejbT}KQ--W6YoY3FRY>I;L z-+#-+b?8svw|xKCZ_(ItyQ^v^a-P=y$%Rm_kbQAl^!|2Ez|p(1_P*L>Hc}^h_yti6 za`t0G6Y`6rLlW{>x}2upWuX9{*!y~|cmMrb95<l>z_pD2b*+>wx3kx4ZEOEjL8zC> zexY%gwBD?<xG=&&IhmZb9xiB^L9D-X>9b>6`<tRq33QH6{KRUI|4Vdm-5{w7F6h5c zsfLI8J7AHiye=|Frv}}7M%La8K|FI}=x><#SO15!uZ*g4TN@PwU5K=_gdl=+N{1-j z-606lDcvOq3y^LQ>F#bN1ZnB+PATa-mwRv7_d92w?~Hr@@PjedoKN>N-=k0yHeK)d z5r!g}8P^dhsjLEabgM;xS3DcItCc_`Py7*HiTGg4vQ^19HJ>j4IS^@&phJIR-rGJ$ zAU}4p%`fhI78}l~jF7gn<u>IAZx%yEIbz>go2JR&iW9rI6B|^H30DPi-JhoB9ld1X zl`n{Wg67^y*OQsVhcNY)XQ|q7`t1|ElHS3<aENfe>{~~Cm|47K4K7@q&tpR%Z}b&B z=W7XYn|VmHRfdxJIt05Vo701YJ?YkDM(6tqt<oK8_HcgWZfl1gA@v|nLWIW4R}BQ^ z*8*%^I79U(lhvu6<pVNs><`g63r{&?-7SO}7bq12o{{4rVZ7zYo7Yp}I9eR(`Omn8 zxJ_9B+#dhJt!zs40?=`q6W5pxUK&@m+&Lk)kyX(Ed37MLkDIfhrkp_lj*<l2hsY7@ zZYIsRa919}{s<50k$rXUf}TqC(qd7}f94zSIR}hyLcjRtP!o2jrW;b{LO<w?kVso> zc#uMUba)Hqww_6?uP<c|R+1tnIs#haEa{$&1?#pFkLpTL;2|mZ3Z26U>C^U~u`6^- zgmI1(hMll*P1qi|O{85j9T&o(q&u17|JK2WJ!-M?{sc=_lR|=69VXRW`XW$!1k@EN zdsy@VL;y+HTh4Zz55_#t|IEA^OA<;L^EzP63sWjg0L<I}8Xt6c2afXILmp>wwLAyq zGuEeedYyIBW@P52qRmJhFG5UlP*zX^fjo|~_YVSxgKay147=^)|8kox31#A~Ns2#i zQ!6C=bz5T4;XSx4q{Q>pdifaByqE7W*MIb-C5`Y*=$8m^g!(@mr6ulm3?#=ZndSIE z0F3#7&3Yy5w&wrkHis0eWPn@yFWj^W6Zl}bB?ld%g4-TH9gvTq*BQylcoFr??p_vK z=&>p-dI+E-ThQJ8J8c+H-}doYb%^jql+C_9?6$f8<u;cTD;RFSZkwSRMM*(isb*gx zYk1i#1|LV=l)0GIYdl*I*A>m#5D_n|VTK7=hH1By51vfP!0L1cbuy|}#?adrUc(aK z<9D^xP8zqx-xq4u*t8w1XOo89f*G=>)nm)~`+LI#-WWQ9sctE{t$dat*vI2{6qq{# zb%&;!WT<33w+9zmC+O8Iqc)fN;BBWgY{O>A<{o&#f{&EDA;#a>8x%?Vwxx}6wu{wB zAHcZz3~j-#O(ey^zf#%cfI<Mch_7wCwlHCZ+0cJBGdTF?z6(G#p2Ae)$goBlriu-m zxa&X_(WwTji=JII%H%b!<q!JVaHoouKY9soPYhJi&j`IJr@gwp^_vrXgLaOoOIo#l ztNp@HnmIj{*f~pCy8mdj)t9#PSAlO9hxz8sZJQ*RLb?EjbV2w`_g5&e;xVQ?ERG9t zu+8Rgg|~+p96v|&oZbU?1oBt$@S0oquy|Sm%I18`P+CMkSUuYoX4J#VfBYvgTSOU6 z!YV?EK+K0^4PrjpWdeBVp8&bIAP6bCh1Ud~h)M5{o-@O*-%M01jH(k}T)sjt{sHq0 z_iu|vCF7FfA$@=F3mYWiL`0I;rVwFo-!fx%Z;S+85PbQdl)m;3Bb_HRW2XTO`!o+@ zSXYBGX(Ess4qFU3ghbLk$JJ0a>lyXn?SuN{JdJiFsZS{2l7&Am5s8A}jcTg8^70&b z`ni2x+{qh}rQKT0L#f}@Amzf_Z=lfdm7nX0A(5v_hQsgT^Q)r|!Ja4f`nkEPI^S)L zWRRE70auyV0HdKq%|4RvBJg}~=*c`i6%e$yE;IO&YbD9K`3se0c;+Gv2SOMjkC*<q zSvU%EK`Fq9nVHkvR>;_Lo*fO$=fjvy4I##bZfi2U5_e4wWmQWPq4y7IfDiG&N8$t* zo&0eTI~D}IQOMb=`SKPVB~tzI&Vz>YHrIyf+{RkAyyf)FfoMhuf-TH?zVrGdj!=j} ziua0()bkcR<c~k-z5<Mt&CeAVN9hw)&)ZsspCS1!0LZJ1_o#5-5WI054}9XBH^1x- zWvu&b%w|6CUoO^Pf*{zyj^tdFmYJdf;yqK6w*2RT;OJL4kR^n%!c3cAjJ`vry9yvA z{wi8b2M_TTZ?4v8tu{>;TI?biK6)>!B*BY{ySEBR(KGKOdcZ>tj*CmpOuISG9`e%` z-b|!HIPMRWTOecmKtS)ZU~c)`f=@+f9KmH8!FO6o9X$JF`CV2~jEEkidK_j7B<_S6 zItzO0wqkveq{I-o1&4qR`?K|+c+tDK=-5VYTO#1(%OhPF1&Kp2(xnm5_f&Kj>MNY< z4?1$Mo897{9b$Vp=yQicS{(qwD`72J2`~~`_s9;&{&5)WL`q~;r{`lT{G27n6s_m; z;ER!ff@rG{d3JcnPjbdLr-s88obpQI(*=Gc6$fu{EB9lYD`0kln9#L$^B$ZxhRS`c zV8FpYkF@gf#K!e?JBq+E)e)@UMey>4g&Wd%&nEzN8xf)}OJ86open!j=BzMuRnbW} zXcR%j#C93pI*qd1by4)RAfM9&hpvLh^j_Q?nkpbj4>{kU$A!8f?Kegsc%Q=JC06fp zL^uSCC&l|GZq&fS{8+7(YLarnqD5H12C||@`tOd)5nu%H*+n6@H~KoxzK8ev1>eKx z6TY|L*)e|}G&3z19=x+?qDVsR_P9%h01=M84XKs{oG`d8Y<t6rsYmEv5nt)>E_jzP zJeqMR_2h>c`3R8@m5)3HT;V%pk`yw#ieMQISDhY*C<GnKco*F&?p8~{w>!`kvfpA{ zEz+EV{JGKj3!*-ZV0XL{+yKEW0Ko!o!H*(q*1D>RiI=l_xEgO82?<faBYAPa^N0tD zd3o9*LWC2!pOxSLi}nJf@CcZgAyzFM@K0`O1z-g1!t~gi)YCHoF+9d1;{ca_z5B;2 z@g(M&ggU`Vb4*ga5~OH7jA8+R9sJ9{-%^GyFlPwg;!Cc{Xecf8sks7R=J+^-(M_;f z10H{8_hZDHs}UXk`y+Jg3NCpEha(JtV@<JR5U*l@rmtU;_zjurpP-9!d`8qS>Or+U ziV1o-LtyC~B=8vdb-{qz-D|E4UfZ*$9p?DtHF<}0qHrNj&p($C!aqU>HWQ9n>2J!e z3;Br^f*#1ILZ;;jYVv%a57FRuAxlo#b@to*xwBa(%8lI2E?J9*4*)d+ZozqnLGWJI z{-!eN95EbDs(qj8fV>M}>6UedA_6+3p_w;$W-vPGZpAA-2kb@~mo-8#Vg7)_X(KY6 zQljv|Q`MOEsN14x<iei1kM-V#hui>EE#xVbJ<Tj%{v8z{&#m|r3l8D)BiV~icl9c} zP-V9PwG8BCR1vJ~?{M%v8s)>?;|GV6XG-EJ^jeZZp9Wu#{O~JNs(dSU@CNINj8Yc+ z%+QS6c~29+YC~YHy;+esb{FSITvj-^T_kj<qh<Fx(_dE4)AKfhs_z7xj{w$ZGGKaf z?5Txr!4V=*^YDv)8@)~?xgLEU6*z0~0_DN_9WPvM<AT1%#E&ZR{6zy_?zG(#j_ys# z_+cQiez32TXXj5(&|j5BFjSyFL&v<c*=cg1uF{jhq&A$VX#YaRm>eDhL;#p_U&P-0 zvOd55Og(N!)MF3EF|QE!bh3<kyiDpTP>q<|z$%HXa-GSUroP$o<HWa)bBN>#9627R z^H#NCcYGdVS!S+yMxdbtlv^08o30rb-t~d42tTlXqTV=P*?w(GE1~itv*tUcU(S(Y zkf#HX?RxIx!-qGr-3_lvih6KM)=d>5_T<&8EO`X<;^!YN66DS-I*VY|ZrEdvkI>|! zC_4nN<*T_`DV2Wvedk@D(2C_%Z1E&6B}v9`?opyHYn4|8Iu)vZyL5PY5(<q;Ik?&u z1&iknRMga6DAO6iAceivBHDVNg6R2;0ZO=q8!-J$uYB|#+)4v>V5HYA5Y;&5FXBlh zUzar!^h?U{INA{*Y0qE<pbF1y%&4_}Q(+rL#b^E~1Fn4{Wr9toq2^L)E_-aIrVm$e zVI170Qc$3OUP<%f>~Q8wS_i~e4#*hvr(*DL|2Ah1N008}a?vp1veKX;lI%{7?gZaw zf32wFeiFgww#mtR&4_FyG6OjuO<U7V_t+&?Z?vhPRxZ-#6Qnu277BVGA5Y79^nGDh zsnl^m)lWK}ORLCkJ$1UN;G~GTQt%esH=qi%Y3Zal?f?NEYYyI8SKEvTAHMtiE1rlm zz;sZ;t=+hrU4pH4GQ#<&MErxJ;@pI8D=GNcbJ+^RncQUMF5_)X{rw~6DAQcYPD}!( zbPw8$2^50OXvw(4Wl9o9#ZU`!bUvVzd*cc$H<H|eSS_%%k2E*1!?MfEwfC0L3-Z9| zpm&r2ENGyt?*(x2Xz;?jh{jxCRP*6+x-a<N!=cIgB61aoB<y}=;3KY_pUKBtm!lSu zWp{PqghKpGT)#uAe_|OqioufDBUg_Qh=?q(ZGw`40NcN?Bt-{wz5A)HGK{RbJ~T2c zodiPK@AOj<<-#m^#zIMFI(`_wH4T3BF8Ljw{eb+A6!Xkw<TrU{>v@}f-N{t~KJP+? z&?KVcJc`s$-BH%Qv-B=j@N|h*VL)nt;C$`OLH~W#Ew4NvwT4d|<vg8s+vKwPATKio zica2SpNNzVUA9eZd|#OVy7joBRCDeyjz#=olxmKAMtQy2J>XEUfeKty=}G(rHb8(D zdk(%NBk{osCXhmjJAsBEM3eD?OX*b_#rS@BX3NH!?M9w5Sq29qv8OHIZXyd#Il^yn zn)LxR$77z~wG=#^`d$j$@)E_s<8x1)K#5O}4pkX((Mk@8v=~4GS2kmT;5Zr2kn8=8 zJiY{U<F-~bikOD)cB%7wN&<%<NU=A+MB%)=y>Bw|(VK7QNHRM&gBTads@rxzcR;ZZ zX1y%Ft~1{7TmgYY&Av;tKScH(<L-+bDJ=-8ZdUUui%PCoXo+*K{nOyh6YnG?xk?E{ zj+L6Xb4Hbv01qCf?zfmXc)W*Cr2Q927(sx{J9Dbfmancjd*6vuaacYy2mu^oRBV*H z3Oj^-=`G&PAx~k47(6x-p+by3Ngc|h2hyUT+rEI}T)lmst2M9P<6IO4gTx2%iqqpc z3$7)!$}iOJq5hTY;78m=w<e2>&*EXUIX*5T-_Zj=)DrfUNW=Nv4ZW;j^m6qyN~Qz! z(olU0T+?ULy~{4T+|vyRuPk#DPOve_I~>^zECgT@zwH^T?|mQP=sC4JcRzUJ_roCQ zK)YfPk@chbZEp<9`();O=^%Qb^iPr||LxZ}o_iv<O5-6;pqs$0xMjEHpn(_>Q?=Hj zZpY(QKo?GD8n!<7xDv{8t$^-+-=tE}woww-L6uH{RLqkM!~2%0;%x_~6}*IxJUx#9 z!$%V2$$qoy7Q8!>mDd=<lV^d9;Ba3Qs_Ey=U*Juvwv;=w&Ndq_I1j&#S~{wF7wXj5 z2+7!;D`KtWA0scmSI=N=)KQ=ikNjG+Jr03G$OkD<$xI~XO;musCjsDgXDX5NMPl3~ zHxpP#g(t=tE7xzj$2%e7u-Yi4k=3~V3aQota&fpxKWxsTE)tT`_*8TSYRqQ)5;=-K zl8^&9@HC)sc>6g7H%y&`N%-+kmx_~am!c4!OJUL<2v=k0F+2IAFE}mx()r&s5jhd1 zi@+h*PdU`{#g{H+o;MtRy*w*ESAdJ@K?TxS0H|D%9C^b?PtRG{sR@B7<f5KVB+q@s zRKV9!nn9}}vcXWrpf^_79~bpU^_^*Ugb~Y0(;2qXlm30j=QdN(1N9oMju!+B0MsG? zs^eu2(G93yV2AF_xm0g<yP%=*X^D`2MhHpa%94!IQJ5Hd`qpH<AF@d_jimf>vEP#Q z=fUpc^ySg2iIMENa0^b4JAgD5K<XF!!0)%nd4doSc*&PR=Hx;E(x>EN{2-Rw_2{Ef z8m|-&=Mcvofx;ueDd=t%`s9upmRIg_VoEIaax*751U>lb#w`yaoddBG#@+kyQa91y zUMBE<4V*jLyKDzDn=GDJ<mhVf1J{{an%v^=(>{^q*&aSI@@mvK%<EWNFFD=?&6y*| z9O-_8QgV2RDoC>Q3Mexk{gzqMxhinpWv1R22&V3gNWbnNHUhfrkHG@FtItA78k~Yp zBPfMnK(02X<&N4%KHKKdy}F#?E;DK0i|&fJ#PJ2@=@F1tRD4K0a8Ebs7R2#6u=dDl zk|Y>=Ap#Tkw%@KyHF1?JX=TVn4001?W$_^jyH<#r-<4*qBAm%7ncz`tTjetYkfmaQ zh%<?e?e9=3%q`_8h$qw5$ft|$*lIizXbuLKT0CT%fWlIR>SeD{yR9WPB5e-QIF?Mf zdtP{6mmW!q4I?U}$#G1j8Ku+l#6$?_Rv!SDeD3&U-UN>?lLZcN%-L*@c`hs6qXx4i zaKE=?v&L1p&YMNiX$@YC`*tb}uLrYNILx{q?4l_beJUiH%#-)C3G){W<)H&<=K6fr z0pw+(z{p0D-QL>M?W9Sa@v_$e)mMIbF9tdSt%hY9_K`K!PWV{=Z8-C(8M&x@<c*GW zKTS`{=-MkEJw$Se)js*t(u~8?pGCv9FK|)TCKXUNMwoVS@K26jS2z{qt@Om^Zzxf7 zmzb7U+b-$-H4A{`^%2-sZ#{iVfNQqE4%hV2s#n^XzM;-YXt5O(L>R5*#Z=xH$V^YE zw*UcOk-!t&$O3vNyfCB9;h1$#ESn0lp_EdTICjqtfddq;MYM*QBI=Q;Hp>I23a9U? z4~V!NMl<P}jCT&j!X#hL@;m`_D1pnWgS@O3xH<!$ao_ne!F41xopfFa*)?CQ#dXUc zQ#!L*qt3`Aytj1qw97SA*H;Wv48Rb^8h;2<$3KJGW@{J>8qu^}u}nTQ=X3hzr%rzI zS<={8(4}5Gf14>K)lC&T<#`w6c9ZK!OYk&MjK=2AE26-_T4%v7WVkA1bZE63f-yfl zM3Y8#ZGdkA7_t$WtwJ*Js!InM(5E0$I%?1qCKC;`js((>_RgpMZ_*Gi@Rsq1@<}hX zc4Kah{nrn0ZhGEftj6+rM&n%*W#&GmZ@v-aozr-zr~Obe-5hJ&?g9_YbCa7}^ppHT z;RN}CM`_B4`E=UwVr}*kZ_U)~BmYC736E~?>#%?zfQ`7kodAGg`ta!u*0;PI5kL8a zT{XBEopuf9sy2k2LJHQdap~kmjZ2q?WP+MhIv0fWqnM00-ZqS6_}gDs5^EvwJhIwf z5F+BYmXEV+Xv4b9hyW(T-K(?@Whgh8yJD*>gxW(#`^4evBVJHz_$q)7<uD~R3eEsT zkG7G=`<t?sAQqwsLmkvBcJohz+=nW+xw}1ERb3k-m*c4wN_~azualUr{w;`X4)oMV zbXP5vR5E4nFE489|AICgXuMj*@+NN{tIzl-{FLB)8KL21zQg)Vwy4+V%zhz;3uJN= zcCIf#Sjbo<mhdE4y>Uvi!R4)7_+zn$lMVzh8?Wg6Dj+(4vQS8WV$&=96s|-RP>xJA zC~!Um@a<{48~{Cp0F?j~Z2q(~=*F<%utO$MwncCG?a!||Of6sgn#^Q71BZvQ-mtTo z{wVKF;V)|WA{>YNew1D(+tumdB?0o~dqyvuZ7!23-_D6r3%^o>2CegBl78N{Z+R~g zREG03C|S@iHrM2W37#=3_eDIB%6)76J-5&E(V6oPMXA#bmgU|!g-!OWTmn0if##~& zp>I9$FJp10pMx+CGyCd?72Qwcyp<4(g81c~_vwXx6%0VxmO~XdL2a|$XG9g0r}To! zGj0Tr6uqeVs3o8z?Ei{#!<PR_Xdbrji?695?Le-UPY2!p-mDv!qj$Q^T?Cbmm>y z^nW<=4y_>(ak;*v!RZOZa0iK3O;g``1e$RB<V9tXLlg#j@3lp4IHioCMVZmQJcUg3 zRDE6`E}-O`q8C@e%=axY4zBNrJY1kSmeccAs}3fuuMx;WgIZlb7^n(cNTl~~!h3pB zz-RR($}MEKibqjrP%O(q;8QUfi7`~lX3|WKY-|ro)DlMM6<X?w_>|ir!peo(X;1oi z@bfs8XjFz85Rr{8+of_9(+cG?B~yiuHglDOO>&O~C^Dpzs1<v%h=DedQhB{2;u|U# zYBK7YiviEGm3-{d&8h}6&>N5ak8lA99ko9i)JZ#EFUqjFT6t8sXE;IqF`%yd!!M(# z>~(0<Lbf&X?0ZaB`mV-Kvub*V)>$g%M|--$coSA!x#dnCR8Jlh-hxH#h{U@WB~N-a z@`~=Te#b)7Za|Jy`3!OaOba6eBm{D06ZvQbSY*$PS$_Ms34>)fRyED>DIRj`;%sj> z`sp*olDIP28;LV2Y)37o-8FCyLNFF9^jGP5uk|D{Bx00j-E8fi+iSxz1uVqm?W?%P z3yY}sW8+V&8_{-pSX$#xyfNOO5dO396bl@RU4yFK-FgOY(z%yj6`Lb@LzlyLXZ<N9 z#6HV3cs0B-&rx<}HTrn=RVAw$6B)&(osWihW=FV7^2(6_#EgjX4M%=_ah00-&U|Sr zC^R4S!T`^OKHy-#VAR8S+{PgebW!fhbN!q0L;Yi5_A>^Kg>@`(pj+crGH%ZHL5N|G z#q<v3)L`jtDF3;9iYtfwvUto;a>Mzd%_b_fPGz|;8sQQOk26ST3LiKgZ5JK3EVY3u zE>eY&=6IBwm0lVs&a+YfBZmc=fe64wl=yr>{44cj@pqt6%8g_yVB5jN=Us{5D3Adb zMw)mk2N{=st%9DnM`$ulM}}uYmL!;fU^7e;b(gOP6gAQAl@oEukvFQRrxx*N+RLaM zee~qj0=?D_wlR6ou8Y#=rvx5_!|AON;a?`lQ{W}|*UQ7b!5UHodY#7n+jr5PN~~x^ zu^JDOitFOSB)1%%$lpD!CB>u2Vd9x$)~e~d${&zI&~;SvkzicN-~Y%q0?Ko$i=t2e z7BL~vf&vdCKKCD1VUEg+edb*G@`_!=O`RuyhhfBCadK)34@g2V@qds65ZgAt-ulC< zd!`{cd$3A0%%r?}M<&ei`P(0!r-0f|x0PC~%Q_rzI6~N`^2QE1!nmyPMe5BpmhKD- zHb5mD;f^bpik65Z3rU&*k91HB8=(FOhq}_emH?&j$i>INnNbGcF~6zM>_vi@l9z4j zZM3d0CjbP4YHue7`EcSx=gQ~JcKEIOd{Fx?X&=ay2i@%O^oNunGvzR5HA4PPVb3gB ziuiw>Fyl)ybe2>!{K?uNc;oCP!Z9O{78xE==y|XS1)lYYV?Ti@_)Wfb`h&kh3807Y zI3Sdag%XhofCwDUM-&&}BRrS(RN}~H*4kvI*t`AE^$vaz_#v%#c{U*Jzjrco6tL=# zarwGw`K^QG8h}#R<Gt}iY?FyiTV9o_e4weAVp_<iIuPN{T_jmHFc#e{C;^p9Fdra( zLl^;4U0At8vK<wJ6qGwWpQj^(wiP*}`>_e{^fngnzOI-X+edt696%6N1Y<cS1ah3` z^3XH@-$S;CtapB!m}UuBzA|X^ebfkUh1V7i4uMQe_s2!bk!lB%iDE%)=6(04;k7s; zji3Y^#V@`5pHvCtDF2f}x@Vz;icQn!xf(geATjlV3IUemJXcq|4>Jf47O4QsMNsYr z-(a>E4ogc|Cl1-vK{Z1YR?WbSt#d6isd$(JT;RaeKmmD<>8owz7E#sHMMco=|3@8Y zMqKdh90NH;><I>Az*~Tu9s*9mOlB?v%J6N91Ji-n<FBf~@aSQr3$?-MB*qj1s^`{2 zR{eN4tY?6w%Mxi)I%%Mw(2WS{(2u>^_^%7QdS;X|797?)uI&Q;JHK2EFuVOk-yebw z5~OC*LD*RsAglKWS$#1z&bKUzl=^r7Zxm8(yh2lQbpOyb8>8}#ZxiqTLxzfN7Nw(H zEIxMO^rnGnD8cssHPm$!18KiDf%zE$U32{#dQdrjjFdl7tzeKsm<{^Ero*^N|355K zww%Zq?5j@;KUo^wu-5tj3*{a^Tf!E5zfjUJ&__q`E>;idD^3OvC9s4XuO1lPzEOWl zSTVBm)ro6X+(~i@{4G*+xxZ>1d5$fK>fDW{FOTRFlS;Vp;>zAM)n1oNn-V)wDYGZg zYGw|qSt#vy#~lt`Q0!x}c1I{EIP8R+G-${_9xYc_dV5{YSu)eat0c}=b1vOrBXdPq zy2I@vjpoj-qoY`mtyg8pT%}>ZSNzU=>=T<v2>9GuzH^otl7VEh<SK)X@@xg+VNdV0 zcmit<7cNcuotoWZ^REzLv$Tvk#(O~BFj8`FYAf}0pgwOI+N9#rSAVkc^}8hknS$>0 z2ru>3YkuqoZvPP}M{;Iv{CC>pM9}V;1{q%EYfMT!C;NH%s7{+aeBH!GtAVXkl}QJa z_QD1NolB5`c4CRF&q~Df@L$_6q$ejfz2qP9=)X_(36o-Q9T~S<_qAbCZdWvQ6uow1 zesG6$_Bh(NBe`W8!)EKt&A})dXTuix0-m=oBTSW*-*;E7&DAt1xviWKs8;%(p3Inz z&{%(ZNg!8JKBIP$_v|5e;iF}7lY{*T!*Sb9WtFSLbu)ZAZwydBW9<ee;T7?%T#?_! z+`U4W4d6c3-r+o$`IaU#ixI%%bu@XLyS8YV_f>1W!d>s=>!xn3^Mf7Tbfr{yCf;k; zNs{<-{TRccLIM%}Z~GCsET&%1SPS3WA#XR`9k(@PEUkZKZXgxKY?#tD+dIs1da%*v z?a=o0O?UKc#dhn{o|!Tk{X9iRpAYZ3?bp8-aI>DLnyefXh7yl{vBfbyS3pr(Nl+t@ z&8*J7#w}&Ne&y#BBN61XTWQb=SoSKTpAmR+U#DBy#J^1|X(?hz5?3C|<Z;_%Cp7~q zn@6LO<hkQ4LpXmObA|-bxWHkrEx<jQ(1r^NA_21tx0FEEojk$QQsc#RVvOlgS@4;t z7SSMzyrF!7M%C%~O4HEfrgLdEd}tyMn8!TcQpt)kWoyz#nU143&*uuZY6D95ydgf9 z(cE5=ky&pM=hAu0*D2=xKG)$1KlOPJZGn-h#&TxwGoN_DIOf>hBlR+EF-!{iP)s2+ zd=MG_dv*kvftC+G&#_Cv*q%sY$W`%*!@(Q0Na%Tj&vM|>@TQar2x5*8_g?P;SIfEe zmcT0jd#rrX6IA^)PG;hynxsJ(Wb*L^Hk2oxT_yhs!-PkFsqT_<5aq$LToZGf-sR5} ziI~H^Eujt7L+t|$4ZkPSp-93r)5U6aGAYBw_cFTOpq?3P>G<&~RkbF)iAB4cBeIQ$ zDlekpHr<Ecd-RzKj4vpoJkPiJM_&9u%%r~%3U#<r#iiH&kyj=b@puFb^s0Qx6}p^A z4o0_%00B&ba8M;EzB72yaieV{3tQ&sCQnwJCTKT4TXo|{6vTi|nFV9efVj}j1K&V8 zPOvlWQzV@oH9m5g&NcJSy;GBOdOJGhudaF9rNbr~)gK8~dU6n5(2P!7$j^Ry<vBnf za-39k$s`r@gpQ8#>UiX>SL9~z(c$-;K>e01#li%)gB~0za1{4|5vT(_QwLzqs`V3% zC~nMI5Mu9@n>Gr!>&IOci~T%Y*wo#SgO1!rWaq`dqA_bvB=7aka${$z%6M~#-OarB z-2L85K}MTP0`h%3x3PD0>czVP-5Tv_Wk1p-(%1uWpW!;P<EXLY*t2W5f8Ofx&`i}K z<j>D#S;=t=b5UeaK|N?_pJf;!ce2^ocdfa6fNI9#9oAewHbDdgc?XYD{cnv08!yDX z%G~GvXs~)6`?grTVkg`7w2ERu_cg=W`j5izt_XS{JYjtFD>QVUbyGdvJQ>vDEHj#{ zvJ{dZ{XBtNgg`z@u5(UR@Ew;v`)e!yhE{I2$xN73QITp|{rccWLHJ2$_4n5;jXusr zddB8F_JVXV`GetiDk914s5RO_l#HW%52XwQvaxqPH~wZ#LA_(pfOlY7Un;I?CzHrM zU7bnFF{>v0ambH5_ZtoqfiSGTOGG6{AAp}cc{rejb~2R2$!vNKo%yAfy~ZtHBl)j} zsw#3@AB{OLq?>qD2@n#FD#WLY^_-j}^JblA^@Q;|K&NQ&m}U|xZL202bo4Ehk1M;K zo8<8gM584sds9Xw_zQ<NzIZ&f8+^PWS07;R5QJxk1@*N#R#3?Xk(wZd6z@$?pNy+o z^D1kj5<er2vaj9LTH<Udp6Qbx)Nj=35qb_Fe;8NkAu^ohy^E3)hH14T{~xcLlsvk( z7Nrmfoy{E>^<G4n)BIRi{>J69A3jJ~M^LYM&ULlxlpztV_#TU*w7@-07gzwNr#zA{ zgY2E9eiH*(-mBkRSv@<P#NM}WG`_SsTk2V@M|x4j`+GRXQBZgEDy{24)?v9TUaZcr zVf#Iw|ECB9@>JR5CRA^X>w>XCUYLyF)2IjjPW{p0;5RFGn05)qJ(gbQ&%FMYI8(2Y z?&y_>(JxW!*&GZK<X9pQ*owi|p%E*9eTlV@NfwinE%&gYisEBG-N*SC*3^{$7_?vD z7_l3DdKaqm!1TOQMrpV>B=l744k6jxYcH@v(%;=ixM;qhPt+01pTfG<<~UmfqEz|T zgKBijlNd1Y0s7U)#9W2kCUy$PwD{!?79P8Ts#CTgwttSL`mjY59&UU(4B!;<5QpHV zS`TWU3HDnm4V7sXwzG0&2~MT6pYXqEY=Ba?uuau^g8$#!LJe2{t}TStgIycwsexd> z#rx@7Oi^r4gH7Ad-HjA9BJP5&o_AEX?d50li^tY8?3FB)v^FaCRd0tewjbkJw=%Y} zdV|z(@ww?AnNgVhO^%HY5&gKjh7VgAsgViA-OP3fa)#UPYlm=X!MaF2xAunOnl4RD zYFVGMf#Qu4b#mVyogQ>Zg+LUp|As%?Bz*4iz($*;qravAqLZ0Etd_v>&l%*0=3`zF z#iAY~TM~WqFjt4ys74;ogqzpl+bzZThqo1^V#_9qGWq24BHK?)bHP~XA5AMzxX1Z3 z<j0q-;CCBW%h>55>gO|~#Q=3j99Z#@$0+!Z<Wc_Kjd7HMAE0c1hAmU_{2nNhyMJ&g zO^88oKeLMgN>czTd$Z+}?c_#=Ax5c#e$|d^8K=*6Fs#x9zMztrOnlP0FgZIwi}{{q z$-6pQY4$(^q+Dt&|42-;Ut>1UyxK6KkJ0;I)HVIpcj9$l4?914b&|!CE~tVb&|CnY z_iRUge063&?^Gl6Sl(-@>b!!E5Mbhj`bRlHqZr6gOIHcWZ%hP45q<`@d|*7+LZWPU zS16hHfZwdzW&>*CvgTO-gwx`i(F~o9&eg+MSZAXU-LY|1H8`o{N2a;?<!kKVwV^TW zOKUyy)2r2dx%u;ye_tmYd))lKM5_2X&bRm0AFPOH3;yayDZw@y2!<NNI{eo7;33sw zx|_W|)MIM}gwHsssl)91cCxnAn5%O%LQH68uR%Jw@ZVlx{`Use!XFK)y=?qY8T8sv zPh><`!+L%Zw|(+QA;XY-)5ww57|kkc+^$D2K5`m`>$UB_&&?AMIG8Gto_*EhWJ1LZ znI3ZJHao)O<&A#1tFoEXAz{}KOD;7jtw2X*Id@uWl|eIb`1oy(g3(E$yLifzjLoy9 z^g9QaePU_PK{7e;kxdzvG*gIi-q_wsh?SlhvT45`CKN$x^_0kAhdbBVT*UZ$$nDIw z1_#4o=saB%<vCq)6&$#0>S_PxCH}_cK)z})`_2QV9lZG{M!3dnitfIRhSRGz6;#Wd zu$C55ngHRAdRkBcew01AOW6*}q*WD$ttvr7_H!@G#=mg0DJM|oRTm(a<AUHa0ORNR z>_L}SRvjt{xA|4KszR%(Mysm6ugYhHpI0%A{COuU=PARVB3BV$^%N+)`AyFcB)6Rp z=UT@oZZG#6?p$xCZ&VN)R9duujqb8Hb@s1}G=vG%71I4n8!xW=ab^}gpA_^fp6nf= z^>!$OT0f(@GGz7|He7NSR%tO}G`dkg0Zlk*Xc8L@2b2AXV|58zyB2wSP@T{ehjTeT z9Kr%t_2zuCcp`^5=m8^r5Q2BTE`xxl8Gl~A`S%sULR<i+nyojMJ{V7)RJUClGafc! zl7EjW23uT;mNcFoL7WHzo}?9XtakIGNfqmkZ{4TyH1!;Tok@&R0nc3z98z^v1ORSp zI#mZOGc=?!g52nsD|{jzx2d+3-d6s;m4Yc$Hr--VPQC0@rfeLTn~XSeb<B`zV{~I0 z*cGv5W)ZMz>J^uD`^9Mi{@_|rV_%-KpG%nd$6K@4m=L4=9e@#D<if*8ppqHz>LbRD z^sr<8LdEA7DjMpxZd91l7N0SyprqR`Z+UGZ&ZLy9(w(_sGjy+6$ZQOEP<ut+f{Dwm zzIR$cTy9efz0(3I@74=}+kX?6CopkY`9oaT%U6U`A@c!*!lBQ|V1tTD@1%x5mK<0F zelHP|LNOafZze_jd4>BpQL1kLvhRs%AW9wxid0W?Zbq@1V{TD`=}EBuLD`;qWbb0$ zD2M@o3}xIF0Rw{9$xYdB>O6AAX0NwYI!N;5G<6QmbC){9e}XxK%O*gBL^i^oz~KDb zg5)zKpg&k<AKGm69zIUI>u|vS;L*eVxuuWaAl0(Xs;@7{+4+LhC_88ABkL(+8XeD_ za12gxx0<#A%%rhB2|zmybpz3YU@(v6z=i?;km+U}Aaj>d_j>FT@%-Dzw<{0`0?|XN z-C9A{E{x9Vl5ErKI9h1@Hg*I!s5&mmW$&_2TB{2+1{_qqlmk<zKM!Jn9i(?}To@b# zov6S@B!nGg|J9fS9)r%ROlaixHb+qDIYavi|8;?23B~NSV5%fhDy%A4!EtocU`7B| z)mlKa(z5$~$#!dDA!#a%FM0kc?d0gz@K>~@#70?ak<<K4jn}8E4{{3tT-3%JNErYi zs)`)s-vEL7o;39KlQO%z(opkdJG*&hKQdqP!sI)w#9jgDkhft+0^B{Hwi??2%_pfM zHTEtUA}5BhslmL8te67YjhM><F~8epI4PZoHz~Zi;az|#1QF5XB{JfHFT{b^|9K8O z?&7)5N0zRcZ6I((3>p3+K;U?GhHgT&xhx<a?t*?sEYi>y2-}}bw(h|WVns5dhQ}cL z&<`kNpeuJw7_@)M&_Diq_ZX<dXw2Xj5Fug`JD3RFB=-uQSo-{_g5~&>?T@_e#n|lq z0cP}Z5LPTN2zs#%fQVBylD80V_8LA(=-8s~gx|&ODK8IjlJnMC%71a}792k!2h%YY z^~(fny@zB*xQbZ0vc6WWh!I{-$mVR|xN+3bB7KF%^?w0`|K9`T$d(Et(L=sRM#S*+ z*u^dYAT`y<%WFVt+_kL|2bad{@lA>Kc~E*r3gxc28T$SC6sTm1?4t=N)*||I?&^3e z7|&3XAF!gp;okE#0S6g_gK||5PnrZS$7Zy>Xf|i6s^G;%NPPizk6JUSe`Dv>3}WBk zON~i7_SG+dHm>$zs0V<hE5U}Z&L5x9c1bg0t|cN3AA>MEJTqAq7&%|TIIbHb;SH0| z_}*wDBv7NU6H1jvg7J(=%jhwD2sUIDsK=*bDwmIXW}(24{$v1_s|j1<7eYw(W7mJp z0{p7!`vQ;k`2HGuPB<*S#K;}tpaVLLH2f6^TNuThFW^76f!wh`+Ze0@vL^%l8$Ts% z9Pv+-ARxgO{k8f5ix<fs6j+;3336Zt4rHMskiBR&4$8lq+x2P7E3kwY2=5#${Hnsx zxM?T+IZ3&%C<Uwd7T2*!qXAsDlHnplJ<kynYXLz@X}gHC@g`w&RP10l>D9ZNUvsF# z!nrSCHxm4|jLiZ@hpj}!$Y9Sp#KcDM+uFbV77*=~{XhIRkIe!Z_S<-*$RJM_#Hn)d z+pe46TEj9H>>JY`0?vBR%cJs`;@)Ba*f_%Af2mZ*1|!@6LMj1*Ch1%|OmS`q7Xao! zK0|LjwpF?3bj#O7-t*zhEIajsuP;g-#{ZAXBmvuhQJJjW{Vyw%{#REbC@ZvqO3K&F zZASu?lV<oTu)+|LLiXf~Fr%;XCo6;97<5q-3hEtWgXmzoPN#VrFps+RH}m$cfi!pD z`7O(EBFJO^T$N-!GdY*;8LLoP%$v2m;&ob}x^!7DJzbrZP8^Cjh*|46L!&kyOb--~ z6wPALWb_G(v&*H{$W^R$JS}}j%$;h;Pdh3S^(_vr<EThNrEo0{QKI5UKZaDHni>W3 z>?fbqE9IlOSySC{%#~S}BDJE{_n5{n+Xl~GT|YWfzYOAY|EMV`r>2mh2y%DxKXH{a zO7|rji1j58iB)EW_xgbJvJ2>ncgb&E(S)rcJo&qfkWRIT<_RL|x$?~(`#;$p%fPS5 zYiF9Yxk%sWR{w|+ycyRLus`8)oQMylwN%v*R>io?z1Y^|jo>fRrgc<Fv}rdx)dE&} zaEtexwNf0B1rk@SAHz3Y`=X2_*U+MAf6bbg=S^58|FA5H`AjBJR`1%;`OZM+0d6FN zn>q_?$tG+Y*v#=;aJlSb^$4rS^#_3y7?3D|bh=XFY{H<@yVUK+Fu`nr*#1^Zf#!Mm zREV%Tty+d5;*YlQ*qaI?UQ1g&kUHaK^`0V?7Y><0m$4+|noK*2YO+O{)RGBASWxI# zwNMi=_p2ELy?SWJo2W~}XiyaG8*W<bxb6S;xT#KE+@MBjF;_`(Fq=w4I2u%AMv8F= za)3t^Rn5YVB1dQT64idqEBg}108J6P4YH+g@Ka0+%L7@vf2oisGJ@bAbwk=<p>s5K z9H?gB#p_0%4V6sQe3EP1^>E_k22rA*8B;#Jy#Cg8Ftkxe_{{WVy^KIPHL@lYqxeA* z>x-aG{_H;Y$yC~>3fWFAb>-`0NW2xg?}Zhq3UbFSs|?=4>?4XsY8Wx_`o88Sa!l}# zF!nwJo(q=##dB@I^8H_x_rGEW3K;DyD%%6F9iY(0CMa{3Wa^TfTvs$#6x46L$OGTO z&$YrWrWS|hb>p!8xJd<_rYy?A%8+-%-SUgMuvoj7sEOwq%UQi6D;=9O2H~wGfzEDi z>ROF9Lc7rn#@`@dhx;=@v|s}!3@QU>xu@`z_Z-cE8(~t5<dtQr1Ql}z&?#`V26G30 zdHgvtFHwkap$=F&zj{SjY1Gnqo5>PCw6`mQK6r*odrWigGRdwf9=VQ?LI2h93V&h$ zS;s~kzhxwQ*1gxFmW^+CaA;NHhc+&Bn)Qxkv7oAS1j#?@abOU<NtUC5w}&{|0SM@R zLr?@V0Y~%Jb%x&%FvG#>c4*%!LI=6r=Dh<Y6H{k00&`c0#t+W|*}4+w3udUDQn+Y! z(pYfmjf_s^Cmgq`VGW1~6J_Pj?y527K?L&3;&<h;Mel$EeUxOV_|B6KURwu<isElk zkpM;p)^z$EqJT*9Z)Lf#ssE?4oJS&80iP-Rn*XJL_X$+Qqk=(RR_;CKIP=6Wkn&}V z{K*FT|4b05B{It&m1U73po_+O772}boRtPa`;L!_u2Q<?s={XPD4oush8nFlHnDDO zlK4zq8**oehe^Isxvx?Y<8M4K)1;<-Re@MaRaa2|AmkQ^Hb8>5-aKITm+5Q<^u9}O zVN(xmU9Wb1`eA3`9fr|H>7*vzLiTW0>aG!b4Cq*wsp-5gS&0*ph*^@wgAmUQSe)4i z7O@Qa!k?e86Ftn^@ez?(@2>IiG3lGl6E^x;Ed(AIF_Ar=HOpen3Ew;{eU-c4W!0lo zG5q645yJ<eadXN{crbhNFN;muV4~7`BmfImg1In9Nfo`2_a(pTC9Qlx$^-93TWWzo zuEw0H)H^Y~U~X1rSOLCT%q5=8`X1_mwOQ^g1B!ieQSzs3uLNujdSlzCcB}Z&a#|xU zkG6|dlo}-Av>IK7Zg=#4kEjq|KZv6lwmrOWTQ^;HzP_0Ajn!-lo=A;VRKtNtK9##H zXVT?+x%2mwc-B231IZZi)ho`T%G;Fd9^a$eOjO=7mY#;*rv7kluT|?hKD9Dj)x=zN zZX&?KmaDGV8UAE|f0ZHo%Umb(PW<|np81jM`XdUdaMi5dt2D~G3z@R$tBuiHB~*1f zl4f9oj2MJ^`(FjVOa10c0T8}k0!~<a-k-nV(Sw>A%=rNRvH)|iekAZQD4($9E37QA zv^(0yIzqL$9r`9uaDcnw@cU?m(a|$Ewl@`L;GK&v9nzbi&9FXq;n2OU<K$8gYXXlZ z7g)?ZVs=@7f^R^O`l9Z6M7gy*nj2W@uUK<ntL7+kjpaMFuW@eRSLkqm_^Hg}IxjAW z-Q?#_KTs1y<+8be)`rFxK9f<FOLZNO%va2F^uf??I`*N=bNX_RT8pX*wt{^}Y3F;j zJA+aG*lvaMclzM1i)#5S$-;8%iS@yWf%rPTvYCWEA28D(EQTqvUTKnaK}-r#GB7NS zAwUY7TOxDyTqpjm@%Et7@FtiP7TJAKF@*@ZB5Ap$Sp5nBNfqH+fL!?EwINTvnn}gD zWZqez0x#i6ksRj|*ESV*vEdud!0Am<{E(h}C$3#vq0U;E59_Z_-wnypUM4%!DSC4> zA4y?&%Vs;R9NM8hO^dhAaY%@Ab>YI6qoSO0WbtXm(k%zH2dS+Ws0#2V<&GvjKH~FR z1Q=@^5|I}*aSOd@jI{*w+Xf~KN+!=<X7ydA-4$OMEw)BhDiqbmH%-Dz6&nnv>(PA; zO4u7mE%)iP>$IMRQw~@17ZtLs>;?&qUq<P1gVM`ukY0%rYn}a`B7X_|X+YVXFj!1% zT{eOqi119=m)y&#gbm&v>8JYZOW~uLEje|5k722{ds7&1M!^_bKj<Xnf!ZrG&I@+I zi0tf_XI4Kj4^YDeyu<ElK>O>lHHM1p-0a*^l@n{*d(OoA>i3Pi`_g>E)WJ^j&W|4O zc1&-PyG(^fV-_~yRX=zH0ao&eq>>{`YO<0O!=zMRz@+QuR)=zHL$`yEQHiPqgsU;T z0Tw=T`e3#+-~kK^e6h3NQ`RrDe_;U}G{7QlWDFy43cPjzYTp)o-}&Tqe1EkTzR~?k zUqN3ncN5Dw^|@09?f3SnX$S?F9{z;LZ$6xgc)N%6Qx7**1$Z){w%9NdHUh?QLWE0$ z$64_<JCjy5E3<)*{Tt)X6dv2Yf2@cxZ~ukXW%aSc0cz;7KKI7X9n1Eq&VA7eJ@q<+ zDyJ-w!_Bj{(IOOKZFBH7DQX<~Z&y0T7hA&wV})Vb?n~|mOd6s5s)AT6g>nTyPJlTR zuBCZ{lTkFrx8{)ml5DyZ)Ctg!QU;w_RXTB}ze0*z@X^3&s&>WAeFpP)l146YNJv6Z zWRLbVJ#9kfwt7;di#vzyvnQsj4sKCAYM4^j);=3mF0&(iw5LmK)A3Bf_nx_a8*#Q! z<N$HZSkBNQ%<{RD=O#=uh3|%RpSd|(2LCh(bB4xS(C1s^bIXI_;WP7zgcYvGyt65( zuZTz#HYsysuTlBH8y)!9Pw20l>f#T7N)l3@Fy_%;7?IdwoWR-@Uy*_q5Xjq~0e>+H z))|jvH|0#utT+L+YR!e$>nN_9M9+G>!=(F071sr8-ntz1G84NTZ7vb75Yffuy&anO z^I^3(mT@jQi6IzRw{AET6=GqmImXcQlBWF2jgn%5Mibeq2kXCQCeT}c*)~m>Mt2+) zh>23^MPgsxzf`{cWGzGZWOLKW^tC4AdGY!86~vk*>BJJEW>r#7+jiC!OAY@`Ar4G> zr;VdeFe7*u3yOD+w+Y2F4Zte`4Hwy%`S0C+gR3DHX#@tyvHbjQJ33nRj$$sTL@EOv zv(Xqs1jwa?p<m-`_i%%Ej(ty!X!NfoV(1fsicav@UQkBYn--#!F0F1Gau)Hce9`>U z>PQ>2Urn<p9nqfD-fB{d0TzM8|MaYF&XFUXEFPv;{^mW5OW?sB^)jcb8XWogjx+E| z3gLXPT;=|m?hn0&v*TgJd8{9La>u@FB_N2Y1}l55!D+$?zuSdquv({SF>I8Oc(n3K zYHEO!++I_g-y~Y{>#NMSuq`d=I$^Mg(dF9iRzi8Ueys7`c(55aib;$5fIV^&H8K5K zO2hD(!9>4`V%_J4l@wesh19|Ak?(^%BbRrj(_vP&mv&tH_O#Tbo|&ijxV`KcNPX!{ zymnA~xyqHM+FQ`A#P3@Rb%*v;xUst{@Mvv3D7n+2T3_9&aOp$L_&Mz3`WOaW6QZ}; z>*?Lki{p$!rRiO9Yzm2OUBMpw;5*kun{p}xb%fWb_^Eq-K{4HXpH(ATA-1j!(7Dg5 zveRQD5D{;u<vzQFD;_Jwb|SXXMobZ*9MP+-iDL7V)7=~;1{{Mb@o*ckq=5qD!vc>2 zw#od5N;#^+l4~CsSaKa;5saN0AgBD6aq!jN>jOFUVC{1OyIqD)nMdDpv?mAD!MGDD z!^3Ryj=t>k>~+}7JJ?+@Qk~)z%qe!3wD)*c5)39TI^Yh%Si!4X;rpVoz)9wfVOb`G zE^<}r`EsG9<W5?M5$+zh6HyO1K+WO@6`X9ROzyB6+*=*MLW@=$U%g{8+@4f&=kw3t z-9ux&yX5WaRBSp#VISehABv%qaFbgpc<JJ*`479p0i0%I2|)k(0^l@Ha$6mg4*oO~ zR#-5fCI#M<0xo`lAWtytr#FUvFvcQ#vVY@MEM|;R>XW0cjj|c3p^E~B3inBE3h9R# zU@t4z{Tz+8eo_C4^h~Wv$`?!D$K1!na^s(!hD*dyGN`_*gDK|D`;zie=6OA{hfoKX zMGRK3s34OzQ(J8xnMtQ^$#*^L*h4%lZX07c!eZ%4Q0hhc5DA|Rn^Un_l_m|$B+!{_ z3F4?#l|Oo5{{rCf#s-XBrNbsk&miCVf5#}xzw}t(7XneK0sJkZprtZ=<fm?p4i(X4 z%eF}|q?>-Q%6V3mE>qCtj%UVqyGdwK9Ef3{)5+Jk<u41<d}ng%N0V+J=@eYrayI*J zcSP3p5|+5TzaAhxP`emygm$>%Z+=qUCwo{T7{)wBt&8x>-zFuDD1y;Aiflq<+S25Y zcZzKV;6aT99hZ>Y(-XFys`*Tp^>^`gFCON7gcEgJITv5qQ7y<Y$^*AdM>08}iRT91 z!;yrF<YIrHpsVZg3l3HZYj^9pK5;&Mq*X(9bhXB9ett}s#Bo^#o=eS9nISG>nx!3n z_kMbDy3w%4n+ZHc2OQCv2eSyTNFQTWf#w2z(&c&mh}jj(h`@cbQBh+B%Fv^-?{BV^ zvR=)qKGXFjkCvN|@9$K|isVtV$q>bGAs&;D>$u0}9p*yNU~oL)n3#m|0laAu;)$KF z{+f3#aQxA8fLt;upS|!cxVwN09FA5-1b>N<r{_zc7HXif2Hh_vf57By4`we$`NhAD zt!xF(Gt)=%f!7P;`81_3Cs}2upQXJ8T|MW`VQ1&VqtNa)Z<WwZ0xT1}&_U+U$og<c z4>B|of)E`{m1$<S^P+3HpWvw-3B8$)VhO5|bqRm`zNf<;^Z}V?5XW9HG5dnvd!xF@ z|JX@VuvU!kR&TVb?24v0zB2o~l(TWzo-k2o*>rkxH%~=wG-O)|e0aN`?b&D3+Glw0 zcQzzK6%|)kNmxg3{aD4`5E{8Oj!>G!L#|5E<Wf}9A;=ZVt7@Yj`B_z@vw25cy)<KX z7(b|C_uAc4oNsvcep1q&o}B%kZKymDIl>0@{*uvKa1!7@w9ArKuMo(Qo=953+53?R ze}U>Qf$0Be;=|LGg-!7IV><!qZn=3j2$gDGPXj?9@rI9&#w|W_f+NR&r<yknyrJ`{ zpbj->FU_qR{V_0oTvayJ%4TCZ_xjM7Q7p<Y(MYOPz>=ZT$N7X@Roavls7c1q(})Cv ztH$$U*lr@22@)^XFGfTUL7>4Mb7!a@R8Mi^d|t%rp`GThmBiBi4f0>F*rVplSB9vN zHiD-bUo6i0&@=E*ErvO<I}4qWZL%W^L+eb>D)UJc8Ra+D;jDK;kWU_f>Yr8Uts|ft zQ9xzEDge%n^uUxjI^sz-2o4eUDIDK$zX%f`c;idf{%NZ{%^GU8G%;#kmHxdgDCX_q z(s(S1$n~9a>zK~`jHa`xtFy|bPWQZ!hx`RBt5+!Lah2v09D0Q2k}dzboOJ@0hHMPP zsb7rL8&dr+Imj#_7)rHuFrWC5up*uE+T#VU?3W&IjI?uMD`SLPTJe0@>0+22nARI) zn@SS11!A{#6x-kCyv`Q^J<G?JmJ`e%HXo@+-dTHJR(sN$&*d>6uD!$ETdz<co^uh; z__4-GBw_z-yYB_{{%a2kv4;jTOr>sp7}If!$}H8O330#SV4deX1s5LE6_F-uX2Xxw zF1;DvH~Bq7<)f>HY9Q{DC#m0$9Ly4X6>WNPzR{}NYD5!M>N5921{Y&509X`}JMk93 zYx5Sc%zET2sK8qCBw_|4Q12aa_Z;or7J7Rz#A%Q>K+!)<RL46X(C|VZfxOC~^Ai-G zWvu~?ZzMWJh01P2k*P&=N7I3-L(8wieOM2>u}U|;UGmgEQ`@noB4l?qH9MQig>b`b z&<&A%0HNK_gB)UXuBgQ66m|q!WNSl%ssEan(Ufg};o>taOl93G+a0bN{vsYl7B{G3 zR^)Rq%T#BQAMtvs=Xj!Qc-Wv-v4P*Z1Rr`~d*xjl5}WykggR{j(RQQI-(@3gqYbQ; zNhvtThZ3_?K2_idt<jc%xj?Wt$5pNS(SGM#0=AUEM@OvuuKXzxAr$WpZP$($*i3!d zd>aTCG2ZLi-=4f$4d%(yL>MuX_c_1=g*BNSM?oR}S!`az6F>I5s6A$rHh5ffL1sWa z)@!!?6xP59UAO$-7u~)YFUy!JHkz0dO;%~)4`#8?2JuBZ-eZ+a>H({tz?5%Kc(6*+ zRXbI*Yd!iODV^=*r?YK-*_o}X_!iN3=iF=HImV+E8oS}eHZF0^Pk#9Ev{$DN+k94% zN7T3j*Ur3oXj!y!G4l!_p#xd53A<7FCz1jK--qC}Sw@fxn`Z=>iWpCPI&wZ=95=lE zCe$RO<{SIwd6Y)?@zlAfrTNvO=LD~o(hD7r?tvE3ax3tPY!t1r-hp(g<2BgcR;-`I zcbI-G6~46LB8HXVF#j^<%>}3V#sl#L>Qj$v8I1GY90e+=t|jpZ>KgJ@!eGz@Sp^vf zhl80B{%_50X2UJBk7|Va-v<8hGYiB5RroWxaDl~x00zAE**gE|BF%!p;mugnpqJN8 zMqz^D5foYO>K6^-I1B`NbrG4;;Nz^$Mkkh=`tG0$REs}<sGF{{dA4yTSinKro>ri2 zd8Pm`P?T%ah}|W0h`@W~hXKWN2mtSc_tpEfI{JRx7i~eKWRL@XFSh0D?Vj1;P*V@~ z6P6Lv_%hcBd_%A!R05t+$!S;^I$ibBKRfn6GCBHr+mNW8#wGgx1b0;vjdxgo5A`e? zh4|wPDQu#6yzA?0(l&^co;Nnj>(kxK>q_>W{?0IpG_W%*C(J4Bn#5x#-Wfr`J}SQe z=B561Zw0i8I|5)MDH4pBj}sB=YL4X8ao$cBkwJqZ+tXZ+iTLJ6kCCPWM2smE_g2nD zW|{Orew3$l-W%VvCSpF>NN)IlJy((c88AOzgV|s(CdF0PlAKrGIh|KLPcy7uov$)& z$6_z@^egS+(Vq$D2ESFxjNA4=><2O~JTZ;bq~1cjLXct0COABa_v-LtOFQf=U*6z& z8;B3BA9|D6?pmh!G@N3%ChE(PW@umc2Xg0N4E=Lh?XPcurJIW;rds07HDA#J;%>kH zbc*ty&;9<nRna*B`T<l0;3>%7`~J`)d8nNd{r{ott)sGB!o6WZP(n#5DHRDp1f;vW zyF(<TTe?9o01*LcY3c5IK&3<KLAnH_yX%`9w_DlYIqO~LpS@YG^~^nU&DHT6ol2uK z{`qwR2EG0L^NEIo$-QR2^V9wFV;$vY@3~X=X+OE7Q}xWA)6{;`kn{Y*lEac5Z+5at zldp8z^E)O2h9}XdvHS~_^!}WQVm^jEq4dcG^YkO;^DC}LR;RS-^3jhnIG&QG{{p^v zH{U}glb9`MQ=3(Hycg%qzLvN=QdCE)N)!E!s*oQM!Z_PJxpn2=YJqJz<ft_V8Qia( zed5ev2wuiC9h3-3JV=FdHu$IYea8{_+9QhqQ)-B`!jvVc!FzQXe#6WWxQmfCk6UXG zTvCUM$b&u*Fr!aK>UMYyC&w0qe%pCckp29t5WvZ3)#>;VvY)Z+-v%!~9@)csrNKox zL%(ul@Z;bmF0DpxJO=q89Tnl>Vf0N}&7#<&os|p|*+lr^_5!QRcbX7Vc0r4129^3+ z*A<&j*UdNZ-h6mnz^|{Yt7qFYvn<y7WT(SL<Vk-}M+|!YkQKAk;aV$>4dc5!69Na| z*E4A}H!U^KmTU1Vit2k*NaY>LgJKhKD`KBCx9}$QK4q2qU=dY2k>)1DSiJPQ8_G2d zx)@i2p;Jq~`VNhOy3tmfG8;YbQ_vsHJL!;n7@X(6W#VMXI5Y5ds0Sb(_b;5CGVmNO zoS%Ehx)@%g>-BD!?+FS^g8NcX?+(3W_VP?&HkHY-@PGG#KhC#(aO2BRYTX;}S-xX? zKRvUvS}^Q(i;j?KEtF2b{5>D}d6|~;&lCht_iVv&uKDqMv-OF&Yz0n(wL}rBbyCI+ zBOPL(b+Q2ze3-BPuEGkydV$XGzD))|Tf%}8rX^-R(QI=bG=FVij~!xT=p!On%k>zi zA#96h3ISnS+AG=XalS1fdSWicb7B6pZq68|g(h*$U3z(_S7WmTL8N1`STJv+HI!{z z(5L#$=Ftnw-Pa0V%zF<yYWN75${&-3?;ezN8J@E3uDGJJJo_neT4)rbsW8~SZy}JB zXh&9n7po?2LJu4xJ@5P%M8RY4_;zn{+XUo@wJxPa_pX7VH<oo5MzYte#*JL8Yb;do z)RH%QdY~n^Ds}Xe*f63A`y2EPATfQ3!Y!(cfp<+94FifH9PLSR&L`onrjjjGtRSCu zm6CqAPp8nc`;*#Zzce~fC)^(oQU!^bd0pJqq^yj_RdS|LTwOVUff46i#Ig7r6-Une zUAh%h^9)R%y6f$ilXLw{!!wVKXFEyqG3!K6T}spebY|Dv`wOcv@A-$U+LP#BAEICH zWtg3;Ol=9ZXwI$DVzkK4R>^)=4?wMfwwh~yuks?-wM*g0;JoZp)xp1fEVJ_mHxT}( zY6^(pZW1;IGdF+kw*7J-y9Ba?15IHgF=4Sx__q@QMiR4SFo5OI$^GsUb#{mz?P$MP zbL2Ir#;b8gw#`c+;yT^cBbx>WPnA=%MS&&5VgC4&(WTgR|0S>p(|&e}Z3iJE0FL`p z)3&;|_TGp=ns$lS(xwtArF^W2nD=tbsLa>jy#T+G_`U5t+-Bo8?kZIxUb68OYW(@* z88gWC=B)(VU5^u8Kb6-1995}MU(Xd5m)GPn2)Gwzuch^Uk=gV;2W^p3x|Eq&)h(*+ z?pGkB!h1cFE>4>*-LLf+j=Q<QYC22>P{WxUyeTG=9^+PrU<&~ViyGI=AneeC?Z^0P zJ?{a75JdIF&8m@}EWhtQbvS$Rb?%p&d+NP1j{IJAkgR2s9M{oVQZmR<3Ps}O$6z#C zG{09;Fa18ENT4Dr`T2bcR=Ou8MI+%X>CEitjA4_|6&LR78^i4|JLcYCN*~?6QZl>E zKekZA-#t<7IOi6?2KUJQJek)cQlkqe_H5X(G(2<mS<Z)f3$~pLzmIUf8WG&s?z-I& z`9$4lfhJudTt_&_yTEEWicT>lV7gJFJU8rtL%z@mXm3HoYbEeK-OpkkD0QVv;4KzM zKtOm8(0mMOK&Ol_hc%cb{U<yEK|y1%dweQ4TBC$xy3S;`>U3}!e?6X2!0GtN<BYBx zRTiTYj|5Kd;aW*UD`jJ=b3;-_OV6sI!#Fb&o3l)*A8O6!q^ea$)*+`USw|sf+Bp>~ zLqnvuKk!ppt@hg>Q^0%9^@_S`H#ZM!dSb7JCD|NXxiA_o(i08JZL6;j91Q1lv9ZGu zcHq$^je@@O(w!eaUfHJ3TR#<I)^1iA;X8C7<!~Db;OeeL5slB1)StL-Ys1)AD2BTI zLSlL>hE&fFPoQ>Uk=lXpdh|ZZ`_?4Yh8=T5q5F?okaH_uJzwFsJ~QvVGeb<V*q5PN z(Zlsgql$KZ<!!;y4hp6i4z*m`J!9I%Z`~p7@0o-HeARQcQtegE7iC(l!N_^%rlj3< zL=-}hrXfT66Hsb{2>g2v4}eR~4$5f?cUO1y(9?JLw2Dq1!q_mD*|puCK$);Lv~J=T zj(K#N(Kve+zMJ`Rzx(Ht2`WzS#cWi`YayrNaKV;S{@em3<dT?Gqg;bDkKUH9vtu}` zy9S-=gGlk1Z08%8V!7LB=IS(Q#UaPBQ=ie4a;<D;BF&AP-nKqkme)?w+lb^e{ZSN~ z6wAr6eD9WB)csSJR3E%IrNkRGT(z3Ic(3PP4dUeXyc^;tPM<u}BgpZp9OgxY-(7|i zyL59{j`1?@B`U6sKe8QuHAs8D!)$_{SJ*({n(`4RvnxgQ^_iD}g@A>2V;I+Scq1us zt!ZQDEd*lVXMQiFk%8v0e>IUz@dE<6^WMB52rIFA5C#0n%D(pllR&&S+EUg=i7tG7 zi|*n)DMJ4IT&v1l|G+$UfvEG7qAe5YOb)x5R<2v@G>i(qUnki?O)IECTfcnIOjq74 zrxX)VfL-R*yyptSiW@n`(EG!1Z)~HwB15ag$O1j~64ua?M?%=9l6_$nXc~<Y^()<; z+EcTF5rZ~6`V&$!1l#4ycbDt^yw5qM=trM_8#_cVbJ!=teX9{v5S_20n=XB8=xu?U zxW@Cm1%0*b_YYX-Tc)QQCTbTn@Oq+Eziyi<ZhB~X1io~-Go=L17`@fU`LA~^U<vXH zhIBv2jzQLTc`<iFhbUA-TUoc-O&2Z*gBz3Hi=)=&>e8?K3<7Sf$If$mD4=~qopw29 z3wbbQ-z6ljOv{tsMX+mG9dKe|Yl37}lDX;8@odgKtvW{#THOEz520(Bnk1`deLT*4 zYpW3r)9`_;gMbW%kpo!$$&(lG;d|qgIjJN)&!6MxaH1PGzr~k|d;GHhD2)OMtCG&3 zMR>Tbh;31cl691XZ^f$mLvGs;re@g7mnG{}{DhqDYw=rn^f|cH@`2YWme0mN;mqY^ zi$}{3=5AV4+s(c>!n~c)`;_|GYO(iwX7RlZv%u4R`|k`I)2-ug0}8(km!<MgLRHHI ztzw+ttN^11L|IW)1N<;JJ26~IOR_jpTV7qOJZkC9Y%_>qby)Wr4Eve*y$M35NMg%L z2kakv^;@2>JG=anrC)@Pq4OkRQF*gl{i>~lb?X?m)y{G4?$OU2$?3*mr)Nj`X5(E| zR0%<{{R4vQi*5J9=yV6eoc5X`C0;AkKa<n+Z9mq3<17^pbVZW{H42XsY&fXc*`wq| zb%Q>&M-HF-hN(n?jQH8w)21I~qZrN4(BOOi$3k*u-wV*m-5Sb}rz;s^W2g4INn?s= zSypYz`Q9vky}Qg5>2Oki?2nyu-QsobwF373VsDcynJk=)eogN#<py7Ui^iGs`N<rW z?2mlB)jWlDQM<XhBejz!yM+~0sL~__xXuTVXKOPQJ@{`UrygjAGc3Tt0lI{2zo!{* zTB7(1YUz_1)ArcA=|tUVRN1x63f!3SjM}EER(ulYxg*%qA>keBHXmT0(S+B=s#00C zF=Hzjav6<VTW+dUE3i=p6IhlH7a!4`ncLu&$Hz~~&)wed-wJVOwfg3st-OfJoZ&?1 z(bA~gsY!)dlgog^?{;c7ex7OaREbF_{KF?ZOhhJJ+xg@ba5Gswlb&$=Mv1neqb~;^ z4|C{(o^5<TT;ed=5>^cBKJD|c#y9&WJ^VQ1aZ>-}X}t!$n|!e1T@E8&F-z;3#hG+z zv>PZYO#!GWB->4M7Ftzi`YsBFfs`$B`oTN(g@tKKn`7C#MhNK=v5f6!W<EXzptJBm zic%Bk+h09TQ>nm>+@pQi7+kl6J#49i9jY;#CKV;IIg3p9<4e^u3XM@~U>dmk_!~+1 ztqUJ#O6QLU$?=u)=g3Cgcu=+t+k6&AH2MN`E#Up|LLwmu?n+(}=Bmwg*8B7k2D?Ja z>#Db?OwHODygT1~5^fdAZJ{+@O`2WAtiITl&);#R!`Wcu1GnK%11#ExW?$pMt$Vel zlNq<7DYAQ=C)K4<aQ;T7sTKyS)xOMna^2lbmHMBv^QLjm<V?x=Wr3>xw<%d_`*WnC zIO?C1aOBqx_t8Bhv@30h5!PN>>~l3vm>Y23(XaN{t#-9w;Gj`}6HF91o;1cU8+C1l zxh|L4sRzgG7ggz-4>jUuf7_u8LWkX5#)xnozj-|@fl08fUDkP$w&<+*>|5h$bXl44 zDq5gQiH;ZEY%Weg4m0j^2zi!?LF*6X+ePN3YfABkIAA+B9!s`-H1XP}yG%)x$r7Eb zmAD9|C>(Ay$J>$U7F#~ftcOY7Wv)Hgo_(bmuF_p-V!2l5_C|7f@-Ji*7lnogfd!6q zO)V&2;WR8qD6PL`eL5$?ny=g(@1U~rm26(VgW->bAFSEkHtA?MVQ}m}q`Vq={|V1c zLT332>%i>Kaf5^9=Qc;i%~GUsLqnFHz{41tJ*}2Xyzh%DHuLqSeI@_$&05x3zTQsC zxLv`9Ntrv$riW@b6AA?=YFLyM419*wHYO}oD%c0otThL%Sv$uTT7krdK08#?rc)_F zd?&j6e6e6|)X3_o>w4q^D|-h$jS%}o)hw4sC9G5gi1iRGi1eTl{XcBy<AVtqxSUUr zHET&V5$2fD$U_k&*-l|a%*V0)q43<Iqi)G~o6c)d&4de1BnBrYMU|?6=aqeCF+RJt zd*l^$IGp>0zAFxYeebrZUw8p^Cp*A}n@cLA|2VkzQYWS}DT-mVvcUD}XD-ae4z}G} z1uAq2THo|7D#%#0QMIDW#s_=))y;=r@E&EkKgIhrsjIzDHh8^2wHNlBAqL?6arbbH z>2D`Km7RQ|Z8olV9I{8wnV0`L)1r4|e7>vBeKG}|xS*vqW@)R-F{r%>aE;xe$LvjR z%s8JP1#{Z0z!Y7FYv;-EsWQaL!^^ed=O*@dr&fWuP3Q^ELw&jz5_nMQ!`zL&VRtX= z;d=Lx4e#Se{#;Z795}oTLg7C-d(jY_QAPF@_VT<PS+!;6vPZwl<n?Qp4V1ZB@op-~ zTg8p-`Yw`jxQQX_uUPwq7jB2=iV;NJ7&u|&-qonSMH{<cbbT#nf7&)=t@n$iuCY~% zv92k>O~!Mt#U-aQ%Z>MluN!Q<#*dWuf);kz8e5$c^c^Z2Ovb%lg37unwWdwJ#&T&> zEO-qjYusn@^MZ>loPf)IE8dlus+u4uS6sc_dsI`ql3u4qdRuLkQSfD%(^#E){zEfk zWJ-A4eYid_jJx^|)z-?u!S%Gcs6cnrKL-y2s+xCMhS9L6T7-?RDO`N$mBJVIL}QaB zeZ*eQ_nv!&YS{`8GjSrVp4w9Fm}L-T<FkUB&|#LT^NuGy!w=k@%X3N$9xT9nqj5dX zn{$bwWPETCPk3ie-ur=B%7OWj2j_P4OD9S>LU|`zzU0N%Y_vZL_+oeVxilLCodS_5 z=-Ai$gM0Lp;aUks39|+v=kDjuGK^dE4#uQw>l2`MG0i;iQOpiZw~4WK;3+heGqfHF zacLfw&(~rvAMFpx-RAWaJs^6Z$V*95Ocsg7A0}haayCmvqgiN@i7F+R)Ic)PiME;@ z)t(A`cqSW7P1AkbyHilzbwYu1{@-lv1tWYB^0B>d&m$DB!J{(v3iO7jaJ@fWC1{VU zc%17XlIy^Mf4UKl%9U$iG{-<H6Rfa0-iU^VHn7#ZD(mxYsY73u5yyTeo|f%cYJ4Iu zRjf=p>q}0Z(^;SDYAk#_9<R^!JBuvoPGaK2txC@Rr{|q|;nygVZpLN2ZE&+_jMX*o zGcFx2rt=QHK}E>vy!q<$sU}d`*E&+1Y6i<EMXZwgWS^Sm^^K0VJOg%cNA7fs3Z>e9 z^+lG?E?ZmiO?Ot$>1G-_AO?y!y?1USvfGTa-EC_s<1Vx9dPJ|+z}*D-$x7pyi3$m? z0^f66R6pC1z(u+MWhZhL`!iJlIlE)DKmfwy6u#tzk^A4pqVp9eZMRNfR?6(d%{X@; zD4<pJtE3`)pwE(Nf@zT@f;tm(b=aAd=Lv>Jg<nMB=b_n_n{52c%;uqdr*7GcvlC~z zS4X%p5>r5oz+@AA!e^5(vBcI~ithgO3)<rmw(RUPt7W=7cS5`MDh)C0D*U1#r{z<_ zSAH*}d7Fg&LaRx|GINdL9V^|>)bxGsb<IKUdiuL%XF9c-3?3{q;mzRobHv}qk>4$3 z`0*Z9>I}qUJg?PY&vfl(zA!<a+z-@r*%%~oBufC;Y?x!uNc7v4yND5CPKW^%&Q_?R zI{R;WnSlay8Ax7%N2#~rP&3;2j(HpRyw{@c(Hlso8|n(nEmvbStdlHe|M4D!gfn$C zIT_o!1To?vk&+n451wo%%|_8snXIzoZ*A9Oo6{O@WJN3vR7n?~IeHlg_&^RYvGWTa z#-UI1#;5VZ@YGZhVpEiO4hKc=M-yo=(&Zl-^y|F(9W4R_orT{u&9B?}`^Phpc;3OH z1I<Pnn|A;9r(RUpr*y%qWB~ZvWoWzI61!6UPIXW*ztrl4fzev~D&Nh{yUTpKdZP?$ z8=DSPBt;YV4jtO40$)rpIg~fGS4RR~kP1{OQ_&kO@JBt$2l`+g9u@ho>vo|h!qE;a zID}}LY*3JD_3v<j<;^4EqXhmV4QUKsAM#Q&yWRO)h1G!7=F`?H(D|PDnOauhu|u0l zmu5Mu$4${~zP)omeh_JVr5kEat5XLC+ufq2^WUZr=q7v#(GRr2S8!&<1BtN<69iO( zibt)RtP`<<a%+g<r%7<Wm#=Fa#N9`SuiR*;ux}fKaB!B?>9bq<GHpM}-=@F<T?W5= zyWbWL(sNT+5zlY{c@AKo+i|dhMWz&kijV0CgL028=IR{A&(}Ck&Y30IEQVjynP9_R z?-vX`$^()c$J|(nWg7|Tkz=&@Z+ZP94BS9O(8m-<5v`rNYxD}`ix9M8ONw?uZKN=~ zuGmuM=p2lxt`B|SS6_<eS6>|aN;j{rpRcDAlK3E<D>4y=ijWCawiDiCTp|F%I?l$R zZGgg;nnYof*8(!g@pd%sGA-qwJxPkKgJ>DAo1&5cBg5aLk(`uS@NG?)TDAg`=hTt( zPJPswuTF4<o!JGT*SyZI6nb1{Zk&xWuyVk{ZG>~2;ML@niEQ9GOlWb=lSaZKE!fY< z-{uZ%g*aCXw<oZUkNf<HQEE?o;H09v;ebT;01Q!F{R?3ZBB}wB2PMhfThqQ`Fn;8d zRfXpmn)^KqW8~_fA7FR><~uWV_SiXU*;|wGf?G!=>8cqD&%N(I>5>De^>&E&bbtB1 zzxzY#?@g^vqa+6x@Vv~u>iYrx;B)c{kml_Lf9^VUgWhW0BiAFTZK}2|?TRiTy-!*q z;EGZg=m_>E0+}4bfH&<DkRW)Ol*ec;5XTx$n!bv;J7tZa&-Xq-7(RZ=!jw3URKCWW zt#2}RQzA5;$0kEP-xh;4XFn~LPrci^-<XdLR5y#vo_zRIH@@H^Ndy~oaOXUSrHpKd zd$%^qgoine#uIypO19!*Z6yS|9Z5NzY}&-n$=GnSKmbzaK5OP+z)gS{28Nrb4}awk z{>?@OtH89Iu!XS643Mx~K)W+Zd-vUCo>>$gEdv;X1FP){KbOZzuG#l;Mb$DJ9a$nJ zYJUu02@r9*F#Z`xy7-HX)?gpH+91HADL5N@(6)H9(Y76s*3d|}ywubL9zR>*pPwu- zm9m;3b3LDv!n(Tw4K83J|KkMwa~UuS<dxe%PBx|hY6k`4gbNLK5NNl1GIGyW-C(i7 zoyE43=akQ;?r`7Scq^ttJh#E&E*1b7Z7TVFkN-#=R=UqPI9oW4wAfY9ASnWi!!TZW z>qPbh$&i}yN%!sTYi&#P*JZ@vaTIXk`@lib0av(j<1$a6h)Ba80j7{BZ5IVGzDuyr zIOfGFx=8WVw#$1~H%Yd`uDyxLd7Al%=4tE?pxL_bOmEqM+{Jl5f6gEH8;I~EI2(?D z8)g)$o&j81OzgsCh{3ukUi(-e?FGj7`7mv>I5r_N3w$-K>fF=nQG56!7GZI456DtE z12*oTr#qm<Rw$>kASu=BK`0S~jUul+hY00<jQjPZP7vbO+Z!D`vbu$hG8Kysa|0#D zy2cU-ox~YEBncoXIU^!d{b!B~TJJ;@HV$!r1CM4dF2X+g_i0F)oV~}1dK-|NPpXto zy%TeQOPd3mB^u1!-LB=GF%3g%3{Jv}pZm8Ye?j_g99wnhn7OZd!OS9$3@jq3*rAoH zhY~Rno5OYQ9oLOB;na*r?6?Of<EDead+m{Vp*a2sZ0foFwabU}5Qhyyn_B0g%SA${ zL9aZ9HdS$q+jw#!Y5-CQgLbV(y4Ci&PISD<d{#>j^!Ikoiai>1sT+eQqY?xE#A493 zc4OPBLK}-e`Ub${MD$_0(8k<$EQF+y#_kpx_VYOrvS`AI?#J{|4MkfmEtZ)|RXu&y zyaC|?2Tc)yr)vJ<`VC41(;$j~d-Xexh4@Id(y&2jwQ6Tx%ucvBlJ!_^dZ=*5v#AfR zCcRd~s;s7AUv6S-kt6YIJ!lLj$BRq9Otk!4wrbGc+G%^idoCjCFuaSsIqsST`79tc zck85M_)~*0oKy8-l(fE=g1j-B@%~r<;V>oOjz>?@mH*zF0MLep#E`LBaQK{!U6|v; ze8IIfYB8>NH$KA3JzECsHjHGoD-~bjHY+E=cL!1gDL;8Yc&b6K+Wy9u0Ib1{@`VK` z*&^ZH51^rRi~(yD67B?3G=z1$pKLSoo_roJG+}W)k%Q4zdJ3_(Ue-AacJk=>7z6|X zc(%VNCIC<(LSF!q$uS_10_ny@Hgvm??jjV&K%XEalZPWl-DJbX3&Cg$-MQ;EZ0~m6 z<2q`9x~Z-4>ih%31gWpWJORhgKy!^oy?uGt2gZvSN_L^U_)rc)VZF)=P~^(8Sy0yg zo~=sE$z6D`{l|6!^3k*ufa)*&`4CL6|FtpOXaN<7&1z^HIe?{p==<|R5q9@wkOMjU zme%nsB(Yuyb+(0dy0v5Q^{9nkC)Eg`dv8X{-OJibKn95n9}xbFNQ66RtHeMI<AOB) zs>0oQAD?BUiB(oP3MzWGt8WfgSnHG<YL~C2nnr_G)XFzep_feuQWMe|WZhlZz&fMI zYy8kUb#*D7<i0=AOIOe1KuWu1>|3T2uairO+m1~}Iz4DQuvEN8^=}LKg(^F!_rVKI zD>y3B{JH7s8OdghGpWx)2gEE1zYxQ?N4+3UbGE!qH<Df3ElH2zweS_+b0j{Z$D*EM zT}%xdlKrtqDd4$u7YOZ>0Pl6yWv-oggq8Wz-2~Mc?!CM!{p1YDzYq45L&$Xmgmb)~ zoc2*%-ppNBO5M_nUwE7ppBuUix1);H<{HTS$CEKZs2A9oUt)3widx2}hcyu$=|p>~ z<w3_l?kK~xWXbX3d4QXB43z;I#5(_awE<k?1`+h*7^Pw`w|LNSCCP#Z4do7_`!GI$ z78nqyJ#b_?g|AyFSONuOxD8;%{=RqtSTxcBVsCVIn--ul4%qnuV6KP0AvHoO2Xl$n zQs*O(SuCDO8(0GHO~ct4M%K%}9)f;7MBDC$B>?Rj>;?sw!)fhZpNh53StPso%Bc?6 zat&W6#wC8+cmQoV%f1*u5>AC+L%*w(pK327mQpDXIUKAful=|elJmq!7?=@a{J;m7 z-Qap!pel1Bjdf8D3czvCwB6N0VV?n@J%5^EfyWas9&aOUUe$Z-8f;*&r$|%q1I8sD zo$5gJ@cr2_Xl#XYkO}=>(^)M<Km`#z3D8SN>dn~oTxKz2OtW9i37y{=!1f0d7ZIUd z-o7)m{e5bmU5Y7pM34MKJy}g`#BQA5%0TJ9?5C^D?hhnW4!W0Oy$pfph9fOtec2dd z1=nBEzauvJDhfy(DOkl-JmCW{5jcetw~Hpovh>)J<~{mHl=}_Fjsau4-2Y2nA$v7O z1tSQyPBj5fq5zz)BnxXl6GEg~4H%cr7cS=?sY6L>=a|dxn^GR8OW*}eWofm`uH$z- z9|kNd{d-g(^2R{hsG7e+*oD0z?8_S@zw|QNZ3$ck060U$dDH`vQ!enN-pkV2fHQ?I z(m>1pS`@~BbfB~S`f-T_k|F)Z{wu5Ovk9#Jp2`W?U8$~jMQaflhJf>M9Jtpmn>H+4 z1+W8Bq*PGg0GsJy9gPk~y=Oq|I~{?)Sf@9OM~L;Yieltv7EYBFGrM;jN@H+?YW(hH z`6Igpwt+dr%mP~6MZg--g?$eY`RFz_Kk^UQ>`VeLIuA4qmKB>w%#~P_ZG+i}6&=#~ ze<xjjDToi?9*#5wH36Fh_pp*dGh!-JhvlDHof@w}I!erAFE+KJe*zU~JUP&ld`SeZ z`2IxQKsMZoe+IgLCMaMFvHJtBV(u9b_|6gUXP?BK;@x%=_x2dn+0DLH)G=^kLIwf@ zWpn(0C;Tq<-~!zSul`jN$V%f)IdoMe?!546K=C-*RoOkWE0_AwlP${cm4>wGcWS&? zt^v$DeLL(wEOCwnh;jajIY$JR1l>udd5Ie2rGdPM>a(LrwpBF6%nI`?)7RDA%khaR zx4;zlyWng8c#FTC$8P9iL46B&F5g7~MQc?2T<=VIB0e?ES4x#jy+tiYLVq+Z9LW&d ze~dq!&P+wP+1JEmb%`c0Vq~Beh;y3bu?40S0c&r1fM#w>q}$I=^cuP~bF}2~zjY?l zKkdic=eh%A`3k=5W$yZCwMr161}s1jrxb-=$9GH8;d41dte;M$&9}`XzdN?n^+IQ$ zy4Cd`(a@o@U53*q@H*?6DP`KP3hY3MHV$Y6;^hZmXp_)(2sxE?>tpguA4ELs#Uv*S z?|S{a7vO<>xuX~DbiFa|o64Tp@XISF;c67RWMvPy=_z}iiaJ>g-O!&LASzKQm?qY$ zbIBJAivd{V_1*@nPKjB`S-34fPXf`8K6+Azka0JbO1|SL(qgg6SWDohrJ-qE=+wXh z_ykcv!PpE&4BnYS^(AJv$pIWw>ehi!w`oZP(v;tE`!{l!P{mHN#~xnxzHIAZ$K<6$ z-%%q<txoNYJKyTv6$gO!MfOL9yY5Rzi!J8E<^FOBe0fj&kHiRhI5;!_I-p`0pZ?;I zWW?_ALDGAAX?&~irJ93@c?I=#eCpdK9!ygwuX-r}sgwb!Vq$j!ea_K9hNw=@az6oq z@K{v2PAezv+_3TqK+LrkFhRL|>CwoKbZS5OQMTvUCL_l3nZ=tod{Y3>^8;IlCB}i| zYK-=COL(UoC(9B<Bc;b8Q2npUTTZRk#ZETv@O2c8-k1xm`U?hRkHg_7R{wD2MiMMe z*BdV19|gJHol#m3A}IY@AiUj2e(Bnmzn_FO->v^?$w^P8W8Nmls-!$uH`~M2o*0pi zP_xJ_<Tkq-C8A`c)ST)aeLZk+QM?@993<44<-mnR)h=^Y)!i&Gj!%=!k6jG#I5q?k zy5+VSQ;P2+>ChB<o-;+-^yz2z=)(!}68ouT&qp%`0zV%a4*_A;e2)L;B`ipcIP^b$ zy-vP7x-M>Jdp=>lyQV#TRim+$VU{}ErMC(Dn$=`^q`7K=xtG;?{nd=FA7;#@cH3&k z-R~7kGUZgxYF*>`72P0ZNp=@DEXhL#?1QAQoN(sSYjP7PDLKNp$&8GA&BdOJkDIMA zxF;$q@Unqi!_z2P(~r#7kR=FRSDz6%w>rfdRMP?w{wha~W?jS-@G{d$FILx@K=9sI z3jcYf`yCJ<gU`r;L)&MvJp~SB9U}K0x%%`qUZ>M$`jDl)7qJ8M=x@=XIR_u9=u1k& zhaW9hw?UASjwkPR3#Q2TYjoKL_dWMKmL_XzZnJtkh_~ttnA|ZNO6011>d&uKYy!wz zc*T_3werf1FrOs!+Wx1xVrNAns?u|Vp#FNI^O>~+;NOMN)m>KhUep_(41Op`1iLvN zviM0VD102IT}};6*gchhx-%PGpjxg10RBl*=JWVesvf8Bbba*lT4?nH6Zm9^@d-v@ zT#Uf0QZ(4C9?$;1LRYdg{8=kYtm@>fb*hgQNc;Qf?#o)}99v_5T`ZDDUo~2e1gb1H z5m?tTZFRMhllw>jVeTd$&5UEWSxODn?Mz;MqW+m+d9minRSL_tIsSLK0MKXU9=N~f zSxDOguydp(PYxaBc^d_gCfbqiVL!!$eFbfQc1(=pmxDAE5&1hTEGpt*r0OFqS$HHQ zBz19+Z2_P{J|z)4!O}x0cQzz^`RDW0PoGc5u)*)H$p2^$_<#$-g!o`d^-EU+rAz=z z)>D9uT=)P!>}Wj0X-QF5-*bS6m9>7I!DSZ5lH1e|1QIVmAo0%+{#wLE34E3(tLHm# zDh>M#>qaf&AE(KgOx%`?xW_~z2VqO&+#kQNVt@W4LJ#@H8NCU+lVal^@WFCELC753 zZJ&`1T#!z5AXksJ?_>0HQl4Z4^14suA=yV&!P`+_+KNZo?Q&d>6%5`M4G;&-L?@D9 zCns4Wxp)XeC_5ya(g_VQ8HR_&&sHntb(n+6_oNtSf<#T*{@OhF?gdslWl!Zl|2h?d zcs(>xF&r@V+Kg(*dcVv~i}xGN#^0^GL6(6I75DPjJ)j(^vqeYyKZXFtikR1MqN*>i z@o@wX%^Wm9<P&}Aaib*MEb%MRxvY>PfSO7iFa?9}wt>Jw%U4L32Y#-)!PjO_T2PMj z^G7Um7LzxYizfM~0i3KaIB!QUGayn51Mu;BD^dVhs!I@9VnUJH<fTsq`Yn&58c+w# zPO4^Co8>aD_2eW=;%^LYk%nE`0eG1W8*&M<Sm{Jz`jATyEmb0i#6$P(sN?04Ta!nf zUQMaj+VGc>h)v&KR56c_!4EG-tQ+`{ryC{31a=;r4|dQSnL-M%!^8~QPi|&|Qkt<$ zgv?#<-IucJV{|VK0$QNZ6!K1glgkS7wb{(C0jjd20xy&5*$Y8f53=<{b>59ZuAe(q z9kIN*k>>9^))(#-Y4bHofT3;Te}8_l5DWqA!STxL44|O!AU|0&=EHqNzPlSr$KkOo z&Ix=Tr)HkJPdt+}A~Nv-+T8=!=F26N6Ufm#y$E{A34m|ag5J4>RTvHnmVCWyU0_EW z&s}nMS{4yvGViH;mvFN_mg(v5{r}p41?0|HNVj|e?#x}top}cMss<@Ek*na%AXn`4 zKLJCv#j_;hAcHRpQtf_!6X6QNG1>-lil@crPB4{c0v7n%8B%lcCtj>qI_0vng+Wd9 zPNRjYAsp4&?trW3KT_y(424;q@Hb#=e+`6}UA*0IfH&`q?B>ZY4b`nOr56S#Kaaw2 zgb^kPU*09D_>UlSJOX?a8V9wOeb)v~o%>MG@ZBj3M9?~*m>lg!BNxw6U2Y#dbM5-! z2+nvhnICoqBl90vxr^=iP=Ymhu7gXk04F%q64k^++#_h!%zV8^!k5){bz%_I@khOz z*y8Ut2H$+$^!_pl^zi^E>gPRN7J_*r15TVADX~Z50dMlDM?e|Px>F%n&!IzBdD+i7 zEkK%<wwPQmUqTH;gPNtUmS9-l9D#2rg)IeSPC3*K8e<c(Pxb`nIuiA?&wnnBb)TlO z`(g7xVClFVaID+`2YCJo(E;$MDHQR@$Q}s+_Z=mk(_1qu(cCn4LW^6*7XhKSDuitx z%7t?LQD_%`RmuWJ8W-yl07ReyTNp#?Vg%jDf_EH3<Zpq3BV7Jx+CA6Dsk0w}Q|E8M z@}Gdur4&j$k&WCrM<4I(AuC(;FQZ3-?5+VdSZqb*<~+F6C>S$+kU6}M{-{bEx9-f+ zOo0SAxnR0+{vQSQTSY6P4_LFxFh^U4R!{TNCqB?u@b(&SN_K}*t0<My;Fg^wnL$V+ zBK{FzLM$Ek>zhwj#vXZX2sv6OcR{eVJm3kr->Y5xB}br9Y8_3>N<5{|fbM;u0IC}H zKgn)G_Gt~|2D)_n-hiitda(()9U^Z#-A@0<k56?#w*mp`waXWdq(i?U)k4nlq&xQ6 z&3@3l0d(y{Eh{s?!zkbxjUHC{Hs(iAI;{}&ouD<0DaZ7ue@h<Lzw+bb6`MC4C}Iwm z?jMS?EWf*Ih~D0Lr8c{Z%cmO76DFEN9|C<<9#SnAa_`%UG;_<d=VU7;Q2&8wU%(yC z|2e=Q!F@L2kXwK3*+yaGmg(gh0`gHUTp6s87jzfg1`kqCA+WRHt-)r{u7fff&UI!B zYDLz~0J--P&3bQrC$QJzOgvo)&x6`>NMe-5OT=R#0ZfDfxstOtAo@5*)i4D;1R*z$ z(~>8=t8iE_0Dp1#h+fWGUO{L<9>F{jKJ`B1?js(pQ<Oa&sh@Jm9D_1iE((BVze3#r z^qtd11}8!u&GmW>#mVPx$VAtHV@3i?dGO2L|K6j|EO>-SUk%js9S@gwQP`=au;j0s z>?&m&y(C$G&kd0d6Osf$j~8NBd~JO-r7M2ML<#R2g}0O$sc;*SKy{)E&3oz0Ot?Qc z$7P%jpSuOb)imgfCro-#nULCFxR6gE;^|y@0eC+!o+Go9l}`~gnK@c-UJ?0USF3bg zE_b!~@iS{X!ynXWV=6>}ZF~y9>kLtm3?ESO!f(K0L<C}*$-KZ22VSap$45!~zr=r_ zzTq;)fAn$ECL=;{RbMGiJ?Bfl@ERCpMdEn~B6QH$w1INxW4jIJfFCP2tFs8PDt#nD z_%mRHMQ~r4{HET8+Pi{SM9`|e?$F=1*XDfQ4LM>iH3Iq7x}7-BWtZ1}CH<xX5uNxC z)cOgm2Yw)|FCDfA*4ZK_#yoBeHXS3vyJXI6CGN=e?vt3yKix+e(>%{}zh(%YWGPIC zZ88(6&hIkdiTAzI=c2J{zh53t9RbYdI>Cp>-u{nttMaAQ3zlc*ET+$StQxPa@;NGj zg04yT?W%^Z(#G{H!y=st%&8xEfUk(&uU(c!b--<vLack9IB&j8yd}fhP(z@*<yt<- zm^bVOdzftGn;XlNhCCfyf&bo>!ob0ov!guQ<aGgQtTAX@g8GAl);6P?ktoiT%;0~( z(81;C(PM$9jTrEj2A4M?+f23b45EY>XXx;ZNl`ecY`tl4p0iH}KMgGfq;ElrbtKB` z?N=8$rlQNu(@i!g9X(bS_QUqhX0y0tunVBdpZX%y)`@B2@57Bu1|c<7mY}@}^zptZ zropSkhHS=O;e6DYCeb=lKBgHxw73dZ%HvsvF8SZX7eIi<>Q%p2szFMD@EylgQJV#U z6*@ZGiRQYINJ0twCt0OfzCCmeoKnjbekr2UgE|!o>;WoK4q4|l1ZNZx2<p>LoR#n@ z!Z|+8NMZEZxZOcA3bKRAK*l83F}u>O9BRVp&A%KWu&Y|=?Q%WQdtgVrA8rDmN?R6a z6(`Z3<Y1K#Mb9FZN)P9gQ7HJ_W!DE7)+Z&9C<eg8wf~+5giT%`A?iN(7Ob;tz=l$( zbSDEs;-t$Fngq&fB$MBKEO!u7z^Lo3(y{3tVz5Dg>EGn||1ThQr~CrSlUBF^<xb(k zh9u~!QgvP%d+F1A{`u(W=WZs#J;G_C{~SagItc6i-v`06RRgGpGq0AuQG-V`5qZVC zRTgYAf}W;H#43oNpDAt5Ttg6HY+}BoLr`465KnNOxdhZ2$ViM7Pd~K+L0t~xrGROF z6kM7ELrkk-hc71<(az>MqwYO^xHl0n^uw;<$o@qTNcV%JxJxx6b_?}C`{}-As|xL> zleQOVqyW?tCY!pYieouJUtcb+iZCT=`5SU9KwYNzis1fDTme`=<gi1n7j?8SODx+E zpBxCEa%dn#4?8$ZpkkWY&@Cr#E$(2Si&FNMK5NHZ#bB)=S4{qT^;sSPXn9ZzI=;L& zcA!xzvAJ&xZ#GM?ynW{96OCF)2QGcH_`3h%QK`UpZ~eoadv&&UQ2k&_69l309}q4r z;rksN@5{uu7+xUP$`SQg8?`<)(5`xh;)(7Upaz`otF~<sAQbt+mMA4VAA$;q!i|i} zl>QFkGGnM7*kC{%hSy63@30{zLV{qZ%(^BD<3xON?z!vLlG?raR?m=fLpJFK5=9Zt z4-lsRb?>kiK(ZB81&IIrhwor1BgjJ#r%ZVy`*){E09!6_aODtysh*3};a@g#iULq| zkM=&)RoiHZ75vgi7hv#)e^3c?$FdCt#C9M_7(@p%c=s2tUuJe}h}rP~H0K4gbI=-8 zKn&80)<=f00GZF0Ud=l2Kk0W~e{b{(0y*drFH*mY`j7sgKzx1^9F`>Oo)z~0<%6IG zxdx&7InqgTBgI3H0+5KC?gI7pQ1a-{(@qeHJVYRY2>dM&z1SO3V5j%F2GeeWnkz7& zp{XTqcL||siN6Q~E{X3Rq*#P58nQdD`F=vGh44pTW~ZEx{9ld;OGT=M@HeNc#9+IC z+WG9yjgY__RHe@#Ea^X=Jn)5h`xR(2ybw7us;O0QK$IRf#C&L!Jg*?N4uGK1in;&i z<}W(z!8;1SZa&7RAOPGv&m>Bv95}aAIn!c{!F?+8u|LmFLi~47c=0jme?GQGuu%qx z5@1RKf_ESl&8!)9z#6H9{zqiUFO>h2e=ZNCq3R*@<BfQVDG!Lr;+iwW{ldThwEGvC z?}FE-{4bb{_8%rg!QI%s_!#N0A>|?F@;dA{U)0_nUk<Rzp#qV*;BQW$oMO132RC9j z1PPaz&g^!N(C)=O&p#xD{^En4*D5gl=hhIsA?#F_`Tq-VozYJfKzi4ke?NDE6KuWP z&QT4#f!X~o?bkc0zb^nLej#-dzi59@;L`vJ-P!R<iTwhK%VWZr@4NaS06z2$WFb<K zLVbtCT?_m6ja!R-7C=BG2yWtB<Me1CwFajY#)FF2e;vet0(5Bwf32i=5PE$XV8}u~ z;M6%{z&&j8z<0>SP-+9rcA)lvFi=Dp)(@}(ip}0vcvPd5ge1|>h@FQ!oNm#des@cc zz40&|Ns<&(Ek$y^&je&<=h82`?yzGd9RQWe=O~htr&YkZYatFZJLyr1l#0{(+Ltzv z<3J#erq1AwFFWDP*q4<4id<e9U?v7WD4{sv@oYjek6*B>i{sxHevNH^_{#i*Q@ugu zK|xBEa_n>Iu!L_PLq<#If0(Iu#0%<2J;=YcIkR*yXyN9ycY@-%`$$(t-uTUdv406I z$SpyF3*zs9d*L<Mp<h;9XC9s7Z8$P26-v3y6}&(5MI5W5usWa<i96#<8Le2SagJf3 z)#cAY^hb1bS?0_;ne~xdsWC!)`_8H4lfWE!#r~Tb>6oLMWd9fSRm?35_*<*&V>>}g zDKhm6>wu+-p7TKmQnaO+#bqsiIuW(E_KTfPypu(5T^)?S+FW;>9$+=@j+Vi@&1=2p zurJCuV{O;`XHE{%E0&L@mJE#GjaW{4r|VZ6TbIutDlV30$@<uB&eNx|c<uAaPI_z1 zCgvNQ@#-1)<WFL-p4ZNfxz;^)F2d(i7nbz%$HSryeKb*P<`+)XqoUXxfa*lYq7v5~ zuUvxMv7?(_Of^+`UhTOMdb>+I1+PWkTxnN|HjyeaRJSTS)AS^--uP9V_j<jFKjQ3{ z-nU!nrBkhTPP(TB_1@W*F6u-$R0=Z&LnkjK{jlTCUp#T+qZgpr`niP@dayIwGZX)C zYSG}nXfsm#dv?u(>^|N^k*vqmeQT<jJNv<;*>IjPzuD{NZIyMjr$TDR46#b7d>ZLZ zgUqz1Z381^TkqlB9BC%P9Y4p4a*pa2uJP{M38r_)OYoQKWr^uWDZCrlble`X@|-jb z)LT~<S_su2+&R<kjHAsexvx}Ctz<6K!b*FngKylOq+^jmuF^NKsk*t_l8{U4<cvh2 zNZgBf+1$_}$X}<RN1wmBf9ATNcUo@RkTI0KC2+Gmfw#caq`SX4dijIFmud|CdH_yg zyldWuM%R=trM&P-agD@{TR;E$5mA*@^z+1;kD5V3EY({PQ~>SPv_Z^jGF7uICw4DR zE=hHKc)RR)(Cx^2S#Gt;R&o_>Vd#*UJ(5`y2RF8I2`HP$ho|>8o*{sKciy`J6uk~9 zc!-G@V);6i$@jBn0tr%VcV*f&Y0FG7CbB=e_|gvDsW}`DO>c2J+Q3sai<Q1R+Ou4Q z*e3h^$?0~yO?ljv`__K2jl5F78RVbG`|3Q830;pzi_u;Yf4u1+RO<CSSZ_r~;}x#> zLa1Kv%9GK-mF2!yxKq{VQLk1ODF~<c?_W|GJ_1MxfOP8&dRZo}4q}AP?PtQ~?-uMh znF)*hUN>Nn_O{T$&8-v6-FVEtoNnaVesxne)=OA&vv1GcFfeM(up050k9Y0(Qk}b6 z(tg6!Upv=lyxXAVvQzo!{5&t}otd(Q<=_??28wN41b`UAQR5Pw3J3BU%6kXE7Q6P2 z@FVk(zTvT?%R@~VT3!jK!+vFG6=$44UVNC8s>Q!u_$Z++`Nty82X+CyW#uuFO0wt8 zt*4ExAvqPh!X4)mgfYkCa{bXx^v6y~Y$r}Xe6LT<S&K%}ItW$p5rUf5oC)J^&3oZD z!_E-b(8TmQ!&woVPbgaA@!yOUoJe)A9Hlt+qBMA{?pX~cu<C;ct{Al~@!~n?c?gLL z?Q$^mYI6nUqgeJe5TwH=Gc0-?Sa<qEd8Oj+)K9cWOKW$>_vdWmTeL=`t5Ej)A3x_# z1vsqT3Tc=i-zz|a<C){GjT8C>qzF&MVfl@%O}#aE@pmNV^tw%6*{$};>Q>n*SL6r9 zt`=uEM7LPFJI%IRg)A0|73@CBcX@e+E|$AmAy!|ZQ?Nsu@naG9=gCWp+xu-JfD6`c ziapQcFzY69t<uJ3R{NR9%|&Xjne~`bNdU{{%|XxlHMPrS>F)|K(#F=*ZbG|eVv0!s zEX;yBL#HR;^O#DCX4zoxm|;2Z?PksXazqMpSJ=oy-8{Cytt`FJhq2BFpQ1>)iM&Ev zd+F3wt+yUpS#8AQAR&wW%pTt=L#uNTzuF#YE6Iu~rqd*qi6TNfMW5W7ZtTBv`Xe2R z+sm`>PY36<HyT+|84MZxfHjxI@|#C<ij1SN<*pXv+(%WbM_XhmTQ^}PQ&8H(y&hM= z%htu6{et&(41HBD<Buwg!1sKnI3X_XF{o;2D%~GdBQQTy2sL#RR<RRSJztCxE7LUV zW^U7am=5o`(Hm+^J@C<8v1Blcn_+^`?xF(rx96mHX9~Ts_0;r@NHgEFS+*{8&f8}c z7R$LSlDIj_MMCpF`wT-iY}aeFqn#L!wb7$3K1(}w7Bsx2c)dl{;O>)EMy~<?@^WDM z9N~3|v<%~nrQ(tB9eV^DRMFgF?Z#G2<)|##$(QAH)YHMMQcVGt_n<@Xbt!a_muc6i zC9){RY*8u?R@l=$DXxrVwv5}$<9~`_T!CRQ*)aWvlZIEkNF{d6JtB0q{-ayct-dV( z=rWfTJqK@KvP&HfC2`-x^Lxp9dsk3+(9th1z&R;8sMgr6@;*;?G{ou>ZJ#*P)Yh~E z3-rjW`LbtQD+1H^3qS6#TUXN}u$dUZ#m&rdZ@ZU$rXdEPI>k8OQ7Km71ny23vsOE9 zXIzV-%aS$iUW%-Gy{iojNjO!cG%YwTB*%CBeCUM3H$7t?$ip4mqnIM!QA>X8stJ1r zBG#q7iIQpu@g-<Vft*hmOl995P7jA#$^$lM&HLA|R6R}Kf(a7KHQk-h;_dN|s^sFU zKD}?lSsb0j2lGi%Sv*I1>!VWPEXnygHOXwA-u-~2VjB7rmW!-b8}67Yo}jB7n(F9J zy4Hl98PS)F33*R1F(&hflhNutTS#)f){PU0aIgq9-d~me-3vh7$IfM~*N`{m;ykL2 z(2*CHJbx1YDIYjk)pm1HuDD;72^xble-K@6<|@qc8TSjH+$Z}s5F1JUZNzJ>*8G%H zK29$`^-H7kdD!lBhq}s>c1zKPknm&fT6V%BFE-;z!7|<QW)?aCXkDMDq186qJUD?) zF!*#;jGn`O?4)z#C}$P-@D^4JtNT-cpuNM6*1tuBp#I_>ejop2nd;oTD$w{$=d?0_ z4D~5jSO;Z~1`~mCM?t){2+f!6<-I+;ai4mb(^<B{(z!g(-i@&5=a*??e(EIlEb}&D zNC#t%2`}VSw+ZNIK!y4CW3PHXvYntu4~afSm@+JuJn0`eifpI-z??c0Wl5CG$N4xD z4(3+*6iV>o_NpwoA2neo9nv=m#ossBH~1piu@h?zniexuWd1yB0x4A6FrOTM?ETy( z&eSoqn}c)O6_F3u{Jm2)n?mB|Ys06m46VHcPa(u>^`Rq%qgHa=LPZw?tuHBQbEB~j z#x!_U;BmL*>sSTA1kyJ!@fMlup-uW>HxPrIKSzjRmvJ=%(@VeSJ;SGibnO^-w{s5d zBrjgotO#m&+u<nyII$iTJRPVj0s}8%pg&yAz`!Re%(`G<1Y>9?keFA`u?agY+6T2# z!eF%iX?rwpoiG#*eVN;822L%t$(75dq2|IfXZXi65B1>|3NJMH;`WqclsVzX#9*W_ z%gPYIX_|5dtuo55y-y?_(0Qiep6~QyMno@->&?p4;NPS*d)D&8tyt2V{xmBARS7?T z+}H~rm@LrdvI{y7F>e{KbgG&Un5i5T5cEWgzV<r#>H9pVf`sw3dg~sEUHT(WcPSVc zl$`ubI+2_I>Z`q|#cj})X=txa0ZKTE%%H*KFOMH|nL!Bv++RVGhcHYxIXK<eDm{|^ zsnncHc}Zi5UwASu{-;wI|2-s%AQSIo*_yCVE5x3%HAVU?gP`#<u0rw=19@)uq>OS; zcuA+`{ULSFyaMWn-vWj$N-Z7T=UmSmR(Wil-T9Z_yaR(n=I7!4(_f{cX|wpeEB3B_ z9WA5~0b@h<u8OGQI&v!;S1PQ>`-UABBB{zOx?AjBg!G>K<GuOeog5eA^!YZWjDXVp zo~L0t$bUzzf5-Z;S#TmU2EhQ(K?>#Onvapkh+b)E_1+Yt!gNueLtFR;I{Ln4IYjR) z4ADF83?PI2mS`sa&JdVkP|X^?;yIQU8_Rp1HZ0Y_<uQ&Xo6BHkQE@wieK|^X9p1A% z4F9~dFw<2|i$5)~(otlvsic~<Tbprm^m++?wl15T#cYzL_nE!aZBr+Nj9E}v+~XW( z@c-`pSrRUJ+JH9sb9%zyzNIM0^%Y>qnzy<MKP>KuXlzZUUnu<<&FhvYZ<m)~r?C*K zt2$VbvY*jWXTe!KTYGl9URd^8l$*iJoD7nIL3DQ2#gLX%-5>4?c&l;o10Xjj`PT72 zq4=wdoR;LTP<$QV)|ti-w1I5;78}c?w=DA<G`B{Gk`296T<uiT+MK;+(N!t`o=Ntx zzhxi=sJAG!zI2%P*-PgyQ*S!3>uOvD3Bq1>T!L8teyB#FU!Ile<HLb=vo3XVA#bRI zJgn3>86=nVqxSiq6%^r8nT;OJwSTx<ClpGedS*Dc^JIB{V7EVPu-NK)0+*-O=WFAh z+cYa^7#M1O_az5Xd(@Ad`ixHb&Zvz$-iZ>kS*ewoF6Y=3^bFQ&&VHBwChr#fkPub7 zde^=9Y5#4h$cKtZH|4KUTxU-joMCd8WrV`4@oMaB;QMgs<h@;8*xe5fLZXPkTxvfg zcFUIRezxzvUYp_>5pf&m4F~Ew>%Teb3WEMc_K5OVPGGhUF%d=7FvZx)-B`CpUf*SE zFFq{2xBhK^HR<i!)23=P??B(M)ueZ40LAlqaA@@ebOMHKgO^*hI-h(p<Zow=Ft7}4 z;!>A+oLOp42jRWZsd5wL$2jNe^ZnnOpfZeBs20SX`DqD@2yrNbP0NRt4oq&AfHw}R zxCw{rmfpi<_|xLlZ64@$r*T!Cze5!(f5?&XIx|0~^R;G~_52g7ljC4isbT`ztgV81 zh1vi?uG-yrwKF>b>OEa0zqCeLP4?GlDsl{TgfY9jY#{WKI)*2y#pb?LJ?x5?ilwSo z8;5)byRO<~dyjR|^wzhqow!HhII|mtu2sjIAeB|YF?+ej%m#q9iqw67rP^l`5GQb6 zxn$<gmQaz{jjc>@|BtO%aa3xI#fH1LS*>@Z0tB;FXbTVzx6D6h&}VC`YEnvI=`--` z=bEeKWM|8(s-%dZK4pKvU&9TWi{4NOFBwtYG21rBtGGsyiK*ZFC4YJM2i>sjv!a7& zUNjW6gL5^lAjh@uta#pRCC$!SnWp>?KOVgF-x;dlRw=Z1!^?dq_`igkKYXQQ;Wi~? z3^7`P*(Qt)UckSu`?mOU!ys*jIBa>S2TnKm^rcFrnAobOCqy`=r~Kx6YhD2;Vq^5( zE`MuWAD^y^+}WL9R>CC-_L7;P>yX%@oNS}Mjrl3k{c+9n)vFlvd<PnnUi?!2$NOqI z&XZ{8Rd{bs9($#{BA_RkPTaH7&QjaWo*&v<<2D$PNn{fSje@H4GDNKIOCobUanvV? zh3EJmuXJO#M$jh!02-4z_LO~YGAFsru%E`C<FTx??S*c--(t;!%W$WWcF2j`exqR% zsv#(DJ0^hq6<r~o!>%*#ZWx|Ke%z3CoOj}O*K^jR;($l-)c{b2{U}-`<(8e3<-Vxw zTAgCSK0{U>dT2~u>6W@w=A^qd%M;0zTbpUz&Me8>ZrkfYYzdw}Yjr~HC$E5qQSnXx zf<*=P6E+W-AX=<nCa4yAQ0dsb`3(h{2>zQ~&HVx?)!Yp9mVNNd_IY=4usL0x=P@R& zXLad(2=?+wiA_Un?YNL+1XXX6_ZaWn@oLcVbbPCt8{l^oReLh4M8-|<8k|mLlxXqn ztr1bcwaMV1*KK+k&ZY%VUR1kcSpL;KRvP3W2Ijp(%}+Z&S3B;#c$X>t(V?Xv)}0}- zo^1L}c-)Z9G6<D_rss>6I<K1HzA>VY7b*#|_P+8B3?UCRc3>t%JA6%D3o*EFPNDUe zc?Fq4uU~~C;GjXqh#PsOJTl6O#^F^ODwsi)4D&IOixvXdXuGZ7;U6v2@!XHfmf1fU z1!g*J9{8e+8i?Y(N$W|JKXrFjPkq4<C~x?uZ%%lHdY+p1yC)qz-N5&f`BJ?V`~9xu zuI(`M&+!!4e&J{ZbKkxy552#qEJQl$BuGa^sxTJdOS|i#b~@qU4+2H;m~CoyZR6j8 z;%n3VICinvu!q#kmJ}8id0C$9Ig4-m=JNm;+XKA?rjSFIkO>kUDJZtulqavx{qkTo zrb3F0jlr3p>;HYR>M-2tR{hCxwW=o0QrCU#x%PKzQ0-Q6d_p0j+SqBKo0Rflzu1uV zm?NsW(Nkx)oG3msEnzTWG8ht9!D<aRXFWYJjec`p2wwM!|9twV@2^QfP|(*TCl^8p z+UF1H4Wp=68&;xp{An8;TXCcSpvd~z{f{_J?Y+K9t2734delieIaw~nd>;B-URm6Y zDH-!1dH%*|ehz_+7{Kji7V%o%E6_Wu4OTLe_(VCoztk7AOsm8kfy#Xwlg7+1#JFLt zKf_ggu+WqV*Fyu0ftSB@x^n!^&fV!4PRe^Kw}ui_Aiq>ENVH9*+_pf*JZjZNSoqa) z+3B?1s$^HqXxo1ODafw=54k-kiH!KGrr2DAJVqKSLw-_Ei`SFx?MxC?7AaSqO}@P2 zccxWw`Zl|c`+NF_{V?5)uWMXv6$M_2MM5^uPc<Re0XwNKBXi>aYwtS4nq0QEgd&R4 zL8>4@X-W|h1c6xS2&nYllq&4dd%#AKA~q1DC{2(K(tA}<KsqQy3B3vk0RrL9=VqTH z#=SlF&wcKX!>>GKGT&NjR(aRVn)R_H-m!BpbrCd+qYIIU@EodU)q3HhWh9Bz*hhDa ze4*dVVl*~VRz_F@^!;?j_sa}bcwXgjoi(StK~>IDrK^rU$jW4<A~^BBTin}AQ@C?J z%=Q>{-td8P?0(#WfcrBM^Dw(O(R}+6KhZm(o)4aOVDMRm+Ny&&D+T9OS!eFAvMfx9 z1*Wz$7rkeTKFlWD!B$g+s%O^n*+Mp|Fj*FL=EEKqC}i^@LrT0-FZnq~ygu63vn;Ne zj#OhG_EK|Jn1`UuV@{h~<!;Y+Y}5FcAkZlNKG1Bz<_{=<Za)S&(pRrIKXKH0dj1T( zxP-<XXDe;%Np?E<ZVyzDyqit(hSt59Vu{mpl$U$l$)?7$K1!acPAFQC&Au67)tz=B z%^F;-6iY{cg!&nU$Co8ytC@1rDNeuK$t|zjWefB<yu5@)f2)6#Qihr(W3SR#-eBl< zU2`$2Mye>$HTIP@5_g0C@GGoa#jO-7ydzHLfn?+d5B7YpXnuV9k}c_8^w4~ezy>Um z6t3OhzxX}|-0js$W(P4n?--5OOt{0)0j*CY0aQkxKvp^)N+VEHf-OU?6v1E^US0=8 zGB&0Iu9WK<?=#xR{<K(=%Z@J2Q?8mt#7;?=R#bfcr@}>T=u9f*==Vd>Fh}wd0k*u= z&s3EAyR!_y>&5UdJUO~R6PnlN7#ZJFrVpSZIx(-*NAmbQO;9p&1=rN`+HHoY$M%e- z6{BBDt4@wx(~C<iXXiQIbF4paGc3sjZCO6>T(aZ85M!xqkW%^URMDoX+}&QleqT9^ z7*^<PD}GHm))4d=>z-PUGSb&Q5B0Yy-Ae-YrC54-&4#J-&bKQV#gogQMPS4((1v<k zN{{B<ox&Ujhd@{f1$X+Jk(0_FC_z=hCx-A(vabs6kxgPfXTE6{i{#@6BuOeeRHRi! z?QpNGS`KMWx6G*uclv$inBHDSXY5?8sW4mWTe<=5M9BD5W)#iJWPC}ewA~oYUCxCO z6BqipcuV)Wm81%NTGP1i3763TDYn*B7Lk61L$Splltstrp_(k?Bc`PAIkL@cN=I!S zaBKC280f!ZEmE3AQycX0B{TW%9cD^EymwFVp9h*%M?VMuF$y|sjK`R5m@Qp_3Tp#y zd`Nt7*UkRr0d@E852e0!x9+RQ_GsojY3G|=K9jlMq|mFaLfUCt%x#=sZ2Hvn^Tz!~ z*f1Fmd|DX_o2Ejc%sX<$SQ48EI<k$n#t%Pd2FIiSS^gUDUtS;SeJfI>mCUAV9?p-G zHzAf<y_f1$>V+(jd$Q7`*k3y-w`AG7u`dp~88%oVaM9)pcki0advIm<{H4PkhMw`; zhEh~);=Z~Qk28ndG(czK@Iu{QJ?`>USDnUG6PuagBtZe*=RvL3Q~fHWn<tq{lN935 z(N3*%N0c=OzXm1WT*r)dqsl5!y=9)m|L0L#lQ_uk!auQw9$&*>cr5Vj0_a|JF0IX| zGr^=-c<-wy+isro!sh7)M_M-K0yP)vX*No&=n5FLU*z9#K~8b%p}Z>HUYU6nIOwf7 zY*obHkX8kK9@uR1t{hcK26tztS}!{nf-oIL|45_ZXr{~b7%ZDoel=SvORjqM^22}> zF2(muC34KpJXgz_A6n~IzmYw(^ypF&dn<hVEVxRTgHF$Fa?z!Gj&9%^$uR9Xz^^}3 zTc8Dwj9#LwI6lOSr9Dc~*w2s=Q@c4-M(HS>)^n9=s(+rM#rRZ8yzK)O5NfAZvoub` z=9)-7NzkYu3E*EgKRw3(u<4o>kPY(*_T7cz!{Az(c~03*1aT(?h5&9EB$v*7bHj?X z+?RaX8;ZNg+{G=Lt1WRQ`J51RO?ZNlN~7_*$(;nE&MKss??7t&NJDUvow!5H^1-`X zWg2tCCAgVhvzh15-Jv#UUh9}hsuP<1A9-^8mXey<jpx4Iqz!>OCiq^g8LNFW*rk7J zyw=omL&xBei26x}tj9{?*~6z}3=Xk(%|A}lEcQLOybw@}bit*rWZZQ*HkzNhI+WSB zL9g?P<Xi|H=TM2$M-sS@>xmZtUhsW$d#QG~B=hO5;*9I9KF2<jmuI#=H<2~S*;G%_ z2}tXl>3C8QBkfWiL&=wAAbws9U*MXtd0j1~{i&u(^MdG>j$OP006rbTTZgn>>p8?p zx)d*vNr&)XYq~Ay2?G}wpsnT~0h>P-)Mxa+a{IF^V(|u%`yDt|AXVjY_h#o}*P+Av z*uWh$L%mL09NvOvQ17`S*iU>9nguF*O>@yNK01r>y5*mCD{`bAkG<XuK}y^MI<GvH zFMB7|ILb1E6SiN0<11c=n~3FQketPuj;{C}RTZXn3!5v^CKX82`NHzF4mCHJVgOFN zk|8)<lelN7!p{I*U47nFhCfloD%%c&R#<T==1SdqyA^dRy_rmmLr+Z>Rj98n)|PHB zH-Gnd!Cm{SWzUo}XP@pxD<b79L2tn4iX6N7gkJX2|0;TiPhTSSJMdva5TWK6Eb*WY zNkRDJMC=^Dp|r*AlvzXM6_EBk61^2UqvK$ME)#`z-i@d9RNsnnd+?%r?=%+z6hN0@ zALFf=MrnM~@u_a#n6tPl=aT&PgN@Q5Te|M#w=w;j_KPKz<CjW!Sg*S)+5BGkR77<& z&C{y9BhiPlwyxF~)hZ72bjk0L$(_pV0z1$GQPo$xw7f8jfsEaf>J5V}uapZ6TdoRb zX<s_?l7c6DYRcUy);rUGtXW&2C(-J1!IpM?eB+~$?IW!rO1Nv4zDt@9p9y-J{+<vH zqPob*o)`^oFSWw+KOBGbpj%&Ee0%FXqh9Y5{odMHs&Y#EvvzI!(!c6cf^4$()W<a} z%^iEG9Q~|?DiQM=St}|yF)wi1#<D)_RM}se+i6*jYYK9`U(thlJCR>9`URkyeFAa2 z@3;&LKt?^dW7O3o<O+w49M98iZ*0}rTJY?gLY!3{?RerGBVwuo`XAVqTfOH4_wHSD z%U#(AkjA2c_FV?`E!LZ9Gnz~5$Dz~0^?^r1;(Y1@g)KTFMzfzeoIrap72T=bd$V7S zzelI=Kcf?#2ecjXe7{d_a{&tz2#@oxCV@kyJ#ohp>=ww`;@yXXSMDl-%<<cWR)&lY z-oW*BS=rf>6Av{#!~&r_lbE&r<zTtzyXUhg-|`D#RmZ^z=C;(Vv>QW^2Y9}y*wnvY z3=QoKe<gyR&j8*!29^8Z`M~q@=5KT1*Kz(@&1y9cwQs;FjplYi9o6yaZ(mwtK;?rN ztG+yvjwB|*<gBZag=D74-j@bM%}Lot0&2GNZ{ny<r7!v!kMYJUOGPDgS1c^x&sxM= zW(;uUj2zwHxzbvE%5L&B`;h0k+C}0O%UiR8-UbaUv8LQ^?V|3xU9Aicv?>pF!Vrp- zTw%U9UZVkpqRL(B2m91a!9%m3yxk|~q{=+Eibjqe@G|{u7v;e3P{&D1(tw;w25Q%$ zGO^nzvEPjn6ih%hS&NQDDCoBPCT`toB@a}e1ji*5EP(q#MZ8<PL!vQsk2?qUuj-S7 z&>i_znxHuFD&pDAXTCtT1#(kVyOD>}ciH|`H>eB4LwEGQeu7hbgCdZAR>^|BpmNK$ z6RP0-UQhF9Q4R6;WS#5ZMKw`ShZC#+RrwWE!2@+g`dR`1d=^kKp(mNd10KfP`LDi< ze?II2C_`%=3Vbq3r&3ygH%QRkdk<05N8%#}S}!cV=6Ss00ln_Hiy=rtW{033s?+um zML=bM6(o^RNm9J4nKmdytoqKR;XhXn{l%^fJw&7g{4)z6vabZZq6!rBwIDfmN#w7= zSaJ_sEa>BKw(Xy5pmv0b;D!x<Z|MT2*N3LxkQ|h%4N5XEQ~=!uUb{~qb$VQ3&DB(Q zd3j5s!UgnFpA!e&3^_?H82zL-RPAGT@?-sQi)%$MQ+h8Bj1+!2B_=9%;>j_7GQq^s zFY=L-iZQ9_FR$&loF?DD?3G>n^)vA>#ROXw_LKN_w9Ev)4O>y2RxOj$dcl7W5sZYK zniH|}K{pIh-biz~VMaC4hsZ412ctdD8Cv*aOn=v?KZjo;FH~Wpk&DqyRUxP6<P4?v z*ZoXWrx*|&&h^)H|C*OGSC!Kn46b-Zl0io;pHbj2u2!cgs+@h~7emQldYB;Ie6rSW zG%&j(oS~Vd#``!J<dqSw+`FlTrVqFV8yE@V9U0=*sPq@UQn@}o&l@^A7-;hYS36|b z^4>oh9>gW)Q+oD_0XaFmw3qwuM)K!o0}`%u9cs0BeaBz;f!(D##cbc`yFZDG6Oq^i zo8gBh^-DjiZ$N&W0`48=mw#eB3wOWRxEhI}iE4}2+(>deVN~W~Gv$s17DPZ;Flk0O z{DtC3RIN2TJok90%RA!Yx3~7gZ{+h@(EeM5JCZ7_Mra`~(%WpiH_~-q`25b%SU+NK z`oLA6rILDO6c?I_FRuR}!81q(<q~HlxIzkBV@=gyB-6(^L%Ti8<HHCUx)zWR<k`8z z?*r*X3XoGuuH+-aadD&}5Y<xE2e0!W5*=W5ibJQTJqaJYpN1C_(4EZsBY<^YRRj}X zXy-XXDY(+<egp(|&xL(GOG4g#4#AXO&nQhyu;K_Cm>rA4#mG+W5mO+{%*X!1`Px1* zsz0kTXU9HRRuj$TWV+$~?TY@0^8MuSxw13PbOaLB<nOQty2)>JFO~+Z=ry4D*G_T} z45OaZ42TK=ET>g5$H(poaHFM`AG9&Jew09kbtho2z`!?>CSgQCARUkVg*)jV-XoL^ z`DS%Z3s}rWH(-K^z9hFJR|g&|?fbVq?hrw{&!st1r(zx+7VIaBS<dUZ&dL+h#tR8C zm!HV2q5K>H_XyL2q-A&6(QBif0}p$@l5oHwW62=B9huQM6hXM0r@;c=(4IO+PCdy9 z1aRxg++{*KLKvv!Lsnc^z@lVO12fieqax7f0DU0n*M_eGxe$rtVAA)8W)}%LZvkGQ zrNH$hm<cq0lW%$8DoD7}bAZ~xoPJ_jPK^tIrn@RDiiCR812nWpqMQQ!JcJ&Q*X_bc zIFrIYaya{I2PzeR#3dl*nB$!m1VSd)6yglkbes<d&(Jj>GPArv>KngXQ2hSaefR8P zD_6RBP7_)&3qWAFQRQA>0Ab+cY2)}0ghK1h0vhVDH53Qtvf~2oEI6i}@Zr=!<Yo<a z&>F1*(F{6T9Xm##SBl`*+<Lb~Af37ibPD!Fh469YnY^5#9vsjZKOlbG+`9%sp(z0& zaNiRq1Cr7Q3#nh@#77{sJpl})w`mq23mjBOFxgbcJ&oQi4!{LxFz}9+G)+KJ5ftEY z6uN?h_OPSHg9c!hg{`MQ2^E^<X-%E%7T-n|TIh6tqDlVS(C?9H2v!$_CDd&H8e5WZ z=`YD8E`tonz8m7ri2=k>CIePUCoIOby3D(W;Vj#86%@ys6=W9EJ*<c8!OI~%Hv8B5 z`FNU%aC7xh5ErySBZ8lp(G%*g4{SkZzF{qAA>mLnJ1%>zsdVBSIlNCjfdv;nC{Ts1 z=V%V**tAyN{KkxIFbh0gbz<ojhY9uex91U!3|9q%7A=}by@lx@S8@R;1*K6%GvQKN zt0hW>p2at8MxR_+iWYHo3Y9i>!Q2``Gfh##aiMH9vG&p>G;-mxs~p~J8?{%}?`=Qz z)-m*ZyZ(OYoffp98f75dN#?N<s#0MA!kx(zG#_qEjdh?k!HpMN%nLb&5)p3*QNg9= zbB*kA8AF(&*qpE-lXANVg{`T^sHSqXyZJlR+VEson!1!|G^DJrX{hCG3zVtO6D)zo z-I{!1r*WIKrmw!uVt(##4)MfSo(;7x{NT?dX{&nH1N&_4)s3Qgk-AI8??QZ=F9q?8 z57EUQV9{*yXyb;IoDoQdvDQ$HVCoJ%SZm!It9D80>%%T~p@&h{n4Av%)%NG!2ZF<j z24x&dS6i4we5|RSE%TVra%@aaE!G$nyE4Y40lh<*6Pa-@I)%y;Oq)ATs(k=H)aCPe z^s2>1PhZ0j_R~jl?xAWQ-_ht>=A%K<7y*+_`-lJ@Hl(I~)xh<|t?jk(G88o(Bwxe@ z1k)lHp`@vG!)jX0Eb%u<^Ja2=N2nsUke*EIV>#muK_7DN6|}E;ur0S0H@=X&H$pMt zCk^_yFOM7&%?XLyyU_66mL34-rNn4<fKUsc!2|*$=lROFLo$=lNY!^0w)&xi-WM&t z+UUFsa<1C!SzC7%KZW=G6uo6JGGJ9PnbX&@{wNhdFT@0xG_Jr-U70`%8UZyAQF!Of zKC8+}G^&38{5T_|N*x)%nPf!I{KA=h=Q*GV`29gQS27*~m$YNr`e1-QgR}H6oJcjf z%R#BC#p)+*@eQ{j%Nx81+`vOQ=7)sNBmp=RN1kJVi5eAPpF&4RCkTBPi8jE59%BEm z99-@Tf8h~dNK<ft?zv)7IzpJi4b17m@j52Jku^X!Hbku{zhVx=unH<@j4TLwTW;6Q z33Y=TINAqtOt*jlPk^;PVOmOv&-`mbAnzFf#?0{m43BP8C4@-#!BQyYlS8pEkrX_R z^mr5@;H1{Q476Vc8nXo<l#fq?2^HlBMJ@!nK%xKG6+*h(=%T&RNw0h+hlX9QW31eb z*WPLw7tE;TOrAZZ4yX%g0E~@{F%hCt&cK=(^-V9;N__Z}yJuX!-CrBfL8CjZ48QX< zMnMiAV=ey$R*a=E#I>RuqAjYrJFglp$5AyA)tmJE{&xpShL=7pG<Zg}+fFOt@t<iH zlY*O1xn_OGaEbarRQitY5Te?x@YYuYKF<5`-aWkaG&MEBcevSNQt+eL?|)_yfc4$j zyO@<=Ts_F+u@I}!TphPsblOij38+!xFpx?mc4i7_{7+BZPha9Vj1gJO?b7xhsl3`2 zUi;DE@@FG<IfyVhfWzc$CGY)2Bbaa%mgciww^oPEo?SU3yGgaT=?qVG`YPGs`;fMP z)Sz&A^&O#W)+nvPP$Yz~AM@dg_ZlBKj6IxdR=qY<*xoRHi%e7IAuFUih-E<SvUWD) z<#!8*vx8a!XK)o0s&v)M`k8Cp7vzRF<x%i%c_P?b5Di8tP9Fa02VgdtfW~%d^jhy5 zILfe}$zkRMnON0{PVBXrG1lITkoj~#uK7HHWB`OC4nS>v(OPVucm_alY1*dIvv0jf zyFWrApuvb9KxWU#yaEB08ms|*Z0qSw1)E+=6x-hdAug7Hf~~t-p8r{;5pyH}W1Bp* z(%*=hn9OKgJ{~8X&e;Ct2p}w15&&}?Au!h{Mflb!j=7`^YcTOW?)ySQ{)1!KwZH*t zw7QJ)^Js4+9%;8htD(gwGGPO^BMSviG7-T@!RnHlONRU`WJKZ_pq*#ZGO}sqGak5c zz(`I47r|U)N=86@AaGTsjDkBkFs}~C%=-GK2z^o|n4r{{!i>95M)iU}q7+E3v`URI z7EsG~Ruk7LZZI(4-xB}>O9~VDQxkVh+40QZG4#}gW{*~#qE_cTn2-zv?Rv&{1PU`L z48G{AyAx@M6Fx`;8v`7VZAe1MWY>g<#6!?HyCc741kmOV99}gSlu;xC_{5o-L}*ko zbYH_F$Dd`CDKn)j5Bic*zX1--vi~MC!BF;NoS~!oC187iBlQR((GUpU&?Jq}^M3=l zebnp3?cXs1XxpYFhfnEPB48x@K_J-Q;6nd1xBducSd~cUv#VM<``}ti<y1s4X5f|& z7zh*izr=d*g(1Zud8fI0aKZJF0B7i<nHiU##0UJYF*Gjc&Tkn3w4s5lw?YnpggOA| z!7n#^tkr5jC5dy!G{0FgzYX>Xg7X%L>t+<!cWF1omrFFXxAJ9YZzaG9=!}zZ9HHmw zxCh3~yr%vgBM@y;oT14kkwp8bc{PASQ+Hk7tt^nezu&jkr0A@sWpp%D^XQxm3ArW6 zflk`j9{71^042!9oK6@ry?ss91t51e(3$L<F2eBV1!B8XCF5@y0kom^-j4hxaFX+% zO&HB&)0Up`3S{faLxFn&4ggu-JrNB>^IbG{n1L^{?@+)?SIt;JDh*&*%ZjVyPosdl z6N1L|o&PN(fVKr7Yd<+MZbTviC^SM<0c0{idC5~epIPDW&uF<m7QXVh5J$~<9{`%S zxul{5epnLh_q=`m$8UYdq#S~2DmecXSD6=5zXv6>kwPmU!srSj!c(9W?>>sK{>)Qi zD(qTdWb0uc3AOTTZtuL7XS~U)mNQt*7qW_iz8E+#I>z}K<&-JR7y7DJEd&^&iq^@t zMqXTKYQi5f>cvdtOjes!I7jI;A<HYh9<#<`yStEI+f$oS5v=U>Mg5t`p@R|lBW-b_ z;@72DJ=jX-dKXJCdpD(S^+w34JZVTniSP(kEClqIIHDz7`|nGbH_s`1v)+#Ev}RZJ zN1O+$_~lCI_vrTHioGmH447FC5-*Q@GeE7p5MBy@l^qdjaN`3xle(Z^cI{@8_xwFR ztSr4OTQv%U#%1;K#QXXwVNmGTre+n_He8YKS*aXILS&4L7Dq=K!