From bef284d8bed0c8af83f1b485b1e0c14c0be705bf Mon Sep 17 00:00:00 2001 From: BinoyOza-okta Date: Mon, 2 Mar 2026 01:24:36 +0530 Subject: [PATCH 1/3] - Added MFA_AS_SERVICE as Application SignOn mode for the list_applications() operation. --- docs/ApplicationSignOnMode.md | 2 +- okta/models/application.py | 8 +++++++- okta/models/application_sign_on_mode.py | 3 ++- openapi/api.yaml | 3 +++ 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/docs/ApplicationSignOnMode.md b/docs/ApplicationSignOnMode.md index a8bb096b..7e05e7ba 100644 --- a/docs/ApplicationSignOnMode.md +++ b/docs/ApplicationSignOnMode.md @@ -1,6 +1,6 @@ # ApplicationSignOnMode -Authentication mode for the app | signOnMode | Description | | ---------- | ----------- | | AUTO_LOGIN | Secure Web Authentication (SWA) | | BASIC_AUTH | HTTP Basic Authentication with Okta Browser Plugin | | BOOKMARK | Just a bookmark (no-authentication) | | BROWSER_PLUGIN | Secure Web Authentication (SWA) with Okta Browser Plugin | | OPENID_CONNECT | Federated Authentication with OpenID Connect (OIDC) | | SAML_1_1 | Federated Authentication with SAML 1.1 WebSSO (not supported for custom apps) | | SAML_2_0 | Federated Authentication with SAML 2.0 WebSSO | | SECURE_PASSWORD_STORE | Secure Web Authentication (SWA) with POST (plugin not required) | | WS_FEDERATION | Federated Authentication with WS-Federation Passive Requestor Profile | Select the `signOnMode` for your custom app: +Authentication mode for the app | signOnMode | Description | | ---------- | ----------- | | AUTO_LOGIN | Secure Web Authentication (SWA) | | BASIC_AUTH | HTTP Basic Authentication with Okta Browser Plugin | | BOOKMARK | Just a bookmark (no-authentication) | | BROWSER_PLUGIN | Secure Web Authentication (SWA) with Okta Browser Plugin | | OPENID_CONNECT | Federated Authentication with OpenID Connect (OIDC) | | SAML_1_1 | Federated Authentication with SAML 1.1 WebSSO (not supported for custom apps) | | SAML_2_0 | Federated Authentication with SAML 2.0 WebSSO | | SECURE_PASSWORD_STORE | Secure Web Authentication (SWA) with POST (plugin not required) | | WS_FEDERATION | Federated Authentication with WS-Federation Passive Requestor Profile | | MFA_AS_SERVICE | | Select the `signOnMode` for your custom app: ## Properties diff --git a/okta/models/application.py b/okta/models/application.py index 0d1d2675..b3fdf5a9 100644 --- a/okta/models/application.py +++ b/okta/models/application.py @@ -50,6 +50,7 @@ from okta.models.basic_auth_application import BasicAuthApplication from okta.models.bookmark_application import BookmarkApplication from okta.models.browser_plugin_application import BrowserPluginApplication + from okta.models.application import Application from okta.models.open_id_connect_application import OpenIdConnectApplication from okta.models.saml11_application import Saml11Application from okta.models.saml_application import SamlApplication @@ -59,7 +60,7 @@ from okta.models.ws_federation_application import WsFederationApplication -class Application(BaseModel): +class Application(BaseModel): # noqa: F811 """ Application """ # noqa: E501 @@ -209,6 +210,7 @@ def features_validate_enum(cls, value): "BASIC_AUTH": "BasicAuthApplication", "BOOKMARK": "BookmarkApplication", "BROWSER_PLUGIN": "BrowserPluginApplication", + "MFA_AS_SERVICE": "Application", "OPENID_CONNECT": "OpenIdConnectApplication", "SAML_1_1": "Saml11Application", "SAML_2_0": "SamlApplication", @@ -241,6 +243,7 @@ def from_json(cls, json_str: str) -> Optional[ BasicAuthApplication, BookmarkApplication, BrowserPluginApplication, + Application, OpenIdConnectApplication, Saml11Application, SamlApplication, @@ -339,6 +342,7 @@ def from_dict(cls, obj: Dict[str, Any]) -> Optional[ BasicAuthApplication, BookmarkApplication, BrowserPluginApplication, + Application, OpenIdConnectApplication, Saml11Application, SamlApplication, @@ -365,6 +369,8 @@ def from_dict(cls, obj: Dict[str, Any]) -> Optional[ return import_module( "okta.models.browser_plugin_application" ).BrowserPluginApplication.from_dict(obj) + if object_type == "Application": + return import_module("okta.models.application").Application.from_dict(obj) if object_type == "OpenIdConnectApplication": return import_module( "okta.models.open_id_connect_application" diff --git a/okta/models/application_sign_on_mode.py b/okta/models/application_sign_on_mode.py index 65c73fc1..96fd1e30 100644 --- a/okta/models/application_sign_on_mode.py +++ b/okta/models/application_sign_on_mode.py @@ -36,7 +36,7 @@ class ApplicationSignOnMode(str, Enum): Federated Authentication with OpenID Connect (OIDC) | | SAML_1_1 | Federated Authentication with SAML 1.1 WebSSO (not supported for custom apps) | | SAML_2_0 | Federated Authentication with SAML 2.0 WebSSO | | SECURE_PASSWORD_STORE | Secure Web Authentication (SWA) with POST (plugin not