ConnectionMaster
diff --git a/‎.generator/schemas/v2/openapi.yaml‎
Lines changed: 531 additions & 101 deletions b/‎.generator/schemas/v2/openapi.yaml‎
Lines changed: 531 additions & 101 deletions
diff --git a/‎examples/v2/cloud-cost-management/ListCostTagMetadataMonths.rb‎
Lines changed: 0 additions & 8 deletions b/‎examples/v2/cloud-cost-management/ListCostTagMetadataMonths.rb‎
Lines changed: 0 additions & 8 deletions
diff --git a/‎examples/v2/oauth2-client-public/DeleteScopesRestriction.rb‎
Lines changed: 8 additions & 0 deletions b/‎examples/v2/oauth2-client-public/DeleteScopesRestriction.rb‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎examples/v2/oauth2-client-public/GetScopesRestriction.rb‎
Lines changed: 8 additions & 0 deletions b/‎examples/v2/oauth2-client-public/GetScopesRestriction.rb‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎examples/v2/oauth2-client-public/RegisterOAuthClient.rb‎
Lines changed: 29 additions & 0 deletions b/‎examples/v2/oauth2-client-public/RegisterOAuthClient.rb‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎examples/v2/oauth2-client-public/UpsertScopesRestriction.rb‎
Lines changed: 24 additions & 0 deletions b/‎examples/v2/oauth2-client-public/UpsertScopesRestriction.rb‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎features/scenarios_model_mapping.rb‎
Lines changed: 13 additions & 3 deletions b/‎features/scenarios_model_mapping.rb‎
Lines changed: 13 additions & 3 deletions
diff --git a/‎features/v2/cloud_cost_management.feature‎
Lines changed: 0 additions & 16 deletions b/‎features/v2/cloud_cost_management.feature‎
Lines changed: 0 additions & 16 deletions
diff --git a/‎features/v2/oauth2_client_public.feature‎
Lines changed: 100 additions & 0 deletions b/‎features/v2/oauth2_client_public.feature‎
Lines changed: 100 additions & 0 deletions
diff --git a/‎features/v2/undo.json‎
Lines changed: 24 additions & 6 deletions b/‎features/v2/undo.json‎
Lines changed: 24 additions & 6 deletions
@@ -0,0 +1,8 @@
+# Delete an OAuth2 client scopes restriction returns "No Content" response
+
+require "datadog_api_client"
+DatadogAPIClient.configure do |config|
+  config.unstable_operations["v2.delete_scopes_restriction".to_sym] = true
+end
+api_instance = DatadogAPIClient::V2::OAuth2ClientPublicAPI.new
+api_instance.delete_scopes_restriction("fafa8e1c-36a5-11f0-a83d-da7ad0900001")
@@ -0,0 +1,8 @@
+# Get an OAuth2 client scopes restriction returns "OK" response
+
+require "datadog_api_client"
+DatadogAPIClient.configure do |config|
+  config.unstable_operations["v2.get_scopes_restriction".to_sym] = true
+end
+api_instance = DatadogAPIClient::V2::OAuth2ClientPublicAPI.new
+p api_instance.get_scopes_restriction("fafa8e1c-36a5-11f0-a83d-da7ad0900001")
@@ -0,0 +1,29 @@
+# Register an OAuth2 client returns "Created" response
+
+require "datadog_api_client"
+DatadogAPIClient.configure do |config|
+  config.unstable_operations["v2.register_o_auth_client".to_sym] = true
+end
+api_instance = DatadogAPIClient::V2::OAuth2ClientPublicAPI.new
+
+body = DatadogAPIClient::V2::OAuthClientRegistrationRequest.new({
+  client_name: "Example MCP Client",
+  client_uri: "https://example.com",
+  grant_types: [
+    DatadogAPIClient::V2::OAuthClientRegistrationGrantType::AUTHORIZATION_CODE,
+    DatadogAPIClient::V2::OAuthClientRegistrationGrantType::REFRESH_TOKEN,
+  ],
+  jwks_uri: "https://example.com/.well-known/jwks.json",
+  logo_uri: "https://example.com/logo.png",
+  policy_uri: "https://example.com/privacy",
+  redirect_uris: [
+    "https://example.com/oauth/callback",
