From 25a8c0a88eb4c791596e4b68fb026c80547fea5d Mon Sep 17 00:00:00 2001 From: Spencer Witt <3409780+spwitt@users.noreply.github.com> Date: Mon, 9 Feb 2026 09:46:21 -0600 Subject: [PATCH 1/6] add TenantManagerIdentityProviderTypeConfiguration domain object ENG-3779 --- ...agerIdentityProviderTypeConfiguration.java | 70 +++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java diff --git a/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java b/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java new file mode 100644 index 000000000..60321db8c --- /dev/null +++ b/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java @@ -0,0 +1,70 @@ +/* + * Copyright (c) 2026, FusionAuth, All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ +package io.fusionauth.domain.tenantManager; + +import java.time.ZonedDateTime; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +import com.inversoft.json.JacksonConstructor; +import io.fusionauth.domain.Buildable; +import io.fusionauth.domain.Enableable; +import io.fusionauth.domain.provider.IdentityProviderLinkingStrategy; +import io.fusionauth.domain.provider.IdentityProviderType; + +/** + * Configuration object for identity provider types allowed in Tenant Manager + */ +public class TenantManagerIdentityProviderTypeConfiguration extends Enableable implements Buildable { + public Map defaultAttributeMappings = new HashMap<>(); + + public ZonedDateTime insertInstant; + + public ZonedDateTime lastUpdateInstant; + + public IdentityProviderLinkingStrategy linkingStrategy; + + public IdentityProviderType type; + + @JacksonConstructor + public TenantManagerIdentityProviderTypeConfiguration() { + } + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + if (!super.equals(o)) { + return false; + } + TenantManagerIdentityProviderTypeConfiguration that = (TenantManagerIdentityProviderTypeConfiguration) o; + return Objects.equals(defaultAttributeMappings, that.defaultAttributeMappings) && + Objects.equals(insertInstant, that.insertInstant) && + Objects.equals(lastUpdateInstant, that.lastUpdateInstant) && + linkingStrategy == that.linkingStrategy && + type == that.type; + } + + @Override + public int hashCode() { + return Objects.hash(super.hashCode(), defaultAttributeMappings, insertInstant, lastUpdateInstant, linkingStrategy, type); + } +} From 661a8c93475353994c2608629fce8af02ec55bc6 Mon Sep 17 00:00:00 2001 From: Spencer Witt <3409780+spwitt@users.noreply.github.com> Date: Mon, 9 Feb 2026 11:05:29 -0600 Subject: [PATCH 2/6] add IdP type configs to SystemConfiguration.tenantManagerConfiguration ENG-3779 --- .../io/fusionauth/domain/SystemConfiguration.java | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/src/main/java/io/fusionauth/domain/SystemConfiguration.java b/src/main/java/io/fusionauth/domain/SystemConfiguration.java index bd94d3975..c9cb09bb3 100644 --- a/src/main/java/io/fusionauth/domain/SystemConfiguration.java +++ b/src/main/java/io/fusionauth/domain/SystemConfiguration.java @@ -24,6 +24,8 @@ import com.inversoft.json.JacksonConstructor; import com.inversoft.json.ToString; +import io.fusionauth.domain.provider.IdentityProviderType; +import io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration; /** * @author Brian Pontarelli @@ -292,13 +294,16 @@ public static class TenantManagerConfiguration implements Buildable identityProviderTypeConfigurations = new HashMap<>(); + @JacksonConstructor public TenantManagerConfiguration() { } public TenantManagerConfiguration(TenantManagerConfiguration other) { - this.brandName = other.brandName; this.attributeFormId = other.attributeFormId; + this.brandName = other.brandName; + this.identityProviderTypeConfigurations.putAll(other.identityProviderTypeConfigurations); } @Override @@ -310,13 +315,14 @@ public boolean equals(Object o) { return false; } TenantManagerConfiguration that = (TenantManagerConfiguration) o; - return Objects.equals(brandName, that.brandName) && - Objects.equals(attributeFormId, that.attributeFormId); + return Objects.equals(attributeFormId, that.attributeFormId) && + Objects.equals(brandName, that.brandName) && + Objects.equals(identityProviderTypeConfigurations, that.identityProviderTypeConfigurations); } @Override