naftiko: 1.0.0-alpha2 info: label: Ory Hydra API — oAuth2 description: 'Ory Hydra API — oAuth2. 31 operations. Lead operation: List OAuth 2.0 Clients. Self-contained Naftiko capability covering one Ory business surface.' tags: - Ory - oAuth2 created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: ORY_API_KEY: ORY_API_KEY capability: consumes: - type: http namespace: hydra-oauth2 baseUri: '' description: Ory Hydra API — oAuth2 business capability. Self-contained, no shared references. resources: - name: admin-clients path: /admin/clients operations: - name: listoauth2clients method: GET description: List OAuth 2.0 Clients outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: page_size in: query type: integer description: Items per Page - name: page_token in: query type: string description: Next Page Token - name: client_name in: query type: string description: The name of the clients to filter by. - name: owner in: query type: string description: The owner of the clients to filter by. - name: createoauth2client method: POST description: Create OAuth 2.0 Client outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: admin-clients-id path: /admin/clients/{id} operations: - name: deleteoauth2client method: DELETE description: Delete OAuth 2.0 Client outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: The id of the OAuth 2.0 Client. required: true - name: getoauth2client method: GET description: Get an OAuth 2.0 Client outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: The id of the OAuth 2.0 Client. required: true - name: patchoauth2client method: PATCH description: Patch OAuth 2.0 Client outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: The id of the OAuth 2.0 Client. required: true - name: body in: body type: object description: Request body (JSON). required: true - name: setoauth2client method: PUT description: Set OAuth 2.0 Client outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: OAuth 2.0 Client ID required: true - name: body in: body type: object description: Request body (JSON). required: true - name: admin-clients-id-lifespans path: /admin/clients/{id}/lifespans operations: - name: setoauth2clientlifespans method: PUT description: Set OAuth2 Client Token Lifespans outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: OAuth 2.0 Client ID required: true - name: body in: body type: object description: Request body (JSON). required: false - name: admin-oauth2-auth-requests-consent path: /admin/oauth2/auth/requests/consent operations: - name: getoauth2consentrequest method: GET description: Get OAuth 2.0 Consent Request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: consent_challenge in: query type: string description: OAuth 2.0 Consent Request Challenge required: true - name: admin-oauth2-auth-requests-consent-accept path: /admin/oauth2/auth/requests/consent/accept operations: - name: acceptoauth2consentrequest method: PUT description: Accept OAuth 2.0 Consent Request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: consent_challenge in: query type: string description: OAuth 2.0 Consent Request Challenge required: true - name: body in: body type: object description: Request body (JSON). required: false - name: admin-oauth2-auth-requests-consent-reject path: /admin/oauth2/auth/requests/consent/reject operations: - name: rejectoauth2consentrequest method: PUT description: Reject OAuth 2.0 Consent Request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: consent_challenge in: query type: string description: OAuth 2.0 Consent Request Challenge required: true - name: body in: body type: object description: Request body (JSON). required: false - name: admin-oauth2-auth-requests-device-accept path: /admin/oauth2/auth/requests/device/accept operations: - name: acceptusercoderequest method: PUT description: Accepts a device grant user_code request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: device_challenge in: query type: string required: true - name: body in: body type: object description: Request body (JSON). required: false - name: admin-oauth2-auth-requests-login path: /admin/oauth2/auth/requests/login operations: - name: getoauth2loginrequest method: GET description: Get OAuth 2.0 Login Request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: login_challenge in: query type: string description: OAuth 2.0 Login Request Challenge required: true - name: admin-oauth2-auth-requests-login-accept path: /admin/oauth2/auth/requests/login/accept operations: - name: acceptoauth2loginrequest method: PUT description: Accept OAuth 2.0 Login Request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: login_challenge in: query type: string description: OAuth 2.0 Login Request Challenge required: true - name: body in: body type: object description: Request body (JSON). required: false - name: admin-oauth2-auth-requests-login-reject path: /admin/oauth2/auth/requests/login/reject operations: - name: rejectoauth2loginrequest method: PUT description: Reject OAuth 2.0 Login Request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: login_challenge in: query type: string description: OAuth 2.0 Login Request Challenge required: true - name: body in: body type: object description: Request body (JSON). required: false - name: admin-oauth2-auth-requests-logout path: /admin/oauth2/auth/requests/logout operations: - name: getoauth2logoutrequest method: GET description: Get OAuth 2.0 Session Logout Request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: logout_challenge in: query type: string required: true - name: admin-oauth2-auth-requests-logout-accept path: /admin/oauth2/auth/requests/logout/accept operations: - name: acceptoauth2logoutrequest method: PUT description: Accept OAuth 2.0 Session Logout Request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: logout_challenge in: query type: string description: OAuth 2.0 Logout Request Challenge required: true - name: admin-oauth2-auth-requests-logout-reject path: /admin/oauth2/auth/requests/logout/reject operations: - name: rejectoauth2logoutrequest method: PUT description: Reject OAuth 2.0 Session Logout Request outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: logout_challenge in: query type: string required: true - name: admin-oauth2-auth-sessions-consent path: /admin/oauth2/auth/sessions/consent operations: - name: revokeoauth2consentsessions method: DELETE description: Revoke OAuth 2.0 Consent Sessions of a Subject outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: subject in: query type: string description: OAuth 2.0 Consent Subject - name: client in: query type: string description: OAuth 2.0 Client ID - name: consent_request_id in: query type: string description: Consent Request ID - name: all in: query type: boolean description: Revoke All Consent Sessions - name: listoauth2consentsessions method: GET description: List OAuth 2.0 Consent Sessions of a Subject outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: page_size in: query type: integer description: Items per Page - name: page_token in: query type: string description: Next Page Token - name: subject in: query type: string description: The subject to list the consent sessions for. required: true - name: login_session_id in: query type: string description: The login session id to list the consent sessions for. - name: admin-oauth2-auth-sessions-login path: /admin/oauth2/auth/sessions/login operations: - name: revokeoauth2loginsessions method: DELETE description: Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: subject in: query type: string description: OAuth 2.0 Subject - name: sid in: query type: string description: Login Session ID - name: admin-oauth2-introspect path: /admin/oauth2/introspect operations: - name: introspectoauth2token method: POST description: Introspect OAuth2 Access and Refresh Tokens outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false - name: admin-oauth2-tokens path: /admin/oauth2/tokens operations: - name: deleteoauth2token method: DELETE description: Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: client_id in: query type: string description: OAuth 2.0 Client ID required: true - name: admin-trust-grants-jwt-bearer-issuers path: /admin/trust/grants/jwt-bearer/issuers operations: - name: listtrustedoauth2jwtgrantissuers method: GET description: List Trusted OAuth2 JWT Bearer Grant Type Issuers outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: page_size in: query type: integer description: Items per Page - name: page_token in: query type: string description: Next Page Token - name: issuer in: query type: string description: If optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned. - name: trustoauth2jwtgrantissuer method: POST description: Trust OAuth2 JWT Bearer Grant Type Issuer outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false - name: admin-trust-grants-jwt-bearer-issuers-id path: /admin/trust/grants/jwt-bearer/issuers/{id} operations: - name: deletetrustedoauth2jwtgrantissuer method: DELETE description: Delete Trusted OAuth2 JWT Bearer Grant Type Issuer outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: The id of the desired grant required: true - name: gettrustedoauth2jwtgrantissuer method: GET description: Get Trusted OAuth2 JWT Bearer Grant Type Issuer outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: The id of the desired grant required: true - name: oauth2-auth path: /oauth2/auth operations: - name: oauth2authorize method: GET description: OAuth 2.0 Authorize Endpoint outputRawFormat: json outputParameters: - name: result type: object value: $. - name: oauth2-device-auth path: /oauth2/device/auth operations: - name: oauth2deviceflow method: POST description: The OAuth 2.0 Device Authorize Endpoint outputRawFormat: json outputParameters: - name: result type: object value: $. - name: oauth2-device-verify path: /oauth2/device/verify operations: - name: performoauth2deviceverificationflow method: GET description: OAuth 2.0 Device Verification Endpoint outputRawFormat: json outputParameters: - name: result type: object value: $. - name: oauth2-revoke path: /oauth2/revoke operations: - name: revokeoauth2token method: POST description: Revoke OAuth 2.0 Access or Refresh Token outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false - name: oauth2-token path: /oauth2/token operations: - name: oauth2tokenexchange method: POST description: The OAuth 2.0 Token Endpoint outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false authentication: type: bearer token: '{{env.ORY_API_KEY}}' exposes: - type: rest namespace: hydra-oauth2-rest port: 8080 description: REST adapter for Ory Hydra API — oAuth2. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/admin/clients name: admin-clients description: REST surface for admin-clients. operations: - method: GET name: listoauth2clients description: List OAuth 2.0 Clients call: hydra-oauth2.listoauth2clients with: page_size: rest.page_size page_token: rest.page_token client_name: rest.client_name owner: rest.owner outputParameters: - type: object mapping: $. - method: POST name: createoauth2client description: Create OAuth 2.0 Client call: hydra-oauth2.createoauth2client with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/clients/{id} name: admin-clients-id description: REST surface for admin-clients-id. operations: - method: DELETE name: deleteoauth2client description: Delete OAuth 2.0 Client call: hydra-oauth2.deleteoauth2client with: id: rest.id outputParameters: - type: object mapping: $. - method: GET name: getoauth2client description: Get an OAuth 2.0 Client call: hydra-oauth2.getoauth2client with: id: rest.id outputParameters: - type: object mapping: $. - method: PATCH name: patchoauth2client description: Patch OAuth 2.0 Client call: hydra-oauth2.patchoauth2client with: id: rest.id body: rest.body outputParameters: - type: object mapping: $. - method: PUT name: setoauth2client description: Set OAuth 2.0 Client call: hydra-oauth2.setoauth2client with: id: rest.id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/clients/{id}/lifespans name: admin-clients-id-lifespans description: REST surface for admin-clients-id-lifespans. operations: - method: PUT name: setoauth2clientlifespans description: Set OAuth2 Client Token Lifespans call: hydra-oauth2.setoauth2clientlifespans with: id: rest.id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/consent name: admin-oauth2-auth-requests-consent description: REST surface for admin-oauth2-auth-requests-consent. operations: - method: GET name: getoauth2consentrequest description: Get OAuth 2.0 Consent Request call: hydra-oauth2.getoauth2consentrequest with: consent_challenge: rest.consent_challenge outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/consent/accept name: admin-oauth2-auth-requests-consent-accept description: REST surface for admin-oauth2-auth-requests-consent-accept. operations: - method: PUT name: acceptoauth2consentrequest description: Accept OAuth 2.0 Consent Request call: hydra-oauth2.acceptoauth2consentrequest with: consent_challenge: rest.consent_challenge body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/consent/reject name: admin-oauth2-auth-requests-consent-reject description: REST surface for admin-oauth2-auth-requests-consent-reject. operations: - method: PUT name: rejectoauth2consentrequest description: Reject OAuth 2.0 Consent Request call: hydra-oauth2.rejectoauth2consentrequest with: consent_challenge: rest.consent_challenge body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/device/accept name: admin-oauth2-auth-requests-device-accept description: REST surface for admin-oauth2-auth-requests-device-accept. operations: - method: PUT name: acceptusercoderequest description: Accepts a device grant user_code request call: hydra-oauth2.acceptusercoderequest with: device_challenge: rest.device_challenge body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/login name: admin-oauth2-auth-requests-login description: REST surface for admin-oauth2-auth-requests-login. operations: - method: GET name: getoauth2loginrequest description: Get OAuth 2.0 Login Request call: hydra-oauth2.getoauth2loginrequest with: login_challenge: rest.login_challenge outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/login/accept name: admin-oauth2-auth-requests-login-accept description: REST surface for admin-oauth2-auth-requests-login-accept. operations: - method: PUT name: acceptoauth2loginrequest description: Accept OAuth 2.0 Login Request call: hydra-oauth2.acceptoauth2loginrequest