From 867a514d1f29b984e5fa449c946de23e1f5029eb Mon Sep 17 00:00:00 2001
From: Christopher Kolstad <chriswk@getunleash.ai>
Date: Tue, 18 Apr 2023 10:42:32 +0200
Subject: [PATCH] feat: Added configurable signing algorithm to OIDC
 configuration (#3522)

We've had requests from customers that use RS512 as the default signing
algorithm in their OIDC server deployment. This PR adds that as a config
variable to the OIDC form.
---
 .../admin/auth/OidcAuth/OidcAuth.tsx          | 42 ++++++++++++++++++-
 frontend/src/openapi/models/_exportParams.ts  | 23 +++++++++-
 .../src/openapi/models/bulkMetricsSchema.ts   |  7 +++-
 .../openapi/models/bulkRegistrationSchema.ts  | 14 ++++++-
 .../models/changeRequestDefaultEventSchema.ts | 11 +++++
 .../changeRequestDefaultEventSchemaPayload.ts |  7 ++++
 .../models/changeRequestEditTitleSchema.ts    |  9 ++++
 .../models/changeRequestFeatureSchema.ts      |  2 +
 .../src/openapi/models/changeRequestSchema.ts |  1 +
 .../models/changeRequestStateSchema.ts        |  1 +
 .../openapi/models/clientMetricsEnvSchema.ts  | 12 +++++-
 .../models/clientMetricsEnvSchemaVariants.ts  |  3 ++
 .../src/openapi/models/edgeTokenSchema.ts     |  6 +++
 .../src/openapi/models/edgeTokenSchemaType.ts |  3 ++
 frontend/src/openapi/models/featureSchema.ts  |  2 +-
 .../src/openapi/models/featureTagSchema.ts    | 14 +++++++
 .../src/openapi/models/getEventsParams.ts     |  7 +++-
 frontend/src/openapi/models/index.ts          | 15 ++++++-
 .../src/openapi/models/oidcSettingsSchema.ts  | 17 ++++++++
 .../oidcSettingsSchemaDefaultRootRole.ts      |  3 ++
 ...dcSettingsSchemaIdTokenSigningAlgorithm.ts | 18 ++++++++
 frontend/src/openapi/models/segmentSchema.ts  |  7 ++++
 frontend/src/openapi/models/tagSchema.ts      |  5 +++
 .../src/openapi/models/tagsBulkAddSchema.ts   |  5 +++
 frontend/src/openapi/models/tagsSchema.ts     |  5 +++
 .../openapi/models/toggleMaintenanceSchema.ts |  9 ++++
 .../openapi/models/tokenStringListSchema.ts   | 14 +++++++
 .../src/openapi/models/updateTagsSchema.ts    |  5 +++
 .../models/validateEdgeTokensSchema.ts        | 10 -----
 .../validateEdgeTokensSchemaTokensItem.ts     |  8 ----
 .../models/validatedEdgeTokensSchema.ts       | 14 +++++++
 31 files changed, 271 insertions(+), 28 deletions(-)
 create mode 100644 frontend/src/openapi/models/changeRequestDefaultEventSchema.ts
 create mode 100644 frontend/src/openapi/models/changeRequestDefaultEventSchemaPayload.ts
 create mode 100644 frontend/src/openapi/models/changeRequestEditTitleSchema.ts
 create mode 100644 frontend/src/openapi/models/oidcSettingsSchemaIdTokenSigningAlgorithm.ts
 create mode 100644 frontend/src/openapi/models/toggleMaintenanceSchema.ts
 create mode 100644 frontend/src/openapi/models/tokenStringListSchema.ts
 delete mode 100644 frontend/src/openapi/models/validateEdgeTokensSchema.ts
 delete mode 100644 frontend/src/openapi/models/validateEdgeTokensSchemaTokensItem.ts
 create mode 100644 frontend/src/openapi/models/validatedEdgeTokensSchema.ts

diff --git a/frontend/src/component/admin/auth/OidcAuth/OidcAuth.tsx b/frontend/src/component/admin/auth/OidcAuth/OidcAuth.tsx
index 0e2fbf75619..1e8bb0d494e 100644
--- a/frontend/src/component/admin/auth/OidcAuth/OidcAuth.tsx
+++ b/frontend/src/component/admin/auth/OidcAuth/OidcAuth.tsx
@@ -1,8 +1,12 @@
 import React, { useContext, useEffect, useState } from 'react';
 import {
     Button,
+    FormControl,
     FormControlLabel,
     Grid,
+    InputLabel,
+    MenuItem,
+    Select,
     Switch,
     TextField,
 } from '@mui/material';
@@ -30,6 +34,7 @@ const initialState = {
     discoverUrl: '',
     secret: '',
     acrValues: '',
+    idTokenSigningAlgorithm: 'RS256',
 };
 