$5KCbBuW`ehX82 zRApq9hp|CKHh~$<QlJk1BXe_NJw*jGCz>4*>$k0I_(w-{zjNz*%!jmu;Ke9o<^+z{ zRv2`9jH^LrUk`%`bEUhF!z#PTMDY4zqpy5J-14E*ZB?7Oi;L6eh*dnrZbx3xWmon` zTmh_2nTLMI7`s?2s41g_b1*H%j8&k^am7e{CARs|K8*228Fzf0gv)ejv~%~DFyYRv ziRWqY4!0wpDyRiz;T%ggMJ)uY&JN?JYZv2<Ojcev<9+8HN9IXUAvRQP_ZGs3a%j%` zIW250CRA66r&i)!!)6>&K7JKn@?T-%iw`ryg`Tm{DNsf%qJob%<2Rd{iVf8~<^)qJ zfIaeMQXWNcrUR9B5osdWm+sa}3=wv!a}{qE$r&i!i;=_1GA#^_J-%$oq*r2%G+g{# zzZe<oN7F?mD{Oq`56ofgY`DM>TJtG#?OYyOuIou)WX>lU@p%vPa~OkTLny!PciT-b zDbkw40BgR-)a`D^9ErWrxi-LKHN+@1Gab@}{gm_wm?7Vtp64L&19N>K*rfZT6d_v+ zkfhLLkjJ}yrIcpM@mu>)SNEm`=h@mO)mR<M){BwdURZ8#W=%C>Pdngy1C!Iwvh+{| zkRtTHRP?aNQo4kDbtOx}6y@;??FqCxY^P-?%Urw+J^KUlmJ<(gwKfd6H{7&3)Yx#j zUd0mxrQfY8g2Bwvwb~*%$T8H%VmmT#>@MrYY8hYiSfZ^Y+@XS;%`}|B5!tc{{91qR zkuZ)pm-;MZ=X`ln<gMZeW-4h~Q4ZhZRa@dhJ{F^qK=XWg)bB|}_*u-ZV(wuc0CSv= zbsSvN!wNk>``kJ>GAiwMVhnhCWiwY^BA5~|{^WZi1Uq_(Z7^4IxWIOJ<nXHN{IgOK zi(z;xs(VYvYVOn@Nox&XhghpWSK^{F-M7uL^Rh$L(Odm?4xv)vUKc`Ro#dWXG&>;I zC_kR|bL)QG*A(kMC=)*H*?a|noMd|KKw8fGnjjXJF<B6}zUku~d}fwo?AdENHqxaY z$l1k*e8^to3z)>YqF^etga8@UCy6$;#l8<)mmV@N9}de28<uiFnV+lJE{nyK!6}1p z?ENP6A2B#k_eLFsD=%5QpC`n%y>j!8$QLWok<}#1h_H>-8=ITJh{Cso%8tjZH@%sz zQ^d9lmMsKGc#dZ_T}v{qx~3{=YH6R3-^erl@WNw3OuR7*wPtZ(5|=OGyLLFm*B}`; zT&EbfjUFEWSXmE%Xz&h*pZ&b1poSY$`es1y$ldl6dbH}&Sf2y>+jqX^k0h+O3x)*D zV8d3*%6dmAg|;r6ji!Vdp7TdQyVx7Eoev3S8<dAa0sns#3f`{h1I+o)F%8%>o*iJ$ zoHza?<n&<ElRjvQcXxP%Y-yat$Kt<u_?N)`zj*k+c=*3~_#c7&e~O25X8|BKn#;%_ z0sEYqJz1ZieS;YQe)X)rIS_2TO@dUBdt&}h<TGy(1|nD^$ZQ+EBnh{@c3`(6*plHk z4*x)qfbIZ?0CNx~&86cAx4m~9IyWP=Jgrc(_0K@#FHDWd1L;9tyc*$-)=o&E1sfp2 zQ5L5N-0RK^iMk+F&{a<(h?jqn91JLIXcd7@4*&Yst`8cSAhpU&>-y!FkQ@Kot-&1` z@oIx?ueZx)*Q`Ipv%fzY*cn6*vSa$0slR2BGY<qDk2CUrE2AF{M}Nu1eO-VlD%g_# gR!08^YOp4Iy6$pkz3+{ad%&NPoZ7|g^QJfd2c?owL;wH) literal 0 HcmV?d00001 diff --git a/website/yarn.lock b/website/yarn.lock new file mode 100644 index 0000000..471b750 --- /dev/null +++ b/website/yarn.lock @@ -0,0 +1,9081 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +"@algolia/abtesting@1.2.0": + version "1.2.0" + resolved "https://registry.yarnpkg.com/@algolia/abtesting/-/abtesting-1.2.0.tgz#6b32151773980ff16b3d72563c916bf5c7755051" + integrity sha512-Z6Liq7US5CpdHExZLfPMBPxQHHUObV587kGvCLniLr1UTx0fGFIeGNWd005WIqQXqEda9GyAi7T2e7DUupVv0g== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/autocomplete-core@1.17.9": + version "1.17.9" + resolved "https://registry.yarnpkg.com/@algolia/autocomplete-core/-/autocomplete-core-1.17.9.tgz#83374c47dc72482aa45d6b953e89377047f0dcdc" + integrity sha512-O7BxrpLDPJWWHv/DLA9DRFWs+iY1uOJZkqUwjS5HSZAGcl0hIVCQ97LTLewiZmZ402JYUrun+8NqFP+hCknlbQ== + dependencies: + "@algolia/autocomplete-plugin-algolia-insights" "1.17.9" + "@algolia/autocomplete-shared" "1.17.9" + +"@algolia/autocomplete-plugin-algolia-insights@1.17.9": + version "1.17.9" + resolved "https://registry.yarnpkg.com/@algolia/autocomplete-plugin-algolia-insights/-/autocomplete-plugin-algolia-insights-1.17.9.tgz#74c86024d09d09e8bfa3dd90b844b77d9f9947b6" + integrity sha512-u1fEHkCbWF92DBeB/KHeMacsjsoI0wFhjZtlCq2ddZbAehshbZST6Hs0Avkc0s+4UyBGbMDnSuXHLuvRWK5iDQ== + dependencies: + "@algolia/autocomplete-shared" "1.17.9" + +"@algolia/autocomplete-preset-algolia@1.17.9": + version "1.17.9" + resolved "https://registry.yarnpkg.com/@algolia/autocomplete-preset-algolia/-/autocomplete-preset-algolia-1.17.9.tgz#911f3250544eb8ea4096fcfb268f156b085321b5" + integrity sha512-Na1OuceSJeg8j7ZWn5ssMu/Ax3amtOwk76u4h5J4eK2Nx2KB5qt0Z4cOapCsxot9VcEN11ADV5aUSlQF4RhGjQ== + dependencies: + "@algolia/autocomplete-shared" "1.17.9" + +"@algolia/autocomplete-shared@1.17.9": + version "1.17.9" + resolved "https://registry.yarnpkg.com/@algolia/autocomplete-shared/-/autocomplete-shared-1.17.9.tgz#5f38868f7cb1d54b014b17a10fc4f7e79d427fa8" + integrity sha512-iDf05JDQ7I0b7JEA/9IektxN/80a2MZ1ToohfmNS3rfeuQnIKI3IJlIafD0xu4StbtQTghx9T3Maa97ytkXenQ== + +"@algolia/client-abtesting@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/client-abtesting/-/client-abtesting-5.36.0.tgz#a570dfb55c7345ad5ee608dc55500496f8d52f4e" + integrity sha512-uGr57O1UqDDeZHYXr1VnUomtdgQMxb6fS8yC/LXCMOn5ucN4k6FlcCRqXQnUyiiFZNG/rVK3zpRiyomq4JWXdQ== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/client-analytics@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/client-analytics/-/client-analytics-5.36.0.tgz#d74b4e2743003a2608e430c09d1593ad767d853e" + integrity sha512-/zrf0NMxcvBBQ4r9lIqM7rMt7oI7gY7bZ+bNcgpZAQMvzXbKJVla3MqKGuPC/bfOthKvAcAr0mCZ8/7GwBmkVw== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/client-common@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/client-common/-/client-common-5.36.0.tgz#c09fe676589f15addf73d67fcfb46196903b5889" + integrity sha512-fDsg9w6xXWQyNkm/VfiWF2D9wnpTPv0fRVei7lWtz7cXJewhOmP1kKE2GaDTI4QDxVxgDkoPJ1+3UVMIzTcjjQ== + +"@algolia/client-insights@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/client-insights/-/client-insights-5.36.0.tgz#6708cc247bd21a8c1d50cc6d122a222898484465" + integrity sha512-x6ZICyIN3BZjja47lqlMLG+AZwfx9wrYWttd6Daxp+wX/fFGxha6gdqxeoi5J44BmFqK8CUU4u8vpwHqGOCl4g== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/client-personalization@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/client-personalization/-/client-personalization-5.36.0.tgz#1dc35b54c0dbb651d8e1ff859e9a33e5e1d33f2d" + integrity sha512-gnH9VHrC+/9OuaumbgxNXzzEq1AY2j3tm00ymNXNz35T7RQ2AK/x4T5b2UnjOUJejuXaSJ88gFyPk3nM5OhJZQ== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/client-query-suggestions@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/client-query-suggestions/-/client-query-suggestions-5.36.0.tgz#e3d60d902c8b4f40b7ef3d515963b140335c8623" + integrity sha512-GkWIS+cAMoxsNPHEp3j7iywO9JJMVHVCWHzPPHFXIe0iNIOfsnZy5MqC1T9sifjqoU9b0GGbzzdxB3TEdwfiFA== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/client-search@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/client-search/-/client-search-5.36.0.tgz#ed71d9d3e29254ac6529c7d58d3e06e5ca37b4ca" + integrity sha512-MLx32nSeDSNxfx28IfvwfHEfeo3AYe9JgEj0rLeYtJGmt0W30K6tCNokxhWGUUKrggQTH6H1lnohWsoj2OC2bw== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/events@^4.0.1": + version "4.0.1" + resolved "https://registry.yarnpkg.com/@algolia/events/-/events-4.0.1.tgz#fd39e7477e7bc703d7f893b556f676c032af3950" + integrity sha512-FQzvOCgoFXAbf5Y6mYozw2aj5KCJoA3m4heImceldzPSMbdyS4atVjJzXKMsfX3wnZTFYwkkt8/z8UesLHlSBQ== + +"@algolia/ingestion@1.36.0": + version "1.36.0" + resolved "https://registry.yarnpkg.com/@algolia/ingestion/-/ingestion-1.36.0.tgz#a2d0776a39c90046e37d68304f07c094b59aefa6" + integrity sha512-6zmlPLCsyzShOsfs1G1uqxwLTojte3NLyukwyUmJFfa46DSq3wkIOE9hFtqAoV951dXp4sZd2KCFYJmgRjcYbA== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/monitoring@1.36.0": + version "1.36.0" + resolved "https://registry.yarnpkg.com/@algolia/monitoring/-/monitoring-1.36.0.tgz#d6d44367e216552489dc8d4c24df710dedd2f8cd" + integrity sha512-SjJeDqlzAKJiWhquqfDWLEu5X/PIM+5KvUH65c4LBvt8T+USOVJbijtzA9UHZ1eUIfFSDBmbzEH0YvlS6Di2mg== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/recommend@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/recommend/-/recommend-5.36.0.tgz#901d10137db20c283f521ed1d5f8c1192ecae911" + integrity sha512-FalJm3h9fwoZZpkkMpA0r4Grcvjk32FzmC4CXvlpyF/gBvu6pXE01yygjJBU20zGVLGsXU+Ad8nYPf+oGD7Zkg== + dependencies: + "@algolia/client-common" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +"@algolia/requester-browser-xhr@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/requester-browser-xhr/-/requester-browser-xhr-5.36.0.tgz#972d8a67f4c42ced745dc8b3ae786a14e06771da" + integrity sha512-weE9SImWIDmQrfGLb1pSPEfP3mioKQ84GaQRpUmjFxlxG/4nW2bSsmkV+kNp1s+iomL2gnxFknSmcQuuAy+kPA== + dependencies: + "@algolia/client-common" "5.36.0" + +"@algolia/requester-fetch@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/requester-fetch/-/requester-fetch-5.36.0.tgz#eb13396ae2cbfe6795f90ea6f9b0e575f21a52ac" + integrity sha512-zGPI2sgzvOwCHTVMmDvc301iirOKCtJ+Egh+HQB/+DG0zTGUT1DpdwQVT25A7Yin/twnO8CkFpI/S+74FVYNjg== + dependencies: + "@algolia/client-common" "5.36.0" + +"@algolia/requester-node-http@5.36.0": + version "5.36.0" + resolved "https://registry.yarnpkg.com/@algolia/requester-node-http/-/requester-node-http-5.36.0.tgz#895cc5127e3e87310affbfd8f90a37572d9cd683" + integrity sha512-dNbBGE/O6VG/6vFhv3CFm5za4rubAVrhQf/ef0YWiDqPMmalPxGEzIijw4xV1mU1JmX2ffyp/x8Kdtz24sDkOQ== + dependencies: + "@algolia/client-common" "5.36.0" + +"@ampproject/remapping@^2.2.0": + version "2.3.0" + resolved "https://registry.yarnpkg.com/@ampproject/remapping/-/remapping-2.3.0.tgz#ed441b6fa600072520ce18b43d2c8cc8caecc7f4" + integrity sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw== + dependencies: + "@jridgewell/gen-mapping" "^0.3.5" + "@jridgewell/trace-mapping" "^0.3.24" + +"@babel/code-frame@^7.0.0", "@babel/code-frame@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.27.1.tgz#200f715e66d52a23b221a9435534a91cc13ad5be" + integrity sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg== + dependencies: + "@babel/helper-validator-identifier" "^7.27.1" + js-tokens "^4.0.0" + picocolors "^1.1.1" + +"@babel/compat-data@^7.27.2", "@babel/compat-data@^7.27.7", "@babel/compat-data@^7.28.0": + version "7.28.0" + resolved "https://registry.yarnpkg.com/@babel/compat-data/-/compat-data-7.28.0.tgz#9fc6fd58c2a6a15243cd13983224968392070790" + integrity sha512-60X7qkglvrap8mn1lh2ebxXdZYtUcpd7gsmy9kLaBJ4i/WdY8PqTSdxyA8qraikqKQK5C1KRBKXqznrVapyNaw== + +"@babel/core@^7.21.3", "@babel/core@^7.25.9": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.28.3.tgz#aceddde69c5d1def69b839d09efa3e3ff59c97cb" + integrity sha512-yDBHV9kQNcr2/sUr9jghVyz9C3Y5G2zUM2H2lo+9mKv4sFgbA8s8Z9t8D1jiTkGoO/NoIfKMyKWr4s6CN23ZwQ== + dependencies: + "@ampproject/remapping" "^2.2.0" + "@babel/code-frame" "^7.27.1" + "@babel/generator" "^7.28.3" + "@babel/helper-compilation-targets" "^7.27.2" + "@babel/helper-module-transforms" "^7.28.3" + "@babel/helpers" "^7.28.3" + "@babel/parser" "^7.28.3" + "@babel/template" "^7.27.2" + "@babel/traverse" "^7.28.3" + "@babel/types" "^7.28.2" + convert-source-map "^2.0.0" + debug "^4.1.0" + gensync "^1.0.0-beta.2" + json5 "^2.2.3" + semver "^6.3.1" + +"@babel/generator@^7.25.9", "@babel/generator@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.28.3.tgz#9626c1741c650cbac39121694a0f2d7451b8ef3e" + integrity sha512-3lSpxGgvnmZznmBkCRnVREPUFJv2wrv9iAoFDvADJc0ypmdOxdUtcLeBgBJ6zE0PMeTKnxeQzyk0xTBq4Ep7zw== + dependencies: + "@babel/parser" "^7.28.3" + "@babel/types" "^7.28.2" + "@jridgewell/gen-mapping" "^0.3.12" + "@jridgewell/trace-mapping" "^0.3.28" + jsesc "^3.0.2" + +"@babel/helper-annotate-as-pure@^7.27.1", "@babel/helper-annotate-as-pure@^7.27.3": + version "7.27.3" + resolved "https://registry.yarnpkg.com/@babel/helper-annotate-as-pure/-/helper-annotate-as-pure-7.27.3.tgz#f31fd86b915fc4daf1f3ac6976c59be7084ed9c5" + integrity sha512-fXSwMQqitTGeHLBC08Eq5yXz2m37E4pJX1qAU1+2cNedz/ifv/bVXft90VeSav5nFO61EcNgwr0aJxbyPaWBPg== + dependencies: + "@babel/types" "^7.27.3" + +"@babel/helper-compilation-targets@^7.27.1", "@babel/helper-compilation-targets@^7.27.2": + version "7.27.2" + resolved "https://registry.yarnpkg.com/@babel/helper-compilation-targets/-/helper-compilation-targets-7.27.2.tgz#46a0f6efab808d51d29ce96858dd10ce8732733d" + integrity sha512-2+1thGUUWWjLTYTHZWK1n8Yga0ijBz1XAhUXcKy81rd5g6yh7hGqMp45v7cadSbEHc9G3OTv45SyneRN3ps4DQ== + dependencies: + "@babel/compat-data" "^7.27.2" + "@babel/helper-validator-option" "^7.27.1" + browserslist "^4.24.0" + lru-cache "^5.1.1" + semver "^6.3.1" + +"@babel/helper-create-class-features-plugin@^7.27.1", "@babel/helper-create-class-features-plugin@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.28.3.tgz#3e747434ea007910c320c4d39a6b46f20f371d46" + integrity sha512-V9f6ZFIYSLNEbuGA/92uOvYsGCJNsuA8ESZ4ldc09bWk/j8H8TKiPw8Mk1eG6olpnO0ALHJmYfZvF4MEE4gajg== + dependencies: + "@babel/helper-annotate-as-pure" "^7.27.3" + "@babel/helper-member-expression-to-functions" "^7.27.1" + "@babel/helper-optimise-call-expression" "^7.27.1" + "@babel/helper-replace-supers" "^7.27.1" + "@babel/helper-skip-transparent-expression-wrappers" "^7.27.1" + "@babel/traverse" "^7.28.3" + semver "^6.3.1" + +"@babel/helper-create-regexp-features-plugin@^7.18.6", "@babel/helper-create-regexp-features-plugin@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.27.1.tgz#05b0882d97ba1d4d03519e4bce615d70afa18c53" + integrity sha512-uVDC72XVf8UbrH5qQTc18Agb8emwjTiZrQE11Nv3CuBEZmVvTwwE9CBUEvHku06gQCAyYf8Nv6ja1IN+6LMbxQ== + dependencies: + "@babel/helper-annotate-as-pure" "^7.27.1" + regexpu-core "^6.2.0" + semver "^6.3.1" + +"@babel/helper-define-polyfill-provider@^0.6.5": + version "0.6.5" + resolved "https://registry.yarnpkg.com/@babel/helper-define-polyfill-provider/-/helper-define-polyfill-provider-0.6.5.tgz#742ccf1cb003c07b48859fc9fa2c1bbe40e5f753" + integrity sha512-uJnGFcPsWQK8fvjgGP5LZUZZsYGIoPeRjSF5PGwrelYgq7Q15/Ft9NGFp1zglwgIv//W0uG4BevRuSJRyylZPg== + dependencies: + "@babel/helper-compilation-targets" "^7.27.2" + "@babel/helper-plugin-utils" "^7.27.1" + debug "^4.4.1" + lodash.debounce "^4.0.8" + resolve "^1.22.10" + +"@babel/helper-globals@^7.28.0": + version "7.28.0" + resolved "https://registry.yarnpkg.com/@babel/helper-globals/-/helper-globals-7.28.0.tgz#b9430df2aa4e17bc28665eadeae8aa1d985e6674" + integrity sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw== + +"@babel/helper-member-expression-to-functions@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.27.1.tgz#ea1211276be93e798ce19037da6f06fbb994fa44" + integrity sha512-E5chM8eWjTp/aNoVpcbfM7mLxu9XGLWYise2eBKGQomAk/Mb4XoxyqXTZbuTohbsl8EKqdlMhnDI2CCLfcs9wA== + dependencies: + "@babel/traverse" "^7.27.1" + "@babel/types" "^7.27.1" + +"@babel/helper-module-imports@^7.16.7", "@babel/helper-module-imports@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-module-imports/-/helper-module-imports-7.27.1.tgz#7ef769a323e2655e126673bb6d2d6913bbead204" + integrity sha512-0gSFWUPNXNopqtIPQvlD5WgXYI5GY2kP2cCvoT8kczjbfcfuIljTbcWrulD1CIPIX2gt1wghbDy08yE1p+/r3w== + dependencies: + "@babel/traverse" "^7.27.1" + "@babel/types" "^7.27.1" + +"@babel/helper-module-transforms@^7.27.1", "@babel/helper-module-transforms@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.28.3.tgz#a2b37d3da3b2344fe085dab234426f2b9a2fa5f6" + integrity sha512-gytXUbs8k2sXS9PnQptz5o0QnpLL51SwASIORY6XaBKF88nsOT0Zw9szLqlSGQDP/4TljBAD5y98p2U1fqkdsw== + dependencies: + "@babel/helper-module-imports" "^7.27.1" + "@babel/helper-validator-identifier" "^7.27.1" + "@babel/traverse" "^7.28.3" + +"@babel/helper-optimise-call-expression@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.27.1.tgz#c65221b61a643f3e62705e5dd2b5f115e35f9200" + integrity sha512-URMGH08NzYFhubNSGJrpUEphGKQwMQYBySzat5cAByY1/YgIRkULnIy3tAMeszlL/so2HbeilYloUmSpd7GdVw== + dependencies: + "@babel/types" "^7.27.1" + +"@babel/helper-plugin-utils@^7.0.0", "@babel/helper-plugin-utils@^7.18.6", "@babel/helper-plugin-utils@^7.27.1", "@babel/helper-plugin-utils@^7.8.0": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-plugin-utils/-/helper-plugin-utils-7.27.1.tgz#ddb2f876534ff8013e6c2b299bf4d39b3c51d44c" + integrity sha512-1gn1Up5YXka3YYAHGKpbideQ5Yjf1tDa9qYcgysz+cNCXukyLl6DjPXhD3VRwSb8c0J9tA4b2+rHEZtc6R0tlw== + +"@babel/helper-remap-async-to-generator@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-remap-async-to-generator/-/helper-remap-async-to-generator-7.27.1.tgz#4601d5c7ce2eb2aea58328d43725523fcd362ce6" + integrity sha512-7fiA521aVw8lSPeI4ZOD3vRFkoqkJcS+z4hFo82bFSH/2tNd6eJ5qCVMS5OzDmZh/kaHQeBaeyxK6wljcPtveA== + dependencies: + "@babel/helper-annotate-as-pure" "^7.27.1" + "@babel/helper-wrap-function" "^7.27.1" + "@babel/traverse" "^7.27.1" + +"@babel/helper-replace-supers@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.27.1.tgz#b1ed2d634ce3bdb730e4b52de30f8cccfd692bc0" + integrity sha512-7EHz6qDZc8RYS5ElPoShMheWvEgERonFCs7IAonWLLUTXW59DP14bCZt89/GKyreYn8g3S83m21FelHKbeDCKA== + dependencies: + "@babel/helper-member-expression-to-functions" "^7.27.1" + "@babel/helper-optimise-call-expression" "^7.27.1" + "@babel/traverse" "^7.27.1" + +"@babel/helper-skip-transparent-expression-wrappers@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-skip-transparent-expression-wrappers/-/helper-skip-transparent-expression-wrappers-7.27.1.tgz#62bb91b3abba8c7f1fec0252d9dbea11b3ee7a56" + integrity sha512-Tub4ZKEXqbPjXgWLl2+3JpQAYBJ8+ikpQ2Ocj/q/r0LwE3UhENh7EUabyHjz2kCEsrRY83ew2DQdHluuiDQFzg== + dependencies: + "@babel/traverse" "^7.27.1" + "@babel/types" "^7.27.1" + +"@babel/helper-string-parser@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz#54da796097ab19ce67ed9f88b47bb2ec49367687" + integrity sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA== + +"@babel/helper-validator-identifier@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz#a7054dcc145a967dd4dc8fee845a57c1316c9df8" + integrity sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow== + +"@babel/helper-validator-option@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/helper-validator-option/-/helper-validator-option-7.27.1.tgz#fa52f5b1e7db1ab049445b421c4471303897702f" + integrity sha512-YvjJow9FxbhFFKDSuFnVCe2WxXk1zWc22fFePVNEaWJEu8IrZVlda6N0uHwzZrUM1il7NC9Mlp4MaJYbYd9JSg== + +"@babel/helper-wrap-function@^7.27.1": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/helper-wrap-function/-/helper-wrap-function-7.28.3.tgz#fe4872092bc1438ffd0ce579e6f699609f9d0a7a" + integrity sha512-zdf983tNfLZFletc0RRXYrHrucBEg95NIFMkn6K9dbeMYnsgHaSBGcQqdsCSStG2PYwRre0Qc2NNSCXbG+xc6g== + dependencies: + "@babel/template" "^7.27.2" + "@babel/traverse" "^7.28.3" + "@babel/types" "^7.28.2" + +"@babel/helpers@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.28.3.tgz#b83156c0a2232c133d1b535dd5d3452119c7e441" + integrity sha512-PTNtvUQihsAsDHMOP5pfobP8C6CM4JWXmP8DrEIt46c3r2bf87Ua1zoqevsMo9g+tWDwgWrFP5EIxuBx5RudAw== + dependencies: + "@babel/template" "^7.27.2" + "@babel/types" "^7.28.2" + +"@babel/parser@^7.27.2", "@babel/parser@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.28.3.tgz#d2d25b814621bca5fe9d172bc93792547e7a2a71" + integrity sha512-7+Ey1mAgYqFAx2h0RuoxcQT5+MlG3GTV0TQrgr7/ZliKsm/MNDxVVutlWaziMq7wJNAz8MTqz55XLpWvva6StA== + dependencies: + "@babel/types" "^7.28.2" + +"@babel/plugin-bugfix-firefox-class-in-computed-class-key@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-bugfix-firefox-class-in-computed-class-key/-/plugin-bugfix-firefox-class-in-computed-class-key-7.27.1.tgz#61dd8a8e61f7eb568268d1b5f129da3eee364bf9" + integrity sha512-QPG3C9cCVRQLxAVwmefEmwdTanECuUBMQZ/ym5kiw3XKCGA7qkuQLcjWWHcrD/GKbn/WmJwaezfuuAOcyKlRPA== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/traverse" "^7.27.1" + +"@babel/plugin-bugfix-safari-class-field-initializer-scope@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-bugfix-safari-class-field-initializer-scope/-/plugin-bugfix-safari-class-field-initializer-scope-7.27.1.tgz#43f70a6d7efd52370eefbdf55ae03d91b293856d" + integrity sha512-qNeq3bCKnGgLkEXUuFry6dPlGfCdQNZbn7yUAPCInwAJHMU7THJfrBSozkcWq5sNM6RcF3S8XyQL2A52KNR9IA== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression/-/plugin-bugfix-safari-id-destructuring-collision-in-function-expression-7.27.1.tgz#beb623bd573b8b6f3047bd04c32506adc3e58a72" + integrity sha512-g4L7OYun04N1WyqMNjldFwlfPCLVkgB54A/YCXICZYBsvJJE3kByKv9c9+R/nAfmIfjl2rKYLNyMHboYbZaWaA== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining/-/plugin-bugfix-v8-spread-parameters-in-optional-chaining-7.27.1.tgz#e134a5479eb2ba9c02714e8c1ebf1ec9076124fd" + integrity sha512-oO02gcONcD5O1iTLi/6frMJBIwWEHceWGSGqrpCmEL8nogiS6J9PBlE48CaK20/Jx1LuRml9aDftLgdjXT8+Cw== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-skip-transparent-expression-wrappers" "^7.27.1" + "@babel/plugin-transform-optional-chaining" "^7.27.1" + +"@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly/-/plugin-bugfix-v8-static-class-fields-redefine-readonly-7.28.3.tgz#373f6e2de0016f73caf8f27004f61d167743742a" + integrity sha512-b6YTX108evsvE4YgWyQ921ZAFFQm3Bn+CA3+ZXlNVnPhx+UfsVURoPjfGAPCjBgrqo30yX/C2nZGX96DxvR9Iw== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/traverse" "^7.28.3" + +"@babel/plugin-proposal-private-property-in-object@7.21.0-placeholder-for-preset-env.2": + version "7.21.0-placeholder-for-preset-env.2" + resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-private-property-in-object/-/plugin-proposal-private-property-in-object-7.21.0-placeholder-for-preset-env.2.tgz#7844f9289546efa9febac2de4cfe358a050bd703" + integrity sha512-SOSkfJDddaM7mak6cPEpswyTRnuRltl429hMraQEglW+OkovnCzsiszTmsrlY//qLFjCpQDFRvjdm2wA5pPm9w== + +"@babel/plugin-syntax-dynamic-import@^7.8.3": + version "7.8.3" + resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-dynamic-import/-/plugin-syntax-dynamic-import-7.8.3.tgz#62bf98b2da3cd21d626154fc96ee5b3cb68eacb3" + integrity sha512-5gdGbFon+PszYzqs83S3E5mpi7/y/8M9eC90MRTZfduQOYW76ig6SOSPNe41IG5LoP3FGBn2N0RjVDSQiS94kQ== + dependencies: + "@babel/helper-plugin-utils" "^7.8.0" + +"@babel/plugin-syntax-import-assertions@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-import-assertions/-/plugin-syntax-import-assertions-7.27.1.tgz#88894aefd2b03b5ee6ad1562a7c8e1587496aecd" + integrity sha512-UT/Jrhw57xg4ILHLFnzFpPDlMbcdEicaAtjPQpbj9wa8T4r5KVWCimHcL/460g8Ht0DMxDyjsLgiWSkVjnwPFg== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-syntax-import-attributes@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.27.1.tgz#34c017d54496f9b11b61474e7ea3dfd5563ffe07" + integrity sha512-oFT0FrKHgF53f4vOsZGi2Hh3I35PfSmVs4IBFLFj4dnafP+hIWDLg3VyKmUHfLoLHlyxY4C7DGtmHuJgn+IGww== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-syntax-jsx@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.27.1.tgz#2f9beb5eff30fa507c5532d107daac7b888fa34c" + integrity sha512-y8YTNIeKoyhGd9O0Jiyzyyqk8gdjnumGTQPsz0xOZOQ2RmkVJeZ1vmmfIvFEKqucBG6axJGBZDE/7iI5suUI/w== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-syntax-typescript@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.27.1.tgz#5147d29066a793450f220c63fa3a9431b7e6dd18" + integrity sha512-xfYCBMxveHrRMnAWl1ZlPXOZjzkN82THFvLhQhFXFt81Z5HnN+EtUkZhv/zcKpmT3fzmWZB0ywiBrbC3vogbwQ== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-syntax-unicode-sets-regex@^7.18.6": + version "7.18.6" + resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-unicode-sets-regex/-/plugin-syntax-unicode-sets-regex-7.18.6.tgz#d49a3b3e6b52e5be6740022317580234a6a47357" + integrity sha512-727YkEAPwSIQTv5im8QHz3upqp92JTWhidIC81Tdx4VJYIte/VndKf1qKrfnnhPLiPghStWfvC/iFaMCQu7Nqg== + dependencies: + "@babel/helper-create-regexp-features-plugin" "^7.18.6" + "@babel/helper-plugin-utils" "^7.18.6" + +"@babel/plugin-transform-arrow-functions@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-arrow-functions/-/plugin-transform-arrow-functions-7.27.1.tgz#6e2061067ba3ab0266d834a9f94811196f2aba9a" + integrity sha512-8Z4TGic6xW70FKThA5HYEKKyBpOOsucTOD1DjU3fZxDg+K3zBJcXMFnt/4yQiZnf5+MiOMSXQ9PaEK/Ilh1DeA== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-async-generator-functions@^7.28.0": + version "7.28.0" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-async-generator-functions/-/plugin-transform-async-generator-functions-7.28.0.tgz#1276e6c7285ab2cd1eccb0bc7356b7a69ff842c2" + integrity sha512-BEOdvX4+M765icNPZeidyADIvQ1m1gmunXufXxvRESy/jNNyfovIqUyE7MVgGBjWktCoJlzvFA1To2O4ymIO3Q== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-remap-async-to-generator" "^7.27.1" + "@babel/traverse" "^7.28.0" + +"@babel/plugin-transform-async-to-generator@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.27.1.tgz#9a93893b9379b39466c74474f55af03de78c66e7" + integrity sha512-NREkZsZVJS4xmTr8qzE5y8AfIPqsdQfRuUiLRTEzb7Qii8iFWCyDKaUV2c0rCuh4ljDZ98ALHP/PetiBV2nddA== + dependencies: + "@babel/helper-module-imports" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-remap-async-to-generator" "^7.27.1" + +"@babel/plugin-transform-block-scoped-functions@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoped-functions/-/plugin-transform-block-scoped-functions-7.27.1.tgz#558a9d6e24cf72802dd3b62a4b51e0d62c0f57f9" + integrity sha512-cnqkuOtZLapWYZUYM5rVIdv1nXYuFVIltZ6ZJ7nIj585QsjKM5dhL2Fu/lICXZ1OyIAFc7Qy+bvDAtTXqGrlhg== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-block-scoping@^7.28.0": + version "7.28.0" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.28.0.tgz#e7c50cbacc18034f210b93defa89638666099451" + integrity sha512-gKKnwjpdx5sER/wl0WN0efUBFzF/56YZO0RJrSYP4CljXnP31ByY7fol89AzomdlLNzI36AvOTmYHsnZTCkq8Q== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-class-properties@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-class-properties/-/plugin-transform-class-properties-7.27.1.tgz#dd40a6a370dfd49d32362ae206ddaf2bb082a925" + integrity sha512-D0VcalChDMtuRvJIu3U/fwWjf8ZMykz5iZsg77Nuj821vCKI3zCyRLwRdWbsuJ/uRwZhZ002QtCqIkwC/ZkvbA== + dependencies: + "@babel/helper-create-class-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-class-static-block@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-class-static-block/-/plugin-transform-class-static-block-7.28.3.tgz#d1b8e69b54c9993bc558203e1f49bfc979bfd852" + integrity sha512-LtPXlBbRoc4Njl/oh1CeD/3jC+atytbnf/UqLoqTDcEYGUPj022+rvfkbDYieUrSj3CaV4yHDByPE+T2HwfsJg== + dependencies: + "@babel/helper-create-class-features-plugin" "^7.28.3" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-classes@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-classes/-/plugin-transform-classes-7.28.3.tgz#598297260343d0edbd51cb5f5075e07dee91963a" + integrity sha512-DoEWC5SuxuARF2KdKmGUq3ghfPMO6ZzR12Dnp5gubwbeWJo4dbNWXJPVlwvh4Zlq6Z7YVvL8VFxeSOJgjsx4Sg== + dependencies: + "@babel/helper-annotate-as-pure" "^7.27.3" + "@babel/helper-compilation-targets" "^7.27.2" + "@babel/helper-globals" "^7.28.0" + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-replace-supers" "^7.27.1" + "@babel/traverse" "^7.28.3" + +"@babel/plugin-transform-computed-properties@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-computed-properties/-/plugin-transform-computed-properties-7.27.1.tgz#81662e78bf5e734a97982c2b7f0a793288ef3caa" + integrity sha512-lj9PGWvMTVksbWiDT2tW68zGS/cyo4AkZ/QTp0sQT0mjPopCmrSkzxeXkznjqBxzDI6TclZhOJbBmbBLjuOZUw== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/template" "^7.27.1" + +"@babel/plugin-transform-destructuring@^7.28.0": + version "7.28.0" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.28.0.tgz#0f156588f69c596089b7d5b06f5af83d9aa7f97a" + integrity sha512-v1nrSMBiKcodhsyJ4Gf+Z0U/yawmJDBOTpEB3mcQY52r9RIyPneGyAS/yM6seP/8I+mWI3elOMtT5dB8GJVs+A== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/traverse" "^7.28.0" + +"@babel/plugin-transform-dotall-regex@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.27.1.tgz#aa6821de864c528b1fecf286f0a174e38e826f4d" + integrity sha512-gEbkDVGRvjj7+T1ivxrfgygpT7GUd4vmODtYpbs0gZATdkX8/iSnOtZSxiZnsgm1YjTgjI6VKBGSJJevkrclzw== + dependencies: + "@babel/helper-create-regexp-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-duplicate-keys@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.27.1.tgz#f1fbf628ece18e12e7b32b175940e68358f546d1" + integrity sha512-MTyJk98sHvSs+cvZ4nOauwTTG1JeonDjSGvGGUNHreGQns+Mpt6WX/dVzWBHgg+dYZhkC4X+zTDfkTU+Vy9y7Q== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-duplicate-named-capturing-groups-regex@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-duplicate-named-capturing-groups-regex/-/plugin-transform-duplicate-named-capturing-groups-regex-7.27.1.tgz#5043854ca620a94149372e69030ff8cb6a9eb0ec" + integrity sha512-hkGcueTEzuhB30B3eJCbCYeCaaEQOmQR0AdvzpD4LoN0GXMWzzGSuRrxR2xTnCrvNbVwK9N6/jQ92GSLfiZWoQ== + dependencies: + "@babel/helper-create-regexp-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-dynamic-import@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-dynamic-import/-/plugin-transform-dynamic-import-7.27.1.tgz#4c78f35552ac0e06aa1f6e3c573d67695e8af5a4" + integrity sha512-MHzkWQcEmjzzVW9j2q8LGjwGWpG2mjwaaB0BNQwst3FIjqsg8Ct/mIZlvSPJvfi9y2AC8mi/ktxbFVL9pZ1I4A== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-explicit-resource-management@^7.28.0": + version "7.28.0" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-explicit-resource-management/-/plugin-transform-explicit-resource-management-7.28.0.tgz#45be6211b778dbf4b9d54c4e8a2b42fa72e09a1a" + integrity sha512-K8nhUcn3f6iB+P3gwCv/no7OdzOZQcKchW6N389V6PD8NUWKZHzndOd9sPDVbMoBsbmjMqlB4L9fm+fEFNVlwQ== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/plugin-transform-destructuring" "^7.28.0" + +"@babel/plugin-transform-exponentiation-operator@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.27.1.tgz#fc497b12d8277e559747f5a3ed868dd8064f83e1" + integrity sha512-uspvXnhHvGKf2r4VVtBpeFnuDWsJLQ6MF6lGJLC89jBR1uoVeqM416AZtTuhTezOfgHicpJQmoD5YUakO/YmXQ== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-export-namespace-from@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-export-namespace-from/-/plugin-transform-export-namespace-from-7.27.1.tgz#71ca69d3471edd6daa711cf4dfc3400415df9c23" + integrity sha512-tQvHWSZ3/jH2xuq/vZDy0jNn+ZdXJeM8gHvX4lnJmsc3+50yPlWdZXIc5ay+umX+2/tJIqHqiEqcJvxlmIvRvQ== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-for-of@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.27.1.tgz#bc24f7080e9ff721b63a70ac7b2564ca15b6c40a" + integrity sha512-BfbWFFEJFQzLCQ5N8VocnCtA8J1CLkNTe2Ms2wocj75dd6VpiqS5Z5quTYcUoo4Yq+DN0rtikODccuv7RU81sw== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-skip-transparent-expression-wrappers" "^7.27.1" + +"@babel/plugin-transform-function-name@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-function-name/-/plugin-transform-function-name-7.27.1.tgz#4d0bf307720e4dce6d7c30fcb1fd6ca77bdeb3a7" + integrity sha512-1bQeydJF9Nr1eBCMMbC+hdwmRlsv5XYOMu03YSWFwNs0HsAmtSxxF1fyuYPqemVldVyFmlCU7w8UE14LupUSZQ== + dependencies: + "@babel/helper-compilation-targets" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/traverse" "^7.27.1" + +"@babel/plugin-transform-json-strings@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-json-strings/-/plugin-transform-json-strings-7.27.1.tgz#a2e0ce6ef256376bd527f290da023983527a4f4c" + integrity sha512-6WVLVJiTjqcQauBhn1LkICsR2H+zm62I3h9faTDKt1qP4jn2o72tSvqMwtGFKGTpojce0gJs+76eZ2uCHRZh0Q== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-literals@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-literals/-/plugin-transform-literals-7.27.1.tgz#baaefa4d10a1d4206f9dcdda50d7d5827bb70b24" + integrity sha512-0HCFSepIpLTkLcsi86GG3mTUzxV5jpmbv97hTETW3yzrAij8aqlD36toB1D0daVFJM8NK6GvKO0gslVQmm+zZA== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-logical-assignment-operators@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-logical-assignment-operators/-/plugin-transform-logical-assignment-operators-7.27.1.tgz#890cb20e0270e0e5bebe3f025b434841c32d5baa" + integrity sha512-SJvDs5dXxiae4FbSL1aBJlG4wvl594N6YEVVn9e3JGulwioy6z3oPjx/sQBO3Y4NwUu5HNix6KJ3wBZoewcdbw== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-member-expression-literals@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-member-expression-literals/-/plugin-transform-member-expression-literals-7.27.1.tgz#37b88ba594d852418e99536f5612f795f23aeaf9" + integrity sha512-hqoBX4dcZ1I33jCSWcXrP+1Ku7kdqXf1oeah7ooKOIiAdKQ+uqftgCFNOSzA5AMS2XIHEYeGFg4cKRCdpxzVOQ== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-modules-amd@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.27.1.tgz#a4145f9d87c2291fe2d05f994b65dba4e3e7196f" + integrity sha512-iCsytMg/N9/oFq6n+gFTvUYDZQOMK5kEdeYxmxt91fcJGycfxVP9CnrxoliM0oumFERba2i8ZtwRUCMhvP1LnA== + dependencies: + "@babel/helper-module-transforms" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-modules-commonjs@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.27.1.tgz#8e44ed37c2787ecc23bdc367f49977476614e832" + integrity sha512-OJguuwlTYlN0gBZFRPqwOGNWssZjfIUdS7HMYtN8c1KmwpwHFBwTeFZrg9XZa+DFTitWOW5iTAG7tyCUPsCCyw== + dependencies: + "@babel/helper-module-transforms" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-modules-systemjs@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.27.1.tgz#00e05b61863070d0f3292a00126c16c0e024c4ed" + integrity sha512-w5N1XzsRbc0PQStASMksmUeqECuzKuTJer7kFagK8AXgpCMkeDMO5S+aaFb7A51ZYDF7XI34qsTX+fkHiIm5yA== + dependencies: + "@babel/helper-module-transforms" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-validator-identifier" "^7.27.1" + "@babel/traverse" "^7.27.1" + +"@babel/plugin-transform-modules-umd@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-umd/-/plugin-transform-modules-umd-7.27.1.tgz#63f2cf4f6dc15debc12f694e44714863d34cd334" + integrity sha512-iQBE/xC5BV1OxJbp6WG7jq9IWiD+xxlZhLrdwpPkTX3ydmXdvoCpyfJN7acaIBZaOqTfr76pgzqBJflNbeRK+w== + dependencies: + "@babel/helper-module-transforms" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-named-capturing-groups-regex@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-named-capturing-groups-regex/-/plugin-transform-named-capturing-groups-regex-7.27.1.tgz#f32b8f7818d8fc0cc46ee20a8ef75f071af976e1" + integrity sha512-SstR5JYy8ddZvD6MhV0tM/j16Qds4mIpJTOd1Yu9J9pJjH93bxHECF7pgtc28XvkzTD6Pxcm/0Z73Hvk7kb3Ng== + dependencies: + "@babel/helper-create-regexp-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-new-target@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-new-target/-/plugin-transform-new-target-7.27.1.tgz#259c43939728cad1706ac17351b7e6a7bea1abeb" + integrity sha512-f6PiYeqXQ05lYq3TIfIDu/MtliKUbNwkGApPUvyo6+tc7uaR4cPjPe7DFPr15Uyycg2lZU6btZ575CuQoYh7MQ== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-nullish-coalescing-operator@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-nullish-coalescing-operator/-/plugin-transform-nullish-coalescing-operator-7.27.1.tgz#4f9d3153bf6782d73dd42785a9d22d03197bc91d" + integrity sha512-aGZh6xMo6q9vq1JGcw58lZ1Z0+i0xB2x0XaauNIUXd6O1xXc3RwoWEBlsTQrY4KQ9Jf0s5rgD6SiNkaUdJegTA== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-numeric-separator@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-numeric-separator/-/plugin-transform-numeric-separator-7.27.1.tgz#614e0b15cc800e5997dadd9bd6ea524ed6c819c6" + integrity sha512-fdPKAcujuvEChxDBJ5c+0BTaS6revLV7CJL08e4m3de8qJfNIuCc2nc7XJYOjBoTMJeqSmwXJ0ypE14RCjLwaw== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-object-rest-spread@^7.28.0": + version "7.28.0" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-object-rest-spread/-/plugin-transform-object-rest-spread-7.28.0.tgz#d23021857ffd7cd809f54d624299b8086402ed8d" + integrity sha512-9VNGikXxzu5eCiQjdE4IZn8sb9q7Xsk5EXLDBKUYg1e/Tve8/05+KJEtcxGxAgCY5t/BpKQM+JEL/yT4tvgiUA== + dependencies: + "@babel/helper-compilation-targets" "^7.27.2" + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/plugin-transform-destructuring" "^7.28.0" + "@babel/plugin-transform-parameters" "^7.27.7" + "@babel/traverse" "^7.28.0" + +"@babel/plugin-transform-object-super@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-object-super/-/plugin-transform-object-super-7.27.1.tgz#1c932cd27bf3874c43a5cac4f43ebf970c9871b5" + integrity sha512-SFy8S9plRPbIcxlJ8A6mT/CxFdJx/c04JEctz4jf8YZaVS2px34j7NXRrlGlHkN/M2gnpL37ZpGRGVFLd3l8Ng== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-replace-supers" "^7.27.1" + +"@babel/plugin-transform-optional-catch-binding@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-optional-catch-binding/-/plugin-transform-optional-catch-binding-7.27.1.tgz#84c7341ebde35ccd36b137e9e45866825072a30c" + integrity sha512-txEAEKzYrHEX4xSZN4kJ+OfKXFVSWKB2ZxM9dpcE3wT7smwkNmXo5ORRlVzMVdJbD+Q8ILTgSD7959uj+3Dm3Q== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-optional-chaining@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-optional-chaining/-/plugin-transform-optional-chaining-7.27.1.tgz#874ce3c4f06b7780592e946026eb76a32830454f" + integrity sha512-BQmKPPIuc8EkZgNKsv0X4bPmOoayeu4F1YCwx2/CfmDSXDbp7GnzlUH+/ul5VGfRg1AoFPsrIThlEBj2xb4CAg== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-skip-transparent-expression-wrappers" "^7.27.1" + +"@babel/plugin-transform-parameters@^7.27.7": + version "7.27.7" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.27.7.tgz#1fd2febb7c74e7d21cf3b05f7aebc907940af53a" + integrity sha512-qBkYTYCb76RRxUM6CcZA5KRu8K4SM8ajzVeUgVdMVO9NN9uI/GaVmBg/WKJJGnNokV9SY8FxNOVWGXzqzUidBg== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-private-methods@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-private-methods/-/plugin-transform-private-methods-7.27.1.tgz#fdacbab1c5ed81ec70dfdbb8b213d65da148b6af" + integrity sha512-10FVt+X55AjRAYI9BrdISN9/AQWHqldOeZDUoLyif1Kn05a56xVBXb8ZouL8pZ9jem8QpXaOt8TS7RHUIS+GPA== + dependencies: + "@babel/helper-create-class-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-private-property-in-object@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-private-property-in-object/-/plugin-transform-private-property-in-object-7.27.1.tgz#4dbbef283b5b2f01a21e81e299f76e35f900fb11" + integrity sha512-5J+IhqTi1XPa0DXF83jYOaARrX+41gOewWbkPyjMNRDqgOCqdffGh8L3f/Ek5utaEBZExjSAzcyjmV9SSAWObQ== + dependencies: + "@babel/helper-annotate-as-pure" "^7.27.1" + "@babel/helper-create-class-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-property-literals@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-property-literals/-/plugin-transform-property-literals-7.27.1.tgz#07eafd618800591e88073a0af1b940d9a42c6424" + integrity sha512-oThy3BCuCha8kDZ8ZkgOg2exvPYUlprMukKQXI1r1pJ47NCvxfkEy8vK+r/hT9nF0Aa4H1WUPZZjHTFtAhGfmQ== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-react-constant-elements@^7.21.3": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-constant-elements/-/plugin-transform-react-constant-elements-7.27.1.tgz#6c6b50424e749a6e48afd14cf7b92f98cb9383f9" + integrity sha512-edoidOjl/ZxvYo4lSBOQGDSyToYVkTAwyVoa2tkuYTSmjrB1+uAedoL5iROVLXkxH+vRgA7uP4tMg2pUJpZ3Ug== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-react-display-name@^7.27.1": + version "7.28.0" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-display-name/-/plugin-transform-react-display-name-7.28.0.tgz#6f20a7295fea7df42eb42fed8f896813f5b934de" + integrity sha512-D6Eujc2zMxKjfa4Zxl4GHMsmhKKZ9VpcqIchJLvwTxad9zWIYulwYItBovpDOoNLISpcZSXoDJ5gaGbQUDqViA== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-react-jsx-development@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-jsx-development/-/plugin-transform-react-jsx-development-7.27.1.tgz#47ff95940e20a3a70e68ad3d4fcb657b647f6c98" + integrity sha512-ykDdF5yI4f1WrAolLqeF3hmYU12j9ntLQl/AOG1HAS21jxyg1Q0/J/tpREuYLfatGdGmXp/3yS0ZA76kOlVq9Q== + dependencies: + "@babel/plugin-transform-react-jsx" "^7.27.1" + +"@babel/plugin-transform-react-jsx@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-jsx/-/plugin-transform-react-jsx-7.27.1.tgz#1023bc94b78b0a2d68c82b5e96aed573bcfb9db0" + integrity sha512-2KH4LWGSrJIkVf5tSiBFYuXDAoWRq2MMwgivCf+93dd0GQi8RXLjKA/0EvRnVV5G0hrHczsquXuD01L8s6dmBw== + dependencies: + "@babel/helper-annotate-as-pure" "^7.27.1" + "@babel/helper-module-imports" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/plugin-syntax-jsx" "^7.27.1" + "@babel/types" "^7.27.1" + +"@babel/plugin-transform-react-pure-annotations@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-pure-annotations/-/plugin-transform-react-pure-annotations-7.27.1.tgz#339f1ce355eae242e0649f232b1c68907c02e879" + integrity sha512-JfuinvDOsD9FVMTHpzA/pBLisxpv1aSf+OIV8lgH3MuWrks19R27e6a6DipIg4aX1Zm9Wpb04p8wljfKrVSnPA== + dependencies: + "@babel/helper-annotate-as-pure" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-regenerator@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.28.3.tgz#b8eee0f8aed37704bbcc932fd0b1a0a34d0b7344" + integrity sha512-K3/M/a4+ESb5LEldjQb+XSrpY0nF+ZBFlTCbSnKaYAMfD8v33O6PMs4uYnOk19HlcsI8WMu3McdFPTiQHF/1/A== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-regexp-modifiers@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-regexp-modifiers/-/plugin-transform-regexp-modifiers-7.27.1.tgz#df9ba5577c974e3f1449888b70b76169998a6d09" + integrity sha512-TtEciroaiODtXvLZv4rmfMhkCv8jx3wgKpL68PuiPh2M4fvz5jhsA7697N1gMvkvr/JTF13DrFYyEbY9U7cVPA== + dependencies: + "@babel/helper-create-regexp-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-reserved-words@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-reserved-words/-/plugin-transform-reserved-words-7.27.1.tgz#40fba4878ccbd1c56605a4479a3a891ac0274bb4" + integrity sha512-V2ABPHIJX4kC7HegLkYoDpfg9PVmuWy/i6vUM5eGK22bx4YVFD3M5F0QQnWQoDs6AGsUWTVOopBiMFQgHaSkVw== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-runtime@^7.25.9": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.28.3.tgz#f5990a1b2d2bde950ed493915e0719841c8d0eaa" + integrity sha512-Y6ab1kGqZ0u42Zv/4a7l0l72n9DKP/MKoKWaUSBylrhNZO2prYuqFOLbn5aW5SIFXwSH93yfjbgllL8lxuGKLg== + dependencies: + "@babel/helper-module-imports" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + babel-plugin-polyfill-corejs2 "^0.4.14" + babel-plugin-polyfill-corejs3 "^0.13.0" + babel-plugin-polyfill-regenerator "^0.6.5" + semver "^6.3.1" + +"@babel/plugin-transform-shorthand-properties@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-shorthand-properties/-/plugin-transform-shorthand-properties-7.27.1.tgz#532abdacdec87bfee1e0ef8e2fcdee543fe32b90" + integrity sha512-N/wH1vcn4oYawbJ13Y/FxcQrWk63jhfNa7jef0ih7PHSIHX2LB7GWE1rkPrOnka9kwMxb6hMl19p7lidA+EHmQ== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-spread@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-spread/-/plugin-transform-spread-7.27.1.tgz#1a264d5fc12750918f50e3fe3e24e437178abb08" + integrity sha512-kpb3HUqaILBJcRFVhFUs6Trdd4mkrzcGXss+6/mxUd273PfbWqSDHRzMT2234gIg2QYfAjvXLSquP1xECSg09Q== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-skip-transparent-expression-wrappers" "^7.27.1" + +"@babel/plugin-transform-sticky-regex@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-sticky-regex/-/plugin-transform-sticky-regex-7.27.1.tgz#18984935d9d2296843a491d78a014939f7dcd280" + integrity sha512-lhInBO5bi/Kowe2/aLdBAawijx+q1pQzicSgnkB6dUPc1+RC8QmJHKf2OjvU+NZWitguJHEaEmbV6VWEouT58g== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-template-literals@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-template-literals/-/plugin-transform-template-literals-7.27.1.tgz#1a0eb35d8bb3e6efc06c9fd40eb0bcef548328b8" + integrity sha512-fBJKiV7F2DxZUkg5EtHKXQdbsbURW3DZKQUWphDum0uRP6eHGGa/He9mc0mypL680pb+e/lDIthRohlv8NCHkg== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-typeof-symbol@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-typeof-symbol/-/plugin-transform-typeof-symbol-7.27.1.tgz#70e966bb492e03509cf37eafa6dcc3051f844369" + integrity sha512-RiSILC+nRJM7FY5srIyc4/fGIwUhyDuuBSdWn4y6yT6gm652DpCHZjIipgn6B7MQ1ITOUnAKWixEUjQRIBIcLw== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-typescript@^7.27.1": + version "7.28.0" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-typescript/-/plugin-transform-typescript-7.28.0.tgz#796cbd249ab56c18168b49e3e1d341b72af04a6b" + integrity sha512-4AEiDEBPIZvLQaWlc9liCavE0xRM0dNca41WtBeM3jgFptfUOSG9z0uteLhq6+3rq+WB6jIvUwKDTpXEHPJ2Vg== + dependencies: + "@babel/helper-annotate-as-pure" "^7.27.3" + "@babel/helper-create-class-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-skip-transparent-expression-wrappers" "^7.27.1" + "@babel/plugin-syntax-typescript" "^7.27.1" + +"@babel/plugin-transform-unicode-escapes@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-unicode-escapes/-/plugin-transform-unicode-escapes-7.27.1.tgz#3e3143f8438aef842de28816ece58780190cf806" + integrity sha512-Ysg4v6AmF26k9vpfFuTZg8HRfVWzsh1kVfowA23y9j/Gu6dOuahdUVhkLqpObp3JIv27MLSii6noRnuKN8H0Mg== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-unicode-property-regex@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-unicode-property-regex/-/plugin-transform-unicode-property-regex-7.27.1.tgz#bdfe2d3170c78c5691a3c3be934c8c0087525956" + integrity sha512-uW20S39PnaTImxp39O5qFlHLS9LJEmANjMG7SxIhap8rCHqu0Ik+tLEPX5DKmHn6CsWQ7j3lix2tFOa5YtL12Q== + dependencies: + "@babel/helper-create-regexp-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-unicode-regex@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-unicode-regex/-/plugin-transform-unicode-regex-7.27.1.tgz#25948f5c395db15f609028e370667ed8bae9af97" + integrity sha512-xvINq24TRojDuyt6JGtHmkVkrfVV3FPT16uytxImLeBZqW3/H52yN+kM1MGuyPkIQxrzKwPHs5U/MP3qKyzkGw== + dependencies: + "@babel/helper-create-regexp-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/plugin-transform-unicode-sets-regex@^7.27.1": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/plugin-transform-unicode-sets-regex/-/plugin-transform-unicode-sets-regex-7.27.1.tgz#6ab706d10f801b5c72da8bb2548561fa04193cd1" + integrity sha512-EtkOujbc4cgvb0mlpQefi4NTPBzhSIevblFevACNLUspmrALgmEBdL/XfnyyITfd8fKBZrZys92zOWcik7j9Tw== + dependencies: + "@babel/helper-create-regexp-features-plugin" "^7.27.1" + "@babel/helper-plugin-utils" "^7.27.1" + +"@babel/preset-env@^7.20.2", "@babel/preset-env@^7.25.9": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/preset-env/-/preset-env-7.28.3.tgz#2b18d9aff9e69643789057ae4b942b1654f88187" + integrity sha512-ROiDcM+GbYVPYBOeCR6uBXKkQpBExLl8k9HO1ygXEyds39j+vCCsjmj7S8GOniZQlEs81QlkdJZe76IpLSiqpg== + dependencies: + "@babel/compat-data" "^7.28.0" + "@babel/helper-compilation-targets" "^7.27.2" + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-validator-option" "^7.27.1" + "@babel/plugin-bugfix-firefox-class-in-computed-class-key" "^7.27.1" + "@babel/plugin-bugfix-safari-class-field-initializer-scope" "^7.27.1" + "@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression" "^7.27.1" + "@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining" "^7.27.1" + "@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly" "^7.28.3" + "@babel/plugin-proposal-private-property-in-object" "7.21.0-placeholder-for-preset-env.2" + "@babel/plugin-syntax-import-assertions" "^7.27.1" + "@babel/plugin-syntax-import-attributes" "^7.27.1" + "@babel/plugin-syntax-unicode-sets-regex" "^7.18.6" + "@babel/plugin-transform-arrow-functions" "^7.27.1" + "@babel/plugin-transform-async-generator-functions" "^7.28.0" + "@babel/plugin-transform-async-to-generator" "^7.27.1" + "@babel/plugin-transform-block-scoped-functions" "^7.27.1" + "@babel/plugin-transform-block-scoping" "^7.28.0" + "@babel/plugin-transform-class-properties" "^7.27.1" + "@babel/plugin-transform-class-static-block" "^7.28.3" + "@babel/plugin-transform-classes" "^7.28.3" + "@babel/plugin-transform-computed-properties" "^7.27.1" + "@babel/plugin-transform-destructuring" "^7.28.0" + "@babel/plugin-transform-dotall-regex" "^7.27.1" + "@babel/plugin-transform-duplicate-keys" "^7.27.1" + "@babel/plugin-transform-duplicate-named-capturing-groups-regex" "^7.27.1" + "@babel/plugin-transform-dynamic-import" "^7.27.1" + "@babel/plugin-transform-explicit-resource-management" "^7.28.0" + "@babel/plugin-transform-exponentiation-operator" "^7.27.1" + "@babel/plugin-transform-export-namespace-from" "^7.27.1" + "@babel/plugin-transform-for-of" "^7.27.1" + "@babel/plugin-transform-function-name" "^7.27.1" + "@babel/plugin-transform-json-strings" "^7.27.1" + "@babel/plugin-transform-literals" "^7.27.1" + "@babel/plugin-transform-logical-assignment-operators" "^7.27.1" + "@babel/plugin-transform-member-expression-literals" "^7.27.1" + "@babel/plugin-transform-modules-amd" "^7.27.1" + "@babel/plugin-transform-modules-commonjs" "^7.27.1" + "@babel/plugin-transform-modules-systemjs" "^7.27.1" + "@babel/plugin-transform-modules-umd" "^7.27.1" + "@babel/plugin-transform-named-capturing-groups-regex" "^7.27.1" + "@babel/plugin-transform-new-target" "^7.27.1" + "@babel/plugin-transform-nullish-coalescing-operator" "^7.27.1" + "@babel/plugin-transform-numeric-separator" "^7.27.1" + "@babel/plugin-transform-object-rest-spread" "^7.28.0" + "@babel/plugin-transform-object-super" "^7.27.1" + "@babel/plugin-transform-optional-catch-binding" "^7.27.1" + "@babel/plugin-transform-optional-chaining" "^7.27.1" + "@babel/plugin-transform-parameters" "^7.27.7" + "@babel/plugin-transform-private-methods" "^7.27.1" + "@babel/plugin-transform-private-property-in-object" "^7.27.1" + "@babel/plugin-transform-property-literals" "^7.27.1" + "@babel/plugin-transform-regenerator" "^7.28.3" + "@babel/plugin-transform-regexp-modifiers" "^7.27.1" + "@babel/plugin-transform-reserved-words" "^7.27.1" + "@babel/plugin-transform-shorthand-properties" "^7.27.1" + "@babel/plugin-transform-spread" "^7.27.1" + "@babel/plugin-transform-sticky-regex" "^7.27.1" + "@babel/plugin-transform-template-literals" "^7.27.1" + "@babel/plugin-transform-typeof-symbol" "^7.27.1" + "@babel/plugin-transform-unicode-escapes" "^7.27.1" + "@babel/plugin-transform-unicode-property-regex" "^7.27.1" + "@babel/plugin-transform-unicode-regex" "^7.27.1" + "@babel/plugin-transform-unicode-sets-regex" "^7.27.1" + "@babel/preset-modules" "0.1.6-no-external-plugins" + babel-plugin-polyfill-corejs2 "^0.4.14" + babel-plugin-polyfill-corejs3 "^0.13.0" + babel-plugin-polyfill-regenerator "^0.6.5" + core-js-compat "^3.43.0" + semver "^6.3.1" + +"@babel/preset-modules@0.1.6-no-external-plugins": + version "0.1.6-no-external-plugins" + resolved "https://registry.yarnpkg.com/@babel/preset-modules/-/preset-modules-0.1.6-no-external-plugins.tgz#ccb88a2c49c817236861fee7826080573b8a923a" + integrity sha512-HrcgcIESLm9aIR842yhJ5RWan/gebQUJ6E/E5+rf0y9o6oj7w0Br+sWuL6kEQ/o/AdfvR1Je9jG18/gnpwjEyA== + dependencies: + "@babel/helper-plugin-utils" "^7.0.0" + "@babel/types" "^7.4.4" + esutils "^2.0.2" + +"@babel/preset-react@^7.18.6", "@babel/preset-react@^7.25.9": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/preset-react/-/preset-react-7.27.1.tgz#86ea0a5ca3984663f744be2fd26cb6747c3fd0ec" + integrity sha512-oJHWh2gLhU9dW9HHr42q0cI0/iHHXTLGe39qvpAZZzagHy0MzYLCnCVV0symeRvzmjHyVU7mw2K06E6u/JwbhA== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-validator-option" "^7.27.1" + "@babel/plugin-transform-react-display-name" "^7.27.1" + "@babel/plugin-transform-react-jsx" "^7.27.1" + "@babel/plugin-transform-react-jsx-development" "^7.27.1" + "@babel/plugin-transform-react-pure-annotations" "^7.27.1" + +"@babel/preset-typescript@^7.21.0", "@babel/preset-typescript@^7.25.9": + version "7.27.1" + resolved "https://registry.yarnpkg.com/@babel/preset-typescript/-/preset-typescript-7.27.1.tgz#190742a6428d282306648a55b0529b561484f912" + integrity sha512-l7WfQfX0WK4M0v2RudjuQK4u99BS6yLHYEmdtVPP7lKV013zr9DygFuWNlnbvQ9LR+LS0Egz/XAvGx5U9MX0fQ== + dependencies: + "@babel/helper-plugin-utils" "^7.27.1" + "@babel/helper-validator-option" "^7.27.1" + "@babel/plugin-syntax-jsx" "^7.27.1" + "@babel/plugin-transform-modules-commonjs" "^7.27.1" + "@babel/plugin-transform-typescript" "^7.27.1" + +"@babel/runtime-corejs3@^7.25.9": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/runtime-corejs3/-/runtime-corejs3-7.28.3.tgz#8a993bea33c4f03b02b95ca9164dad26aaca125d" + integrity sha512-LKYxD2CIfocUFNREQ1yk+dW+8OH8CRqmgatBZYXb+XhuObO8wsDpEoCNri5bKld9cnj8xukqZjxSX8p1YiRF8Q== + dependencies: + core-js-pure "^3.43.0" + +"@babel/runtime@^7.1.2", "@babel/runtime@^7.10.3", "@babel/runtime@^7.12.13", "@babel/runtime@^7.12.5", "@babel/runtime@^7.18.3", "@babel/runtime@^7.25.9", "@babel/runtime@^7.28.3", "@babel/runtime@^7.5.5", "@babel/runtime@^7.8.7": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.28.3.tgz#75c5034b55ba868121668be5d5bb31cc64e6e61a" + integrity sha512-9uIQ10o0WGdpP6GDhXcdOJPJuDgFtIDtN/9+ArJQ2NAfAmiuhTQdzkaTGR33v43GYS2UrSA0eX2pPPHoFVvpxA== + +"@babel/template@^7.27.1", "@babel/template@^7.27.2": + version "7.27.2" + resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.27.2.tgz#fa78ceed3c4e7b63ebf6cb39e5852fca45f6809d" + integrity sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw== + dependencies: + "@babel/code-frame" "^7.27.1" + "@babel/parser" "^7.27.2" + "@babel/types" "^7.27.1" + +"@babel/traverse@^7.25.9", "@babel/traverse@^7.27.1", "@babel/traverse@^7.28.0", "@babel/traverse@^7.28.3": + version "7.28.3" + resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.28.3.tgz#6911a10795d2cce43ec6a28cffc440cca2593434" + integrity sha512-7w4kZYHneL3A6NP2nxzHvT3HCZ7puDZZjFMqDpBPECub79sTtSO5CGXDkKrTQq8ksAwfD/XI2MRFX23njdDaIQ== + dependencies: + "@babel/code-frame" "^7.27.1" + "@babel/generator" "^7.28.3" + "@babel/helper-globals" "^7.28.0" + "@babel/parser" "^7.28.3" + "@babel/template" "^7.27.2" + "@babel/types" "^7.28.2" + debug "^4.3.1" + +"@babel/types@^7.21.3", "@babel/types@^7.27.1", "@babel/types@^7.27.3", "@babel/types@^7.28.2", "@babel/types@^7.4.4": + version "7.28.2" + resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.28.2.tgz#da9db0856a9a88e0a13b019881d7513588cf712b" + integrity sha512-ruv7Ae4J5dUYULmeXw1gmb7rYRz57OWCPM57pHojnLq/3Z1CK2lNSLTCVjxVk1F/TZHwOZZrOWi0ur95BbLxNQ== + dependencies: + "@babel/helper-string-parser" "^7.27.1" + "@babel/helper-validator-identifier" "^7.27.1" + +"@colors/colors@1.5.0": + version "1.5.0" + resolved "https://registry.yarnpkg.com/@colors/colors/-/colors-1.5.0.tgz#bb504579c1cae923e6576a4f5da43d25f97bdbd9" + integrity sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ== + +"@csstools/cascade-layer-name-parser@^2.0.5": + version "2.0.5" + resolved "https://registry.yarnpkg.com/@csstools/cascade-layer-name-parser/-/cascade-layer-name-parser-2.0.5.tgz#43f962bebead0052a9fed1a2deeb11f85efcbc72" + integrity sha512-p1ko5eHgV+MgXFVa4STPKpvPxr6ReS8oS2jzTukjR74i5zJNyWO1ZM1m8YKBXnzDKWfBN1ztLYlHxbVemDD88A== + +"@csstools/color-helpers@^5.1.0": + version "5.1.0" + resolved "https://registry.yarnpkg.com/@csstools/color-helpers/-/color-helpers-5.1.0.tgz#106c54c808cabfd1ab4c602d8505ee584c2996ef" + integrity sha512-S11EXWJyy0Mz5SYvRmY8nJYTFFd1LCNV+7cXyAgQtOOuzb4EsgfqDufL+9esx72/eLhsRdGZwaldu/h+E4t4BA== + +"@csstools/css-calc@^2.1.4": + version "2.1.4" + resolved "https://registry.yarnpkg.com/@csstools/css-calc/-/css-calc-2.1.4.tgz#8473f63e2fcd6e459838dd412401d5948f224c65" + integrity sha512-3N8oaj+0juUw/1H3YwmDDJXCgTB1gKU6Hc/bB502u9zR0q2vd786XJH9QfrKIEgFlZmhZiq6epXl4rHqhzsIgQ== + +"@csstools/css-color-parser@^3.1.0": + version "3.1.0" + resolved "https://registry.yarnpkg.com/@csstools/css-color-parser/-/css-color-parser-3.1.0.tgz#4e386af3a99dd36c46fef013cfe4c1c341eed6f0" + integrity sha512-nbtKwh3a6xNVIp/VRuXV64yTKnb1IjTAEEh3irzS+HkKjAOYLTGNb9pmVNntZ8iVBHcWDA2Dof0QtPgFI1BaTA== + dependencies: + "@csstools/color-helpers" "^5.1.0" + "@csstools/css-calc" "^2.1.4" + +"@csstools/css-parser-algorithms@^3.0.5": + version "3.0.5" + resolved "https://registry.yarnpkg.com/@csstools/css-parser-algorithms/-/css-parser-algorithms-3.0.5.tgz#5755370a9a29abaec5515b43c8b3f2cf9c2e3076" + integrity sha512-DaDeUkXZKjdGhgYaHNJTV9pV7Y9B3b644jCLs9Upc3VeNGg6LWARAT6O+Q+/COo+2gg/bM5rhpMAtf70WqfBdQ== + +"@csstools/css-tokenizer@^3.0.4": + version "3.0.4" + resolved "https://registry.yarnpkg.com/@csstools/css-tokenizer/-/css-tokenizer-3.0.4.tgz#333fedabc3fd1a8e5d0100013731cf19e6a8c5d3" + integrity sha512-Vd/9EVDiu6PPJt9yAh6roZP6El1xHrdvIVGjyBsHR0RYwNHgL7FJPyIIW4fANJNG6FtyZfvlRPpFI4ZM/lubvw== + +"@csstools/media-query-list-parser@^4.0.3": + version "4.0.3" + resolved "https://registry.yarnpkg.com/@csstools/media-query-list-parser/-/media-query-list-parser-4.0.3.tgz#7aec77bcb89c2da80ef207e73f474ef9e1b3cdf1" + integrity sha512-HAYH7d3TLRHDOUQK4mZKf9k9Ph/m8Akstg66ywKR4SFAigjs3yBiUeZtFxywiTm5moZMAp/5W/ZuFnNXXYLuuQ== + +"@csstools/postcss-alpha-function@^1.0.0": + version "1.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-alpha-function/-/postcss-alpha-function-1.0.0.tgz#8764fbbf25a5f1e106fb623ae632e01a220a6fc2" + integrity sha512-r2L8KNg5Wriq5n8IUQcjzy2Rh37J5YjzP9iOyHZL5fxdWYHB08vqykHQa4wAzN/tXwDuCHnhQDGCtxfS76xn7g== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-cascade-layers@^5.0.2": + version "5.0.2" + resolved "https://registry.yarnpkg.com/@csstools/postcss-cascade-layers/-/postcss-cascade-layers-5.0.2.tgz#dd2c70db3867b88975f2922da3bfbae7d7a2cae7" + integrity sha512-nWBE08nhO8uWl6kSAeCx4im7QfVko3zLrtgWZY4/bP87zrSPpSyN/3W3TDqz1jJuH+kbKOHXg5rJnK+ZVYcFFg== + dependencies: + "@csstools/selector-specificity" "^5.0.0" + postcss-selector-parser "^7.0.0" + +"@csstools/postcss-color-function-display-p3-linear@^1.0.0": + version "1.