+  ],
+  response_types: [
+    DatadogAPIClient::V2::OAuthClientRegistrationResponseType::CODE,
+  ],
+  scope: "openid profile",
+  token_endpoint_auth_method: "none",
+  tos_uri: "https://example.com/tos",
+})
+p api_instance.register_o_auth_client(body)
@@ -0,0 +1,24 @@
+# Upsert an OAuth2 client scopes restriction returns "OK" response
+
+require "datadog_api_client"
+DatadogAPIClient.configure do |config|
+  config.unstable_operations["v2.upsert_scopes_restriction".to_sym] = true
+end
+api_instance = DatadogAPIClient::V2::OAuth2ClientPublicAPI.new
+
+body = DatadogAPIClient::V2::UpsertOAuthScopesRestrictionRequest.new({
+  data: DatadogAPIClient::V2::UpsertOAuthScopesRestrictionData.new({
+    attributes: DatadogAPIClient::V2::UpsertOAuthScopesRestrictionDataAttributes.new({
+      oidc_scopes: [
+        DatadogAPIClient::V2::OAuthOidcScope::OPENID,
+        DatadogAPIClient::V2::OAuthOidcScope::EMAIL,
+      ],
+      permission_scopes: [
+        "dashboards_read",
+        "metrics_read",
+      ],
+    }),
+    type: DatadogAPIClient::V2::UpsertOAuthScopesRestrictionType::UPSERT_SCOPES_RESTRICTION,
+  }),
+})
+p api_instance.upsert_scopes_restriction("fafa8e1c-36a5-11f0-a83d-da7ad0900001", body)
@@ -2643,9 +2643,6 @@
             "filter_month" => "String",
             "filter_provider" => "String",
     },
-    "v2.ListCostTagMetadataMonths" => {
-            "filter_provider" => "String",
-    },
     "v2.ListCostTagMetadataOrchestrators" => {
             "filter_month" => "String",
             "filter_provider" => "String",
@@ -3878,6 +3875,19 @@
             "tags" => "String",
             "limit" => "Integer",
     },
+    "v2.DeleteScopesRestriction" => {
+            "client_uuid" => "UUID",
+    },
+    "v2.GetScopesRestriction" => {
+            "client_uuid" => "UUID",
+    },
+    "v2.UpsertScopesRestriction" => {
+            "client_uuid" => "UUID",
+            "body" => "UpsertOAuthScopesRestrictionRequest",
+    },
+    "v2.RegisterOAuthClient" => {
+            "body" => "OAuthClientRegistrationRequest",
+    },
     "v2.ListPipelines" => {
             "page_size" => "Integer",
             "page_number" => "Integer",
 
@@ -606,22 +606,6 @@ Feature: Cloud Cost Management
     When the request is sent
     Then the response status is 200 OK
 
-  @generated @skip @team:DataDog/cloud-cost-management
-  Scenario: List Cloud Cost Management tag metadata months returns "Bad Request" response
-    Given operation "ListCostTagMetadataMonths" enabled
-    And new "ListCostTagMetadataMonths" request
-    And request contains "filter[provider]" parameter from "REPLACE.ME"
-    When the request is sent
-    Then the response status is 400 Bad Request
-
-  @generated @skip @team:DataDog/cloud-cost-management
-  Scenario: List Cloud Cost Management tag metadata months returns "OK" response
-    Given operation "ListCostTagMetadataMonths" enabled
-    And new "ListCostTagMetadataMonths" request
-    And request contains "filter[provider]" parameter from "REPLACE.ME"
-    When the request is sent
-    Then the response status is 200 OK
-
   @generated @skip @team:DataDog/cloud-cost-management
   Scenario: List Cloud Cost Management tag sources returns "Bad Request" response
     Given operation "ListCostTagKeySources" enabled
 
@@ -0,0 +1,100 @@
+@endpoint(oauth2-client-public) @endpoint(oauth2-client-public-v2)
+Feature: OAuth2 Client Public
+  Configure OAuth2 clients for Datadog. Supports RFC 7591 Dynamic Client
+  Registration and management of OAuth2 client scopes restrictions.
