feat: Add FedCM login and ES384/ES512 DPoP algorithms

reference.md

@@ -1710,6 +1710,14 @@ client.clients().create(
 <dl>
 <dd>
 
+**fedcmLogin:** `Optional<FedCmLogin>` 
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
 **refreshToken:** `Optional<ClientRefreshTokenConfiguration>` 
 
 </dd>
@@ -1953,10 +1961,19 @@ client.clients().previewCimdMetadata(
 <dl>
 <dd>
 
+Idempotent registration for Client ID Metadata Document (CIMD) clients.
+Uses external_client_id as the unique identifier for upsert operations.
 
-      Idempotent registration for Client ID Metadata Document (CIMD) clients.
-      Uses external_client_id as the unique identifier for upsert operations.
-      **Create:** Returns 201 when a new client is created (requires \
+<strong>Create:</strong> Returns 201 when a new client is created (requires <code>create:clients</code> scope).
+<strong>Update:</strong> Returns 200 when an existing client is updated (requires <code>update:clients</code> scope).
+
+This endpoint automatically:
+<ul>
+  <li>Fetches and validates the metadata document</li>
+  <li>Maps CIMD fields to Auth0 client configuration</li>
+  <li>Creates/rotates credentials from the JWKS</li>
+  <li>Enforces CIMD security policies (HTTPS-only, no shared secrets)</li>
+</ul>
 </dd>
 </dl>
 </dd>
@@ -2511,6 +2528,14 @@ client.clients().update(
 <dl>
 <dd>
 
+**fedcmLogin:** `Optional<FedCmLogin>` 
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
 **refreshToken:** `Optional<ClientRefreshTokenConfiguration>` 
 
 </dd>

src/main/java/com/auth0/client/mgmt/AsyncClientsClient.java

@@ -265,7 +265,15 @@ public CompletableFuture<PreviewCimdMetadataResponseContent> previewCimdMetadata
     /**
      * Idempotent registration for Client ID Metadata Document (CIMD) clients.
      * Uses external_client_id as the unique identifier for upsert operations.
-     * <strong>Create:</strong> Returns 201 when a new client is created (requires \
+     * <p><strong>Create:</strong> Returns 201 when a new client is created (requires <code>create:clients</code> scope).
+     * <strong>Update:</strong> Returns 200 when an existing client is updated (requires <code>update:clients</code> scope).</p>
+     * <p>This endpoint automatically:</p>
+     * <p><ul>
+     *   <li>Fetches and validates the metadata document</li>
+     *   <li>Maps CIMD fields to Auth0 client configuration</li>
+     *   <li>Creates/rotates credentials from the JWKS</li>
+     *   <li>Enforces CIMD security policies (HTTPS-only, no shared secrets)</li>
+     * </ul></p>
      */
     public CompletableFuture<RegisterCimdClientResponseContent> registerCimdClient(
             RegisterCimdClientRequestContent request) {
@@ -275,7 +283,15 @@ public CompletableFuture<RegisterCimdClientResponseContent> registerCimdClient(
     /**
      * Idempotent registration for Client ID Metadata Document (CIMD) clients.
      * Uses external_client_id as the unique identifier for upsert operations.
-     * <strong>Create:</strong> Returns 201 when a new client is created (requires \
+     * <p><strong>Create:</strong> Returns 201 when a new client is created (requires <code>create:clients</code> scope).
+     * <strong>Update:</strong> Returns 200 when an existing client is updated (requires <code>update:clients</code> scope).</p>
+     * <p>This endpoint automatically:</p>
+     * <p><ul>
+     *   <li>Fetches and validates the metadata document</li>
+     *   <li>Maps CIMD fields to Auth0 client configuration</li>
+     *   <li>Creates/rotates credentials from the JWKS</li>
+     *   <li>Enforces CIMD security policies (HTTPS-only, no shared secrets)</li>
+     * </ul></p>
      */
     public CompletableFuture<RegisterCimdClientResponseContent> registerCimdClient(
             RegisterCimdClientRequestContent request, RequestOptions requestOptions) {