 export const OidcAuth = () => {
@@ -244,7 +249,42 @@ export const OidcAuth = () => {
                     setValue={setValue}
                 />
                 <AutoCreateForm data={data} setValue={setValue} />
-
+                <Grid container spacing={3} mb={2}>
+                    <Grid item md={5}>
+                        <strong>ID Signing algorithm</strong>
+                        <p>
+                            Which signing algorithm to use. <br /> Leave this
+                            alone unless you see errors that look like
+                            "unexpected JWT alg received, expected RS256, got:
+                            RS512" in your logs.
+                        </p>
+                    </Grid>
+                    <Grid item md={6}>
+                        <FormControl style={{ minWidth: '200px' }}>
+                            <InputLabel id="defaultRootRole-label">
+                                Signing algorithm
+                            </InputLabel>
+                            <Select
+                                label="Signing algorithm"
+                                labelId="idTokenSigningAlgorithm-label"
+                                id="idTokenSigningAlgorithm"
+                                name="idTokenSigningAlgorithm"
+                                value={data.idTokenSigningAlgorithm || 'RS256'}
+                                onChange={e =>
+                                    setValue(
+                                        'idTokenSigningAlgorithm',
+                                        e.target.value
+                                    )
+                                }
+                            >
+                                {/*consider these from API or constants. */}
+                                <MenuItem value="RS256">RS256</MenuItem>
+                                <MenuItem value="RS384">RS384</MenuItem>
+                                <MenuItem value="RS512">RS512</MenuItem>
+                            </Select>
+                        </FormControl>
+                    </Grid>
+                </Grid>
                 <Grid container spacing={3}>
                     <Grid item md={12}>
                         <Button
diff --git a/frontend/src/openapi/models/_exportParams.ts b/frontend/src/openapi/models/_exportParams.ts
index 1027979bdb3..ee909b078dd 100644
--- a/frontend/src/openapi/models/_exportParams.ts
+++ b/frontend/src/openapi/models/_exportParams.ts
@@ -6,11 +6,32 @@
 import type { _ExportFormat } from './_exportFormat';
 
 export type _ExportParams = {
+    /**
+     * Desired export format. Must be either `json` or `yaml`.
+     */
     format?: _ExportFormat;
-    download?: boolean | string | number;
+    /**
+     * Whether exported data should be downloaded as a file.
+     */
+    download?: string;
+    /**
+     * Whether strategies should be included in the exported data.
+     */
     strategies?: boolean | string | number;
+    /**
+     * Whether feature toggles should be included in the exported data.
+     */
     featureToggles?: boolean | string | number;
+    /**
+     * Whether projects should be included in the exported data.
+     */
     projects?: boolean | string | number;
+    /**
+     * Whether tag types, tags, and feature_tags should be included in the exported data.
+     */
     tags?: boolean | string | number;
+    /**
+     * Whether environments should be included in the exported data.
+     */
     environments?: boolean | string | number;
 };
diff --git a/frontend/src/openapi/models/bulkMetricsSchema.ts b/frontend/src/openapi/models/bulkMetricsSchema.ts
index cd95cdb6b58..4e87e864900 100644
--- a/frontend/src/openapi/models/bulkMetricsSchema.ts
+++ b/frontend/src/openapi/models/bulkMetricsSchema.ts
@@ -6,7 +6,10 @@
 import type { BulkRegistrationSchema } from './bulkRegistrationSchema';
 import type { ClientMetricsEnvSchema } from './clientMetricsEnvSchema';
 