+
+  Background:
+    Given a valid "apiKeyAuth" key in the system
+    And a valid "appKeyAuth" key in the system
+    And an instance of "OAuth2ClientPublic" API
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Delete an OAuth2 client scopes restriction returns "Bad Request" response
+    Given operation "DeleteScopesRestriction" enabled
+    And new "DeleteScopesRestriction" request
+    And request contains "client_uuid" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Delete an OAuth2 client scopes restriction returns "No Content" response
+    Given operation "DeleteScopesRestriction" enabled
+    And new "DeleteScopesRestriction" request
+    And request contains "client_uuid" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 204 No Content
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Delete an OAuth2 client scopes restriction returns "Not Found" response
+    Given operation "DeleteScopesRestriction" enabled
+    And new "DeleteScopesRestriction" request
+    And request contains "client_uuid" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 404 Not Found
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Get an OAuth2 client scopes restriction returns "Bad Request" response
+    Given operation "GetScopesRestriction" enabled
+    And new "GetScopesRestriction" request
+    And request contains "client_uuid" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Get an OAuth2 client scopes restriction returns "Not Found" response
+    Given operation "GetScopesRestriction" enabled
+    And new "GetScopesRestriction" request
+    And request contains "client_uuid" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 404 Not Found
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Get an OAuth2 client scopes restriction returns "OK" response
+    Given operation "GetScopesRestriction" enabled
+    And new "GetScopesRestriction" request
+    And request contains "client_uuid" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 200 OK
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Register an OAuth2 client returns "Bad Request" response
+    Given operation "RegisterOAuthClient" enabled
+    And new "RegisterOAuthClient" request
+    And body with value {"client_name": "Example MCP Client", "client_uri": "https://example.com", "grant_types": ["authorization_code", "refresh_token"], "jwks_uri": "https://example.com/.well-known/jwks.json", "logo_uri": "https://example.com/logo.png", "policy_uri": "https://example.com/privacy", "redirect_uris": ["https://example.com/oauth/callback"], "response_types": ["code"], "scope": "openid profile", "token_endpoint_auth_method": "none", "tos_uri": "https://example.com/tos"}
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Register an OAuth2 client returns "Created" response
+    Given operation "RegisterOAuthClient" enabled
+    And new "RegisterOAuthClient" request
+    And body with value {"client_name": "Example MCP Client", "client_uri": "https://example.com", "grant_types": ["authorization_code", "refresh_token"], "jwks_uri": "https://example.com/.well-known/jwks.json", "logo_uri": "https://example.com/logo.png", "policy_uri": "https://example.com/privacy", "redirect_uris": ["https://example.com/oauth/callback"], "response_types": ["code"], "scope": "openid profile", "token_endpoint_auth_method": "none", "tos_uri": "https://example.com/tos"}
+    When the request is sent
+    Then the response status is 201 Created
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Upsert an OAuth2 client scopes restriction returns "Bad Request" response
+    Given operation "UpsertScopesRestriction" enabled
+    And new "UpsertScopesRestriction" request
+    And request contains "client_uuid" parameter from "REPLACE.ME"
+    And body with value {"data": {"attributes": {"oidc_scopes": ["openid", "email"], "permission_scopes": ["dashboards_read", "metrics_read"]}, "type": "upsert_scopes_restriction"}}
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Upsert an OAuth2 client scopes restriction returns "Not Found" response
+    Given operation "UpsertScopesRestriction" enabled
+    And new "UpsertScopesRestriction" request
+    And request contains "client_uuid" parameter from "REPLACE.ME"
+    And body with value {"data": {"attributes": {"oidc_scopes": ["openid", "email"], "permission_scopes": ["dashboards_read", "metrics_read"]}, "type": "upsert_scopes_restriction"}}
+    When the request is sent
+    Then the response status is 404 Not Found
+
+  @generated @skip @team:DataDog/delegated-auth-login
+  Scenario: Upsert an OAuth2 client scopes restriction returns "OK" response
+    Given operation "UpsertScopesRestriction" enabled
+    And new "UpsertScopesRestriction" request
+    And request contains "client_uuid" parameter from "REPLACE.ME"
+    And body with value {"data": {"attributes": {"oidc_scopes": ["openid", "email"], "permission_scopes": ["dashboards_read", "metrics_read"]}, "type": "upsert_scopes_restriction"}}
+    When the request is sent
+    Then the response status is 200 OK
@@ -1898,12 +1898,6 @@
       "type": "safe"
     }
   },
-  "ListCostTagMetadataMonths": {
-    "tag": "Cloud Cost Management",
-    "undo": {
-      "type": "safe"
-    }
-  },
   "ListCostTagMetadataOrchestrators": {
     "tag": "Cloud Cost Management",
     "undo": {
@@ -4672,6 +4666,30 @@
       "type": "safe"
     }
   },
+  "DeleteScopesRestriction": {
+    "tag": "OAuth2 Client Public",
+    "undo": {
+      "type": "idempotent"
+    }
+  },
+  "GetScopesRestriction": {
+    "tag": "OAuth2 Client Public",
+    "undo": {
+      "type": "safe"
+    }
+  },
+  "UpsertScopesRestriction": {
+    "tag": "OAuth2 Client Public",
+    "undo": {
+      "type": "idempotent"
+    }
+  },
+  "RegisterOAuthClient": {
+    "tag": "OAuth2 Client Public",
+    "undo": {
+      "type": "idempotent"
+    }
+  },
   "ListPipelines": {
     "tag": "Observability Pipelines",
     "undo": {