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-color-function-display-p3-linear/-/postcss-color-function-display-p3-linear-1.0.0.tgz#27395b62a5d9a108eefcc0eb463247a15f4269a1" + integrity sha512-7q+OuUqfowRrP84m/Jl0wv3pfCQyUTCW5MxDIux+/yty5IkUUHOTigCjrC0Fjy3OT0ncGLudHbfLWmP7E1arNA== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-color-function@^4.0.11": + version "4.0.11" + resolved "https://registry.yarnpkg.com/@csstools/postcss-color-function/-/postcss-color-function-4.0.11.tgz#03c34a51dc00943a6674294fb1163e7af9e87ffd" + integrity sha512-AtH22zLHTLm64HLdpv5EedT/zmYTm1MtdQbQhRZXxEB6iYtS6SrS1jLX3TcmUWMFzpumK/OVylCm3HcLms4slw== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-color-mix-function@^3.0.11": + version "3.0.11" + resolved "https://registry.yarnpkg.com/@csstools/postcss-color-mix-function/-/postcss-color-mix-function-3.0.11.tgz#6db0a1c749fabaf2bf978b37044700d1c1b09fc2" + integrity sha512-cQpXBelpTx0YhScZM5Ve0jDCA4RzwFc7oNafzZOGgCHt/GQVYiU8Vevz9QJcwy/W0Pyi/BneY+KMjz23lI9r+Q== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-color-mix-variadic-function-arguments@^1.0.1": + version "1.0.1" + resolved "https://registry.yarnpkg.com/@csstools/postcss-color-mix-variadic-function-arguments/-/postcss-color-mix-variadic-function-arguments-1.0.1.tgz#2dd9d66ded0d41cd7b2c13a1188f03e894c17d7e" + integrity sha512-c7hyBtbF+jlHIcUGVdWY06bHICgguV9ypfcELU3eU3W/9fiz2dxM8PqxQk2ndXYTzLnwPvNNqu1yCmQ++N6Dcg== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-content-alt-text@^2.0.7": + version "2.0.7" + resolved "https://registry.yarnpkg.com/@csstools/postcss-content-alt-text/-/postcss-content-alt-text-2.0.7.tgz#ac0a263e8acb0be99cdcfc0b1792c62141825747" + integrity sha512-cq/zWaEkpcg3RttJ5+GdNwk26NwxY5KgqgtNL777Fdd28AVGHxuBvqmK4Jq4oKhW1NX4M2LbgYAVVN0NZ+/XYQ== + dependencies: + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-exponential-functions@^2.0.9": + version "2.0.9" + resolved "https://registry.yarnpkg.com/@csstools/postcss-exponential-functions/-/postcss-exponential-functions-2.0.9.tgz#fc03d1272888cb77e64cc1a7d8a33016e4f05c69" + integrity sha512-abg2W/PI3HXwS/CZshSa79kNWNZHdJPMBXeZNyPQFbbj8sKO3jXxOt/wF7juJVjyDTc6JrvaUZYFcSBZBhaxjw== + dependencies: + "@csstools/css-calc" "^2.1.4" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + +"@csstools/postcss-font-format-keywords@^4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-font-format-keywords/-/postcss-font-format-keywords-4.0.0.tgz#6730836eb0153ff4f3840416cc2322f129c086e6" + integrity sha512-usBzw9aCRDvchpok6C+4TXC57btc4bJtmKQWOHQxOVKen1ZfVqBUuCZ/wuqdX5GHsD0NRSr9XTP+5ID1ZZQBXw== + dependencies: + "@csstools/utilities" "^2.0.0" + postcss-value-parser "^4.2.0" + +"@csstools/postcss-gamut-mapping@^2.0.11": + version "2.0.11" + resolved "https://registry.yarnpkg.com/@csstools/postcss-gamut-mapping/-/postcss-gamut-mapping-2.0.11.tgz#be0e34c9f0142852cccfc02b917511f0d677db8b" + integrity sha512-fCpCUgZNE2piVJKC76zFsgVW1apF6dpYsqGyH8SIeCcM4pTEsRTWTLCaJIMKFEundsCKwY1rwfhtrio04RJ4Dw== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + +"@csstools/postcss-gradients-interpolation-method@^5.0.11": + version "5.0.11" + resolved "https://registry.yarnpkg.com/@csstools/postcss-gradients-interpolation-method/-/postcss-gradients-interpolation-method-5.0.11.tgz#f1c5c431a44ed9655cb408aea8666ed2c5250490" + integrity sha512-8M3mcNTL3cGIJXDnvrJ2oWEcKi3zyw7NeYheFKePUlBmLYm1gkw9Rr/BA7lFONrOPeQA3yeMPldrrws6lqHrug== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-hwb-function@^4.0.11": + version "4.0.11" + resolved "https://registry.yarnpkg.com/@csstools/postcss-hwb-function/-/postcss-hwb-function-4.0.11.tgz#4bb173f1c8c2361bf46a842a948ee687471ae4ea" + integrity sha512-9meZbsVWTZkWsSBazQips3cHUOT29a/UAwFz0AMEXukvpIGGDR9+GMl3nIckWO5sPImsadu4F5Zy+zjt8QgCdA== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-ic-unit@^4.0.3": + version "4.0.3" + resolved "https://registry.yarnpkg.com/@csstools/postcss-ic-unit/-/postcss-ic-unit-4.0.3.tgz#ba0375e9d346e6e5a42dc8c2cb1133b2262f9ffa" + integrity sha512-RtYYm2qUIu9vAaHB0cC8rQGlOCQAUgEc2tMr7ewlGXYipBQKjoWmyVArqsk7SEr8N3tErq6P6UOJT3amaVof5Q== + dependencies: + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + postcss-value-parser "^4.2.0" + +"@csstools/postcss-initial@^2.0.1": + version "2.0.1" + resolved "https://registry.yarnpkg.com/@csstools/postcss-initial/-/postcss-initial-2.0.1.tgz#c385bd9d8ad31ad159edd7992069e97ceea4d09a" + integrity sha512-L1wLVMSAZ4wovznquK0xmC7QSctzO4D0Is590bxpGqhqjboLXYA16dWZpfwImkdOgACdQ9PqXsuRroW6qPlEsg== + +"@csstools/postcss-is-pseudo-class@^5.0.3": + version "5.0.3" + resolved "https://registry.yarnpkg.com/@csstools/postcss-is-pseudo-class/-/postcss-is-pseudo-class-5.0.3.tgz#d34e850bcad4013c2ed7abe948bfa0448aa8eb74" + integrity sha512-jS/TY4SpG4gszAtIg7Qnf3AS2pjcUM5SzxpApOrlndMeGhIbaTzWBzzP/IApXoNWEW7OhcjkRT48jnAUIFXhAQ== + dependencies: + "@csstools/selector-specificity" "^5.0.0" + postcss-selector-parser "^7.0.0" + +"@csstools/postcss-light-dark-function@^2.0.10": + version "2.0.10" + resolved "https://registry.yarnpkg.com/@csstools/postcss-light-dark-function/-/postcss-light-dark-function-2.0.10.tgz#b606f13d1f81efd297763c6ad1ac515c3ca4165b" + integrity sha512-g7Lwb294lSoNnyrwcqoooh9fTAp47rRNo+ILg7SLRSMU3K9ePIwRt566sNx+pehiCelv4E1ICaU1EwLQuyF2qw== + dependencies: + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-logical-float-and-clear@^3.0.0": + version "3.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-logical-float-and-clear/-/postcss-logical-float-and-clear-3.0.0.tgz#62617564182cf86ab5d4e7485433ad91e4c58571" + integrity sha512-SEmaHMszwakI2rqKRJgE+8rpotFfne1ZS6bZqBoQIicFyV+xT1UF42eORPxJkVJVrH9C0ctUgwMSn3BLOIZldQ== + +"@csstools/postcss-logical-overflow@^2.0.0": + version "2.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-logical-overflow/-/postcss-logical-overflow-2.0.0.tgz#c6de7c5f04e3d4233731a847f6c62819bcbcfa1d" + integrity sha512-spzR1MInxPuXKEX2csMamshR4LRaSZ3UXVaRGjeQxl70ySxOhMpP2252RAFsg8QyyBXBzuVOOdx1+bVO5bPIzA== + +"@csstools/postcss-logical-overscroll-behavior@^2.0.0": + version "2.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-logical-overscroll-behavior/-/postcss-logical-overscroll-behavior-2.0.0.tgz#43c03eaecdf34055ef53bfab691db6dc97a53d37" + integrity sha512-e/webMjoGOSYfqLunyzByZj5KKe5oyVg/YSbie99VEaSDE2kimFm0q1f6t/6Jo+VVCQ/jbe2Xy+uX+C4xzWs4w== + +"@csstools/postcss-logical-resize@^3.0.0": + version "3.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-logical-resize/-/postcss-logical-resize-3.0.0.tgz#4df0eeb1a61d7bd85395e56a5cce350b5dbfdca6" + integrity sha512-DFbHQOFW/+I+MY4Ycd/QN6Dg4Hcbb50elIJCfnwkRTCX05G11SwViI5BbBlg9iHRl4ytB7pmY5ieAFk3ws7yyg== + dependencies: + postcss-value-parser "^4.2.0" + +"@csstools/postcss-logical-viewport-units@^3.0.4": + version "3.0.4" + resolved "https://registry.yarnpkg.com/@csstools/postcss-logical-viewport-units/-/postcss-logical-viewport-units-3.0.4.tgz#016d98a8b7b5f969e58eb8413447eb801add16fc" + integrity sha512-q+eHV1haXA4w9xBwZLKjVKAWn3W2CMqmpNpZUk5kRprvSiBEGMgrNH3/sJZ8UA3JgyHaOt3jwT9uFa4wLX4EqQ== + dependencies: + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-media-minmax@^2.0.9": + version "2.0.9" + resolved "https://registry.yarnpkg.com/@csstools/postcss-media-minmax/-/postcss-media-minmax-2.0.9.tgz#184252d5b93155ae526689328af6bdf3fc113987" + integrity sha512-af9Qw3uS3JhYLnCbqtZ9crTvvkR+0Se+bBqSr7ykAnl9yKhk6895z9rf+2F4dClIDJWxgn0iZZ1PSdkhrbs2ig== + dependencies: + "@csstools/css-calc" "^2.1.4" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/media-query-list-parser" "^4.0.3" + +"@csstools/postcss-media-queries-aspect-ratio-number-values@^3.0.5": + version "3.0.5" + resolved "https://registry.yarnpkg.com/@csstools/postcss-media-queries-aspect-ratio-number-values/-/postcss-media-queries-aspect-ratio-number-values-3.0.5.tgz#f485c31ec13d6b0fb5c528a3474334a40eff5f11" + integrity sha512-zhAe31xaaXOY2Px8IYfoVTB3wglbJUVigGphFLj6exb7cjZRH9A6adyE22XfFK3P2PzwRk0VDeTJmaxpluyrDg== + dependencies: + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/media-query-list-parser" "^4.0.3" + +"@csstools/postcss-nested-calc@^4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-nested-calc/-/postcss-nested-calc-4.0.0.tgz#754e10edc6958d664c11cde917f44ba144141c62" + integrity sha512-jMYDdqrQQxE7k9+KjstC3NbsmC063n1FTPLCgCRS2/qHUbHM0mNy9pIn4QIiQGs9I/Bg98vMqw7mJXBxa0N88A== + dependencies: + "@csstools/utilities" "^2.0.0" + postcss-value-parser "^4.2.0" + +"@csstools/postcss-normalize-display-values@^4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-normalize-display-values/-/postcss-normalize-display-values-4.0.0.tgz#ecdde2daf4e192e5da0c6fd933b6d8aff32f2a36" + integrity sha512-HlEoG0IDRoHXzXnkV4in47dzsxdsjdz6+j7MLjaACABX2NfvjFS6XVAnpaDyGesz9gK2SC7MbNwdCHusObKJ9Q== + dependencies: + postcss-value-parser "^4.2.0" + +"@csstools/postcss-oklab-function@^4.0.11": + version "4.0.11" + resolved "https://registry.yarnpkg.com/@csstools/postcss-oklab-function/-/postcss-oklab-function-4.0.11.tgz#d69242a9b027dda731bd79db7293bc938bb6df97" + integrity sha512-9f03ZGxZ2VmSCrM4SDXlAYP+Xpu4VFzemfQUQFL9OYxAbpvDy0FjDipZ0i8So1pgs8VIbQI0bNjFWgfdpGw8ig== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-progressive-custom-properties@^4.2.0": + version "4.2.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-progressive-custom-properties/-/postcss-progressive-custom-properties-4.2.0.tgz#7f15349c2cd108478d28e1503c660d4037925030" + integrity sha512-fWCXRasX17N1NCPTCuwC3FJDV+Wc031f16cFuuMEfIsYJ1q5ABCa59W0C6VeMGqjNv6ldf37vvwXXAeaZjD9PA== + dependencies: + postcss-value-parser "^4.2.0" + +"@csstools/postcss-random-function@^2.0.1": + version "2.0.1" + resolved "https://registry.yarnpkg.com/@csstools/postcss-random-function/-/postcss-random-function-2.0.1.tgz#3191f32fe72936e361dadf7dbfb55a0209e2691e" + integrity sha512-q+FQaNiRBhnoSNo+GzqGOIBKoHQ43lYz0ICrV+UudfWnEF6ksS6DsBIJSISKQT2Bvu3g4k6r7t0zYrk5pDlo8w== + dependencies: + "@csstools/css-calc" "^2.1.4" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + +"@csstools/postcss-relative-color-syntax@^3.0.11": + version "3.0.11" + resolved "https://registry.yarnpkg.com/@csstools/postcss-relative-color-syntax/-/postcss-relative-color-syntax-3.0.11.tgz#d81d59ff123fa5f3e4a0493b1e2b0585353bb541" + integrity sha512-oQ5fZvkcBrWR+k6arHXk0F8FlkmD4IxM+rcGDLWrF2f31tWyEM3lSraeWAV0f7BGH6LIrqmyU3+Qo/1acfoJng== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +"@csstools/postcss-scope-pseudo-class@^4.0.1": + version "4.0.1" + resolved "https://registry.yarnpkg.com/@csstools/postcss-scope-pseudo-class/-/postcss-scope-pseudo-class-4.0.1.tgz#9fe60e9d6d91d58fb5fc6c768a40f6e47e89a235" + integrity sha512-IMi9FwtH6LMNuLea1bjVMQAsUhFxJnyLSgOp/cpv5hrzWmrUYU5fm0EguNDIIOHUqzXode8F/1qkC/tEo/qN8Q== + dependencies: + postcss-selector-parser "^7.0.0" + +"@csstools/postcss-sign-functions@^1.1.4": + version "1.1.4" + resolved "https://registry.yarnpkg.com/@csstools/postcss-sign-functions/-/postcss-sign-functions-1.1.4.tgz#a9ac56954014ae4c513475b3f1b3e3424a1e0c12" + integrity sha512-P97h1XqRPcfcJndFdG95Gv/6ZzxUBBISem0IDqPZ7WMvc/wlO+yU0c5D/OCpZ5TJoTt63Ok3knGk64N+o6L2Pg== + dependencies: + "@csstools/css-calc" "^2.1.4" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + +"@csstools/postcss-stepped-value-functions@^4.0.9": + version "4.0.9" + resolved "https://registry.yarnpkg.com/@csstools/postcss-stepped-value-functions/-/postcss-stepped-value-functions-4.0.9.tgz#36036f1a0e5e5ee2308e72f3c9cb433567c387b9" + integrity sha512-h9btycWrsex4dNLeQfyU3y3w40LMQooJWFMm/SK9lrKguHDcFl4VMkncKKoXi2z5rM9YGWbUQABI8BT2UydIcA== + dependencies: + "@csstools/css-calc" "^2.1.4" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + +"@csstools/postcss-text-decoration-shorthand@^4.0.3": + version "4.0.3" + resolved "https://registry.yarnpkg.com/@csstools/postcss-text-decoration-shorthand/-/postcss-text-decoration-shorthand-4.0.3.tgz#fae1b70f07d1b7beb4c841c86d69e41ecc6f743c" + integrity sha512-KSkGgZfx0kQjRIYnpsD7X2Om9BUXX/Kii77VBifQW9Ih929hK0KNjVngHDH0bFB9GmfWcR9vJYJJRvw/NQjkrA== + dependencies: + "@csstools/color-helpers" "^5.1.0" + postcss-value-parser "^4.2.0" + +"@csstools/postcss-trigonometric-functions@^4.0.9": + version "4.0.9" + resolved "https://registry.yarnpkg.com/@csstools/postcss-trigonometric-functions/-/postcss-trigonometric-functions-4.0.9.tgz#3f94ed2e319b57f2c59720b64e4d0a8a6fb8c3b2" + integrity sha512-Hnh5zJUdpNrJqK9v1/E3BbrQhaDTj5YiX7P61TOvUhoDHnUmsNNxcDAgkQ32RrcWx9GVUvfUNPcUkn8R3vIX6A== + dependencies: + "@csstools/css-calc" "^2.1.4" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + +"@csstools/postcss-unset-value@^4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@csstools/postcss-unset-value/-/postcss-unset-value-4.0.0.tgz#7caa981a34196d06a737754864baf77d64de4bba" + integrity sha512-cBz3tOCI5Fw6NIFEwU3RiwK6mn3nKegjpJuzCndoGq3BZPkUjnsq7uQmIeMNeMbMk7YD2MfKcgCpZwX5jyXqCA== + +"@csstools/selector-resolve-nested@^3.1.0": + version "3.1.0" + resolved "https://registry.yarnpkg.com/@csstools/selector-resolve-nested/-/selector-resolve-nested-3.1.0.tgz#848c6f44cb65e3733e478319b9342b7aa436fac7" + integrity sha512-mf1LEW0tJLKfWyvn5KdDrhpxHyuxpbNwTIwOYLIvsTffeyOf85j5oIzfG0yosxDgx/sswlqBnESYUcQH0vgZ0g== + +"@csstools/selector-specificity@^5.0.0": + version "5.0.0" + resolved "https://registry.yarnpkg.com/@csstools/selector-specificity/-/selector-specificity-5.0.0.tgz#037817b574262134cabd68fc4ec1a454f168407b" + integrity sha512-PCqQV3c4CoVm3kdPhyeZ07VmBRdH2EpMFA/pd9OASpOEC3aXNGoqPDAZ80D0cLpMBxnmk0+yNhGsEx31hq7Gtw== + +"@csstools/utilities@^2.0.0": + version "2.0.0" + resolved "https://registry.yarnpkg.com/@csstools/utilities/-/utilities-2.0.0.tgz#f7ff0fee38c9ffb5646d47b6906e0bc8868bde60" + integrity sha512-5VdOr0Z71u+Yp3ozOx8T11N703wIFGVRgOWbOZMKgglPJsWA54MRIoMNVMa7shUToIhx5J8vX4sOZgD2XiihiQ== + +"@discoveryjs/json-ext@0.5.7": + version "0.5.7" + resolved "https://registry.yarnpkg.com/@discoveryjs/json-ext/-/json-ext-0.5.7.tgz#1d572bfbbe14b7704e0ba0f39b74815b84870d70" + integrity sha512-dBVuXR082gk3jsFp7Rd/JI4kytwGHecnCoTtXFb7DB6CNHp4rg5k1bhg0nWdLGLnOV71lmDzGQaLMy8iPLY0pw== + +"@docsearch/css@3.9.0": + version "3.9.0" + resolved "https://registry.yarnpkg.com/@docsearch/css/-/css-3.9.0.tgz#3bc29c96bf024350d73b0cfb7c2a7b71bf251cd5" + integrity sha512-cQbnVbq0rrBwNAKegIac/t6a8nWoUAn8frnkLFW6YARaRmAQr5/Eoe6Ln2fqkUCZ40KpdrKbpSAmgrkviOxuWA== + +"@docsearch/react@^3.9.0": + version "3.9.0" + resolved "https://registry.yarnpkg.com/@docsearch/react/-/react-3.9.0.tgz#d0842b700c3ee26696786f3c8ae9f10c1a3f0db3" + integrity sha512-mb5FOZYZIkRQ6s/NWnM98k879vu5pscWqTLubLFBO87igYYT4VzVazh4h5o/zCvTIZgEt3PvsCOMOswOUo9yHQ== + dependencies: + "@algolia/autocomplete-core" "1.17.9" + "@algolia/autocomplete-preset-algolia" "1.17.9" + "@docsearch/css" "3.9.0" + algoliasearch "^5.14.2" + +"@docusaurus/babel@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/babel/-/babel-3.8.1.tgz#db329ac047184214e08e2dbc809832c696c18506" + integrity sha512-3brkJrml8vUbn9aeoZUlJfsI/GqyFcDgQJwQkmBtclJgWDEQBKKeagZfOgx0WfUQhagL1sQLNW0iBdxnI863Uw== + dependencies: + "@babel/core" "^7.25.9" + "@babel/generator" "^7.25.9" + "@babel/plugin-syntax-dynamic-import" "^7.8.3" + "@babel/plugin-transform-runtime" "^7.25.9" + "@babel/preset-env" "^7.25.9" + "@babel/preset-react" "^7.25.9" + "@babel/preset-typescript" "^7.25.9" + "@babel/runtime" "^7.25.9" + "@babel/runtime-corejs3" "^7.25.9" + "@babel/traverse" "^7.25.9" + "@docusaurus/logger" "3.8.1" + "@docusaurus/utils" "3.8.1" + babel-plugin-dynamic-import-node "^2.3.3" + fs-extra "^11.1.1" + tslib "^2.6.0" + +"@docusaurus/bundler@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/bundler/-/bundler-3.8.1.tgz#e2b11d615f09a6e470774bb36441b8d06736b94c" + integrity sha512-/z4V0FRoQ0GuSLToNjOSGsk6m2lQUG4FRn8goOVoZSRsTrU8YR2aJacX5K3RG18EaX9b+52pN4m1sL3MQZVsQA== + dependencies: + "@babel/core" "^7.25.9" + "@docusaurus/babel" "3.8.1" + "@docusaurus/cssnano-preset" "3.8.1" + "@docusaurus/logger" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils" "3.8.1" + babel-loader "^9.2.1" + clean-css "^5.3.3" + copy-webpack-plugin "^11.0.0" + css-loader "^6.11.0" + css-minimizer-webpack-plugin "^5.0.1" + cssnano "^6.1.2" + file-loader "^6.2.0" + html-minifier-terser "^7.2.0" + mini-css-extract-plugin "^2.9.2" + null-loader "^4.0.1" + postcss "^8.5.4" + postcss-loader "^7.3.4" + postcss-preset-env "^10.2.1" + terser-webpack-plugin "^5.3.9" + tslib "^2.6.0" + url-loader "^4.1.1" + webpack "^5.95.0" + webpackbar "^6.0.1" + +"@docusaurus/core@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/core/-/core-3.8.1.tgz#c22e47c16a22cb7d245306c64bc54083838ff3db" + integrity sha512-ENB01IyQSqI2FLtOzqSI3qxG2B/jP4gQPahl2C3XReiLebcVh5B5cB9KYFvdoOqOWPyr5gXK4sjgTKv7peXCrA== + dependencies: + "@docusaurus/babel" "3.8.1" + "@docusaurus/bundler" "3.8.1" + "@docusaurus/logger" "3.8.1" + "@docusaurus/mdx-loader" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-common" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + boxen "^6.2.1" + chalk "^4.1.2" + chokidar "^3.5.3" + cli-table3 "^0.6.3" + combine-promises "^1.1.0" + commander "^5.1.0" + core-js "^3.31.1" + detect-port "^1.5.1" + escape-html "^1.0.3" + eta "^2.2.0" + eval "^0.1.8" + execa "5.1.1" + fs-extra "^11.1.1" + html-tags "^3.3.1" + html-webpack-plugin "^5.6.0" + leven "^3.1.0" + lodash "^4.17.21" + open "^8.4.0" + p-map "^4.0.0" + prompts "^2.4.2" + react-helmet-async "npm:@slorber/react-helmet-async@1.3.0" + react-loadable "npm:@docusaurus/react-loadable@6.0.0" + react-loadable-ssr-addon-v5-slorber "^1.0.1" + react-router "^5.3.4" + react-router-config "^5.1.1" + react-router-dom "^5.3.4" + semver "^7.5.4" + serve-handler "^6.1.6" + tinypool "^1.0.2" + tslib "^2.6.0" + update-notifier "^6.0.2" + webpack "^5.95.0" + webpack-bundle-analyzer "^4.10.2" + webpack-dev-server "^4.15.2" + webpack-merge "^6.0.1" + +"@docusaurus/cssnano-preset@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/cssnano-preset/-/cssnano-preset-3.8.1.tgz#bd55026251a6ab8e2194839a2042458ef9880c44" + integrity sha512-G7WyR2N6SpyUotqhGznERBK+x84uyhfMQM2MmDLs88bw4Flom6TY46HzkRkSEzaP9j80MbTN8naiL1fR17WQug== + dependencies: + cssnano-preset-advanced "^6.1.2" + postcss "^8.5.4" + postcss-sort-media-queries "^5.2.0" + tslib "^2.6.0" + +"@docusaurus/logger@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/logger/-/logger-3.8.1.tgz#45321b2e2e14695d0dbd8b4104ea7b0fbaa98700" + integrity sha512-2wjeGDhKcExEmjX8k1N/MRDiPKXGF2Pg+df/bDDPnnJWHXnVEZxXj80d6jcxp1Gpnksl0hF8t/ZQw9elqj2+ww== + dependencies: + chalk "^4.1.2" + tslib "^2.6.0" + +"@docusaurus/mdx-loader@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/mdx-loader/-/mdx-loader-3.8.1.tgz#74309b3614bbcef1d55fb13e6cc339b7fb000b5f" + integrity sha512-DZRhagSFRcEq1cUtBMo4TKxSNo/W6/s44yhr8X+eoXqCLycFQUylebOMPseHi5tc4fkGJqwqpWJLz6JStU9L4w== + dependencies: + "@docusaurus/logger" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + "@mdx-js/mdx" "^3.0.0" + "@slorber/remark-comment" "^1.0.0" + escape-html "^1.0.3" + estree-util-value-to-estree "^3.0.1" + file-loader "^6.2.0" + fs-extra "^11.1.1" + image-size "^2.0.2" + mdast-util-mdx "^3.0.0" + mdast-util-to-string "^4.0.0" + rehype-raw "^7.0.0" + remark-directive "^3.0.0" + remark-emoji "^4.0.0" + remark-frontmatter "^5.0.0" + remark-gfm "^4.0.0" + stringify-object "^3.3.0" + tslib "^2.6.0" + unified "^11.0.3" + unist-util-visit "^5.0.0" + url-loader "^4.1.1" + vfile "^6.0.1" + webpack "^5.88.1" + +"@docusaurus/module-type-aliases@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/module-type-aliases/-/module-type-aliases-3.8.1.tgz#454de577bd7f50b5eae16db0f76b49ca5e4e281a" + integrity sha512-6xhvAJiXzsaq3JdosS7wbRt/PwEPWHr9eM4YNYqVlbgG1hSK3uQDXTVvQktasp3VO6BmfYWPozueLWuj4gB+vg== + dependencies: + "@docusaurus/types" "3.8.1" + "@types/history" "^4.7.11" + "@types/react" "*" + "@types/react-router-config" "*" + "@types/react-router-dom" "*" + react-helmet-async "npm:@slorber/react-helmet-async@1.3.0" + react-loadable "npm:@docusaurus/react-loadable@6.0.0" + +"@docusaurus/plugin-content-blog@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-content-blog/-/plugin-content-blog-3.8.1.tgz#88d842b562b04cf59df900d9f6984b086f821525" + integrity sha512-vNTpMmlvNP9n3hGEcgPaXyvTljanAKIUkuG9URQ1DeuDup0OR7Ltvoc8yrmH+iMZJbcQGhUJF+WjHLwuk8HSdw== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/logger" "3.8.1" + "@docusaurus/mdx-loader" "3.8.1" + "@docusaurus/theme-common" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-common" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + cheerio "1.0.0-rc.12" + feed "^4.2.2" + fs-extra "^11.1.1" + lodash "^4.17.21" + schema-dts "^1.1.2" + srcset "^4.0.0" + tslib "^2.6.0" + unist-util-visit "^5.0.0" + utility-types "^3.10.0" + webpack "^5.88.1" + +"@docusaurus/plugin-content-docs@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-content-docs/-/plugin-content-docs-3.8.1.tgz#40686a206abb6373bee5638de100a2c312f112a4" + integrity sha512-oByRkSZzeGNQByCMaX+kif5Nl2vmtj2IHQI2fWjCfCootsdKZDPFLonhIp5s3IGJO7PLUfe0POyw0Xh/RrGXJA== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/logger" "3.8.1" + "@docusaurus/mdx-loader" "3.8.1" + "@docusaurus/module-type-aliases" "3.8.1" + "@docusaurus/theme-common" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-common" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + "@types/react-router-config" "^5.0.7" + combine-promises "^1.1.0" + fs-extra "^11.1.1" + js-yaml "^4.1.0" + lodash "^4.17.21" + schema-dts "^1.1.2" + tslib "^2.6.0" + utility-types "^3.10.0" + webpack "^5.88.1" + +"@docusaurus/plugin-content-pages@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-content-pages/-/plugin-content-pages-3.8.1.tgz#41b684dbd15390b7bb6a627f78bf81b6324511ac" + integrity sha512-a+V6MS2cIu37E/m7nDJn3dcxpvXb6TvgdNI22vJX8iUTp8eoMoPa0VArEbWvCxMY/xdC26WzNv4wZ6y0iIni/w== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/mdx-loader" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + fs-extra "^11.1.1" + tslib "^2.6.0" + webpack "^5.88.1" + +"@docusaurus/plugin-css-cascade-layers@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-css-cascade-layers/-/plugin-css-cascade-layers-3.8.1.tgz#cb414b4a82aa60fc64ef2a435ad0105e142a6c71" + integrity sha512-VQ47xRxfNKjHS5ItzaVXpxeTm7/wJLFMOPo1BkmoMG4Cuz4nuI+Hs62+RMk1OqVog68Swz66xVPK8g9XTrBKRw== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + tslib "^2.6.0" + +"@docusaurus/plugin-debug@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-debug/-/plugin-debug-3.8.1.tgz#45b107e46b627caaae66995f53197ace78af3491" + integrity sha512-nT3lN7TV5bi5hKMB7FK8gCffFTBSsBsAfV84/v293qAmnHOyg1nr9okEw8AiwcO3bl9vije5nsUvP0aRl2lpaw== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils" "3.8.1" + fs-extra "^11.1.1" + react-json-view-lite "^2.3.0" + tslib "^2.6.0" + +"@docusaurus/plugin-google-analytics@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-google-analytics/-/plugin-google-analytics-3.8.1.tgz#64a302e62fe5cb6e007367c964feeef7b056764a" + integrity sha512-Hrb/PurOJsmwHAsfMDH6oVpahkEGsx7F8CWMjyP/dw1qjqmdS9rcV1nYCGlM8nOtD3Wk/eaThzUB5TSZsGz+7Q== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + tslib "^2.6.0" + +"@docusaurus/plugin-google-gtag@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-google-gtag/-/plugin-google-gtag-3.8.1.tgz#8c76f8a1d96448f2f0f7b10e6bde451c40672b95" + integrity sha512-tKE8j1cEZCh8KZa4aa80zpSTxsC2/ZYqjx6AAfd8uA8VHZVw79+7OTEP2PoWi0uL5/1Is0LF5Vwxd+1fz5HlKg== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + "@types/gtag.js" "^0.0.12" + tslib "^2.6.0" + +"@docusaurus/plugin-google-tag-manager@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-google-tag-manager/-/plugin-google-tag-manager-3.8.1.tgz#88241ffd06369f4a4d5fb982ff3ac2777561ae37" + integrity sha512-iqe3XKITBquZq+6UAXdb1vI0fPY5iIOitVjPQ581R1ZKpHr0qe+V6gVOrrcOHixPDD/BUKdYwkxFjpNiEN+vBw== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + tslib "^2.6.0" + +"@docusaurus/plugin-sitemap@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-sitemap/-/plugin-sitemap-3.8.1.tgz#3aebd39186dc30e53023f1aab44625bc0bdac892" + integrity sha512-+9YV/7VLbGTq8qNkjiugIelmfUEVkTyLe6X8bWq7K5qPvGXAjno27QAfFq63mYfFFbJc7z+pudL63acprbqGzw== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/logger" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-common" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + fs-extra "^11.1.1" + sitemap "^7.1.1" + tslib "^2.6.0" + +"@docusaurus/plugin-svgr@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/plugin-svgr/-/plugin-svgr-3.8.1.tgz#6f340be8eae418a2cce540d8ece096ffd9c9b6ab" + integrity sha512-rW0LWMDsdlsgowVwqiMb/7tANDodpy1wWPwCcamvhY7OECReN3feoFwLjd/U4tKjNY3encj0AJSTxJA+Fpe+Gw== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + "@svgr/core" "8.1.0" + "@svgr/webpack" "^8.1.0" + tslib "^2.6.0" + webpack "^5.88.1" + +"@docusaurus/preset-classic@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/preset-classic/-/preset-classic-3.8.1.tgz#bb79fd12f3211363720c569a526c7e24d3aa966b" + integrity sha512-yJSjYNHXD8POMGc2mKQuj3ApPrN+eG0rO1UPgSx7jySpYU+n4WjBikbrA2ue5ad9A7aouEtMWUoiSRXTH/g7KQ== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/plugin-content-blog" "3.8.1" + "@docusaurus/plugin-content-docs" "3.8.1" + "@docusaurus/plugin-content-pages" "3.8.1" + "@docusaurus/plugin-css-cascade-layers" "3.8.1" + "@docusaurus/plugin-debug" "3.8.1" + "@docusaurus/plugin-google-analytics" "3.8.1" + "@docusaurus/plugin-google-gtag" "3.8.1" + "@docusaurus/plugin-google-tag-manager" "3.8.1" + "@docusaurus/plugin-sitemap" "3.8.1" + "@docusaurus/plugin-svgr" "3.8.1" + "@docusaurus/theme-classic" "3.8.1" + "@docusaurus/theme-common" "3.8.1" + "@docusaurus/theme-search-algolia" "3.8.1" + "@docusaurus/types" "3.8.1" + +"@docusaurus/theme-classic@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/theme-classic/-/theme-classic-3.8.1.tgz#1e45c66d89ded359225fcd29bf3258d9205765c1" + integrity sha512-bqDUCNqXeYypMCsE1VcTXSI1QuO4KXfx8Cvl6rYfY0bhhqN6d2WZlRkyLg/p6pm+DzvanqHOyYlqdPyP0iz+iw== + dependencies: + "@docusaurus/core" "3.8.1" + "@docusaurus/logger" "3.8.1" + "@docusaurus/mdx-loader" "3.8.1" + "@docusaurus/module-type-aliases" "3.8.1" + "@docusaurus/plugin-content-blog" "3.8.1" + "@docusaurus/plugin-content-docs" "3.8.1" + "@docusaurus/plugin-content-pages" "3.8.1" + "@docusaurus/theme-common" "3.8.1" + "@docusaurus/theme-translations" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-common" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + "@mdx-js/react" "^3.0.0" + clsx "^2.0.0" + copy-text-to-clipboard "^3.2.0" + infima "0.2.0-alpha.45" + lodash "^4.17.21" + nprogress "^0.2.0" + postcss "^8.5.4" + prism-react-renderer "^2.3.0" + prismjs "^1.29.0" + react-router-dom "^5.3.4" + rtlcss "^4.1.0" + tslib "^2.6.0" + utility-types "^3.10.0" + +"@docusaurus/theme-common@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/theme-common/-/theme-common-3.8.1.tgz#17c23316fbe3ee3f7e707c7298cb59a0fff38b4b" + integrity sha512-UswMOyTnPEVRvN5Qzbo+l8k4xrd5fTFu2VPPfD6FcW/6qUtVLmJTQCktbAL3KJ0BVXGm5aJXz/ZrzqFuZERGPw== + dependencies: + "@docusaurus/mdx-loader" "3.8.1" + "@docusaurus/module-type-aliases" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-common" "3.8.1" + "@types/history" "^4.7.11" + "@types/react" "*" + "@types/react-router-config" "*" + clsx "^2.0.0" + parse-numeric-range "^1.3.0" + prism-react-renderer "^2.3.0" + tslib "^2.6.0" + utility-types "^3.10.0" + +"@docusaurus/theme-search-algolia@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/theme-search-algolia/-/theme-search-algolia-3.8.1.tgz#3aa3d99c35cc2d4b709fcddd4df875a9b536e29b" + integrity sha512-NBFH5rZVQRAQM087aYSRKQ9yGEK9eHd+xOxQjqNpxMiV85OhJDD4ZGz6YJIod26Fbooy54UWVdzNU0TFeUUUzQ== + dependencies: + "@docsearch/react" "^3.9.0" + "@docusaurus/core" "3.8.1" + "@docusaurus/logger" "3.8.1" + "@docusaurus/plugin-content-docs" "3.8.1" + "@docusaurus/theme-common" "3.8.1" + "@docusaurus/theme-translations" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-validation" "3.8.1" + algoliasearch "^5.17.1" + algoliasearch-helper "^3.22.6" + clsx "^2.0.0" + eta "^2.2.0" + fs-extra "^11.1.1" + lodash "^4.17.21" + tslib "^2.6.0" + utility-types "^3.10.0" + +"@docusaurus/theme-translations@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/theme-translations/-/theme-translations-3.8.1.tgz#4b1d76973eb53861e167c7723485e059ba4ffd0a" + integrity sha512-OTp6eebuMcf2rJt4bqnvuwmm3NVXfzfYejL+u/Y1qwKhZPrjPoKWfk1CbOP5xH5ZOPkiAsx4dHdQBRJszK3z2g== + dependencies: + fs-extra "^11.1.1" + tslib "^2.6.0" + +"@docusaurus/types@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/types/-/types-3.8.1.tgz#83ab66c345464e003b576a49f78897482061fc26" + integrity sha512-ZPdW5AB+pBjiVrcLuw3dOS6BFlrG0XkS2lDGsj8TizcnREQg3J8cjsgfDviszOk4CweNfwo1AEELJkYaMUuOPg== + dependencies: + "@mdx-js/mdx" "^3.0.0" + "@types/history" "^4.7.11" + "@types/react" "*" + commander "^5.1.0" + joi "^17.9.2" + react-helmet-async "npm:@slorber/react-helmet-async@1.3.0" + utility-types "^3.10.0" + webpack "^5.95.0" + webpack-merge "^5.9.0" + +"@docusaurus/utils-common@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/utils-common/-/utils-common-3.8.1.tgz#c369b8c3041afb7dcd595d4172beb1cc1015c85f" + integrity sha512-zTZiDlvpvoJIrQEEd71c154DkcriBecm4z94OzEE9kz7ikS3J+iSlABhFXM45mZ0eN5pVqqr7cs60+ZlYLewtg== + dependencies: + "@docusaurus/types" "3.8.1" + tslib "^2.6.0" + +"@docusaurus/utils-validation@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/utils-validation/-/utils-validation-3.8.1.tgz#0499c0d151a4098a0963237057993282cfbd538e" + integrity sha512-gs5bXIccxzEbyVecvxg6upTwaUbfa0KMmTj7HhHzc016AGyxH2o73k1/aOD0IFrdCsfJNt37MqNI47s2MgRZMA== + dependencies: + "@docusaurus/logger" "3.8.1" + "@docusaurus/utils" "3.8.1" + "@docusaurus/utils-common" "3.8.1" + fs-extra "^11.2.0" + joi "^17.9.2" + js-yaml "^4.1.0" + lodash "^4.17.21" + tslib "^2.6.0" + +"@docusaurus/utils@3.8.1": + version "3.8.1" + resolved "https://registry.yarnpkg.com/@docusaurus/utils/-/utils-3.8.1.tgz#2ac1e734106e2f73dbd0f6a8824d525f9064e9f0" + integrity sha512-P1ml0nvOmEFdmu0smSXOqTS1sxU5tqvnc0dA4MTKV39kye+bhQnjkIKEE18fNOvxjyB86k8esoCIFM3x4RykOQ== + dependencies: + "@docusaurus/logger" "3.8.1" + "@docusaurus/types" "3.8.1" + "@docusaurus/utils-common" "3.8.1" + escape-string-regexp "^4.0.0" + execa "5.1.1" + file-loader "^6.2.0" + fs-extra "^11.1.1" + github-slugger "^1.5.0" + globby "^11.1.0" + gray-matter "^4.0.3" + jiti "^1.20.0" + js-yaml "^4.1.0" + lodash "^4.17.21" + micromatch "^4.0.5" + p-queue "^6.6.2" + prompts "^2.4.2" + resolve-pathname "^3.0.0" + tslib "^2.6.0" + url-loader "^4.1.1" + utility-types "^3.10.0" + webpack "^5.88.1" + +"@emotion/babel-plugin@^11.13.5": + version "11.13.5" + resolved "https://registry.yarnpkg.com/@emotion/babel-plugin/-/babel-plugin-11.13.5.tgz#eab8d65dbded74e0ecfd28dc218e75607c4e7bc0" + integrity sha512-pxHCpT2ex+0q+HH91/zsdHkw/lXd468DIN2zvfvLtPKLLMo6gQj7oLObq8PhkrxOZb/gGCq03S3Z7PDhS8pduQ== + dependencies: + "@babel/helper-module-imports" "^7.16.7" + "@babel/runtime" "^7.18.3" + "@emotion/hash" "^0.9.2" + "@emotion/memoize" "^0.9.0" + "@emotion/serialize" "^1.3.3" + babel-plugin-macros "^3.1.0" + convert-source-map "^1.5.0" + escape-string-regexp "^4.0.0" + find-root "^1.1.0" + source-map "^0.5.7" + stylis "4.2.0" + +"@emotion/cache@^11.14.0": + version "11.14.0" + resolved "https://registry.yarnpkg.com/@emotion/cache/-/cache-11.14.0.tgz#ee44b26986eeb93c8be82bb92f1f7a9b21b2ed76" + integrity sha512-L/B1lc/TViYk4DcpGxtAVbx0ZyiKM5ktoIyafGkH6zg/tj+mA+NE//aPYKG0k8kCHSHVJrpLpcAlOBEXQ3SavA== + dependencies: + "@emotion/memoize" "^0.9.0" + "@emotion/sheet" "^1.4.0" + "@emotion/utils" "^1.4.2" + "@emotion/weak-memoize" "^0.4.0" + stylis "4.2.0" + +"@emotion/hash@^0.9.2": + version "0.9.2" + resolved "https://registry.yarnpkg.com/@emotion/hash/-/hash-0.9.2.tgz#ff9221b9f58b4dfe61e619a7788734bd63f6898b" + integrity sha512-MyqliTZGuOm3+5ZRSaaBGP3USLw6+EGykkwZns2EPC5g8jJ4z9OrdZY9apkl3+UP9+sdz76YYkwCKP5gh8iY3g== + +"@emotion/is-prop-valid@^1.3.0": + version "1.3.1" + resolved "https://registry.yarnpkg.com/@emotion/is-prop-valid/-/is-prop-valid-1.3.1.tgz#8d5cf1132f836d7adbe42cf0b49df7816fc88240" + integrity sha512-/ACwoqx7XQi9knQs/G0qKvv5teDMhD7bXYns9N/wM8ah8iNb8jZ2uNO0YOgiq2o2poIvVtJS2YALasQuMSQ7Kw== + dependencies: + "@emotion/memoize" "^0.9.0" + +"@emotion/memoize@^0.9.0": + version "0.9.0" + resolved "https://registry.yarnpkg.com/@emotion/memoize/-/memoize-0.9.0.tgz#745969d649977776b43fc7648c556aaa462b4102" + integrity sha512-30FAj7/EoJ5mwVPOWhAyCX+FPfMDrVecJAM+Iw9NRoSl4BBAQeqj4cApHHUXOVvIPgLVDsCFoz/hGD+5QQD1GQ== + +"@emotion/react@^11.14.0": + version "11.14.0" + resolved "https://registry.yarnpkg.com/@emotion/react/-/react-11.14.0.tgz#cfaae35ebc67dd9ef4ea2e9acc6cd29e157dd05d" + integrity sha512-O000MLDBDdk/EohJPFUqvnp4qnHeYkVP5B0xEG0D/L7cOKP9kefu2DXn8dj74cQfsEzUqh+sr1RzFqiL1o+PpA== + dependencies: + "@babel/runtime" "^7.18.3" + "@emotion/babel-plugin" "^11.13.5" + "@emotion/cache" "^11.14.0" + "@emotion/serialize" "^1.3.3" + "@emotion/use-insertion-effect-with-fallbacks" "^1.2.0" + "@emotion/utils" "^1.4.2" + "@emotion/weak-memoize" "^0.4.0" + hoist-non-react-statics "^3.3.1" + +"@emotion/serialize@^1.3.3": + version "1.3.3" + resolved "https://registry.yarnpkg.com/@emotion/serialize/-/serialize-1.3.3.tgz#d291531005f17d704d0463a032fe679f376509e8" + integrity sha512-EISGqt7sSNWHGI76hC7x1CksiXPahbxEOrC5RjmFRJTqLyEK9/9hZvBbiYn70dw4wuwMKiEMCUlR6ZXTSWQqxA== + dependencies: + "@emotion/hash" "^0.9.2" + "@emotion/memoize" "^0.9.0" + "@emotion/unitless" "^0.10.0" + "@emotion/utils" "^1.4.2" + csstype "^3.0.2" + +"@emotion/sheet@^1.4.0": + version "1.4.0" + resolved "https://registry.yarnpkg.com/@emotion/sheet/-/sheet-1.4.0.tgz#c9299c34d248bc26e82563735f78953d2efca83c" + integrity sha512-fTBW9/8r2w3dXWYM4HCB1Rdp8NLibOw2+XELH5m5+AkWiL/KqYX6dc0kKYlaYyKjrQ6ds33MCdMPEwgs2z1rqg== + +"@emotion/styled@^11.14.1": + version "11.14.1" + resolved "https://registry.yarnpkg.com/@emotion/styled/-/styled-11.14.1.tgz#8c34bed2948e83e1980370305614c20955aacd1c" + integrity sha512-qEEJt42DuToa3gurlH4Qqc1kVpNq8wO8cJtDzU46TjlzWjDlsVyevtYCRijVq3SrHsROS+gVQ8Fnea108GnKzw== + dependencies: + "@babel/runtime" "^7.18.3" + "@emotion/babel-plugin" "^11.13.5" + "@emotion/is-prop-valid" "^1.3.0" + "@emotion/serialize" "^1.3.3" + "@emotion/use-insertion-effect-with-fallbacks" "^1.2.0" + "@emotion/utils" "^1.4.2" + +"@emotion/unitless@^0.10.0": + version "0.10.0" + resolved "https://registry.yarnpkg.com/@emotion/unitless/-/unitless-0.10.0.tgz#2af2f7c7e5150f497bdabd848ce7b218a27cf745" + integrity sha512-dFoMUuQA20zvtVTuxZww6OHoJYgrzfKM1t52mVySDJnMSEa08ruEvdYQbhvyu6soU+NeLVd3yKfTfT0NeV6qGg== + +"@emotion/use-insertion-effect-with-fallbacks@^1.2.0": + version "1.2.0" + resolved "https://registry.yarnpkg.com/@emotion/use-insertion-effect-with-fallbacks/-/use-insertion-effect-with-fallbacks-1.2.0.tgz#8a8cb77b590e09affb960f4ff1e9a89e532738bf" + integrity sha512-yJMtVdH59sxi/aVJBpk9FQq+OR8ll5GT8oWd57UpeaKEVGab41JWaCFA7FRLoMLloOZF/c/wsPoe+bfGmRKgDg== + +"@emotion/utils@^1.4.2": + version "1.4.2" + resolved "https://registry.yarnpkg.com/@emotion/utils/-/utils-1.4.2.tgz#6df6c45881fcb1c412d6688a311a98b7f59c1b52" + integrity sha512-3vLclRofFziIa3J2wDh9jjbkUz9qk5Vi3IZ/FSTKViB0k+ef0fPV7dYrUIugbgupYDx7v9ud/SjrtEP8Y4xLoA== + +"@emotion/weak-memoize@^0.4.0": + version "0.4.0" + resolved "https://registry.yarnpkg.com/@emotion/weak-memoize/-/weak-memoize-0.4.0.tgz#5e13fac887f08c44f76b0ccaf3370eb00fec9bb6" + integrity sha512-snKqtPW01tN0ui7yu9rGv69aJXr/a/Ywvl11sUjNtEcRc+ng/mQriFL0wLXMef74iHa/EkftbDzU9F8iFbH+zg== + +"@hapi/hoek@^9.0.0", "@hapi/hoek@^9.3.0": + version "9.3.0" + resolved "https://registry.yarnpkg.com/@hapi/hoek/-/hoek-9.3.0.tgz#8368869dcb735be2e7f5cb7647de78e167a251fb" + integrity sha512-/c6rf4UJlmHlC9b5BaNvzAcFv7HZ2QHaV0D4/HNlBdvFnvQq8RI4kYdhyPCl7Xj+oWvTWQ8ujhqS53LIgAe6KQ== + +"@hapi/topo@^5.1.0": + version "5.1.0" + resolved "https://registry.yarnpkg.com/@hapi/topo/-/topo-5.1.0.tgz#dc448e332c6c6e37a4dc02fd84ba8d44b9afb012" + integrity sha512-foQZKJig7Ob0BMAYBfcJk8d77QtOe7Wo4ox7ff1lQYoNNAb6jwcY1ncdoy2e9wQZzvNy7ODZCYJkK8kzmcAnAg== + dependencies: + "@hapi/hoek" "^9.0.0" + +"@iconify/react@^6.0.0": + version "6.0.1" + resolved "https://registry.yarnpkg.com/@iconify/react/-/react-6.0.1.tgz#15e2f5f18ce651666d09a5333f6d8a764bf45793" + integrity sha512-fCocnAfiGXjrA0u7KkS3W/OQHNp9LRFICudvOtxmS3Mf7U92aDhP50wyzRbobZli51zYt9ksZ9g0J7H586XvOQ== + dependencies: + "@iconify/types" "^2.0.0" + +"@iconify/types@^2.0.0": + version "2.0.0" + resolved "https://registry.yarnpkg.com/@iconify/types/-/types-2.0.0.tgz#ab0e9ea681d6c8a1214f30cd741fe3a20cc57f57" + integrity sha512-+wluvCrRhXrhyOmRDJ3q8mux9JkKy5SJ/v8ol2tu4FVjyYvtEzkc/3pK15ET6RKg4b4w4BmTk1+gsCUhf21Ykg== + +"@jest/schemas@^29.6.3": + version "29.6.3" + resolved "https://registry.yarnpkg.com/@jest/schemas/-/schemas-29.6.3.tgz#430b5ce8a4e0044a7e3819663305a7b3091c8e03" + integrity sha512-mo5j5X+jIZmJQveBKeS/clAueipV7KgiX1vMgCxam1RNYiqE1w62n0/tJJnHtjW8ZHcQco5gY85jA3mi0L+nSA== + dependencies: + "@sinclair/typebox" "^0.27.8" + +"@jest/types@^29.6.3": + version "29.6.3" + resolved "https://registry.yarnpkg.com/@jest/types/-/types-29.6.3.tgz#1131f8cf634e7e84c5e77bab12f052af585fba59" + integrity sha512-u3UPsIilWKOM3F9CXtrG8LEJmNxwoCQC/XVj4IKYXvvpx7QIi/Kg1LI5uDmDpKlac62NUtX7eLjRh+jVZcLOzw== + dependencies: + "@jest/schemas" "^29.6.3" + "@types/istanbul-lib-coverage" "^2.0.0" + "@types/istanbul-reports" "^3.0.0" + "@types/node" "*" + "@types/yargs" "^17.0.8" + chalk "^4.0.0" + +"@jridgewell/gen-mapping@^0.3.12", "@jridgewell/gen-mapping@^0.3.5": + version "0.3.13" + resolved "https://registry.yarnpkg.com/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz#6342a19f44347518c93e43b1ac69deb3c4656a1f" + integrity sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA== + dependencies: + "@jridgewell/sourcemap-codec" "^1.5.0" + "@jridgewell/trace-mapping" "^0.3.24" + +"@jridgewell/resolve-uri@^3.1.0": + version "3.1.2" + resolved "https://registry.yarnpkg.com/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz#7a0ee601f60f99a20c7c7c5ff0c80388c1189bd6" + integrity sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw== + +"@jridgewell/source-map@^0.3.3": + version "0.3.11" + resolved "https://registry.yarnpkg.com/@jridgewell/source-map/-/source-map-0.3.11.tgz#b21835cbd36db656b857c2ad02ebd413cc13a9ba" + integrity sha512-ZMp1V8ZFcPG5dIWnQLr3NSI1MiCU7UETdS/A0G8V/XWHvJv3ZsFqutJn1Y5RPmAPX6F3BiE397OqveU/9NCuIA== + dependencies: + "@jridgewell/gen-mapping" "^0.3.5" + "@jridgewell/trace-mapping" "^0.3.25" + +"@jridgewell/sourcemap-codec@^1.4.14", "@jridgewell/sourcemap-codec@^1.5.0": + version "1.5.5" + resolved "https://registry.yarnpkg.com/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz#6912b00d2c631c0d15ce1a7ab57cd657f2a8f8ba" + integrity sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og== + +"@jridgewell/trace-mapping@^0.3.18", "@jridgewell/trace-mapping@^0.3.24", "@jridgewell/trace-mapping@^0.3.25", "@jridgewell/trace-mapping@^0.3.28": + version "0.3.30" + resolved "https://registry.yarnpkg.com/@jridgewell/trace-mapping/-/trace-mapping-0.3.30.tgz#4a76c4daeee5df09f5d3940e087442fb36ce2b99" + integrity sha512-GQ7Nw5G2lTu/BtHTKfXhKHok2WGetd4XYcVKGx00SjAk8GMwgJM3zr6zORiPGuOE+/vkc90KtTosSSvaCjKb2Q== + dependencies: + "@jridgewell/resolve-uri" "^3.1.0" + "@jridgewell/sourcemap-codec" "^1.4.14" + +"@leichtgewicht/ip-codec@^2.0.1": + version "2.0.5" + resolved "https://registry.yarnpkg.com/@leichtgewicht/ip-codec/-/ip-codec-2.0.5.tgz#4fc56c15c580b9adb7dc3c333a134e540b44bfb1" + integrity sha512-Vo+PSpZG2/fmgmiNzYK9qWRh8h/CHrwD0mo1h1DzL4yzHNSfWYujGTYsWGreD000gcgmZ7K4Ys6Tx9TxtsKdDw== + +"@mdx-js/mdx@^3.0.0": + version "3.1.1" + resolved "https://registry.yarnpkg.com/@mdx-js/mdx/-/mdx-3.1.1.tgz#c5ffd991a7536b149e17175eee57a1a2a511c6d1" + integrity sha512-f6ZO2ifpwAQIpzGWaBQT2TXxPv6z3RBzQKpVftEWN78Vl/YweF1uwussDx8ECAXVtr3Rs89fKyG9YlzUs9DyGQ== + dependencies: + "@types/estree" "^1.0.0" + "@types/estree-jsx" "^1.0.0" + "@types/hast" "^3.0.0" + "@types/mdx" "^2.0.0" + acorn "^8.0.0" + collapse-white-space "^2.0.0" + devlop "^1.0.0" + estree-util-is-identifier-name "^3.0.0" + estree-util-scope "^1.0.0" + estree-walker "^3.0.0" + hast-util-to-jsx-runtime "^2.0.0" + markdown-extensions "^2.0.0" + recma-build-jsx "^1.0.0" + recma-jsx "^1.0.0" + recma-stringify "^1.0.0" + rehype-recma "^1.0.0" + remark-mdx "^3.0.0" + remark-parse "^11.0.0" + remark-rehype "^11.0.0" + source-map "^0.7.0" + unified "^11.0.0" + unist-util-position-from-estree "^2.0.0" + unist-util-stringify-position "^4.0.0" + unist-util-visit "^5.0.0" + vfile "^6.0.0" + +"@mdx-js/react@^3.0.0": + version "3.1.1" + resolved "https://registry.yarnpkg.com/@mdx-js/react/-/react-3.1.1.tgz#24bda7fffceb2fe256f954482123cda1be5f5fef" + integrity sha512-f++rKLQgUVYDAtECQ6fn/is15GkEH9+nZPM3MS0RcxVqoTfawHvDlSCH7JbMhAM6uJ32v3eXLvLmLvjGu7PTQw== + dependencies: + "@types/mdx" "^2.0.0" + +"@mui/core-downloads-tracker@^7.3.2": + version "7.3.2" + resolved "https://registry.yarnpkg.com/@mui/core-downloads-tracker/-/core-downloads-tracker-7.3.2.tgz#896a7890864d619093dc79541ec1ecfa3b507ad2" + integrity sha512-AOyfHjyDKVPGJJFtxOlept3EYEdLoar/RvssBTWVAvDJGIE676dLi2oT/Kx+FoVXFoA/JdV7DEMq/BVWV3KHRw== + +"@mui/icons-material@^7.3.1": + version "7.3.2" + resolved "https://registry.yarnpkg.com/@mui/icons-material/-/icons-material-7.3.2.tgz#050049cd6195b815e85888aaebd436e8e95084b8" + integrity sha512-TZWazBjWXBjR6iGcNkbKklnwodcwj0SrChCNHc9BhD9rBgET22J1eFhHsEmvSvru9+opDy3umqAimQjokhfJlQ== + dependencies: + "@babel/runtime" "^7.28.3" + +"@mui/material@^7.3.1": + version "7.3.2" + resolved "https://registry.yarnpkg.com/@mui/material/-/material-7.3.2.tgz#21ad66bba695e2cd36e4a93e2e4ff5e04d8636a1" + integrity sha512-qXvbnawQhqUVfH1LMgMaiytP+ZpGoYhnGl7yYq2x57GYzcFL/iPzSZ3L30tlbwEjSVKNYcbiKO8tANR1tadjUg== + dependencies: + "@babel/runtime" "^7.28.3" + "@mui/core-downloads-tracker" "^7.3.2" + "@mui/system" "^7.3.2" + "@mui/types" "^7.4.6" + "@mui/utils" "^7.3.2" + "@popperjs/core" "^2.11.8" + "@types/react-transition-group" "^4.4.12" + clsx "^2.1.1" + csstype "^3.1.3" + prop-types "^15.8.1" + react-is "^19.1.1" + react-transition-group "^4.4.5" + +"@mui/private-theming@^7.3.2": + version "7.3.2" + resolved "https://registry.yarnpkg.com/@mui/private-theming/-/private-theming-7.3.2.tgz#9b883ac9ec9288327de038da6ddf8ffa179be831" + integrity sha512-ha7mFoOyZGJr75xeiO9lugS3joRROjc8tG1u4P50dH0KR7bwhHznVMcYg7MouochUy0OxooJm/OOSpJ7gKcMvg== + dependencies: + "@babel/runtime" "^7.28.3" + "@mui/utils" "^7.3.2" + prop-types "^15.8.1" + +"@mui/styled-engine@^7.3.2": + version "7.3.2" + resolved "https://registry.yarnpkg.com/@mui/styled-engine/-/styled-engine-7.3.2.tgz#cac6acb9480d6eaf60d9c99a7d24503e53236b32" + integrity sha512-PkJzW+mTaek4e0nPYZ6qLnW5RGa0KN+eRTf5FA2nc7cFZTeM+qebmGibaTLrgQBy3UpcpemaqfzToBNkzuxqew== + dependencies: + "@babel/runtime" "^7.28.3" + "@emotion/cache" "^11.14.0" + "@emotion/serialize" "^1.3.3" + "@emotion/sheet" "^1.4.0" + csstype "^3.1.3" + prop-types "^15.8.1" + +"@mui/system@^7.3.2": + version "7.3.2" + resolved "https://registry.yarnpkg.com/@mui/system/-/system-7.3.2.tgz#e838097fc6cb0a2e4c1822478950db89affb116a" + integrity sha512-9d8JEvZW+H6cVkaZ+FK56R53vkJe3HsTpcjMUtH8v1xK6Y1TjzHdZ7Jck02mGXJsE6MQGWVs3ogRHTQmS9Q/rA== + dependencies: + "@babel/runtime" "^7.28.3" + "@mui/private-theming" "^7.3.2" + "@mui/styled-engine" "^7.3.2" + "@mui/types" "^7.4.6" + "@mui/utils" "^7.3.2" + clsx "^2.1.1" + csstype "^3.1.3" + prop-types "^15.8.1" + +"@mui/types@^7.4.6": + version "7.4.6" + resolved "https://registry.yarnpkg.com/@mui/types/-/types-7.4.6.tgz#1432e0814cf155287283f6bbd1e95976a148ef07" + integrity sha512-NVBbIw+4CDMMppNamVxyTccNv0WxtDb7motWDlMeSC8Oy95saj1TIZMGynPpFLePt3yOD8TskzumeqORCgRGWw== + dependencies: + "@babel/runtime" "^7.28.3" + +"@mui/utils@^7.3.2": + version "7.3.2" + resolved "https://registry.yarnpkg.com/@mui/utils/-/utils-7.3.2.tgz#361775d72c557a03115150e8aec4329c7ef14563" + integrity sha512-4DMWQGenOdLnM3y/SdFQFwKsCLM+mqxzvoWp9+x2XdEzXapkznauHLiXtSohHs/mc0+5/9UACt1GdugCX2te5g== + dependencies: + "@babel/runtime" "^7.28.3" + "@mui/types" "^7.4.6" + "@types/prop-types" "^15.7.15" + clsx "^2.1.1" + prop-types "^15.8.1" + react-is "^19.1.1" + +"@nodelib/fs.scandir@2.1.5": + version "2.1.5" + resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz#7619c2eb21b25483f6d167548b4cfd5a7488c3d5" + integrity sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g== + dependencies: + "@nodelib/fs.stat" "2.0.5" + run-parallel "^1.1.9" + +"@nodelib/fs.stat@2.0.5", "@nodelib/fs.stat@^2.0.2": + version "2.0.5" + resolved "https://registry.yarnpkg.com/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz#5bd262af94e9d25bd1e71b05deed44876a222e8b" + integrity sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A== + +"@nodelib/fs.walk@^1.2.3": + version "1.2.8" + resolved "https://registry.yarnpkg.com/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz#e95737e8bb6746ddedf69c556953494f196fe69a" + integrity sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg== + dependencies: + "@nodelib/fs.scandir" "2.1.5" + fastq "^1.6.0" + +"@pnpm/config.env-replace@^1.1.0": + version "1.1.0" + resolved "https://registry.yarnpkg.com/@pnpm/config.env-replace/-/config.env-replace-1.1.0.tgz#ab29da53df41e8948a00f2433f085f54de8b3a4c" + integrity sha512-htyl8TWnKL7K/ESFa1oW2UB5lVDxuF5DpM7tBi6Hu2LNL3mWkIzNLG6N4zoCUP1lCKNxWy/3iu8mS8MvToGd6w== + +"@pnpm/network.ca-file@^1.0.1": + version "1.0.2" + resolved "https://registry.yarnpkg.com/@pnpm/network.ca-file/-/network.ca-file-1.0.2.tgz#2ab05e09c1af0cdf2fcf5035bea1484e222f7983" + integrity sha512-YcPQ8a0jwYU9bTdJDpXjMi7Brhkr1mXsXrUJvjqM2mQDgkRiz8jFaQGOdaLxgjtUfQgZhKy/O3cG/YwmgKaxLA== + dependencies: + graceful-fs "4.2.10" + +"@pnpm/npm-conf@^2.1.0": + version "2.3.1" + resolved "https://registry.yarnpkg.com/@pnpm/npm-conf/-/npm-conf-2.3.1.tgz#bb375a571a0bd63ab0a23bece33033c683e9b6b0" + integrity sha512-c83qWb22rNRuB0UaVCI0uRPNRr8Z0FWnEIvT47jiHAmOIUHbBOg5XvV7pM5x+rKn9HRpjxquDbXYSXr3fAKFcw== + dependencies: + "@pnpm/config.env-replace" "^1.1.0" + "@pnpm/network.ca-file" "^1.0.1" + config-chain "^1.1.11" + +"@polka/url@^1.0.0-next.24": + version "1.0.0-next.29" + resolved "https://registry.yarnpkg.com/@polka/url/-/url-1.0.0-next.29.tgz#5a40109a1ab5f84d6fd8fc928b19f367cbe7e7b1" + integrity sha512-wwQAWhWSuHaag8c4q/KN/vCoeOJYshAIvMQwD4GpSb3OiZklFfvAgmj0VCBBImRpuF/aFgIRzllXlVX93Jevww== + +"@popperjs/core@^2.11.8": + version "2.11.8" + resolved "https://registry.yarnpkg.com/@popperjs/core/-/core-2.11.8.tgz#6b79032e760a0899cd4204710beede972a3a185f" + integrity sha512-P1st0aksCrn9sGZhp8GMYwBnQsbvAWsZAX44oXNNvLHGqAOcoVxmjZiohstwQ7SqKnbR47akdNi+uleWD8+g6A== + +"@sideway/address@^4.1.5": + version "4.1.5" + resolved "https://registry.yarnpkg.com/@sideway/address/-/address-4.1.5.tgz#4bc149a0076623ced99ca8208ba780d65a99b9d5" + integrity sha512-IqO/DUQHUkPeixNQ8n0JA6102hT9CmaljNTPmQ1u8MEhBo/R4Q8eKLN/vGZxuebwOroDB4cbpjheD4+/sKFK4Q== + dependencies: + "@hapi/hoek" "^9.0.0" + +"@sideway/formula@^3.0.1": + version "3.0.1" + resolved "https://registry.yarnpkg.com/@sideway/formula/-/formula-3.0.1.tgz#80fcbcbaf7ce031e0ef2dd29b1bfc7c3f583611f" + integrity sha512-/poHZJJVjx3L+zVD6g9KgHfYnb443oi7wLu/XKojDviHy6HOEOA6z1Trk5aR1dGcmPenJEgb2sK2I80LeS3MIg== + +"@sideway/pinpoint@^2.0.0": + version "2.0.0" + resolved "https://registry.yarnpkg.com/@sideway/pinpoint/-/pinpoint-2.0.0.tgz#cff8ffadc372ad29fd3f78277aeb29e632cc70df" + integrity sha512-RNiOoTPkptFtSVzQevY/yWtZwf/RxyVnPy/OcA9HBM3MlGDnBEYL5B41H0MTn0Uec8Hi+2qUtTfG2WWZBmMejQ== + +"@sinclair/typebox@^0.27.8": + version "0.27.8" + resolved "https://registry.yarnpkg.com/@sinclair/typebox/-/typebox-0.27.8.tgz#6667fac16c436b5434a387a34dedb013198f6e6e" + integrity sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA== + +"@sindresorhus/is@^4.6.0": + version "4.6.0" + resolved "https://registry.yarnpkg.com/@sindresorhus/is/-/is-4.6.0.tgz#3c7c9c46e678feefe7a2e5bb609d3dbd665ffb3f" + integrity sha512-t09vSN3MdfsyCHoFcTRCH/iUtG7OJ0CsjzB8cjAmKc/va/kIgeDI/TxsigdncE/4be734m0cvIYwNaV4i2XqAw== + +"@sindresorhus/is@^5.2.0": + version "5.6.0" + resolved "https://registry.yarnpkg.com/@sindresorhus/is/-/is-5.6.0.tgz#41dd6093d34652cddb5d5bdeee04eafc33826668" + integrity sha512-TV7t8GKYaJWsn00tFDqBw8+Uqmr8A0fRU1tvTQhyZzGv0sJCGRQL3JGMI3ucuKo3XIZdUP+Lx7/gh2t3lewy7g== + +"@slorber/remark-comment@^1.0.0": + version "1.0.0" + resolved "https://registry.yarnpkg.com/@slorber/remark-comment/-/remark-comment-1.0.0.tgz#2a020b3f4579c89dec0361673206c28d67e08f5a" + integrity sha512-RCE24n7jsOj1M0UPvIQCHTe7fI0sFL4S2nwKVWwHyVr/wI/H8GosgsJGyhnsZoGFnD/P2hLf1mSbrrgSLN93NA== + dependencies: + micromark-factory-space "^1.0.0" + micromark-util-character "^1.1.0" + micromark-util-symbol "^1.0.1" + +"@svgr/babel-plugin-add-jsx-attribute@8.0.0": + version "8.0.0" + resolved "https://registry.yarnpkg.com/@svgr/babel-plugin-add-jsx-attribute/-/babel-plugin-add-jsx-attribute-8.0.0.tgz#4001f5d5dd87fa13303e36ee106e3ff3a7eb8b22" + integrity sha512-b9MIk7yhdS1pMCZM8VeNfUlSKVRhsHZNMl5O9SfaX0l0t5wjdgu4IDzGB8bpnGBBOjGST3rRFVsaaEtI4W6f7g== + +"@svgr/babel-plugin-remove-jsx-attribute@8.0.0": + version "8.0.0" + resolved "https://registry.yarnpkg.com/@svgr/babel-plugin-remove-jsx-attribute/-/babel-plugin-remove-jsx-attribute-8.0.0.tgz#69177f7937233caca3a1afb051906698f2f59186" + integrity sha512-BcCkm/STipKvbCl6b7QFrMh/vx00vIP63k2eM66MfHJzPr6O2U0jYEViXkHJWqXqQYjdeA9cuCl5KWmlwjDvbA== + +"@svgr/babel-plugin-remove-jsx-empty-expression@8.0.0": + version "8.0.0" + resolved "https://registry.yarnpkg.com/@svgr/babel-plugin-remove-jsx-empty-expression/-/babel-plugin-remove-jsx-empty-expression-8.0.0.tgz#c2c48104cfd7dcd557f373b70a56e9e3bdae1d44" + integrity sha512-5BcGCBfBxB5+XSDSWnhTThfI9jcO5f0Ai2V24gZpG+wXF14BzwxxdDb4g6trdOux0rhibGs385BeFMSmxtS3uA== + +"@svgr/babel-plugin-replace-jsx-attribute-value@8.0.0": + version "8.0.0" + resolved "https://registry.yarnpkg.com/@svgr/babel-plugin-replace-jsx-attribute-value/-/babel-plugin-replace-jsx-attribute-value-8.0.0.tgz#8fbb6b2e91fa26ac5d4aa25c6b6e4f20f9c0ae27" + integrity sha512-KVQ+PtIjb1BuYT3ht8M5KbzWBhdAjjUPdlMtpuw/VjT8coTrItWX6Qafl9+ji831JaJcu6PJNKCV0bp01lBNzQ== + +"@svgr/babel-plugin-svg-dynamic-title@8.0.0": + version "8.0.0" + resolved "https://registry.yarnpkg.com/@svgr/babel-plugin-svg-dynamic-title/-/babel-plugin-svg-dynamic-title-8.0.0.tgz#1d5ba1d281363fc0f2f29a60d6d936f9bbc657b0" + integrity sha512-omNiKqwjNmOQJ2v6ge4SErBbkooV2aAWwaPFs2vUY7p7GhVkzRkJ00kILXQvRhA6miHnNpXv7MRnnSjdRjK8og== + +"@svgr/babel-plugin-svg-em-dimensions@8.0.0": + version "8.0.0" + resolved "https://registry.yarnpkg.com/@svgr/babel-plugin-svg-em-dimensions/-/babel-plugin-svg-em-dimensions-8.0.0.tgz#35e08df300ea8b1d41cb8f62309c241b0369e501" + integrity sha512-mURHYnu6Iw3UBTbhGwE/vsngtCIbHE43xCRK7kCw4t01xyGqb2Pd+WXekRRoFOBIY29ZoOhUCTEweDMdrjfi9g== + +"@svgr/babel-plugin-transform-react-native-svg@8.1.0": + version "8.1.0" + resolved "https://registry.yarnpkg.com/@svgr/babel-plugin-transform-react-native-svg/-/babel-plugin-transform-react-native-svg-8.1.0.tgz#90a8b63998b688b284f255c6a5248abd5b28d754" + integrity sha512-Tx8T58CHo+7nwJ+EhUwx3LfdNSG9R2OKfaIXXs5soiy5HtgoAEkDay9LIimLOcG8dJQH1wPZp/cnAv6S9CrR1Q== + +"@svgr/babel-plugin-transform-svg-component@8.0.0": + version "8.0.0" + resolved "https://registry.yarnpkg.com/@svgr/babel-plugin-transform-svg-component/-/babel-plugin-transform-svg-component-8.0.0.tgz#013b4bfca88779711f0ed2739f3f7efcefcf4f7e" + integrity sha512-DFx8xa3cZXTdb/k3kfPeaixecQLgKh5NVBMwD0AQxOzcZawK4oo1Jh9LbrcACUivsCA7TLG8eeWgrDXjTMhRmw== + +"@svgr/babel-preset@8.1.0": + version "8.1.0" + resolved "https://registry.yarnpkg.com/@svgr/babel-preset/-/babel-preset-8.1.0.tgz#0e87119aecdf1c424840b9d4565b7137cabf9ece" + integrity sha512-7EYDbHE7MxHpv4sxvnVPngw5fuR6pw79SkcrILHJ/iMpuKySNCl5W1qcwPEpU+LgyRXOaAFgH0KhwD18wwg6ug== + dependencies: + "@svgr/babel-plugin-add-jsx-attribute" "8.0.0" + "@svgr/babel-plugin-remove-jsx-attribute" "8.0.0" + "@svgr/babel-plugin-remove-jsx-empty-expression" "8.0.0" + "@svgr/babel-plugin-replace-jsx-attribute-value" "8.0.0" + "@svgr/babel-plugin-svg-dynamic-title" "8.0.0" + "@svgr/babel-plugin-svg-em-dimensions" "8.0.0" + "@svgr/babel-plugin-transform-react-native-svg" "8.1.0" + "@svgr/babel-plugin-transform-svg-component" "8.0.0" + +"@svgr/core@8.1.0": + version "8.1.0" + resolved "https://registry.yarnpkg.com/@svgr/core/-/core-8.1.0.tgz#41146f9b40b1a10beaf5cc4f361a16a3c1885e88" + integrity sha512-8QqtOQT5ACVlmsvKOJNEaWmRPmcojMOzCz4Hs2BGG/toAp/K38LcsMRyLp349glq5AzJbCEeimEoxaX6v/fLrA== + dependencies: + "@babel/core" "^7.21.3" + "@svgr/babel-preset" "8.1.0" + camelcase "^6.2.0" + cosmiconfig "^8.1.3" + snake-case "^3.0.4" + +"@svgr/hast-util-to-babel-ast@8.0.0": + version "8.0.0" + resolved "https://registry.yarnpkg.com/@svgr/hast-util-to-babel-ast/-/hast-util-to-babel-ast-8.0.0.tgz#6952fd9ce0f470e1aded293b792a2705faf4ffd4" + integrity sha512-EbDKwO9GpfWP4jN9sGdYwPBU0kdomaPIL2Eu4YwmgP+sJeXT+L7bMwJUBnhzfH8Q2qMBqZ4fJwpCyYsAN3mt2Q== + dependencies: + "@babel/types" "^7.21.3" + entities "^4.4.0" + +"@svgr/plugin-jsx@8.1.0": + version "8.1.0" + resolved "https://registry.yarnpkg.com/@svgr/plugin-jsx/-/plugin-jsx-8.1.0.tgz#96969f04a24b58b174ee4cd974c60475acbd6928" + integrity sha512-0xiIyBsLlr8quN+WyuxooNW9RJ0Dpr8uOnH/xrCVO8GLUcwHISwj1AG0k+LFzteTkAA0GbX0kj9q6Dk70PTiPA== + dependencies: + "@babel/core" "^7.21.3" + "@svgr/babel-preset" "8.1.0" + "@svgr/hast-util-to-babel-ast" "8.0.0" + svg-parser "^2.0.4" + +"@svgr/plugin-svgo@8.1.0": + version "8.1.0" + resolved "https://registry.yarnpkg.com/@svgr/plugin-svgo/-/plugin-svgo-8.1.0.tgz#b115b7b967b564f89ac58feae89b88c3decd0f00" + integrity sha512-Ywtl837OGO9pTLIN/onoWLmDQ4zFUycI1g76vuKGEz6evR/ZTJlJuz3G/fIkb6OVBJ2g0o6CGJzaEjfmEo3AHA== + dependencies: + cosmiconfig "^8.1.3" + deepmerge "^4.3.1" + svgo "^3.0.2" + +"@svgr/webpack@^8.1.0": + version "8.1.0" + resolved "https://registry.yarnpkg.com/@svgr/webpack/-/webpack-8.1.0.tgz#16f1b5346f102f89fda6ec7338b96a701d8be0c2" + integrity sha512-LnhVjMWyMQV9ZmeEy26maJk+8HTIbd59cH4F2MJ439k9DqejRisfFNGAPvRYlKETuh9LrImlS8aKsBgKjMA8WA== + dependencies: + "@babel/core" "^7.21.3" + "@babel/plugin-transform-react-constant-elements" "^7.21.3" + "@babel/preset-env" "^7.20.2" + "@babel/preset-react" "^7.18.6" + "@babel/preset-typescript" "^7.21.0" + "@svgr/core" "8.1.0" + "@svgr/plugin-jsx" "8.1.0" + "@svgr/plugin-svgo" "8.1.0" + +"@szmarczak/http-timer@^5.0.1": + version "5.0.1" + resolved "https://registry.yarnpkg.com/@szmarczak/http-timer/-/http-timer-5.0.1.tgz#c7c1bf1141cdd4751b0399c8fc7b8b664cd5be3a" + integrity sha512-+PmQX0PiAYPMeVYe237LJAYvOMYW1j2rH5YROyS3b4CTVJum34HfRvKvAzozHAQG0TnHNdUfY9nCeUyRAs//cw== + dependencies: + defer-to-connect "^2.0.1" + +"@trysound/sax@0.2.0": + version "0.2.0" + resolved "https://registry.yarnpkg.com/@trysound/sax/-/sax-0.2.0.tgz#cccaab758af56761eb7bf37af6f03f326dd798ad" + integrity sha512-L7z9BgrNEcYyUYtF+HaEfiS5ebkh9jXqbszz7pC0hRBPaatV0XjSD3+eHrpqFemQfgwiFF0QPIarnIihIDn7OA== + +"@types/body-parser@*": + version "1.19.6" + resolved "https://registry.yarnpkg.com/@types/body-parser/-/body-parser-1.19.6.tgz#1859bebb8fd7dac9918a45d54c1971ab8b5af474" + integrity sha512-HLFeCYgz89uk22N5Qg3dvGvsv46B8GLvKKo1zKG4NybA8U2DiEO3w9lqGg29t/tfLRJpJ6iQxnVw4OnB7MoM9g== + dependencies: + "@types/connect" "*" + "@types/node" "*" + +"@types/bonjour@^3.5.9": + version "3.5.13" + resolved "https://registry.yarnpkg.com/@types/bonjour/-/bonjour-3.5.13.tgz#adf90ce1a105e81dd1f9c61fdc5afda1bfb92956" + integrity sha512-z9fJ5Im06zvUL548KvYNecEVlA7cVDkGUi6kZusb04mpyEFKCIZJvloCcmpmLaIahDpOQGHaHmG6imtPMmPXGQ== + dependencies: + "@types/node" "*" + +"@types/connect-history-api-fallback@^1.3.5": + version "1.5.4" + resolved "https://registry.yarnpkg.com/@types/connect-history-api-fallback/-/connect-history-api-fallback-1.5.4.tgz#7de71645a103056b48ac3ce07b3520b819c1d5b3" + integrity