+/**
+ * A batch of metrics accumulated by Edge (or other compatible applications). Includes both application registrations as well usage metrics from clients
+ */
 export interface BulkMetricsSchema {
-    applications?: BulkRegistrationSchema[];
-    metrics?: ClientMetricsEnvSchema[];
+    applications: BulkRegistrationSchema[];
+    metrics: ClientMetricsEnvSchema[];
 }
diff --git a/frontend/src/openapi/models/bulkRegistrationSchema.ts b/frontend/src/openapi/models/bulkRegistrationSchema.ts
index d81b8f5b868..fcca68c9c24 100644
--- a/frontend/src/openapi/models/bulkRegistrationSchema.ts
+++ b/frontend/src/openapi/models/bulkRegistrationSchema.ts
@@ -6,13 +6,25 @@
 import type { BulkRegistrationSchemaConnectViaItem } from './bulkRegistrationSchemaConnectViaItem';
 import type { DateSchema } from './dateSchema';
 
+/**
+ * An application registration. Defines the format POSTed by our server-side SDKs when they're starting up
+ */
 export interface BulkRegistrationSchema {
+    /** A list of applications this app registration has been registered through. If connected directly to Unleash, this is an empty list. 
+ This can be used in later visualizations to tell how many levels of proxy or Edge instances our SDKs have connected through */
     connectVia?: BulkRegistrationSchemaConnectViaItem[];
+    /** The name of the application that is evaluating toggles */
     appName: string;
-    environment?: string;
+    /** Which environment the application is running in */
+    environment: string;
+    /** A [(somewhat) unique identifier](https://docs.getunleash.io/reference/sdks/node#advanced-usage) for the application */
     instanceId: string;
+    /** How often (in seconds) the application refreshes its features */
     interval?: number;
+    /** The application started at */
     started?: DateSchema;
+    /** Enabled [strategies](https://docs.getunleash.io/reference/activation-strategies) in the application */
     strategies?: string[];
+    /** The version the sdk is running. Typically <client>:<version> */
     sdkVersion?: string;
 }
diff --git a/frontend/src/openapi/models/changeRequestDefaultEventSchema.ts b/frontend/src/openapi/models/changeRequestDefaultEventSchema.ts
new file mode 100644
index 00000000000..efe288d7e81
--- /dev/null
+++ b/frontend/src/openapi/models/changeRequestDefaultEventSchema.ts
@@ -0,0 +1,11 @@
+/**
+ * Generated by Orval
+ * Do not edit manually.
+ * See `gen:api` script in package.json
+ */
+import type { ChangeRequestDefaultEventSchemaPayload } from './changeRequestDefaultEventSchemaPayload';
+
+export interface ChangeRequestDefaultEventSchema {
+    action: string;
+    payload: ChangeRequestDefaultEventSchemaPayload;
+}
diff --git a/frontend/src/openapi/models/changeRequestDefaultEventSchemaPayload.ts b/frontend/src/openapi/models/changeRequestDefaultEventSchemaPayload.ts
new file mode 100644
index 00000000000..ac7ff510fd8
--- /dev/null
+++ b/frontend/src/openapi/models/changeRequestDefaultEventSchemaPayload.ts
@@ -0,0 +1,7 @@
+/**
+ * Generated by Orval
+ * Do not edit manually.
+ * See `gen:api` script in package.json
+ */
+
+export type ChangeRequestDefaultEventSchemaPayload = { [key: string]: any };
diff --git a/frontend/src/openapi/models/changeRequestEditTitleSchema.ts b/frontend/src/openapi/models/changeRequestEditTitleSchema.ts
new file mode 100644
index 00000000000..65460d4fed2
--- /dev/null
+++ b/frontend/src/openapi/models/changeRequestEditTitleSchema.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by Orval
+ * Do not edit manually.
+ * See `gen:api` script in package.json
+ */
+
+export interface ChangeRequestEditTitleSchema {
+    title: string;
+}
diff --git a/frontend/src/openapi/models/changeRequestFeatureSchema.ts b/frontend/src/openapi/models/changeRequestFeatureSchema.ts
index 1bf4cedb705..ef34b2f12a0 100644
--- a/frontend/src/openapi/models/changeRequestFeatureSchema.ts
+++ b/frontend/src/openapi/models/changeRequestFeatureSchema.ts
@@ -4,9 +4,11 @@
  * See `gen:api` script in package.json
  */
 import type { ChangeRequestEventSchema } from './changeRequestEventSchema';
+import type { ChangeRequestDefaultEventSchema } from './changeRequestDefaultEventSchema';
 
