Change Updates

Do not miss any Logto API references changes, ever again

Subscribe to the Logto API references changelog to be up to date on recent changes.

RSS

Changelog

Last update:
Compare
24 structure changes including:
6 Additions
18 Modifications
Modified 18
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • object-1 alternative Modified
        • contextSample property Modified
  • 201 response Modified
    • application/json content type Modified
      • object-1 alternative Modified
        • contextSample property Modified
POST /api/users
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
POST /api/configs/jwt-customizer/test
  • Body
  • application/json content type Modified
    • object-1 property Modified
      • context property Modified
        • interaction property Added
PATCH /api/users/{userId}/password
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
PATCH /api/users/{userId}/is-suspended
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
PATCH /api/users/{userId}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
PATCH /api/my-account
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • object-1 alternative Modified
        • contextSample property Modified
PATCH /api/account-center
  • Body
  • application/json content type Modified
    • fields property Modified
      • mfa property Added
    • webauthnRelatedOrigins property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • fields property Modified
        • mfa property Added
      • webauthnRelatedOrigins property Added
GET /api/users/{userId}/mfa-verifications
  • Response
  • 200 response Modified
    • application/json content type Modified
      • name property Added
GET /api/users/{userId}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
GET /api/users
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
GET /api/roles/{id}/users
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
GET /api/my-account
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • object-1 alternative Modified
        • contextSample property Modified
GET /api/configs/jwt-customizer
  • Response
  • 200 response Modified
    • application/json content type Modified
      • object-1 alternative Modified
        • value property Modified
GET /api/account-center
  • Response
  • 200 response Modified
    • application/json content type Modified
      • fields property Modified
        • mfa property Added
      • webauthnRelatedOrigins property Added
DELETE /api/users/{userId}/identities/{target}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • ssoIdentities property Modified
        • updatedAt property Added
Added 6
POST /api/verifications/web-authn/registration/verify
POST /api/verifications/web-authn/registration
POST /api/my-account/mfa-verifications
PATCH /api/my-account/mfa-verifications/{verificationId}/name
GET /api/my-account/mfa-verifications
DELETE /api/my-account/mfa-verifications/{verificationId}
6 structure changes including:
6 Modifications
Modified 6
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • emailBlocklistPolicy property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • emailBlocklistPolicy property Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • emailBlocklistPolicy property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • emailBlocklistPolicy property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • emailBlocklistPolicy property Added
POST /api/my-account/primary-email
  • Response
  • 422 response Added
POST /api/my-account/primary-phone
  • Response
  • 422 response Added
4 structure changes including:
4 Additions
Added 4
DELETE /api/captcha-provider
GET /api/captcha-provider
POST /api/sentinel-activities/delete
PUT /api/captcha-provider
7 structure changes including:
7 Additions
Added 7
DELETE /api/one-time-tokens/{id}
GET /api/one-time-tokens
GET /api/one-time-tokens/{id}
POST /api/experience/verification/one-time-token/verify
POST /api/one-time-tokens
POST /api/one-time-tokens/verify
PUT /api/one-time-tokens/{id}/status
4 structure changes including:
4 Modifications
Modified 4
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sentinelPolicy property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sentinelPolicy property Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sentinelPolicy property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • sentinelPolicy property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • sentinelPolicy property Added
6 structure changes including:
6 Modifications
Modified 6 Breaking
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • signUp property Modified
        • secondaryIdentifiers property Added
      • captchaPolicy property Modified
        • signIn, signUp, forgotPassword properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
        • enabled property Added
      • captchaConfig property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • signUp property Modified
        • secondaryIdentifiers property Added
      • captchaPolicy property Modified
        • signIn, signUp, forgotPassword properties Removed
        • enabled property Added
      • captchaConfig property Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • signUp property Modified
        • secondaryIdentifiers property Added
      • captchaPolicy property Modified
        • signIn, signUp, forgotPassword properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
        • enabled property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • signUp property Modified
      • secondaryIdentifiers property Added
    • captchaPolicy property Modified
      • signIn, signUp, forgotPassword properties Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • enabled property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • signUp property Modified
        • secondaryIdentifiers property Added
      • captchaPolicy property Modified
        • signIn, signUp, forgotPassword properties Removed
          • Removing a resource is always breaking unless it was deprecated before
            Breaking
        • enabled property Added
POST /api/experience/verification/verification-code
  • Response
  • 422 response Added
PUT /api/experience
  • Body
  • application/json content type Modified
    • captchaToken property Added
  • Response
  • 422 response Added
4 structure changes including:
4 Modifications
Modified 4
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • organizationRequiredMfaPolicy property Added
      • captchaPolicy property Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • organizationRequiredMfaPolicy property Added
      • captchaPolicy property Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • organizationRequiredMfaPolicy property Added
      • captchaPolicy property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • mfa property Modified
      • organizationRequiredMfaPolicy property Added
    • captchaPolicy property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • mfa property Modified
        • organizationRequiredMfaPolicy property Added
      • captchaPolicy property Added
11 structure changes including:
6 Additions
5 Modifications
Modified 5 Breaking
POST /api/connectors/{factoryId}/test
  • Body
  • application/json content type Modified
    • locale property Added
POST /api/organization-invitations
  • Body
  • application/json content type Modified