sha512-n6Cr2xS1h4uAulPRdlw6Jl6s1oG8KrVilPN2yUITEs+K48EzMJJ3W1xy8K5eWuFvjp3R74AOIGSmp2UfBJ8HFw== + dependencies: + "@types/express-serve-static-core" "*" + "@types/node" "*" + +"@types/connect@*": + version "3.4.38" + resolved "https://registry.yarnpkg.com/@types/connect/-/connect-3.4.38.tgz#5ba7f3bc4fbbdeaff8dded952e5ff2cc53f8d858" + integrity sha512-K6uROf1LD88uDQqJCktA4yzL1YYAK6NgfsI0v/mTgyPKWsX1CnJ0XPSDhViejru1GcRkLWb8RlzFYJRqGUbaug== + dependencies: + "@types/node" "*" + +"@types/debug@^4.0.0": + version "4.1.12" + resolved "https://registry.yarnpkg.com/@types/debug/-/debug-4.1.12.tgz#a155f21690871953410df4b6b6f53187f0500917" + integrity sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ== + dependencies: + "@types/ms" "*" + +"@types/eslint-scope@^3.7.7": + version "3.7.7" + resolved "https://registry.yarnpkg.com/@types/eslint-scope/-/eslint-scope-3.7.7.tgz#3108bd5f18b0cdb277c867b3dd449c9ed7079ac5" + integrity sha512-MzMFlSLBqNF2gcHWO0G1vP/YQyfvrxZ0bF+u7mzUdZ1/xK4A4sru+nraZz5i3iEIk1l1uyicaDVTB4QbbEkAYg== + dependencies: + "@types/eslint" "*" + "@types/estree" "*" + +"@types/eslint@*": + version "9.6.1" + resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-9.6.1.tgz#d5795ad732ce81715f27f75da913004a56751584" + integrity sha512-FXx2pKgId/WyYo2jXw63kk7/+TY7u7AziEJxJAnSFzHlqTAS3Ync6SvgYAN/k4/PQpnnVuzoMuVnByKK2qp0ag== + dependencies: + "@types/estree" "*" + "@types/json-schema" "*" + +"@types/estree-jsx@^1.0.0": + version "1.0.5" + resolved "https://registry.yarnpkg.com/@types/estree-jsx/-/estree-jsx-1.0.5.tgz#858a88ea20f34fe65111f005a689fa1ebf70dc18" + integrity sha512-52CcUVNFyfb1A2ALocQw/Dd1BQFNmSdkuC3BkZ6iqhdMfQz7JWOFRuJFloOzjk+6WijU56m9oKXFAXc7o3Towg== + dependencies: + "@types/estree" "*" + +"@types/estree@*", "@types/estree@^1.0.0", "@types/estree@^1.0.8": + version "1.0.8" + resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.8.tgz#958b91c991b1867ced318bedea0e215ee050726e" + integrity sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w== + +"@types/express-serve-static-core@*", "@types/express-serve-static-core@^5.0.0": + version "5.0.7" + resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-5.0.7.tgz#2fa94879c9d46b11a5df4c74ac75befd6b283de6" + integrity sha512-R+33OsgWw7rOhD1emjU7dzCDHucJrgJXMA5PYCzJxVil0dsyx5iBEPHqpPfiKNJQb7lZ1vxwoLR4Z87bBUpeGQ== + dependencies: + "@types/node" "*" + "@types/qs" "*" + "@types/range-parser" "*" + "@types/send" "*" + +"@types/express-serve-static-core@^4.17.33": + version "4.19.6" + resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.19.6.tgz#e01324c2a024ff367d92c66f48553ced0ab50267" + integrity sha512-N4LZ2xG7DatVqhCZzOGb1Yi5lMbXSZcmdLDe9EzSndPV2HpWYWzRbaerl2n27irrm94EPpprqa8KpskPT085+A== + dependencies: + "@types/node" "*" + "@types/qs" "*" + "@types/range-parser" "*" + "@types/send" "*" + +"@types/express@*": + version "5.0.3" + resolved "https://registry.yarnpkg.com/@types/express/-/express-5.0.3.tgz#6c4bc6acddc2e2a587142e1d8be0bce20757e956" + integrity sha512-wGA0NX93b19/dZC1J18tKWVIYWyyF2ZjT9vin/NRu0qzzvfVzWjs04iq2rQ3H65vCTQYlRqs3YHfY7zjdV+9Kw== + dependencies: + "@types/body-parser" "*" + "@types/express-serve-static-core" "^5.0.0" + "@types/serve-static" "*" + +"@types/express@^4.17.13": + version "4.17.23" + resolved "https://registry.yarnpkg.com/@types/express/-/express-4.17.23.tgz#35af3193c640bfd4d7fe77191cd0ed411a433bef" + integrity sha512-Crp6WY9aTYP3qPi2wGDo9iUe/rceX01UMhnF1jmwDcKCFM6cx7YhGP/Mpr3y9AASpfHixIG0E6azCcL5OcDHsQ== + dependencies: + "@types/body-parser" "*" + "@types/express-serve-static-core" "^4.17.33" + "@types/qs" "*" + "@types/serve-static" "*" + +"@types/gtag.js@^0.0.12": + version "0.0.12" + resolved "https://registry.yarnpkg.com/@types/gtag.js/-/gtag.js-0.0.12.tgz#095122edca896689bdfcdd73b057e23064d23572" + integrity sha512-YQV9bUsemkzG81Ea295/nF/5GijnD2Af7QhEofh7xu+kvCN6RdodgNwwGWXB5GMI3NoyvQo0odNctoH/qLMIpg== + +"@types/hast@^3.0.0": + version "3.0.4" + resolved "https://registry.yarnpkg.com/@types/hast/-/hast-3.0.4.tgz#1d6b39993b82cea6ad783945b0508c25903e15aa" + integrity sha512-WPs+bbQw5aCj+x6laNGWLH3wviHtoCv/P3+otBhbOhJgG8qtpdAMlTCxLtsTWA7LH1Oh/bFCHsBn0TPS5m30EQ== + dependencies: + "@types/unist" "*" + +"@types/history@^4.7.11": + version "4.7.11" + resolved "https://registry.yarnpkg.com/@types/history/-/history-4.7.11.tgz#56588b17ae8f50c53983a524fc3cc47437969d64" + integrity sha512-qjDJRrmvBMiTx+jyLxvLfJU7UznFuokDv4f3WRuriHKERccVpFU+8XMQUAbDzoiJCsmexxRExQeMwwCdamSKDA== + +"@types/html-minifier-terser@^6.0.0": + version "6.1.0" + resolved "https://registry.yarnpkg.com/@types/html-minifier-terser/-/html-minifier-terser-6.1.0.tgz#4fc33a00c1d0c16987b1a20cf92d20614c55ac35" + integrity sha512-oh/6byDPnL1zeNXFrDXFLyZjkr1MsBG667IM792caf1L2UPOOMf65NFzjUH/ltyfwjAGfs1rsX1eftK0jC/KIg== + +"@types/http-cache-semantics@^4.0.2": + version "4.0.4" + resolved "https://registry.yarnpkg.com/@types/http-cache-semantics/-/http-cache-semantics-4.0.4.tgz#b979ebad3919799c979b17c72621c0bc0a31c6c4" + integrity sha512-1m0bIFVc7eJWyve9S0RnuRgcQqF/Xd5QsUZAZeQFr1Q3/p9JWoQQEqmVy+DPTNpGXwhgIetAoYF8JSc33q29QA== + +"@types/http-errors@*": + version "2.0.5" + resolved "https://registry.yarnpkg.com/@types/http-errors/-/http-errors-2.0.5.tgz#5b749ab2b16ba113423feb1a64a95dcd30398472" + integrity sha512-r8Tayk8HJnX0FztbZN7oVqGccWgw98T/0neJphO91KkmOzug1KkofZURD4UaD5uH8AqcFLfdPErnBod0u71/qg== + +"@types/http-proxy@^1.17.8": + version "1.17.16" + resolved "https://registry.yarnpkg.com/@types/http-proxy/-/http-proxy-1.17.16.tgz#dee360707b35b3cc85afcde89ffeebff7d7f9240" + integrity sha512-sdWoUajOB1cd0A8cRRQ1cfyWNbmFKLAqBB89Y8x5iYyG/mkJHc0YUH8pdWBy2omi9qtCpiIgGjuwO0dQST2l5w== + dependencies: + "@types/node" "*" + +"@types/istanbul-lib-coverage@*", "@types/istanbul-lib-coverage@^2.0.0": + version "2.0.6" + resolved "https://registry.yarnpkg.com/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz#7739c232a1fee9b4d3ce8985f314c0c6d33549d7" + integrity sha512-2QF/t/auWm0lsy8XtKVPG19v3sSOQlJe/YHZgfjb/KBBHOGSV+J2q/S671rcq9uTBrLAXmZpqJiaQbMT+zNU1w== + +"@types/istanbul-lib-report@*": + version "3.0.3" + resolved "https://registry.yarnpkg.com/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.3.tgz#53047614ae72e19fc0401d872de3ae2b4ce350bf" + integrity sha512-NQn7AHQnk/RSLOxrBbGyJM/aVQ+pjj5HCgasFxc0K/KhoATfQ/47AyUl15I2yBUpihjmas+a+VJBOqecrFH+uA== + dependencies: + "@types/istanbul-lib-coverage" "*" + +"@types/istanbul-reports@^3.0.0": + version "3.0.4" + resolved "https://registry.yarnpkg.com/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz#0f03e3d2f670fbdac586e34b433783070cc16f54" + integrity sha512-pk2B1NWalF9toCRu6gjBzR69syFjP4Od8WRAX+0mmf9lAjCRicLOWc+ZrxZHx/0XRjotgkF9t6iaMJ+aXcOdZQ== + dependencies: + "@types/istanbul-lib-report" "*" + +"@types/json-schema@*", "@types/json-schema@^7.0.15", "@types/json-schema@^7.0.8", "@types/json-schema@^7.0.9": + version "7.0.15" + resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.15.tgz#596a1747233694d50f6ad8a7869fcb6f56cf5841" + integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== + +"@types/mdast@^4.0.0", "@types/mdast@^4.0.2": + version "4.0.4" + resolved "https://registry.yarnpkg.com/@types/mdast/-/mdast-4.0.4.tgz#7ccf72edd2f1aa7dd3437e180c64373585804dd6" + integrity sha512-kGaNbPh1k7AFzgpud/gMdvIm5xuECykRR+JnWKQno9TAXVa6WIVCGTPvYGekIDL4uwCZQSYbUxNBSb1aUo79oA== + dependencies: + "@types/unist" "*" + +"@types/mdx@^2.0.0": + version "2.0.13" + resolved "https://registry.yarnpkg.com/@types/mdx/-/mdx-2.0.13.tgz#68f6877043d377092890ff5b298152b0a21671bd" + integrity sha512-+OWZQfAYyio6YkJb3HLxDrvnx6SWWDbC0zVPfBRzUk0/nqoDyf6dNxQi3eArPe8rJ473nobTMQ/8Zk+LxJ+Yuw== + +"@types/mime@^1": + version "1.3.5" + resolved "https://registry.yarnpkg.com/@types/mime/-/mime-1.3.5.tgz#1ef302e01cf7d2b5a0fa526790c9123bf1d06690" + integrity sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w== + +"@types/ms@*": + version "2.1.0" + resolved "https://registry.yarnpkg.com/@types/ms/-/ms-2.1.0.tgz#052aa67a48eccc4309d7f0191b7e41434b90bb78" + integrity sha512-GsCCIZDE/p3i96vtEqx+7dBUGXrc7zeSK3wwPHIaRThS+9OhWIXRqzs4d6k1SVU8g91DrNRWxWUGhp5KXQb2VA== + +"@types/node-forge@^1.3.0": + version "1.3.14" + resolved "https://registry.yarnpkg.com/@types/node-forge/-/node-forge-1.3.14.tgz#006c2616ccd65550560c2757d8472eb6d3ecea0b" + integrity sha512-mhVF2BnD4BO+jtOp7z1CdzaK4mbuK0LLQYAvdOLqHTavxFNq4zA1EmYkpnFjP8HOUzedfQkRnp0E2ulSAYSzAw== + dependencies: + "@types/node" "*" + +"@types/node@*": + version "24.3.0" + resolved "https://registry.yarnpkg.com/@types/node/-/node-24.3.0.tgz#89b09f45cb9a8ee69466f18ee5864e4c3eb84dec" + integrity sha512-aPTXCrfwnDLj4VvXrm+UUCQjNEvJgNA8s5F1cvwQU+3KNltTOkBm1j30uNLyqqPNe7gE3KFzImYoZEfLhp4Yow== + dependencies: + undici-types "~7.10.0" + +"@types/node@^17.0.5": + version "17.0.45" + resolved "https://registry.yarnpkg.com/@types/node/-/node-17.0.45.tgz#2c0fafd78705e7a18b7906b5201a522719dc5190" + integrity sha512-w+tIMs3rq2afQdsPJlODhoUEKzFP1ayaoyl1CcnwtIlsVe7K7bA1NGm4s3PraqTLlXnbIN84zuBlxBWo1u9BLw== + +"@types/parse-json@^4.0.0": + version "4.0.2" + resolved "https://registry.yarnpkg.com/@types/parse-json/-/parse-json-4.0.2.tgz#5950e50960793055845e956c427fc2b0d70c5239" + integrity sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw== + +"@types/prismjs@^1.26.0": + version "1.26.5" + resolved "https://registry.yarnpkg.com/@types/prismjs/-/prismjs-1.26.5.tgz#72499abbb4c4ec9982446509d2f14fb8483869d6" + integrity sha512-AUZTa7hQ2KY5L7AmtSiqxlhWxb4ina0yd8hNbl4TWuqnv/pFP0nDMb3YrfSBf4hJVGLh2YEIBfKaBW/9UEl6IQ== + +"@types/prop-types@^15.7.15": + version "15.7.15" + resolved "https://registry.yarnpkg.com/@types/prop-types/-/prop-types-15.7.15.tgz#e6e5a86d602beaca71ce5163fadf5f95d70931c7" + integrity sha512-F6bEyamV9jKGAFBEmlQnesRPGOQqS2+Uwi0Em15xenOxHaf2hv6L8YCVn3rPdPJOiJfPiCnLIRyvwVaqMY3MIw== + +"@types/qs@*": + version "6.14.0" + resolved "https://registry.yarnpkg.com/@types/qs/-/qs-6.14.0.tgz#d8b60cecf62f2db0fb68e5e006077b9178b85de5" + integrity sha512-eOunJqu0K1923aExK6y8p6fsihYEn/BYuQ4g0CxAAgFc4b/ZLN4CrsRZ55srTdqoiLzU2B2evC+apEIxprEzkQ== + +"@types/range-parser@*": + version "1.2.7" + resolved "https://registry.yarnpkg.com/@types/range-parser/-/range-parser-1.2.7.tgz#50ae4353eaaddc04044279812f52c8c65857dbcb" + integrity sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ== + +"@types/react-router-config@*", "@types/react-router-config@^5.0.7": + version "5.0.11" + resolved "https://registry.yarnpkg.com/@types/react-router-config/-/react-router-config-5.0.11.tgz#2761a23acc7905a66a94419ee40294a65aaa483a" + integrity sha512-WmSAg7WgqW7m4x8Mt4N6ZyKz0BubSj/2tVUMsAHp+Yd2AMwcSbeFq9WympT19p5heCFmF97R9eD5uUR/t4HEqw== + dependencies: + "@types/history" "^4.7.11" + "@types/react" "*" + "@types/react-router" "^5.1.0" + +"@types/react-router-dom@*": + version "5.3.3" + resolved "https://registry.yarnpkg.com/@types/react-router-dom/-/react-router-dom-5.3.3.tgz#e9d6b4a66fcdbd651a5f106c2656a30088cc1e83" + integrity sha512-kpqnYK4wcdm5UaWI3fLcELopqLrHgLqNsdpHauzlQktfkHL3npOSwtj1Uz9oKBAzs7lFtVkV8j83voAz2D8fhw== + dependencies: + "@types/history" "^4.7.11" + "@types/react" "*" + "@types/react-router" "*" + +"@types/react-router@*", "@types/react-router@^5.1.0": + version "5.1.20" + resolved "https://registry.yarnpkg.com/@types/react-router/-/react-router-5.1.20.tgz#88eccaa122a82405ef3efbcaaa5dcdd9f021387c" + integrity sha512-jGjmu/ZqS7FjSH6owMcD5qpq19+1RS9DeVRqfl1FeBMxTDQAGwlMWOcs52NDoXaNKyG3d1cYQFMs9rCrb88o9Q== + dependencies: + "@types/history" "^4.7.11" + "@types/react" "*" + +"@types/react-transition-group@^4.4.12": + version "4.4.12" + resolved "https://registry.yarnpkg.com/@types/react-transition-group/-/react-transition-group-4.4.12.tgz#b5d76568485b02a307238270bfe96cb51ee2a044" + integrity sha512-8TV6R3h2j7a91c+1DXdJi3Syo69zzIZbz7Lg5tORM5LEJG7X/E6a1V3drRyBRZq7/utz7A+c4OgYLiLcYGHG6w== + +"@types/react@*": + version "19.1.12" + resolved "https://registry.yarnpkg.com/@types/react/-/react-19.1.12.tgz#7bfaa76aabbb0b4fe0493c21a3a7a93d33e8937b" + integrity sha512-cMoR+FoAf/Jyq6+Df2/Z41jISvGZZ2eTlnsaJRptmZ76Caldwy1odD4xTr/gNV9VLj0AWgg/nmkevIyUfIIq5w== + dependencies: + csstype "^3.0.2" + +"@types/retry@0.12.0": + version "0.12.0" + resolved "https://registry.yarnpkg.com/@types/retry/-/retry-0.12.0.tgz#2b35eccfcee7d38cd72ad99232fbd58bffb3c84d" + integrity sha512-wWKOClTTiizcZhXnPY4wikVAwmdYHp8q6DmC+EJUzAMsycb7HB32Kh9RN4+0gExjmPmZSAQjgURXIGATPegAvA== + +"@types/sax@^1.2.1": + version "1.2.7" + resolved "https://registry.yarnpkg.com/@types/sax/-/sax-1.2.7.tgz#ba5fe7df9aa9c89b6dff7688a19023dd2963091d" + integrity sha512-rO73L89PJxeYM3s3pPPjiPgVVcymqU490g0YO5n5By0k2Erzj6tay/4lr1CHAAU4JyOWd1rpQ8bCf6cZfHU96A== + dependencies: + "@types/node" "*" + +"@types/send@*": + version "0.17.5" + resolved "https://registry.yarnpkg.com/@types/send/-/send-0.17.5.tgz#d991d4f2b16f2b1ef497131f00a9114290791e74" + integrity sha512-z6F2D3cOStZvuk2SaP6YrwkNO65iTZcwA2ZkSABegdkAh/lf+Aa/YQndZVfmEXT5vgAp6zv06VQ3ejSVjAny4w== + dependencies: + "@types/mime" "^1" + "@types/node" "*" + +"@types/serve-index@^1.9.1": + version "1.9.4" + resolved "https://registry.yarnpkg.com/@types/serve-index/-/serve-index-1.9.4.tgz#e6ae13d5053cb06ed36392110b4f9a49ac4ec898" + integrity sha512-qLpGZ/c2fhSs5gnYsQxtDEq3Oy8SXPClIXkW5ghvAvsNuVSA8k+gCONcUCS/UjLEYvYps+e8uBtfgXgvhwfNug== + dependencies: + "@types/express" "*" + +"@types/serve-static@*", "@types/serve-static@^1.13.10": + version "1.15.8" + resolved "https://registry.yarnpkg.com/@types/serve-static/-/serve-static-1.15.8.tgz#8180c3fbe4a70e8f00b9f70b9ba7f08f35987877" + integrity sha512-roei0UY3LhpOJvjbIP6ZZFngyLKl5dskOtDhxY5THRSpO+ZI+nzJ+m5yUMzGrp89YRa7lvknKkMYjqQFGwA7Sg== + dependencies: + "@types/http-errors" "*" + "@types/node" "*" + "@types/send" "*" + +"@types/sockjs@^0.3.33": + version "0.3.36" + resolved "https://registry.yarnpkg.com/@types/sockjs/-/sockjs-0.3.36.tgz#ce322cf07bcc119d4cbf7f88954f3a3bd0f67535" + integrity sha512-MK9V6NzAS1+Ud7JV9lJLFqW85VbC9dq3LmwZCuBe4wBDgKC0Kj/jd8Xl+nSviU+Qc3+m7umHHyHg//2KSa0a0Q== + dependencies: + "@types/node" "*" + +"@types/unist@*", "@types/unist@^3.0.0": + version "3.0.3" + resolved "https://registry.yarnpkg.com/@types/unist/-/unist-3.0.3.tgz#acaab0f919ce69cce629c2d4ed2eb4adc1b6c20c" + integrity sha512-ko/gIFJRv177XgZsZcBwnqJN5x/Gien8qNOn0D5bQU/zAzVf9Zt3BlcUiLqhV9y4ARk0GbT3tnUiPNgnTXzc/Q== + +"@types/unist@^2.0.0": + version "2.0.11" + resolved "https://registry.yarnpkg.com/@types/unist/-/unist-2.0.11.tgz#11af57b127e32487774841f7a4e54eab166d03c4" + integrity sha512-CmBKiL6NNo/OqgmMn95Fk9Whlp2mtvIv+KNpQKN2F4SjvrEesubTRWGYSg+BnWZOnlCaSTU1sMpsBOzgbYhnsA== + +"@types/ws@^8.5.5": + version "8.18.1" + resolved "https://registry.yarnpkg.com/@types/ws/-/ws-8.18.1.tgz#48464e4bf2ddfd17db13d845467f6070ffea4aa9" + integrity sha512-ThVF6DCVhA8kUGy+aazFQ4kXQ7E1Ty7A3ypFOe0IcJV8O/M511G99AW24irKrW56Wt44yG9+ij8FaqoBGkuBXg== + dependencies: + "@types/node" "*" + +"@types/yargs-parser@*": + version "21.0.3" + resolved "https://registry.yarnpkg.com/@types/yargs-parser/-/yargs-parser-21.0.3.tgz#815e30b786d2e8f0dcd85fd5bcf5e1a04d008f15" + integrity sha512-I4q9QU9MQv4oEOz4tAHJtNz1cwuLxn2F3xcc2iV5WdqLPpUnj30aUuxt1mAxYTG+oe8CZMV/+6rU4S4gRDzqtQ== + +"@types/yargs@^17.0.8": + version "17.0.33" + resolved "https://registry.yarnpkg.com/@types/yargs/-/yargs-17.0.33.tgz#8c32303da83eec050a84b3c7ae7b9f922d13e32d" + integrity sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA== + dependencies: + "@types/yargs-parser" "*" + +"@ungap/structured-clone@^1.0.0": + version "1.3.0" + resolved "https://registry.yarnpkg.com/@ungap/structured-clone/-/structured-clone-1.3.0.tgz#d06bbb384ebcf6c505fde1c3d0ed4ddffe0aaff8" + integrity sha512-WmoN8qaIAo7WTYWbAZuG8PYEhn5fkz7dZrqTBZ7dtt//lL2Gwms1IcnQ5yHqjDfX8Ft5j4YzDM23f87zBfDe9g== + +"@webassemblyjs/ast@1.14.1", "@webassemblyjs/ast@^1.14.1": + version "1.14.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/ast/-/ast-1.14.1.tgz#a9f6a07f2b03c95c8d38c4536a1fdfb521ff55b6" + integrity sha512-nuBEDgQfm1ccRp/8bCQrx1frohyufl4JlbMMZ4P1wpeOfDhF6FQkxZJ1b/e+PLwr6X1Nhw6OLme5usuBWYBvuQ== + dependencies: + "@webassemblyjs/helper-numbers" "1.13.2" + "@webassemblyjs/helper-wasm-bytecode" "1.13.2" + +"@webassemblyjs/floating-point-hex-parser@1.13.2": + version "1.13.2" + resolved "https://registry.yarnpkg.com/@webassemblyjs/floating-point-hex-parser/-/floating-point-hex-parser-1.13.2.tgz#fcca1eeddb1cc4e7b6eed4fc7956d6813b21b9fb" + integrity sha512-6oXyTOzbKxGH4steLbLNOu71Oj+C8Lg34n6CqRvqfS2O71BxY6ByfMDRhBytzknj9yGUPVJ1qIKhRlAwO1AovA== + +"@webassemblyjs/helper-api-error@1.13.2": + version "1.13.2" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-api-error/-/helper-api-error-1.13.2.tgz#e0a16152248bc38daee76dd7e21f15c5ef3ab1e7" + integrity sha512-U56GMYxy4ZQCbDZd6JuvvNV/WFildOjsaWD3Tzzvmw/mas3cXzRJPMjP83JqEsgSbyrmaGjBfDtV7KDXV9UzFQ== + +"@webassemblyjs/helper-buffer@1.14.1": + version "1.14.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-buffer/-/helper-buffer-1.14.1.tgz#822a9bc603166531f7d5df84e67b5bf99b72b96b" + integrity sha512-jyH7wtcHiKssDtFPRB+iQdxlDf96m0E39yb0k5uJVhFGleZFoNw1c4aeIcVUPPbXUVJ94wwnMOAqUHyzoEPVMA== + +"@webassemblyjs/helper-numbers@1.13.2": + version "1.13.2" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-numbers/-/helper-numbers-1.13.2.tgz#dbd932548e7119f4b8a7877fd5a8d20e63490b2d" + integrity sha512-FE8aCmS5Q6eQYcV3gI35O4J789wlQA+7JrqTTpJqn5emA4U2hvwJmvFRC0HODS+3Ye6WioDklgd6scJ3+PLnEA== + dependencies: + "@webassemblyjs/floating-point-hex-parser" "1.13.2" + "@webassemblyjs/helper-api-error" "1.13.2" + "@xtuc/long" "4.2.2" + +"@webassemblyjs/helper-wasm-bytecode@1.13.2": + version "1.13.2" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-bytecode/-/helper-wasm-bytecode-1.13.2.tgz#e556108758f448aae84c850e593ce18a0eb31e0b" + integrity sha512-3QbLKy93F0EAIXLh0ogEVR6rOubA9AoZ+WRYhNbFyuB70j3dRdwH9g+qXhLAO0kiYGlg3TxDV+I4rQTr/YNXkA== + +"@webassemblyjs/helper-wasm-section@1.14.1": + version "1.14.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.14.1.tgz#9629dda9c4430eab54b591053d6dc6f3ba050348" + integrity sha512-ds5mXEqTJ6oxRoqjhWDU83OgzAYjwsCV8Lo/N+oRsNDmx/ZDpqalmrtgOMkHwxsG0iI//3BwWAErYRHtgn0dZw== + dependencies: + "@webassemblyjs/ast" "1.14.1" + "@webassemblyjs/helper-buffer" "1.14.1" + "@webassemblyjs/helper-wasm-bytecode" "1.13.2" + "@webassemblyjs/wasm-gen" "1.14.1" + +"@webassemblyjs/ieee754@1.13.2": + version "1.13.2" + resolved "https://registry.yarnpkg.com/@webassemblyjs/ieee754/-/ieee754-1.13.2.tgz#1c5eaace1d606ada2c7fd7045ea9356c59ee0dba" + integrity sha512-4LtOzh58S/5lX4ITKxnAK2USuNEvpdVV9AlgGQb8rJDHaLeHciwG4zlGr0j/SNWlr7x3vO1lDEsuePvtcDNCkw== + dependencies: + "@xtuc/ieee754" "^1.2.0" + +"@webassemblyjs/leb128@1.13.2": + version "1.13.2" + resolved "https://registry.yarnpkg.com/@webassemblyjs/leb128/-/leb128-1.13.2.tgz#57c5c3deb0105d02ce25fa3fd74f4ebc9fd0bbb0" + integrity sha512-Lde1oNoIdzVzdkNEAWZ1dZ5orIbff80YPdHx20mrHwHrVNNTjNr8E3xz9BdpcGqRQbAEa+fkrCb+fRFTl/6sQw== + dependencies: + "@xtuc/long" "4.2.2" + +"@webassemblyjs/utf8@1.13.2": + version "1.13.2" + resolved "https://registry.yarnpkg.com/@webassemblyjs/utf8/-/utf8-1.13.2.tgz#917a20e93f71ad5602966c2d685ae0c6c21f60f1" + integrity sha512-3NQWGjKTASY1xV5m7Hr0iPeXD9+RDobLll3T9d2AO+g3my8xy5peVyjSag4I50mR1bBSN/Ct12lo+R9tJk0NZQ== + +"@webassemblyjs/wasm-edit@^1.14.1": + version "1.14.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-edit/-/wasm-edit-1.14.1.tgz#ac6689f502219b59198ddec42dcd496b1004d597" + integrity sha512-RNJUIQH/J8iA/1NzlE4N7KtyZNHi3w7at7hDjvRNm5rcUXa00z1vRz3glZoULfJ5mpvYhLybmVcwcjGrC1pRrQ== + dependencies: + "@webassemblyjs/ast" "1.14.1" + "@webassemblyjs/helper-buffer" "1.14.1" + "@webassemblyjs/helper-wasm-bytecode" "1.13.2" + "@webassemblyjs/helper-wasm-section" "1.14.1" + "@webassemblyjs/wasm-gen" "1.14.1" + "@webassemblyjs/wasm-opt" "1.14.1" + "@webassemblyjs/wasm-parser" "1.14.1" + "@webassemblyjs/wast-printer" "1.14.1" + +"@webassemblyjs/wasm-gen@1.14.1": + version "1.14.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-gen/-/wasm-gen-1.14.1.tgz#991e7f0c090cb0bb62bbac882076e3d219da9570" + integrity sha512-AmomSIjP8ZbfGQhumkNvgC33AY7qtMCXnN6bL2u2Js4gVCg8fp735aEiMSBbDR7UQIj90n4wKAFUSEd0QN2Ukg== + dependencies: + "@webassemblyjs/ast" "1.14.1" + "@webassemblyjs/helper-wasm-bytecode" "1.13.2" + "@webassemblyjs/ieee754" "1.13.2" + "@webassemblyjs/leb128" "1.13.2" + "@webassemblyjs/utf8" "1.13.2" + +"@webassemblyjs/wasm-opt@1.14.1": + version "1.14.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-opt/-/wasm-opt-1.14.1.tgz#e6f71ed7ccae46781c206017d3c14c50efa8106b" + integrity sha512-PTcKLUNvBqnY2U6E5bdOQcSM+oVP/PmrDY9NzowJjislEjwP/C4an2303MCVS2Mg9d3AJpIGdUFIQQWbPds0Sw== + dependencies: + "@webassemblyjs/ast" "1.14.1" + "@webassemblyjs/helper-buffer" "1.14.1" + "@webassemblyjs/wasm-gen" "1.14.1" + "@webassemblyjs/wasm-parser" "1.14.1" + +"@webassemblyjs/wasm-parser@1.14.1", "@webassemblyjs/wasm-parser@^1.14.1": + version "1.14.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-parser/-/wasm-parser-1.14.1.tgz#b3e13f1893605ca78b52c68e54cf6a865f90b9fb" + integrity sha512-JLBl+KZ0R5qB7mCnud/yyX08jWFw5MsoalJ1pQ4EdFlgj9VdXKGuENGsiCIjegI1W7p91rUlcB/LB5yRJKNTcQ== + dependencies: + "@webassemblyjs/ast" "1.14.1" + "@webassemblyjs/helper-api-error" "1.13.2" + "@webassemblyjs/helper-wasm-bytecode" "1.13.2" + "@webassemblyjs/ieee754" "1.13.2" + "@webassemblyjs/leb128" "1.13.2" + "@webassemblyjs/utf8" "1.13.2" + +"@webassemblyjs/wast-printer@1.14.1": + version "1.14.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wast-printer/-/wast-printer-1.14.1.tgz#3bb3e9638a8ae5fdaf9610e7a06b4d9f9aa6fe07" + integrity sha512-kPSSXE6De1XOR820C90RIo2ogvZG+c3KiHzqUoO/F34Y2shGzesfqv7o57xrxovZJH/MetF5UjroJ/R/3isoiw== + dependencies: + "@webassemblyjs/ast" "1.14.1" + "@xtuc/long" "4.2.2" + +"@xtuc/ieee754@^1.2.0": + version "1.2.0" + resolved "https://registry.yarnpkg.com/@xtuc/ieee754/-/ieee754-1.2.0.tgz#eef014a3145ae477a1cbc00cd1e552336dceb790" + integrity sha512-DX8nKgqcGwsc0eJSqYt5lwP4DH5FlHnmuWWBRy7X0NcaGR0ZtuyeESgMwTYVEtxmsNGY+qit4QYT/MIYTOTPeA== + +"@xtuc/long@4.2.2": + version "4.2.2" + resolved "https://registry.yarnpkg.com/@xtuc/long/-/long-4.2.2.tgz#d291c6a4e97989b5c61d9acf396ae4fe133a718d" + integrity sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ== + +accepts@~1.3.4, accepts@~1.3.8: + version "1.3.8" + resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.8.tgz#0bf0be125b67014adcb0b0921e62db7bffe16b2e" + integrity sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw== + dependencies: + mime-types "~2.1.34" + negotiator "0.6.3" + +acorn-import-phases@^1.0.3: + version "1.0.4" + resolved "https://registry.yarnpkg.com/acorn-import-phases/-/acorn-import-phases-1.0.4.tgz#16eb850ba99a056cb7cbfe872ffb8972e18c8bd7" + integrity sha512-wKmbr/DDiIXzEOiWrTTUcDm24kQ2vGfZQvM2fwg2vXqR5uW6aapr7ObPtj1th32b9u90/Pf4AItvdTh42fBmVQ== + +acorn-jsx@^5.0.0: + version "5.3.2" + resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-5.3.2.tgz#7ed5bb55908b3b2f1bc55c6af1653bada7f07937" + integrity sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ== + +acorn-walk@^8.0.0: + version "8.3.4" + resolved "https://registry.yarnpkg.com/acorn-walk/-/acorn-walk-8.3.4.tgz#794dd169c3977edf4ba4ea47583587c5866236b7" + integrity sha512-ueEepnujpqee2o5aIYnvHU6C0A42MNdsIDeqy5BydrkuC5R1ZuUFnm27EeFJGoEHJQgn3uleRvmTXaJgfXbt4g== + dependencies: + acorn "^8.11.0" + +acorn@^8.0.0, acorn@^8.0.4, acorn@^8.11.0, acorn@^8.14.0, acorn@^8.15.0: + version "8.15.0" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.15.0.tgz#a360898bc415edaac46c8241f6383975b930b816" + integrity sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg== + +address@^1.0.1: + version "1.2.2" + resolved "https://registry.yarnpkg.com/address/-/address-1.2.2.tgz#2b5248dac5485a6390532c6a517fda2e3faac89e" + integrity sha512-4B/qKCfeE/ODUaAUpSwfzazo5x29WD4r3vXiWsB7I2mSDAihwEqKO+g8GELZUQSSAo5e1XTYh3ZVfLyxBc12nA== + +aggregate-error@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/aggregate-error/-/aggregate-error-3.1.0.tgz#92670ff50f5359bdb7a3e0d40d0ec30c5737687a" + integrity sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA== + dependencies: + clean-stack "^2.0.0" + indent-string "^4.0.0" + +ajv-formats@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/ajv-formats/-/ajv-formats-2.1.1.tgz#6e669400659eb74973bbf2e33327180a0996b520" + integrity sha512-Wx0Kx52hxE7C18hkMEggYlEifqWZtYaRgouJor+WMdPnQyEK13vgEWyVNup7SoeeoLMsr4kf5h6dOW11I15MUA== + dependencies: + ajv "^8.0.0" + +ajv-keywords@^3.5.2: + version "3.5.2" + resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.5.2.tgz#31f29da5ab6e00d1c2d329acf7b5929614d5014d" + integrity sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ== + +ajv-keywords@^5.1.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-5.1.0.tgz#69d4d385a4733cdbeab44964a1170a88f87f0e16" + integrity sha512-YCS/JNFAUyr5vAuhk1DWm1CBxRHW9LbJ2ozWeemrIqpbsqKjHVxYPyi5GC0rjZIT5JxJ3virVTS8wk4i/Z+krw== + dependencies: + fast-deep-equal "^3.1.3" + +ajv@^6.12.5: + version "6.12.6" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4" + integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g== + dependencies: + fast-deep-equal "^3.1.1" + fast-json-stable-stringify "^2.0.0" + json-schema-traverse "^0.4.1" + uri-js "^4.2.2" + +ajv@^8.0.0, ajv@^8.9.0: + version "8.17.1" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.17.1.tgz#37d9a5c776af6bc92d7f4f9510eba4c0a60d11a6" + integrity sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g== + dependencies: + fast-deep-equal "^3.1.3" + fast-uri "^3.0.1" + json-schema-traverse "^1.0.0" + require-from-string "^2.0.2" + +algoliasearch-helper@^3.22.6: + version "3.26.0" + resolved "https://registry.yarnpkg.com/algoliasearch-helper/-/algoliasearch-helper-3.26.0.tgz#d6e283396a9fc5bf944f365dc3b712570314363f" + integrity sha512-Rv2x3GXleQ3ygwhkhJubhhYGsICmShLAiqtUuJTUkr9uOCOXyF2E71LVT4XDnVffbknv8XgScP4U0Oxtgm+hIw== + dependencies: + "@algolia/events" "^4.0.1" + +algoliasearch@^5.14.2, algoliasearch@^5.17.1: + version "5.36.0" + resolved "https://registry.yarnpkg.com/algoliasearch/-/algoliasearch-5.36.0.tgz#f4876e474bbfaae20ce101beacbba2fdce44038d" + integrity sha512-FpwQ+p4x4RIsWnPj2z9idOC70T90ga7Oeh8BURSFKpqp5lITRsgkIj/bwYj2bY5xbyD7uBuP9AZRnM5EV20WOw== + dependencies: + "@algolia/abtesting" "1.2.0" + "@algolia/client-abtesting" "5.36.0" + "@algolia/client-analytics" "5.36.0" + "@algolia/client-common" "5.36.0" + "@algolia/client-insights" "5.36.0" + "@algolia/client-personalization" "5.36.0" + "@algolia/client-query-suggestions" "5.36.0" + "@algolia/client-search" "5.36.0" + "@algolia/ingestion" "1.36.0" + "@algolia/monitoring" "1.36.0" + "@algolia/recommend" "5.36.0" + "@algolia/requester-browser-xhr" "5.36.0" + "@algolia/requester-fetch" "5.36.0" + "@algolia/requester-node-http" "5.36.0" + +ansi-align@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/ansi-align/-/ansi-align-3.0.1.tgz#0cdf12e111ace773a86e9a1fad1225c43cb19a59" + integrity sha512-IOfwwBF5iczOjp/WeY4YxyjqAFMQoZufdQWDd19SEExbVLNXqvpzSJ/M7Za4/sCPmQ0+GRquoA7bGcINcxew6w== + dependencies: + string-width "^4.1.0" + +ansi-escapes@^4.3.2: + version "4.3.2" + resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-4.3.2.tgz#6b2291d1db7d98b6521d5f1efa42d0f3a9feb65e" + integrity sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ== + dependencies: + type-fest "^0.21.3" + +ansi-html-community@^0.0.8: + version "0.0.8" + resolved "https://registry.yarnpkg.com/ansi-html-community/-/ansi-html-community-0.0.8.tgz#69fbc4d6ccbe383f9736934ae34c3f8290f1bf41" + integrity sha512-1APHAyr3+PCamwNw3bXCPp4HFLONZt/yIH0sZp0/469KWNTEy+qN5jQ3GVX6DMZ1UXAi34yVwtTeaG/HpBuuzw== + +ansi-regex@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-5.0.1.tgz#082cb2c89c9fe8659a311a53bd6a4dc5301db304" + integrity sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ== + +ansi-regex@^6.0.1: + version "6.2.0" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-6.2.0.tgz#2f302e7550431b1b7762705fffb52cf1ffa20447" + integrity sha512-TKY5pyBkHyADOPYlRT9Lx6F544mPl0vS5Ew7BJ45hA08Q+t3GjbueLliBWN3sMICk6+y7HdyxSzC4bWS8baBdg== + +ansi-styles@^4.0.0, ansi-styles@^4.1.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-4.3.0.tgz#edd803628ae71c04c85ae7a0906edad34b648937" + integrity sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg== + dependencies: + color-convert "^2.0.1" + +ansi-styles@^6.1.0: + version "6.2.1" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-6.2.1.tgz#0e62320cf99c21afff3b3012192546aacbfb05c5" + integrity sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug== + +anymatch@~3.1.2: + version "3.1.3" + resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-3.1.3.tgz#790c58b19ba1720a84205b57c618d5ad8524973e" + integrity sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw== + dependencies: + normalize-path "^3.0.0" + picomatch "^2.0.4" + +arg@^5.0.0: + version "5.0.2" + resolved "https://registry.yarnpkg.com/arg/-/arg-5.0.2.tgz#c81433cc427c92c4dcf4865142dbca6f15acd59c" + integrity sha512-PYjyFOLKQ9y57JvQ6QLo8dAgNqswh8M1RMJYdQduT6xbWSgK36P/Z/v+p888pM69jMMfS8Xd8F6I1kQ/I9HUGg== + +argparse@^1.0.7: + version "1.0.10" + resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.10.tgz#bcd6791ea5ae09725e17e5ad988134cd40b3d911" + integrity sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg== + dependencies: + sprintf-js "~1.0.2" + +argparse@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/argparse/-/argparse-2.0.1.tgz#246f50f3ca78a3240f6c997e8a9bd1eac49e4b38" + integrity sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q== + +array-flatten@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-1.1.1.tgz#9a5f699051b1e7073328f2a008968b64ea2955d2" + integrity sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg== + +array-union@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/array-union/-/array-union-2.1.0.tgz#b798420adbeb1de828d84acd8a2e23d3efe85e8d" + integrity sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw== + +astring@^1.8.0: + version "1.9.0" + resolved "https://registry.yarnpkg.com/astring/-/astring-1.9.0.tgz#cc73e6062a7eb03e7d19c22d8b0b3451fd9bfeef" + integrity sha512-LElXdjswlqjWrPpJFg1Fx4wpkOCxj1TDHlSV4PlaRxHGWko024xICaa97ZkMfs6DRKlCguiAI+rbXv5GWwXIkg== + +autoprefixer@^10.4.19, autoprefixer@^10.4.21: + version "10.4.21" + resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-10.4.21.tgz#77189468e7a8ad1d9a37fbc08efc9f480cf0a95d" + integrity sha512-O+A6LWV5LDHSJD3LjHYoNi4VLsj/Whi7k6zG12xTYaU4cQ8oxQGckXNX8cRHK5yOZ/ppVHe0ZBXGzSV9jXdVbQ== + dependencies: + browserslist "^4.24.4" + caniuse-lite "^1.0.30001702" + fraction.js "^4.3.7" + normalize-range "^0.1.2" + picocolors "^1.1.1" + postcss-value-parser "^4.2.0" + +babel-loader@^9.2.1: + version "9.2.1" + resolved "https://registry.yarnpkg.com/babel-loader/-/babel-loader-9.2.1.tgz#04c7835db16c246dd19ba0914418f3937797587b" + integrity sha512-fqe8naHt46e0yIdkjUZYqddSXfej3AHajX+CSO5X7oy0EmPc6o5Xh+RClNoHjnieWz9AW4kZxW9yyFMhVB1QLA== + dependencies: + find-cache-dir "^4.0.0" + schema-utils "^4.0.0" + +babel-plugin-dynamic-import-node@^2.3.3: + version "2.3.3" + resolved "https://registry.yarnpkg.com/babel-plugin-dynamic-import-node/-/babel-plugin-dynamic-import-node-2.3.3.tgz#84fda19c976ec5c6defef57f9427b3def66e17a3" + integrity sha512-jZVI+s9Zg3IqA/kdi0i6UDCybUI3aSBLnglhYbSSjKlV7yF1F/5LWv8MakQmvYpnbJDS6fcBL2KzHSxNCMtWSQ== + dependencies: + object.assign "^4.1.0" + +babel-plugin-macros@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/babel-plugin-macros/-/babel-plugin-macros-3.1.0.tgz#9ef6dc74deb934b4db344dc973ee851d148c50c1" + integrity sha512-Cg7TFGpIr01vOQNODXOOaGz2NpCU5gl8x1qJFbb6hbZxR7XrcE2vtbAsTAbJ7/xwJtUuJEw8K8Zr/AE0LHlesg== + dependencies: + "@babel/runtime" "^7.12.5" + cosmiconfig "^7.0.0" + resolve "^1.19.0" + +babel-plugin-polyfill-corejs2@^0.4.14: + version "0.4.14" + resolved "https://registry.yarnpkg.com/babel-plugin-polyfill-corejs2/-/babel-plugin-polyfill-corejs2-0.4.14.tgz#8101b82b769c568835611542488d463395c2ef8f" + integrity sha512-Co2Y9wX854ts6U8gAAPXfn0GmAyctHuK8n0Yhfjd6t30g7yvKjspvvOo9yG+z52PZRgFErt7Ka2pYnXCjLKEpg== + dependencies: + "@babel/compat-data" "^7.27.7" + "@babel/helper-define-polyfill-provider" "^0.6.5" + semver "^6.3.1" + +babel-plugin-polyfill-corejs3@^0.13.0: + version "0.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.13.0.tgz#bb7f6aeef7addff17f7602a08a6d19a128c30164" + integrity sha512-U+GNwMdSFgzVmfhNm8GJUX88AadB3uo9KpJqS3FaqNIPKgySuvMb+bHPsOmmuWyIcuqZj/pzt1RUIUZns4y2+A== + dependencies: + "@babel/helper-define-polyfill-provider" "^0.6.5" + core-js-compat "^3.43.0" + +babel-plugin-polyfill-regenerator@^0.6.5: + version "0.6.5" + resolved "https://registry.yarnpkg.com/babel-plugin-polyfill-regenerator/-/babel-plugin-polyfill-regenerator-0.6.5.tgz#32752e38ab6f6767b92650347bf26a31b16ae8c5" + integrity sha512-ISqQ2frbiNU9vIJkzg7dlPpznPZ4jOiUQ1uSmB0fEHeowtN3COYRsXr/xexn64NpU13P06jc/L5TgiJXOgrbEg== + dependencies: + "@babel/helper-define-polyfill-provider" "^0.6.5" + +bail@^2.0.0: + version "2.0.2" + resolved "https://registry.yarnpkg.com/bail/-/bail-2.0.2.tgz#d26f5cd8fe5d6f832a31517b9f7c356040ba6d5d" + integrity sha512-0xO6mYd7JB2YesxDKplafRpsiOzPt9V02ddPCLbY1xYGPOX24NTyN50qnUxgCPcSoYMhKpAuBTjQoRZCAkUDRw== + +balanced-match@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz#e83e3a7e3f300b34cb9d87f615fa0cbf357690ee" + integrity sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw== + +batch@0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/batch/-/batch-0.6.1.tgz#dc34314f4e679318093fc760272525f94bf25c16" + integrity sha512-x+VAiMRL6UPkx+kudNvxTl6hB2XNNCG2r+7wixVfIYwu/2HKRXimwQyaumLjMveWvT2Hkd/cAJw+QBMfJ/EKVw== + +big.js@^5.2.2: + version "5.2.2" + resolved "https://registry.yarnpkg.com/big.js/-/big.js-5.2.2.tgz#65f0af382f578bcdc742bd9c281e9cb2d7768328" + integrity sha512-vyL2OymJxmarO8gxMr0mhChsO9QGwhynfuu4+MHTAW6czfq9humCB7rKpUjDd9YUiDPU4mzpyupFSvOClAwbmQ== + +binary-extensions@^2.0.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.3.0.tgz#f6e14a97858d327252200242d4ccfe522c445522" + integrity sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw== + +body-parser@1.20.3: + version "1.20.3" + resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.3.tgz#1953431221c6fb5cd63c4b36d53fab0928e548c6" + integrity sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g== + dependencies: + bytes "3.1.2" + content-type "~1.0.5" + debug "2.6.9" + depd "2.0.0" + destroy "1.2.0" + http-errors "2.0.0" + iconv-lite "0.4.24" + on-finished "2.4.1" + qs "6.13.0" + raw-body "2.5.2" + type-is "~1.6.18" + unpipe "1.0.0" + +bonjour-service@^1.0.11: + version "1.3.0" + resolved "https://registry.yarnpkg.com/bonjour-service/-/bonjour-service-1.3.0.tgz#80d867430b5a0da64e82a8047fc1e355bdb71722" + integrity sha512-3YuAUiSkWykd+2Azjgyxei8OWf8thdn8AITIog2M4UICzoqfjlqr64WIjEXZllf/W6vK1goqleSR6brGomxQqA== + dependencies: + fast-deep-equal "^3.1.3" + multicast-dns "^7.2.5" + +boolbase@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/boolbase/-/boolbase-1.0.0.tgz#68dff5fbe60c51eb37725ea9e3ed310dcc1e776e" + integrity sha512-JZOSA7Mo9sNGB8+UjSgzdLtokWAky1zbztM3WRLCbZ70/3cTANmQmOdR7y2g+J0e2WXywy1yS468tY+IruqEww== + +boxen@^6.2.1: + version "6.2.1" + resolved "https://registry.yarnpkg.com/boxen/-/boxen-6.2.1.tgz#b098a2278b2cd2845deef2dff2efc38d329b434d" + integrity sha512-H4PEsJXfFI/Pt8sjDWbHlQPx4zL/bvSQjcilJmaulGt5mLDorHOHpmdXAJcBcmru7PhYSp/cDMWRko4ZUMFkSw== + dependencies: + ansi-align "^3.0.1" + camelcase "^6.2.0" + chalk "^4.1.2" + cli-boxes "^3.0.0" + string-width "^5.0.1" + type-fest "^2.5.0" + widest-line "^4.0.1" + wrap-ansi "^8.0.1" + +boxen@^7.0.0: + version "7.1.1" + resolved "https://registry.yarnpkg.com/boxen/-/boxen-7.1.1.tgz#f9ba525413c2fec9cdb88987d835c4f7cad9c8f4" + integrity sha512-2hCgjEmP8YLWQ130n2FerGv7rYpfBmnmp9Uy2Le1vge6X3gZIfSmEzP5QTDElFxcvVcXlEn8Aq6MU/PZygIOog== + dependencies: + ansi-align "^3.0.1" + camelcase "^7.0.1" + chalk "^5.2.0" + cli-boxes "^3.0.0" + string-width "^5.1.2" + type-fest "^2.13.0" + widest-line "^4.0.1" + wrap-ansi "^8.1.0" + +brace-expansion@^1.1.7: + version "1.1.12" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.12.tgz#ab9b454466e5a8cc3a187beaad580412a9c5b843" + integrity sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg== + dependencies: + balanced-match "^1.0.0" + concat-map "0.0.1" + +braces@^3.0.3, braces@~3.0.2: + version "3.0.3" + resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789" + integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA== + dependencies: + fill-range "^7.1.1" + +browserslist@^4.0.0, browserslist@^4.23.0, browserslist@^4.24.0, browserslist@^4.24.4, browserslist@^4.25.1, browserslist@^4.25.3: + version "4.25.4" + resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.25.4.tgz#ebdd0e1d1cf3911834bab3a6cd7b917d9babf5af" + integrity sha512-4jYpcjabC606xJ3kw2QwGEZKX0Aw7sgQdZCvIK9dhVSPh76BKo+C+btT1RRofH7B+8iNpEbgGNVWiLki5q93yg== + dependencies: + caniuse-lite "^1.0.30001737" + electron-to-chromium "^1.5.211" + node-releases "^2.0.19" + update-browserslist-db "^1.1.3" + +buffer-from@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.2.tgz#2b146a6fd72e80b4f55d255f35ed59a3a9a41bd5" + integrity sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ== + +bytes@3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.0.0.tgz#d32815404d689699f85a4ea4fa8755dd13a96048" + integrity sha512-pMhOfFDPiv9t5jjIXkHosWmkSyQbvsgEVNkz0ERHbuLh2T/7j4Mqqpz523Fe8MVY89KC6Sh/QfS2sM+SjgFDcw== + +bytes@3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.2.tgz#8b0beeb98605adf1b128fa4386403c009e0221a5" + integrity sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg== + +cacheable-lookup@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/cacheable-lookup/-/cacheable-lookup-7.0.0.tgz#3476a8215d046e5a3202a9209dd13fec1f933a27" + integrity sha512-+qJyx4xiKra8mZrcwhjMRMUhD5NR1R8esPkzIYxX96JiecFoxAXFuz/GpR3+ev4PE1WamHip78wV0vcmPQtp8w== + +cacheable-request@^10.2.8: + version "10.2.14" + resolved "https://registry.yarnpkg.com/cacheable-request/-/cacheable-request-10.2.14.tgz#eb915b665fda41b79652782df3f553449c406b9d" + integrity sha512-zkDT5WAF4hSSoUgyfg5tFIxz8XQK+25W/TLVojJTMKBaxevLBBtLxgqguAuVQB8PVW79FVjHcU+GJ9tVbDZ9mQ== + dependencies: + "@types/http-cache-semantics" "^4.0.2" + get-stream "^6.0.1" + http-cache-semantics "^4.1.1" + keyv "^4.5.3" + mimic-response "^4.0.0" + normalize-url "^8.0.0" + responselike "^3.0.0" + +call-bind-apply-helpers@^1.0.0, call-bind-apply-helpers@^1.0.1, call-bind-apply-helpers@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz#4b5428c222be985d79c3d82657479dbe0b59b2d6" + integrity sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ== + dependencies: + es-errors "^1.3.0" + function-bind "^1.1.2" + +call-bind@^1.0.8: + version "1.0.8" + resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.8.tgz#0736a9660f537e3388826f440d5ec45f744eaa4c" + integrity sha512-oKlSFMcMwpUg2ednkhQ454wfWiU/ul3CkJe/PEHcTKuiX6RpbehUiFMXu13HalGZxfUwCQzZG747YXBn1im9ww== + dependencies: + call-bind-apply-helpers "^1.0.0" + es-define-property "^1.0.0" + get-intrinsic "^1.2.4" + set-function-length "^1.2.2" + +call-bound@^1.0.2, call-bound@^1.0.3: + version "1.0.4" + resolved "https://registry.yarnpkg.com/call-bound/-/call-bound-1.0.4.tgz#238de935d2a2a692928c538c7ccfa91067fd062a" + integrity sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg== + dependencies: + call-bind-apply-helpers "^1.0.2" + get-intrinsic "^1.3.0" + +callsites@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/callsites/-/callsites-3.1.0.tgz#b3630abd8943432f54b3f0519238e33cd7df2f73" + integrity sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ== + +camel-case@^4.1.2: + version "4.1.2" + resolved "https://registry.yarnpkg.com/camel-case/-/camel-case-4.1.2.tgz#9728072a954f805228225a6deea6b38461e1bd5a" + integrity sha512-gxGWBrTT1JuMx6R+o5PTXMmUnhnVzLQ9SNutD4YqKtI6ap897t3tKECYla6gCWEkplXnlNybEkZg9GEGxKFCgw== + dependencies: + pascal-case "^3.1.2" + tslib "^2.0.3" + +camelcase@^6.2.0: + version "6.3.0" + resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.3.0.tgz#5685b95eb209ac9c0c177467778c9c84df58ba9a" + integrity sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA== + +camelcase@^7.0.1: + version "7.0.1" + resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-7.0.1.tgz#f02e50af9fd7782bc8b88a3558c32fd3a388f048" + integrity sha512-xlx1yCK2Oc1APsPXDL2LdlNP6+uu8OCDdhOBSVT279M/S+y75O30C2VuD8T2ogdePBBl7PfPF4504tnLgX3zfw== + +caniuse-api@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/caniuse-api/-/caniuse-api-3.0.0.tgz#5e4d90e2274961d46291997df599e3ed008ee4c0" + integrity sha512-bsTwuIg/BZZK/vreVTYYbSWoe2F+71P7K5QGEX+pT250DZbfU1MQ5prOKpPR+LL6uWKK3KMwMCAS74QB3Um1uw== + dependencies: + browserslist "^4.0.0" + caniuse-lite "^1.0.0" + lodash.memoize "^4.1.2" + lodash.uniq "^4.5.0" + +caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001702, caniuse-lite@^1.0.30001737: + version "1.0.30001739" + resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001739.tgz#b34ce2d56bfc22f4352b2af0144102d623a124f4" + integrity sha512-y+j60d6ulelrNSwpPyrHdl+9mJnQzHBr08xm48Qno0nSk4h3Qojh+ziv2qE6rXf4k3tadF4o1J/1tAbVm1NtnA== + +ccount@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/ccount/-/ccount-2.0.1.tgz#17a3bf82302e0870d6da43a01311a8bc02a3ecf5" + integrity sha512-eyrF0jiFpY+3drT6383f1qhkbGsLSifNAjA61IUjZjmLCWjItY6LB9ft9YhoDgwfmclB2zhu51Lc7+95b8NRAg== + +chalk@^4.0.0, chalk@^4.1.2: + version "4.1.2" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.2.tgz#aac4e2b7734a740867aeb16bf02aad556a1e7a01" + integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA== + dependencies: + ansi-styles "^4.1.0" + supports-color "^7.1.0" + +chalk@^5.0.1, chalk@^5.2.0: + version "5.6.0" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-5.6.0.tgz#a1a8d294ea3526dbb77660f12649a08490e33ab8" + integrity sha512-46QrSQFyVSEyYAgQ22hQ+zDa60YHA4fBstHmtSApj1Y5vKtG27fWowW03jCk5KcbXEWPZUIR894aARCA/G1kfQ== + +char-regex@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/char-regex/-/char-regex-1.0.2.tgz#d744358226217f981ed58f479b1d6bcc29545dcf" + integrity sha512-kWWXztvZ5SBQV+eRgKFeh8q5sLuZY2+8WUIzlxWVTg+oGwY14qylx1KbKzHd8P6ZYkAg0xyIDU9JMHhyJMZ1jw== + +character-entities-html4@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/character-entities-html4/-/character-entities-html4-2.1.0.tgz#1f1adb940c971a4b22ba39ddca6b618dc6e56b2b" + integrity sha512-1v7fgQRj6hnSwFpq1Eu0ynr/CDEw0rXo2B61qXrLNdHZmPKgb7fqS1a2JwF0rISo9q77jDI8VMEHoApn8qDoZA== + +character-entities-legacy@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/character-entities-legacy/-/character-entities-legacy-3.0.0.tgz#76bc83a90738901d7bc223a9e93759fdd560125b" + integrity sha512-RpPp0asT/6ufRm//AJVwpViZbGM/MkjQFxJccQRHmISF/22NBtsHqAWmL+/pmkPWoIUJdWyeVleTl1wydHATVQ== + +character-entities@^2.0.0: + version "2.0.2" + resolved "https://registry.yarnpkg.com/character-entities/-/character-entities-2.0.2.tgz#2d09c2e72cd9523076ccb21157dff66ad43fcc22" + integrity sha512-shx7oQ0Awen/BRIdkjkvz54PnEEI/EjwXDSIZp86/KKdbafHh1Df/RYGBhn4hbe2+uKC9FnT5UCEdyPz3ai9hQ== + +character-reference-invalid@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/character-reference-invalid/-/character-reference-invalid-2.0.1.tgz#85c66b041e43b47210faf401278abf808ac45cb9" + integrity sha512-iBZ4F4wRbyORVsu0jPV7gXkOsGYjGHPmAyv+HiHG8gi5PtC9KI2j1+v8/tlibRvjoWX027ypmG/n0HtO5t7unw== + +cheerio-select@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/cheerio-select/-/cheerio-select-2.1.0.tgz#4d8673286b8126ca2a8e42740d5e3c4884ae21b4" + integrity sha512-9v9kG0LvzrlcungtnJtpGNxY+fzECQKhK4EGJX2vByejiMX84MFNQw4UxPJl3bFbTMw+Dfs37XaIkCwTZfLh4g== + dependencies: + boolbase "^1.0.0" + css-select "^5.1.0" + css-what "^6.1.0" + domelementtype "^2.3.0" + domhandler "^5.0.3" + domutils "^3.0.1" + +cheerio@1.0.0-rc.12: + version "1.0.0-rc.12" + resolved "https://registry.yarnpkg.com/cheerio/-/cheerio-1.0.0-rc.12.tgz#788bf7466506b1c6bf5fae51d24a2c4d62e47683" + integrity sha512-VqR8m68vM46BNnuZ5NtnGBKIE/DfN0cRIzg9n40EIq9NOv90ayxLBXA8fXC5gquFRGJSTRqBq25Jt2ECLR431Q== + dependencies: + cheerio-select "^2.1.0" + dom-serializer "^2.0.0" + domhandler "^5.0.3" + domutils "^3.0.1" + htmlparser2 "^8.0.1" + parse5 "^7.0.0" + parse5-htmlparser2-tree-adapter "^7.0.0" + +chokidar@^3.5.3: + version "3.6.0" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.6.0.tgz#197c6cc669ef2a8dc5e7b4d97ee4e092c3eb0d5b" + integrity sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw== + dependencies: + anymatch "~3.1.2" + braces "~3.0.2" + glob-parent "~5.1.2" + is-binary-path "~2.1.0" + is-glob "~4.0.1" + normalize-path "~3.0.0" + readdirp "~3.6.0" + optionalDependencies: + fsevents "~2.3.2" + +chrome-trace-event@^1.0.2: + version "1.0.4" + resolved "https://registry.yarnpkg.com/chrome-trace-event/-/chrome-trace-event-1.0.4.tgz#05bffd7ff928465093314708c93bdfa9bd1f0f5b" + integrity sha512-rNjApaLzuwaOTjCiT8lSDdGN1APCiqkChLMJxJPWLunPAt5fy8xgU9/jNOchV84wfIxrA0lRQB7oCT8jrn/wrQ== + +ci-info@^3.2.0: + version "3.9.0" + resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-3.9.0.tgz#4279a62028a7b1f262f3473fc9605f5e218c59b4" + integrity sha512-NIxF55hv4nSqQswkAeiOi1r83xy8JldOFDTWiug55KBu9Jnblncd2U6ViHmYgHf01TPZS77NJBhBMKdWj9HQMQ== + +clean-css@^5.2.2, clean-css@^5.3.3, clean-css@~5.3.2: + version "5.3.3" + resolved "https://registry.yarnpkg.com/clean-css/-/clean-css-5.3.3.tgz#b330653cd3bd6b75009cc25c714cae7b93351ccd" + integrity sha512-D5J+kHaVb/wKSFcyyV75uCn8fiY4sV38XJoe4CUyGQ+mOU/fMVYUdH1hJC+CJQ5uY3EnW27SbJYS4X8BiLrAFg== + dependencies: + source-map "~0.6.0" + +clean-stack@^2.0.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/clean-stack/-/clean-stack-2.2.0.tgz#ee8472dbb129e727b31e8a10a427dee9dfe4008b" + integrity sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A== + +cli-boxes@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/cli-boxes/-/cli-boxes-3.0.0.tgz#71a10c716feeba005e4504f36329ef0b17cf3145" + integrity sha512-/lzGpEWL/8PfI0BmBOPRwp0c/wFNX1RdUML3jK/RcSBA9T8mZDdQpqYBKtCFTOfQbwPqWEOpjqW+Fnayc0969g== + +cli-table3@^0.6.3: + version "0.6.5" + resolved "https://registry.yarnpkg.com/cli-table3/-/cli-table3-0.6.5.tgz#013b91351762739c16a9567c21a04632e449bf2f" + integrity sha512-+W/5efTR7y5HRD7gACw9yQjqMVvEMLBHmboM/kPWam+H+Hmyrgjh6YncVKK122YZkXrLudzTuAukUw9FnMf7IQ== + dependencies: + string-width "^4.2.0" + optionalDependencies: + "@colors/colors" "1.5.0" + +clipboard@^2.0.11: + version "2.0.11" + resolved "https://registry.yarnpkg.com/clipboard/-/clipboard-2.0.11.tgz#62180360b97dd668b6b3a84ec226975762a70be5" + integrity sha512-C+0bbOqkezLIsmWSvlsXS0Q0bmkugu7jcfMIACB+RDEntIzQIkdr148we28AfSloQLRdZlYL/QYyrq05j/3Faw== + dependencies: + good-listener "^1.2.2" + select "^1.1.2" + tiny-emitter "^2.0.0" + +clone-deep@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/clone-deep/-/clone-deep-4.0.1.tgz#c19fd9bdbbf85942b4fd979c84dcf7d5f07c2387" + integrity sha512-neHB9xuzh/wk0dIHweyAXv2aPGZIVk3pLMe+/RNzINf17fe0OG96QroktYAUm7SM1PBnzTabaLboqqxDyMU+SQ== + dependencies: + is-plain-object "^2.0.4" + kind-of "^6.0.2" + shallow-clone "^3.0.0" + +clsx@^2.0.0, clsx@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/clsx/-/clsx-2.1.1.tgz#eed397c9fd8bd882bfb18deab7102049a2f32999" + integrity sha512-eYm0QWBtUrBWZWG0d386OGAw16Z995PiOVo2B7bjWSbHedGl5e0ZWaq65kOGgUSNesEIDkB9ISbTg/JK9dhCZA== + +collapse-white-space@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/collapse-white-space/-/collapse-white-space-2.1.0.tgz#640257174f9f42c740b40f3b55ee752924feefca" + integrity sha512-loKTxY1zCOuG4j9f6EPnuyyYkf58RnhhWTvRoZEokgB+WbdXehfjFviyOVYkqzEWz1Q5kRiZdBYS5SwxbQYwzw== + +color-convert@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-2.0.1.tgz#72d3a68d598c9bdb3af2ad1e84f21d896abd4de3" + integrity sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ== + dependencies: + color-name "~1.1.4" + +color-name@~1.1.4: + version "1.1.4" + resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.4.tgz#c2a09a87acbde69543de6f63fa3995c826c536a2" + integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA== + +colord@^2.9.3: + version "2.9.3" + resolved "https://registry.yarnpkg.com/colord/-/colord-2.9.3.tgz#4f8ce919de456f1d5c1c368c307fe20f3e59fb43" + integrity sha512-jeC1axXpnb0/2nn/Y1LPuLdgXBLH7aDcHu4KEKfqw3CUhX7ZpfBSlPKyqXE6btIgEzfWtrX3/tyBCaCvXvMkOw== + +colorette@^2.0.10: + version "2.0.20" + resolved "https://registry.yarnpkg.com/colorette/-/colorette-2.0.20.tgz#9eb793e6833067f7235902fcd3b09917a000a95a" + integrity sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w== + +combine-promises@^1.1.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/combine-promises/-/combine-promises-1.2.0.tgz#5f2e68451862acf85761ded4d9e2af7769c2ca6a" + integrity sha512-VcQB1ziGD0NXrhKxiwyNbCDmRzs/OShMs2GqW2DlU2A/Sd0nQxE1oWDAE5O0ygSx5mgQOn9eIFh7yKPgFRVkPQ== + +comma-separated-tokens@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/comma-separated-tokens/-/comma-separated-tokens-2.0.3.tgz#4e89c9458acb61bc8fef19f4529973b2392839ee" + integrity sha512-Fu4hJdvzeylCfQPp9SGWidpzrMs7tTrlu6Vb8XGaRGck8QSNZJJp538Wrb60Lax4fPwR64ViY468OIUTbRlGZg== + +commander@^10.0.0: + version "10.0.1" + resolved "https://registry.yarnpkg.com/commander/-/commander-10.0.1.tgz#881ee46b4f77d1c1dccc5823433aa39b022cbe06" + integrity sha512-y4Mg2tXshplEbSGzx7amzPwKKOCGuoSRP/CjEdwwk0FOGlUbq6lKuoyDZTNZkmxHdJtp54hdfY/JUrdL7Xfdug== + +commander@^2.20.0: + version "2.20.3" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.20.3.tgz#fd485e84c03eb4881c20722ba48035e8531aeb33" + integrity sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ== + +commander@^5.1.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-5.1.0.tgz#46abbd1652f8e059bddaef99bbdcb2ad9cf179ae" + integrity sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg== + +commander@^7.2.0: + version "7.2.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-7.2.0.tgz#a36cb57d0b501ce108e4d20559a150a391d97ab7" + integrity sha512-QrWXB+ZQSVPmIWIhtEO9H+gwHaMGYiF5ChvoJ+K9ZGHG/sVsa6yiesAD1GC/x46sET00Xlwo1u49RVVVzvcSkw== + +commander@^8.3.0: + version "8.3.