 export interface ChangeRequestFeatureSchema {
     name: string;
     conflict?: string;
     changes: ChangeRequestEventSchema[];
+    defaultChange?: ChangeRequestDefaultEventSchema;
 }
diff --git a/frontend/src/openapi/models/changeRequestSchema.ts b/frontend/src/openapi/models/changeRequestSchema.ts
index 1bca9e5455e..ffc2947845b 100644
--- a/frontend/src/openapi/models/changeRequestSchema.ts
+++ b/frontend/src/openapi/models/changeRequestSchema.ts
@@ -11,6 +11,7 @@ import type { ChangeRequestSchemaCreatedBy } from './changeRequestSchemaCreatedB
 
 export interface ChangeRequestSchema {
     id: number;
+    title?: string;
     environment: string;
     state: ChangeRequestSchemaState;
     minApprovals: number;
diff --git a/frontend/src/openapi/models/changeRequestStateSchema.ts b/frontend/src/openapi/models/changeRequestStateSchema.ts
index 9a22c7f23b1..495b4bd24f8 100644
--- a/frontend/src/openapi/models/changeRequestStateSchema.ts
+++ b/frontend/src/openapi/models/changeRequestStateSchema.ts
@@ -7,4 +7,5 @@ import type { ChangeRequestStateSchemaState } from './changeRequestStateSchemaSt
 
 export interface ChangeRequestStateSchema {
     state: ChangeRequestStateSchemaState;
+    comment?: string;
 }
diff --git a/frontend/src/openapi/models/clientMetricsEnvSchema.ts b/frontend/src/openapi/models/clientMetricsEnvSchema.ts
index 65cbb5aa018..192a99ea50f 100644
--- a/frontend/src/openapi/models/clientMetricsEnvSchema.ts
+++ b/frontend/src/openapi/models/clientMetricsEnvSchema.ts
@@ -6,13 +6,23 @@
 import type { DateSchema } from './dateSchema';
 import type { ClientMetricsEnvSchemaVariants } from './clientMetricsEnvSchemaVariants';
 
+/**
+ * Used for reporting feature evaluation results from SDKs
+ */
 export interface ClientMetricsEnvSchema {
+    /** Name of the feature checked by the SDK */
     featureName: string;
+    /** The name of the application the SDK is being used in */
     appName: string;
-    environment?: string;
+    /** Which environment the SDK is being used in */
+    environment: string;
+    /** The start of the time window these metrics are valid for. The window is 1 hour wide */
     timestamp?: DateSchema;
+    /** How many times the toggle evaluated to true */
     yes?: number;
+    /** How many times the toggle evaluated to false */
     no?: number;
+    /** How many times each variant was returned */
     variants?: ClientMetricsEnvSchemaVariants;
     [key: string]: any;
 }
diff --git a/frontend/src/openapi/models/clientMetricsEnvSchemaVariants.ts b/frontend/src/openapi/models/clientMetricsEnvSchemaVariants.ts
index 113841595b4..ab51285d42c 100644
--- a/frontend/src/openapi/models/clientMetricsEnvSchemaVariants.ts
+++ b/frontend/src/openapi/models/clientMetricsEnvSchemaVariants.ts
@@ -4,4 +4,7 @@
  * See `gen:api` script in package.json
  */
 
+/**
+ * How many times each variant was returned
+ */
 export type ClientMetricsEnvSchemaVariants = { [key: string]: number };
diff --git a/frontend/src/openapi/models/edgeTokenSchema.ts b/frontend/src/openapi/models/edgeTokenSchema.ts
index e2998689b65..5039d6051a0 100644
--- a/frontend/src/openapi/models/edgeTokenSchema.ts
+++ b/frontend/src/openapi/models/edgeTokenSchema.ts
@@ -5,8 +5,14 @@
  */
 import type { EdgeTokenSchemaType } from './edgeTokenSchemaType';
 