    • messagePayload property Modified
      • object-2 alternative Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • object-1 alternative Added
POST /api/organization-invitations/{id}/message
  • Body
  • application/json content type Modified
    • * property Removed
      • Removing a resource is always breaking unless it was deprecated before
        Breaking
    • locale property Added
POST /api/organizations/{id}/users/{userId}/roles
  • Body
  • application/json content type Modified
    • organizationRoleIds property Modified
      • Property is no longer required
    • organizationRoleNames property Added
PUT /api/organizations/{id}/users/{userId}/roles
  • Body
  • application/json content type Modified
    • organizationRoleIds property Modified
      • Property is no longer required
    • organizationRoleNames property Added
Added 6
DELETE /api/email-templates
DELETE /api/email-templates/{id}
GET /api/email-templates
GET /api/email-templates/{id}
PATCH /api/email-templates/{id}/details
PUT /api/email-templates
13 structure changes including:
12 Additions
1 Modification
Modified 1
POST /api/user-assets
  • Body
  • multipart/form-data content type Added
Added 12
DELETE /api/saml-applications/{id}
DELETE /api/saml-applications/{id}/secrets/{secretId}
GET /api/saml-applications/{id}
GET /api/saml-applications/{id}/callback
GET /api/saml-applications/{id}/metadata
GET /api/saml-applications/{id}/secrets
GET /api/saml/{id}/authn
PATCH /api/saml-applications/{id}
PATCH /api/saml-applications/{id}/secrets/{secretId}
POST /api/saml-applications
POST /api/saml-applications/{id}/secrets
POST /api/saml/{id}/authn
1 structure change including:
1 Modification
Modified 1
PUT /api/interaction/profile
  • Response
  • 422 response Added
21 structure changes including:
17 Additions
4 Modifications
Modified 4
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • supportEmail property Added
      • string-1, string-2 properties Added
    • supportWebsiteUrl property Added
      • string-1, string-2 properties Added
    • unknownSessionRedirectUrl property Added
      • string-1, string-2 properties Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • supportEmail, supportWebsiteUrl, unknownSessionRedirectUrl properties Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • supportEmail, supportWebsiteUrl, unknownSessionRedirectUrl properties Added
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • supportEmail, supportWebsiteUrl, unknownSessionRedirectUrl properties Added
GET /api/.well-known/experience
  • Response
  • 200 response Modified
    • application/json content type Modified
      • supportEmail, supportWebsiteUrl, unknownSessionRedirectUrl properties Added
Added 17
POST /api/verifications/verification-code/verify
POST /api/verifications/verification-code
POST /api/verifications/social/verify
POST /api/verifications/social
POST /api/verifications/password
POST /api/my-account/primary-phone
POST /api/my-account/primary-email
POST /api/my-account/password
POST /api/my-account/identities
PATCH /api/my-account/profile
PATCH /api/my-account
PATCH /api/account-center
GET /api/my-account
GET /api/account-center
DELETE /api/my-account/primary-phone
DELETE /api/my-account/primary-email
DELETE /api/my-account/identities/{target}
1 structure change including:
1 Modification
Modified 1 Breaking
POST /api/users/{userId}/mfa-verifications
  • Body
  • application/json content type Modified
    • alternative Removed
      • Removing a resource is always breaking unless it was deprecated before
        Breaking
    • object-1, object-2, object-3, object-4 alternatives Added
1 structure change including:
1 Modification
Modified 1
POST /api/authn/single-sign-on/saml/{connectorId}
  • Body
  • application/json content type Modified
    • RelayState property Modified
      • Property is no longer required
1 structure change including:
1 Addition
Added 1
GET /api/.well-known/user.openapi.json
3 structure changes including:
3 Additions
Added 3
POST /api/experience/profile
POST /api/experience/verification/verification-code/verify
POST /api/sign-in-exp/default/check-password
6 structure changes including:
2 Breaking changes
4 Additions
2 Modifications
Modified 2 Breaking
POST /api/experience/profile
  • Path went from /api/users/{userId}/profile to /api/experience/profile (same operationId)
    Breaking
  • Verb went from PATCH to POST (same operationId)
    Breaking
  • Body
  • application/json content type Modified
    • object alternative Removed
      • Removing a resource is always breaking unless it was deprecated before
        Breaking
    • object-1, object-2, object-3, object-4, object-5 alternatives Added
  • Path
  • userId path parameter Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • Response
  • 200, 401 responses Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • 204, 422 responses Added
  • Authentication
  • OAuth2 authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
POST /api/experience/verification/verification-code/verify
  • Path went from /api/verification-codes/verify to /api/experience/verification/verification-code/verify (same operationId)
    Breaking
  • Body
  • application/json content type Modified
    • object property Modified
      • Removing polymorphism is always breaking
        Breaking
  • Response
  • 204, 401, 403 responses Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • 200, 404, 501 responses Added
  • Authentication
  • OAuth2 authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
Added 4
DELETE /api/users/{userId}/personal-access-tokens/{name}
GET /api/users/{userId}/personal-access-tokens
PATCH /api/users/{userId}/personal-access-tokens/{name}
POST /api/users/{userId}/personal-access-tokens
33 structure changes including:
2 Breaking changes
27 Additions
6 Modifications
Modified 6 Breaking
POST /api/experience/verification/verification-code/verify
  • Path went from /api/verification-codes/verify to /api/experience/verification/verification-code/verify (same operationId)
    Breaking
  • Body
  • application/json content type Modified
    • object property Modified
      • Removing polymorphism is always breaking
        Breaking
  • Response
  • 204, 401, 403 responses Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • 200, 404, 501 responses Added
  • Authentication
  • OAuth2 authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
POST /api/experience/profile
  • Path went from /api/users/{userId}/profile to /api/experience/profile (same operationId)
    Breaking
  • Verb went from PATCH to POST (same operationId)
    Breaking
  • Body
  • application/json content type Modified
    • object alternative Removed
      • Removing a resource is always breaking unless it was deprecated before
        Breaking
    • object-1, object-2, object-3, object-4, object-5 alternatives Added
  • Path
  • userId path parameter Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • Response
  • 200, 401 responses Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • 204, 422 responses Added
  • Authentication
  • OAuth2 authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
GET /api/logs/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • payload property Modified
GET /api/logs
  • Response
  • 200 response Modified
    • application/json content type Modified
GET /api/hooks/{id}/recent-logs
  • Response
  • 200 response Modified