public int hashCode() { - return Objects.hash(brandName, attributeFormId); + return Objects.hash(attributeFormId, brandName, identityProviderTypeConfigurations); } @Override From e3f7ade2ab1ef1ae306858d7b07d1531b122f028 Mon Sep 17 00:00:00 2001 From: Spencer Witt <3409780+spwitt@users.noreply.github.com> Date: Wed, 11 Feb 2026 11:01:04 -0600 Subject: [PATCH 3/6] generate client libraries for /api/tenant-manager/identity-provider ENG-3779 --- .../fusionauth/client/FusionAuthClient.java | 48 +++++++++++++++++++ ...ntityProviderTypeConfigurationRequest.java | 30 ++++++++++++ ...tityProviderTypeConfigurationResponse.java | 34 +++++++++++++ ...agerIdentityProviderTypeConfiguration.java | 5 ++ 4 files changed, 117 insertions(+) create mode 100644 src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationRequest.java create mode 100644 src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationResponse.java diff --git a/src/main/java/io/fusionauth/client/FusionAuthClient.java b/src/main/java/io/fusionauth/client/FusionAuthClient.java index bb8062cfd..273af3d2d 100644 --- a/src/main/java/io/fusionauth/client/FusionAuthClient.java +++ b/src/main/java/io/fusionauth/client/FusionAuthClient.java @@ -212,6 +212,8 @@ import io.fusionauth.domain.api.report.MonthlyActiveUserReportResponse; import io.fusionauth.domain.api.report.RegistrationReportResponse; import io.fusionauth.domain.api.report.TotalsReportResponse; +import io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationRequest; +import io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationResponse; import io.fusionauth.domain.api.twoFactor.SecretResponse; import io.fusionauth.domain.api.twoFactor.TwoFactorLoginRequest; import io.fusionauth.domain.api.twoFactor.TwoFactorSendRequest; @@ -1167,6 +1169,22 @@ public ClientResponse createTenant(UUID tenantId, Tenant .go(); } + /** + * Creates a tenant manager identity provider type configuration for the given identity provider type. + * + * @param type The type of the identity provider. + * @param request The request object that contains all the information used to create the tenant manager identity provider type configuration. + * @return The ClientResponse object. + */ + public ClientResponse createTenantManagerIdentityProviderTypeConfiguration(IdentityProviderType type, TenantManagerIdentityProviderTypeConfigurationRequest request) { + return start(TenantManagerIdentityProviderTypeConfigurationResponse.class, Errors.class) + .uri("/api/tenant-manager/identity-provider") + .urlSegment(type) + .bodyHandler(new JSONBodyHandler(request, objectMapper())) + .post() + .go(); + } + /** * Creates a Theme. You can optionally specify an Id for the theme, if not provided one will be generated. * @@ -1747,6 +1765,20 @@ public ClientResponse deleteTenantAsync(UUID tenantId) { .go(); } + /** + * Deletes the tenant manager identity provider type configuration for the given identity provider type. + * + * @param type The type of the identity provider. + * @return The ClientResponse object. + */ + public ClientResponse deleteTenantManagerIdentityProviderTypeConfiguration(IdentityProviderType type) { + return start(Void.TYPE, Errors.class) + .uri("/api/tenant-manager/identity-provider") + .urlSegment(type) + .delete() + .go(); + } + /** * Deletes the tenant based on the given request (sent to the API as JSON). This permanently deletes all information, metrics, reports and data associated * with the tenant and everything under the tenant (applications, users, etc). @@ -6106,6 +6138,22 @@ public ClientResponse updateTenant(UUID tenantId, Tenant .go(); } + /** + * Updates the tenant manager identity provider type configuration for the given identity provider type. + * + * @param type The type of the identity provider. + * @param request The request object that contains the updated tenant manager identity provider type configuration. + * @return The ClientResponse object. + */ + public ClientResponse updateTenantManagerIdentityProviderTypeConfiguration(IdentityProviderType