+/**
+ * A representation of a client token, limiting access to [CLIENT](https://docs.getunleash.io/reference/api-tokens-and-client-keys#client-tokens) (used by serverside SDKs) or [FRONTEND](https://docs.getunleash.io/reference/api-tokens-and-client-keys#front-end-tokens) (used by proxy SDKs)
+ */
 export interface EdgeTokenSchema {
+    /** The list of projects this token has access to. If the token has access to specific projects they will be listed here. If the token has access to all projects it will be represented as [`*`] */
     projects: string[];
+    /** The [API token](https://docs.getunleash.io/reference/api-tokens-and-client-keys#api-tokens)'s **type**. Unleash supports three different types of API tokens ([ADMIN](https://docs.getunleash.io/reference/api-tokens-and-client-keys#admin-tokens), [CLIENT](https://docs.getunleash.io/reference/api-tokens-and-client-keys#client-tokens), [FRONTEND](https://docs.getunleash.io/reference/api-tokens-and-client-keys#front-end-tokens)). They all have varying access, so when validating a token it's important to know what kind you're dealing with */
     type: EdgeTokenSchemaType;
+    /** The actual token value. [Unleash API tokens](https://docs.getunleash.io/reference/api-tokens-and-client-keys) are comprised of three parts. <project(s)>:<environment>.randomcharacters */
     token: string;
 }
diff --git a/frontend/src/openapi/models/edgeTokenSchemaType.ts b/frontend/src/openapi/models/edgeTokenSchemaType.ts
index 7003401c2e6..b3be7145ac9 100644
--- a/frontend/src/openapi/models/edgeTokenSchemaType.ts
+++ b/frontend/src/openapi/models/edgeTokenSchemaType.ts
@@ -4,6 +4,9 @@
  * See `gen:api` script in package.json
  */
 
+/**
+ * The [API token](https://docs.getunleash.io/reference/api-tokens-and-client-keys#api-tokens)'s **type**. Unleash supports three different types of API tokens ([ADMIN](https://docs.getunleash.io/reference/api-tokens-and-client-keys#admin-tokens), [CLIENT](https://docs.getunleash.io/reference/api-tokens-and-client-keys#client-tokens), [FRONTEND](https://docs.getunleash.io/reference/api-tokens-and-client-keys#front-end-tokens)). They all have varying access, so when validating a token it's important to know what kind you're dealing with
+ */
 export type EdgeTokenSchemaType =
     typeof EdgeTokenSchemaType[keyof typeof EdgeTokenSchemaType];
 
diff --git a/frontend/src/openapi/models/featureSchema.ts b/frontend/src/openapi/models/featureSchema.ts
index 6d478c2e4ab..454d5361fab 100644
--- a/frontend/src/openapi/models/featureSchema.ts
+++ b/frontend/src/openapi/models/featureSchema.ts
@@ -15,7 +15,7 @@ export interface FeatureSchema {
     type?: string;
     /** Detailed description of the feature */
     description?: string | null;
-    /** `true` if the feature is archived, otherwise `false`. */
+    /** `true` if the feature is archived */
     archived?: boolean;
     /** Name of the project the feature belongs to */
     project?: string;
diff --git a/frontend/src/openapi/models/featureTagSchema.ts b/frontend/src/openapi/models/featureTagSchema.ts
index bcf8bde0b41..cbecd25ffdb 100644
--- a/frontend/src/openapi/models/featureTagSchema.ts
+++ b/frontend/src/openapi/models/featureTagSchema.ts
@@ -4,10 +4,24 @@
  * See `gen:api` script in package.json
  */
 
+/**
+ * Describes a tag applied to a feature
+ */
 export interface FeatureTagSchema {
+    /** The name of the feature this tag is applied to */
     featureName: string;
+    /** The type of tag */
     tagType?: string;
+    /** The value of the tag */
     tagValue: string;
+    /**
+     * This field is deprecated and currently unused, use tagType instead
+     * @deprecated
+     */
     type?: string;
+    /**
+     * This field is deprecated and currently unused, use tagValue instead
+     * @deprecated
+     */
     value?: string;
 }
diff --git a/frontend/src/openapi/models/getEventsParams.ts b/frontend/src/openapi/models/getEventsParams.ts
index acfd3765d0e..fc7fffc5e12 100644
--- a/frontend/src/openapi/models/getEventsParams.ts
+++ b/frontend/src/openapi/models/getEventsParams.ts
@@ -4,4 +4,9 @@
  * See `gen:api` script in package.json
  */
 