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-8.3.0.tgz#4837ea1b2da67b9c616a67afbb0fafee567bca66" + integrity sha512-OkTL9umf+He2DZkUq8f8J9of7yL6RJKI24dVITBmNfZBmri9zYZQrKkuXiKhyfPSu8tUhnVBB1iKXevvnlR4Ww== + +common-path-prefix@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/common-path-prefix/-/common-path-prefix-3.0.0.tgz#7d007a7e07c58c4b4d5f433131a19141b29f11e0" + integrity sha512-QE33hToZseCH3jS0qN96O/bSh3kaw/h+Tq7ngyY9eWDUnTlTNUyqfqvCXioLe5Na5jFsL78ra/wuBU4iuEgd4w== + +compressible@~2.0.18: + version "2.0.18" + resolved "https://registry.yarnpkg.com/compressible/-/compressible-2.0.18.tgz#af53cca6b070d4c3c0750fbd77286a6d7cc46fba" + integrity sha512-AF3r7P5dWxL8MxyITRMlORQNaOA2IkAFaTr4k7BUumjPtRpGDTZpl0Pb1XCO6JeDCBdp126Cgs9sMxqSjgYyRg== + dependencies: + mime-db ">= 1.43.0 < 2" + +compression@^1.7.4: + version "1.8.1" + resolved "https://registry.yarnpkg.com/compression/-/compression-1.8.1.tgz#4a45d909ac16509195a9a28bd91094889c180d79" + integrity sha512-9mAqGPHLakhCLeNyxPkK4xVo746zQ/czLH1Ky+vkitMnWfWZps8r0qXuwhwizagCRttsL4lfG4pIOvaWLpAP0w== + dependencies: + bytes "3.1.2" + compressible "~2.0.18" + debug "2.6.9" + negotiator "~0.6.4" + on-headers "~1.1.0" + safe-buffer "5.2.1" + vary "~1.1.2" + +concat-map@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" + integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg== + +config-chain@^1.1.11: + version "1.1.13" + resolved "https://registry.yarnpkg.com/config-chain/-/config-chain-1.1.13.tgz#fad0795aa6a6cdaff9ed1b68e9dff94372c232f4" + integrity sha512-qj+f8APARXHrM0hraqXYb2/bOVSV4PvJQlNZ/DVj0QrmNM2q2euizkeuVckQ57J+W0mRH6Hvi+k50M4Jul2VRQ== + dependencies: + ini "^1.3.4" + proto-list "~1.2.1" + +configstore@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/configstore/-/configstore-6.0.0.tgz#49eca2ebc80983f77e09394a1a56e0aca8235566" + integrity sha512-cD31W1v3GqUlQvbBCGcXmd2Nj9SvLDOP1oQ0YFuLETufzSPaKp11rYBsSOm7rCsW3OnIRAFM3OxRhceaXNYHkA== + dependencies: + dot-prop "^6.0.1" + graceful-fs "^4.2.6" + unique-string "^3.0.0" + write-file-atomic "^3.0.3" + xdg-basedir "^5.0.1" + +connect-history-api-fallback@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/connect-history-api-fallback/-/connect-history-api-fallback-2.0.0.tgz#647264845251a0daf25b97ce87834cace0f5f1c8" + integrity sha512-U73+6lQFmfiNPrYbXqr6kZ1i1wiRqXnp2nhMsINseWXO8lDau0LGEffJ8kQi4EjLZympVgRdvqjAgiZ1tgzDDA== + +consola@^3.2.3: + version "3.4.2" + resolved "https://registry.yarnpkg.com/consola/-/consola-3.4.2.tgz#5af110145397bb67afdab77013fdc34cae590ea7" + integrity sha512-5IKcdX0nnYavi6G7TtOhwkYzyjfJlatbjMjuLSfE2kYT5pMDOilZ4OvMhi637CcDICTmz3wARPoyhqyX1Y+XvA== + +content-disposition@0.5.2: + version "0.5.2" + resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.2.tgz#0cf68bb9ddf5f2be7961c3a85178cb85dba78cb4" + integrity sha512-kRGRZw3bLlFISDBgwTSA1TMBFN6J6GWDeubmDE3AF+3+yXL8hTWv8r5rkLbqYXY4RjPk/EzHnClI3zQf1cFmHA== + +content-disposition@0.5.4: + version "0.5.4" + resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.4.tgz#8b82b4efac82512a02bb0b1dcec9d2c5e8eb5bfe" + integrity sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ== + dependencies: + safe-buffer "5.2.1" + +content-type@~1.0.4, content-type@~1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.5.tgz#8b773162656d1d1086784c8f23a54ce6d73d7918" + integrity sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA== + +convert-source-map@^1.5.0: + version "1.9.0" + resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.9.0.tgz#7faae62353fb4213366d0ca98358d22e8368b05f" + integrity sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A== + +convert-source-map@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-2.0.0.tgz#4b560f649fc4e918dd0ab75cf4961e8bc882d82a" + integrity sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg== + +cookie-signature@1.0.6: + version "1.0.6" + resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" + integrity sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ== + +cookie@0.7.1: + version "0.7.1" + resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.7.1.tgz#2f73c42142d5d5cf71310a74fc4ae61670e5dbc9" + integrity sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w== + +copy-text-to-clipboard@^3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/copy-text-to-clipboard/-/copy-text-to-clipboard-3.2.0.tgz#0202b2d9bdae30a49a53f898626dcc3b49ad960b" + integrity sha512-RnJFp1XR/LOBDckxTib5Qjr/PMfkatD0MUCQgdpqS8MdKiNUzBjAQBEN6oUy+jW7LI93BBG3DtMB2KOOKpGs2Q== + +copy-webpack-plugin@^11.0.0: + version "11.0.0" + resolved "https://registry.yarnpkg.com/copy-webpack-plugin/-/copy-webpack-plugin-11.0.0.tgz#96d4dbdb5f73d02dd72d0528d1958721ab72e04a" + integrity sha512-fX2MWpamkW0hZxMEg0+mYnA40LTosOSa5TqZ9GYIBzyJa9C3QUaMPSE2xAi/buNr8u89SfD9wHSQVBzrRa/SOQ== + dependencies: + fast-glob "^3.2.11" + glob-parent "^6.0.1" + globby "^13.1.1" + normalize-path "^3.0.0" + schema-utils "^4.0.0" + serialize-javascript "^6.0.0" + +core-js-compat@^3.43.0: + version "3.45.1" + resolved "https://registry.yarnpkg.com/core-js-compat/-/core-js-compat-3.45.1.tgz#424f3f4af30bf676fd1b67a579465104f64e9c7a" + integrity sha512-tqTt5T4PzsMIZ430XGviK4vzYSoeNJ6CXODi6c/voxOT6IZqBht5/EKaSNnYiEjjRYxjVz7DQIsOsY0XNi8PIA== + dependencies: + browserslist "^4.25.3" + +core-js-pure@^3.43.0: + version "3.45.1" + resolved "https://registry.yarnpkg.com/core-js-pure/-/core-js-pure-3.45.1.tgz#b129d86a5f7f8380378577c7eaee83608570a05a" + integrity sha512-OHnWFKgTUshEU8MK+lOs1H8kC8GkTi9Z1tvNkxrCcw9wl3MJIO7q2ld77wjWn4/xuGrVu2X+nME1iIIPBSdyEQ== + +core-js@^3.31.1: + version "3.45.1" + resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.45.1.tgz#5810e04a1b4e9bc5ddaa4dd12e702ff67300634d" + integrity sha512-L4NPsJlCfZsPeXukyzHFlg/i7IIVwHSItR0wg0FLNqYClJ4MQYTYLbC7EkjKYRLZF2iof2MUgN0EGy7MdQFChg== + +core-util-is@~1.0.0: + version "1.0.3" + resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.3.tgz#a6042d3634c2b27e9328f837b965fac83808db85" + integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ== + +cosmiconfig@^7.0.0: + version "7.1.0" + resolved "https://registry.yarnpkg.com/cosmiconfig/-/cosmiconfig-7.1.0.tgz#1443b9afa596b670082ea46cbd8f6a62b84635f6" + integrity sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA== + dependencies: + "@types/parse-json" "^4.0.0" + import-fresh "^3.2.1" + parse-json "^5.0.0" + path-type "^4.0.0" + yaml "^1.10.0" + +cosmiconfig@^8.1.3, cosmiconfig@^8.3.5: + version "8.3.6" + resolved "https://registry.yarnpkg.com/cosmiconfig/-/cosmiconfig-8.3.6.tgz#060a2b871d66dba6c8538ea1118ba1ac16f5fae3" + integrity sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA== + dependencies: + import-fresh "^3.3.0" + js-yaml "^4.1.0" + parse-json "^5.2.0" + path-type "^4.0.0" + +cross-spawn@^7.0.3: + version "7.0.6" + resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.6.tgz#8a58fe78f00dcd70c370451759dfbfaf03e8ee9f" + integrity sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA== + dependencies: + path-key "^3.1.0" + shebang-command "^2.0.0" + which "^2.0.1" + +crypto-random-string@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/crypto-random-string/-/crypto-random-string-4.0.0.tgz#5a3cc53d7dd86183df5da0312816ceeeb5bb1fc2" + integrity sha512-x8dy3RnvYdlUcPOjkEHqozhiwzKNSq7GcPuXFbnyMOCHxX8V3OgIg/pYuabl2sbUPfIJaeAQB7PMOK8DFIdoRA== + dependencies: + type-fest "^1.0.1" + +css-blank-pseudo@^7.0.1: + version "7.0.1" + resolved "https://registry.yarnpkg.com/css-blank-pseudo/-/css-blank-pseudo-7.0.1.tgz#32020bff20a209a53ad71b8675852b49e8d57e46" + integrity sha512-jf+twWGDf6LDoXDUode+nc7ZlrqfaNphrBIBrcmeP3D8yw1uPaix1gCC8LUQUGQ6CycuK2opkbFFWFuq/a94ag== + dependencies: + postcss-selector-parser "^7.0.0" + +css-declaration-sorter@^7.2.0: + version "7.2.0" + resolved "https://registry.yarnpkg.com/css-declaration-sorter/-/css-declaration-sorter-7.2.0.tgz#6dec1c9523bc4a643e088aab8f09e67a54961024" + integrity sha512-h70rUM+3PNFuaBDTLe8wF/cdWu+dOZmb7pJt8Z2sedYbAcQVQV/tEchueg3GWxwqS0cxtbxmaHEdkNACqcvsow== + +css-has-pseudo@^7.0.3: + version "7.0.3" + resolved "https://registry.yarnpkg.com/css-has-pseudo/-/css-has-pseudo-7.0.3.tgz#a5ee2daf5f70a2032f3cefdf1e36e7f52a243873" + integrity sha512-oG+vKuGyqe/xvEMoxAQrhi7uY16deJR3i7wwhBerVrGQKSqUC5GiOVxTpM9F9B9hw0J+eKeOWLH7E9gZ1Dr5rA== + dependencies: + "@csstools/selector-specificity" "^5.0.0" + postcss-selector-parser "^7.0.0" + postcss-value-parser "^4.2.0" + +css-loader@^6.11.0: + version "6.11.0" + resolved "https://registry.yarnpkg.com/css-loader/-/css-loader-6.11.0.tgz#33bae3bf6363d0a7c2cf9031c96c744ff54d85ba" + integrity sha512-CTJ+AEQJjq5NzLga5pE39qdiSV56F8ywCIsqNIRF0r7BDgWsN25aazToqAFg7ZrtA/U016xudB3ffgweORxX7g== + dependencies: + icss-utils "^5.1.0" + postcss "^8.4.33" + postcss-modules-extract-imports "^3.1.0" + postcss-modules-local-by-default "^4.0.5" + postcss-modules-scope "^3.2.0" + postcss-modules-values "^4.0.0" + postcss-value-parser "^4.2.0" + semver "^7.5.4" + +css-minimizer-webpack-plugin@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/css-minimizer-webpack-plugin/-/css-minimizer-webpack-plugin-5.0.1.tgz#33effe662edb1a0bf08ad633c32fa75d0f7ec565" + integrity sha512-3caImjKFQkS+ws1TGcFn0V1HyDJFq1Euy589JlD6/3rV2kj+w7r5G9WDMgSHvpvXHNZ2calVypZWuEDQd9wfLg== + dependencies: + "@jridgewell/trace-mapping" "^0.3.18" + cssnano "^6.0.1" + jest-worker "^29.4.3" + postcss "^8.4.24" + schema-utils "^4.0.1" + serialize-javascript "^6.0.1" + +css-prefers-color-scheme@^10.0.0: + version "10.0.0" + resolved "https://registry.yarnpkg.com/css-prefers-color-scheme/-/css-prefers-color-scheme-10.0.0.tgz#ba001b99b8105b8896ca26fc38309ddb2278bd3c" + integrity sha512-VCtXZAWivRglTZditUfB4StnsWr6YVZ2PRtuxQLKTNRdtAf8tpzaVPE9zXIF3VaSc7O70iK/j1+NXxyQCqdPjQ== + +css-select@^4.1.3: + version "4.3.0" + resolved "https://registry.yarnpkg.com/css-select/-/css-select-4.3.0.tgz#db7129b2846662fd8628cfc496abb2b59e41529b" + integrity sha512-wPpOYtnsVontu2mODhA19JrqWxNsfdatRKd64kmpRbQgh1KtItko5sTnEpPdpSaJszTOhEMlF/RPz28qj4HqhQ== + dependencies: + boolbase "^1.0.0" + css-what "^6.0.1" + domhandler "^4.3.1" + domutils "^2.8.0" + nth-check "^2.0.1" + +css-select@^5.1.0: + version "5.2.2" + resolved "https://registry.yarnpkg.com/css-select/-/css-select-5.2.2.tgz#01b6e8d163637bb2dd6c982ca4ed65863682786e" + integrity sha512-TizTzUddG/xYLA3NXodFM0fSbNizXjOKhqiQQwvhlspadZokn1KDy0NZFS0wuEubIYAV5/c1/lAr0TaaFXEXzw== + dependencies: + boolbase "^1.0.0" + css-what "^6.1.0" + domhandler "^5.0.2" + domutils "^3.0.1" + nth-check "^2.0.1" + +css-tree@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/css-tree/-/css-tree-2.3.1.tgz#10264ce1e5442e8572fc82fbe490644ff54b5c20" + integrity sha512-6Fv1DV/TYw//QF5IzQdqsNDjx/wc8TrMBZsqjL9eW01tWb7R7k/mq+/VXfJCl7SoD5emsJop9cOByJZfs8hYIw== + dependencies: + mdn-data "2.0.30" + source-map-js "^1.0.1" + +css-tree@~2.2.0: + version "2.2.1" + resolved "https://registry.yarnpkg.com/css-tree/-/css-tree-2.2.1.tgz#36115d382d60afd271e377f9c5f67d02bd48c032" + integrity sha512-OA0mILzGc1kCOCSJerOeqDxDQ4HOh+G8NbOJFOTgOCzpw7fCBubk0fEyxp8AgOL/jvLgYA/uV0cMbe43ElF1JA== + dependencies: + mdn-data "2.0.28" + source-map-js "^1.0.1" + +css-what@^6.0.1, css-what@^6.1.0: + version "6.2.2" + resolved "https://registry.yarnpkg.com/css-what/-/css-what-6.2.2.tgz#cdcc8f9b6977719fdfbd1de7aec24abf756b9dea" + integrity sha512-u/O3vwbptzhMs3L1fQE82ZSLHQQfto5gyZzwteVIEyeaY5Fc7R4dapF/BvRoSYFeqfBk4m0V1Vafq5Pjv25wvA== + +cssdb@^8.4.0: + version "8.4.0" + resolved "https://registry.yarnpkg.com/cssdb/-/cssdb-8.4.0.tgz#232a1aa7751983ed2b40331634902d4c93f0456c" + integrity sha512-lyATYGyvXwQ8h55WeQeEHXhI+47rl52pXSYkFK/ZrCbAJSgVIaPFjYc3RM8TpRHKk7W3wsAZImmLps+P5VyN9g== + +cssesc@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/cssesc/-/cssesc-3.0.0.tgz#37741919903b868565e1c09ea747445cd18983ee" + integrity sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg== + +cssnano-preset-advanced@^6.1.2: + version "6.1.2" + resolved "https://registry.yarnpkg.com/cssnano-preset-advanced/-/cssnano-preset-advanced-6.1.2.tgz#82b090872b8f98c471f681d541c735acf8b94d3f" + integrity sha512-Nhao7eD8ph2DoHolEzQs5CfRpiEP0xa1HBdnFZ82kvqdmbwVBUr2r1QuQ4t1pi+D1ZpqpcO4T+wy/7RxzJ/WPQ== + dependencies: + autoprefixer "^10.4.19" + browserslist "^4.23.0" + cssnano-preset-default "^6.1.2" + postcss-discard-unused "^6.0.5" + postcss-merge-idents "^6.0.3" + postcss-reduce-idents "^6.0.3" + postcss-zindex "^6.0.2" + +cssnano-preset-default@^6.1.2: + version "6.1.2" + resolved "https://registry.yarnpkg.com/cssnano-preset-default/-/cssnano-preset-default-6.1.2.tgz#adf4b89b975aa775f2750c89dbaf199bbd9da35e" + integrity sha512-1C0C+eNaeN8OcHQa193aRgYexyJtU8XwbdieEjClw+J9d94E41LwT6ivKH0WT+fYwYWB0Zp3I3IZ7tI/BbUbrg== + dependencies: + browserslist "^4.23.0" + css-declaration-sorter "^7.2.0" + cssnano-utils "^4.0.2" + postcss-calc "^9.0.1" + postcss-colormin "^6.1.0" + postcss-convert-values "^6.1.0" + postcss-discard-comments "^6.0.2" + postcss-discard-duplicates "^6.0.3" + postcss-discard-empty "^6.0.3" + postcss-discard-overridden "^6.0.2" + postcss-merge-longhand "^6.0.5" + postcss-merge-rules "^6.1.1" + postcss-minify-font-values "^6.1.0" + postcss-minify-gradients "^6.0.3" + postcss-minify-params "^6.1.0" + postcss-minify-selectors "^6.0.4" + postcss-normalize-charset "^6.0.2" + postcss-normalize-display-values "^6.0.2" + postcss-normalize-positions "^6.0.2" + postcss-normalize-repeat-style "^6.0.2" + postcss-normalize-string "^6.0.2" + postcss-normalize-timing-functions "^6.0.2" + postcss-normalize-unicode "^6.1.0" + postcss-normalize-url "^6.0.2" + postcss-normalize-whitespace "^6.0.2" + postcss-ordered-values "^6.0.2" + postcss-reduce-initial "^6.1.0" + postcss-reduce-transforms "^6.0.2" + postcss-svgo "^6.0.3" + postcss-unique-selectors "^6.0.4" + +cssnano-utils@^4.0.2: + version "4.0.2" + resolved "https://registry.yarnpkg.com/cssnano-utils/-/cssnano-utils-4.0.2.tgz#56f61c126cd0f11f2eef1596239d730d9fceff3c" + integrity sha512-ZR1jHg+wZ8o4c3zqf1SIUSTIvm/9mU343FMR6Obe/unskbvpGhZOo1J6d/r8D1pzkRQYuwbcH3hToOuoA2G7oQ== + +cssnano@^6.0.1, cssnano@^6.1.2: + version "6.1.2" + resolved "https://registry.yarnpkg.com/cssnano/-/cssnano-6.1.2.tgz#4bd19e505bd37ee7cf0dc902d3d869f6d79c66b8" + integrity sha512-rYk5UeX7VAM/u0lNqewCdasdtPK81CgX8wJFLEIXHbV2oldWRgJAsZrdhRXkV1NJzA2g850KiFm9mMU2HxNxMA== + dependencies: + cssnano-preset-default "^6.1.2" + lilconfig "^3.1.1" + +csso@^5.0.5: + version "5.0.5" + resolved "https://registry.yarnpkg.com/csso/-/csso-5.0.5.tgz#f9b7fe6cc6ac0b7d90781bb16d5e9874303e2ca6" + integrity sha512-0LrrStPOdJj+SPCCrGhzryycLjwcgUSHBtxNA8aIDxf0GLsRh1cKYhB00Gd1lDOS4yGH69+SNn13+TWbVHETFQ== + dependencies: + css-tree "~2.2.0" + +csstype@^3.0.2, csstype@^3.1.3: + version "3.1.3" + resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.3.tgz#d80ff294d114fb0e6ac500fbf85b60137d7eff81" + integrity sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw== + +debounce@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/debounce/-/debounce-1.2.1.tgz#38881d8f4166a5c5848020c11827b834bcb3e0a5" + integrity sha512-XRRe6Glud4rd/ZGQfiV1ruXSfbvfJedlV9Y6zOlP+2K04vBYiJEte6stfFkCP03aMnY5tsipamumUjL14fofug== + +debug@2.6.9: + version "2.6.9" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f" + integrity sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA== + dependencies: + ms "2.0.0" + +debug@4, debug@^4.0.0, debug@^4.1.0, debug@^4.3.1, debug@^4.4.1: + version "4.4.1" + resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.1.tgz#e5a8bc6cbc4c6cd3e64308b0693a3d4fa550189b" + integrity sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ== + dependencies: + ms "^2.1.3" + +decode-named-character-reference@^1.0.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/decode-named-character-reference/-/decode-named-character-reference-1.2.0.tgz#25c32ae6dd5e21889549d40f676030e9514cc0ed" + integrity sha512-c6fcElNV6ShtZXmsgNgFFV5tVX2PaV4g+MOAkb8eXHvn6sryJBrZa9r0zV6+dtTyoCKxtDy5tyQ5ZwQuidtd+Q== + dependencies: + character-entities "^2.0.0" + +decompress-response@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-6.0.0.tgz#ca387612ddb7e104bd16d85aab00d5ecf09c66fc" + integrity sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ== + dependencies: + mimic-response "^3.1.0" + +deep-extend@^0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.6.0.tgz#c4fa7c95404a17a9c3e8ca7e1537312b736330ac" + integrity sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA== + +deepmerge@^4.3.1: + version "4.3.1" + resolved "https://registry.yarnpkg.com/deepmerge/-/deepmerge-4.3.1.tgz#44b5f2147cd3b00d4b56137685966f26fd25dd4a" + integrity sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A== + +default-gateway@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/default-gateway/-/default-gateway-6.0.3.tgz#819494c888053bdb743edbf343d6cdf7f2943a71" + integrity sha512-fwSOJsbbNzZ/CUFpqFBqYfYNLj1NbMPm8MMCIzHjC83iSJRBEGmDUxU+WP661BaBQImeC2yHwXtz+P/O9o+XEg== + dependencies: + execa "^5.0.0" + +defer-to-connect@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/defer-to-connect/-/defer-to-connect-2.0.1.tgz#8016bdb4143e4632b77a3449c6236277de520587" + integrity sha512-4tvttepXG1VaYGrRibk5EwJd1t4udunSOVMdLSAL6mId1ix438oPwPZMALY41FCijukO1L0twNcGsdzS7dHgDg== + +define-data-property@^1.0.1, define-data-property@^1.1.4: + version "1.1.4" + resolved "https://registry.yarnpkg.com/define-data-property/-/define-data-property-1.1.4.tgz#894dc141bb7d3060ae4366f6a0107e68fbe48c5e" + integrity sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A== + dependencies: + es-define-property "^1.0.0" + es-errors "^1.3.0" + gopd "^1.0.1" + +define-lazy-prop@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/define-lazy-prop/-/define-lazy-prop-2.0.0.tgz#3f7ae421129bcaaac9bc74905c98a0009ec9ee7f" + integrity sha512-Ds09qNh8yw3khSjiJjiUInaGX9xlqZDY7JVryGxdxV7NPeuqQfplOpQ66yJFZut3jLa5zOwkXw1g9EI2uKh4Og== + +define-properties@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.2.1.tgz#10781cc616eb951a80a034bafcaa7377f6af2b6c" + integrity sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg== + dependencies: + define-data-property "^1.0.1" + has-property-descriptors "^1.0.0" + object-keys "^1.1.1" + +delegate@^3.1.2: + version "3.2.0" + resolved "https://registry.yarnpkg.com/delegate/-/delegate-3.2.0.tgz#b66b71c3158522e8ab5744f720d8ca0c2af59166" + integrity sha512-IofjkYBZaZivn0V8nnsMJGBr4jVLxHDheKSW88PyxS5QC4Vo9ZbZVvhzlSxY87fVq3STR6r+4cGepyHkcWOQSw== + +depd@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/depd/-/depd-2.0.0.tgz#b696163cc757560d09cf22cc8fad1571b79e76df" + integrity sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw== + +depd@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.2.tgz#9bcd52e14c097763e749b274c4346ed2e560b5a9" + integrity sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ== + +dequal@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/dequal/-/dequal-2.0.3.tgz#2644214f1997d39ed0ee0ece72335490a7ac67be" + integrity sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA== + +destroy@1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.2.0.tgz#4803735509ad8be552934c67df614f94e66fa015" + integrity sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg== + +detect-node@^2.0.4: + version "2.1.0" + resolved "https://registry.yarnpkg.com/detect-node/-/detect-node-2.1.0.tgz#c9c70775a49c3d03bc2c06d9a73be550f978f8b1" + integrity sha512-T0NIuQpnTvFDATNuHN5roPwSBG83rFsuO+MXXH9/3N1eFbn4wcPjttvjMLEPWJ0RGUYgQE7cGgS3tNxbqCGM7g== + +detect-port@^1.5.1: + version "1.6.1" + resolved "https://registry.yarnpkg.com/detect-port/-/detect-port-1.6.1.tgz#45e4073997c5f292b957cb678fb0bb8ed4250a67" + integrity sha512-CmnVc+Hek2egPx1PeTFVta2W78xy2K/9Rkf6cC4T59S50tVnzKj+tnx5mmx5lwvCkujZ4uRrpRSuV+IVs3f90Q== + dependencies: + address "^1.0.1" + debug "4" + +devlop@^1.0.0, devlop@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/devlop/-/devlop-1.1.0.tgz#4db7c2ca4dc6e0e834c30be70c94bbc976dc7018" + integrity sha512-RWmIqhcFf1lRYBvNmr7qTNuyCt/7/ns2jbpp1+PalgE/rDQcBT0fioSMUpJ93irlUhC5hrg4cYqe6U+0ImW0rA== + dependencies: + dequal "^2.0.0" + +dir-glob@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-3.0.1.tgz#56dbf73d992a4a93ba1584f4534063fd2e41717f" + integrity sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA== + dependencies: + path-type "^4.0.0" + +dns-packet@^5.2.2: + version "5.6.1" + resolved "https://registry.yarnpkg.com/dns-packet/-/dns-packet-5.6.1.tgz#ae888ad425a9d1478a0674256ab866de1012cf2f" + integrity sha512-l4gcSouhcgIKRvyy99RNVOgxXiicE+2jZoNmaNmZ6JXiGajBOJAesk1OBlJuM5k2c+eudGdLxDqXuPCKIj6kpw== + dependencies: + "@leichtgewicht/ip-codec" "^2.0.1" + +dom-converter@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/dom-converter/-/dom-converter-0.2.0.tgz#6721a9daee2e293682955b6afe416771627bb768" + integrity sha512-gd3ypIPfOMr9h5jIKq8E3sHOTCjeirnl0WK5ZdS1AW0Odt0b1PaWaHdJ4Qk4klv+YB9aJBS7mESXjFoDQPu6DA== + dependencies: + utila "~0.4" + +dom-helpers@^5.0.1: + version "5.2.1" + resolved "https://registry.yarnpkg.com/dom-helpers/-/dom-helpers-5.2.1.tgz#d9400536b2bf8225ad98fe052e029451ac40e902" + integrity sha512-nRCa7CK3VTrM2NmGkIy4cbK7IZlgBE/PYMn55rrXefr5xXDP0LdtfPnblFDoVdcAfslJ7or6iqAUnx0CCGIWQA== + dependencies: + "@babel/runtime" "^7.8.7" + csstype "^3.0.2" + +dom-serializer@^1.0.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/dom-serializer/-/dom-serializer-1.4.1.tgz#de5d41b1aea290215dc45a6dae8adcf1d32e2d30" + integrity sha512-VHwB3KfrcOOkelEG2ZOfxqLZdfkil8PtJi4P8N2MMXucZq2yLp75ClViUlOVwyoHEDjYU433Aq+5zWP61+RGag== + dependencies: + domelementtype "^2.0.1" + domhandler "^4.2.0" + entities "^2.0.0" + +dom-serializer@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/dom-serializer/-/dom-serializer-2.0.0.tgz#e41b802e1eedf9f6cae183ce5e622d789d7d8e53" + integrity sha512-wIkAryiqt/nV5EQKqQpo3SToSOV9J0DnbJqwK7Wv/Trc92zIAYZ4FlMu+JPFW1DfGFt81ZTCGgDEabffXeLyJg== + dependencies: + domelementtype "^2.3.0" + domhandler "^5.0.2" + entities "^4.2.0" + +domelementtype@^2.0.1, domelementtype@^2.2.0, domelementtype@^2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-2.3.0.tgz#5c45e8e869952626331d7aab326d01daf65d589d" + integrity sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw== + +domhandler@^4.0.0, domhandler@^4.2.0, domhandler@^4.3.1: + version "4.3.1" + resolved "https://registry.yarnpkg.com/domhandler/-/domhandler-4.3.1.tgz#8d792033416f59d68bc03a5aa7b018c1ca89279c" + integrity sha512-GrwoxYN+uWlzO8uhUXRl0P+kHE4GtVPfYzVLcUxPL7KNdHKj66vvlhiweIHqYYXWlw+T8iLMp42Lm67ghw4WMQ== + dependencies: + domelementtype "^2.2.0" + +domhandler@^5.0.2, domhandler@^5.0.3: + version "5.0.3" + resolved "https://registry.yarnpkg.com/domhandler/-/domhandler-5.0.3.tgz#cc385f7f751f1d1fc650c21374804254538c7d31" + integrity sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w== + dependencies: + domelementtype "^2.3.0" + +domutils@^2.5.2, domutils@^2.8.0: + version "2.8.0" + resolved "https://registry.yarnpkg.com/domutils/-/domutils-2.8.0.tgz#4437def5db6e2d1f5d6ee859bd95ca7d02048135" + integrity sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A== + dependencies: + dom-serializer "^1.0.1" + domelementtype "^2.2.0" + domhandler "^4.2.0" + +domutils@^3.0.1: + version "3.2.2" + resolved "https://registry.yarnpkg.com/domutils/-/domutils-3.2.2.tgz#edbfe2b668b0c1d97c24baf0f1062b132221bc78" + integrity sha512-6kZKyUajlDuqlHKVX1w7gyslj9MPIXzIFiz/rGu35uC1wMi+kMhQwGhl4lt9unC9Vb9INnY9Z3/ZA3+FhASLaw== + dependencies: + dom-serializer "^2.0.0" + domelementtype "^2.3.0" + domhandler "^5.0.3" + +dot-case@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/dot-case/-/dot-case-3.0.4.tgz#9b2b670d00a431667a8a75ba29cd1b98809ce751" + integrity sha512-Kv5nKlh6yRrdrGvxeJ2e5y2eRUpkUosIW4A2AS38zwSz27zu7ufDwQPi5Jhs3XAlGNetl3bmnGhQsMtkKJnj3w== + dependencies: + no-case "^3.0.4" + tslib "^2.0.3" + +dot-prop@^6.0.1: + version "6.0.1" + resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-6.0.1.tgz#fc26b3cf142b9e59b74dbd39ed66ce620c681083" + integrity sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA== + dependencies: + is-obj "^2.0.0" + +dunder-proto@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/dunder-proto/-/dunder-proto-1.0.1.tgz#d7ae667e1dc83482f8b70fd0f6eefc50da30f58a" + integrity sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A== + dependencies: + call-bind-apply-helpers "^1.0.1" + es-errors "^1.3.0" + gopd "^1.2.0" + +duplexer@^0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.2.tgz#3abe43aef3835f8ae077d136ddce0f276b0400e6" + integrity sha512-jtD6YG370ZCIi/9GTaJKQxWTZD045+4R4hTk/x1UyoqadyJ9x9CgSi1RlVDQF8U2sxLLSnFkCaMihqljHIWgMg== + +eastasianwidth@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/eastasianwidth/-/eastasianwidth-0.2.0.tgz#696ce2ec0aa0e6ea93a397ffcf24aa7840c827cb" + integrity sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA== + +ee-first@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" + integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow== + +electron-to-chromium@^1.5.211: + version "1.5.211" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.5.211.tgz#749317bf9cf894c06f67980940cf8074e5eb08ca" + integrity sha512-IGBvimJkotaLzFnwIVgW9/UD/AOJ2tByUmeOrtqBfACSbAw5b1G0XpvdaieKyc7ULmbwXVx+4e4Be8pOPBrYkw== + +emoji-regex@^8.0.0: + version "8.0.0" + resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37" + integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A== + +emoji-regex@^9.2.2: + version "9.2.2" + resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-9.2.2.tgz#840c8803b0d8047f4ff0cf963176b32d4ef3ed72" + integrity sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg== + +emojilib@^2.4.0: + version "2.4.0" + resolved "https://registry.yarnpkg.com/emojilib/-/emojilib-2.4.0.tgz#ac518a8bb0d5f76dda57289ccb2fdf9d39ae721e" + integrity sha512-5U0rVMU5Y2n2+ykNLQqMoqklN9ICBT/KsvC1Gz6vqHbz2AXXGkG+Pm5rMWk/8Vjrr/mY9985Hi8DYzn1F09Nyw== + +emojis-list@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/emojis-list/-/emojis-list-3.0.0.tgz#5570662046ad29e2e916e71aae260abdff4f6a78" + integrity sha512-/kyM18EfinwXZbno9FyUGeFh87KC8HRQBQGildHZbEuRyWFOmv1U10o9BBp8XVZDVNNuQKyIGIu5ZYAAXJ0V2Q== + +emoticon@^4.0.1: + version "4.1.0" + resolved "https://registry.yarnpkg.com/emoticon/-/emoticon-4.1.0.tgz#d5a156868ee173095627a33de3f1e914c3dde79e" + integrity sha512-VWZfnxqwNcc51hIy/sbOdEem6D+cVtpPzEEtVAFdaas30+1dgkyaOQ4sQ6Bp0tOMqWO1v+HQfYaoodOkdhK6SQ== + +encodeurl@~1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59" + integrity sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w== + +encodeurl@~2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-2.0.0.tgz#7b8ea898077d7e409d3ac45474ea38eaf0857a58" + integrity sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg== + +enhanced-resolve@^5.17.3: + version "5.18.3" + resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-5.18.3.tgz#9b5f4c5c076b8787c78fe540392ce76a88855b44" + integrity sha512-d4lC8xfavMeBjzGr2vECC3fsGXziXZQyJxD868h2M/mBI3PwAuODxAkLkq5HYuvrPYcUtiLzsTo8U3PgX3Ocww== + dependencies: + graceful-fs "^4.2.4" + tapable "^2.2.0" + +entities@^2.0.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/entities/-/entities-2.2.0.tgz#098dc90ebb83d8dffa089d55256b351d34c4da55" + integrity sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A== + +entities@^4.2.0, entities@^4.4.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/entities/-/entities-4.5.0.tgz#5d268ea5e7113ec74c4d033b79ea5a35a488fb48" + integrity sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw== + +entities@^6.0.0: + version "6.0.1" + resolved "https://registry.yarnpkg.com/entities/-/entities-6.0.1.tgz#c28c34a43379ca7f61d074130b2f5f7020a30694" + integrity sha512-aN97NXWF6AWBTahfVOIrB/NShkzi5H7F9r1s9mD3cDj4Ko5f2qhhVoYMibXF7GlLveb/D2ioWay8lxI97Ven3g== + +error-ex@^1.3.1: + version "1.3.2" + resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.2.tgz#b4ac40648107fdcdcfae242f428bea8a14d4f1bf" + integrity sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g== + dependencies: + is-arrayish "^0.2.1" + +es-define-property@^1.0.0, es-define-property@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/es-define-property/-/es-define-property-1.0.1.tgz#983eb2f9a6724e9303f61addf011c72e09e0b0fa" + integrity sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g== + +es-errors@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/es-errors/-/es-errors-1.3.0.tgz#05f75a25dab98e4fb1dcd5e1472c0546d5057c8f" + integrity sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw== + +es-module-lexer@^1.2.1: + version "1.7.0" + resolved "https://registry.yarnpkg.com/es-module-lexer/-/es-module-lexer-1.7.0.tgz#9159601561880a85f2734560a9099b2c31e5372a" + integrity sha512-jEQoCwk8hyb2AZziIOLhDqpm5+2ww5uIE6lkO/6jcOCusfk6LhMHpXXfBLXTZ7Ydyt0j4VoUQv6uGNYbdW+kBA== + +es-object-atoms@^1.0.0, es-object-atoms@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/es-object-atoms/-/es-object-atoms-1.1.1.tgz#1c4f2c4837327597ce69d2ca190a7fdd172338c1" + integrity sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA== + dependencies: + es-errors "^1.3.0" + +esast-util-from-estree@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/esast-util-from-estree/-/esast-util-from-estree-2.0.0.tgz#8d1cfb51ad534d2f159dc250e604f3478a79f1ad" + integrity sha512-4CyanoAudUSBAn5K13H4JhsMH6L9ZP7XbLVe/dKybkxMO7eDyLsT8UHl9TRNrU2Gr9nz+FovfSIjuXWJ81uVwQ== + dependencies: + "@types/estree-jsx" "^1.0.0" + devlop "^1.0.0" + estree-util-visit "^2.0.0" + unist-util-position-from-estree "^2.0.0" + +esast-util-from-js@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/esast-util-from-js/-/esast-util-from-js-2.0.1.tgz#5147bec34cc9da44accf52f87f239a40ac3e8225" + integrity sha512-8Ja+rNJ0Lt56Pcf3TAmpBZjmx8ZcK5Ts4cAzIOjsjevg9oSXJnl6SUQ2EevU8tv3h6ZLWmoKL5H4fgWvdvfETw== + dependencies: + "@types/estree-jsx" "^1.0.0" + acorn "^8.0.0" + esast-util-from-estree "^2.0.0" + vfile-message "^4.0.0" + +escalade@^3.1.1, escalade@^3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.2.0.tgz#011a3f69856ba189dffa7dc8fcce99d2a87903e5" + integrity sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA== + +escape-goat@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/escape-goat/-/escape-goat-4.0.0.tgz#9424820331b510b0666b98f7873fe11ac4aa8081" + integrity sha512-2Sd4ShcWxbx6OY1IHyla/CVNwvg7XwZVoXZHcSu9w9SReNP1EzzD5T8NWKIR38fIqEns9kDWKUQTXXAmlDrdPg== + +escape-html@^1.0.3, escape-html@~1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" + integrity sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow== + +escape-string-regexp@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" + integrity sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg== + +escape-string-regexp@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz#14ba83a5d373e3d311e5afca29cf5bfad965bf34" + integrity sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA== + +escape-string-regexp@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-5.0.0.tgz#4683126b500b61762f2dbebace1806e8be31b1c8" + integrity sha512-/veY75JbMK4j1yjvuUxuVsiS/hr/4iHs9FTT6cgTexxdE0Ly/glccBAkloH/DofkjRbZU3bnoj38mOmhkZ0lHw== + +eslint-scope@5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-5.1.1.tgz#e786e59a66cb92b3f6c1fb0d508aab174848f48c" + integrity sha512-2NxwbF/hZ0KpepYN0cNbo+FN6XoK7GaHlQhgx/hIZl6Va0bF45RQOOwhLIy8lQDbuCiadSLCBnH2CFYquit5bw== + dependencies: + esrecurse "^4.3.0" + estraverse "^4.1.1" + +esprima@^4.0.0: + version "4.0.1" + resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71" + integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A== + +esrecurse@^4.3.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.3.0.tgz#7ad7964d679abb28bee72cec63758b1c5d2c9921" + integrity sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag== + dependencies: + estraverse "^5.2.0" + +estraverse@^4.1.1: + version "4.3.0" + resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.3.0.tgz#398ad3f3c5a24948be7725e83d11a7de28cdbd1d" + integrity sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw== + +estraverse@^5.2.0: + version "5.3.0" + resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-5.3.0.tgz#2eea5290702f26ab8fe5370370ff86c965d21123" + integrity sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA== + +estree-util-attach-comments@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/estree-util-attach-comments/-/estree-util-attach-comments-3.0.0.tgz#344bde6a64c8a31d15231e5ee9e297566a691c2d" + integrity sha512-cKUwm/HUcTDsYh/9FgnuFqpfquUbwIqwKM26BVCGDPVgvaCl/nDCCjUfiLlx6lsEZ3Z4RFxNbOQ60pkaEwFxGw== + dependencies: + "@types/estree" "^1.0.0" + +estree-util-build-jsx@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/estree-util-build-jsx/-/estree-util-build-jsx-3.0.1.tgz#b6d0bced1dcc4f06f25cf0ceda2b2dcaf98168f1" + integrity sha512-8U5eiL6BTrPxp/CHbs2yMgP8ftMhR5ww1eIKoWRMlqvltHF8fZn5LRDvTKuxD3DUn+shRbLGqXemcP51oFCsGQ== + dependencies: + "@types/estree-jsx" "^1.0.0" + devlop "^1.0.0" + estree-util-is-identifier-name "^3.0.0" + estree-walker "^3.0.0" + +estree-util-is-identifier-name@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/estree-util-is-identifier-name/-/estree-util-is-identifier-name-3.0.0.tgz#0b5ef4c4ff13508b34dcd01ecfa945f61fce5dbd" + integrity sha512-hFtqIDZTIUZ9BXLb8y4pYGyk6+wekIivNVTcmvk8NoOh+VeRn5y6cEHzbURrWbfp1fIqdVipilzj+lfaadNZmg== + +estree-util-scope@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/estree-util-scope/-/estree-util-scope-1.0.0.tgz#9cbdfc77f5cb51e3d9ed4ad9c4adbff22d43e585" + integrity sha512-2CAASclonf+JFWBNJPndcOpA8EMJwa0Q8LUFJEKqXLW6+qBvbFZuF5gItbQOs/umBUkjviCSDCbBwU2cXbmrhQ== + dependencies: + "@types/estree" "^1.0.0" + devlop "^1.0.0" + +estree-util-to-js@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/estree-util-to-js/-/estree-util-to-js-2.0.0.tgz#10a6fb924814e6abb62becf0d2bc4dea51d04f17" + integrity sha512-WDF+xj5rRWmD5tj6bIqRi6CkLIXbbNQUcxQHzGysQzvHmdYG2G7p/Tf0J0gpxGgkeMZNTIjT/AoSvC9Xehcgdg== + dependencies: + "@types/estree-jsx" "^1.0.0" + astring "^1.8.0" + source-map "^0.7.0" + +estree-util-value-to-estree@^3.0.1: + version "3.4.0" + resolved "https://registry.yarnpkg.com/estree-util-value-to-estree/-/estree-util-value-to-estree-3.4.0.tgz#827122e40c3a756d3c4cf5d5d296fa06026a1a4f" + integrity sha512-Zlp+gxis+gCfK12d3Srl2PdX2ybsEA8ZYy6vQGVQTNNYLEGRQQ56XB64bjemN8kxIKXP1nC9ip4Z+ILy9LGzvQ== + dependencies: + "@types/estree" "^1.0.0" + +estree-util-visit@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/estree-util-visit/-/estree-util-visit-2.0.0.tgz#13a9a9f40ff50ed0c022f831ddf4b58d05446feb" + integrity sha512-m5KgiH85xAhhW8Wta0vShLcUvOsh3LLPI2YVwcbio1l7E09NTLL1EyMZFM1OyWowoH0skScNbhOPl4kcBgzTww== + dependencies: + "@types/estree-jsx" "^1.0.0" + "@types/unist" "^3.0.0" + +estree-walker@^3.0.0: + version "3.0.3" + resolved "https://registry.yarnpkg.com/estree-walker/-/estree-walker-3.0.3.tgz#67c3e549ec402a487b4fc193d1953a524752340d" + integrity sha512-7RUKfXgSMMkzt6ZuXmqapOurLGPPfgj6l9uRZ7lRGolvk0y2yocc35LdcxKC5PQZdn2DMqioAQ2NoWcrTKmm6g== + dependencies: + "@types/estree" "^1.0.0" + +esutils@^2.0.2: + version "2.0.3" + resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64" + integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g== + +eta@^2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/eta/-/eta-2.2.0.tgz#eb8b5f8c4e8b6306561a455e62cd7492fe3a9b8a" + integrity sha512-UVQ72Rqjy/ZKQalzV5dCCJP80GrmPrMxh6NlNf+erV6ObL0ZFkhCstWRawS85z3smdr3d2wXPsZEY7rDPfGd2g== + +etag@~1.8.1: + version "1.8.1" + resolved "https://registry.yarnpkg.com/etag/-/etag-1.8.1.tgz#41ae2eeb65efa62268aebfea83ac7d79299b0887" + integrity sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg== + +eval@^0.1.8: + version "0.1.8" + resolved "https://registry.yarnpkg.com/eval/-/eval-0.1.8.tgz#2b903473b8cc1d1989b83a1e7923f883eb357f85" + integrity sha512-EzV94NYKoO09GLXGjXj9JIlXijVck4ONSr5wiCWDvhsvj5jxSrzTmRU/9C1DyB6uToszLs8aifA6NQ7lEQdvFw== + dependencies: + "@types/node" "*" + require-like ">= 0.1.1" + +eventemitter3@^4.0.0, eventemitter3@^4.0.4: + version "4.0.7" + resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-4.0.7.tgz#2de9b68f6528d5644ef5c59526a1b4a07306169f" + integrity sha512-8guHBZCwKnFhYdHr2ysuRWErTwhoN2X8XELRlrRwpmfeY2jjuUN4taQMsULKUVo1K4DvZl+0pgfyoysHxvmvEw== + +events@^3.2.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/events/-/events-3.3.0.tgz#31a95ad0a924e2d2c419a813aeb2c4e878ea7400" + integrity sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q== + +execa@5.1.1, execa@^5.0.0: + version "5.1.1" + resolved "https://registry.yarnpkg.com/execa/-/execa-5.1.1.tgz#f80ad9cbf4298f7bd1d4c9555c21e93741c411dd" + integrity sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg== + dependencies: + cross-spawn "^7.0.3" + get-stream "^6.0.0" + human-signals "^2.1.0" + is-stream "^2.0.0" + merge-stream "^2.0.0" + npm-run-path "^4.0.1" + onetime "^5.1.2" + signal-exit "^3.0.3" + strip-final-newline "^2.0.0" + +express@^4.17.3: + version "4.21.2" + resolved "https://registry.yarnpkg.com/express/-/express-4.21.2.tgz#cf250e48362174ead6cea4a566abef0162c1ec32" + integrity sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA== + dependencies: + accepts "~1.3.8" + array-flatten "1.1.1" + body-parser "1.20.3" + content-disposition "0.5.4" + content-type "~1.0.4" + cookie "0.7.1" + cookie-signature "1.0.6" + debug "2.6.9" + depd "2.0.0" + encodeurl "~2.0.0" + escape-html "~1.0.3" + etag "~1.8.1" + finalhandler "1.3.1" + fresh "0.5.2" + http-errors "2.0.0" + merge-descriptors "1.0.3" + methods "~1.1.2" + on-finished "2.4.1" + parseurl "~1.3.3" + path-to-regexp "0.1.12" + proxy-addr "~2.0.7" + qs "6.13.0" + range-parser "~1.2.1" + safe-buffer "5.2.1" + send "0.19.0" + serve-static "1.16.2" + setprototypeof "1.2.0" + statuses "2.0.1" + type-is "~1.6.18" + utils-merge "1.0.1" + vary "~1.1.2" + +extend-shallow@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/extend-shallow/-/extend-shallow-2.0.1.tgz#51af7d614ad9a9f610ea1bafbb989d6b1c56890f" + integrity sha512-zCnTtlxNoAiDc3gqY2aYAWFx7XWWiasuF2K8Me5WbN8otHKTUKBwjPtNpRs/rbUZm7KxWAaNj7P1a/p52GbVug== + dependencies: + is-extendable "^0.1.0" + +extend@^3.0.0: + version "3.0.2" + resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.2.tgz#f8b1136b4071fbd8eb140aff858b1019ec2915fa" + integrity sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g== + +fast-deep-equal@^3.1.1, fast-deep-equal@^3.1.3: + version "3.1.3" + resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525" + integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q== + +fast-glob@^3.2.11, fast-glob@^3.2.9, fast-glob@^3.3.0: + version "3.3.3" + resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-3.3.3.tgz#d06d585ce8dba90a16b0505c543c3ccfb3aeb818" + integrity sha512-7MptL8U0cqcFdzIzwOTHoilX9x5BrNqye7Z/LuC7kCMRio1EMSyqRK3BEAUD7sXRq4iT4AzTVuZdhgQ2TCvYLg== + dependencies: + "@nodelib/fs.stat" "^2.0.2" + "@nodelib/fs.walk" "^1.2.3" + glob-parent "^5.1.2" + merge2 "^1.3.0" + micromatch "^4.0.8" + +fast-json-stable-stringify@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz#874bf69c6f404c2b5d99c481341399fd55892633" + integrity sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw== + +fast-uri@^3.0.1: + version "3.1.0" + resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.1.0.tgz#66eecff6c764c0df9b762e62ca7edcfb53b4edfa" + integrity sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA== + +fastq@^1.6.0: + version "1.19.1" + resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.19.1.tgz#d50eaba803c8846a883c16492821ebcd2cda55f5" + integrity sha512-GwLTyxkCXjXbxqIhTsMI2Nui8huMPtnxg7krajPJAjnEG/iiOS7i+zCtWGZR9G0NBKbXKh6X9m9UIsYX/N6vvQ== + dependencies: + reusify "^1.0.4" + +fault@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/fault/-/fault-2.0.1.tgz#d47ca9f37ca26e4bd38374a7c500b5a384755b6c" + integrity sha512-WtySTkS4OKev5JtpHXnib4Gxiurzh5NCGvWrFaZ34m6JehfTUhKZvn9njTfw48t6JumVQOmrKqpmGcdwxnhqBQ== + dependencies: + format "^0.2.0" + +faye-websocket@^0.11.3: + version "0.11.4" + resolved "https://registry.yarnpkg.com/faye-websocket/-/faye-websocket-0.11.4.tgz#7f0d9275cfdd86a1c963dc8b65fcc451edcbb1da" + integrity sha512-CzbClwlXAuiRQAlUyfqPgvPoNKTckTPGfwZV4ZdAhVcP2lh9KUxJg2b5GkE7XbjKQ3YJnQ9z6D9ntLAlB+tP8g== + dependencies: + websocket-driver ">=0.5.1" + +feed@^4.2.2: + version "4.2.2" + resolved "https://registry.yarnpkg.com/feed/-/feed-4.2.2.tgz#865783ef6ed12579e2c44bbef3c9113bc4956a7e" + integrity sha512-u5/sxGfiMfZNtJ3OvQpXcvotFpYkL0n9u9mM2vkui2nGo8b4wvDkJ8gAkYqbA8QpGyFCv3RK0Z+Iv+9veCS9bQ== + dependencies: + xml-js "^1.6.11" + +figures@^3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/figures/-/figures-3.2.0.tgz#625c18bd293c604dc4a8ddb2febf0c88341746af" + integrity sha512-yaduQFRKLXYOGgEn6AZau90j3ggSOyiqXU0F9JZfeXYhNa+Jk4X+s45A2zg5jns87GAFa34BBm2kXw4XpNcbdg== + dependencies: + escape-string-regexp "^1.0.5" + +file-loader@^6.2.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/file-loader/-/file-loader-6.2.0.tgz#baef7cf8e1840df325e4390b4484879480eebe4d" + integrity sha512-qo3glqyTa61Ytg4u73GultjHGjdRyig3tG6lPtyX/jOEJvHif9uB0/OCI2Kif6ctF3caQTW2G5gym21oAsI4pw== + dependencies: + loader-utils "^2.0.0" + schema-utils "^3.0.0" + +fill-range@^7.1.1: + version "7.1.1" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.1.1.tgz#44265d3cac07e3ea7dc247516380643754a05292" + integrity sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg== + dependencies: + to-regex-range "^5.0.1" + +finalhandler@1.3.1: + version "1.3.1" + resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.3.1.tgz#0c575f1d1d324ddd1da35ad7ece3df7d19088019" + integrity sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ== + dependencies: + debug "2.6.9" + encodeurl "~2.0.0" + escape-html "~1.0.3" + on-finished "2.4.1" + parseurl "~1.3.3" + statuses "2.0.1" + unpipe "~1.0.0" + +find-cache-dir@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/find-cache-dir/-/find-cache-dir-4.0.0.tgz#a30ee0448f81a3990708f6453633c733e2f6eec2" + integrity sha512-9ZonPT4ZAK4a+1pUPVPZJapbi7O5qbbJPdYw/NOQWZZbVLdDTYM3A4R9z/DpAM08IDaFGsvPgiGZ82WEwUDWjg== + dependencies: + common-path-prefix "^3.0.0" + pkg-dir "^7.0.0" + +find-root@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/find-root/-/find-root-1.1.0.tgz#abcfc8ba76f708c42a97b3d685b7e9450bfb9ce4" + integrity sha512-NKfW6bec6GfKc0SGx1e07QZY9PE99u0Bft/0rzSD5k3sO/vwkVUpDUKVm5Gpp5Ue3YfShPFTX2070tDs5kB9Ng== + +find-up@^6.3.0: + version "6.3.0" + resolved "https://registry.yarnpkg.com/find-up/-/find-up-6.3.0.tgz#2abab3d3280b2dc7ac10199ef324c4e002c8c790" + integrity sha512-v2ZsoEuVHYy8ZIlYqwPe/39Cy+cFDzp4dXPaxNvkEuouymu+2Jbz0PxpKarJHYJTmv2HWT3O382qY8l4jMWthw== + dependencies: + locate-path "^7.1.0" + path-exists "^5.0.0" + +flat@^5.0.2: + version "5.0.2" + resolved "https://registry.yarnpkg.com/flat/-/flat-5.0.2.tgz#8ca6fe332069ffa9d324c327198c598259ceb241" + integrity sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ== + +follow-redirects@^1.0.0: + version "1.15.11" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.11.tgz#777d73d72a92f8ec4d2e410eb47352a56b8e8340" + integrity sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ== + +form-data-encoder@^2.1.2: + version "2.1.4" + resolved "https://registry.yarnpkg.com/form-data-encoder/-/form-data-encoder-2.1.4.tgz#261ea35d2a70d48d30ec7a9603130fa5515e9cd5" + integrity sha512-yDYSgNMraqvnxiEXO4hi88+YZxaHC6QKzb5N84iRCTDeRO7ZALpir/lVmf/uXUhnwUr2O4HU8s/n6x+yNjQkHw== + +format@^0.2.0: + version "0.2.2" + resolved "https://registry.yarnpkg.com/format/-/format-0.2.2.tgz#d6170107e9efdc4ed30c9dc39016df942b5cb58b" + integrity sha512-wzsgA6WOq+09wrU1tsJ09udeR/YZRaeArL9e1wPbFg3GG2yDnC2ldKpxs4xunpFF9DgqCqOIra3bc1HWrJ37Ww== + +forwarded@0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.2.0.tgz#2269936428aad4c15c7ebe9779a84bf0b2a81811" + integrity sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow== + +fraction.js@^4.3.7: + version "4.3.7" + resolved "https://registry.yarnpkg.com/fraction.js/-/fraction.js-4.3.7.tgz#06ca0085157e42fda7f9e726e79fefc4068840f7" + integrity sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew== + +fresh@0.5.2: + version "0.5.2" + resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.5.2.tgz#3d8cadd90d976569fa835ab1f8e4b23a105605a7" + integrity sha512-zJ2mQYM18rEFOudeV4GShTGIQ7RbzA7ozbU9I/XBpm7kqgMywgmylMwXHxZJmkVoYkna9d2pVXVXPdYTP9ej8Q== + +fs-extra@^11.1.1, fs-extra@^11.2.0: + version "11.3.1" + resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-11.3.1.tgz#ba7a1f97a85f94c6db2e52ff69570db3671d5a74" + integrity sha512-eXvGGwZ5CL17ZSwHWd3bbgk7UUpF6IFHtP57NYYakPvHOs8GDgDe5KJI36jIJzDkJ6eJjuzRA8eBQb6SkKue0g== + dependencies: + graceful-fs "^4.2.0" + jsonfile "^6.0.1" + universalify "^2.0.0" + +fs-monkey@^1.0.4: + version "1.1.0" + resolved "https://registry.yarnpkg.com/fs-monkey/-/fs-monkey-1.1.0.tgz#632aa15a20e71828ed56b24303363fb1414e5997" + integrity sha512-QMUezzXWII9EV5aTFXW1UBVUO77wYPpjqIF8/AviUCThNeSYZykpoTixUeaNNBwmCev0AMDWMAni+f8Hxb1IFw== + +fs.realpath@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" + integrity sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw== + +fsevents@~2.3.2: + version "2.3.3" + resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.3.3.tgz#cac6407785d03675a2a5e1a5305c697b347d90d6" + integrity sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw== + +function-bind@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.2.tgz#2c02d864d97f3ea6c8830c464cbd11ab6eab7a1c" + integrity sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA== + +gensync@^1.0.0-beta.2: + version "1.0.0-beta.2" + resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.2.tgz#32a6ee76c3d7f52d46b2b1ae5d93fea8580a25e0" + integrity sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg== + +get-intrinsic@^1.2.4, get-intrinsic@^1.2.5, get-intrinsic@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.3.0.tgz#743f0e3b6964a93a5491ed1bffaae054d7f98d01" + integrity sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ== + dependencies: + call-bind-apply-helpers "^1.0.2" + es-define-property "^1.0.1" + es-errors "^1.3.0" + es-object-atoms "^1.1.1" + function-bind "^1.1.2" + get-proto "^1.0.1" + gopd "^1.2.0" + has-symbols "^1.1.0" + hasown "^2.0.2" + math-intrinsics "^1.1.0" + +get-own-enumerable-property-symbols@^3.0.0: + version "3.0.2" + resolved "https://registry.yarnpkg.com/get-own-enumerable-property-symbols/-/get-own-enumerable-property-symbols-3.0.2.tgz#b5fde77f22cbe35f390b4e089922c50bce6ef664" + integrity sha512-I0UBV/XOz1XkIJHEUDMZAbzCThU/H8DxmSfmdGcKPnVhu2VfFqr34jr9777IyaTYvxjedWhqVIilEDsCdP5G6g== + +get-proto@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/get-proto/-/get-proto-1.0.1.tgz#150b3f2743869ef3e851ec0c49d15b1d14d00ee1" + integrity sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g== + dependencies: + dunder-proto "^1.0.1" + es-object-atoms "^1.0.0" + +get-stream@^6.0.0, get-stream@^6.0.1: + version "6.0.1" + resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-6.0.1.tgz#a262d8eef67aced57c2852ad6167526a43cbf7b7" + integrity sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg== + +github-slugger@^1.5.0: + version "1.5.0" + resolved "https://registry.yarnpkg.com/github-slugger/-/github-slugger-1.5.0.tgz#17891bbc73232051474d68bd867a34625c955f7d" + integrity sha512-wIh+gKBI9Nshz2o46B0B3f5k/W+WI9ZAv6y5Dn5WJ5SK1t0TnDimB4WE5rmTD05ZAIn8HALCZVmCsvj0w0v0lw== + +glob-parent@^5.1.2, glob-parent@~5.1.2: + version "5.1.2" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4" + integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow== + dependencies: + is-glob "^4.0.1" + +glob-parent@^6.0.1: + version "6.0.2" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-6.0.2.tgz#6d237d99083950c79290f24c7642a3de9a28f9e3" + integrity sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A== + dependencies: + is-glob "^4.0.3" + +glob-to-regexp@^0.4.1: + version "0.4.1" + resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz#c75297087c851b9a578bd217dd59a92f59fe546e" + integrity sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw== + +glob@^7.1.3: + version "7.2.3" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.2.3.tgz#b8df0fb802bbfa8e89bd1d938b4e16578ed44f2b" + integrity sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q== + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.1.1" + once "^1.3.0" + path-is-absolute "^1.0.0" + +global-dirs@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/global-dirs/-/global-dirs-3.0.1.tgz#0c488971f066baceda21447aecb1a8b911d22485" + integrity sha512-NBcGGFbBA9s1VzD41QXDG+3++t9Mn5t1FpLdhESY6oKY4gYTFpX4wO3sqGUa0Srjtbfj3szX0RnemmrVRUdULA== + dependencies: + ini "2.0.0" + +globby@^11.1.0: + version "11.1.0" + resolved "https://registry.yarnpkg.com/globby/-/globby-11.1.0.tgz#bd4be98bb042f83d796f7e3811991fbe82a0d34b" + integrity sha512-jhIXaOzy1sb8IyocaruWSn1TjmnBVs8Ayhcy83rmxNJ8q2uWKCAj3CnJY+KpGSXCueAPc0i05kVvVKtP1t9S3g== + dependencies: + array-union "^2.1.0" + dir-glob "^3.0.1" + fast-glob "^3.2.9" + ignore "^5.2.0" + merge2 "^1.4.1" + slash "^3.0.0" + +globby@^13.1.1: + version "13.2.2" + resolved "https://registry.yarnpkg.com/globby/-/globby-13.2.2.tgz#63b90b1bf68619c2135475cbd4e71e66aa090592" + integrity sha512-Y1zNGV+pzQdh7H39l9zgB4PJqjRNqydvdYCDG4HFXM4XuvSaQQlEc91IU1yALL8gUTDomgBAfz3XJdmUS+oo0w== + dependencies: + dir-glob "^3.0.1" + fast-glob "^3.3.0" + ignore "^5.2.4" + merge2 "^1.4.1" + slash "^4.0.0" + +good-listener@^1.2.2: + version "1.2.2" + resolved "https://registry.yarnpkg.com/good-listener/-/good-listener-1.2.2.tgz#d53b30cdf9313dffb7dc9a0d477096aa6d145c50" + integrity sha512-goW1b+d9q/HIwbVYZzZ6SsTr4IgE+WA44A0GmPIQstuOrgsFcT7VEJ48nmr9GaRtNu0XTKacFLGnBPAM6Afouw== + dependencies: + delegate "^3.1.2" + +gopd@^1.0.1, gopd@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/gopd/-/gopd-1.2.0.tgz#89f56b8217bdbc8802bd299df6d7f1081d7e51a1" + integrity sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg== + +got@^12.1.0: + version "12.6.1" + resolved "https://registry.yarnpkg.com/got/-/got-12.6.1.tgz#8869560d1383353204b5a9435f782df9c091f549" + integrity sha512-mThBblvlAF1d4O5oqyvN+ZxLAYwIJK7bpMxgYqPD9okW0C3qm5FFn7k811QrcuEBwaogR3ngOFoCfs6mRv7teQ== + dependencies: + "@sindresorhus/is" "^5.2.0" + "@szmarczak/http-timer" "^5.0.1" + cacheable-lookup "^7.0.0" + cacheable-request "^10.2.8" + decompress-response "^6.0.0" + form-data-encoder "^2.1.2" + get-stream "^6.0.1" + http2-wrapper "^2.1.10" + lowercase-keys "^3.0.0" + p-cancelable "^3.0.0" + responselike "^3.0.0" + +graceful-fs@4.2.10: + version "4.2.10" + resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c" + integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA== + +graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.2.0, graceful-fs@^4.2.11, graceful-fs@^4.2.4, graceful-fs@^4.2.6, graceful-fs@^4.2.9: + version "4.2.11" + resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.11.tgz#4183e4e8bf08bb6e05bbb2f7d2e0c8f712ca40e3" + integrity sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ== + +gray-matter@^4.0.3: + version "4.0.3" + resolved "https://registry.yarnpkg.com/gray-matter/-/gray-matter-4.0.3.tgz#e893c064825de73ea1f5f7d88c7a9f7274288798" + integrity sha512-5v6yZd4JK3eMI3FqqCouswVqwugaA9r4dNZB1wwcmrD02QkV5H0y7XBQW8QwQqEaZY1pM9aqORSORhJRdNK44Q== + dependencies: + js-yaml "^3.13.1" + kind-of "^6.0.2" + section-matter "^1.0.0" + strip-bom-string "^1.0.0" + +gzip-size@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/gzip-size/-/gzip-size-6.0.0.tgz#065367fd50c239c0671cbcbad5be3e2eeb10e462" + integrity sha512-ax7ZYomf6jqPTQ4+XCpUGyXKHk5WweS+e05MBO4/y3WJ5RkmPXNKvX+bx1behVILVwr6JSQvZAku021CHPXG3Q== + dependencies: + duplexer "^0.1.2" + +handle-thing@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/handle-thing/-/handle-thing-2.0.1.tgz#857f79ce359580c340d43081cc648970d0bb234e" + integrity sha512-9Qn4yBxelxoh2Ow62nP+Ka/kMnOXRi8BXnRaUwezLNhqelnN49xKz4F/dPP8OYLxLxq6JDtZb2i9XznUQbNPTg== + +has-flag@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b" + integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ== + +has-property-descriptors@^1.0.0, has-property-descriptors@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz#963ed7d071dc7bf5f084c5bfbe0d1b6222586854" + integrity sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg== + dependencies: + es-define-property "^1.0.0" + +has-symbols@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.1.0.tgz#fc9c6a783a084951d0b971fe1018de813707a338" + integrity sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ== + +has-yarn@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/has-yarn/-/has-yarn-3.0.0.tgz#c3c21e559730d1d3b57e28af1f30d06fac38147d" + integrity sha512-IrsVwUHhEULx3R8f/aA8AHuEzAorplsab/v8HBzEiIukwq5i/EC+xmOW+HfP1OaDP+2JkgT1yILHN2O3UFIbcA== + +hasown@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/hasown/-/hasown-2.0.2.tgz#003eaf91be7adc372e84ec59dc37252cedb80003" + integrity sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ== + dependencies: + function-bind "^1.1.2" + +hast-util-from-parse5@^8.0.0: + version "8.0.3" + resolved "https://registry.yarnpkg.com/hast-util-from-parse5/-/hast-util-from-parse5-8.0.3.tgz#830a35022fff28c3fea3697a98c2f4cc6b835a2e" + integrity sha512-3kxEVkEKt0zvcZ3hCRYI8rqrgwtlIOFMWkbclACvjlDw8Li9S2hk/d51OI0nr/gIpdMHNepwgOKqZ/sy0Clpyg== + dependencies: + "@types/hast" "^3.0.0" + "@types/unist" "^3.0.0" + devlop "^1.0.0" + hastscript "^9.0.0" + property-information "^7.0.0" + vfile "^6.0.0" + vfile-location "^5.0.0" + web-namespaces "^2.0.0" + +hast-util-parse-selector@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/hast-util-parse-selector/-/hast-util-parse-selector-4.0.0.tgz#352879fa86e25616036037dd8931fb5f34cb4a27" + integrity sha512-wkQCkSYoOGCRKERFWcxMVMOcYE2K1AaNLU8DXS9arxnLOUEWbOXKXiJUNzEpqZ3JOKpnha3jkFrumEjVliDe7A== + dependencies: + "@types/hast" "^3.0.0" + +hast-util-raw@^9.0.0: + version "9.1.0" + resolved "https://registry.yarnpkg.com/hast-util-raw/-/hast-util-raw-9.1.0.tgz#79b66b26f6f68fb50dfb4716b2cdca90d92adf2e" + integrity sha512-Y8/SBAHkZGoNkpzqqfCldijcuUKh7/su31kEBp67cFY09Wy0mTRgtsLYsiIxMJxlu0f6AA5SUTbDR8K0rxnbUw== + dependencies: + "@types/hast" "^3.0.0" + "@types/unist" "^3.0.0" + "@ungap/structured-clone" "^1.0.0" + hast-util-from-parse5 "^8.0.0" + hast-util-to-parse5 "^8.0.0" + html-void-elements "^3.0.0" + mdast-util-to-hast "^13.0.0" + parse5 "^7.0.0" + unist-util-position "^5.0.0" + unist-util-visit "^5.0.0" + vfile "^6.0.0" + web-namespaces "^2.0.0" + zwitch "^2.0.0" + +hast-util-to-estree@^3.0.0: + version "3.1.3" + resolved "https://registry.yarnpkg.com/hast-util-to-estree/-/hast-util-to-estree-3.1.3.tgz#e654c1c9374645135695cc0ab9f70b8fcaf733d7" + integrity sha512-48+B/rJWAp0jamNbAAf9M7Uf//UVqAoMmgXhBdxTDJLGKY+LRnZ99qcG+Qjl5HfMpYNzS5v4EAwVEF34LeAj7w== + dependencies: + "@types/estree" "^1.0.0" + "@types/estree-jsx" "^1.0.0" + "@types/hast" "^3.0.0" + comma-separated-tokens "^2.0.0" + devlop "^1.0.0" + estree-util-attach-comments "^3.0.0" + estree-util-is-identifier-name "^3.0.0" + hast-util-whitespace "^3.0.0" + mdast-util-mdx-expression "^2.0.0" + mdast-util-mdx-jsx "^3.0.0" + mdast-util-mdxjs-esm "^2.0.0" + property-information "^7.0.0" + space-separated-tokens "^2.0.0" + style-to-js "^1.0.0" + unist-util-position "^5.0.0" + zwitch "^2.0.0" + +hast-util-to-jsx-runtime@^2.0.0: + version "2.3.6" + resolved "https://registry.yarnpkg.com/hast-util-to-jsx-runtime/-/hast-util-to-jsx-runtime-2.3.6.tgz#ff31897aae59f62232e21594eac7ef6b63333e98" + integrity sha512-zl6s8LwNyo1P9uw+XJGvZtdFF1GdAkOg8ujOw+4Pyb76874fLps4ueHXDhXWdk6YHQ6OgUtinliG7RsYvCbbBg== + dependencies: + "@types/estree" "^1.0.0" + "@types/hast" "^3.0.0" + "@types/unist" "^3.0.0" + comma-separated-tokens "^2.0.0" + devlop "^1.0.0" + estree-util-is-identifier-name "^3.0.0" + hast-util-whitespace "^3.0.0" + mdast-util-mdx-expression "^2.0.0" + mdast-util-mdx-jsx "^3.0.0" + mdast-util-mdxjs-esm "^2.0.0" + property-information "^7.0.0" + space-separated-tokens "^2.0.0" + style-to-js "^1.0.0" + unist-util-position "^5.0.0" + vfile-message "^4.0.0" + +hast-util-to-parse5@^8.0.0: + version "8.0.0" + resolved "https://registry.yarnpkg.com/hast-util-to-parse5/-/hast-util-to-parse5-8.0.0.tgz#477cd42d278d4f036bc2ea58586130f6f39ee6ed" + integrity sha512-3KKrV5ZVI8if87DVSi1vDeByYrkGzg4mEfeu4alwgmmIeARiBLKCZS2uw5Gb6nU9x9Yufyj3iudm6i7nl52PFw== + dependencies: + "@types/hast" "^3.0.0" + comma-separated-tokens "^2.0.0" + devlop "^1.0.0" + property-information "^6.0.0" + space-separated-tokens "^2.0.0" + web-namespaces "^2.0.0" + zwitch "^2.0.0" + +hast-util-whitespace@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/hast-util-whitespace/-/hast-util-whitespace-3.0.0.tgz#7778ed9d3c92dd9e8c5c8f648a49c21fc51cb621" + integrity sha512-88JUN06ipLwsnv+dVn+OIYOvAuvBMy/Qoi6O7mQHxdPXpjy+Cd6xRkWwux7DKO+4sYILtLBRIKgsdpS2gQc7qw== + dependencies: + "@types/hast" "^3.0.0" + +hastscript@^9.0.0: + version "9.0.1" + resolved "https://registry.yarnpkg.com/hastscript/-/hastscript-9.0.1.tgz#dbc84bef6051d40084342c229c451cd9dc567dff" + integrity sha512-g7df9rMFX/SPi34tyGCyUBREQoKkapwdY/T04Qn9TDWfHhAYt4/I0gMVirzK5wEzeUqIjEB+LXC/ypb7Aqno5w== + dependencies: + "@types/hast" "^3.0.0" + comma-separated-tokens "^2.0.0" + hast-util-parse-selector "^4.0.0" + property-information "^7.0.0" + space-separated-tokens "^2.0.0" + +he@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/he/-/he-1.2.0.tgz#84ae65fa7eafb165fddb61566ae14baf05664f0f" + integrity sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw== + +history@^4.9.0: + version "4.10.1" + resolved "https://registry.yarnpkg.com/history/-/history-4.10.1.tgz#33371a65e3a83b267434e2b3f3b1b4c58aad4cf3" + integrity sha512-36nwAD620w12kuzPAsyINPWJqlNbij+hpK1k9XRloDtym8mxzGYl2c17LnV6IAGB2Dmg4tEa7G7DlawS0+qjew== + dependencies: + "@babel/runtime" "^7.1.2" + loose-envify "^1.2.0" + resolve-pathname "^3.0.0" + tiny-invariant "^1.0.2" + tiny-warning "^1.0.0" + value-equal "^1.0.1" + +hoist-non-react-statics@^3.1.0, hoist-non-react-statics@^3.3.1: + version "3.3.2" + resolved "https://registry.yarnpkg.com/hoist-non-react-statics/-/hoist-non-react-statics-3.3.2.tgz#ece0acaf71d62c2969c2ec59feff42a4b1a85b45" + integrity sha512-/gGivxi8JPKWNm/W0jSmzcMPpfpPLc3dY/6GxhX2hQ9iGj3aDfklV4ET7NjKpSinLpJ5vafa9iiGIEZg10SfBw== + dependencies: + react-is "^16.7.0" + +hpack.js@^2.1.6: + version "2.1.6" + resolved "https://registry.yarnpkg.com/hpack.js/-/hpack.js-2.1.6.tgz#87774c0949e513f42e84575b3c45681fade2a0b2" + integrity sha512-zJxVehUdMGIKsRaNt7apO2Gqp0BdqW5yaiGHXXmbpvxgBYVZnAql+BJb4RO5ad2MgpbZKn5G6nMnegrH1FcNYQ== + dependencies: + inherits "^2.0.1" + obuf "^1.0.0" + readable-stream "^2.0.1" + wbuf "^1.1.0" + +html-entities@^2.3.2: + version "2.6.0" + resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-2.6.0.tgz#7c64f1ea3b36818ccae3d3fb48b6974208e984f8" + integrity sha512-kig+rMn/QOVRvr7c86gQ8lWXq+Hkv6CbAH1hLu+RG338StTpE8Z0b44SDVaqVu7HGKf27frdmUYEs9hTUX/cLQ== + +html-escaper@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/html-escaper/-/html-escaper-2.0.2.tgz#dfd60027da36a36dfcbe236262c00a5822681453" + integrity sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg== + +html-minifier-terser@^6.0.2: + version "6.1.0" + resolved "https://registry.yarnpkg.com/html-minifier-terser/-/html-minifier-terser-6.1.0.tgz#bfc818934cc07918f6b3669f5774ecdfd48f32ab" + integrity sha512-YXxSlJBZTP7RS3tWnQw74ooKa6L9b9i9QYXY21eUEvhZ3u9XLfv6OnFsQq6RxkhHygsaUMvYsZRV5rU/OVNZxw== + dependencies: + camel-case "^4.1.2" + clean-css "^5.2.2" + commander "^8.3.0" + he "^1.2.0" + param-case "^3.0.4" + relateurl "^0.2.7" + terser "^5.10.0" + +html-minifier-terser@^7.2.0: + version "7.2.0" + resolved "https://registry.yarnpkg.com/html-minifier-terser/-/html-minifier-terser-7.2.0.tgz#18752e23a2f0ed4b0f550f217bb41693e975b942" + integrity sha512-tXgn3QfqPIpGl9o+K5tpcj3/MN4SfLtsx2GWwBC3SSd0tXQGyF3gsSqad8loJgKZGM3ZxbYDd5yhiBIdWpmvLA== + dependencies: + camel-case "^4.1.2" + clean-css "~5.3.2" + commander "^10.0.0" + entities "^4.4.0" + param-case "^3.0.4" + relateurl "^0.2.7" + terser "^5.15.1" + +html-tags@^3.3.1: + version "3.3.1" + resolved "https://registry.yarnpkg.com/html-tags/-/html-tags-3.3.1.tgz#a04026a18c882e4bba8a01a3d39cfe465d40b5ce" + integrity sha512-ztqyC3kLto0e9WbNp0aeP+M3kTt+nbaIveGmUxAtZa+8iFgKLUOD4YKM5j+f3QD89bra7UeumolZHKuOXnTmeQ== + +html-void-elements@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/html-void-elements/-/html-void-elements-3.0.0.tgz#fc9dbd84af9e747249034d4d62602def6517f1d7" + integrity sha512-bEqo66MRXsUGxWHV5IP0PUiAWwoEjba4VCzg0LjFJBpchPaTfyfCKTG6bc5F8ucKec3q5y6qOdGyYTSBEvhCrg== + +html-webpack-plugin@^5.6.0: + version "5.6.4" + resolved "https://registry.yarnpkg.com/html-webpack-plugin/-/html-webpack-plugin-5.6.4.tgz#d8cb0f7edff7745ae7d6cccb0bff592e9f7f7959" + integrity sha512-V/PZeWsqhfpE27nKeX9EO2sbR+D17A+tLf6qU+ht66jdUsN0QLKJN27Z+1+gHrVMKgndBahes0PU6rRihDgHTw== + dependencies: + "@types/html-minifier-terser" "^6.0.0" + html-minifier-terser "^6.0.2" + lodash "^4.17.21" + pretty-error "^4.0.0" + tapable "^2.0.0" + +htmlparser2@^6.1.