src/main/java/com/auth0/client/mgmt/AsyncRawClientsClient.java

@@ -566,7 +566,15 @@ public void onFailure(@NotNull Call call, @NotNull IOException e) {
     /**
      * Idempotent registration for Client ID Metadata Document (CIMD) clients.
      * Uses external_client_id as the unique identifier for upsert operations.
-     * <strong>Create:</strong> Returns 201 when a new client is created (requires \
+     * <p><strong>Create:</strong> Returns 201 when a new client is created (requires <code>create:clients</code> scope).
+     * <strong>Update:</strong> Returns 200 when an existing client is updated (requires <code>update:clients</code> scope).</p>
+     * <p>This endpoint automatically:</p>
+     * <p><ul>
+     *   <li>Fetches and validates the metadata document</li>
+     *   <li>Maps CIMD fields to Auth0 client configuration</li>
+     *   <li>Creates/rotates credentials from the JWKS</li>
+     *   <li>Enforces CIMD security policies (HTTPS-only, no shared secrets)</li>
+     * </ul></p>
      */
     public CompletableFuture<ManagementApiHttpResponse<RegisterCimdClientResponseContent>> registerCimdClient(
             RegisterCimdClientRequestContent request) {
@@ -576,7 +584,15 @@ public CompletableFuture<ManagementApiHttpResponse<RegisterCimdClientResponseCon
     /**
      * Idempotent registration for Client ID Metadata Document (CIMD) clients.
      * Uses external_client_id as the unique identifier for upsert operations.
-     * <strong>Create:</strong> Returns 201 when a new client is created (requires \
+     * <p><strong>Create:</strong> Returns 201 when a new client is created (requires <code>create:clients</code> scope).
+     * <strong>Update:</strong> Returns 200 when an existing client is updated (requires <code>update:clients</code> scope).</p>
+     * <p>This endpoint automatically:</p>
+     * <p><ul>
+     *   <li>Fetches and validates the metadata document</li>
+     *   <li>Maps CIMD fields to Auth0 client configuration</li>
+     *   <li>Creates/rotates credentials from the JWKS</li>
+     *   <li>Enforces CIMD security policies (HTTPS-only, no shared secrets)</li>
+     * </ul></p>
      */
     public CompletableFuture<ManagementApiHttpResponse<RegisterCimdClientResponseContent>> registerCimdClient(
             RegisterCimdClientRequestContent request, RequestOptions requestOptions) {

src/main/java/com/auth0/client/mgmt/ClientsClient.java

@@ -261,7 +261,15 @@ public PreviewCimdMetadataResponseContent previewCimdMetadata(
     /**
      * Idempotent registration for Client ID Metadata Document (CIMD) clients.
      * Uses external_client_id as the unique identifier for upsert operations.
-     * <strong>Create:</strong> Returns 201 when a new client is created (requires \
+     * <p><strong>Create:</strong> Returns 201 when a new client is created (requires <code>create:clients</code> scope).
+     * <strong>Update:</strong> Returns 200 when an existing client is updated (requires <code>update:clients</code> scope).</p>
+     * <p>This endpoint automatically:</p>
+     * <p><ul>
+     *   <li>Fetches and validates the metadata document</li>
+     *   <li>Maps CIMD fields to Auth0 client configuration</li>
+     *   <li>Creates/rotates credentials from the JWKS</li>
+     *   <li>Enforces CIMD security policies (HTTPS-only, no shared secrets)</li>
+     * </ul></p>
      */
     public RegisterCimdClientResponseContent registerCimdClient(RegisterCimdClientRequestContent request) {
         return this.rawClient.registerCimdClient(request).body();
@@ -270,7 +278,15 @@ public RegisterCimdClientResponseContent registerCimdClient(RegisterCimdClientRe
     /**
      * Idempotent registration for Client ID Metadata Document (CIMD) clients.
      * Uses external_client_id as the unique identifier for upsert operations.
-     * <strong>Create:</strong> Returns 201 when a new client is created (requires \
+     * <p><strong>Create:</strong> Returns 201 when a new client is created (requires <code>create:clients</code> scope).
+     * <strong>Update:</strong> Returns 200 when an existing client is updated (requires <code>update:clients</code> scope).</p>
+     * <p>This endpoint automatically:</p>
+     * <p><ul>
+     *   <li>Fetches and validates the metadata document</li>
+     *   <li>Maps CIMD fields to Auth0 client configuration</li>
+     *   <li>Creates/rotates credentials from the JWKS</li>
+     *   <li>Enforces CIMD security policies (HTTPS-only, no shared secrets)</li>
+     * </ul></p>
      */
     public RegisterCimdClientResponseContent registerCimdClient(
             RegisterCimdClientRequestContent request, RequestOptions requestOptions) {

