feat: Add SSE events API, refresh token revocation, branding identifiers, and connection options#860
Merged
Merged
Conversation
|
Semgrep found 27
The application could store sensitive data outside of the application container or system credential storage facilities. |
Co-authored-by: fern-api[bot] <115122769+fern-api[bot]@users.noreply.github.com>
developerkunal
changed the title
tanya732
changed the title
tanya732
approved these changes
Apr 30, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes
This PR adds several new capabilities to the Auth0 Java SDK:
New Endpoints and Clients
EventsClient/AsyncEventsClientwith asubscribe()method that opens a Server-Sent Events (SSE) stream for consuming real-time management events (user created, updated, deleted, organization changes, group changes, etc.). AcceptsSubscribeEventsRequestParametersto filter by event type and cursor position.RefreshTokensClient.revoke()/AsyncRefreshTokensClient.revoke()for bulk revoking refresh tokens by ID list, user, user+client, or client. AcceptsRevokeRefreshTokensRequestContent.New Error Type
GoneError(HTTP 410) for when a stream cursor points to data that is no longer available.New Types
BrandingIdentifierswithloginDisplay,otpAutocomplete, andphoneDisplaysettings.BrandingPhoneDisplaywithBrandingPhoneMaskingEnumandBrandingPhoneFormattingEnum.BrandingLoginDisplayEnum(unified,separate).ConnectionAssertionDecryptionSettingswithConnectionAssertionDecryptionAlgorithmProfileEnumfor SAML assertion decryption configuration.EventStreamSubscribeEventsResponseContentas a discriminated union of all event cloud event types (group, organization, user events, errors, and offset-only heartbeats).EventStreamSubscribeEventsEventTypeEnumfor filtering subscriptions.EventStreamCloudEvent*types for each event category (group, organization, user lifecycle events).Connection Options Expansion
assertionDecryptionSettings,idTokenSignedResponseAlgs,tokenEndpointAuthMethod,tokenEndpointAuthSigningAlg, andtokenEndpointJwtcaAudFormatfields toConnectionPropertiesOptions.assertionDecryptionSettingstoConnectionOptionsCommonSamlandConnectionOptionsSaml.Groups Client
searchquery parameter to the list groups endpoint.Pagination Request Parameters
ListOrganizationClientGrantsRequestParameters,ListRolePermissionsRequestParameters,ListEncryptionKeysRequestParameters, etc.) for endpoints that previously did not have typed parameter objects.Documentation Updates
reference.mdwith new endpoints and field documentation.Bug Fixes
ErrorsGetResponsedeserialization to properly distinguish between list and object error formats using structural checks instead of blind conversion.References
Automated Fern SDK generation from latest Auth0 Management API definition.
Testing
Generated tests cover all new types and endpoints. Existing tests remain passing.
Checklist