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-6.1.0.tgz#c4d762b6c3371a05dbe65e94ae43a9f845fb8fb7" + integrity sha512-gyyPk6rgonLFEDGoeRgQNaEUvdJ4ktTmmUh/h2t7s+M8oPpIPxgNACWa+6ESR57kXstwqPiCut0V8NRpcwgU7A== + dependencies: + domelementtype "^2.0.1" + domhandler "^4.0.0" + domutils "^2.5.2" + entities "^2.0.0" + +htmlparser2@^8.0.1: + version "8.0.2" + resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-8.0.2.tgz#f002151705b383e62433b5cf466f5b716edaec21" + integrity sha512-GYdjWKDkbRLkZ5geuHs5NY1puJ+PXwP7+fHPRz06Eirsb9ugf6d8kkXav6ADhcODhFFPMIXyxkxSuMf3D6NCFA== + dependencies: + domelementtype "^2.3.0" + domhandler "^5.0.3" + domutils "^3.0.1" + entities "^4.4.0" + +http-cache-semantics@^4.1.1: + version "4.2.0" + resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.2.0.tgz#205f4db64f8562b76a4ff9235aa5279839a09dd5" + integrity sha512-dTxcvPXqPvXBQpq5dUr6mEMJX4oIEFv6bwom3FDwKRDsuIjjJGANqhBuoAn9c1RQJIdAKav33ED65E2ys+87QQ== + +http-deceiver@^1.2.7: + version "1.2.7" + resolved "https://registry.yarnpkg.com/http-deceiver/-/http-deceiver-1.2.7.tgz#fa7168944ab9a519d337cb0bec7284dc3e723d87" + integrity sha512-LmpOGxTfbpgtGVxJrj5k7asXHCgNZp5nLfp+hWc8QQRqtb7fUy6kRY3BO1h9ddF6yIPYUARgxGOwB42DnxIaNw== + +http-errors@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-2.0.0.tgz#b7774a1486ef73cf7667ac9ae0858c012c57b9d3" + integrity sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ== + dependencies: + depd "2.0.0" + inherits "2.0.4" + setprototypeof "1.2.0" + statuses "2.0.1" + toidentifier "1.0.1" + +http-errors@~1.6.2: + version "1.6.3" + resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.6.3.tgz#8b55680bb4be283a0b5bf4ea2e38580be1d9320d" + integrity sha512-lks+lVC8dgGyh97jxvxeYTWQFvh4uw4yC12gVl63Cg30sjPX4wuGcdkICVXDAESr6OJGjqGA8Iz5mkeN6zlD7A== + dependencies: + depd "~1.1.2" + inherits "2.0.3" + setprototypeof "1.1.0" + statuses ">= 1.4.0 < 2" + +http-parser-js@>=0.5.1: + version "0.5.10" + resolved "https://registry.yarnpkg.com/http-parser-js/-/http-parser-js-0.5.10.tgz#b3277bd6d7ed5588e20ea73bf724fcbe44609075" + integrity sha512-Pysuw9XpUq5dVc/2SMHpuTY01RFl8fttgcyunjL7eEMhGM3cI4eOmiCycJDVCo/7O7ClfQD3SaI6ftDzqOXYMA== + +http-proxy-middleware@^2.0.3: + version "2.0.9" + resolved "https://registry.yarnpkg.com/http-proxy-middleware/-/http-proxy-middleware-2.0.9.tgz#e9e63d68afaa4eee3d147f39149ab84c0c2815ef" + integrity sha512-c1IyJYLYppU574+YI7R4QyX2ystMtVXZwIdzazUIPIJsHuWNd+mho2j+bKoHftndicGj9yh+xjd+l0yj7VeT1Q== + dependencies: + "@types/http-proxy" "^1.17.8" + http-proxy "^1.18.1" + is-glob "^4.0.1" + is-plain-obj "^3.0.0" + micromatch "^4.0.2" + +http-proxy@^1.18.1: + version "1.18.1" + resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.18.1.tgz#401541f0534884bbf95260334e72f88ee3976549" + integrity sha512-7mz/721AbnJwIVbnaSv1Cz3Am0ZLT/UBwkC92VlxhXv/k/BBQfM2fXElQNC27BVGr0uwUpplYPQM9LnaBMR5NQ== + dependencies: + eventemitter3 "^4.0.0" + follow-redirects "^1.0.0" + requires-port "^1.0.0" + +http2-wrapper@^2.1.10: + version "2.2.1" + resolved "https://registry.yarnpkg.com/http2-wrapper/-/http2-wrapper-2.2.1.tgz#310968153dcdedb160d8b72114363ef5fce1f64a" + integrity sha512-V5nVw1PAOgfI3Lmeaj2Exmeg7fenjhRUgz1lPSezy1CuhPYbgQtbQj4jZfEAEMlaL+vupsvhjqCyjzob0yxsmQ== + dependencies: + quick-lru "^5.1.1" + resolve-alpn "^1.2.0" + +human-signals@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-2.1.0.tgz#dc91fcba42e4d06e4abaed33b3e7a3c02f514ea0" + integrity sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw== + +iconv-lite@0.4.24: + version "0.4.24" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b" + integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA== + dependencies: + safer-buffer ">= 2.1.2 < 3" + +icss-utils@^5.0.0, icss-utils@^5.1.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/icss-utils/-/icss-utils-5.1.0.tgz#c6be6858abd013d768e98366ae47e25d5887b1ae" + integrity sha512-soFhflCVWLfRNOPU3iv5Z9VUdT44xFRbzjLsEzSr5AQmgqPMTHdU3PMT1Cf1ssx8fLNJDA1juftYl+PUcv3MqA== + +ignore@^5.2.0, ignore@^5.2.4: + version "5.3.2" + resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.3.2.tgz#3cd40e729f3643fd87cb04e50bf0eb722bc596f5" + integrity sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g== + +image-size@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/image-size/-/image-size-2.0.2.tgz#84a7b43704db5736f364bf0d1b029821299b4bdc" + integrity sha512-IRqXKlaXwgSMAMtpNzZa1ZAe8m+Sa1770Dhk8VkSsP9LS+iHD62Zd8FQKs8fbPiagBE7BzoFX23cxFnwshpV6w== + +import-fresh@^3.2.1, import-fresh@^3.3.0: + version "3.3.1" + resolved "https://registry.yarnpkg.com/import-fresh/-/import-fresh-3.3.1.tgz#9cecb56503c0ada1f2741dbbd6546e4b13b57ccf" + integrity sha512-TR3KfrTZTYLPB6jUjfx6MF9WcWrHL9su5TObK4ZkYgBdWKPOFoSoQIdEuTuR82pmtxH2spWG9h6etwfr1pLBqQ== + dependencies: + parent-module "^1.0.0" + resolve-from "^4.0.0" + +import-lazy@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/import-lazy/-/import-lazy-4.0.0.tgz#e8eb627483a0a43da3c03f3e35548be5cb0cc153" + integrity sha512-rKtvo6a868b5Hu3heneU+L4yEQ4jYKLtjpnPeUdK7h0yzXGmyBTypknlkCvHFBqfX9YlorEiMM6Dnq/5atfHkw== + +imurmurhash@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" + integrity sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA== + +indent-string@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-4.0.0.tgz#624f8f4497d619b2d9768531d58f4122854d7251" + integrity sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg== + +infima@0.2.0-alpha.45: + version "0.2.0-alpha.45" + resolved "https://registry.yarnpkg.com/infima/-/infima-0.2.0-alpha.45.tgz#542aab5a249274d81679631b492973dd2c1e7466" + integrity sha512-uyH0zfr1erU1OohLk0fT4Rrb94AOhguWNOcD9uGrSpRvNB+6gZXUoJX5J0NtvzBO10YZ9PgvA4NFgt+fYg8ojw== + +inflight@^1.0.4: + version "1.0.6" + resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" + integrity sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA== + dependencies: + once "^1.3.0" + wrappy "1" + +inherits@2, inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.3: + version "2.0.4" + resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" + integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== + +inherits@2.0.3: + version "2.0.3" + resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" + integrity sha512-x00IRNXNy63jwGkJmzPigoySHbaqpNuzKbBOmzK+g2OdZpQ9w+sxCN+VSB3ja7IAge2OP2qpfxTjeNcyjmW1uw== + +ini@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ini/-/ini-2.0.0.tgz#e5fd556ecdd5726be978fa1001862eacb0a94bc5" + integrity sha512-7PnF4oN3CvZF23ADhA5wRaYEQpJ8qygSkbtTXWBeXWXmEVRXK+1ITciHWwHhsjv1TmW0MgacIv6hEi5pX5NQdA== + +ini@^1.3.4, ini@~1.3.0: + version "1.3.8" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" + integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== + +inline-style-parser@0.2.4: + version "0.2.4" + resolved "https://registry.yarnpkg.com/inline-style-parser/-/inline-style-parser-0.2.4.tgz#f4af5fe72e612839fcd453d989a586566d695f22" + integrity sha512-0aO8FkhNZlj/ZIbNi7Lxxr12obT7cL1moPfE4tg1LkX7LlLfC6DeX4l2ZEud1ukP9jNQyNnfzQVqwbwmAATY4Q== + +invariant@^2.2.4: + version "2.2.4" + resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.4.tgz#610f3c92c9359ce1db616e538008d23ff35158e6" + integrity sha512-phJfQVBuaJM5raOpJjSfkiD6BpbCE4Ns//LaXl6wGYtUBY83nWS6Rf9tXm2e8VaK60JEjYldbPif/A2B1C2gNA== + dependencies: + loose-envify "^1.0.0" + +ipaddr.js@1.9.1: + version "1.9.1" + resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.9.1.tgz#bff38543eeb8984825079ff3a2a8e6cbd46781b3" + integrity sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g== + +ipaddr.js@^2.0.1: + version "2.2.0" + resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-2.2.0.tgz#d33fa7bac284f4de7af949638c9d68157c6b92e8" + integrity sha512-Ag3wB2o37wslZS19hZqorUnrnzSkpOVy+IiiDEiTqNubEYpYuHWIf6K4psgN2ZWKExS4xhVCrRVfb/wfW8fWJA== + +is-alphabetical@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/is-alphabetical/-/is-alphabetical-2.0.1.tgz#01072053ea7c1036df3c7d19a6daaec7f19e789b" + integrity sha512-FWyyY60MeTNyeSRpkM2Iry0G9hpr7/9kD40mD/cGQEuilcZYS4okz8SN2Q6rLCJ8gbCt6fN+rC+6tMGS99LaxQ== + +is-alphanumerical@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/is-alphanumerical/-/is-alphanumerical-2.0.1.tgz#7c03fbe96e3e931113e57f964b0a368cc2dfd875" + integrity sha512-hmbYhX/9MUMF5uh7tOXyK/n0ZvWpad5caBA17GsC6vyuCqaWliRG5K1qS9inmUhEMaOBIW7/whAnSwveW/LtZw== + dependencies: + is-alphabetical "^2.0.0" + is-decimal "^2.0.0" + +is-arrayish@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" + integrity sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg== + +is-binary-path@~2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-2.1.0.tgz#ea1f7f3b80f064236e83470f86c09c254fb45b09" + integrity sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw== + dependencies: + binary-extensions "^2.0.0" + +is-ci@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/is-ci/-/is-ci-3.0.1.tgz#db6ecbed1bd659c43dac0f45661e7674103d1867" + integrity sha512-ZYvCgrefwqoQ6yTyYUbQu64HsITZ3NfKX1lzaEYdkTDcfKzzCI/wthRRYKkdjHKFVgNiXKAKm65Zo1pk2as/QQ== + dependencies: + ci-info "^3.2.0" + +is-core-module@^2.16.0: + version "2.16.1" + resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.16.1.tgz#2a98801a849f43e2add644fbb6bc6229b19a4ef4" + integrity sha512-UfoeMA6fIJ8wTYFEUjelnaGI67v6+N7qXJEvQuIGa99l4xsCruSYOVSQ0uPANn4dAzm8lkYPaKLrrijLq7x23w== + dependencies: + hasown "^2.0.2" + +is-decimal@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/is-decimal/-/is-decimal-2.0.1.tgz#9469d2dc190d0214fd87d78b78caecc0cc14eef7" + integrity sha512-AAB9hiomQs5DXWcRB1rqsxGUstbRroFOPPVAomNk/3XHR5JyEZChOyTWe2oayKnsSsr/kcGqF+z6yuH6HHpN0A== + +is-docker@^2.0.0, is-docker@^2.1.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/is-docker/-/is-docker-2.2.1.tgz#33eeabe23cfe86f14bde4408a02c0cfb853acdaa" + integrity sha512-F+i2BKsFrH66iaUFc0woD8sLy8getkwTwtOBjvs56Cx4CgJDeKQeqfz8wAYiSb8JOprWhHH5p77PbmYCvvUuXQ== + +is-extendable@^0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89" + integrity sha512-5BMULNob1vgFX6EjQw5izWDxrecWK9AM72rugNr0TFldMOi0fj6Jk+zeKIt0xGj4cEfQIJth4w3OKWOJ4f+AFw== + +is-extglob@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2" + integrity sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ== + +is-fullwidth-code-point@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz#f116f8064fe90b3f7844a38997c0b75051269f1d" + integrity sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg== + +is-glob@^4.0.1, is-glob@^4.0.3, is-glob@~4.0.1: + version "4.0.3" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-4.0.3.tgz#64f61e42cbbb2eec2071a9dac0b28ba1e65d5084" + integrity sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg== + dependencies: + is-extglob "^2.1.1" + +is-hexadecimal@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/is-hexadecimal/-/is-hexadecimal-2.0.1.tgz#86b5bf668fca307498d319dfc03289d781a90027" + integrity sha512-DgZQp241c8oO6cA1SbTEWiXeoxV42vlcJxgH+B3hi1AiqqKruZR3ZGF8In3fj4+/y/7rHvlOZLZtgJ/4ttYGZg== + +is-installed-globally@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/is-installed-globally/-/is-installed-globally-0.4.0.tgz#9a0fd407949c30f86eb6959ef1b7994ed0b7b520" + integrity sha512-iwGqO3J21aaSkC7jWnHP/difazwS7SFeIqxv6wEtLU8Y5KlzFTjyqcSIT0d8s4+dDhKytsk9PJZ2BkS5eZwQRQ== + dependencies: + global-dirs "^3.0.0" + is-path-inside "^3.0.2" + +is-npm@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-6.0.0.tgz#b59e75e8915543ca5d881ecff864077cba095261" + integrity sha512-JEjxbSmtPSt1c8XTkVrlujcXdKV1/tvuQ7GwKcAlyiVLeYFQ2VHat8xfrDJsIkhCdF/tZ7CiIR3sy141c6+gPQ== + +is-number@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/is-number/-/is-number-7.0.0.tgz#7535345b896734d5f80c4d06c50955527a14f12b" + integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng== + +is-obj@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-1.0.1.tgz#3e4729ac1f5fde025cd7d83a896dab9f4f67db0f" + integrity sha512-l4RyHgRqGN4Y3+9JHVrNqO+tN0rV5My76uW5/nuO4K1b6vw5G8d/cmFjP9tRfEsdhZNt0IFdZuK/c2Vr4Nb+Qg== + +is-obj@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-2.0.0.tgz#473fb05d973705e3fd9620545018ca8e22ef4982" + integrity sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w== + +is-path-inside@^3.0.2: + version "3.0.3" + resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-3.0.3.tgz#d231362e53a07ff2b0e0ea7fed049161ffd16283" + integrity sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ== + +is-plain-obj@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-3.0.0.tgz#af6f2ea14ac5a646183a5bbdb5baabbc156ad9d7" + integrity sha512-gwsOE28k+23GP1B6vFl1oVh/WOzmawBrKwo5Ev6wMKzPkaXaCDIQKzLnvsA42DRlbVTWorkgTKIviAKCWkfUwA== + +is-plain-obj@^4.0.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-4.1.0.tgz#d65025edec3657ce032fd7db63c97883eaed71f0" + integrity sha512-+Pgi+vMuUNkJyExiMBt5IlFoMyKnr5zhJ4Uspz58WOhBF5QoIZkFyNHIbBAtHwzVAgk5RtndVNsDRN61/mmDqg== + +is-plain-object@^2.0.4: + version "2.0.4" + resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-2.0.4.tgz#2c163b3fafb1b606d9d17928f05c2a1c38e07677" + integrity sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og== + dependencies: + isobject "^3.0.1" + +is-regexp@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-regexp/-/is-regexp-1.0.0.tgz#fd2d883545c46bac5a633e7b9a09e87fa2cb5069" + integrity sha512-7zjFAPO4/gwyQAAgRRmqeEeyIICSdmCqa3tsVHMdBzaXXRiqopZL4Cyghg/XulGWrtABTpbnYYzzIRffLkP4oA== + +is-stream@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-2.0.1.tgz#fac1e3d53b97ad5a9d0ae9cef2389f5810a5c077" + integrity sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg== + +is-typedarray@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" + integrity sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA== + +is-wsl@^2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/is-wsl/-/is-wsl-2.2.0.tgz#74a4c76e77ca9fd3f932f290c17ea326cd157271" + integrity sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww== + dependencies: + is-docker "^2.0.0" + +is-yarn-global@^0.4.0: + version "0.4.1" + resolved "https://registry.yarnpkg.com/is-yarn-global/-/is-yarn-global-0.4.1.tgz#b312d902b313f81e4eaf98b6361ba2b45cd694bb" + integrity sha512-/kppl+R+LO5VmhYSEWARUFjodS25D68gvj8W7z0I7OWhUla5xWu8KL6CtB2V0R6yqhnRgbcaREMr4EEM6htLPQ== + +isarray@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" + integrity sha512-D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ== + +isarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" + integrity sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ== + +isexe@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10" + integrity sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw== + +isobject@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/isobject/-/isobject-3.0.1.tgz#4e431e92b11a9731636aa1f9c8d1ccbcfdab78df" + integrity sha512-WhB9zCku7EGTj/HQQRz5aUQEUeoQZH2bWcltRErOpymJ4boYE6wL9Tbr23krRPSZ+C5zqNSrSw+Cc7sZZ4b7vg== + +jest-util@^29.7.0: + version "29.7.0" + resolved "https://registry.yarnpkg.com/jest-util/-/jest-util-29.7.0.tgz#23c2b62bfb22be82b44de98055802ff3710fc0bc" + integrity sha512-z6EbKajIpqGKU56y5KBUgy1dt1ihhQJgWzUlZHArA/+X2ad7Cb5iF+AK1EWVL/Bo7Rz9uurpqw6SiBCefUbCGA== + dependencies: + "@jest/types" "^29.6.3" + "@types/node" "*" + chalk "^4.0.0" + ci-info "^3.2.0" + graceful-fs "^4.2.9" + picomatch "^2.2.3" + +jest-worker@^27.4.5: + version "27.5.1" + resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-27.5.1.tgz#8d146f0900e8973b106b6f73cc1e9a8cb86f8db0" + integrity sha512-7vuh85V5cdDofPyxn58nrPjBktZo0u9x1g8WtjQol+jZDaE+fhN+cIvTj11GndBnMnyfrUOG1sZQxCdjKh+DKg== + dependencies: + "@types/node" "*" + merge-stream "^2.0.0" + supports-color "^8.0.0" + +jest-worker@^29.4.3: + version "29.7.0" + resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-29.7.0.tgz#acad073acbbaeb7262bd5389e1bcf43e10058d4a" + integrity sha512-eIz2msL/EzL9UFTFFx7jBTkeZfku0yUAyZZZmJ93H2TYEiroIx2PQjEXcwYtYl8zXCxb+PAmA2hLIt/6ZEkPHw== + dependencies: + "@types/node" "*" + jest-util "^29.7.0" + merge-stream "^2.0.0" + supports-color "^8.0.0" + +jiti@^1.20.0: + version "1.21.7" + resolved "https://registry.yarnpkg.com/jiti/-/jiti-1.21.7.tgz#9dd81043424a3d28458b193d965f0d18a2300ba9" + integrity sha512-/imKNG4EbWNrVjoNC/1H5/9GFy+tqjGBHCaSsN+P2RnPqjsLmv6UD3Ej+Kj8nBWaRAwyk7kK5ZUc+OEatnTR3A== + +joi@^17.9.2: + version "17.13.3" + resolved "https://registry.yarnpkg.com/joi/-/joi-17.13.3.tgz#0f5cc1169c999b30d344366d384b12d92558bcec" + integrity sha512-otDA4ldcIx+ZXsKHWmp0YizCweVRZG96J10b0FevjfuncLO1oX59THoAmHkNubYJ+9gWsYsp5k8v4ib6oDv1fA== + dependencies: + "@hapi/hoek" "^9.3.0" + "@hapi/topo" "^5.1.0" + "@sideway/address" "^4.1.5" + "@sideway/formula" "^3.0.1" + "@sideway/pinpoint" "^2.0.0" + +"js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499" + integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ== + +js-yaml@^3.13.1: + version "3.14.1" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537" + integrity sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g== + dependencies: + argparse "^1.0.7" + esprima "^4.0.0" + +js-yaml@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602" + integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA== + dependencies: + argparse "^2.0.1" + +jsesc@^3.0.2: + version "3.1.0" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-3.1.0.tgz#74d335a234f67ed19907fdadfac7ccf9d409825d" + integrity sha512-/sM3dO2FOzXjKQhJuo0Q173wf2KOo8t4I8vHy6lF9poUp7bKT0/NHE8fPX23PwfhnykfqnC2xRxOnVw5XuGIaA== + +jsesc@~3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-3.0.2.tgz#bb8b09a6597ba426425f2e4a07245c3d00b9343e" + integrity sha512-xKqzzWXDttJuOcawBt4KnKHHIf5oQ/Cxax+0PWFG+DFDgHNAdi+TXECADI+RYiFUMmx8792xsMbbgXj4CwnP4g== + +json-buffer@3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/json-buffer/-/json-buffer-3.0.1.tgz#9338802a30d3b6605fbe0613e094008ca8c05a13" + integrity sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ== + +json-parse-even-better-errors@^2.3.0, json-parse-even-better-errors@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d" + integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w== + +json-schema-traverse@^0.4.1: + version "0.4.1" + resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660" + integrity sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg== + +json-schema-traverse@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz#ae7bcb3656ab77a73ba5c49bf654f38e6b6860e2" + integrity sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug== + +json5@^2.1.2, json5@^2.2.3: + version "2.2.3" + resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.3.tgz#78cd6f1a19bdc12b73db5ad0c61efd66c1e29283" + integrity sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg== + +jsonfile@^6.0.1: + version "6.2.0" + resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.2.0.tgz#7c265bd1b65de6977478300087c99f1c84383f62" + integrity sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg== + dependencies: + universalify "^2.0.0" + optionalDependencies: + graceful-fs "^4.1.6" + +keyv@^4.5.3: + version "4.5.4" + resolved "https://registry.yarnpkg.com/keyv/-/keyv-4.5.4.tgz#a879a99e29452f942439f2a405e3af8b31d4de93" + integrity sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw== + dependencies: + json-buffer "3.0.1" + +kind-of@^6.0.0, kind-of@^6.0.2: + version "6.0.3" + resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-6.0.3.tgz#07c05034a6c349fa06e24fa35aa76db4580ce4dd" + integrity sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw== + +kleur@^3.0.3: + version "3.0.3" + resolved "https://registry.yarnpkg.com/kleur/-/kleur-3.0.3.tgz#a79c9ecc86ee1ce3fa6206d1216c501f147fc07e" + integrity sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w== + +latest-version@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-7.0.0.tgz#843201591ea81a4d404932eeb61240fe04e9e5da" + integrity sha512-KvNT4XqAMzdcL6ka6Tl3i2lYeFDgXNCuIX+xNx6ZMVR1dFq+idXd9FLKNMOIx0t9mJ9/HudyX4oZWXZQ0UJHeg== + dependencies: + package-json "^8.1.0" + +launch-editor@^2.6.0: + version "2.11.1" + resolved "https://registry.yarnpkg.com/launch-editor/-/launch-editor-2.11.1.tgz#61a0b7314a42fd84a6cbb564573d9e9ffcf3d72b" + integrity sha512-SEET7oNfgSaB6Ym0jufAdCeo3meJVeCaaDyzRygy0xsp2BFKCprcfHljTq4QkzTLUxEKkFK6OK4811YM2oSrRg== + dependencies: + picocolors "^1.1.1" + shell-quote "^1.8.3" + +leven@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/leven/-/leven-3.1.0.tgz#77891de834064cccba82ae7842bb6b14a13ed7f2" + integrity sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A== + +lilconfig@^3.1.1: + version "3.1.3" + resolved "https://registry.yarnpkg.com/lilconfig/-/lilconfig-3.1.3.tgz#a1bcfd6257f9585bf5ae14ceeebb7b559025e4c4" + integrity sha512-/vlFKAoH5Cgt3Ie+JLhRbwOsCQePABiU3tJ1egGvyQ+33R/vcwM2Zl2QR/LzjsBeItPt3oSVXapn+m4nQDvpzw== + +lines-and-columns@^1.1.6: + version "1.2.4" + resolved "https://registry.yarnpkg.com/lines-and-columns/-/lines-and-columns-1.2.4.tgz#eca284f75d2965079309dc0ad9255abb2ebc1632" + integrity sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg== + +loader-runner@^4.2.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/loader-runner/-/loader-runner-4.3.0.tgz#c1b4a163b99f614830353b16755e7149ac2314e1" + integrity sha512-3R/1M+yS3j5ou80Me59j7F9IMs4PXs3VqRrm0TU3AbKPxlmpoY1TNscJV/oGJXo8qCatFGTfDbY6W6ipGOYXfg== + +loader-utils@^2.0.0: + version "2.0.4" + resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-2.0.4.tgz#8b5cb38b5c34a9a018ee1fc0e6a066d1dfcc528c" + integrity sha512-xXqpXoINfFhgua9xiqD8fPFHgkoq1mmmpE92WlDbm9rNRd/EbRb+Gqf908T2DMfuHjjJlksiK2RbHVOdD/MqSw== + dependencies: + big.js "^5.2.2" + emojis-list "^3.0.0" + json5 "^2.1.2" + +locate-path@^7.1.0: + version "7.2.0" + resolved "https://registry.yarnpkg.com/locate-path/-/locate-path-7.2.0.tgz#69cb1779bd90b35ab1e771e1f2f89a202c2a8a8a" + integrity sha512-gvVijfZvn7R+2qyPX8mAuKcFGDf6Nc61GdvGafQsHL0sBIxfKzA+usWn4GFC/bk+QdwPUD4kWFJLhElipq+0VA== + dependencies: + p-locate "^6.0.0" + +lodash.debounce@^4.0.8: + version "4.0.8" + resolved "https://registry.yarnpkg.com/lodash.debounce/-/lodash.debounce-4.0.8.tgz#82d79bff30a67c4005ffd5e2515300ad9ca4d7af" + integrity sha512-FT1yDzDYEoYWhnSGnpE/4Kj1fLZkDFyqRb7fNt6FdYOSxlUWAtp42Eh6Wb0rGIv/m9Bgo7x4GhQbm5Ys4SG5ow== + +lodash.memoize@^4.1.2: + version "4.1.2" + resolved "https://registry.yarnpkg.com/lodash.memoize/-/lodash.memoize-4.1.2.tgz#bcc6c49a42a2840ed997f323eada5ecd182e0bfe" + integrity sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag== + +lodash.uniq@^4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773" + integrity sha512-xfBaXQd9ryd9dlSDvnvI0lvxfLJlYAZzXomUYzLKtUeOQvOP5piqAWuGtrhWeqaXK9hhoM/iyJc5AV+XfsX3HQ== + +lodash@^4.17.20, lodash@^4.17.21: + version "4.17.21" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" + integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== + +longest-streak@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/longest-streak/-/longest-streak-3.1.0.tgz#62fa67cd958742a1574af9f39866364102d90cd4" + integrity sha512-9Ri+o0JYgehTaVBBDoMqIl8GXtbWg711O3srftcHhZ0dqnETqLaoIK0x17fUw9rFSlK/0NlsKe0Ahhyl5pXE2g== + +loose-envify@^1.0.0, loose-envify@^1.2.0, loose-envify@^1.3.1, loose-envify@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.4.0.tgz#71ee51fa7be4caec1a63839f7e682d8132d30caf" + integrity sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q== + dependencies: + js-tokens "^3.0.0 || ^4.0.0" + +lower-case@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/lower-case/-/lower-case-2.0.2.tgz#6fa237c63dbdc4a82ca0fd882e4722dc5e634e28" + integrity sha512-7fm3l3NAF9WfN6W3JOmf5drwpVqX78JtoGJ3A6W0a6ZnldM41w2fV5D490psKFTpMds8TJse/eHLFFsNHHjHgg== + dependencies: + tslib "^2.0.3" + +lowercase-keys@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-3.0.0.tgz#c5e7d442e37ead247ae9db117a9d0a467c89d4f2" + integrity sha512-ozCC6gdQ+glXOQsveKD0YsDy8DSQFjDTz4zyzEHNV5+JP5D62LmfDZ6o1cycFx9ouG940M5dE8C8CTewdj2YWQ== + +lru-cache@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-5.1.1.tgz#1da27e6710271947695daf6848e847f01d84b920" + integrity sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w== + dependencies: + yallist "^3.0.2" + +markdown-extensions@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/markdown-extensions/-/markdown-extensions-2.0.0.tgz#34bebc83e9938cae16e0e017e4a9814a8330d3c4" + integrity sha512-o5vL7aDWatOTX8LzaS1WMoaoxIiLRQJuIKKe2wAw6IeULDHaqbiqiggmx+pKvZDb1Sj+pE46Sn1T7lCqfFtg1Q== + +markdown-table@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/markdown-table/-/markdown-table-2.0.0.tgz#194a90ced26d31fe753d8b9434430214c011865b" + integrity sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A== + dependencies: + repeat-string "^1.0.0" + +markdown-table@^3.0.0: + version "3.0.4" + resolved "https://registry.yarnpkg.com/markdown-table/-/markdown-table-3.0.4.tgz#fe44d6d410ff9d6f2ea1797a3f60aa4d2b631c2a" + integrity sha512-wiYz4+JrLyb/DqW2hkFJxP7Vd7JuTDm77fvbM8VfEQdmSMqcImWeeRbHwZjBjIFki/VaMK2BhFi7oUUZeM5bqw== + +math-intrinsics@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/math-intrinsics/-/math-intrinsics-1.1.0.tgz#a0dd74be81e2aa5c2f27e65ce283605ee4e2b7f9" + integrity sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g== + +mdast-util-directive@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/mdast-util-directive/-/mdast-util-directive-3.1.0.tgz#f3656f4aab6ae3767d3c72cfab5e8055572ccba1" + integrity sha512-I3fNFt+DHmpWCYAT7quoM6lHf9wuqtI+oCOfvILnoicNIqjh5E3dEJWiXuYME2gNe8vl1iMQwyUHa7bgFmak6Q== + dependencies: + "@types/mdast" "^4.0.0" + "@types/unist" "^3.0.0" + ccount "^2.0.0" + devlop "^1.0.0" + mdast-util-from-markdown "^2.0.0" + mdast-util-to-markdown "^2.0.0" + parse-entities "^4.0.0" + stringify-entities "^4.0.0" + unist-util-visit-parents "^6.0.0" + +mdast-util-find-and-replace@^3.0.0, mdast-util-find-and-replace@^3.0.1: + version "3.0.2" + resolved "https://registry.yarnpkg.com/mdast-util-find-and-replace/-/mdast-util-find-and-replace-3.0.2.tgz#70a3174c894e14df722abf43bc250cbae44b11df" + integrity sha512-Tmd1Vg/m3Xz43afeNxDIhWRtFZgM2VLyaf4vSTYwudTyeuTneoL3qtWMA5jeLyz/O1vDJmmV4QuScFCA2tBPwg== + dependencies: + "@types/mdast" "^4.0.0" + escape-string-regexp "^5.0.0" + unist-util-is "^6.0.0" + unist-util-visit-parents "^6.0.0" + +mdast-util-from-markdown@^2.0.0: + version "2.0.2" + resolved "https://registry.yarnpkg.com/mdast-util-from-markdown/-/mdast-util-from-markdown-2.0.2.tgz#4850390ca7cf17413a9b9a0fbefcd1bc0eb4160a" + integrity sha512-uZhTV/8NBuw0WHkPTrCqDOl0zVe1BIng5ZtHoDk49ME1qqcjYmmLmOf0gELgcRMxN4w2iuIeVso5/6QymSrgmA== + dependencies: + "@types/mdast" "^4.0.0" + "@types/unist" "^3.0.0" + decode-named-character-reference "^1.0.0" + devlop "^1.0.0" + mdast-util-to-string "^4.0.0" + micromark "^4.0.0" + micromark-util-decode-numeric-character-reference "^2.0.0" + micromark-util-decode-string "^2.0.0" + micromark-util-normalize-identifier "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + unist-util-stringify-position "^4.0.0" + +mdast-util-frontmatter@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/mdast-util-frontmatter/-/mdast-util-frontmatter-2.0.1.tgz#f5f929eb1eb36c8a7737475c7eb438261f964ee8" + integrity sha512-LRqI9+wdgC25P0URIJY9vwocIzCcksduHQ9OF2joxQoyTNVduwLAFUzjoopuRJbJAReaKrNQKAZKL3uCMugWJA== + dependencies: + "@types/mdast" "^4.0.0" + devlop "^1.0.0" + escape-string-regexp "^5.0.0" + mdast-util-from-markdown "^2.0.0" + mdast-util-to-markdown "^2.0.0" + micromark-extension-frontmatter "^2.0.0" + +mdast-util-gfm-autolink-literal@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/mdast-util-gfm-autolink-literal/-/mdast-util-gfm-autolink-literal-2.0.1.tgz#abd557630337bd30a6d5a4bd8252e1c2dc0875d5" + integrity sha512-5HVP2MKaP6L+G6YaxPNjuL0BPrq9orG3TsrZ9YXbA3vDw/ACI4MEsnoDpn6ZNm7GnZgtAcONJyPhOP8tNJQavQ== + dependencies: + "@types/mdast" "^4.0.0" + ccount "^2.0.0" + devlop "^1.0.0" + mdast-util-find-and-replace "^3.0.0" + micromark-util-character "^2.0.0" + +mdast-util-gfm-footnote@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/mdast-util-gfm-footnote/-/mdast-util-gfm-footnote-2.1.0.tgz#7778e9d9ca3df7238cc2bd3fa2b1bf6a65b19403" + integrity sha512-sqpDWlsHn7Ac9GNZQMeUzPQSMzR6Wv0WKRNvQRg0KqHh02fpTz69Qc1QSseNX29bhz1ROIyNyxExfawVKTm1GQ== + dependencies: + "@types/mdast" "^4.0.0" + devlop "^1.1.0" + mdast-util-from-markdown "^2.0.0" + mdast-util-to-markdown "^2.0.0" + micromark-util-normalize-identifier "^2.0.0" + +mdast-util-gfm-strikethrough@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/mdast-util-gfm-strikethrough/-/mdast-util-gfm-strikethrough-2.0.0.tgz#d44ef9e8ed283ac8c1165ab0d0dfd058c2764c16" + integrity sha512-mKKb915TF+OC5ptj5bJ7WFRPdYtuHv0yTRxK2tJvi+BDqbkiG7h7u/9SI89nRAYcmap2xHQL9D+QG/6wSrTtXg== + dependencies: + "@types/mdast" "^4.0.0" + mdast-util-from-markdown "^2.0.0" + mdast-util-to-markdown "^2.0.0" + +mdast-util-gfm-table@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/mdast-util-gfm-table/-/mdast-util-gfm-table-2.0.0.tgz#7a435fb6223a72b0862b33afbd712b6dae878d38" + integrity sha512-78UEvebzz/rJIxLvE7ZtDd/vIQ0RHv+3Mh5DR96p7cS7HsBhYIICDBCu8csTNWNO6tBWfqXPWekRuj2FNOGOZg== + dependencies: + "@types/mdast" "^4.0.0" + devlop "^1.0.0" + markdown-table "^3.0.0" + mdast-util-from-markdown "^2.0.0" + mdast-util-to-markdown "^2.0.0" + +mdast-util-gfm-task-list-item@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/mdast-util-gfm-task-list-item/-/mdast-util-gfm-task-list-item-2.0.0.tgz#e68095d2f8a4303ef24094ab642e1047b991a936" + integrity sha512-IrtvNvjxC1o06taBAVJznEnkiHxLFTzgonUdy8hzFVeDun0uTjxxrRGVaNFqkU1wJR3RBPEfsxmU6jDWPofrTQ== + dependencies: + "@types/mdast" "^4.0.0" + devlop "^1.0.0" + mdast-util-from-markdown "^2.0.0" + mdast-util-to-markdown "^2.0.0" + +mdast-util-gfm@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/mdast-util-gfm/-/mdast-util-gfm-3.1.0.tgz#2cdf63b92c2a331406b0fb0db4c077c1b0331751" + integrity sha512-0ulfdQOM3ysHhCJ1p06l0b0VKlhU0wuQs3thxZQagjcjPrlFRqY215uZGHHJan9GEAXd9MbfPjFJz+qMkVR6zQ== + dependencies: + mdast-util-from-markdown "^2.0.0" + mdast-util-gfm-autolink-literal "^2.0.0" + mdast-util-gfm-footnote "^2.0.0" + mdast-util-gfm-strikethrough "^2.0.0" + mdast-util-gfm-table "^2.0.0" + mdast-util-gfm-task-list-item "^2.0.0" + mdast-util-to-markdown "^2.0.0" + +mdast-util-mdx-expression@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/mdast-util-mdx-expression/-/mdast-util-mdx-expression-2.0.1.tgz#43f0abac9adc756e2086f63822a38c8d3c3a5096" + integrity sha512-J6f+9hUp+ldTZqKRSg7Vw5V6MqjATc+3E4gf3CFNcuZNWD8XdyI6zQ8GqH7f8169MM6P7hMBRDVGnn7oHB9kXQ== + dependencies: + "@types/estree-jsx" "^1.0.0" + "@types/hast" "^3.0.0" + "@types/mdast" "^4.0.0" + devlop "^1.0.0" + mdast-util-from-markdown "^2.0.0" + mdast-util-to-markdown "^2.0.0" + +mdast-util-mdx-jsx@^3.0.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/mdast-util-mdx-jsx/-/mdast-util-mdx-jsx-3.2.0.tgz#fd04c67a2a7499efb905a8a5c578dddc9fdada0d" + integrity sha512-lj/z8v0r6ZtsN/cGNNtemmmfoLAFZnjMbNyLzBafjzikOM+glrjNHPlf6lQDOTccj9n5b0PPihEBbhneMyGs1Q== + dependencies: + "@types/estree-jsx" "^1.0.0" + "@types/hast" "^3.0.0" + "@types/mdast" "^4.0.0" + "@types/unist" "^3.0.0" + ccount "^2.0.0" + devlop "^1.1.0" + mdast-util-from-markdown "^2.0.0" + mdast-util-to-markdown "^2.0.0" + parse-entities "^4.0.0" + stringify-entities "^4.0.0" + unist-util-stringify-position "^4.0.0" + vfile-message "^4.0.0" + +mdast-util-mdx@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/mdast-util-mdx/-/mdast-util-mdx-3.0.0.tgz#792f9cf0361b46bee1fdf1ef36beac424a099c41" + integrity sha512-JfbYLAW7XnYTTbUsmpu0kdBUVe+yKVJZBItEjwyYJiDJuZ9w4eeaqks4HQO+R7objWgS2ymV60GYpI14Ug554w== + dependencies: + mdast-util-from-markdown "^2.0.0" + mdast-util-mdx-expression "^2.0.0" + mdast-util-mdx-jsx "^3.0.0" + mdast-util-mdxjs-esm "^2.0.0" + mdast-util-to-markdown "^2.0.0" + +mdast-util-mdxjs-esm@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/mdast-util-mdxjs-esm/-/mdast-util-mdxjs-esm-2.0.1.tgz#019cfbe757ad62dd557db35a695e7314bcc9fa97" + integrity sha512-EcmOpxsZ96CvlP03NghtH1EsLtr0n9Tm4lPUJUBccV9RwUOneqSycg19n5HGzCf+10LozMRSObtVr3ee1WoHtg== + dependencies: + "@types/estree-jsx" "^1.0.0" + "@types/hast" "^3.0.0" + "@types/mdast" "^4.0.0" + devlop "^1.0.0" + mdast-util-from-markdown "^2.0.0" + mdast-util-to-markdown "^2.0.0" + +mdast-util-phrasing@^4.0.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/mdast-util-phrasing/-/mdast-util-phrasing-4.1.0.tgz#7cc0a8dec30eaf04b7b1a9661a92adb3382aa6e3" + integrity sha512-TqICwyvJJpBwvGAMZjj4J2n0X8QWp21b9l0o7eXyVJ25YNWYbJDVIyD1bZXE6WtV6RmKJVYmQAKWa0zWOABz2w== + dependencies: + "@types/mdast" "^4.0.0" + unist-util-is "^6.0.0" + +mdast-util-to-hast@^13.0.0: + version "13.2.0" + resolved "https://registry.yarnpkg.com/mdast-util-to-hast/-/mdast-util-to-hast-13.2.0.tgz#5ca58e5b921cc0a3ded1bc02eed79a4fe4fe41f4" + integrity sha512-QGYKEuUsYT9ykKBCMOEDLsU5JRObWQusAolFMeko/tYPufNkRffBAQjIE+99jbA87xv6FgmjLtwjh9wBWajwAA== + dependencies: + "@types/hast" "^3.0.0" + "@types/mdast" "^4.0.0" + "@ungap/structured-clone" "^1.0.0" + devlop "^1.0.0" + micromark-util-sanitize-uri "^2.0.0" + trim-lines "^3.0.0" + unist-util-position "^5.0.0" + unist-util-visit "^5.0.0" + vfile "^6.0.0" + +mdast-util-to-markdown@^2.0.0: + version "2.1.2" + resolved "https://registry.yarnpkg.com/mdast-util-to-markdown/-/mdast-util-to-markdown-2.1.2.tgz#f910ffe60897f04bb4b7e7ee434486f76288361b" + integrity sha512-xj68wMTvGXVOKonmog6LwyJKrYXZPvlwabaryTjLh9LuvovB/KAH+kvi8Gjj+7rJjsFi23nkUxRQv1KqSroMqA== + dependencies: + "@types/mdast" "^4.0.0" + "@types/unist" "^3.0.0" + longest-streak "^3.0.0" + mdast-util-phrasing "^4.0.0" + mdast-util-to-string "^4.0.0" + micromark-util-classify-character "^2.0.0" + micromark-util-decode-string "^2.0.0" + unist-util-visit "^5.0.0" + zwitch "^2.0.0" + +mdast-util-to-string@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/mdast-util-to-string/-/mdast-util-to-string-4.0.0.tgz#7a5121475556a04e7eddeb67b264aae79d312814" + integrity sha512-0H44vDimn51F0YwvxSJSm0eCDOJTRlmN0R1yBh4HLj9wiV1Dn0QoXGbvFAWj2hSItVTlCmBF1hqKlIyUBVFLPg== + dependencies: + "@types/mdast" "^4.0.0" + +mdn-data@2.0.28: + version "2.0.28" + resolved "https://registry.yarnpkg.com/mdn-data/-/mdn-data-2.0.28.tgz#5ec48e7bef120654539069e1ae4ddc81ca490eba" + integrity sha512-aylIc7Z9y4yzHYAJNuESG3hfhC+0Ibp/MAMiaOZgNv4pmEdFyfZhhhny4MNiAfWdBQ1RQ2mfDWmM1x8SvGyp8g== + +mdn-data@2.0.30: + version "2.0.30" + resolved "https://registry.yarnpkg.com/mdn-data/-/mdn-data-2.0.30.tgz#ce4df6f80af6cfbe218ecd5c552ba13c4dfa08cc" + integrity sha512-GaqWWShW4kv/G9IEucWScBx9G1/vsFZZJUO+tD26M8J8z3Kw5RDQjaoZe03YAClgeS/SWPOcb4nkFBTEi5DUEA== + +media-typer@0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" + integrity sha512-dq+qelQ9akHpcOl/gUVRTxVIOkAJ1wR3QAvb4RsVjS8oVoFjDGTc679wJYmUmknUF5HwMLOgb5O+a3KxfWapPQ== + +memfs@^3.4.3: + version "3.6.0" + resolved "https://registry.yarnpkg.com/memfs/-/memfs-3.6.0.tgz#d7a2110f86f79dd950a8b6df6d57bc984aa185f6" + integrity sha512-EGowvkkgbMcIChjMTMkESFDbZeSh8xZ7kNSF0hAiAN4Jh6jgHCRS0Ga/+C8y6Au+oqpezRHCfPsmJ2+DwAgiwQ== + dependencies: + fs-monkey "^1.0.4" + +merge-descriptors@1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.3.tgz#d80319a65f3c7935351e5cfdac8f9318504dbed5" + integrity sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ== + +merge-stream@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-2.0.0.tgz#52823629a14dd00c9770fb6ad47dc6310f2c1f60" + integrity sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w== + +merge2@^1.3.0, merge2@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/merge2/-/merge2-1.4.1.tgz#4368892f885e907455a6fd7dc55c0c9d404990ae" + integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg== + +methods@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee" + integrity sha512-iclAHeNqNm68zFtnZ0e+1L2yUIdvzNoauKU4WBA3VvH/vPFieF7qfRlwUZU+DA9P9bPXIS90ulxoUoCH23sV2w== + +micromark-core-commonmark@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/micromark-core-commonmark/-/micromark-core-commonmark-2.0.3.tgz#c691630e485021a68cf28dbc2b2ca27ebf678cd4" + integrity sha512-RDBrHEMSxVFLg6xvnXmb1Ayr2WzLAWjeSATAoxwKYJV94TeNavgoIdA0a9ytzDSVzBy2YKFK+emCPOEibLeCrg== + dependencies: + decode-named-character-reference "^1.0.0" + devlop "^1.0.0" + micromark-factory-destination "^2.0.0" + micromark-factory-label "^2.0.0" + micromark-factory-space "^2.0.0" + micromark-factory-title "^2.0.0" + micromark-factory-whitespace "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-chunked "^2.0.0" + micromark-util-classify-character "^2.0.0" + micromark-util-html-tag-name "^2.0.0" + micromark-util-normalize-identifier "^2.0.0" + micromark-util-resolve-all "^2.0.0" + micromark-util-subtokenize "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-extension-directive@^3.0.0: + version "3.0.2" + resolved "https://registry.yarnpkg.com/micromark-extension-directive/-/micromark-extension-directive-3.0.2.tgz#2eb61985d1995a7c1ff7621676a4f32af29409e8" + integrity sha512-wjcXHgk+PPdmvR58Le9d7zQYWy+vKEU9Se44p2CrCDPiLr2FMyiT4Fyb5UFKFC66wGB3kPlgD7q3TnoqPS7SZA== + dependencies: + devlop "^1.0.0" + micromark-factory-space "^2.0.0" + micromark-factory-whitespace "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + parse-entities "^4.0.0" + +micromark-extension-frontmatter@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/micromark-extension-frontmatter/-/micromark-extension-frontmatter-2.0.0.tgz#651c52ffa5d7a8eeed687c513cd869885882d67a" + integrity sha512-C4AkuM3dA58cgZha7zVnuVxBhDsbttIMiytjgsM2XbHAB2faRVaHRle40558FBN+DJcrLNCoqG5mlrpdU4cRtg== + dependencies: + fault "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-extension-gfm-autolink-literal@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/micromark-extension-gfm-autolink-literal/-/micromark-extension-gfm-autolink-literal-2.1.0.tgz#6286aee9686c4462c1e3552a9d505feddceeb935" + integrity sha512-oOg7knzhicgQ3t4QCjCWgTmfNhvQbDDnJeVu9v81r7NltNCVmhPy1fJRX27pISafdjL+SVc4d3l48Gb6pbRypw== + dependencies: + micromark-util-character "^2.0.0" + micromark-util-sanitize-uri "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-extension-gfm-footnote@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/micromark-extension-gfm-footnote/-/micromark-extension-gfm-footnote-2.1.0.tgz#4dab56d4e398b9853f6fe4efac4fc9361f3e0750" + integrity sha512-/yPhxI1ntnDNsiHtzLKYnE3vf9JZ6cAisqVDauhp4CEHxlb4uoOTxOCJ+9s51bIB8U1N1FJ1RXOKTIlD5B/gqw== + dependencies: + devlop "^1.0.0" + micromark-core-commonmark "^2.0.0" + micromark-factory-space "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-normalize-identifier "^2.0.0" + micromark-util-sanitize-uri "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-extension-gfm-strikethrough@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/micromark-extension-gfm-strikethrough/-/micromark-extension-gfm-strikethrough-2.1.0.tgz#86106df8b3a692b5f6a92280d3879be6be46d923" + integrity sha512-ADVjpOOkjz1hhkZLlBiYA9cR2Anf8F4HqZUO6e5eDcPQd0Txw5fxLzzxnEkSkfnD0wziSGiv7sYhk/ktvbf1uw== + dependencies: + devlop "^1.0.0" + micromark-util-chunked "^2.0.0" + micromark-util-classify-character "^2.0.0" + micromark-util-resolve-all "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-extension-gfm-table@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/micromark-extension-gfm-table/-/micromark-extension-gfm-table-2.1.1.tgz#fac70bcbf51fe65f5f44033118d39be8a9b5940b" + integrity sha512-t2OU/dXXioARrC6yWfJ4hqB7rct14e8f7m0cbI5hUmDyyIlwv5vEtooptH8INkbLzOatzKuVbQmAYcbWoyz6Dg== + dependencies: + devlop "^1.0.0" + micromark-factory-space "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-extension-gfm-tagfilter@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/micromark-extension-gfm-tagfilter/-/micromark-extension-gfm-tagfilter-2.0.0.tgz#f26d8a7807b5985fba13cf61465b58ca5ff7dc57" + integrity sha512-xHlTOmuCSotIA8TW1mDIM6X2O1SiX5P9IuDtqGonFhEK0qgRI4yeC6vMxEV2dgyr2TiD+2PQ10o+cOhdVAcwfg== + dependencies: + micromark-util-types "^2.0.0" + +micromark-extension-gfm-task-list-item@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/micromark-extension-gfm-task-list-item/-/micromark-extension-gfm-task-list-item-2.1.0.tgz#bcc34d805639829990ec175c3eea12bb5b781f2c" + integrity sha512-qIBZhqxqI6fjLDYFTBIa4eivDMnP+OZqsNwmQ3xNLE4Cxwc+zfQEfbs6tzAo2Hjq+bh6q5F+Z8/cksrLFYWQQw== + dependencies: + devlop "^1.0.0" + micromark-factory-space "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-extension-gfm@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/micromark-extension-gfm/-/micromark-extension-gfm-3.0.0.tgz#3e13376ab95dd7a5cfd0e29560dfe999657b3c5b" + integrity sha512-vsKArQsicm7t0z2GugkCKtZehqUm31oeGBV/KVSorWSy8ZlNAv7ytjFhvaryUiCUJYqs+NoE6AFhpQvBTM6Q4w== + dependencies: + micromark-extension-gfm-autolink-literal "^2.0.0" + micromark-extension-gfm-footnote "^2.0.0" + micromark-extension-gfm-strikethrough "^2.0.0" + micromark-extension-gfm-table "^2.0.0" + micromark-extension-gfm-tagfilter "^2.0.0" + micromark-extension-gfm-task-list-item "^2.0.0" + micromark-util-combine-extensions "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-extension-mdx-expression@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/micromark-extension-mdx-expression/-/micromark-extension-mdx-expression-3.0.1.tgz#43d058d999532fb3041195a3c3c05c46fa84543b" + integrity sha512-dD/ADLJ1AeMvSAKBwO22zG22N4ybhe7kFIZ3LsDI0GlsNr2A3KYxb0LdC1u5rj4Nw+CHKY0RVdnHX8vj8ejm4Q== + dependencies: + "@types/estree" "^1.0.0" + devlop "^1.0.0" + micromark-factory-mdx-expression "^2.0.0" + micromark-factory-space "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-events-to-acorn "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-extension-mdx-jsx@^3.0.0: + version "3.0.2" + resolved "https://registry.yarnpkg.com/micromark-extension-mdx-jsx/-/micromark-extension-mdx-jsx-3.0.2.tgz#ffc98bdb649798902fa9fc5689f67f9c1c902044" + integrity sha512-e5+q1DjMh62LZAJOnDraSSbDMvGJ8x3cbjygy2qFEi7HCeUT4BDKCvMozPozcD6WmOt6sVvYDNBKhFSz3kjOVQ== + dependencies: + "@types/estree" "^1.0.0" + devlop "^1.0.0" + estree-util-is-identifier-name "^3.0.0" + micromark-factory-mdx-expression "^2.0.0" + micromark-factory-space "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-events-to-acorn "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + vfile-message "^4.0.0" + +micromark-extension-mdx-md@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/micromark-extension-mdx-md/-/micromark-extension-mdx-md-2.0.0.tgz#1d252881ea35d74698423ab44917e1f5b197b92d" + integrity sha512-EpAiszsB3blw4Rpba7xTOUptcFeBFi+6PY8VnJ2hhimH+vCQDirWgsMpz7w1XcZE7LVrSAUGb9VJpG9ghlYvYQ== + dependencies: + micromark-util-types "^2.0.0" + +micromark-extension-mdxjs-esm@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/micromark-extension-mdxjs-esm/-/micromark-extension-mdxjs-esm-3.0.0.tgz#de21b2b045fd2059bd00d36746081de38390d54a" + integrity sha512-DJFl4ZqkErRpq/dAPyeWp15tGrcrrJho1hKK5uBS70BCtfrIFg81sqcTVu3Ta+KD1Tk5vAtBNElWxtAa+m8K9A== + dependencies: + "@types/estree" "^1.0.0" + devlop "^1.0.0" + micromark-core-commonmark "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-events-to-acorn "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + unist-util-position-from-estree "^2.0.0" + vfile-message "^4.0.0" + +micromark-extension-mdxjs@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/micromark-extension-mdxjs/-/micromark-extension-mdxjs-3.0.0.tgz#b5a2e0ed449288f3f6f6c544358159557549de18" + integrity sha512-A873fJfhnJ2siZyUrJ31l34Uqwy4xIFmvPY1oj+Ean5PHcPBYzEsvqvWGaWcfEIr11O5Dlw3p2y0tZWpKHDejQ== + dependencies: + acorn "^8.0.0" + acorn-jsx "^5.0.0" + micromark-extension-mdx-expression "^3.0.0" + micromark-extension-mdx-jsx "^3.0.0" + micromark-extension-mdx-md "^2.0.0" + micromark-extension-mdxjs-esm "^3.0.0" + micromark-util-combine-extensions "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-factory-destination@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-factory-destination/-/micromark-factory-destination-2.0.1.tgz#8fef8e0f7081f0474fbdd92deb50c990a0264639" + integrity sha512-Xe6rDdJlkmbFRExpTOmRj9N3MaWmbAgdpSrBQvCFqhezUn4AHqJHbaEnfbVYYiexVSs//tqOdY/DxhjdCiJnIA== + dependencies: + micromark-util-character "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-factory-label@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-factory-label/-/micromark-factory-label-2.0.1.tgz#5267efa97f1e5254efc7f20b459a38cb21058ba1" + integrity sha512-VFMekyQExqIW7xIChcXn4ok29YE3rnuyveW3wZQWWqF4Nv9Wk5rgJ99KzPvHjkmPXF93FXIbBp6YdW3t71/7Vg== + dependencies: + devlop "^1.0.0" + micromark-util-character "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-factory-mdx-expression@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/micromark-factory-mdx-expression/-/micromark-factory-mdx-expression-2.0.3.tgz#bb09988610589c07d1c1e4425285895041b3dfa9" + integrity sha512-kQnEtA3vzucU2BkrIa8/VaSAsP+EJ3CKOvhMuJgOEGg9KDC6OAY6nSnNDVRiVNRqj7Y4SlSzcStaH/5jge8JdQ== + dependencies: + "@types/estree" "^1.0.0" + devlop "^1.0.0" + micromark-factory-space "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-events-to-acorn "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + unist-util-position-from-estree "^2.0.0" + vfile-message "^4.0.0" + +micromark-factory-space@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/micromark-factory-space/-/micromark-factory-space-1.1.0.tgz#c8f40b0640a0150751d3345ed885a080b0d15faf" + integrity sha512-cRzEj7c0OL4Mw2v6nwzttyOZe8XY/Z8G0rzmWQZTBi/jjwyw/U4uqKtUORXQrR5bAZZnbTI/feRV/R7hc4jQYQ== + dependencies: + micromark-util-character "^1.0.0" + micromark-util-types "^1.0.0" + +micromark-factory-space@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-factory-space/-/micromark-factory-space-2.0.1.tgz#36d0212e962b2b3121f8525fc7a3c7c029f334fc" + integrity sha512-zRkxjtBxxLd2Sc0d+fbnEunsTj46SWXgXciZmHq0kDYGnck/ZSGj9/wULTV95uoeYiK5hRXP2mJ98Uo4cq/LQg== + dependencies: + micromark-util-character "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-factory-title@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-factory-title/-/micromark-factory-title-2.0.1.tgz#237e4aa5d58a95863f01032d9ee9b090f1de6e94" + integrity sha512-5bZ+3CjhAd9eChYTHsjy6TGxpOFSKgKKJPJxr293jTbfry2KDoWkhBb6TcPVB4NmzaPhMs1Frm9AZH7OD4Cjzw== + dependencies: + micromark-factory-space "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-factory-whitespace@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-factory-whitespace/-/micromark-factory-whitespace-2.0.1.tgz#06b26b2983c4d27bfcc657b33e25134d4868b0b1" + integrity sha512-Ob0nuZ3PKt/n0hORHyvoD9uZhr+Za8sFoP+OnMcnWK5lngSzALgQYKMr9RJVOWLqQYuyn6ulqGWSXdwf6F80lQ== + dependencies: + micromark-factory-space "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-util-character@^1.0.0, micromark-util-character@^1.1.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/micromark-util-character/-/micromark-util-character-1.2.0.tgz#4fedaa3646db249bc58caeb000eb3549a8ca5dcc" + integrity sha512-lXraTwcX3yH/vMDaFWCQJP1uIszLVebzUa3ZHdrgxr7KEU/9mL4mVgCpGbyhvNLNlauROiNUq7WN5u7ndbY6xg== + dependencies: + micromark-util-symbol "^1.0.0" + micromark-util-types "^1.0.0" + +micromark-util-character@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/micromark-util-character/-/micromark-util-character-2.1.1.tgz#2f987831a40d4c510ac261e89852c4e9703ccda6" + integrity sha512-wv8tdUTJ3thSFFFJKtpYKOYiGP2+v96Hvk4Tu8KpCAsTMs6yi+nVmGh1syvSCsaxz45J6Jbw+9DD6g97+NV67Q== + dependencies: + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-util-chunked@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-chunked/-/micromark-util-chunked-2.0.1.tgz#47fbcd93471a3fccab86cff03847fc3552db1051" + integrity sha512-QUNFEOPELfmvv+4xiNg2sRYeS/P84pTW0TCgP5zc9FpXetHY0ab7SxKyAQCNCc1eK0459uoLI1y5oO5Vc1dbhA== + dependencies: + micromark-util-symbol "^2.0.0" + +micromark-util-classify-character@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-classify-character/-/micromark-util-classify-character-2.0.1.tgz#d399faf9c45ca14c8b4be98b1ea481bced87b629" + integrity sha512-K0kHzM6afW/MbeWYWLjoHQv1sgg2Q9EccHEDzSkxiP/EaagNzCm7T/WMKZ3rjMbvIpvBiZgwR3dKMygtA4mG1Q== + dependencies: + micromark-util-character "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-util-combine-extensions@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-combine-extensions/-/micromark-util-combine-extensions-2.0.1.tgz#2a0f490ab08bff5cc2fd5eec6dd0ca04f89b30a9" + integrity sha512-OnAnH8Ujmy59JcyZw8JSbK9cGpdVY44NKgSM7E9Eh7DiLS2E9RNQf0dONaGDzEG9yjEl5hcqeIsj4hfRkLH/Bg== + dependencies: + micromark-util-chunked "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-util-decode-numeric-character-reference@^2.0.0: + version "2.0.2" + resolved "https://registry.yarnpkg.com/micromark-util-decode-numeric-character-reference/-/micromark-util-decode-numeric-character-reference-2.0.2.tgz#fcf15b660979388e6f118cdb6bf7d79d73d26fe5" + integrity sha512-ccUbYk6CwVdkmCQMyr64dXz42EfHGkPQlBj5p7YVGzq8I7CtjXZJrubAYezf7Rp+bjPseiROqe7G6foFd+lEuw== + dependencies: + micromark-util-symbol "^2.0.0" + +micromark-util-decode-string@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-decode-string/-/micromark-util-decode-string-2.0.1.tgz#6cb99582e5d271e84efca8e61a807994d7161eb2" + integrity sha512-nDV/77Fj6eH1ynwscYTOsbK7rR//Uj0bZXBwJZRfaLEJ1iGBR6kIfNmlNqaqJf649EP0F3NWNdeJi03elllNUQ== + dependencies: + decode-named-character-reference "^1.0.0" + micromark-util-character "^2.0.0" + micromark-util-decode-numeric-character-reference "^2.0.0" + micromark-util-symbol "^2.0.0" + +micromark-util-encode@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-encode/-/micromark-util-encode-2.0.1.tgz#0d51d1c095551cfaac368326963cf55f15f540b8" + integrity sha512-c3cVx2y4KqUnwopcO9b/SCdo2O67LwJJ/UyqGfbigahfegL9myoEFoDYZgkT7f36T0bLrM9hZTAaAyH+PCAXjw== + +micromark-util-events-to-acorn@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/micromark-util-events-to-acorn/-/micromark-util-events-to-acorn-2.0.3.tgz#e7a8a6b55a47e5a06c720d5a1c4abae8c37c98f3" + integrity sha512-jmsiEIiZ1n7X1Rr5k8wVExBQCg5jy4UXVADItHmNk1zkwEVhBuIUKRu3fqv+hs4nxLISi2DQGlqIOGiFxgbfHg== + dependencies: + "@types/estree" "^1.0.0" + "@types/unist" "^3.0.0" + devlop "^1.0.0" + estree-util-visit "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + vfile-message "^4.0.0" + +micromark-util-html-tag-name@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-html-tag-name/-/micromark-util-html-tag-name-2.0.1.tgz#e40403096481986b41c106627f98f72d4d10b825" + integrity sha512-2cNEiYDhCWKI+Gs9T0Tiysk136SnR13hhO8yW6BGNyhOC4qYFnwF1nKfD3HFAIXA5c45RrIG1ub11GiXeYd1xA== + +micromark-util-normalize-identifier@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-normalize-identifier/-/micromark-util-normalize-identifier-2.0.1.tgz#c30d77b2e832acf6526f8bf1aa47bc9c9438c16d" + integrity sha512-sxPqmo70LyARJs0w2UclACPUUEqltCkJ6PhKdMIDuJ3gSf/Q+/GIe3WKl0Ijb/GyH9lOpUkRAO2wp0GVkLvS9Q== + dependencies: + micromark-util-symbol "^2.0.0" + +micromark-util-resolve-all@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-resolve-all/-/micromark-util-resolve-all-2.0.1.tgz#e1a2d62cdd237230a2ae11839027b19381e31e8b" + integrity sha512-VdQyxFWFT2/FGJgwQnJYbe1jjQoNTS4RjglmSjTUlpUMa95Htx9NHeYW4rGDJzbjvCsl9eLjMQwGeElsqmzcHg== + dependencies: + micromark-util-types "^2.0.0" + +micromark-util-sanitize-uri@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-sanitize-uri/-/micromark-util-sanitize-uri-2.0.1.tgz#ab89789b818a58752b73d6b55238621b7faa8fd7" + integrity sha512-9N9IomZ/YuGGZZmQec1MbgxtlgougxTodVwDzzEouPKo3qFWvymFHWcnDi2vzV1ff6kas9ucW+o3yzJK9YB1AQ== + dependencies: + micromark-util-character "^2.0.0" + micromark-util-encode "^2.0.0" + micromark-util-symbol "^2.0.0" + +micromark-util-subtokenize@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/micromark-util-subtokenize/-/micromark-util-subtokenize-2.1.0.tgz#d8ade5ba0f3197a1cf6a2999fbbfe6357a1a19ee" + integrity sha512-XQLu552iSctvnEcgXw6+Sx75GflAPNED1qx7eBJ+wydBb2KCbRZe+NwvIEEMM83uml1+2WSXpBAcp9IUCgCYWA== + dependencies: + devlop "^1.0.0" + micromark-util-chunked "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-util-symbol@^1.0.0, micromark-util-symbol@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/micromark-util-symbol/-/micromark-util-symbol-1.1.0.tgz#813cd17837bdb912d069a12ebe3a44b6f7063142" + integrity sha512-uEjpEYY6KMs1g7QfJ2eX1SQEV+ZT4rUD3UcF6l57acZvLNK7PBZL+ty82Z1qhK1/yXIY4bdx04FKMgR0g4IAag== + +micromark-util-symbol@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/micromark-util-symbol/-/micromark-util-symbol-2.0.1.tgz#e5da494e8eb2b071a0d08fb34f6cefec6c0a19b8" + integrity sha512-vs5t8Apaud9N28kgCrRUdEed4UJ+wWNvicHLPxCa9ENlYuAY31M0ETy5y1vA33YoNPDFTghEbnh6efaE8h4x0Q== + +micromark-util-types@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/micromark-util-types/-/micromark-util-types-1.1.0.tgz#e6676a8cae0bb86a2171c498167971886cb7e283" + integrity sha512-ukRBgie8TIAcacscVHSiddHjO4k/q3pnedmzMQ4iwDcK0FtFCohKOlFbaOL/mPgfnPsL3C1ZyxJa4sbWrBl3jg== + +micromark-util-types@^2.0.0: + version "2.0.2" + resolved "https://registry.yarnpkg.com/micromark-util-types/-/micromark-util-types-2.0.2.tgz#f00225f5f5a0ebc3254f96c36b6605c4b393908e" + integrity sha512-Yw0ECSpJoViF1qTU4DC6NwtC4aWGt1EkzaQB8KPPyCRR8z9TWeV0HbEFGTO+ZY1wB22zmxnJqhPyTpOVCpeHTA== + +micromark@^4.0.0: + version "4.0.2" + resolved "https://registry.yarnpkg.com/micromark/-/micromark-4.0.2.tgz#91395a3e1884a198e62116e33c9c568e39936fdb" + integrity sha512-zpe98Q6kvavpCr1NPVSCMebCKfD7CA2NqZ+rykeNhONIJBpc1tFKt9hucLGwha3jNTNI8lHpctWJWoimVF4PfA== + dependencies: + "@types/debug" "^4.0.0" + debug "^4.0.0" + decode-named-character-reference "^1.0.0" + devlop "^1.0.0" + micromark-core-commonmark "^2.0.0" + micromark-factory-space "^2.0.0" + micromark-util-character "^2.0.0" + micromark-util-chunked "^2.0.0" + micromark-util-combine-extensions "^2.0.0" + micromark-util-decode-numeric-character-reference "^2.0.0" + micromark-util-encode "^2.0.0" + micromark-util-normalize-identifier "^2.0.0" + micromark-util-resolve-all "^2.0.0" + micromark-util-sanitize-uri "^2.0.0" + micromark-util-subtokenize "^2.0.0" + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromatch@^4.0.2, micromatch@^4.0.5, micromatch@^4.0.8: + version "4.0.8" + resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.8.tgz#d66fa18f3a47076789320b9b1af32bd86d9fa202" + integrity sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA== + dependencies: + braces "^3.0.3" + picomatch "^2.3.1" + +mime-db@1.52.0: + version "1.52.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.52.0.tgz#bbabcdc02859f4987301c856e3387ce5ec43bf70" + integrity sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg== + +"mime-db@>= 1.43.0 < 2": + version "1.54.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.54.0.tgz#cddb3ee4f9c64530dff640236661d42cb6a314f5" + integrity sha512-aU5EJuIN2WDemCcAp2vFBfp/m4EAhWJnUNSSw0ixs7/kXbd6Pg64EmwJkNdFhB8aWt1sH2CTXrLxo/iAGV3oPQ== + +mime-db@~1.33.0: + version "1.33.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.33.0.tgz#a3492050a5cb9b63450541e39d9788d2272783db" + integrity sha512-BHJ/EKruNIqJf/QahvxwQZXKygOQ256myeN/Ew+THcAa5q+PjyTTMMeNQC4DZw5AwfvelsUrA6B67NKMqXDbzQ== + +mime-types@2.1.18: + version "2.1.18" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.18.tgz#6f323f60a83d11146f831ff11fd66e2fe5503bb8" + integrity sha512-lc/aahn+t4/SWV/qcmumYjymLsWfN3ELhpmVuUFjgsORruuZPVSwAQryq+HHGvO/SI2KVX26bx+En+zhM8g8hQ== + dependencies: + mime-db "~1.33.0" + +mime-types@^2.1.27, mime-types@^2.1.31, mime-types@~2.1.17, mime-types@~2.1.24, mime-types@~2.1.34: + version "2.1.35" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.35.tgz#381a871b62a734450660ae3deee44813f70d959a" + integrity sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw== + dependencies: + mime-db "1.52.0" + +mime@1.6.