    • application/json content type Modified
GET /api/.well-known/sign-in-exp
  • Operation is now deprecated
Added 27
GET /api/.well-known/experience
POST /api/experience/verification/totp/verify
POST /api/experience/verification/verification-code
POST /api/experience/verification/web-authn/authentication
POST /api/experience/verification/web-authn/authentication/verify
POST /api/experience/verification/web-authn/registration
POST /api/experience/verification/web-authn/registration/verify
POST /api/sign-in-exp/default/custom-ui-assets
PUT /api/experience
PUT /api/experience/interaction-event
PUT /api/experience/profile/password
GET /api/.well-known/experience.openapi.json
GET /api/.well-known/management.openapi.json
GET /api/experience/sso-connectors
POST /api/experience/identification
POST /api/experience/profile/mfa
POST /api/experience/profile/mfa/mfa-skipped
POST /api/experience/submit
POST /api/experience/verification/backup-code/generate
POST /api/experience/verification/backup-code/verify
POST /api/experience/verification/new-password-identity
POST /api/experience/verification/password
POST /api/experience/verification/social/{connectorId}/authorization-uri
POST /api/experience/verification/social/{connectorId}/verify
POST /api/experience/verification/sso/{connectorId}/authorization-uri
POST /api/experience/verification/sso/{connectorId}/verify
POST /api/experience/verification/totp/secret
190 structure changes including:
190 Modifications
Modified 190 Breaking
DELETE /api/applications/{applicationId}/roles/{roleId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/applications/{applicationId}/user-consent-scopes/{scopeType}/{scopeId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/applications/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/applications/{id}/legacy-secret
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/applications/{id}/protected-app-metadata/custom-domains/{domain}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/applications/{id}/secrets/{name}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/applications/{id}/users/{userId}/consent-organizations/{organizationId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/configs/jwt-customizer/{tokenTypePath}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/configs/oidc/{keyType}/{keyId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/connectors/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/custom-phrases/{languageTag}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/domains/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/hooks/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organization-invitations/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organization-roles/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organization-roles/{id}/resource-scopes/{scopeId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organization-roles/{id}/scopes/{organizationScopeId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organization-scopes/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organizations/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organizations/{id}/applications/{applicationId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organizations/{id}/applications/{applicationId}/roles/{organizationRoleId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organizations/{id}/jit/email-domains/{emailDomain}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organizations/{id}/jit/roles/{organizationRoleId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organizations/{id}/jit/sso-connectors/{ssoConnectorId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organizations/{id}/users/{userId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/organizations/{id}/users/{userId}/roles/{organizationRoleId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/resources/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/resources/{resourceId}/scopes/{scopeId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/roles/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/roles/{id}/applications/{applicationId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/roles/{id}/scopes/{scopeId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/roles/{id}/users/{userId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/sso-connectors/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/users/{userId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/users/{userId}/identities/{target}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/users/{userId}/mfa-verifications/{verificationId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
DELETE /api/users/{userId}/roles/{roleId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/applications
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
  • Query
  • search_params query parameter Added
GET /api/applications/{applicationId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
  • Query
  • search_params query parameter Added
GET /api/applications/{applicationId}/sign-in-experience
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/applications/{applicationId}/user-consent-scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/applications/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/applications/{id}/organizations
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/applications/{id}/protected-app-metadata/custom-domains
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/applications/{id}/secrets
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/applications/{id}/users/{userId}/consent-organizations
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/configs/admin-console
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/configs/jwt-customizer
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/configs/jwt-customizer/{tokenTypePath}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/configs/oidc/{keyType}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/connector-factories
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/connector-factories/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/connectors
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/connectors/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/custom-phrases
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/custom-phrases/{languageTag}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/dashboard/users/active
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/dashboard/users/new
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/dashboard/users/total
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/domains
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/domains/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/hooks
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/hooks/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/hooks/{id}/recent-logs
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/logs
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/logs/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organization-invitations