type, TenantManagerIdentityProviderTypeConfigurationRequest request) { + return start(TenantManagerIdentityProviderTypeConfigurationResponse.class, Errors.class) + .uri("/api/tenant-manager/identity-provider") + .urlSegment(type) + .bodyHandler(new JSONBodyHandler(request, objectMapper())) + .put() + .go(); + } + /** * Updates the theme with the given Id. * diff --git a/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationRequest.java b/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationRequest.java new file mode 100644 index 000000000..1eee837ea --- /dev/null +++ b/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationRequest.java @@ -0,0 +1,30 @@ +/* + * Copyright (c) 2026, FusionAuth, All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ +package io.fusionauth.domain.api.tenantManager; + +import com.inversoft.json.JacksonConstructor; +import io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration; + +/** + * The Tenant Manager IdP type configuration request object + */ +public class TenantManagerIdentityProviderTypeConfigurationRequest { + public TenantManagerIdentityProviderTypeConfiguration typeConfiguration; + + @JacksonConstructor + public TenantManagerIdentityProviderTypeConfigurationRequest() { + } +} diff --git a/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationResponse.java b/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationResponse.java new file mode 100644 index 000000000..fe0a2afc9 --- /dev/null +++ b/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationResponse.java @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2026, FusionAuth, All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ +package io.fusionauth.domain.api.tenantManager; + +import com.inversoft.json.JacksonConstructor; +import io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration; + +/** + * The Tenant Manager IdP type configuration request object + */ +public class TenantManagerIdentityProviderTypeConfigurationResponse { + public TenantManagerIdentityProviderTypeConfiguration typeConfiguration; + + @JacksonConstructor + public TenantManagerIdentityProviderTypeConfigurationResponse() { + } + + public TenantManagerIdentityProviderTypeConfigurationResponse(TenantManagerIdentityProviderTypeConfiguration typeConfiguration) { + this.typeConfiguration = typeConfiguration; + } +} diff --git a/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java b/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java index 60321db8c..44e61ec7a 100644 --- a/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java +++ b/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java @@ -17,9 +17,11 @@ import java.time.ZonedDateTime; import java.util.HashMap; +import java.util.LinkedHashMap; import java.util.Map; import java.util.Objects; +import com.fasterxml.jackson.annotation.JsonIgnore; import com.inversoft.json.JacksonConstructor; import io.fusionauth.domain.Buildable; import io.fusionauth.domain.Enableable; @@ -30,6 +32,9 @@ * Configuration object for identity provider types allowed in Tenant Manager */ public class TenantManagerIdentityProviderTypeConfiguration extends Enableable implements Buildable { + @JsonIgnore + public Map data = new LinkedHashMap<>(); + public Map defaultAttributeMappings = new HashMap<>(); public ZonedDateTime insertInstant; From f6354c7be382f25ae9e98c2bdc3213b7e177afd0 Mon Sep 17 00:00:00 2001 From: Spencer Witt <3409780+spwitt@users.noreply.github.com> Date: Wed, 11 Feb 2026 14:43:14 -0600 Subject: [PATCH 4/6] PR feedback ENG-3779 --- ...IdentityProviderTypeConfigurationResponse.java | 2 +- ...tManagerIdentityProviderTypeConfiguration.java | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationResponse.java b/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationResponse.java index fe0a2afc9..5734e1364 100644 --- a/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationResponse.java +++ b/src/main/java/io/fusionauth/domain/api/tenantManager/TenantManagerIdentityProviderTypeConfigurationResponse.java @@ -19,7 +19,7 @@ import io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration; /** - * The