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/mime/-/mime-1.6.0.tgz#32cd9e5c64553bd58d19a568af452acff04981b1" + integrity sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg== + +mimic-fn@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-2.1.0.tgz#7ed2c2ccccaf84d3ffcb7a69b57711fc2083401b" + integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg== + +mimic-response@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-3.1.0.tgz#2d1d59af9c1b129815accc2c46a022a5ce1fa3c9" + integrity sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ== + +mimic-response@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-4.0.0.tgz#35468b19e7c75d10f5165ea25e75a5ceea7cf70f" + integrity sha512-e5ISH9xMYU0DzrT+jl8q2ze9D6eWBto+I8CNpe+VI+K2J/F/k3PdkdTdz4wvGVH4NTpo+NRYTVIuMQEMMcsLqg== + +mini-css-extract-plugin@^2.9.2: + version "2.9.4" + resolved "https://registry.yarnpkg.com/mini-css-extract-plugin/-/mini-css-extract-plugin-2.9.4.tgz#cafa1a42f8c71357f49cd1566810d74ff1cb0200" + integrity sha512-ZWYT7ln73Hptxqxk2DxPU9MmapXRhxkJD6tkSR04dnQxm8BGu2hzgKLugK5yySD97u/8yy7Ma7E76k9ZdvtjkQ== + dependencies: + schema-utils "^4.0.0" + tapable "^2.2.1" + +minimalistic-assert@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7" + integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A== + +minimatch@3.1.2, minimatch@^3.1.1: + version "3.1.2" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b" + integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw== + dependencies: + brace-expansion "^1.1.7" + +minimist@^1.2.0: + version "1.2.8" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.8.tgz#c1a464e7693302e082a075cee0c057741ac4772c" + integrity sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA== + +mrmime@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/mrmime/-/mrmime-2.0.1.tgz#bc3e87f7987853a54c9850eeb1f1078cd44adddc" + integrity sha512-Y3wQdFg2Va6etvQ5I82yUhGdsKrcYox6p7FfL1LbK2J4V01F9TGlepTIhnK24t7koZibmg82KGglhA1XK5IsLQ== + +ms@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + integrity sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A== + +ms@2.1.3, ms@^2.1.3: + version "2.1.3" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.3.tgz#574c8138ce1d2b5861f0b44579dbadd60c6615b2" + integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA== + +multicast-dns@^7.2.5: + version "7.2.5" + resolved "https://registry.yarnpkg.com/multicast-dns/-/multicast-dns-7.2.5.tgz#77eb46057f4d7adbd16d9290fa7299f6fa64cced" + integrity sha512-2eznPJP8z2BFLX50tf0LuODrpINqP1RVIm/CObbTcBRITQgmC/TjcREF1NeTBzIcR5XO/ukWo+YHOjBbFwIupg== + dependencies: + dns-packet "^5.2.2" + thunky "^1.0.2" + +nanoid@^3.3.11: + version "3.3.11" + resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.11.tgz#4f4f112cefbe303202f2199838128936266d185b" + integrity sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w== + +negotiator@0.6.3: + version "0.6.3" + resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.3.tgz#58e323a72fedc0d6f9cd4d31fe49f51479590ccd" + integrity sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg== + +negotiator@~0.6.4: + version "0.6.4" + resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.4.tgz#777948e2452651c570b712dd01c23e262713fff7" + integrity sha512-myRT3DiWPHqho5PrJaIRyaMv2kgYf0mUVgBNOYMuCH5Ki1yEiQaf/ZJuQ62nvpc44wL5WDbTX7yGJi1Neevw8w== + +neo-async@^2.6.2: + version "2.6.2" + resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.2.tgz#b4aafb93e3aeb2d8174ca53cf163ab7d7308305f" + integrity sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw== + +no-case@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/no-case/-/no-case-3.0.4.tgz#d361fd5c9800f558551a8369fc0dcd4662b6124d" + integrity sha512-fgAN3jGAh+RoxUGZHTSOLJIqUc2wmoBwGR4tbpNAKmmovFoWq0OdRkb0VkldReO2a2iBT/OEulG9XSUc10r3zg== + dependencies: + lower-case "^2.0.2" + tslib "^2.0.3" + +node-emoji@^2.1.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/node-emoji/-/node-emoji-2.2.0.tgz#1d000e3c76e462577895be1b436f4aa2d6760eb0" + integrity sha512-Z3lTE9pLaJF47NyMhd4ww1yFTAP8YhYI8SleJiHzM46Fgpm5cnNzSl9XfzFNqbaz+VlJrIj3fXQ4DeN1Rjm6cw== + dependencies: + "@sindresorhus/is" "^4.6.0" + char-regex "^1.0.2" + emojilib "^2.4.0" + skin-tone "^2.0.0" + +node-forge@^1: + version "1.3.1" + resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-1.3.1.tgz#be8da2af243b2417d5f646a770663a92b7e9ded3" + integrity sha512-dPEtOeMvF9VMcYV/1Wb8CPoVAXtp6MKMlcbAt4ddqmGqUJ6fQZFXkNZNkNlfevtNkGtaSoXf/vNNNSvgrdXwtA== + +node-releases@^2.0.19: + version "2.0.19" + resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-2.0.19.tgz#9e445a52950951ec4d177d843af370b411caf314" + integrity sha512-xxOWJsBKtzAq7DY0J+DTzuz58K8e7sJbdgwkbMWQe8UYB6ekmsQ45q0M/tJDsGaZmbC+l7n57UV8Hl5tHxO9uw== + +normalize-path@^3.0.0, normalize-path@~3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-3.0.0.tgz#0dcd69ff23a1c9b11fd0978316644a0388216a65" + integrity sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA== + +normalize-range@^0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/normalize-range/-/normalize-range-0.1.2.tgz#2d10c06bdfd312ea9777695a4d28439456b75942" + integrity sha512-bdok/XvKII3nUpklnV6P2hxtMNrCboOjAcyBuQnWEhO665FwrSNRxU+AqpsyvO6LgGYPspN+lu5CLtw4jPRKNA== + +normalize-url@^8.0.0: + version "8.0.2" + resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-8.0.2.tgz#3b343a42f837e4dae2b01917c04e8de3782e9170" + integrity sha512-Ee/R3SyN4BuynXcnTaekmaVdbDAEiNrHqjQIA37mHU8G9pf7aaAD4ZX3XjBLo6rsdcxA/gtkcNYZLt30ACgynw== + +npm-run-path@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/npm-run-path/-/npm-run-path-4.0.1.tgz#b7ecd1e5ed53da8e37a55e1c2269e0b97ed748ea" + integrity sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw== + dependencies: + path-key "^3.0.0" + +nprogress@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/nprogress/-/nprogress-0.2.0.tgz#cb8f34c53213d895723fcbab907e9422adbcafb1" + integrity sha512-I19aIingLgR1fmhftnbWWO3dXc0hSxqHQHQb3H8m+K3TnEn/iSeTZZOyvKXWqQESMwuUVnatlCnZdLBZZt2VSA== + +nth-check@^2.0.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/nth-check/-/nth-check-2.1.1.tgz#c9eab428effce36cd6b92c924bdb000ef1f1ed1d" + integrity sha512-lqjrjmaOoAnWfMmBPL+XNnynZh2+swxiX3WUE0s4yEHI6m+AwrK2UZOimIRl3X/4QctVqS8AiZjFqyOGrMXb/w== + dependencies: + boolbase "^1.0.0" + +null-loader@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/null-loader/-/null-loader-4.0.1.tgz#8e63bd3a2dd3c64236a4679428632edd0a6dbc6a" + integrity sha512-pxqVbi4U6N26lq+LmgIbB5XATP0VdZKOG25DhHi8btMmJJefGArFyDg1yc4U3hWCJbMqSrw0qyrz1UQX+qYXqg== + dependencies: + loader-utils "^2.0.0" + schema-utils "^3.0.0" + +object-assign@^4.1.1: + version "4.1.1" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" + integrity sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg== + +object-inspect@^1.13.3: + version "1.13.4" + resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.13.4.tgz#8375265e21bc20d0fa582c22e1b13485d6e00213" + integrity sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew== + +object-keys@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e" + integrity sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA== + +object.assign@^4.1.0: + version "4.1.7" + resolved "https://registry.yarnpkg.com/object.assign/-/object.assign-4.1.7.tgz#8c14ca1a424c6a561b0bb2a22f66f5049a945d3d" + integrity sha512-nK28WOo+QIjBkDduTINE4JkF/UJJKyf2EJxvJKfblDpyg0Q+pkOHNTL0Qwy6NP6FhE/EnzV73BxxqcJaXY9anw== + dependencies: + call-bind "^1.0.8" + call-bound "^1.0.3" + define-properties "^1.2.1" + es-object-atoms "^1.0.0" + has-symbols "^1.1.0" + object-keys "^1.1.1" + +obuf@^1.0.0, obuf@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/obuf/-/obuf-1.1.2.tgz#09bea3343d41859ebd446292d11c9d4db619084e" + integrity sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg== + +on-finished@2.4.1: + version "2.4.1" + resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.4.1.tgz#58c8c44116e54845ad57f14ab10b03533184ac3f" + integrity sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg== + dependencies: + ee-first "1.1.1" + +on-headers@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.1.0.tgz#59da4f91c45f5f989c6e4bcedc5a3b0aed70ff65" + integrity sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A== + +once@^1.3.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" + integrity sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w== + dependencies: + wrappy "1" + +onetime@^5.1.2: + version "5.1.2" + resolved "https://registry.yarnpkg.com/onetime/-/onetime-5.1.2.tgz#d0e96ebb56b07476df1dd9c4806e5237985ca45e" + integrity sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg== + dependencies: + mimic-fn "^2.1.0" + +open@^8.0.9, open@^8.4.0: + version "8.4.2" + resolved "https://registry.yarnpkg.com/open/-/open-8.4.2.tgz#5b5ffe2a8f793dcd2aad73e550cb87b59cb084f9" + integrity sha512-7x81NCL719oNbsq/3mh+hVrAWmFuEYUqrq/Iw3kUzH8ReypT9QQ0BLoJS7/G9k6N81XjW4qHWtjWwe/9eLy1EQ== + dependencies: + define-lazy-prop "^2.0.0" + is-docker "^2.1.1" + is-wsl "^2.2.0" + +opener@^1.5.2: + version "1.5.2" + resolved "https://registry.yarnpkg.com/opener/-/opener-1.5.2.tgz#5d37e1f35077b9dcac4301372271afdeb2a13598" + integrity sha512-ur5UIdyw5Y7yEj9wLzhqXiy6GZ3Mwx0yGI+5sMn2r0N0v3cKJvUmFH5yPP+WXh9e0xfyzyJX95D8l088DNFj7A== + +p-cancelable@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/p-cancelable/-/p-cancelable-3.0.0.tgz#63826694b54d61ca1c20ebcb6d3ecf5e14cd8050" + integrity sha512-mlVgR3PGuzlo0MmTdk4cXqXWlwQDLnONTAg6sm62XkMJEiRxN3GL3SffkYvqwonbkJBcrI7Uvv5Zh9yjvn2iUw== + +p-finally@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/p-finally/-/p-finally-1.0.0.tgz#3fbcfb15b899a44123b34b6dcc18b724336a2cae" + integrity sha512-LICb2p9CB7FS+0eR1oqWnHhp0FljGLZCWBE9aix0Uye9W8LTQPwMTYVGWQWIw9RdQiDg4+epXQODwIYJtSJaow== + +p-limit@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-4.0.0.tgz#914af6544ed32bfa54670b061cafcbd04984b644" + integrity sha512-5b0R4txpzjPWVw/cXXUResoD4hb6U/x9BH08L7nw+GN1sezDzPdxeRvpc9c433fZhBan/wusjbCsqwqm4EIBIQ== + dependencies: + yocto-queue "^1.0.0" + +p-locate@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/p-locate/-/p-locate-6.0.0.tgz#3da9a49d4934b901089dca3302fa65dc5a05c04f" + integrity sha512-wPrq66Llhl7/4AGC6I+cqxT07LhXvWL08LNXz1fENOw0Ap4sRZZ/gZpTTJ5jpurzzzfS2W/Ge9BY3LgLjCShcw== + dependencies: + p-limit "^4.0.0" + +p-map@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/p-map/-/p-map-4.0.0.tgz#bb2f95a5eda2ec168ec9274e06a747c3e2904d2b" + integrity sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ== + dependencies: + aggregate-error "^3.0.0" + +p-queue@^6.6.2: + version "6.6.2" + resolved "https://registry.yarnpkg.com/p-queue/-/p-queue-6.6.2.tgz#2068a9dcf8e67dd0ec3e7a2bcb76810faa85e426" + integrity sha512-RwFpb72c/BhQLEXIZ5K2e+AhgNVmIejGlTgiB9MzZ0e93GRvqZ7uSi0dvRF7/XIXDeNkra2fNHBxTyPDGySpjQ== + dependencies: + eventemitter3 "^4.0.4" + p-timeout "^3.2.0" + +p-retry@^4.5.0: + version "4.6.2" + resolved "https://registry.yarnpkg.com/p-retry/-/p-retry-4.6.2.tgz#9baae7184057edd4e17231cee04264106e092a16" + integrity sha512-312Id396EbJdvRONlngUx0NydfrIQ5lsYu0znKVUzVvArzEIt08V1qhtyESbGVd1FGX7UKtiFp5uwKZdM8wIuQ== + dependencies: + "@types/retry" "0.12.0" + retry "^0.13.1" + +p-timeout@^3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/p-timeout/-/p-timeout-3.2.0.tgz#c7e17abc971d2a7962ef83626b35d635acf23dfe" + integrity sha512-rhIwUycgwwKcP9yTOOFK/AKsAopjjCakVqLHePO3CC6Mir1Z99xT+R63jZxAT5lFZLa2inS5h+ZS2GvR99/FBg== + dependencies: + p-finally "^1.0.0" + +package-json@^8.1.0: + version "8.1.1" + resolved "https://registry.yarnpkg.com/package-json/-/package-json-8.1.1.tgz#3e9948e43df40d1e8e78a85485f1070bf8f03dc8" + integrity sha512-cbH9IAIJHNj9uXi196JVsRlt7cHKak6u/e6AkL/bkRelZ7rlL3X1YKxsZwa36xipOEKAsdtmaG6aAJoM1fx2zA== + dependencies: + got "^12.1.0" + registry-auth-token "^5.0.1" + registry-url "^6.0.0" + semver "^7.3.7" + +param-case@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/param-case/-/param-case-3.0.4.tgz#7d17fe4aa12bde34d4a77d91acfb6219caad01c5" + integrity sha512-RXlj7zCYokReqWpOPH9oYivUzLYZ5vAPIfEmCTNViosC78F8F0H9y7T7gG2M39ymgutxF5gcFEsyZQSph9Bp3A== + dependencies: + dot-case "^3.0.4" + tslib "^2.0.3" + +parent-module@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/parent-module/-/parent-module-1.0.1.tgz#691d2709e78c79fae3a156622452d00762caaaa2" + integrity sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g== + dependencies: + callsites "^3.0.0" + +parse-entities@^4.0.0: + version "4.0.2" + resolved "https://registry.yarnpkg.com/parse-entities/-/parse-entities-4.0.2.tgz#61d46f5ed28e4ee62e9ddc43d6b010188443f159" + integrity sha512-GG2AQYWoLgL877gQIKeRPGO1xF9+eG1ujIb5soS5gPvLQ1y2o8FL90w2QWNdf9I361Mpp7726c+lj3U0qK1uGw== + dependencies: + "@types/unist" "^2.0.0" + character-entities-legacy "^3.0.0" + character-reference-invalid "^2.0.0" + decode-named-character-reference "^1.0.0" + is-alphanumerical "^2.0.0" + is-decimal "^2.0.0" + is-hexadecimal "^2.0.0" + +parse-json@^5.0.0, parse-json@^5.2.0: + version "5.2.0" + resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-5.2.0.tgz#c76fc66dee54231c962b22bcc8a72cf2f99753cd" + integrity sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg== + dependencies: + "@babel/code-frame" "^7.0.0" + error-ex "^1.3.1" + json-parse-even-better-errors "^2.3.0" + lines-and-columns "^1.1.6" + +parse-numeric-range@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/parse-numeric-range/-/parse-numeric-range-1.3.0.tgz#7c63b61190d61e4d53a1197f0c83c47bb670ffa3" + integrity sha512-twN+njEipszzlMJd4ONUYgSfZPDxgHhT9Ahed5uTigpQn90FggW4SA/AIPq/6a149fTbE9qBEcSwE3FAEp6wQQ== + +parse5-htmlparser2-tree-adapter@^7.0.0: + version "7.1.0" + resolved "https://registry.yarnpkg.com/parse5-htmlparser2-tree-adapter/-/parse5-htmlparser2-tree-adapter-7.1.0.tgz#b5a806548ed893a43e24ccb42fbb78069311e81b" + integrity sha512-ruw5xyKs6lrpo9x9rCZqZZnIUntICjQAd0Wsmp396Ul9lN/h+ifgVV1x1gZHi8euej6wTfpqX8j+BFQxF0NS/g== + dependencies: + domhandler "^5.0.3" + parse5 "^7.0.0" + +parse5@^7.0.0: + version "7.3.0" + resolved "https://registry.yarnpkg.com/parse5/-/parse5-7.3.0.tgz#d7e224fa72399c7a175099f45fc2ad024b05ec05" + integrity sha512-IInvU7fabl34qmi9gY8XOVxhYyMyuH2xUNpb2q8/Y+7552KlejkRvqvD19nMoUW/uQGGbqNpA6Tufu5FL5BZgw== + dependencies: + entities "^6.0.0" + +parseurl@~1.3.2, parseurl@~1.3.3: + version "1.3.3" + resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.3.tgz#9da19e7bee8d12dff0513ed5b76957793bc2e8d4" + integrity sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ== + +pascal-case@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/pascal-case/-/pascal-case-3.1.2.tgz#b48e0ef2b98e205e7c1dae747d0b1508237660eb" + integrity sha512-uWlGT3YSnK9x3BQJaOdcZwrnV6hPpd8jFH1/ucpiLRPh/2zCVJKS19E4GvYHvaCcACn3foXZ0cLB9Wrx1KGe5g== + dependencies: + no-case "^3.0.4" + tslib "^2.0.3" + +path-exists@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-5.0.0.tgz#a6aad9489200b21fab31e49cf09277e5116fb9e7" + integrity sha512-RjhtfwJOxzcFmNOi6ltcbcu4Iu+FL3zEj83dk4kAS+fVpTxXLO1b38RvJgT/0QwvV/L3aY9TAnyv0EOqW4GoMQ== + +path-is-absolute@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" + integrity sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg== + +path-is-inside@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" + integrity sha512-DUWJr3+ULp4zXmol/SZkFf3JGsS9/SIv+Y3Rt93/UjPpDpklB5f1er4O3POIbUuUJ3FXgqte2Q7SrU6zAqwk8w== + +path-key@^3.0.0, path-key@^3.1.0: + version "3.1.1" + resolved "https://registry.yarnpkg.com/path-key/-/path-key-3.1.1.tgz#581f6ade658cbba65a0d3380de7753295054f375" + integrity sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q== + +path-parse@^1.0.7: + version "1.0.7" + resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735" + integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw== + +path-to-regexp@0.1.12: + version "0.1.12" + resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.12.tgz#d5e1a12e478a976d432ef3c58d534b9923164bb7" + integrity sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ== + +path-to-regexp@3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-3.3.0.tgz#f7f31d32e8518c2660862b644414b6d5c63a611b" + integrity sha512-qyCH421YQPS2WFDxDjftfc1ZR5WKQzVzqsp4n9M2kQhVOo/ByahFoUNJfl58kOcEGfQ//7weFTDhm+ss8Ecxgw== + +path-to-regexp@^1.7.0: + version "1.9.0" + resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-1.9.0.tgz#5dc0753acbf8521ca2e0f137b4578b917b10cf24" + integrity sha512-xIp7/apCFJuUHdDLWe8O1HIkb0kQrOMb/0u6FXQjemHn/ii5LrIzU6bdECnsiTF/GjZkMEKg1xdiZwNqDYlZ6g== + dependencies: + isarray "0.0.1" + +path-type@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/path-type/-/path-type-4.0.0.tgz#84ed01c0a7ba380afe09d90a8c180dcd9d03043b" + integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw== + +picocolors@^1.0.0, picocolors@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.1.1.tgz#3d321af3eab939b083c8f929a1d12cda81c26b6b" + integrity sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA== + +picomatch@^2.0.4, picomatch@^2.2.1, picomatch@^2.2.3, picomatch@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42" + integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA== + +pkg-dir@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-7.0.0.tgz#8f0c08d6df4476756c5ff29b3282d0bab7517d11" + integrity sha512-Ie9z/WINcxxLp27BKOCHGde4ITq9UklYKDzVo1nhk5sqGEXU3FpkwP5GM2voTGJkGd9B3Otl+Q4uwSOeSUtOBA== + dependencies: + find-up "^6.3.0" + +postcss-attribute-case-insensitive@^7.0.1: + version "7.0.1" + resolved "https://registry.yarnpkg.com/postcss-attribute-case-insensitive/-/postcss-attribute-case-insensitive-7.0.1.tgz#0c4500e3bcb2141848e89382c05b5a31c23033a3" + integrity sha512-Uai+SupNSqzlschRyNx3kbCTWgY/2hcwtHEI/ej2LJWc9JJ77qKgGptd8DHwY1mXtZ7Aoh4z4yxfwMBue9eNgw== + dependencies: + postcss-selector-parser "^7.0.0" + +postcss-calc@^9.0.1: + version "9.0.1" + resolved "https://registry.yarnpkg.com/postcss-calc/-/postcss-calc-9.0.1.tgz#a744fd592438a93d6de0f1434c572670361eb6c6" + integrity sha512-TipgjGyzP5QzEhsOZUaIkeO5mKeMFpebWzRogWG/ysonUlnHcq5aJe0jOjpfzUU8PeSaBQnrE8ehR0QA5vs8PQ== + dependencies: + postcss-selector-parser "^6.0.11" + postcss-value-parser "^4.2.0" + +postcss-clamp@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/postcss-clamp/-/postcss-clamp-4.1.0.tgz#7263e95abadd8c2ba1bd911b0b5a5c9c93e02363" + integrity sha512-ry4b1Llo/9zz+PKC+030KUnPITTJAHeOwjfAyyB60eT0AorGLdzp52s31OsPRHRf8NchkgFoG2y6fCfn1IV1Ow== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-color-functional-notation@^7.0.11: + version "7.0.11" + resolved "https://registry.yarnpkg.com/postcss-color-functional-notation/-/postcss-color-functional-notation-7.0.11.tgz#ad6b3d2e71fedd94a932f96260b596c33c53c6a5" + integrity sha512-zfqoUSaHMko/k2PA9xnaydVTHqYv5vphq5Q2AHcG/dCdv/OkHYWcVWfVTBKZ526uzT8L7NghuvSw3C9PxlKnLg== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +postcss-color-hex-alpha@^10.0.0: + version "10.0.0" + resolved "https://registry.yarnpkg.com/postcss-color-hex-alpha/-/postcss-color-hex-alpha-10.0.0.tgz#5dd3eba1f8facb4ea306cba6e3f7712e876b0c76" + integrity sha512-1kervM2cnlgPs2a8Vt/Qbe5cQ++N7rkYo/2rz2BkqJZIHQwaVuJgQH38REHrAi4uM0b1fqxMkWYmese94iMp3w== + dependencies: + "@csstools/utilities" "^2.0.0" + postcss-value-parser "^4.2.0" + +postcss-color-rebeccapurple@^10.0.0: + version "10.0.0" + resolved "https://registry.yarnpkg.com/postcss-color-rebeccapurple/-/postcss-color-rebeccapurple-10.0.0.tgz#5ada28406ac47e0796dff4056b0a9d5a6ecead98" + integrity sha512-JFta737jSP+hdAIEhk1Vs0q0YF5P8fFcj+09pweS8ktuGuZ8pPlykHsk6mPxZ8awDl4TrcxUqJo9l1IhVr/OjQ== + dependencies: + "@csstools/utilities" "^2.0.0" + postcss-value-parser "^4.2.0" + +postcss-colormin@^6.1.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/postcss-colormin/-/postcss-colormin-6.1.0.tgz#076e8d3fb291fbff7b10e6b063be9da42ff6488d" + integrity sha512-x9yX7DOxeMAR+BgGVnNSAxmAj98NX/YxEMNFP+SDCEeNLb2r3i6Hh1ksMsnW8Ub5SLCpbescQqn9YEbE9554Sw== + dependencies: + browserslist "^4.23.0" + caniuse-api "^3.0.0" + colord "^2.9.3" + postcss-value-parser "^4.2.0" + +postcss-convert-values@^6.1.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/postcss-convert-values/-/postcss-convert-values-6.1.0.tgz#3498387f8efedb817cbc63901d45bd1ceaa40f48" + integrity sha512-zx8IwP/ts9WvUM6NkVSkiU902QZL1bwPhaVaLynPtCsOTqp+ZKbNi+s6XJg3rfqpKGA/oc7Oxk5t8pOQJcwl/w== + dependencies: + browserslist "^4.23.0" + postcss-value-parser "^4.2.0" + +postcss-custom-media@^11.0.6: + version "11.0.6" + resolved "https://registry.yarnpkg.com/postcss-custom-media/-/postcss-custom-media-11.0.6.tgz#6b450e5bfa209efb736830066682e6567bd04967" + integrity sha512-C4lD4b7mUIw+RZhtY7qUbf4eADmb7Ey8BFA2px9jUbwg7pjTZDl4KY4bvlUV+/vXQvzQRfiGEVJyAbtOsCMInw== + dependencies: + "@csstools/cascade-layer-name-parser" "^2.0.5" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/media-query-list-parser" "^4.0.3" + +postcss-custom-properties@^14.0.6: + version "14.0.6" + resolved "https://registry.yarnpkg.com/postcss-custom-properties/-/postcss-custom-properties-14.0.6.tgz#1af73a650bf115ba052cf915287c9982825fc90e" + integrity sha512-fTYSp3xuk4BUeVhxCSJdIPhDLpJfNakZKoiTDx7yRGCdlZrSJR7mWKVOBS4sBF+5poPQFMj2YdXx1VHItBGihQ== + dependencies: + "@csstools/cascade-layer-name-parser" "^2.0.5" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/utilities" "^2.0.0" + postcss-value-parser "^4.2.0" + +postcss-custom-selectors@^8.0.5: + version "8.0.5" + resolved "https://registry.yarnpkg.com/postcss-custom-selectors/-/postcss-custom-selectors-8.0.5.tgz#9448ed37a12271d7ab6cb364b6f76a46a4a323e8" + integrity sha512-9PGmckHQswiB2usSO6XMSswO2yFWVoCAuih1yl9FVcwkscLjRKjwsjM3t+NIWpSU2Jx3eOiK2+t4vVTQaoCHHg== + dependencies: + "@csstools/cascade-layer-name-parser" "^2.0.5" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + postcss-selector-parser "^7.0.0" + +postcss-dir-pseudo-class@^9.0.1: + version "9.0.1" + resolved "https://registry.yarnpkg.com/postcss-dir-pseudo-class/-/postcss-dir-pseudo-class-9.0.1.tgz#80d9e842c9ae9d29f6bf5fd3cf9972891d6cc0ca" + integrity sha512-tRBEK0MHYvcMUrAuYMEOa0zg9APqirBcgzi6P21OhxtJyJADo/SWBwY1CAwEohQ/6HDaa9jCjLRG7K3PVQYHEA== + dependencies: + postcss-selector-parser "^7.0.0" + +postcss-discard-comments@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-discard-comments/-/postcss-discard-comments-6.0.2.tgz#e768dcfdc33e0216380623652b0a4f69f4678b6c" + integrity sha512-65w/uIqhSBBfQmYnG92FO1mWZjJ4GL5b8atm5Yw2UgrwD7HiNiSSNwJor1eCFGzUgYnN/iIknhNRVqjrrpuglw== + +postcss-discard-duplicates@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/postcss-discard-duplicates/-/postcss-discard-duplicates-6.0.3.tgz#d121e893c38dc58a67277f75bb58ba43fce4c3eb" + integrity sha512-+JA0DCvc5XvFAxwx6f/e68gQu/7Z9ud584VLmcgto28eB8FqSFZwtrLwB5Kcp70eIoWP/HXqz4wpo8rD8gpsTw== + +postcss-discard-empty@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/postcss-discard-empty/-/postcss-discard-empty-6.0.3.tgz#ee39c327219bb70473a066f772621f81435a79d9" + integrity sha512-znyno9cHKQsK6PtxL5D19Fj9uwSzC2mB74cpT66fhgOadEUPyXFkbgwm5tvc3bt3NAy8ltE5MrghxovZRVnOjQ== + +postcss-discard-overridden@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-discard-overridden/-/postcss-discard-overridden-6.0.2.tgz#4e9f9c62ecd2df46e8fdb44dc17e189776572e2d" + integrity sha512-j87xzI4LUggC5zND7KdjsI25APtyMuynXZSujByMaav2roV6OZX+8AaCUcZSWqckZpjAjRyFDdpqybgjFO0HJQ== + +postcss-discard-unused@^6.0.5: + version "6.0.5" + resolved "https://registry.yarnpkg.com/postcss-discard-unused/-/postcss-discard-unused-6.0.5.tgz#c1b0e8c032c6054c3fbd22aaddba5b248136f338" + integrity sha512-wHalBlRHkaNnNwfC8z+ppX57VhvS+HWgjW508esjdaEYr3Mx7Gnn2xA4R/CKf5+Z9S5qsqC+Uzh4ueENWwCVUA== + dependencies: + postcss-selector-parser "^6.0.16" + +postcss-double-position-gradients@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/postcss-double-position-gradients/-/postcss-double-position-gradients-6.0.3.tgz#d8c4b126af89855a3aa6687e5b1a0d5460d4a5b7" + integrity sha512-Dl0Z9sdbMwrPslgOaGBZRGo3TASmmgTcqcUODr82MTYyJk6devXZM6MlQjpQKMJqlLJ6oL1w78U7IXFdPA5+ug== + dependencies: + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + postcss-value-parser "^4.2.0" + +postcss-focus-visible@^10.0.1: + version "10.0.1" + resolved "https://registry.yarnpkg.com/postcss-focus-visible/-/postcss-focus-visible-10.0.1.tgz#1f7904904368a2d1180b220595d77b6f8a957868" + integrity sha512-U58wyjS/I1GZgjRok33aE8juW9qQgQUNwTSdxQGuShHzwuYdcklnvK/+qOWX1Q9kr7ysbraQ6ht6r+udansalA== + dependencies: + postcss-selector-parser "^7.0.0" + +postcss-focus-within@^9.0.1: + version "9.0.1" + resolved "https://registry.yarnpkg.com/postcss-focus-within/-/postcss-focus-within-9.0.1.tgz#ac01ce80d3f2e8b2b3eac4ff84f8e15cd0057bc7" + integrity sha512-fzNUyS1yOYa7mOjpci/bR+u+ESvdar6hk8XNK/TRR0fiGTp2QT5N+ducP0n3rfH/m9I7H/EQU6lsa2BrgxkEjw== + dependencies: + postcss-selector-parser "^7.0.0" + +postcss-font-variant@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/postcss-font-variant/-/postcss-font-variant-5.0.0.tgz#efd59b4b7ea8bb06127f2d031bfbb7f24d32fa66" + integrity sha512-1fmkBaCALD72CK2a9i468mA/+tr9/1cBxRRMXOUaZqO43oWPR5imcyPjXwuv7PXbCid4ndlP5zWhidQVVa3hmA== + +postcss-gap-properties@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/postcss-gap-properties/-/postcss-gap-properties-6.0.0.tgz#d5ff0bdf923c06686499ed2b12e125fe64054fed" + integrity sha512-Om0WPjEwiM9Ru+VhfEDPZJAKWUd0mV1HmNXqp2C29z80aQ2uP9UVhLc7e3aYMIor/S5cVhoPgYQ7RtfeZpYTRw== + +postcss-image-set-function@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/postcss-image-set-function/-/postcss-image-set-function-7.0.0.tgz#538e94e16716be47f9df0573b56bbaca86e1da53" + integrity sha512-QL7W7QNlZuzOwBTeXEmbVckNt1FSmhQtbMRvGGqqU4Nf4xk6KUEQhAoWuMzwbSv5jxiRiSZ5Tv7eiDB9U87znA== + dependencies: + "@csstools/utilities" "^2.0.0" + postcss-value-parser "^4.2.0" + +postcss-lab-function@^7.0.11: + version "7.0.11" + resolved "https://registry.yarnpkg.com/postcss-lab-function/-/postcss-lab-function-7.0.11.tgz#455934181eea130f8e649c1f54692e1768046f6a" + integrity sha512-BEA4jId8uQe1gyjZZ6Bunb6ZsH2izks+v25AxQJDBtigXCjTLmCPWECwQpLTtcxH589MVxhs/9TAmRC6lUEmXQ== + dependencies: + "@csstools/css-color-parser" "^3.1.0" + "@csstools/css-parser-algorithms" "^3.0.5" + "@csstools/css-tokenizer" "^3.0.4" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/utilities" "^2.0.0" + +postcss-loader@^7.3.4: + version "7.3.4" + resolved "https://registry.yarnpkg.com/postcss-loader/-/postcss-loader-7.3.4.tgz#aed9b79ce4ed7e9e89e56199d25ad1ec8f606209" + integrity sha512-iW5WTTBSC5BfsBJ9daFMPVrLT36MrNiC6fqOZTTaHjBNX6Pfd5p+hSBqe/fEeNd7pc13QiAyGt7VdGMw4eRC4A== + dependencies: + cosmiconfig "^8.3.5" + jiti "^1.20.0" + semver "^7.5.4" + +postcss-logical@^8.1.0: + version "8.1.0" + resolved "https://registry.yarnpkg.com/postcss-logical/-/postcss-logical-8.1.0.tgz#4092b16b49e3ecda70c4d8945257da403d167228" + integrity sha512-pL1hXFQ2fEXNKiNiAgtfA005T9FBxky5zkX6s4GZM2D8RkVgRqz3f4g1JUoq925zXv495qk8UNldDwh8uGEDoA== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-merge-idents@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/postcss-merge-idents/-/postcss-merge-idents-6.0.3.tgz#7b9c31c7bc823c94bec50f297f04e3c2b838ea65" + integrity sha512-1oIoAsODUs6IHQZkLQGO15uGEbK3EAl5wi9SS8hs45VgsxQfMnxvt+L+zIr7ifZFIH14cfAeVe2uCTa+SPRa3g== + dependencies: + cssnano-utils "^4.0.2" + postcss-value-parser "^4.2.0" + +postcss-merge-longhand@^6.0.5: + version "6.0.5" + resolved "https://registry.yarnpkg.com/postcss-merge-longhand/-/postcss-merge-longhand-6.0.5.tgz#ba8a8d473617c34a36abbea8dda2b215750a065a" + integrity sha512-5LOiordeTfi64QhICp07nzzuTDjNSO8g5Ksdibt44d+uvIIAE1oZdRn8y/W5ZtYgRH/lnLDlvi9F8btZcVzu3w== + dependencies: + postcss-value-parser "^4.2.0" + stylehacks "^6.1.1" + +postcss-merge-rules@^6.1.1: + version "6.1.1" + resolved "https://registry.yarnpkg.com/postcss-merge-rules/-/postcss-merge-rules-6.1.1.tgz#7aa539dceddab56019469c0edd7d22b64c3dea9d" + integrity sha512-KOdWF0gju31AQPZiD+2Ar9Qjowz1LTChSjFFbS+e2sFgc4uHOp3ZvVX4sNeTlk0w2O31ecFGgrFzhO0RSWbWwQ== + dependencies: + browserslist "^4.23.0" + caniuse-api "^3.0.0" + cssnano-utils "^4.0.2" + postcss-selector-parser "^6.0.16" + +postcss-minify-font-values@^6.1.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/postcss-minify-font-values/-/postcss-minify-font-values-6.1.0.tgz#a0e574c02ee3f299be2846369211f3b957ea4c59" + integrity sha512-gklfI/n+9rTh8nYaSJXlCo3nOKqMNkxuGpTn/Qm0gstL3ywTr9/WRKznE+oy6fvfolH6dF+QM4nCo8yPLdvGJg== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-minify-gradients@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/postcss-minify-gradients/-/postcss-minify-gradients-6.0.3.tgz#ca3eb55a7bdb48a1e187a55c6377be918743dbd6" + integrity sha512-4KXAHrYlzF0Rr7uc4VrfwDJ2ajrtNEpNEuLxFgwkhFZ56/7gaE4Nr49nLsQDZyUe+ds+kEhf+YAUolJiYXF8+Q== + dependencies: + colord "^2.9.3" + cssnano-utils "^4.0.2" + postcss-value-parser "^4.2.0" + +postcss-minify-params@^6.1.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/postcss-minify-params/-/postcss-minify-params-6.1.0.tgz#54551dec77b9a45a29c3cb5953bf7325a399ba08" + integrity sha512-bmSKnDtyyE8ujHQK0RQJDIKhQ20Jq1LYiez54WiaOoBtcSuflfK3Nm596LvbtlFcpipMjgClQGyGr7GAs+H1uA== + dependencies: + browserslist "^4.23.0" + cssnano-utils "^4.0.2" + postcss-value-parser "^4.2.0" + +postcss-minify-selectors@^6.0.4: + version "6.0.4" + resolved "https://registry.yarnpkg.com/postcss-minify-selectors/-/postcss-minify-selectors-6.0.4.tgz#197f7d72e6dd19eed47916d575d69dc38b396aff" + integrity sha512-L8dZSwNLgK7pjTto9PzWRoMbnLq5vsZSTu8+j1P/2GB8qdtGQfn+K1uSvFgYvgh83cbyxT5m43ZZhUMTJDSClQ== + dependencies: + postcss-selector-parser "^6.0.16" + +postcss-modules-extract-imports@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/postcss-modules-extract-imports/-/postcss-modules-extract-imports-3.1.0.tgz#b4497cb85a9c0c4b5aabeb759bb25e8d89f15002" + integrity sha512-k3kNe0aNFQDAZGbin48pL2VNidTF0w4/eASDsxlyspobzU3wZQLOGj7L9gfRe0Jo9/4uud09DsjFNH7winGv8Q== + +postcss-modules-local-by-default@^4.0.5: + version "4.2.0" + resolved "https://registry.yarnpkg.com/postcss-modules-local-by-default/-/postcss-modules-local-by-default-4.2.0.tgz#d150f43837831dae25e4085596e84f6f5d6ec368" + integrity sha512-5kcJm/zk+GJDSfw+V/42fJ5fhjL5YbFDl8nVdXkJPLLW+Vf9mTD5Xe0wqIaDnLuL2U6cDNpTr+UQ+v2HWIBhzw== + dependencies: + icss-utils "^5.0.0" + postcss-selector-parser "^7.0.0" + postcss-value-parser "^4.1.0" + +postcss-modules-scope@^3.2.0: + version "3.2.1" + resolved "https://registry.yarnpkg.com/postcss-modules-scope/-/postcss-modules-scope-3.2.1.tgz#1bbccddcb398f1d7a511e0a2d1d047718af4078c" + integrity sha512-m9jZstCVaqGjTAuny8MdgE88scJnCiQSlSrOWcTQgM2t32UBe+MUmFSO5t7VMSfAf/FJKImAxBav8ooCHJXCJA== + dependencies: + postcss-selector-parser "^7.0.0" + +postcss-modules-values@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/postcss-modules-values/-/postcss-modules-values-4.0.0.tgz#d7c5e7e68c3bb3c9b27cbf48ca0bb3ffb4602c9c" + integrity sha512-RDxHkAiEGI78gS2ofyvCsu7iycRv7oqw5xMWn9iMoR0N/7mf9D50ecQqUo5BZ9Zh2vH4bCUR/ktCqbB9m8vJjQ== + dependencies: + icss-utils "^5.0.0" + +postcss-nesting@^13.0.2: + version "13.0.2" + resolved "https://registry.yarnpkg.com/postcss-nesting/-/postcss-nesting-13.0.2.tgz#fde0d4df772b76d03b52eccc84372e8d1ca1402e" + integrity sha512-1YCI290TX+VP0U/K/aFxzHzQWHWURL+CtHMSbex1lCdpXD1SoR2sYuxDu5aNI9lPoXpKTCggFZiDJbwylU0LEQ== + dependencies: + "@csstools/selector-resolve-nested" "^3.1.0" + "@csstools/selector-specificity" "^5.0.0" + postcss-selector-parser "^7.0.0" + +postcss-normalize-charset@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-normalize-charset/-/postcss-normalize-charset-6.0.2.tgz#1ec25c435057a8001dac942942a95ffe66f721e1" + integrity sha512-a8N9czmdnrjPHa3DeFlwqst5eaL5W8jYu3EBbTTkI5FHkfMhFZh1EGbku6jhHhIzTA6tquI2P42NtZ59M/H/kQ== + +postcss-normalize-display-values@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-normalize-display-values/-/postcss-normalize-display-values-6.0.2.tgz#54f02764fed0b288d5363cbb140d6950dbbdd535" + integrity sha512-8H04Mxsb82ON/aAkPeq8kcBbAtI5Q2a64X/mnRRfPXBq7XeogoQvReqxEfc0B4WPq1KimjezNC8flUtC3Qz6jg== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-normalize-positions@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-normalize-positions/-/postcss-normalize-positions-6.0.2.tgz#e982d284ec878b9b819796266f640852dbbb723a" + integrity sha512-/JFzI441OAB9O7VnLA+RtSNZvQ0NCFZDOtp6QPFo1iIyawyXg0YI3CYM9HBy1WvwCRHnPep/BvI1+dGPKoXx/Q== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-normalize-repeat-style@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-normalize-repeat-style/-/postcss-normalize-repeat-style-6.0.2.tgz#f8006942fd0617c73f049dd8b6201c3a3040ecf3" + integrity sha512-YdCgsfHkJ2jEXwR4RR3Tm/iOxSfdRt7jplS6XRh9Js9PyCR/aka/FCb6TuHT2U8gQubbm/mPmF6L7FY9d79VwQ== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-normalize-string@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-normalize-string/-/postcss-normalize-string-6.0.2.tgz#e3cc6ad5c95581acd1fc8774b309dd7c06e5e363" + integrity sha512-vQZIivlxlfqqMp4L9PZsFE4YUkWniziKjQWUtsxUiVsSSPelQydwS8Wwcuw0+83ZjPWNTl02oxlIvXsmmG+CiQ== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-normalize-timing-functions@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-normalize-timing-functions/-/postcss-normalize-timing-functions-6.0.2.tgz#40cb8726cef999de984527cbd9d1db1f3e9062c0" + integrity sha512-a+YrtMox4TBtId/AEwbA03VcJgtyW4dGBizPl7e88cTFULYsprgHWTbfyjSLyHeBcK/Q9JhXkt2ZXiwaVHoMzA== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-normalize-unicode@^6.1.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/postcss-normalize-unicode/-/postcss-normalize-unicode-6.1.0.tgz#aaf8bbd34c306e230777e80f7f12a4b7d27ce06e" + integrity sha512-QVC5TQHsVj33otj8/JD869Ndr5Xcc/+fwRh4HAsFsAeygQQXm+0PySrKbr/8tkDKzW+EVT3QkqZMfFrGiossDg== + dependencies: + browserslist "^4.23.0" + postcss-value-parser "^4.2.0" + +postcss-normalize-url@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-normalize-url/-/postcss-normalize-url-6.0.2.tgz#292792386be51a8de9a454cb7b5c58ae22db0f79" + integrity sha512-kVNcWhCeKAzZ8B4pv/DnrU1wNh458zBNp8dh4y5hhxih5RZQ12QWMuQrDgPRw3LRl8mN9vOVfHl7uhvHYMoXsQ== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-normalize-whitespace@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-normalize-whitespace/-/postcss-normalize-whitespace-6.0.2.tgz#fbb009e6ebd312f8b2efb225c2fcc7cf32b400cd" + integrity sha512-sXZ2Nj1icbJOKmdjXVT9pnyHQKiSAyuNQHSgRCUgThn2388Y9cGVDR+E9J9iAYbSbLHI+UUwLVl1Wzco/zgv0Q== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-opacity-percentage@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/postcss-opacity-percentage/-/postcss-opacity-percentage-3.0.0.tgz#0b0db5ed5db5670e067044b8030b89c216e1eb0a" + integrity sha512-K6HGVzyxUxd/VgZdX04DCtdwWJ4NGLG212US4/LA1TLAbHgmAsTWVR86o+gGIbFtnTkfOpb9sCRBx8K7HO66qQ== + +postcss-ordered-values@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-ordered-values/-/postcss-ordered-values-6.0.2.tgz#366bb663919707093451ab70c3f99c05672aaae5" + integrity sha512-VRZSOB+JU32RsEAQrO94QPkClGPKJEL/Z9PCBImXMhIeK5KAYo6slP/hBYlLgrCjFxyqvn5VC81tycFEDBLG1Q== + dependencies: + cssnano-utils "^4.0.2" + postcss-value-parser "^4.2.0" + +postcss-overflow-shorthand@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/postcss-overflow-shorthand/-/postcss-overflow-shorthand-6.0.0.tgz#f5252b4a2ee16c68cd8a9029edb5370c4a9808af" + integrity sha512-BdDl/AbVkDjoTofzDQnwDdm/Ym6oS9KgmO7Gr+LHYjNWJ6ExORe4+3pcLQsLA9gIROMkiGVjjwZNoL/mpXHd5Q== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-page-break@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/postcss-page-break/-/postcss-page-break-3.0.4.tgz#7fbf741c233621622b68d435babfb70dd8c1ee5f" + integrity sha512-1JGu8oCjVXLa9q9rFTo4MbeeA5FMe00/9C7lN4va606Rdb+HkxXtXsmEDrIraQ11fGz/WvKWa8gMuCKkrXpTsQ== + +postcss-place@^10.0.0: + version "10.0.0" + resolved "https://registry.yarnpkg.com/postcss-place/-/postcss-place-10.0.0.tgz#ba36ee4786ca401377ced17a39d9050ed772e5a9" + integrity sha512-5EBrMzat2pPAxQNWYavwAfoKfYcTADJ8AXGVPcUZ2UkNloUTWzJQExgrzrDkh3EKzmAx1evfTAzF9I8NGcc+qw== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-preset-env@^10.2.1: + version "10.3.1" + resolved "https://registry.yarnpkg.com/postcss-preset-env/-/postcss-preset-env-10.3.1.tgz#f3799f0f7a7ea384b3c16e073055c231d11bb3bf" + integrity sha512-8ZOOWVwQ0iMpfEYkYo+U6W7fE2dJ/tP6dtEFwPJ66eB5JjnFupfYh+y6zo+vWDO72nGhKOVdxwhTjfzcSNRg4Q== + dependencies: + "@csstools/postcss-alpha-function" "^1.0.0" + "@csstools/postcss-cascade-layers" "^5.0.2" + "@csstools/postcss-color-function" "^4.0.11" + "@csstools/postcss-color-function-display-p3-linear" "^1.0.0" + "@csstools/postcss-color-mix-function" "^3.0.11" + "@csstools/postcss-color-mix-variadic-function-arguments" "^1.0.1" + "@csstools/postcss-content-alt-text" "^2.0.7" + "@csstools/postcss-exponential-functions" "^2.0.9" + "@csstools/postcss-font-format-keywords" "^4.0.0" + "@csstools/postcss-gamut-mapping" "^2.0.11" + "@csstools/postcss-gradients-interpolation-method" "^5.0.11" + "@csstools/postcss-hwb-function" "^4.0.11" + "@csstools/postcss-ic-unit" "^4.0.3" + "@csstools/postcss-initial" "^2.0.1" + "@csstools/postcss-is-pseudo-class" "^5.0.3" + "@csstools/postcss-light-dark-function" "^2.0.10" + "@csstools/postcss-logical-float-and-clear" "^3.0.0" + "@csstools/postcss-logical-overflow" "^2.0.0" + "@csstools/postcss-logical-overscroll-behavior" "^2.0.0" + "@csstools/postcss-logical-resize" "^3.0.0" + "@csstools/postcss-logical-viewport-units" "^3.0.4" + "@csstools/postcss-media-minmax" "^2.0.9" + "@csstools/postcss-media-queries-aspect-ratio-number-values" "^3.0.5" + "@csstools/postcss-nested-calc" "^4.0.0" + "@csstools/postcss-normalize-display-values" "^4.0.0" + "@csstools/postcss-oklab-function" "^4.0.11" + "@csstools/postcss-progressive-custom-properties" "^4.2.0" + "@csstools/postcss-random-function" "^2.0.1" + "@csstools/postcss-relative-color-syntax" "^3.0.11" + "@csstools/postcss-scope-pseudo-class" "^4.0.1" + "@csstools/postcss-sign-functions" "^1.1.4" + "@csstools/postcss-stepped-value-functions" "^4.0.9" + "@csstools/postcss-text-decoration-shorthand" "^4.0.3" + "@csstools/postcss-trigonometric-functions" "^4.0.9" + "@csstools/postcss-unset-value" "^4.0.0" + autoprefixer "^10.4.21" + browserslist "^4.25.1" + css-blank-pseudo "^7.0.1" + css-has-pseudo "^7.0.3" + css-prefers-color-scheme "^10.0.0" + cssdb "^8.4.0" + postcss-attribute-case-insensitive "^7.0.1" + postcss-clamp "^4.1.0" + postcss-color-functional-notation "^7.0.11" + postcss-color-hex-alpha "^10.0.0" + postcss-color-rebeccapurple "^10.0.0" + postcss-custom-media "^11.0.6" + postcss-custom-properties "^14.0.6" + postcss-custom-selectors "^8.0.5" + postcss-dir-pseudo-class "^9.0.1" + postcss-double-position-gradients "^6.0.3" + postcss-focus-visible "^10.0.1" + postcss-focus-within "^9.0.1" + postcss-font-variant "^5.0.0" + postcss-gap-properties "^6.0.0" + postcss-image-set-function "^7.0.0" + postcss-lab-function "^7.0.11" + postcss-logical "^8.1.0" + postcss-nesting "^13.0.2" + postcss-opacity-percentage "^3.0.0" + postcss-overflow-shorthand "^6.0.0" + postcss-page-break "^3.0.4" + postcss-place "^10.0.0" + postcss-pseudo-class-any-link "^10.0.1" + postcss-replace-overflow-wrap "^4.0.0" + postcss-selector-not "^8.0.1" + +postcss-pseudo-class-any-link@^10.0.1: + version "10.0.1" + resolved "https://registry.yarnpkg.com/postcss-pseudo-class-any-link/-/postcss-pseudo-class-any-link-10.0.1.tgz#06455431171bf44b84d79ebaeee9fd1c05946544" + integrity sha512-3el9rXlBOqTFaMFkWDOkHUTQekFIYnaQY55Rsp8As8QQkpiSgIYEcF/6Ond93oHiDsGb4kad8zjt+NPlOC1H0Q== + dependencies: + postcss-selector-parser "^7.0.0" + +postcss-reduce-idents@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/postcss-reduce-idents/-/postcss-reduce-idents-6.0.3.tgz#b0d9c84316d2a547714ebab523ec7d13704cd486" + integrity sha512-G3yCqZDpsNPoQgbDUy3T0E6hqOQ5xigUtBQyrmq3tn2GxlyiL0yyl7H+T8ulQR6kOcHJ9t7/9H4/R2tv8tJbMA== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-reduce-initial@^6.1.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/postcss-reduce-initial/-/postcss-reduce-initial-6.1.0.tgz#4401297d8e35cb6e92c8e9586963e267105586ba" + integrity sha512-RarLgBK/CrL1qZags04oKbVbrrVK2wcxhvta3GCxrZO4zveibqbRPmm2VI8sSgCXwoUHEliRSbOfpR0b/VIoiw== + dependencies: + browserslist "^4.23.0" + caniuse-api "^3.0.0" + +postcss-reduce-transforms@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-reduce-transforms/-/postcss-reduce-transforms-6.0.2.tgz#6fa2c586bdc091a7373caeee4be75a0f3e12965d" + integrity sha512-sB+Ya++3Xj1WaT9+5LOOdirAxP7dJZms3GRcYheSPi1PiTMigsxHAdkrbItHxwYHr4kt1zL7mmcHstgMYT+aiA== + dependencies: + postcss-value-parser "^4.2.0" + +postcss-replace-overflow-wrap@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/postcss-replace-overflow-wrap/-/postcss-replace-overflow-wrap-4.0.0.tgz#d2df6bed10b477bf9c52fab28c568b4b29ca4319" + integrity sha512-KmF7SBPphT4gPPcKZc7aDkweHiKEEO8cla/GjcBK+ckKxiZslIu3C4GCRW3DNfL0o7yW7kMQu9xlZ1kXRXLXtw== + +postcss-selector-not@^8.0.1: + version "8.0.1" + resolved "https://registry.yarnpkg.com/postcss-selector-not/-/postcss-selector-not-8.0.1.tgz#f2df9c6ac9f95e9fe4416ca41a957eda16130172" + integrity sha512-kmVy/5PYVb2UOhy0+LqUYAhKj7DUGDpSWa5LZqlkWJaaAV+dxxsOG3+St0yNLu6vsKD7Dmqx+nWQt0iil89+WA== + dependencies: + postcss-selector-parser "^7.0.0" + +postcss-selector-parser@^6.0.11, postcss-selector-parser@^6.0.16: + version "6.1.2" + resolved "https://registry.yarnpkg.com/postcss-selector-parser/-/postcss-selector-parser-6.1.2.tgz#27ecb41fb0e3b6ba7a1ec84fff347f734c7929de" + integrity sha512-Q8qQfPiZ+THO/3ZrOrO0cJJKfpYCagtMUkXbnEfmgUjwXg6z/WBeOyS9APBBPCTSiDV+s4SwQGu8yFsiMRIudg== + dependencies: + cssesc "^3.0.0" + util-deprecate "^1.0.2" + +postcss-selector-parser@^7.0.0: + version "7.1.0" + resolved "https://registry.yarnpkg.com/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz#4d6af97eba65d73bc4d84bcb343e865d7dd16262" + integrity sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA== + dependencies: + cssesc "^3.0.0" + util-deprecate "^1.0.2" + +postcss-sort-media-queries@^5.2.0: + version "5.2.0" + resolved "https://registry.yarnpkg.com/postcss-sort-media-queries/-/postcss-sort-media-queries-5.2.0.tgz#4556b3f982ef27d3bac526b99b6c0d3359a6cf97" + integrity sha512-AZ5fDMLD8SldlAYlvi8NIqo0+Z8xnXU2ia0jxmuhxAU+Lqt9K+AlmLNJ/zWEnE9x+Zx3qL3+1K20ATgNOr3fAA== + dependencies: + sort-css-media-queries "2.2.0" + +postcss-svgo@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/postcss-svgo/-/postcss-svgo-6.0.3.tgz#1d6e180d6df1fa8a3b30b729aaa9161e94f04eaa" + integrity sha512-dlrahRmxP22bX6iKEjOM+c8/1p+81asjKT+V5lrgOH944ryx/OHpclnIbGsKVd3uWOXFLYJwCVf0eEkJGvO96g== + dependencies: + postcss-value-parser "^4.2.0" + svgo "^3.2.0" + +postcss-unique-selectors@^6.0.4: + version "6.0.4" + resolved "https://registry.yarnpkg.com/postcss-unique-selectors/-/postcss-unique-selectors-6.0.4.tgz#983ab308896b4bf3f2baaf2336e14e52c11a2088" + integrity sha512-K38OCaIrO8+PzpArzkLKB42dSARtC2tmG6PvD4b1o1Q2E9Os8jzfWFfSy/rixsHwohtsDdFtAWGjFVFUdwYaMg== + dependencies: + postcss-selector-parser "^6.0.16" + +postcss-value-parser@^4.1.0, postcss-value-parser@^4.2.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz#723c09920836ba6d3e5af019f92bc0971c02e514" + integrity sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ== + +postcss-zindex@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/postcss-zindex/-/postcss-zindex-6.0.2.tgz#e498304b83a8b165755f53db40e2ea65a99b56e1" + integrity sha512-5BxW9l1evPB/4ZIc+2GobEBoKC+h8gPGCMi+jxsYvd2x0mjq7wazk6DrP71pStqxE9Foxh5TVnonbWpFZzXaYg== + +postcss@^8.4.21, postcss@^8.4.24, postcss@^8.4.33, postcss@^8.5.4: + version "8.5.6" + resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.5.6.tgz#2825006615a619b4f62a9e7426cc120b349a8f3c" + integrity sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg== + dependencies: + nanoid "^3.3.11" + picocolors "^1.1.1" + source-map-js "^1.2.1" + +pretty-error@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/pretty-error/-/pretty-error-4.0.0.tgz#90a703f46dd7234adb46d0f84823e9d1cb8f10d6" + integrity sha512-AoJ5YMAcXKYxKhuJGdcvse+Voc6v1RgnsR3nWcYU7q4t6z0Q6T86sv5Zq8VIRbOWWFpvdGE83LtdSMNd+6Y0xw== + dependencies: + lodash "^4.17.20" + renderkid "^3.0.0" + +pretty-time@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/pretty-time/-/pretty-time-1.1.0.tgz#ffb7429afabb8535c346a34e41873adf3d74dd0e" + integrity sha512-28iF6xPQrP8Oa6uxE6a1biz+lWeTOAPKggvjB8HAs6nVMKZwf5bG++632Dx614hIWgUPkgivRfG+a8uAXGTIbA== + +prism-react-renderer@^2.3.0: + version "2.4.1" + resolved "https://registry.yarnpkg.com/prism-react-renderer/-/prism-react-renderer-2.4.1.tgz#ac63b7f78e56c8f2b5e76e823a976d5ede77e35f" + integrity sha512-ey8Ls/+Di31eqzUxC46h8MksNuGx/n0AAC8uKpwFau4RPDYLuE3EXTp8N8G2vX2N7UC/+IXeNUnlWBGGcAG+Ig== + dependencies: + "@types/prismjs" "^1.26.0" + clsx "^2.0.0" + +prismjs@^1.29.0: + version "1.30.0" + resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.30.0.tgz#d9709969d9d4e16403f6f348c63553b19f0975a9" + integrity sha512-DEvV2ZF2r2/63V+tK8hQvrR2ZGn10srHbXviTlcv7Kpzw8jWiNTqbVgjO3IY8RxrrOUF8VPMQQFysYYYv0YZxw== + +process-nextick-args@~2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2" + integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag== + +prompts@^2.4.2: + version "2.4.2" + resolved "https://registry.yarnpkg.com/prompts/-/prompts-2.4.2.tgz#7b57e73b3a48029ad10ebd44f74b01722a4cb069" + integrity sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q== + dependencies: + kleur "^3.0.3" + sisteransi "^1.0.5" + +prop-types@^15.6.2, prop-types@^15.7.2, prop-types@^15.8.1: + version "15.8.1" + resolved "https://registry.yarnpkg.com/prop-types/-/prop-types-15.8.1.tgz#67d87bf1a694f48435cf332c24af10214a3140b5" + integrity sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg== + dependencies: + loose-envify "^1.4.0" + object-assign "^4.1.1" + react-is "^16.13.1" + +property-information@^6.0.0: + version "6.5.0" + resolved "https://registry.yarnpkg.com/property-information/-/property-information-6.5.0.tgz#6212fbb52ba757e92ef4fb9d657563b933b7ffec" + integrity sha512-PgTgs/BlvHxOu8QuEN7wi5A0OmXaBcHpmCSTehcs6Uuu9IkDIEo13Hy7n898RHfrQ49vKCoGeWZSaAK01nwVig== + +property-information@^7.0.0: + version "7.1.0" + resolved "https://registry.yarnpkg.com/property-information/-/property-information-7.1.0.tgz#b622e8646e02b580205415586b40804d3e8bfd5d" + integrity sha512-TwEZ+X+yCJmYfL7TPUOcvBZ4QfoT5YenQiJuX//0th53DE6w0xxLEtfK3iyryQFddXuvkIk51EEgrJQ0WJkOmQ== + +proto-list@~1.2.1: + version "1.2.4" + resolved "https://registry.yarnpkg.com/proto-list/-/proto-list-1.2.4.tgz#212d5bfe1318306a420f6402b8e26ff39647a849" + integrity sha512-vtK/94akxsTMhe0/cbfpR+syPuszcuwhqVjJq26CuNDgFGj682oRBXOP5MJpv2r7JtE8MsiepGIqvvOTBwn2vA== + +proxy-addr@~2.0.7: + version "2.0.7" + resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-2.0.7.tgz#f19fe69ceab311eeb94b42e70e8c2070f9ba1025" + integrity sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg== + dependencies: + forwarded "0.2.0" + ipaddr.js "1.9.1" + +punycode@^2.1.0: + version "2.3.1" + resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.1.tgz#027422e2faec0b25e1549c3e1bd8309b9133b6e5" + integrity sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg== + +pupa@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/pupa/-/pupa-3.1.0.tgz#f15610274376bbcc70c9a3aa8b505ea23f41c579" + integrity sha512-FLpr4flz5xZTSJxSeaheeMKN/EDzMdK7b8PTOC6a5PYFKTucWbdqjgqaEyH0shFiSJrVB1+Qqi4Tk19ccU6Aug== + dependencies: + escape-goat "^4.0.0" + +qs@6.13.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906" + integrity sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg== + dependencies: + side-channel "^1.0.6" + +queue-microtask@^1.2.2: + version "1.2.3" + resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243" + integrity sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A== + +quick-lru@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/quick-lru/-/quick-lru-5.1.1.tgz#366493e6b3e42a3a6885e2e99d18f80fb7a8c932" + integrity sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA== + +randombytes@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.1.0.tgz#df6f84372f0270dc65cdf6291349ab7a473d4f2a" + integrity sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ== + dependencies: + safe-buffer "^5.1.0" + +range-parser@1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.0.tgz#f49be6b487894ddc40dcc94a322f611092e00d5e" + integrity sha512-kA5WQoNVo4t9lNx2kQNFCxKeBl5IbbSNBl1M/tLkw9WCn+hxNBAW5Qh8gdhs63CJnhjJ2zQWFoqPJP2sK1AV5A== + +range-parser@^1.2.1, range-parser@~1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.1.tgz#3cf37023d199e1c24d1a55b84800c2f3e6468031" + integrity sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg== + +raw-body@2.5.2: + version "2.5.2" + resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.5.2.tgz#99febd83b90e08975087e8f1f9419a149366b68a" + integrity sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA== + dependencies: + bytes "3.1.2" + http-errors "2.0.0" + iconv-lite "0.4.24" + unpipe "1.0.0" + +rc@1.2.8: + version "1.2.8" + resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed" + integrity sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw== + dependencies: + deep-extend "^0.6.0" + ini "~1.3.0" + minimist "^1.2.0" + strip-json-comments "~2.0.1" + +react-dom@^19.0.0: + version "19.1.1" + resolved "https://registry.yarnpkg.com/react-dom/-/react-dom-19.1.1.tgz#2daa9ff7f3ae384aeb30e76d5ee38c046dc89893" + integrity sha512-Dlq/5LAZgF0Gaz6yiqZCf6VCcZs1ghAJyrsu84Q/GT0gV+mCxbfmKNoGRKBYMJ8IEdGPqu49YWXD02GCknEDkw== + dependencies: + scheduler "^0.26.0" + +react-fast-compare@^3.2.0: + version "3.2.2" + resolved "https://registry.yarnpkg.com/react-fast-compare/-/react-fast-compare-3.2.2.tgz#929a97a532304ce9fee4bcae44234f1ce2c21d49" + integrity sha512-nsO+KSNgo1SbJqJEYRE9ERzo7YtYbou/OqjSQKxV7jcKox7+usiUVZOAC+XnDOABXggQTno0Y1CpVnuWEc1boQ== + +"react-helmet-async@npm:@slorber/react-helmet-async@1.3.0": + version "1.3.0" + resolved "https://registry.yarnpkg.com/@slorber/react-helmet-async/-/react-helmet-async-1.3.0.tgz#11fbc6094605cf60aa04a28c17e0aab894b4ecff" + integrity sha512-e9/OK8VhwUSc67diWI8Rb3I0YgI9/SBQtnhe9aEuK6MhZm7ntZZimXgwXnd8W96YTmSOb9M4d8LwhRZyhWr/1A== + dependencies: + "@babel/runtime" "^7.12.5" + invariant "^2.2.4" + prop-types "^15.7.2" + react-fast-compare "^3.2.0" + shallowequal "^1.1.0" + +react-is@^16.13.1, react-is@^16.6.0, react-is@^16.7.0: + version "16.13.1" + resolved "https://registry.yarnpkg.com/react-is/-/react-is-16.13.1.tgz#789729a4dc36de2999dc156dd6c1d9c18cea56a4" + integrity sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ== + +react-is@^19.1.1: + version "19.1.1" + resolved "https://registry.yarnpkg.com/react-is/-/react-is-19.1.1.tgz#038ebe313cf18e1fd1235d51c87360eb87f7c36a" + integrity sha512-tr41fA15Vn8p4X9ntI+yCyeGSf1TlYaY5vlTZfQmeLBrFo3psOPX6HhTDnFNL9uj3EhP0KAQ80cugCl4b4BERA== + +react-json-view-lite@^2.3.0: + version "2.4.2" + resolved "https://registry.yarnpkg.com/react-json-view-lite/-/react-json-view-lite-2.4.2.tgz#796ed6c650c29123d87b9484889445d1a8a88ede" + integrity sha512-m7uTsXDgPQp8R9bJO4HD/66+i218eyQPAb+7/dGQpwg8i4z2afTFqtHJPQFHvJfgDCjGQ1HSGlL3HtrZDa3Tdg== + +react-loadable-ssr-addon-v5-slorber@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/react-loadable-ssr-addon-v5-slorber/-/react-loadable-ssr-addon-v5-slorber-1.0.1.tgz#2cdc91e8a744ffdf9e3556caabeb6e4278689883" + integrity sha512-lq3Lyw1lGku8zUEJPDxsNm1AfYHBrO9Y1+olAYwpUJ2IGFBskM0DMKok97A6LWUpHm+o7IvQBOWu9MLenp9Z+A== + dependencies: + "@babel/runtime" "^7.10.3" + +"react-loadable@npm:@docusaurus/react-loadable@6.0.0": + version "6.0.0" + resolved "https://registry.yarnpkg.com/@docusaurus/react-loadable/-/react-loadable-6.0.0.tgz#de6c7f73c96542bd70786b8e522d535d69069dc4" + integrity sha512-YMMxTUQV/QFSnbgrP3tjDzLHRg7vsbMn8e9HAa8o/1iXoiomo48b7sk/kkmWEuWNDPJVlKSJRB6Y2fHqdJk+SQ== + dependencies: + "@types/react" "*" + +react-router-config@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/react-router-config/-/react-router-config-5.1.1.tgz#0f4263d1a80c6b2dc7b9c1902c9526478194a988" + integrity sha512-DuanZjaD8mQp1ppHjgnnUnyOlqYXZVjnov/JzFhjLEwd3Z4dYjMSnqrEzzGThH47vpCOqPPwJM2FtthLeJ8Pbg== + dependencies: + "@babel/runtime" "^7.1.2" + +react-router-dom@^5.3.4: + version "5.3.4" + resolved "https://registry.yarnpkg.com/react-router-dom/-/react-router-dom-5.3.4.tgz#2ed62ffd88cae6db134445f4a0c0ae8b91d2e5e6" + integrity sha512-m4EqFMHv/Ih4kpcBCONHbkT68KoAeHN4p3lAGoNryfHi0dMy0kCzEZakiKRsvg5wHZ/JLrLW8o8KomWiz/qbYQ== + dependencies: + "@babel/runtime" "^7.12.13" + history "^4.9.0" + loose-envify "^1.3.1" + prop-types "^15.6.2" + react-router "5.3.4" + tiny-invariant "^1.0.2" + tiny-warning "^1.0.0" + +react-router@5.3.4, react-router@^5.3.4: + version "5.3.4" + resolved "https://registry.yarnpkg.com/react-router/-/react-router-5.3.4.tgz#8ca252d70fcc37841e31473c7a151cf777887bb5" + integrity sha512-Ys9K+ppnJah3QuaRiLxk+jDWOR1MekYQrlytiXxC1RyfbdsZkS5pvKAzCCr031xHixZwpnsYNT5xysdFHQaYsA== + dependencies: + "@babel/runtime" "^7.12.13" + history "^4.9.0" + hoist-non-react-statics "^3.1.0" + loose-envify "^1.3.1" + path-to-regexp "^1.7.0" + prop-types "^15.6.2" + react-is "^16.6.0" + tiny-invariant "^1.0.2" + tiny-warning "^1.0.0" + +react-transition-group@^4.4.5: + version "4.4.5" + resolved "https://registry.yarnpkg.com/react-transition-group/-/react-transition-group-4.4.5.tgz#e53d4e3f3344da8521489fbef8f2581d42becdd1" + integrity sha512-pZcd1MCJoiKiBR2NRxeCRg13uCXbydPnmB4EOeRrY7480qNWO8IIgQG6zlDkm6uRMsURXPuKq0GWtiM59a5Q6g== + dependencies: + "@babel/runtime" "^7.5.5" + dom-helpers "^5.0.1" + loose-envify "^1.4.0" + prop-types "^15.6.2" + +react@^19.0.0: + version "19.1.1" + resolved "https://registry.yarnpkg.com/react/-/react-19.1.1.tgz#06d9149ec5e083a67f9a1e39ce97b06a03b644af" + integrity sha512-w8nqGImo45dmMIfljjMwOGtbmC/mk4CMYhWIicdSflH91J9TyCyczcPFXJzrZ/ZXcgGRFeP6BU0BEJTw6tZdfQ== + +readable-stream@^2.0.1: + version "2.3.8" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.8.tgz#91125e8042bba1b9887f49345f6277027ce8be9b" + integrity sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA== + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.3" + isarray "~1.0.0" + process-nextick-args "~2.0.0" + safe-buffer "~5.1.1" + string_decoder "~1.1.1" + util-deprecate "~1.0.1" + +readable-stream@^3.0.6: + version "3.6.2" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.2.tgz#56a9b36ea965c00c5a93ef31eb111a0f11056967" + integrity sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA== + dependencies: + inherits "^2.0.3" + string_decoder "^1.1.1" + util-deprecate "^1.0.1" + +readdirp@~3.6.0: + version "3.6.0" + resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-3.6.0.tgz#74a370bd857116e245b29cc97340cd431a02a6c7" + integrity sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA== + dependencies: + picomatch "^2.2.1" + +recma-build-jsx@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/recma-build-jsx/-/recma-build-jsx-1.0.0.tgz#c02f29e047e103d2fab2054954e1761b8ea253c4" + integrity sha512-8GtdyqaBcDfva+GUKDr3nev3VpKAhup1+RvkMvUxURHpW7QyIvk9F5wz7Vzo06CEMSilw6uArgRqhpiUcWp8ew== + dependencies: + "@types/estree" "^1.0.0" + estree-util-build-jsx "^3.0.0" + vfile "^6.0.0" + +recma-jsx@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/recma-jsx/-/recma-jsx-1.0.1.tgz#58e718f45e2102ed0bf2fa994f05b70d76801a1a" + integrity sha512-huSIy7VU2Z5OLv6oFLosQGGDqPqdO1iq6bWNAdhzMxSJP7RAso4fCZ1cKu8j9YHCZf3TPrq4dw3okhrylgcd7w== + dependencies: + acorn-jsx "^5.0.0" + estree-util-to-js "^2.0.0" + recma-parse "^1.0.0" + recma-stringify "^1.0.0" + unified "^11.0.0" + +recma-parse@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/recma-parse/-/recma-parse-1.0.0.tgz#c351e161bb0ab47d86b92a98a9d891f9b6814b52" + integrity sha512-OYLsIGBB5Y5wjnSnQW6t3Xg7q3fQ7FWbw/vcXtORTnyaSFscOtABg+7Pnz6YZ6c27fG1/aN8CjfwoUEUIdwqWQ== + dependencies: + "@types/estree" "^1.0.0" + esast-util-from-js "^2.0.0" + unified "^11.0.0" + vfile "^6.0.0" + +recma-stringify@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/recma-stringify/-/recma-stringify-1.0.0.tgz#54632030631e0c7546136ff9ef8fde8e7b44f130" + integrity sha512-cjwII1MdIIVloKvC9ErQ+OgAtwHBmcZ0Bg4ciz78FtbT8In39aAYbaA7zvxQ61xVMSPE8WxhLwLbhif4Js2C+g== + dependencies: + "@types/estree" "^1.0.0" + estree-util-to-js "^2.0.0" + unified "^11.0.0" + vfile "^6.0.0" + +regenerate-unicode-properties@^10.2.0: + version "10.2.0" + resolved "https://registry.yarnpkg.com/regenerate-unicode-properties/-/regenerate-unicode-properties-10.2.0.tgz#626e39df8c372338ea9b8028d1f99dc3fd9c3db0" + integrity sha512-DqHn3DwbmmPVzeKj9woBadqmXxLvQoQIwu7nopMc72ztvxVmVk2SBhSnx67zuye5TP+lJsb/TBQsjLKhnDf3MA== + dependencies: + regenerate "^1.4.2" + +regenerate@^1.4.2: + version "1.4.2" + resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.4.2.tgz#b9346d8827e8f5a32f7ba29637d398b69014848a" + integrity sha512-zrceR/XhGYU/d/opr2EKO7aRHUeiBI8qjtfHqADTwZd6Szfy16la6kqD0MIUs5z5hx6AaKa+PixpPrR289+I0A== + +regexpu-core@^6.2.