required) | | WS_FEDERATION | Federated Authentication with - WS-Federation Passive Requestor Profile | Select the `signOnMode` for your custom app: + WS-Federation Passive Requestor Profile | | MFA_AS_SERVICE | | Select the `signOnMode` for your custom app: """ """ @@ -51,6 +51,7 @@ class ApplicationSignOnMode(str, Enum): SAML_2_0 = "SAML_2_0" SECURE_PASSWORD_STORE = "SECURE_PASSWORD_STORE" WS_FEDERATION = "WS_FEDERATION" + MFA_AS_SERVICE = "MFA_AS_SERVICE" @classmethod def from_json(cls, json_str: str) -> Self: diff --git a/openapi/api.yaml b/openapi/api.yaml index 5170fdd7..5bc9f13f 100644 --- a/openapi/api.yaml +++ b/openapi/api.yaml @@ -59271,6 +59271,7 @@ components: SAML_2_0: '#/components/schemas/SamlApplication' SECURE_PASSWORD_STORE: '#/components/schemas/SecurePasswordStoreApplication' WS_FEDERATION: '#/components/schemas/WsFederationApplication' + MFA_AS_SERVICE: '#/components/schemas/Application' ApplicationAccessibility: description: Specifies access settings for the app type: object @@ -59733,6 +59734,7 @@ components: | SAML_2_0 | Federated Authentication with SAML 2.0 WebSSO | | SECURE_PASSWORD_STORE | Secure Web Authentication (SWA) with POST (plugin not required) | | WS_FEDERATION | Federated Authentication with WS-Federation Passive Requestor Profile | + | MFA_AS_SERVICE | | Select the `signOnMode` for your custom app: type: string @@ -59746,6 +59748,7 @@ components: - SAML_2_0 - SECURE_PASSWORD_STORE - WS_FEDERATION + - MFA_AS_SERVICE ApplicationType: description: 'The type of client application. Default value: `web`.' type: string From 0e14f67daae750d1226ff0d3034a71137c26cdf2 Mon Sep 17 00:00:00 2001 From: BinoyOza-okta Date: Sun, 1 Mar 2026 12:48:39 +0530 Subject: [PATCH 2/3] - Temporary changes to execute the pipeline for flatdict issue. The PR #504 contains the permanent fix for this issue. Once it's merged will sync it. --- .circleci/config.yml | 3 ++- .github/workflows/python-package.yml | 2 +- .github/workflows/python.yml | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 10adf913..1799f159 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -8,7 +8,8 @@ orbs: jobs: build_and_test: - executor: python/default + docker: + - image: cimg/python:3.10 steps: - checkout - python/install-packages: diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml index f423916a..e34d22a3 100644 --- a/.github/workflows/python-package.yml +++ b/.github/workflows/python-package.yml @@ -16,7 +16,7 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.9", "3.10", "3.11", "3.12", "3.13"] + python-version: ["3.10", "3.11", "3.12", "3.13"] steps: - uses: actions/checkout@v2 diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index c81dabdc..af621120 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: ["3.9", "3.10", "3.11", "3.12", "3.13"] + python-version: ["3.10", "3.11", "3.12", "3.13"] steps: - uses: actions/checkout@v3 From 038c77ea32ea07378b432d81f1aa37f058e3bea8 Mon Sep 17 00:00:00 2001 From: BinoyOza-okta Date: Sun, 1 Mar 2026 12:52:05 +0530 Subject: [PATCH 3/3] - Upgraded flatdict dependency from mustache files and setup.py. --- openapi/templates/requirements.mustache | 3 +-- openapi/templates/setup.mustache | 1 - requirements.txt | 4 ++-- setup.py | 1 - 4 files changed, 3 insertions(+), 6 deletions(-) diff --git a/openapi/templates/requirements.mustache b/openapi/templates/requirements.mustache index 9906b789..a3f31d8e 100644 --- a/openapi/templates/requirements.mustache +++ b/openapi/templates/requirements.mustache @@ -1,7 +1,6 @@ aenum==3.1.11 aiohttp==3.12.14 blinker==1.9.0 -flatdict==4.0.1 jwcrypto==1.5.6 pycryptodomex==3.23.0 pydantic==2.11.3 @@ -20,4 +19,4 @@ pytest-asyncio==0.26.0 pytest-mock==3.14.0 pytest-recording==0.13.2 tox==4.24.2 -twine==6.1.0 \ No newline at end of file +twine==6.1.0 diff --git a/openapi/templates/setup.mustache b/openapi/templates/setup.mustache index 83f10232..8c933bfb 100644 --- a/openapi/templates/setup.mustache +++ b/openapi/templates/setup.mustache @@ -36,7 +36,6 @@ REQUIRES = [ "aenum >= 3.1.11", "aiohttp >= 3.12.14", "blinker >= 1.9.0", - "flatdict >= 4.0.1", 'jwcrypto >= 1.5.6', "pycryptodomex >= 3.23.0", "pydantic >= 2.11.3", diff --git a/requirements.txt b/requirements.txt index 9906b789..a2086d40 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,7 @@ aenum==3.1.11 aiohttp==3.12.14 blinker==1.9.0 -flatdict==4.0.1 +flatdict==4.1.0 jwcrypto==1.5.6 pycryptodomex==3.23.0 pydantic==2.11.3 @@ -20,4 +20,4 @@ pytest-asyncio==0.26.0 pytest-mock==3.14.0 pytest-recording==0.13.2 tox==4.24.2 -twine==6.1.0 \ No newline at end of file +twine==6.1.0 diff --git a/setup.py b/setup.py index 83f10232..8c933bfb 100644 --- a/setup.py +++ b/setup.py @@ -36,7 +36,6 @@ "aenum >= 3.1.11", "aiohttp >= 3.12.14", "blinker >= 1.9.0", - "flatdict >= 4.0.1", 'jwcrypto >= 1.5.6', "pycryptodomex >= 3.23.0", "pydantic >= 2.11.3",