src/main/java/com/auth0/client/mgmt/RawClientsClient.java

@@ -482,7 +482,15 @@ public ManagementApiHttpResponse<PreviewCimdMetadataResponseContent> previewCimd
     /**
      * Idempotent registration for Client ID Metadata Document (CIMD) clients.
      * Uses external_client_id as the unique identifier for upsert operations.
-     * <strong>Create:</strong> Returns 201 when a new client is created (requires \
+     * <p><strong>Create:</strong> Returns 201 when a new client is created (requires <code>create:clients</code> scope).
+     * <strong>Update:</strong> Returns 200 when an existing client is updated (requires <code>update:clients</code> scope).</p>
+     * <p>This endpoint automatically:</p>
+     * <p><ul>
+     *   <li>Fetches and validates the metadata document</li>
+     *   <li>Maps CIMD fields to Auth0 client configuration</li>
+     *   <li>Creates/rotates credentials from the JWKS</li>
+     *   <li>Enforces CIMD security policies (HTTPS-only, no shared secrets)</li>
+     * </ul></p>
      */
     public ManagementApiHttpResponse<RegisterCimdClientResponseContent> registerCimdClient(
             RegisterCimdClientRequestContent request) {
@@ -492,7 +500,15 @@ public ManagementApiHttpResponse<RegisterCimdClientResponseContent> registerCimd
     /**
      * Idempotent registration for Client ID Metadata Document (CIMD) clients.
      * Uses external_client_id as the unique identifier for upsert operations.
-     * <strong>Create:</strong> Returns 201 when a new client is created (requires \
+     * <p><strong>Create:</strong> Returns 201 when a new client is created (requires <code>create:clients</code> scope).
+     * <strong>Update:</strong> Returns 200 when an existing client is updated (requires <code>update:clients</code> scope).</p>
+     * <p>This endpoint automatically:</p>
+     * <p><ul>
+     *   <li>Fetches and validates the metadata document</li>
+     *   <li>Maps CIMD fields to Auth0 client configuration</li>
+     *   <li>Creates/rotates credentials from the JWKS</li>
+     *   <li>Enforces CIMD security policies (HTTPS-only, no shared secrets)</li>
+     * </ul></p>
      */
     public ManagementApiHttpResponse<RegisterCimdClientResponseContent> registerCimdClient(
             RegisterCimdClientRequestContent request, RequestOptions requestOptions) {

src/main/java/com/auth0/client/mgmt/types/ConnectionDpopSigningAlgEnum.java

@@ -10,8 +10,12 @@ public final class ConnectionDpopSigningAlgEnum {
     public static final ConnectionDpopSigningAlgEnum ED25519 =
             new ConnectionDpopSigningAlgEnum(Value.ED25519, "Ed25519");
 
+    public static final ConnectionDpopSigningAlgEnum ES384 = new ConnectionDpopSigningAlgEnum(Value.ES384, "ES384");
+
     public static final ConnectionDpopSigningAlgEnum ES256 = new ConnectionDpopSigningAlgEnum(Value.ES256, "ES256");
 
+    public static final ConnectionDpopSigningAlgEnum ES512 = new ConnectionDpopSigningAlgEnum(Value.ES512, "ES512");
+
     private final Value value;
 
     private final String string;
@@ -47,8 +51,12 @@ public <T> T visit(Visitor<T> visitor) {
         switch (value) {
             case ED25519:
                 return visitor.visitEd25519();
+            case ES384:
+                return visitor.visitEs384();
             case ES256:
                 return visitor.visitEs256();
+            case ES512:
+                return visitor.visitEs512();
             case UNKNOWN:
             default:
                 return visitor.visitUnknown(string);
@@ -60,8 +68,12 @@ public static ConnectionDpopSigningAlgEnum valueOf(String value) {
         switch (value) {
             case "Ed25519":
                 return ED25519;
+            case "ES384":
+                return ES384;
             case "ES256":
                 return ES256;
+            case "ES512":
+                return ES512;
             default:
                 return new ConnectionDpopSigningAlgEnum(Value.UNKNOWN, value);
         }
@@ -70,6 +82,10 @@ public static ConnectionDpopSigningAlgEnum valueOf(String value) {
     public enum Value {
         ES256,
 
+        ES384,
+
+        ES512,
+
         ED25519,
 
         UNKNOWN
@@ -78,6 +94,10 @@ public enum Value {
     public interface Visitor<T> {
         T visitEs256();
 
+        T visitEs384();
+
+        T visitEs512();
+
         T visitEd25519();
 
         T visitUnknown(String unknownType);

src/main/java/com/auth0/client/mgmt/types/CreateClientRequestContent.java

@@ -91,6 +91,8 @@ public final class CreateClientRequestContent {
 
     private final Optional<NativeSocialLogin> nativeSocialLogin;
 
