Hello, the OpenAPI specification for the List all applications response is missing important properties that then cannot be read using SDKs generated from the Okta OAS3 document.
Sample partial JSON API response:
{
"id": "0oaw2s86uvbMgRqW6697",
"orn": "orn:okta:idp:00ow0o8if0CNwsKmk697:apps:active_directory:0oaw2s86uvbMgRqW6697",
"name": "active_directory",
"label": "contoso.com",
"signOnMode": null,
"status": "ACTIVE",
~~~
"settings": {
"app": {
"jitGroupsAcrossDomains": false,
"password": null,
"scanRate": null,
"searchOrgUnit": null,
"filterGroupsByOU": false,
"namingContext": "contoso.com",
"login": null,
"activationEmail": null
},
~~~
}
}
The name is missing from the generic Application object definition and the extensible app properties are missing from the generic ApplicationSettings object definition. They are only present in specialized objects like GoogleApplication. Incomplete info about the active_directory and other apps can thus be parsed using SDKs, including the .NET SDK.
See the following type mapping excerpt from the OpenAPI specification:
discriminator:
propertyName: signOnMode
mapping:
AUTO_LOGIN: '#/components/schemas/AutoLoginApplication'
BASIC_AUTH: '#/components/schemas/BasicAuthApplication'
BOOKMARK: '#/components/schemas/BookmarkApplication'
BROWSER_PLUGIN: '#/components/schemas/BrowserPluginApplication'
OPENID_CONNECT: '#/components/schemas/OpenIdConnectApplication'
SAML_1_1: '#/components/schemas/Saml11Application'
SAML_2_0: '#/components/schemas/SamlApplication'
SECURE_PASSWORD_STORE: '#/components/schemas/SecurePasswordStoreApplication'
WS_FEDERATION: '#/components/schemas/WsFederationApplication'
The "name": "active_directory" applications are never mapped onto any specialized class through the signOnMode property, as it is always null for AD directory apps.
The app property is also missing from the Application object and some specialized objects, including SamlApplicationSettings, AutoLoginApplicationSettings, OpenIdConnectApplicationSettings etc. The namingContext AD property thus cannot be read using generated SDKs. Another problematic example:
{
"id": "0oax4r5efiyNs48aL697",
"orn": "orn:okta:idp:00ow0o8if0CNwsKmk697:apps:microsoft_external_authentication_method:0oax4r5efiyNs48aL697",
"name": "microsoft_external_authentication_method",
"label": "Microsoft Entra ID External Authentication Methods",
"status": "ACTIVE",
~~~
"signOnMode": "OPENID_CONNECT",
"settings": {
"app": {
"microsoftDiscoveryEndpoint": "https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration",
"microsoftTenantId": "c364c732-ad9c-441c-9cf4-d3c3656b551c",
"microsoftAppId": "9539823d-3806-43cf-808d-962b53635c3b"
},
~~~
SDKs generated from the OpenAPI specification do not allow fetching the microsoftTenantId and microsoftAppId custom app properties. This is because the OpenIdConnectApplicationSettings definition is missing the app property:
OpenIdConnectApplicationSettings:
allOf:
- $ref: '#/components/schemas/ApplicationSettings'
- type: object
properties:
oauthClient:
$ref: '#/components/schemas/OpenIdConnectApplicationSettingsClient'