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organization-invitations/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organization-roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organization-roles/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organization-roles/{id}/resource-scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organization-roles/{id}/scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organization-scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organization-scopes/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations/{id}/applications
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations/{id}/applications/{applicationId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations/{id}/jit/email-domains
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations/{id}/jit/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations/{id}/jit/sso-connectors
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations/{id}/users
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations/{id}/users/{userId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/organizations/{id}/users/{userId}/scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/resources
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/resources/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/resources/{resourceId}/scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
  • Query
  • search_params query parameter Added
GET /api/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
  • Query
  • search_params query parameter Added
GET /api/roles/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/roles/{id}/applications
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
  • Query
  • search_params query parameter Added
GET /api/roles/{id}/scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
  • Query
  • search_params query parameter Added
GET /api/roles/{id}/users
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
  • Query
  • search_params query parameter Added
GET /api/sign-in-exp
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/sso-connector-providers
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/sso-connectors
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/sso-connectors/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/systems/application
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/user-assets/service-status
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/users
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
  • Query
  • search_params query parameter Added
GET /api/users/{userId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/users/{userId}/custom-data
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/users/{userId}/has-password
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/users/{userId}/mfa-verifications
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/users/{userId}/organizations
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
GET /api/users/{userId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
  • Query
  • search_params query parameter Added
PATCH /api/applications/{applicationId}/custom-data
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • oidcClientMetadata property Modified
      • redirectUris, postLogoutRedirectUris properties Modified
        • Properties are now required
          Breaking
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/applications/{id}/secrets/{name}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/configs/admin-console
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/configs/jwt-customizer/{tokenTypePath}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/connectors/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/hooks/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/hooks/{id}/signing-key
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/organization-roles/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/organization-scopes/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/organizations/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/resources/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/resources/{id}/is-default
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/resources/{resourceId}/scopes/{scopeId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/roles/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/sign-in-exp
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/sso-connectors/{id}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/users/{userId}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/users/{userId}/custom-data
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/users/{userId}/is-suspended
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/users/{userId}/password
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PATCH /api/users/{userId}/profile
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/applications
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/applications/{applicationId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/applications/{applicationId}/user-consent-scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/applications/{id}/protected-app-metadata/custom-domains
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/applications/{id}/secrets
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/applications/{id}/users/{userId}/consent-organizations
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/configs/jwt-customizer/test
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/configs/oidc/{keyType}/rotate
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/connectors
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/connectors/{connectorId}/authorization-uri
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/connectors/{factoryId}/test
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/domains
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/hooks
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/hooks/{id}/test
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organization-invitations
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organization-invitations/{id}/message
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organization-roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organization-roles/{id}/resource-scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organization-roles/{id}/scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organization-scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations/{id}/applications
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations/{id}/applications/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations/{id}/applications/{applicationId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations/{id}/jit/email-domains
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations/{id}/jit/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations/{id}/jit/sso-connectors
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations/{id}/users
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations/{id}/users/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/organizations/{id}/users/{userId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/resources
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/resources/{resourceId}/scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/roles/{id}/applications
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/roles/{id}/scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/roles/{id}/users
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/sso-connectors
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/subject-tokens
