chore: update openapi doc

cemalkilic · cemalkilic · commit 25da24126e9e · 2026-06-19T14:04:48.000+02:00
diff --git a/openapi.yaml b/openapi.yaml
@@ -2339,6 +2339,12 @@ paths:
                   example:
                     email: "user_email"
                     name: "full_name"
+                custom_claims_allowlist:
+                  type: array
+                  items:
+                    type: string
+                  description: Raw IdP claim keys to copy verbatim into the user's custom_claims (e.g. groups, org_id). For OIDC providers these are read from the ID token claims (falling back to the userinfo response when no ID token is returned); for OAuth2 providers they are read from the userinfo response. Empty preserves no non-standard claims.
+                  example: ["groups", "org_id"]
                 authorization_params:
                   type: object
                   description: Additional authorization request parameters as string key-value pairs (cannot override reserved OAuth parameters)
@@ -2565,6 +2571,11 @@ paths:
                   type: object
                   description: Map provider claims to user attributes
                   additionalProperties: true
+                custom_claims_allowlist:
+                  type: array
+                  items:
+                    type: string
+                  description: Raw IdP claim keys to copy verbatim into the user's custom_claims (e.g. groups, org_id). For OIDC providers these are read from the ID token claims (falling back to the userinfo response when no ID token is returned); for OAuth2 providers they are read from the userinfo response. Empty preserves no non-standard claims.
                 authorization_params:
                   type: object
                   description: Additional authorization request parameters as string key-value pairs
@@ -3777,6 +3788,12 @@ components:
           example:
             email: "user_email"
             name: "full_name"
+        custom_claims_allowlist:
+          type: array
+          items:
+            type: string
+          description: Raw IdP claim keys copied verbatim into the user's custom_claims (e.g. groups, org_id). For OIDC providers these are read from the ID token claims (falling back to the userinfo response when no ID token is returned); for OAuth2 providers they are read from the userinfo response. Empty preserves no non-standard claims.
+          example: ["groups", "org_id"]
         authorization_params:
           type: object
           description: Additional parameters to include in authorization requests as string key-value pairs (cannot override reserved OAuth parameters)