with: login_challenge: rest.login_challenge body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/login/reject name: admin-oauth2-auth-requests-login-reject description: REST surface for admin-oauth2-auth-requests-login-reject. operations: - method: PUT name: rejectoauth2loginrequest description: Reject OAuth 2.0 Login Request call: hydra-oauth2.rejectoauth2loginrequest with: login_challenge: rest.login_challenge body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/logout name: admin-oauth2-auth-requests-logout description: REST surface for admin-oauth2-auth-requests-logout. operations: - method: GET name: getoauth2logoutrequest description: Get OAuth 2.0 Session Logout Request call: hydra-oauth2.getoauth2logoutrequest with: logout_challenge: rest.logout_challenge outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/logout/accept name: admin-oauth2-auth-requests-logout-accept description: REST surface for admin-oauth2-auth-requests-logout-accept. operations: - method: PUT name: acceptoauth2logoutrequest description: Accept OAuth 2.0 Session Logout Request call: hydra-oauth2.acceptoauth2logoutrequest with: logout_challenge: rest.logout_challenge outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/requests/logout/reject name: admin-oauth2-auth-requests-logout-reject description: REST surface for admin-oauth2-auth-requests-logout-reject. operations: - method: PUT name: rejectoauth2logoutrequest description: Reject OAuth 2.0 Session Logout Request call: hydra-oauth2.rejectoauth2logoutrequest with: logout_challenge: rest.logout_challenge outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/sessions/consent name: admin-oauth2-auth-sessions-consent description: REST surface for admin-oauth2-auth-sessions-consent. operations: - method: DELETE name: revokeoauth2consentsessions description: Revoke OAuth 2.0 Consent Sessions of a Subject call: hydra-oauth2.revokeoauth2consentsessions with: subject: rest.subject client: rest.client consent_request_id: rest.consent_request_id all: rest.all outputParameters: - type: object mapping: $. - method: GET name: listoauth2consentsessions description: List OAuth 2.0 Consent Sessions of a Subject call: hydra-oauth2.listoauth2consentsessions with: page_size: rest.page_size page_token: rest.page_token subject: rest.subject login_session_id: rest.login_session_id outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/auth/sessions/login name: admin-oauth2-auth-sessions-login description: REST surface for admin-oauth2-auth-sessions-login. operations: - method: DELETE name: revokeoauth2loginsessions description: Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID call: hydra-oauth2.revokeoauth2loginsessions with: subject: rest.subject sid: rest.sid outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/introspect name: admin-oauth2-introspect description: REST surface for admin-oauth2-introspect. operations: - method: POST name: introspectoauth2token description: Introspect OAuth2 Access and Refresh Tokens call: hydra-oauth2.introspectoauth2token with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/oauth2/tokens name: admin-oauth2-tokens description: REST surface for admin-oauth2-tokens. operations: - method: DELETE name: deleteoauth2token description: Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client call: hydra-oauth2.deleteoauth2token with: client_id: rest.client_id outputParameters: - type: object mapping: $. - path: /v1/admin/trust/grants/jwt-bearer/issuers name: admin-trust-grants-jwt-bearer-issuers description: REST surface for admin-trust-grants-jwt-bearer-issuers. operations: - method: GET name: listtrustedoauth2jwtgrantissuers description: List Trusted OAuth2 JWT Bearer Grant Type Issuers call: hydra-oauth2.listtrustedoauth2jwtgrantissuers with: page_size: rest.page_size page_token: rest.page_token issuer: rest.issuer outputParameters: - type: object mapping: $. - method: POST name: trustoauth2jwtgrantissuer description: Trust OAuth2 JWT Bearer Grant Type Issuer call: hydra-oauth2.trustoauth2jwtgrantissuer with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/admin/trust/grants/jwt-bearer/issuers/{id} name: admin-trust-grants-jwt-bearer-issuers-id description: REST surface for admin-trust-grants-jwt-bearer-issuers-id. operations: - method: DELETE name: deletetrustedoauth2jwtgrantissuer description: Delete Trusted OAuth2 JWT Bearer Grant Type Issuer call: hydra-oauth2.deletetrustedoauth2jwtgrantissuer with: id: rest.id outputParameters: - type: object mapping: $. - method: GET name: gettrustedoauth2jwtgrantissuer description: Get Trusted OAuth2 JWT Bearer Grant Type Issuer call: hydra-oauth2.gettrustedoauth2jwtgrantissuer with: id: rest.id outputParameters: - type: object mapping: $. - path: /v1/oauth2/auth name: oauth2-auth description: REST surface for oauth2-auth. operations: - method: GET name: oauth2authorize description: OAuth 2.0 Authorize Endpoint call: hydra-oauth2.oauth2authorize outputParameters: - type: object mapping: $. - path: /v1/oauth2/device/auth name: oauth2-device-auth description: REST surface for oauth2-device-auth. operations: - method: POST name: oauth2deviceflow description: The OAuth 2.0 Device Authorize Endpoint call: hydra-oauth2.oauth2deviceflow outputParameters: - type: object mapping: $. - path: /v1/oauth2/device/verify name: oauth2-device-verify description: REST surface for oauth2-device-verify. operations: - method: GET name: performoauth2deviceverificationflow description: OAuth 2.0 Device Verification Endpoint call: hydra-oauth2.performoauth2deviceverificationflow outputParameters: - type: object mapping: $. - path: /v1/oauth2/revoke name: oauth2-revoke description: REST surface for oauth2-revoke. operations: - method: POST name: revokeoauth2token description: Revoke OAuth 2.0 Access or Refresh Token call: hydra-oauth2.revokeoauth2token with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/oauth2/token name: oauth2-token description: REST surface for oauth2-token. operations: - method: POST name: oauth2tokenexchange description: The OAuth 2.0 Token Endpoint call: hydra-oauth2.oauth2tokenexchange with: body: rest.body outputParameters: - type: object mapping: $. - type: mcp namespace: hydra-oauth2-mcp port: 9090 transport: http description: MCP adapter for Ory Hydra API — oAuth2. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: list-oauth-2-0-clients description: List OAuth 2.0 Clients hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.listoauth2clients with: page_size: tools.page_size page_token: tools.page_token client_name: tools.client_name owner: tools.owner outputParameters: - type: object mapping: $. - name: create-oauth-2-0-client description: Create OAuth 2.0 Client hints: readOnly: false destructive: false idempotent: false call: hydra-oauth2.createoauth2client with: body: tools.body outputParameters: - type: object mapping: $. - name: delete-oauth-2-0-client description: Delete OAuth 2.0 Client hints: readOnly: false destructive: true idempotent: true call: hydra-oauth2.deleteoauth2client with: id: tools.id outputParameters: - type: object mapping: $. - name: get-oauth-2-0-client description: Get an OAuth 2.0 Client hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.getoauth2client with: id: tools.id outputParameters: - type: object mapping: $. - name: patch-oauth-2-0-client description: Patch OAuth 2.0 Client hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.patchoauth2client with: id: tools.id body: tools.body outputParameters: - type: object mapping: $. - name: set-oauth-2-0-client description: Set OAuth 2.0 Client hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.setoauth2client with: id: tools.id body: tools.body outputParameters: - type: object mapping: $. - name: set-oauth2-client-token-lifespans description: Set OAuth2 Client Token Lifespans hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.setoauth2clientlifespans with: id: tools.id body: tools.body outputParameters: - type: object mapping: $. - name: get-oauth-2-0-consent-request description: Get OAuth 2.0 Consent Request hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.getoauth2consentrequest with: consent_challenge: tools.consent_challenge outputParameters: - type: object mapping: $. - name: accept-oauth-2-0-consent-request description: Accept OAuth 2.0 Consent Request hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.acceptoauth2consentrequest with: consent_challenge: tools.consent_challenge body: tools.body outputParameters: - type: object mapping: $. - name: reject-oauth-2-0-consent-request description: Reject OAuth 2.0 Consent Request hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.rejectoauth2consentrequest with: consent_challenge: tools.consent_challenge body: tools.body outputParameters: - type: object mapping: $. - name: accepts-device-grant-user-code description: Accepts a device grant user_code request hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.acceptusercoderequest with: device_challenge: tools.device_challenge body: tools.body outputParameters: - type: object mapping: $. - name: get-oauth-2-0-login-request description: Get OAuth 2.0 Login Request hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.getoauth2loginrequest with: login_challenge: tools.login_challenge outputParameters: - type: object mapping: $. - name: accept-oauth-2-0-login-request description: Accept OAuth 2.0 Login Request hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.acceptoauth2loginrequest with: login_challenge: tools.login_challenge body: tools.body outputParameters: - type: object mapping: $. - name: reject-oauth-2-0-login-request description: Reject OAuth 2.0 Login Request hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.rejectoauth2loginrequest with: login_challenge: tools.login_challenge body: tools.body outputParameters: - type: object mapping: $. - name: get-oauth-2-0-session-logout description: Get OAuth 2.0 Session Logout Request hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.getoauth2logoutrequest with: logout_challenge: tools.logout_challenge outputParameters: - type: object mapping: $. - name: accept-oauth-2-0-session-logout description: Accept OAuth 2.0 Session Logout Request hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.acceptoauth2logoutrequest with: logout_challenge: tools.logout_challenge outputParameters: - type: object mapping: $. - name: reject-oauth-2-0-session-logout description: Reject OAuth 2.0 Session Logout Request hints: readOnly: false destructive: false idempotent: true call: hydra-oauth2.rejectoauth2logoutrequest with: logout_challenge: tools.logout_challenge outputParameters: - type: object mapping: $. - name: revoke-oauth-2-0-consent-sessions description: Revoke OAuth 2.0 Consent Sessions of a Subject hints: readOnly: false destructive: true idempotent: true call: hydra-oauth2.revokeoauth2consentsessions with: subject: tools.subject client: tools.client consent_request_id: tools.consent_request_id all: tools.all outputParameters: - type: object mapping: $. - name: list-oauth-2-0-consent-sessions description: List OAuth 2.0 Consent Sessions of a Subject hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.listoauth2consentsessions with: page_size: tools.page_size page_token: tools.page_token subject: tools.subject login_session_id: tools.login_session_id outputParameters: - type: object mapping: $. - name: revokes-oauth-2-0-login-sessions description: Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID hints: readOnly: false destructive: true idempotent: true call: hydra-oauth2.revokeoauth2loginsessions with: subject: tools.subject sid: tools.sid outputParameters: - type: object mapping: $. - name: introspect-oauth2-access-and-refresh description: Introspect OAuth2 Access and Refresh Tokens hints: readOnly: false destructive: false idempotent: false call: hydra-oauth2.introspectoauth2token with: body: tools.body outputParameters: - type: object mapping: $. - name: delete-oauth-2-0-access-tokens description: Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client hints: readOnly: false destructive: true idempotent: true call: hydra-oauth2.deleteoauth2token with: client_id: tools.client_id outputParameters: - type: object mapping: $. - name: list-trusted-oauth2-jwt-bearer description: List Trusted OAuth2 JWT Bearer Grant Type Issuers hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.listtrustedoauth2jwtgrantissuers with: page_size: tools.page_size page_token: tools.page_token issuer: tools.issuer outputParameters: - type: object mapping: $. - name: trust-oauth2-jwt-bearer-grant description: Trust OAuth2 JWT Bearer Grant Type Issuer hints: readOnly: false destructive: false idempotent: false call: hydra-oauth2.trustoauth2jwtgrantissuer with: body: tools.body outputParameters: - type: object mapping: $. - name: delete-trusted-oauth2-jwt-bearer description: Delete Trusted OAuth2 JWT Bearer Grant Type Issuer hints: readOnly: false destructive: true idempotent: true call: hydra-oauth2.deletetrustedoauth2jwtgrantissuer with: id: tools.id outputParameters: - type: object mapping: $. - name: get-trusted-oauth2-jwt-bearer description: Get Trusted OAuth2 JWT Bearer Grant Type Issuer hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.gettrustedoauth2jwtgrantissuer with: id: tools.id outputParameters: - type: object mapping: $. - name: oauth-2-0-authorize-endpoint description: OAuth 2.0 Authorize Endpoint hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.oauth2authorize outputParameters: - type: object mapping: $. - name: oauth-2-0-device-authorize-endpoint description: The OAuth 2.0 Device Authorize Endpoint hints: readOnly: false destructive: false idempotent: false call: hydra-oauth2.oauth2deviceflow outputParameters: - type: object mapping: $. - name: oauth-2-0-device-verification-endpoint description: OAuth 2.0 Device Verification Endpoint hints: readOnly: true destructive: false idempotent: true call: hydra-oauth2.performoauth2deviceverificationflow outputParameters: - type: object mapping: $. - name: revoke-oauth-2-0-access-refresh description: Revoke OAuth 2.0 Access or Refresh Token hints: readOnly: false destructive: false idempotent: false call: hydra-oauth2.revokeoauth2token with: body: tools.body outputParameters: - type: object mapping: $. - name: oauth-2-0-token-endpoint description: The OAuth 2.0 Token Endpoint hints: readOnly: false destructive: false idempotent: false call: hydra-oauth2.oauth2tokenexchange with: body: tools.body outputParameters: - type: object mapping: $.