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/user-assets
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/users
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/users/{userId}/identities
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/users/{userId}/mfa-verifications
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/users/{userId}/password/verify
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/users/{userId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/verification-codes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
POST /api/verification-codes/verify
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/applications/{applicationId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/applications/{applicationId}/sign-in-experience
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/applications/{id}/users/{userId}/consent-organizations
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/custom-phrases/{languageTag}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organization-invitations/{id}/status
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organization-roles/{id}/resource-scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organization-roles/{id}/scopes
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organizations/{id}/applications
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organizations/{id}/applications/{applicationId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organizations/{id}/jit/email-domains
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organizations/{id}/jit/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organizations/{id}/jit/sso-connectors
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organizations/{id}/users
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/organizations/{id}/users/{userId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/users/{userId}/identities/{target}
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
PUT /api/users/{userId}/roles
  • Authentication
  • Management api authentication method Removed
    • Removing a resource is always breaking unless it was deprecated before
      Breaking
  • OAuth2 authentication method Added
12 structure changes including:
6 Additions
6 Modifications
Modified 6
GET /api/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
GET /api/applications/{id}
  • Response
  • 200 response Modified
    • application/json content type Modified
      • secret property Modified
        • Property is now deprecated
      • customData property Added
GET /api/organizations/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
GET /api/roles/{id}/applications
  • Response
  • 200 response Modified
    • application/json content type Modified
PATCH /api/applications/{id}
  • Body
  • application/json content type Modified
    • customData property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • secret property Modified
        • Property is now deprecated
      • customData property Added
POST /api/applications
  • Body
  • application/json content type Modified
    • customData property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • secret property Modified
        • Property is now deprecated
      • customData property Added
Added 6
DELETE /api/applications/{id}/legacy-secret
DELETE /api/applications/{id}/secrets/{name}
GET /api/applications/{id}/secrets
PATCH /api/applications/{applicationId}/custom-data
PATCH /api/applications/{id}/secrets/{name}
POST /api/applications/{id}/secrets
35 structure changes including:
1 Addition
34 Modifications
Modified 34 Breaking
GET /api/.well-known/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customUiAssetId property Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • customUiAssets property Added
POST /api/organizations/{id}/applications/{applicationId}/roles
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organizations/{id}/jit/email-domains
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organizations/{id}/jit/roles
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organizations/{id}/jit/sso-connectors
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organizations/{id}/users
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organizations/{id}/users/roles
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organizations/{id}/users/{userId}/roles
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/resources
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/resources/{resourceId}/scopes
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/roles/{id}/applications
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/roles/{id}/scopes
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/roles/{id}/users
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/users/{userId}/roles
  • Response
  • 201 response Modified
    • application/json content type Added
PUT /api/applications/{applicationId}/sign-in-experience
  • Response
  • 201 response Modified
    • application/json content type Added
PUT /api/configs/jwt-customizer/{tokenTypePath}
  • Response
  • 201 response Modified
    • application/json content type Added
PUT /api/custom-phrases/{languageTag}
  • Response
  • 201 response Modified
    • application/json content type Added
PUT /api/users/{userId}/identities/{target}
  • Response
  • 201 response Modified
    • application/json content type Added
GET /api/sign-in-exp
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customUiAssetId property Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • customUiAssets property Added
PATCH /api/sign-in-exp
  • Body
  • application/json content type Modified
    • customUiAssetId property Removed
      • Removing a resource is always breaking unless it was deprecated before
        Breaking
    • customUiAssets property Added
  • Response
  • 200 response Modified
    • application/json content type Modified
      • customUiAssetId property Removed
        • Removing a resource is always breaking unless it was deprecated before
          Breaking
      • customUiAssets property Added
POST /api/applications/{applicationId}/roles
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/applications/{applicationId}/user-consent-scopes
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/applications/{id}/protected-app-metadata/custom-domains
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/applications/{id}/users/{userId}/consent-organizations
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/domains
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/hooks
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organization-invitations
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organization-roles
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organization-roles/{id}/resource-scopes
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organization-roles/{id}/scopes
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organization-scopes
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organizations
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organizations/{id}/applications
  • Response
  • 201 response Modified
    • application/json content type Added
POST /api/organizations/{id}/applications/roles
  • Response
  • 201 response Modified
    • application/json content type Added
Added 1
POST /api/subject-tokens