Tenant Manager IdP type configuration request object + * The Tenant Manager IdP type configuration response object */ public class TenantManagerIdentityProviderTypeConfigurationResponse { public TenantManagerIdentityProviderTypeConfiguration typeConfiguration; diff --git a/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java b/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java index 44e61ec7a..0a81a3bfd 100644 --- a/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java +++ b/src/main/java/io/fusionauth/domain/tenantManager/TenantManagerIdentityProviderTypeConfiguration.java @@ -23,6 +23,7 @@ import com.fasterxml.jackson.annotation.JsonIgnore; import com.inversoft.json.JacksonConstructor; +import com.inversoft.json.ToString; import io.fusionauth.domain.Buildable; import io.fusionauth.domain.Enableable; import io.fusionauth.domain.provider.IdentityProviderLinkingStrategy; @@ -49,6 +50,15 @@ public class TenantManagerIdentityProviderTypeConfiguration extends Enableable i public TenantManagerIdentityProviderTypeConfiguration() { } + public TenantManagerIdentityProviderTypeConfiguration(TenantManagerIdentityProviderTypeConfiguration other) { + this.data.putAll(other.data); + this.defaultAttributeMappings.putAll(other.defaultAttributeMappings); + this.insertInstant = other.insertInstant; + this.lastUpdateInstant = other.lastUpdateInstant; + this.linkingStrategy = other.linkingStrategy; + this.type = other.type; + } + @Override public boolean equals(Object o) { if (this == o) { @@ -72,4 +82,9 @@ public boolean equals(Object o) { public int hashCode() { return Objects.hash(super.hashCode(), defaultAttributeMappings, insertInstant, lastUpdateInstant, linkingStrategy, type); } + + @Override + public String toString() { + return ToString.toString(this); + } } From bceb41aba8dd7abebd8ac5bfe3fc4499e3e1e088 Mon Sep 17 00:00:00 2001 From: Spencer Witt <3409780+spwitt@users.noreply.github.com> Date: Wed, 11 Feb 2026 17:46:53 -0600 Subject: [PATCH 5/6] use String as map key instead of enum ENG-3779 --- src/main/java/io/fusionauth/domain/SystemConfiguration.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/io/fusionauth/domain/SystemConfiguration.java b/src/main/java/io/fusionauth/domain/SystemConfiguration.java index c9cb09bb3..64033219d 100644 --- a/src/main/java/io/fusionauth/domain/SystemConfiguration.java +++ b/src/main/java/io/fusionauth/domain/SystemConfiguration.java @@ -24,7 +24,6 @@ import com.inversoft.json.JacksonConstructor; import com.inversoft.json.ToString; -import io.fusionauth.domain.provider.IdentityProviderType; import io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration; /** @@ -294,7 +293,7 @@ public static class TenantManagerConfiguration implements Buildable identityProviderTypeConfigurations = new HashMap<>(); + public Map identityProviderTypeConfigurations = new HashMap<>(); @JacksonConstructor public TenantManagerConfiguration() { From 63605734ae58ad109f2d798e553c96ec18da238c Mon Sep 17 00:00:00 2001 From: Spencer Witt <3409780+spwitt@users.noreply.github.com> Date: Thu, 12 Feb 2026 09:23:05 -0600 Subject: [PATCH 6/6] add patchTenantManagerIdentityProviderTypeConfiguration client method. fix missing operations check ENG-3779 --- .../io/fusionauth/client/FusionAuthClient.java | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/src/main/java/io/fusionauth/client/FusionAuthClient.java b/src/main/java/io/fusionauth/client/FusionAuthClient.java index 273af3d2d..94496fd97 100644 --- a/src/main/java/io/fusionauth/client/FusionAuthClient.java +++ b/src/main/java/io/fusionauth/client/FusionAuthClient.java @@ -3048,6 +3048,22 @@ public ClientResponse patchTenant(UUID tenantId, Map patchTenantManagerIdentityProviderTypeConfiguration(IdentityProviderType type, Map request) { + return start(TenantManagerIdentityProviderTypeConfigurationResponse.class, Errors.class) + .uri("/api/tenant-manager/identity-provider") + .urlSegment(type) + .bodyHandler(new JSONBodyHandler(request, objectMapper())) + .patch() + .go(); + } + /** * Updates, via PATCH, the theme with the given Id. *