+    private final Optional<FedCmLogin> fedcmLogin;
+
     private final OptionalNullable<ClientRefreshTokenConfiguration> refreshToken;
 
     private final OptionalNullable<ClientDefaultOrganization> defaultOrganization;
@@ -167,6 +169,7 @@ private CreateClientRequestContent(
             Optional<ClientMobile> mobile,
             Optional<String> initiateLoginUri,
             Optional<NativeSocialLogin> nativeSocialLogin,
+            Optional<FedCmLogin> fedcmLogin,
             OptionalNullable<ClientRefreshTokenConfiguration> refreshToken,
             OptionalNullable<ClientDefaultOrganization> defaultOrganization,
             Optional<ClientOrganizationUsageEnum> organizationUsage,
@@ -221,6 +224,7 @@ private CreateClientRequestContent(
         this.mobile = mobile;
         this.initiateLoginUri = initiateLoginUri;
         this.nativeSocialLogin = nativeSocialLogin;
+        this.fedcmLogin = fedcmLogin;
         this.refreshToken = refreshToken;
         this.defaultOrganization = defaultOrganization;
         this.organizationUsage = organizationUsage;
@@ -486,6 +490,11 @@ public Optional<NativeSocialLogin> getNativeSocialLogin() {
         return nativeSocialLogin;
     }
 
+    @JsonProperty("fedcm_login")
+    public Optional<FedCmLogin> getFedcmLogin() {
+        return fedcmLogin;
+    }
+
     @JsonInclude(value = JsonInclude.Include.CUSTOM, valueFilter = NullableNonemptyFilter.class)
     @JsonProperty("refresh_token")
     public OptionalNullable<ClientRefreshTokenConfiguration> getRefreshToken() {
@@ -703,6 +712,7 @@ private boolean equalTo(CreateClientRequestContent other) {
                 && mobile.equals(other.mobile)
                 && initiateLoginUri.equals(other.initiateLoginUri)
                 && nativeSocialLogin.equals(other.nativeSocialLogin)
+                && fedcmLogin.equals(other.fedcmLogin)
                 && refreshToken.equals(other.refreshToken)
                 && defaultOrganization.equals(other.defaultOrganization)
                 && organizationUsage.equals(other.organizationUsage)
@@ -762,6 +772,7 @@ public int hashCode() {
                 this.mobile,
                 this.initiateLoginUri,
                 this.nativeSocialLogin,
+                this.fedcmLogin,
                 this.refreshToken,
                 this.defaultOrganization,
                 this.organizationUsage,
@@ -1012,6 +1023,10 @@ _FinalStage sessionTransfer(
 
         _FinalStage nativeSocialLogin(NativeSocialLogin nativeSocialLogin);
 
+        _FinalStage fedcmLogin(Optional<FedCmLogin> fedcmLogin);
+
+        _FinalStage fedcmLogin(FedCmLogin fedcmLogin);
+
         _FinalStage refreshToken(@Nullable OptionalNullable<ClientRefreshTokenConfiguration> refreshToken);
 
         _FinalStage refreshToken(ClientRefreshTokenConfiguration refreshToken);
@@ -1182,6 +1197,8 @@ public static final class Builder implements NameStage, _FinalStage {
 
         private OptionalNullable<ClientRefreshTokenConfiguration> refreshToken = OptionalNullable.absent();
 
+        private Optional<FedCmLogin> fedcmLogin = Optional.empty();
+
         private Optional<NativeSocialLogin> nativeSocialLogin = Optional.empty();
 
         private Optional<String> initiateLoginUri = Optional.empty();
@@ -1286,6 +1303,7 @@ public Builder from(CreateClientRequestContent other) {
             mobile(other.getMobile());
             initiateLoginUri(other.getInitiateLoginUri());
             nativeSocialLogin(other.getNativeSocialLogin());
+            fedcmLogin(other.getFedcmLogin());
             refreshToken(other.getRefreshToken());
             defaultOrganization(other.getDefaultOrganization());
             organizationUsage(other.getOrganizationUsage());
@@ -1739,6 +1757,19 @@ public _FinalStage refreshToken(@Nullable OptionalNullable<ClientRefreshTokenCon
             return this;
         }
 
+        @java.lang.Override
+        public _FinalStage fedcmLogin(FedCmLogin fedcmLogin) {
+            this.fedcmLogin = Optional.ofNullable(fedcmLogin);
+            return this;
+        }
+
+        @java.lang.Override
+        @JsonSetter(value = "fedcm_login", nulls = Nulls.SKIP)
+        public _FinalStage fedcmLogin(Optional<FedCmLogin> fedcmLogin) {
+            this.fedcmLogin = fedcmLogin;
+            return this;
+        }
+
         @java.lang.Override
         public _FinalStage nativeSocialLogin(NativeSocialLogin nativeSocialLogin) {
             this.nativeSocialLogin = Optional.ofNullable(nativeSocialLogin);
@@ -2392,6 +2423,7 @@ public CreateClientRequestContent build() {
                     mobile,
                     initiateLoginUri,
                     nativeSocialLogin,
+                    fedcmLogin,
                     refreshToken,
                     defaultOrganization,
                     organizationUsage,