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-6.2.0.tgz#0e5190d79e542bf294955dccabae04d3c7d53826" + integrity sha512-H66BPQMrv+V16t8xtmq+UC0CBpiTBA60V8ibS1QVReIp8T1z8hwFxqcGzm9K6lgsN7sB5edVH8a+ze6Fqm4weA== + dependencies: + regenerate "^1.4.2" + regenerate-unicode-properties "^10.2.0" + regjsgen "^0.8.0" + regjsparser "^0.12.0" + unicode-match-property-ecmascript "^2.0.0" + unicode-match-property-value-ecmascript "^2.1.0" + +registry-auth-token@^5.0.1: + version "5.1.0" + resolved "https://registry.yarnpkg.com/registry-auth-token/-/registry-auth-token-5.1.0.tgz#3c659047ecd4caebd25bc1570a3aa979ae490eca" + integrity sha512-GdekYuwLXLxMuFTwAPg5UKGLW/UXzQrZvH/Zj791BQif5T05T0RsaLfHc9q3ZOKi7n+BoprPD9mJ0O0k4xzUlw== + dependencies: + "@pnpm/npm-conf" "^2.1.0" + +registry-url@^6.0.0: + version "6.0.1" + resolved "https://registry.yarnpkg.com/registry-url/-/registry-url-6.0.1.tgz#056d9343680f2f64400032b1e199faa692286c58" + integrity sha512-+crtS5QjFRqFCoQmvGduwYWEBng99ZvmFvF+cUJkGYF1L1BfU8C6Zp9T7f5vPAwyLkUExpvK+ANVZmGU49qi4Q== + dependencies: + rc "1.2.8" + +regjsgen@^0.8.0: + version "0.8.0" + resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.8.0.tgz#df23ff26e0c5b300a6470cad160a9d090c3a37ab" + integrity sha512-RvwtGe3d7LvWiDQXeQw8p5asZUmfU1G/l6WbUXeHta7Y2PEIvBTwH6E2EfmYUK8pxcxEdEmaomqyp0vZZ7C+3Q== + +regjsparser@^0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/regjsparser/-/regjsparser-0.12.0.tgz#0e846df6c6530586429377de56e0475583b088dc" + integrity sha512-cnE+y8bz4NhMjISKbgeVJtqNbtf5QpjZP+Bslo+UqkIt9QPnX9q095eiRRASJG1/tz6dlNr6Z5NsBiWYokp6EQ== + dependencies: + jsesc "~3.0.2" + +rehype-raw@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/rehype-raw/-/rehype-raw-7.0.0.tgz#59d7348fd5dbef3807bbaa1d443efd2dd85ecee4" + integrity sha512-/aE8hCfKlQeA8LmyeyQvQF3eBiLRGNlfBJEvWH7ivp9sBqs7TNqBL5X3v157rM4IFETqDnIOO+z5M/biZbo9Ww== + dependencies: + "@types/hast" "^3.0.0" + hast-util-raw "^9.0.0" + vfile "^6.0.0" + +rehype-recma@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/rehype-recma/-/rehype-recma-1.0.0.tgz#d68ef6344d05916bd96e25400c6261775411aa76" + integrity sha512-lqA4rGUf1JmacCNWWZx0Wv1dHqMwxzsDWYMTowuplHF3xH0N/MmrZ/G3BDZnzAkRmxDadujCjaKM2hqYdCBOGw== + dependencies: + "@types/estree" "^1.0.0" + "@types/hast" "^3.0.0" + hast-util-to-estree "^3.0.0" + +relateurl@^0.2.7: + version "0.2.7" + resolved "https://registry.yarnpkg.com/relateurl/-/relateurl-0.2.7.tgz#54dbf377e51440aca90a4cd274600d3ff2d888a9" + integrity sha512-G08Dxvm4iDN3MLM0EsP62EDV9IuhXPR6blNz6Utcp7zyV3tr4HVNINt6MpaRWbxoOHT3Q7YN2P+jaHX8vUbgog== + +remark-directive@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/remark-directive/-/remark-directive-3.0.1.tgz#689ba332f156cfe1118e849164cc81f157a3ef0a" + integrity sha512-gwglrEQEZcZYgVyG1tQuA+h58EZfq5CSULw7J90AFuCTyib1thgHPoqQ+h9iFvU6R+vnZ5oNFQR5QKgGpk741A== + dependencies: + "@types/mdast" "^4.0.0" + mdast-util-directive "^3.0.0" + micromark-extension-directive "^3.0.0" + unified "^11.0.0" + +remark-emoji@^4.0.0: + version "4.0.1" + resolved "https://registry.yarnpkg.com/remark-emoji/-/remark-emoji-4.0.1.tgz#671bfda668047689e26b2078c7356540da299f04" + integrity sha512-fHdvsTR1dHkWKev9eNyhTo4EFwbUvJ8ka9SgeWkMPYFX4WoI7ViVBms3PjlQYgw5TLvNQso3GUB/b/8t3yo+dg== + dependencies: + "@types/mdast" "^4.0.2" + emoticon "^4.0.1" + mdast-util-find-and-replace "^3.0.1" + node-emoji "^2.1.0" + unified "^11.0.4" + +remark-frontmatter@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/remark-frontmatter/-/remark-frontmatter-5.0.0.tgz#b68d61552a421ec412c76f4f66c344627dc187a2" + integrity sha512-XTFYvNASMe5iPN0719nPrdItC9aU0ssC4v14mH1BCi1u0n1gAocqcujWUrByftZTbLhRtiKRyjYTSIOcr69UVQ== + dependencies: + "@types/mdast" "^4.0.0" + mdast-util-frontmatter "^2.0.0" + micromark-extension-frontmatter "^2.0.0" + unified "^11.0.0" + +remark-gfm@^4.0.0: + version "4.0.1" + resolved "https://registry.yarnpkg.com/remark-gfm/-/remark-gfm-4.0.1.tgz#33227b2a74397670d357bf05c098eaf8513f0d6b" + integrity sha512-1quofZ2RQ9EWdeN34S79+KExV1764+wCUGop5CPL1WGdD0ocPpu91lzPGbwWMECpEpd42kJGQwzRfyov9j4yNg== + dependencies: + "@types/mdast" "^4.0.0" + mdast-util-gfm "^3.0.0" + micromark-extension-gfm "^3.0.0" + remark-parse "^11.0.0" + remark-stringify "^11.0.0" + unified "^11.0.0" + +remark-mdx@^3.0.0: + version "3.1.1" + resolved "https://registry.yarnpkg.com/remark-mdx/-/remark-mdx-3.1.1.tgz#047f97038bc7ec387aebb4b0a4fe23779999d845" + integrity sha512-Pjj2IYlUY3+D8x00UJsIOg5BEvfMyeI+2uLPn9VO9Wg4MEtN/VTIq2NEJQfde9PnX15KgtHyl9S0BcTnWrIuWg== + dependencies: + mdast-util-mdx "^3.0.0" + micromark-extension-mdxjs "^3.0.0" + +remark-parse@^11.0.0: + version "11.0.0" + resolved "https://registry.yarnpkg.com/remark-parse/-/remark-parse-11.0.0.tgz#aa60743fcb37ebf6b069204eb4da304e40db45a1" + integrity sha512-FCxlKLNGknS5ba/1lmpYijMUzX2esxW5xQqjWxw2eHFfS2MSdaHVINFmhjo+qN1WhZhNimq0dZATN9pH0IDrpA== + dependencies: + "@types/mdast" "^4.0.0" + mdast-util-from-markdown "^2.0.0" + micromark-util-types "^2.0.0" + unified "^11.0.0" + +remark-rehype@^11.0.0: + version "11.1.2" + resolved "https://registry.yarnpkg.com/remark-rehype/-/remark-rehype-11.1.2.tgz#2addaadda80ca9bd9aa0da763e74d16327683b37" + integrity sha512-Dh7l57ianaEoIpzbp0PC9UKAdCSVklD8E5Rpw7ETfbTl3FqcOOgq5q2LVDhgGCkaBv7p24JXikPdvhhmHvKMsw== + dependencies: + "@types/hast" "^3.0.0" + "@types/mdast" "^4.0.0" + mdast-util-to-hast "^13.0.0" + unified "^11.0.0" + vfile "^6.0.0" + +remark-stringify@^11.0.0: + version "11.0.0" + resolved "https://registry.yarnpkg.com/remark-stringify/-/remark-stringify-11.0.0.tgz#4c5b01dd711c269df1aaae11743eb7e2e7636fd3" + integrity sha512-1OSmLd3awB/t8qdoEOMazZkNsfVTeY4fTsgzcQFdXNq8ToTN4ZGwrMnlda4K6smTFKD+GRV6O48i6Z4iKgPPpw== + dependencies: + "@types/mdast" "^4.0.0" + mdast-util-to-markdown "^2.0.0" + unified "^11.0.0" + +renderkid@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/renderkid/-/renderkid-3.0.0.tgz#5fd823e4d6951d37358ecc9a58b1f06836b6268a" + integrity sha512-q/7VIQA8lmM1hF+jn+sFSPWGlMkSAeNYcPLmDQx2zzuiDfaLrOmumR8iaUKlenFgh0XRPIUeSPlH3A+AW3Z5pg== + dependencies: + css-select "^4.1.3" + dom-converter "^0.2.0" + htmlparser2 "^6.1.0" + lodash "^4.17.21" + strip-ansi "^6.0.1" + +repeat-string@^1.0.0: + version "1.6.1" + resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637" + integrity sha512-PV0dzCYDNfRi1jCDbJzpW7jNNDRuCOG/jI5ctQcGKt/clZD+YcPS3yIlWuTJMmESC8aevCFmWJy5wjAFgNqN6w== + +require-from-string@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/require-from-string/-/require-from-string-2.0.2.tgz#89a7fdd938261267318eafe14f9c32e598c36909" + integrity sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw== + +"require-like@>= 0.1.1": + version "0.1.2" + resolved "https://registry.yarnpkg.com/require-like/-/require-like-0.1.2.tgz#ad6f30c13becd797010c468afa775c0c0a6b47fa" + integrity sha512-oyrU88skkMtDdauHDuKVrgR+zuItqr6/c//FXzvmxRGMexSDc6hNvJInGW3LL46n+8b50RykrvwSUIIQH2LQ5A== + +requires-port@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-1.0.0.tgz#925d2601d39ac485e091cf0da5c6e694dc3dcaff" + integrity sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ== + +resolve-alpn@^1.2.0: + version "1.2.1" + resolved "https://registry.yarnpkg.com/resolve-alpn/-/resolve-alpn-1.2.1.tgz#b7adbdac3546aaaec20b45e7d8265927072726f9" + integrity sha512-0a1F4l73/ZFZOakJnQ3FvkJ2+gSTQWz/r2KE5OdDY0TxPm5h4GkqkWWfM47T7HsbnOtcJVEF4epCVy6u7Q3K+g== + +resolve-from@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-4.0.0.tgz#4abcd852ad32dd7baabfe9b40e00a36db5f392e6" + integrity sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g== + +resolve-pathname@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/resolve-pathname/-/resolve-pathname-3.0.0.tgz#99d02224d3cf263689becbb393bc560313025dcd" + integrity sha512-C7rARubxI8bXFNB/hqcp/4iUeIXJhJZvFPFPiSPRnhU5UPxzMFIl+2E6yY6c4k9giDJAhtV+enfA+G89N6Csng== + +resolve@^1.19.0, resolve@^1.22.10: + version "1.22.10" + resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.10.tgz#b663e83ffb09bbf2386944736baae803029b8b39" + integrity sha512-NPRy+/ncIMeDlTAsuqwKIiferiawhefFJtkNSW0qZJEqMEb+qBt/77B/jGeeek+F0uOeN05CDa6HXbbIgtVX4w== + dependencies: + is-core-module "^2.16.0" + path-parse "^1.0.7" + supports-preserve-symlinks-flag "^1.0.0" + +responselike@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/responselike/-/responselike-3.0.0.tgz#20decb6c298aff0dbee1c355ca95461d42823626" + integrity sha512-40yHxbNcl2+rzXvZuVkrYohathsSJlMTXKryG5y8uciHv1+xDLHQpgjG64JUO9nrEq2jGLH6IZ8BcZyw3wrweg== + dependencies: + lowercase-keys "^3.0.0" + +retry@^0.13.1: + version "0.13.1" + resolved "https://registry.yarnpkg.com/retry/-/retry-0.13.1.tgz#185b1587acf67919d63b357349e03537b2484658" + integrity sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg== + +reusify@^1.0.4: + version "1.1.0" + resolved "https://registry.yarnpkg.com/reusify/-/reusify-1.1.0.tgz#0fe13b9522e1473f51b558ee796e08f11f9b489f" + integrity sha512-g6QUff04oZpHs0eG5p83rFLhHeV00ug/Yf9nZM6fLeUrPguBTkTQOdpAWWspMh55TZfVQDPaN3NQJfbVRAxdIw== + +rimraf@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-3.0.2.tgz#f1a5402ba6220ad52cc1282bac1ae3aa49fd061a" + integrity sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA== + dependencies: + glob "^7.1.3" + +rtlcss@^4.1.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/rtlcss/-/rtlcss-4.3.0.tgz#f8efd4d5b64f640ec4af8fa25b65bacd9e07cc97" + integrity sha512-FI+pHEn7Wc4NqKXMXFM+VAYKEj/mRIcW4h24YVwVtyjI+EqGrLc2Hx/Ny0lrZ21cBWU2goLy36eqMcNj3AQJig== + dependencies: + escalade "^3.1.1" + picocolors "^1.0.0" + postcss "^8.4.21" + strip-json-comments "^3.1.1" + +run-parallel@^1.1.9: + version "1.2.0" + resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.2.0.tgz#66d1368da7bdf921eb9d95bd1a9229e7f21a43ee" + integrity sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA== + dependencies: + queue-microtask "^1.2.2" + +safe-buffer@5.2.1, safe-buffer@>=5.1.0, safe-buffer@^5.1.0, safe-buffer@~5.2.0: + version "5.2.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6" + integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ== + +safe-buffer@~5.1.0, safe-buffer@~5.1.1: + version "5.1.2" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d" + integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g== + +"safer-buffer@>= 2.1.2 < 3": + version "2.1.2" + resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" + integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg== + +sax@^1.2.4: + version "1.4.1" + resolved "https://registry.yarnpkg.com/sax/-/sax-1.4.1.tgz#44cc8988377f126304d3b3fc1010c733b929ef0f" + integrity sha512-+aWOz7yVScEGoKNd4PA10LZ8sk0A/z5+nXQG5giUO5rprX9jgYsTdov9qCchZiPIZezbZH+jRut8nPodFAX4Jg== + +scheduler@^0.26.0: + version "0.26.0" + resolved "https://registry.yarnpkg.com/scheduler/-/scheduler-0.26.0.tgz#4ce8a8c2a2095f13ea11bf9a445be50c555d6337" + integrity sha512-NlHwttCI/l5gCPR3D1nNXtWABUmBwvZpEQiD4IXSbIDq8BzLIK/7Ir5gTFSGZDUu37K5cMNp0hFtzO38sC7gWA== + +schema-dts@^1.1.2: + version "1.1.5" + resolved "https://registry.yarnpkg.com/schema-dts/-/schema-dts-1.1.5.tgz#9237725d305bac3469f02b292a035107595dc324" + integrity sha512-RJr9EaCmsLzBX2NDiO5Z3ux2BVosNZN5jo0gWgsyKvxKIUL5R3swNvoorulAeL9kLB0iTSX7V6aokhla2m7xbg== + +schema-utils@^3.0.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-3.3.0.tgz#f50a88877c3c01652a15b622ae9e9795df7a60fe" + integrity sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg== + dependencies: + "@types/json-schema" "^7.0.8" + ajv "^6.12.5" + ajv-keywords "^3.5.2" + +schema-utils@^4.0.0, schema-utils@^4.0.1, schema-utils@^4.3.0, schema-utils@^4.3.2: + version "4.3.2" + resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-4.3.2.tgz#0c10878bf4a73fd2b1dfd14b9462b26788c806ae" + integrity sha512-Gn/JaSk/Mt9gYubxTtSn/QCV4em9mpAPiR1rqy/Ocu19u/G9J5WWdNoUT4SiV6mFC3y6cxyFcFwdzPM3FgxGAQ== + dependencies: + "@types/json-schema" "^7.0.9" + ajv "^8.9.0" + ajv-formats "^2.1.1" + ajv-keywords "^5.1.0" + +section-matter@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/section-matter/-/section-matter-1.0.0.tgz#e9041953506780ec01d59f292a19c7b850b84167" + integrity sha512-vfD3pmTzGpufjScBh50YHKzEu2lxBWhVEHsNGoEXmCmn2hKGfeNLYMzCJpe8cD7gqX7TJluOVpBkAequ6dgMmA== + dependencies: + extend-shallow "^2.0.1" + kind-of "^6.0.0" + +select-hose@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/select-hose/-/select-hose-2.0.0.tgz#625d8658f865af43ec962bfc376a37359a4994ca" + integrity sha512-mEugaLK+YfkijB4fx0e6kImuJdCIt2LxCRcbEYPqRGCs4F2ogyfZU5IAZRdjCP8JPq2AtdNoC/Dux63d9Kiryg== + +select@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/select/-/select-1.1.2.tgz#0e7350acdec80b1108528786ec1d4418d11b396d" + integrity sha512-OwpTSOfy6xSs1+pwcNrv0RBMOzI39Lp3qQKUTPVVPRjCdNa5JH/oPRiqsesIskK8TVgmRiHwO4KXlV2Li9dANA== + +selfsigned@^2.1.1: + version "2.4.1" + resolved "https://registry.yarnpkg.com/selfsigned/-/selfsigned-2.4.1.tgz#560d90565442a3ed35b674034cec4e95dceb4ae0" + integrity sha512-th5B4L2U+eGLq1TVh7zNRGBapioSORUeymIydxgFpwww9d2qyKvtuPU2jJuHvYAwwqi2Y596QBL3eEqcPEYL8Q== + dependencies: + "@types/node-forge" "^1.3.0" + node-forge "^1" + +semver-diff@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-4.0.0.tgz#3afcf5ed6d62259f5c72d0d5d50dffbdc9680df5" + integrity sha512-0Ju4+6A8iOnpL/Thra7dZsSlOHYAHIeMxfhWQRI1/VLcT3WDBZKKtQt/QkBOsiIN9ZpuvHE6cGZ0x4glCMmfiA== + dependencies: + semver "^7.3.5" + +semver@^6.3.1: + version "6.3.1" + resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4" + integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA== + +semver@^7.3.5, semver@^7.3.7, semver@^7.5.4: + version "7.7.2" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.7.2.tgz#67d99fdcd35cec21e6f8b87a7fd515a33f982b58" + integrity sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA== + +send@0.19.0: + version "0.19.0" + resolved "https://registry.yarnpkg.com/send/-/send-0.19.0.tgz#bbc5a388c8ea6c048967049dbeac0e4a3f09d7f8" + integrity sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw== + dependencies: + debug "2.6.9" + depd "2.0.0" + destroy "1.2.0" + encodeurl "~1.0.2" + escape-html "~1.0.3" + etag "~1.8.1" + fresh "0.5.2" + http-errors "2.0.0" + mime "1.6.0" + ms "2.1.3" + on-finished "2.4.1" + range-parser "~1.2.1" + statuses "2.0.1" + +serialize-javascript@^6.0.0, serialize-javascript@^6.0.1, serialize-javascript@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-6.0.2.tgz#defa1e055c83bf6d59ea805d8da862254eb6a6c2" + integrity sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g== + dependencies: + randombytes "^2.1.0" + +serve-handler@^6.1.6: + version "6.1.6" + resolved "https://registry.yarnpkg.com/serve-handler/-/serve-handler-6.1.6.tgz#50803c1d3e947cd4a341d617f8209b22bd76cfa1" + integrity sha512-x5RL9Y2p5+Sh3D38Fh9i/iQ5ZK+e4xuXRd/pGbM4D13tgo/MGwbttUk8emytcr1YYzBYs+apnUngBDFYfpjPuQ== + dependencies: + bytes "3.0.0" + content-disposition "0.5.2" + mime-types "2.1.18" + minimatch "3.1.2" + path-is-inside "1.0.2" + path-to-regexp "3.3.0" + range-parser "1.2.0" + +serve-index@^1.9.1: + version "1.9.1" + resolved "https://registry.yarnpkg.com/serve-index/-/serve-index-1.9.1.tgz#d3768d69b1e7d82e5ce050fff5b453bea12a9239" + integrity sha512-pXHfKNP4qujrtteMrSBb0rc8HJ9Ms/GrXwcUtUtD5s4ewDJI8bT3Cz2zTVRMKtri49pLx2e0Ya8ziP5Ya2pZZw== + dependencies: + accepts "~1.3.4" + batch "0.6.1" + debug "2.6.9" + escape-html "~1.0.3" + http-errors "~1.6.2" + mime-types "~2.1.17" + parseurl "~1.3.2" + +serve-static@1.16.2: + version "1.16.2" + resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.16.2.tgz#b6a5343da47f6bdd2673848bf45754941e803296" + integrity sha512-VqpjJZKadQB/PEbEwvFdO43Ax5dFBZ2UECszz8bQ7pi7wt//PWe1P6MN7eCnjsatYtBT6EuiClbjSWP2WrIoTw== + dependencies: + encodeurl "~2.0.0" + escape-html "~1.0.3" + parseurl "~1.3.3" + send "0.19.0" + +set-function-length@^1.2.2: + version "1.2.2" + resolved "https://registry.yarnpkg.com/set-function-length/-/set-function-length-1.2.2.tgz#aac72314198eaed975cf77b2c3b6b880695e5449" + integrity sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg== + dependencies: + define-data-property "^1.1.4" + es-errors "^1.3.0" + function-bind "^1.1.2" + get-intrinsic "^1.2.4" + gopd "^1.0.1" + has-property-descriptors "^1.0.2" + +setprototypeof@1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.1.0.tgz#d0bd85536887b6fe7c0d818cb962d9d91c54e656" + integrity sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ== + +setprototypeof@1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.2.0.tgz#66c9a24a73f9fc28cbe66b09fed3d33dcaf1b424" + integrity sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw== + +shallow-clone@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/shallow-clone/-/shallow-clone-3.0.1.tgz#8f2981ad92531f55035b01fb230769a40e02efa3" + integrity sha512-/6KqX+GVUdqPuPPd2LxDDxzX6CAbjJehAAOKlNpqqUpAqPM6HeL8f+o3a+JsyGjn2lv0WY8UsTgUJjU9Ok55NA== + dependencies: + kind-of "^6.0.2" + +shallowequal@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/shallowequal/-/shallowequal-1.1.0.tgz#188d521de95b9087404fd4dcb68b13df0ae4e7f8" + integrity sha512-y0m1JoUZSlPAjXVtPPW70aZWfIL/dSP7AFkRnniLCrK/8MDKog3TySTBmckD+RObVxH0v4Tox67+F14PdED2oQ== + +shebang-command@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/shebang-command/-/shebang-command-2.0.0.tgz#ccd0af4f8835fbdc265b82461aaf0c36663f34ea" + integrity sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA== + dependencies: + shebang-regex "^3.0.0" + +shebang-regex@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172" + integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A== + +shell-quote@^1.8.3: + version "1.8.3" + resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.8.3.tgz#55e40ef33cf5c689902353a3d8cd1a6725f08b4b" + integrity sha512-ObmnIF4hXNg1BqhnHmgbDETF8dLPCggZWBjkQfhZpbszZnYur5DUljTcCHii5LC3J5E0yeO/1LIMyH+UvHQgyw== + +side-channel-list@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/side-channel-list/-/side-channel-list-1.0.0.tgz#10cb5984263115d3b7a0e336591e290a830af8ad" + integrity sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA== + dependencies: + es-errors "^1.3.0" + object-inspect "^1.13.3" + +side-channel-map@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/side-channel-map/-/side-channel-map-1.0.1.tgz#d6bb6b37902c6fef5174e5f533fab4c732a26f42" + integrity sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA== + dependencies: + call-bound "^1.0.2" + es-errors "^1.3.0" + get-intrinsic "^1.2.5" + object-inspect "^1.13.3" + +side-channel-weakmap@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz#11dda19d5368e40ce9ec2bdc1fb0ecbc0790ecea" + integrity sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A== + dependencies: + call-bound "^1.0.2" + es-errors "^1.3.0" + get-intrinsic "^1.2.5" + object-inspect "^1.13.3" + side-channel-map "^1.0.1" + +side-channel@^1.0.6: + version "1.1.0" + resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.1.0.tgz#c3fcff9c4da932784873335ec9765fa94ff66bc9" + integrity sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw== + dependencies: + es-errors "^1.3.0" + object-inspect "^1.13.3" + side-channel-list "^1.0.0" + side-channel-map "^1.0.1" + side-channel-weakmap "^1.0.2" + +signal-exit@^3.0.2, signal-exit@^3.0.3: + version "3.0.7" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.7.tgz#a9a1767f8af84155114eaabd73f99273c8f59ad9" + integrity sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ== + +sirv@^2.0.3: + version "2.0.4" + resolved "https://registry.yarnpkg.com/sirv/-/sirv-2.0.4.tgz#5dd9a725c578e34e449f332703eb2a74e46a29b0" + integrity sha512-94Bdh3cC2PKrbgSOUqTiGPWVZeSiXfKOVZNJniWoqrWrRkB1CJzBU3NEbiTsPcYy1lDsANA/THzS+9WBiy5nfQ== + dependencies: + "@polka/url" "^1.0.0-next.24" + mrmime "^2.0.0" + totalist "^3.0.0" + +sisteransi@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/sisteransi/-/sisteransi-1.0.5.tgz#134d681297756437cc05ca01370d3a7a571075ed" + integrity sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg== + +sitemap@^7.1.1: + version "7.1.2" + resolved "https://registry.yarnpkg.com/sitemap/-/sitemap-7.1.2.tgz#6ce1deb43f6f177c68bc59cf93632f54e3ae6b72" + integrity sha512-ARCqzHJ0p4gWt+j7NlU5eDlIO9+Rkr/JhPFZKKQ1l5GCus7rJH4UdrlVAh0xC/gDS/Qir2UMxqYNHtsKr2rpCw== + dependencies: + "@types/node" "^17.0.5" + "@types/sax" "^1.2.1" + arg "^5.0.0" + sax "^1.2.4" + +skin-tone@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/skin-tone/-/skin-tone-2.0.0.tgz#4e3933ab45c0d4f4f781745d64b9f4c208e41237" + integrity sha512-kUMbT1oBJCpgrnKoSr0o6wPtvRWT9W9UKvGLwfJYO2WuahZRHOpEyL1ckyMGgMWh0UdpmaoFqKKD29WTomNEGA== + dependencies: + unicode-emoji-modifier-base "^1.0.0" + +slash@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/slash/-/slash-3.0.0.tgz#6539be870c165adbd5240220dbe361f1bc4d4634" + integrity sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q== + +slash@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/slash/-/slash-4.0.0.tgz#2422372176c4c6c5addb5e2ada885af984b396a7" + integrity sha512-3dOsAHXXUkQTpOYcoAxLIorMTp4gIQr5IW3iVb7A7lFIp0VHhnynm9izx6TssdrIcVIESAlVjtnO2K8bg+Coew== + +snake-case@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/snake-case/-/snake-case-3.0.4.tgz#4f2bbd568e9935abdfd593f34c691dadb49c452c" + integrity sha512-LAOh4z89bGQvl9pFfNF8V146i7o7/CqFPbqzYgP+yYzDIDeS9HaNFtXABamRW+AQzEVODcvE79ljJ+8a9YSdMg== + dependencies: + dot-case "^3.0.4" + tslib "^2.0.3" + +sockjs@^0.3.24: + version "0.3.24" + resolved "https://registry.yarnpkg.com/sockjs/-/sockjs-0.3.24.tgz#c9bc8995f33a111bea0395ec30aa3206bdb5ccce" + integrity sha512-GJgLTZ7vYb/JtPSSZ10hsOYIvEYsjbNU+zPdIHcUaWVNUEPivzxku31865sSSud0Da0W4lEeOPlmw93zLQchuQ== + dependencies: + faye-websocket "^0.11.3" + uuid "^8.3.2" + websocket-driver "^0.7.4" + +sort-css-media-queries@2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/sort-css-media-queries/-/sort-css-media-queries-2.2.0.tgz#aa33cf4a08e0225059448b6c40eddbf9f1c8334c" + integrity sha512-0xtkGhWCC9MGt/EzgnvbbbKhqWjl1+/rncmhTh5qCpbYguXh6S/qwePfv/JQ8jePXXmqingylxoC49pCkSPIbA== + +source-map-js@^1.0.1, source-map-js@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.2.1.tgz#1ce5650fddd87abc099eda37dcff024c2667ae46" + integrity sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA== + +source-map-support@~0.5.20: + version "0.5.21" + resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.5.21.tgz#04fe7c7f9e1ed2d662233c28cb2b35b9f63f6e4f" + integrity sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w== + dependencies: + buffer-from "^1.0.0" + source-map "^0.6.0" + +source-map@^0.5.7: + version "0.5.7" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc" + integrity sha512-LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ== + +source-map@^0.6.0, source-map@~0.6.0: + version "0.6.1" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263" + integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g== + +source-map@^0.7.0: + version "0.7.6" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.7.6.tgz#a3658ab87e5b6429c8a1f3ba0083d4c61ca3ef02" + integrity sha512-i5uvt8C3ikiWeNZSVZNWcfZPItFQOsYTUAOkcUPGd8DqDy1uOUikjt5dG+uRlwyvR108Fb9DOd4GvXfT0N2/uQ== + +space-separated-tokens@^2.0.0: + version "2.0.2" + resolved "https://registry.yarnpkg.com/space-separated-tokens/-/space-separated-tokens-2.0.2.tgz#1ecd9d2350a3844572c3f4a312bceb018348859f" + integrity sha512-PEGlAwrG8yXGXRjW32fGbg66JAlOAwbObuqVoJpv/mRgoWDQfgH1wDPvtzWyUSNAXBGSk8h755YDbbcEy3SH2Q== + +spdy-transport@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/spdy-transport/-/spdy-transport-3.0.0.tgz#00d4863a6400ad75df93361a1608605e5dcdcf31" + integrity sha512-hsLVFE5SjA6TCisWeJXFKniGGOpBgMLmerfO2aCyCU5s7nJ/rpAepqmFifv/GCbSbueEeAJJnmSQ2rKC/g8Fcw== + dependencies: + debug "^4.1.0" + detect-node "^2.0.4" + hpack.js "^2.1.6" + obuf "^1.1.2" + readable-stream "^3.0.6" + wbuf "^1.7.3" + +spdy@^4.0.2: + version "4.0.2" + resolved "https://registry.yarnpkg.com/spdy/-/spdy-4.0.2.tgz#b74f466203a3eda452c02492b91fb9e84a27677b" + integrity sha512-r46gZQZQV+Kl9oItvl1JZZqJKGr+oEkB08A6BzkiR7593/7IbtuncXHd2YoYeTsG4157ZssMu9KYvUHLcjcDoA== + dependencies: + debug "^4.1.0" + handle-thing "^2.0.0" + http-deceiver "^1.2.7" + select-hose "^2.0.0" + spdy-transport "^3.0.0" + +sprintf-js@~1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" + integrity sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g== + +srcset@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/srcset/-/srcset-4.0.0.tgz#336816b665b14cd013ba545b6fe62357f86e65f4" + integrity sha512-wvLeHgcVHKO8Sc/H/5lkGreJQVeYMm9rlmt8PuR1xE31rIuXhuzznUUqAt8MqLhB3MqJdFzlNAfpcWnxiFUcPw== + +statuses@2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/statuses/-/statuses-2.0.1.tgz#55cb000ccf1d48728bd23c685a063998cf1a1b63" + integrity sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ== + +"statuses@>= 1.4.0 < 2": + version "1.5.0" + resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.5.0.tgz#161c7dac177659fd9811f43771fa99381478628c" + integrity sha512-OpZ3zP+jT1PI7I8nemJX4AKmAX070ZkYPVWV/AaKTJl+tXCTGyVdC1a4SL8RUQYEwk/f34ZX8UTykN68FwrqAA== + +std-env@^3.7.0: + version "3.9.0" + resolved "https://registry.yarnpkg.com/std-env/-/std-env-3.9.0.tgz#1a6f7243b339dca4c9fd55e1c7504c77ef23e8f1" + integrity sha512-UGvjygr6F6tpH7o2qyqR6QYpwraIjKSdtzyBdyytFOHmPZY917kwdwLG0RbOjWOnKmnm3PeHjaoLLMie7kPLQw== + +string-width@^4.1.0, string-width@^4.2.0: + version "4.2.3" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" + integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== + dependencies: + emoji-regex "^8.0.0" + is-fullwidth-code-point "^3.0.0" + strip-ansi "^6.0.1" + +string-width@^5.0.1, string-width@^5.1.2: + version "5.1.2" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-5.1.2.tgz#14f8daec6d81e7221d2a357e668cab73bdbca794" + integrity sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA== + dependencies: + eastasianwidth "^0.2.0" + emoji-regex "^9.2.2" + strip-ansi "^7.0.1" + +string_decoder@^1.1.1: + version "1.3.0" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.3.0.tgz#42f114594a46cf1a8e30b0a84f56c78c3edac21e" + integrity sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA== + dependencies: + safe-buffer "~5.2.0" + +string_decoder@~1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8" + integrity sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg== + dependencies: + safe-buffer "~5.1.0" + +stringify-entities@^4.0.0: + version "4.0.4" + resolved "https://registry.yarnpkg.com/stringify-entities/-/stringify-entities-4.0.4.tgz#b3b79ef5f277cc4ac73caeb0236c5ba939b3a4f3" + integrity sha512-IwfBptatlO+QCJUo19AqvrPNqlVMpW9YEL2LIVY+Rpv2qsjCGxaDLNRgeGsQWJhfItebuJhsGSLjaBbNSQ+ieg== + dependencies: + character-entities-html4 "^2.0.0" + character-entities-legacy "^3.0.0" + +stringify-object@^3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/stringify-object/-/stringify-object-3.3.0.tgz#703065aefca19300d3ce88af4f5b3956d7556629" + integrity sha512-rHqiFh1elqCQ9WPLIC8I0Q/g/wj5J1eMkyoiD6eoQApWHP0FtlK7rqnhmabL5VUY9JQCcqwwvlOaSuutekgyrw== + dependencies: + get-own-enumerable-property-symbols "^3.0.0" + is-obj "^1.0.1" + is-regexp "^1.0.0" + +strip-ansi@^6.0.0, strip-ansi@^6.0.1: + version "6.0.1" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" + integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== + dependencies: + ansi-regex "^5.0.1" + +strip-ansi@^7.0.1: + version "7.1.0" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-7.1.0.tgz#d5b6568ca689d8561370b0707685d22434faff45" + integrity sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ== + dependencies: + ansi-regex "^6.0.1" + +strip-bom-string@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/strip-bom-string/-/strip-bom-string-1.0.0.tgz#e5211e9224369fbb81d633a2f00044dc8cedad92" + integrity sha512-uCC2VHvQRYu+lMh4My/sFNmF2klFymLX1wHJeXnbEJERpV/ZsVuonzerjfrGpIGF7LBVa1O7i9kjiWvJiFck8g== + +strip-final-newline@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/strip-final-newline/-/strip-final-newline-2.0.0.tgz#89b852fb2fcbe936f6f4b3187afb0a12c1ab58ad" + integrity sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA== + +strip-json-comments@^3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-3.1.1.tgz#31f1281b3832630434831c310c01cccda8cbe006" + integrity sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig== + +strip-json-comments@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" + integrity sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ== + +style-to-js@^1.0.0: + version "1.1.17" + resolved "https://registry.yarnpkg.com/style-to-js/-/style-to-js-1.1.17.tgz#488b1558a8c1fd05352943f088cc3ce376813d83" + integrity sha512-xQcBGDxJb6jjFCTzvQtfiPn6YvvP2O8U1MDIPNfJQlWMYfktPy+iGsHE7cssjs7y84d9fQaK4UF3RIJaAHSoYA== + dependencies: + style-to-object "1.0.9" + +style-to-object@1.0.9: + version "1.0.9" + resolved "https://registry.yarnpkg.com/style-to-object/-/style-to-object-1.0.9.tgz#35c65b713f4a6dba22d3d0c61435f965423653f0" + integrity sha512-G4qppLgKu/k6FwRpHiGiKPaPTFcG3g4wNVX/Qsfu+RqQM30E7Tyu/TEgxcL9PNLF5pdRLwQdE3YKKf+KF2Dzlw== + dependencies: + inline-style-parser "0.2.4" + +stylehacks@^6.1.1: + version "6.1.1" + resolved "https://registry.yarnpkg.com/stylehacks/-/stylehacks-6.1.1.tgz#543f91c10d17d00a440430362d419f79c25545a6" + integrity sha512-gSTTEQ670cJNoaeIp9KX6lZmm8LJ3jPB5yJmX8Zq/wQxOsAFXV3qjWzHas3YYk1qesuVIyYWWUpZ0vSE/dTSGg== + dependencies: + browserslist "^4.23.0" + postcss-selector-parser "^6.0.16" + +stylis@4.2.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/stylis/-/stylis-4.2.0.tgz#79daee0208964c8fe695a42fcffcac633a211a51" + integrity sha512-Orov6g6BB1sDfYgzWfTHDOxamtX1bE/zo104Dh9e6fqJ3PooipYyfJ0pUmrZO2wAvO8YbEyeFrkV91XTsGMSrw== + +supports-color@^7.1.0: + version "7.2.0" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-7.2.0.tgz#1b7dcdcb32b8138801b3e478ba6a51caa89648da" + integrity sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw== + dependencies: + has-flag "^4.0.0" + +supports-color@^8.0.0: + version "8.1.1" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-8.1.1.tgz#cd6fc17e28500cff56c1b86c0a7fd4a54a73005c" + integrity sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q== + dependencies: + has-flag "^4.0.0" + +supports-preserve-symlinks-flag@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz#6eda4bd344a3c94aea376d4cc31bc77311039e09" + integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w== + +svg-parser@^2.0.4: + version "2.0.4" + resolved "https://registry.yarnpkg.com/svg-parser/-/svg-parser-2.0.4.tgz#fdc2e29e13951736140b76cb122c8ee6630eb6b5" + integrity sha512-e4hG1hRwoOdRb37cIMSgzNsxyzKfayW6VOflrwvR+/bzrkyxY/31WkbgnQpgtrNp1SdpJvpUAGTa/ZoiPNDuRQ== + +svgo@^3.0.2, svgo@^3.2.0: + version "3.3.2" + resolved "https://registry.yarnpkg.com/svgo/-/svgo-3.3.2.tgz#ad58002652dffbb5986fc9716afe52d869ecbda8" + integrity sha512-OoohrmuUlBs8B8o6MB2Aevn+pRIH9zDALSR+6hhqVfa6fRwG/Qw9VUMSMW9VNg2CFc/MTIfabtdOVl9ODIJjpw== + dependencies: + "@trysound/sax" "0.2.0" + commander "^7.2.0" + css-select "^5.1.0" + css-tree "^2.3.1" + css-what "^6.1.0" + csso "^5.0.5" + picocolors "^1.0.0" + +tapable@^2.0.0, tapable@^2.1.1, tapable@^2.2.0, tapable@^2.2.1: + version "2.2.3" + resolved "https://registry.yarnpkg.com/tapable/-/tapable-2.2.3.tgz#4b67b635b2d97578a06a2713d2f04800c237e99b" + integrity sha512-ZL6DDuAlRlLGghwcfmSn9sK3Hr6ArtyudlSAiCqQ6IfE+b+HHbydbYDIG15IfS5do+7XQQBdBiubF/cV2dnDzg== + +terser-webpack-plugin@^5.3.11, terser-webpack-plugin@^5.3.9: + version "5.3.14" + resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-5.3.14.tgz#9031d48e57ab27567f02ace85c7d690db66c3e06" + integrity sha512-vkZjpUjb6OMS7dhV+tILUW6BhpDR7P2L/aQSAv+Uwk+m8KATX9EccViHTJR2qDtACKPIYndLGCyl3FMo+r2LMw== + dependencies: + "@jridgewell/trace-mapping" "^0.3.25" + jest-worker "^27.4.5" + schema-utils "^4.3.0" + serialize-javascript "^6.0.2" + terser "^5.31.1" + +terser@^5.10.0, terser@^5.15.1, terser@^5.31.1: + version "5.43.1" + resolved "https://registry.yarnpkg.com/terser/-/terser-5.43.1.tgz#88387f4f9794ff1a29e7ad61fb2932e25b4fdb6d" + integrity sha512-+6erLbBm0+LROX2sPXlUYx/ux5PyE9K/a92Wrt6oA+WDAoFTdpHE5tCYCI5PNzq2y8df4rA+QgHLJuR4jNymsg== + dependencies: + "@jridgewell/source-map" "^0.3.3" + acorn "^8.14.0" + commander "^2.20.0" + source-map-support "~0.5.20" + +thunky@^1.0.2: + version "1.1.0" + resolved "https://registry.yarnpkg.com/thunky/-/thunky-1.1.0.tgz#5abaf714a9405db0504732bbccd2cedd9ef9537d" + integrity sha512-eHY7nBftgThBqOyHGVN+l8gF0BucP09fMo0oO/Lb0w1OF80dJv+lDVpXG60WMQvkcxAkNybKsrEIE3ZtKGmPrA== + +tiny-emitter@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/tiny-emitter/-/tiny-emitter-2.1.0.tgz#1d1a56edfc51c43e863cbb5382a72330e3555423" + integrity sha512-NB6Dk1A9xgQPMoGqC5CVXn123gWyte215ONT5Pp5a0yt4nlEoO1ZWeCwpncaekPHXO60i47ihFnZPiRPjRMq4Q== + +tiny-invariant@^1.0.2: + version "1.3.3" + resolved "https://registry.yarnpkg.com/tiny-invariant/-/tiny-invariant-1.3.3.tgz#46680b7a873a0d5d10005995eb90a70d74d60127" + integrity sha512-+FbBPE1o9QAYvviau/qC5SE3caw21q3xkvWKBtja5vgqOWIHHJ3ioaq1VPfn/Szqctz2bU/oYeKd9/z5BL+PVg== + +tiny-warning@^1.0.0: + version "1.0.3" + resolved "https://registry.yarnpkg.com/tiny-warning/-/tiny-warning-1.0.3.tgz#94a30db453df4c643d0fd566060d60a875d84754" + integrity sha512-lBN9zLN/oAf68o3zNXYrdCt1kP8WsiGW8Oo2ka41b2IM5JL/S1CTyX1rW0mb/zSuJun0ZUrDxx4sqvYS2FWzPA== + +tinypool@^1.0.2: + version "1.1.1" + resolved "https://registry.yarnpkg.com/tinypool/-/tinypool-1.1.1.tgz#059f2d042bd37567fbc017d3d426bdd2a2612591" + integrity sha512-Zba82s87IFq9A9XmjiX5uZA/ARWDrB03OHlq+Vw1fSdt0I+4/Kutwy8BP4Y/y/aORMo61FQ0vIb5j44vSo5Pkg== + +to-regex-range@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/to-regex-range/-/to-regex-range-5.0.1.tgz#1648c44aae7c8d988a326018ed72f5b4dd0392e4" + integrity sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ== + dependencies: + is-number "^7.0.0" + +toidentifier@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35" + integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA== + +totalist@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/totalist/-/totalist-3.0.1.tgz#ba3a3d600c915b1a97872348f79c127475f6acf8" + integrity sha512-sf4i37nQ2LBx4m3wB74y+ubopq6W/dIzXg0FDGjsYnZHVa1Da8FH853wlL2gtUhg+xJXjfk3kUZS3BRoQeoQBQ== + +trim-lines@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/trim-lines/-/trim-lines-3.0.1.tgz#d802e332a07df861c48802c04321017b1bd87338" + integrity sha512-kRj8B+YHZCc9kQYdWfJB2/oUl9rA99qbowYYBtr4ui4mZyAQ2JpvVBd/6U2YloATfqBhBTSMhTpgBHtU0Mf3Rg== + +trough@^2.0.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/trough/-/trough-2.2.0.tgz#94a60bd6bd375c152c1df911a4b11d5b0256f50f" + integrity sha512-tmMpK00BjZiUyVyvrBK7knerNgmgvcV/KLVyuma/SC+TQN167GrMRciANTz09+k3zW8L8t60jWO1GpfkZdjTaw== + +tslib@^2.0.3, tslib@^2.6.0: + version "2.8.1" + resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.8.1.tgz#612efe4ed235d567e8aba5f2a5fab70280ade83f" + integrity sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w== + +type-fest@^0.21.3: + version "0.21.3" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.21.3.tgz#d260a24b0198436e133fa26a524a6d65fa3b2e37" + integrity sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w== + +type-fest@^1.0.1: + version "1.4.0" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-1.4.0.tgz#e9fb813fe3bf1744ec359d55d1affefa76f14be1" + integrity sha512-yGSza74xk0UG8k+pLh5oeoYirvIiWo5t0/o3zHHAO2tRDiZcxWP7fywNlXhqb6/r6sWvwi+RsyQMWhVLe4BVuA== + +type-fest@^2.13.0, type-fest@^2.5.0: + version "2.19.0" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-2.19.0.tgz#88068015bb33036a598b952e55e9311a60fd3a9b" + integrity sha512-RAH822pAdBgcNMAfWnCBU3CFZcfZ/i1eZjwFU/dsLKumyuuP3niueg2UAukXYF0E2AAoc82ZSSf9J0WQBinzHA== + +type-is@~1.6.18: + version "1.6.18" + resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.18.tgz#4e552cd05df09467dcbc4ef739de89f2cf37c131" + integrity sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g== + dependencies: + media-typer "0.3.0" + mime-types "~2.1.24" + +typedarray-to-buffer@^3.1.5: + version "3.1.5" + resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz#a97ee7a9ff42691b9f783ff1bc5112fe3fca9080" + integrity sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q== + dependencies: + is-typedarray "^1.0.0" + +undici-types@~7.10.0: + version "7.10.0" + resolved "https://registry.yarnpkg.com/undici-types/-/undici-types-7.10.0.tgz#4ac2e058ce56b462b056e629cc6a02393d3ff350" + integrity sha512-t5Fy/nfn+14LuOc2KNYg75vZqClpAiqscVvMygNnlsHBFpSXdJaYtXMcdNLpl/Qvc3P2cB3s6lOV51nqsFq4ag== + +unicode-canonical-property-names-ecmascript@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-2.0.1.tgz#cb3173fe47ca743e228216e4a3ddc4c84d628cc2" + integrity sha512-dA8WbNeb2a6oQzAQ55YlT5vQAWGV9WXOsi3SskE3bcCdM0P4SDd+24zS/OCacdRq5BkdsRj9q3Pg6YyQoxIGqg== + +unicode-emoji-modifier-base@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/unicode-emoji-modifier-base/-/unicode-emoji-modifier-base-1.0.0.tgz#dbbd5b54ba30f287e2a8d5a249da6c0cef369459" + integrity sha512-yLSH4py7oFH3oG/9K+XWrz1pSi3dfUrWEnInbxMfArOfc1+33BlGPQtLsOYwvdMy11AwUBetYuaRxSPqgkq+8g== + +unicode-match-property-ecmascript@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/unicode-match-property-ecmascript/-/unicode-match-property-ecmascript-2.0.0.tgz#54fd16e0ecb167cf04cf1f756bdcc92eba7976c3" + integrity sha512-5kaZCrbp5mmbz5ulBkDkbY0SsPOjKqVS35VpL9ulMPfSl0J0Xsm+9Evphv9CoIZFwre7aJoa94AY6seMKGVN5Q== + dependencies: + unicode-canonical-property-names-ecmascript "^2.0.0" + unicode-property-aliases-ecmascript "^2.0.0" + +unicode-match-property-value-ecmascript@^2.1.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/unicode-match-property-value-ecmascript/-/unicode-match-property-value-ecmascript-2.2.0.tgz#a0401aee72714598f739b68b104e4fe3a0cb3c71" + integrity sha512-4IehN3V/+kkr5YeSSDDQG8QLqO26XpL2XP3GQtqwlT/QYSECAwFztxVHjlbh0+gjJ3XmNLS0zDsbgs9jWKExLg== + +unicode-property-aliases-ecmascript@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/unicode-property-aliases-ecmascript/-/unicode-property-aliases-ecmascript-2.1.0.tgz#43d41e3be698bd493ef911077c9b131f827e8ccd" + integrity sha512-6t3foTQI9qne+OZoVQB/8x8rk2k1eVy1gRXhV3oFQ5T6R1dqQ1xtin3XqSlx3+ATBkliTaR/hHyJBm+LVPNM8w== + +unified@^11.0.0, unified@^11.0.3, unified@^11.0.4: + version "11.0.5" + resolved "https://registry.yarnpkg.com/unified/-/unified-11.0.5.tgz#f66677610a5c0a9ee90cab2b8d4d66037026d9e1" + integrity sha512-xKvGhPWw3k84Qjh8bI3ZeJjqnyadK+GEFtazSfZv/rKeTkTjOJho6mFqh2SM96iIcZokxiOpg78GazTSg8+KHA== + dependencies: + "@types/unist" "^3.0.0" + bail "^2.0.0" + devlop "^1.0.0" + extend "^3.0.0" + is-plain-obj "^4.0.0" + trough "^2.0.0" + vfile "^6.0.0" + +unique-string@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/unique-string/-/unique-string-3.0.0.tgz#84a1c377aff5fd7a8bc6b55d8244b2bd90d75b9a" + integrity sha512-VGXBUVwxKMBUznyffQweQABPRRW1vHZAbadFZud4pLFAqRGvv/96vafgjWFqzourzr8YonlQiPgH0YCJfawoGQ== + dependencies: + crypto-random-string "^4.0.0" + +unist-util-is@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/unist-util-is/-/unist-util-is-6.0.0.tgz#b775956486aff107a9ded971d996c173374be424" + integrity sha512-2qCTHimwdxLfz+YzdGfkqNlH0tLi9xjTnHddPmJwtIG9MGsdbutfTc4P+haPD7l7Cjxf/WZj+we5qfVPvvxfYw== + dependencies: + "@types/unist" "^3.0.0" + +unist-util-position-from-estree@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/unist-util-position-from-estree/-/unist-util-position-from-estree-2.0.0.tgz#d94da4df596529d1faa3de506202f0c9a23f2200" + integrity sha512-KaFVRjoqLyF6YXCbVLNad/eS4+OfPQQn2yOd7zF/h5T/CSL2v8NpN6a5TPvtbXthAGw5nG+PuTtq+DdIZr+cRQ== + dependencies: + "@types/unist" "^3.0.0" + +unist-util-position@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/unist-util-position/-/unist-util-position-5.0.0.tgz#678f20ab5ca1207a97d7ea8a388373c9cf896be4" + integrity sha512-fucsC7HjXvkB5R3kTCO7kUjRdrS0BJt3M/FPxmHMBOm8JQi2BsHAHFsy27E0EolP8rp0NzXsJ+jNPyDWvOJZPA== + dependencies: + "@types/unist" "^3.0.0" + +unist-util-stringify-position@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/unist-util-stringify-position/-/unist-util-stringify-position-4.0.0.tgz#449c6e21a880e0855bf5aabadeb3a740314abac2" + integrity sha512-0ASV06AAoKCDkS2+xw5RXJywruurpbC4JZSm7nr7MOt1ojAzvyyaO+UxZf18j8FCF6kmzCZKcAgN/yu2gm2XgQ== + dependencies: + "@types/unist" "^3.0.0" + +unist-util-visit-parents@^6.0.0: + version "6.0.1" + resolved "https://registry.yarnpkg.com/unist-util-visit-parents/-/unist-util-visit-parents-6.0.1.tgz#4d5f85755c3b8f0dc69e21eca5d6d82d22162815" + integrity sha512-L/PqWzfTP9lzzEa6CKs0k2nARxTdZduw3zyh8d2NVBnsyvHjSX4TWse388YrrQKbvI8w20fGjGlhgT96WwKykw== + dependencies: + "@types/unist" "^3.0.0" + unist-util-is "^6.0.0" + +unist-util-visit@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/unist-util-visit/-/unist-util-visit-5.0.0.tgz#a7de1f31f72ffd3519ea71814cccf5fd6a9217d6" + integrity sha512-MR04uvD+07cwl/yhVuVWAtw+3GOR/knlL55Nd/wAdblk27GCVt3lqpTivy/tkJcZoNPzTwS1Y+KMojlLDhoTzg== + dependencies: + "@types/unist" "^3.0.0" + unist-util-is "^6.0.0" + unist-util-visit-parents "^6.0.0" + +universalify@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.1.tgz#168efc2180964e6386d061e094df61afe239b18d" + integrity sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw== + +unpipe@1.0.0, unpipe@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" + integrity sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ== + +update-browserslist-db@^1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/update-browserslist-db/-/update-browserslist-db-1.1.3.tgz#348377dd245216f9e7060ff50b15a1b740b75420" + integrity sha512-UxhIZQ+QInVdunkDAaiazvvT/+fXL5Osr0JZlJulepYu6Jd7qJtDZjlur0emRlT71EN3ScPoE7gvsuIKKNavKw== + dependencies: + escalade "^3.2.0" + picocolors "^1.1.1" + +update-notifier@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-6.0.2.tgz#a6990253dfe6d5a02bd04fbb6a61543f55026b60" + integrity sha512-EDxhTEVPZZRLWYcJ4ZXjGFN0oP7qYvbXWzEgRm/Yql4dHX5wDbvh89YHP6PK1lzZJYrMtXUuZZz8XGK+U6U1og== + dependencies: + boxen "^7.0.0" + chalk "^5.0.1" + configstore "^6.0.0" + has-yarn "^3.0.0" + import-lazy "^4.0.0" + is-ci "^3.0.1" + is-installed-globally "^0.4.0" + is-npm "^6.0.0" + is-yarn-global "^0.4.0" + latest-version "^7.0.0" + pupa "^3.1.0" + semver "^7.3.7" + semver-diff "^4.0.0" + xdg-basedir "^5.1.0" + +uri-js@^4.2.2: + version "4.4.1" + resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.4.1.tgz#9b1a52595225859e55f669d928f88c6c57f2a77e" + integrity sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg== + dependencies: + punycode "^2.1.0" + +url-loader@^4.1.1: + version "4.1.1" + resolved "https://registry.yarnpkg.com/url-loader/-/url-loader-4.1.1.tgz#28505e905cae158cf07c92ca622d7f237e70a4e2" + integrity sha512-3BTV812+AVHHOJQO8O5MkWgZ5aosP7GnROJwvzLS9hWDj00lZ6Z0wNak423Lp9PBZN05N+Jk/N5Si8jRAlGyWA== + dependencies: + loader-utils "^2.0.0" + mime-types "^2.1.27" + schema-utils "^3.0.0" + +util-deprecate@^1.0.1, util-deprecate@^1.0.2, util-deprecate@~1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" + integrity sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw== + +utila@~0.4: + version "0.4.0" + resolved "https://registry.yarnpkg.com/utila/-/utila-0.4.0.tgz#8a16a05d445657a3aea5eecc5b12a4fa5379772c" + integrity sha512-Z0DbgELS9/L/75wZbro8xAnT50pBVFQZ+hUEueGDU5FN51YSCYM+jdxsfCiHjwNP/4LCDD0i/graKpeBnOXKRA== + +utility-types@^3.10.0: + version "3.11.0" + resolved "https://registry.yarnpkg.com/utility-types/-/utility-types-3.11.0.tgz#607c40edb4f258915e901ea7995607fdf319424c" + integrity sha512-6Z7Ma2aVEWisaL6TvBCy7P8rm2LQoPv6dJ7ecIaIixHcwfbJ0x7mWdbcwlIM5IGQxPZSFYeqRCqlOOeKoJYMkw== + +utils-merge@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713" + integrity sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA== + +uuid@^8.3.2: + version "8.3.2" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2" + integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg== + +value-equal@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/value-equal/-/value-equal-1.0.1.tgz#1e0b794c734c5c0cade179c437d356d931a34d6c" + integrity sha512-NOJ6JZCAWr0zlxZt+xqCHNTEKOsrks2HQd4MqhP1qy4z1SkbEP467eNx6TgDKXMvUOb+OENfJCZwM+16n7fRfw== + +vary@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc" + integrity sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg== + +vfile-location@^5.0.0: + version "5.0.3" + resolved "https://registry.yarnpkg.com/vfile-location/-/vfile-location-5.0.3.tgz#cb9eacd20f2b6426d19451e0eafa3d0a846225c3" + integrity sha512-5yXvWDEgqeiYiBe1lbxYF7UMAIm/IcopxMHrMQDq3nvKcjPKIhZklUKL+AE7J7uApI4kwe2snsK+eI6UTj9EHg== + dependencies: + "@types/unist" "^3.0.0" + vfile "^6.0.0" + +vfile-message@^4.0.0: + version "4.0.3" + resolved "https://registry.yarnpkg.com/vfile-message/-/vfile-message-4.0.3.tgz#87b44dddd7b70f0641c2e3ed0864ba73e2ea8df4" + integrity sha512-QTHzsGd1EhbZs4AsQ20JX1rC3cOlt/IWJruk893DfLRr57lcnOeMaWG4K0JrRta4mIJZKth2Au3mM3u03/JWKw== + dependencies: + "@types/unist" "^3.0.0" + unist-util-stringify-position "^4.0.0" + +vfile@^6.0.0, vfile@^6.0.1: + version "6.0.3" + resolved "https://registry.yarnpkg.com/vfile/-/vfile-6.0.3.tgz#3652ab1c496531852bf55a6bac57af981ebc38ab" + integrity sha512-KzIbH/9tXat2u30jf+smMwFCsno4wHVdNmzFyL+T/L3UGqqk6JKfVqOFOZEpZSHADH1k40ab6NUIXZq422ov3Q== + dependencies: + "@types/unist" "^3.0.0" + vfile-message "^4.0.0" + +watchpack@^2.4.1: + version "2.4.4" + resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-2.4.4.tgz#473bda72f0850453da6425081ea46fc0d7602947" + integrity sha512-c5EGNOiyxxV5qmTtAB7rbiXxi1ooX1pQKMLX/MIabJjRA0SJBQOjKF+KSVfHkr9U1cADPon0mRiVe/riyaiDUA== + dependencies: + glob-to-regexp "^0.4.1" + graceful-fs "^4.1.2" + +wbuf@^1.1.0, wbuf@^1.7.3: + version "1.7.3" + resolved "https://registry.yarnpkg.com/wbuf/-/wbuf-1.7.3.tgz#c1d8d149316d3ea852848895cb6a0bfe887b87df" + integrity sha512-O84QOnr0icsbFGLS0O3bI5FswxzRr8/gHwWkDlQFskhSPryQXvrTMxjxGP4+iWYoauLoBvfDpkrOauZ+0iZpDA== + dependencies: + minimalistic-assert "^1.0.0" + +web-namespaces@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/web-namespaces/-/web-namespaces-2.0.1.tgz#1010ff7c650eccb2592cebeeaf9a1b253fd40692" + integrity sha512-bKr1DkiNa2krS7qxNtdrtHAmzuYGFQLiQ13TsorsdT6ULTkPLKuu5+GsFpDlg6JFjUTwX2DyhMPG2be8uPrqsQ== + +webpack-bundle-analyzer@^4.10.2: + version "4.10.2" + resolved "https://registry.yarnpkg.com/webpack-bundle-analyzer/-/webpack-bundle-analyzer-4.10.2.tgz#633af2862c213730be3dbdf40456db171b60d5bd" + integrity sha512-vJptkMm9pk5si4Bv922ZbKLV8UTT4zib4FPgXMhgzUny0bfDDkLXAVQs3ly3fS4/TN9ROFtb0NFrm04UXFE/Vw== + dependencies: + "@discoveryjs/json-ext" "0.5.7" + acorn "^8.0.4" + acorn-walk "^8.0.0" + commander "^7.2.0" + debounce "^1.2.1" + escape-string-regexp "^4.0.0" + gzip-size "^6.0.0" + html-escaper "^2.0.2" + opener "^1.5.2" + picocolors "^1.0.0" + sirv "^2.0.3" + ws "^7.3.1" + +webpack-dev-middleware@^5.3.4: + version "5.3.4" + resolved "https://registry.yarnpkg.com/webpack-dev-middleware/-/webpack-dev-middleware-5.3.4.tgz#eb7b39281cbce10e104eb2b8bf2b63fce49a3517" + integrity sha512-BVdTqhhs+0IfoeAf7EoH5WE+exCmqGerHfDM0IL096Px60Tq2Mn9MAbnaGUe6HiMa41KMCYF19gyzZmBcq/o4Q== + dependencies: + colorette "^2.0.10" + memfs "^3.4.3" + mime-types "^2.1.31" + range-parser "^1.2.1" + schema-utils "^4.0.0" + +webpack-dev-server@^4.15.2: + version "4.15.2" + resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-4.15.2.tgz#9e0c70a42a012560860adb186986da1248333173" + integrity sha512-0XavAZbNJ5sDrCbkpWL8mia0o5WPOd2YGtxrEiZkBK9FjLppIUK2TgxK6qGD2P3hUXTJNNPVibrerKcx5WkR1g== + dependencies: + "@types/bonjour" "^3.5.9" + "@types/connect-history-api-fallback" "^1.3.5" + "@types/express" "^4.17.13" + "@types/serve-index" "^1.9.1" + "@types/serve-static" "^1.13.10" + "@types/sockjs" "^0.3.33" + "@types/ws" "^8.5.5" + ansi-html-community "^0.0.8" + bonjour-service "^1.0.11" + chokidar "^3.5.3" + colorette "^2.0.10" + compression "^1.7.4" + connect-history-api-fallback "^2.0.0" + default-gateway "^6.0.3" + express "^4.17.3" + graceful-fs "^4.2.6" + html-entities "^2.3.2" + http-proxy-middleware "^2.0.3" + ipaddr.js "^2.0.1" + launch-editor "^2.6.0" + open "^8.0.9" + p-retry "^4.5.0" + rimraf "^3.0.2" + schema-utils "^4.0.0" + selfsigned "^2.1.1" + serve-index "^1.9.1" + sockjs "^0.3.24" + spdy "^4.0.2" + webpack-dev-middleware "^5.3.4" + ws "^8.13.0" + +webpack-merge@^5.9.0: + version "5.10.0" + resolved "https://registry.yarnpkg.com/webpack-merge/-/webpack-merge-5.10.0.tgz#a3ad5d773241e9c682803abf628d4cd62b8a4177" + integrity sha512-+4zXKdx7UnO+1jaN4l2lHVD+mFvnlZQP/6ljaJVb4SZiwIKeUnrT5l0gkT8z+n4hKpC+jpOv6O9R+gLtag7pSA== + dependencies: + clone-deep "^4.0.1" + flat "^5.0.2" + wildcard "^2.0.0" + +webpack-merge@^6.0.1: + version "6.0.1" + resolved "https://registry.yarnpkg.com/webpack-merge/-/webpack-merge-6.0.1.tgz#50c776868e080574725abc5869bd6e4ef0a16c6a" + integrity sha512-hXXvrjtx2PLYx4qruKl+kyRSLc52V+cCvMxRjmKwoA+CBbbF5GfIBtR6kCvl0fYGqTUPKB+1ktVmTHqMOzgCBg== + dependencies: + clone-deep "^4.0.1" + flat "^5.0.2" + wildcard "^2.0.1" + +webpack-sources@^3.3.3: + version "3.3.3" + resolved "https://registry.yarnpkg.com/webpack-sources/-/webpack-sources-3.3.3.tgz#d4bf7f9909675d7a070ff14d0ef2a4f3c982c723" + integrity sha512-yd1RBzSGanHkitROoPFd6qsrxt+oFhg/129YzheDGqeustzX0vTZJZsSsQjVQC4yzBQ56K55XU8gaNCtIzOnTg== + +webpack@^5.88.1, webpack@^5.95.0: + version "5.101.3" + resolved "https://registry.yarnpkg.com/webpack/-/webpack-5.101.3.tgz#3633b2375bb29ea4b06ffb1902734d977bc44346" + integrity sha512-7b0dTKR3Ed//AD/6kkx/o7duS8H3f1a4w3BYpIriX4BzIhjkn4teo05cptsxvLesHFKK5KObnadmCHBwGc+51A== + dependencies: + "@types/eslint-scope" "^3.7.7" + "@types/estree" "^1.0.8" + "@types/json-schema" "^7.0.15" + "@webassemblyjs/ast" "^1.14.1" + "@webassemblyjs/wasm-edit" "^1.14.1" + "@webassemblyjs/wasm-parser" "^1.14.1" + acorn "^8.15.0" + acorn-import-phases "^1.0.3" + browserslist "^4.24.0" + chrome-trace-event "^1.0.2" + enhanced-resolve "^5.17.3" + es-module-lexer "^1.2.1" + eslint-scope "5.1.1" + events "^3.2.0" + glob-to-regexp "^0.4.1" + graceful-fs "^4.2.11" + json-parse-even-better-errors "^2.3.1" + loader-runner "^4.2.0" + mime-types "^2.1.27" + neo-async "^2.6.2" + schema-utils "^4.3.2" + tapable "^2.1.1" + terser-webpack-plugin "^5.3.11" + watchpack "^2.4.1" + webpack-sources "^3.3.3" + +webpackbar@^6.0.1: + version "6.0.1" + resolved "https://registry.yarnpkg.com/webpackbar/-/webpackbar-6.0.1.tgz#5ef57d3bf7ced8b19025477bc7496ea9d502076b" + integrity sha512-TnErZpmuKdwWBdMoexjio3KKX6ZtoKHRVvLIU0A47R0VVBDtx3ZyOJDktgYixhoJokZTYTt1Z37OkO9pnGJa9Q== + dependencies: + ansi-escapes "^4.3.2" + chalk "^4.1.2" + consola "^3.2.3" + figures "^3.2.0" + markdown-table "^2.0.0" + pretty-time "^1.1.0" + std-env "^3.7.0" + wrap-ansi "^7.0.0" + +websocket-driver@>=0.5.1, websocket-driver@^0.7.4: + version "0.7.4" + resolved "https://registry.yarnpkg.com/websocket-driver/-/websocket-driver-0.7.4.tgz#89ad5295bbf64b480abcba31e4953aca706f5760" + integrity sha512-b17KeDIQVjvb0ssuSDF2cYXSg2iztliJ4B9WdsuB6J952qCPKmnVq4DyW5motImXHDC1cBT/1UezrJVsKw5zjg== + dependencies: + http-parser-js ">=0.5.1" + safe-buffer ">=5.1.0" + websocket-extensions ">=0.1.1" + +websocket-extensions@>=0.1.1: + version "0.1.4" + resolved "https://registry.yarnpkg.com/websocket-extensions/-/websocket-extensions-0.1.4.tgz#7f8473bc839dfd87608adb95d7eb075211578a42" + integrity sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg== + +which@^2.0.1: + version "2.0.2" + resolved "https://registry.yarnpkg.com/which/-/which-2.0.2.tgz#7c6a8dd0a636a0327e10b59c9286eee93f3f51b1" + integrity sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA== + dependencies: + isexe "^2.0.0" + +widest-line@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/widest-line/-/widest-line-4.0.1.tgz#a0fc673aaba1ea6f0a0d35b3c2795c9a9cc2ebf2" + integrity sha512-o0cyEG0e8GPzT4iGHphIOh0cJOV8fivsXxddQasHPHfoZf1ZexrfeA21w2NaEN1RHE+fXlfISmOE8R9N3u3Qig== + dependencies: + string-width "^5.0.1" + +wildcard@^2.0.0, wildcard@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/wildcard/-/wildcard-2.0.1.tgz#5ab10d02487198954836b6349f74fff961e10f67" + integrity sha512-CC1bOL87PIWSBhDcTrdeLo6eGT7mCFtrg0uIJtqJUFyK+eJnzl8A1niH56uu7KMa5XFrtiV+AQuHO3n7DsHnLQ== + +wrap-ansi@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" + integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== + dependencies: + ansi-styles "^4.0.0" + string-width "^4.1.0" + strip-ansi "^6.0.0" + +wrap-ansi@^8.0.1, wrap-ansi@^8.1.0: + version "8.1.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-8.1.0.tgz#56dc22368ee570face1b49819975d9b9a5ead214" + integrity sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ== + dependencies: + ansi-styles "^6.1.0" + string-width "^5.0.1" + strip-ansi "^7.0.1" + +wrappy@1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" + integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ== + +write-file-atomic@^3.0.3: + version "3.0.3" + resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-3.0.3.tgz#56bd5c5a5c70481cd19c571bd39ab965a5de56e8" + integrity sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q== + dependencies: + imurmurhash "^0.1.4" + is-typedarray "^1.0.0" + signal-exit "^3.0.2" + typedarray-to-buffer "^3.1.5" + +ws@^7.3.1: + version "7.5.10" + resolved "https://registry.yarnpkg.com/ws/-/ws-7.5.10.tgz#58b5c20dc281633f6c19113f39b349bd8bd558d9" + integrity sha512-+dbF1tHwZpXcbOJdVOkzLDxZP1ailvSxM6ZweXTegylPny803bFhA+vqBYw4s31NSAk4S2Qz+AKXK9a4wkdjcQ== + +ws@^8.13.0: + version "8.18.3" + resolved "https://registry.yarnpkg.com/ws/-/ws-8.18.3.tgz#b56b88abffde62791c639170400c93dcb0c95472" + integrity sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg== + +xdg-basedir@^5.0.1, xdg-basedir@^5.1.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-5.1.0.tgz#1efba19425e73be1bc6f2a6ceb52a3d2c884c0c9" + integrity sha512-GCPAHLvrIH13+c0SuacwvRYj2SxJXQ4kaVTT5xgL3kPrz56XxkF21IGhjSE1+W0aw7gpBWRGXLCPnPby6lSpmQ== + +xml-js@^1.6.11: + version "1.6.11" + resolved "https://registry.yarnpkg.com/xml-js/-/xml-js-1.6.11.tgz#927d2f6947f7f1c19a316dd8eea3614e8b18f8e9" + integrity sha512-7rVi2KMfwfWFl+GpPg6m80IVMWXLRjO+PxTq7V2CDhoGak0wzYzFgUY2m4XJ47OGdXd8eLE8EmwfAmdjw7lC1g== + dependencies: + sax "^1.2.4" + +yallist@^3.0.2: + version "3.1.1" + resolved "https://registry.yarnpkg.com/yallist/-/yallist-3.1.1.tgz#dbb7daf9bfd8bac9ab45ebf602b8cbad0d5d08fd" + integrity sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g== + +yaml@^1.10.0: + version "1.10.2" + resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.2.tgz#2301c5ffbf12b467de8da2333a459e29e7920e4b" + integrity sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg== + +yocto-queue@^1.0.0: + version "1.2.1" + resolved "https://registry.yarnpkg.com/yocto-queue/-/yocto-queue-1.2.1.tgz#36d7c4739f775b3cbc28e6136e21aa057adec418" + integrity sha512-AyeEbWOu/TAXdxlV9wmGcR0+yh2j3vYPGOECcIj2S7MkrLyC7ne+oye2BKTItt0ii2PHk4cDy+95+LshzbXnGg== + +zwitch@^2.0.0: + version "2.0.4" + resolved "https://registry.yarnpkg.com/zwitch/-/zwitch-2.0.4.tgz#c827d4b0acb76fc3e685a4c6ec2902d51070e9d7" + integrity sha512-bXE4cR/kVZhKZX/RjPEflHaKVhUVl85noU3v6b8apfQEc1x4A+zBxjZ4lN8LqGd6WZ3dl98pY4o717VFmoPp+A== From 8b7f15cacc48ca4d70af482f3ca805fdc99d595e Mon Sep 17 00:00:00 2001 From: Jeffrey Aven <javen@stackql.io> Date: Wed, 3 Sep 2025 09:35:21 +1000 Subject: [PATCH 3/3] star check update --- .github/workflows/star-check.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/star-check.yml b/.github/workflows/star-check.yml index 8534348..24d6c17 100644 --- a/.github/workflows/star-check.yml +++ b/.github/workflows/star-check.yml @@ -26,8 +26,7 @@ jobs: test_query: | SELECT repo, count(*) as has_starred FROM github.activity.repo_stargazers - WHERE (owner = 'stackql' and repo = 'stackql') - OR (owner = '${{ env.current_owner }}' and repo = '${{ env.current_repo }}') + WHERE owner = '${{ env.current_owner }}' and repo IN ('stackql','${{ env.current_repo }}') AND login = '${{ env.username }}' GROUP BY repo; expected_results_str: '[{"has_starred":"1","repo":"stackql"},{"has_starred":"1","repo":"${{ env.current_repo }}"}]'