-export type GetEventsParams = { project?: string };
+export type GetEventsParams = {
+    /**
+     * The name of the project whose events you want to retrieve
+     */
+    project?: string;
+};
diff --git a/frontend/src/openapi/models/index.ts b/frontend/src/openapi/models/index.ts
index 5c4e9c519de..92954c7efbd 100644
--- a/frontend/src/openapi/models/index.ts
+++ b/frontend/src/openapi/models/index.ts
@@ -1,3 +1,9 @@
+/**
+ * Generated by Orval
+ * Do not edit manually.
+ * See `gen:api` script in package.json
+ */
+
 export * from './_exportFormat';
 export * from './_exportParams';
 export * from './addonParameterSchema';
@@ -43,6 +49,9 @@ export * from './changeRequestCreateSchemaOneOfOneonePayload';
 export * from './changeRequestCreateSchemaOneOfPayload';
 export * from './changeRequestCreateSchemaOneOfSix';
 export * from './changeRequestCreateSchemaOneOfSixAction';
+export * from './changeRequestDefaultEventSchema';
+export * from './changeRequestDefaultEventSchemaPayload';
+export * from './changeRequestEditTitleSchema';
 export * from './changeRequestEnvironmentConfigSchema';
 export * from './changeRequestEventSchema';
 export * from './changeRequestEventSchemaCreatedBy';
@@ -146,6 +155,7 @@ export * from './notificationsSchemaItemCreatedBy';
 export * from './notificationsSchemaItemNotificationType';
 export * from './oidcSettingsSchema';
 export * from './oidcSettingsSchemaDefaultRootRole';
+export * from './oidcSettingsSchemaIdTokenSigningAlgorithm';
 export * from './overrideSchema';
 export * from './parametersSchema';
 export * from './passwordAuthSchema';
@@ -239,6 +249,8 @@ export * from './tagTypesSchema';
 export * from './tagWithVersionSchema';
 export * from './tagsBulkAddSchema';
 export * from './tagsSchema';
+export * from './toggleMaintenanceSchema';
+export * from './tokenStringListSchema';
 export * from './tokenUserSchema';
 export * from './uiConfigSchema';
 export * from './uiConfigSchemaAuthenticationType';
@@ -264,11 +276,10 @@ export * from './userWithProjectRoleSchema';
 export * from './usersGroupsBaseSchema';
 export * from './usersSchema';
 export * from './usersSearchSchema';
-export * from './validateEdgeTokensSchema';
-export * from './validateEdgeTokensSchemaTokensItem';
 export * from './validatePasswordSchema';
 export * from './validateProjectSchema';
 export * from './validateTagTypeSchema';
+export * from './validatedEdgeTokensSchema';
 export * from './variantSchema';
 export * from './variantSchemaPayload';
 export * from './variantsSchema';
diff --git a/frontend/src/openapi/models/oidcSettingsSchema.ts b/frontend/src/openapi/models/oidcSettingsSchema.ts
index 19c12a42f63..cdb715dc22e 100644
--- a/frontend/src/openapi/models/oidcSettingsSchema.ts
+++ b/frontend/src/openapi/models/oidcSettingsSchema.ts
@@ -4,15 +4,32 @@
  * See `gen:api` script in package.json
  */
 import type { OidcSettingsSchemaDefaultRootRole } from './oidcSettingsSchemaDefaultRootRole';
+import type { OidcSettingsSchemaIdTokenSigningAlgorithm } from './oidcSettingsSchemaIdTokenSigningAlgorithm';
 
+/**
+ * Settings for configuring OpenID Connect as a login provider for Unleash
+ */
 export interface OidcSettingsSchema {
+    /** `true` if OpenID connect is turned on for this instance, otherwise `false` */
     enabled?: boolean;
+    /** The [.well-known OpenID discover URL](https://swagger.io/docs/specification/authentication/openid-connect-discovery/) */
     discoverUrl?: string;
+    /** The OIDC client ID of this application. */
     clientId: string;
+    /** Shared secret from OpenID server. Used to authenticate login requests */
     secret: string;
+    /** Auto create users based on email addresses from login tokens */
     autoCreate?: boolean;
+    /** Support Single sign out when user clicks logout in Unleash. If `true` user is signed out of all OpenID Connect sessions against the clientId they may have active */
     enableSingleSignOut?: boolean;
+    /** [Default role](https://docs.getunleash.io/reference/rbac#standard-roles) granted to users auto-created from email. Only relevant if autoCreate is `true` */
     defaultRootRole?: OidcSettingsSchemaDefaultRootRole;
+    /** Comma separated list of email domains that are automatically approved for an account in the server. Only relevant if autoCreate is `true` */
     emailDomains?: string;
+    /** Authentication Context Class Reference, used to request extra values in the acr claim returned from the server. If multiple values are required, they should be space separated. 
+ Consult [the OIDC reference](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint) for more information 
+ */
     acrValues?: string;
+    /** The signing algorithm used to sign our token. Refer to the [JWT signatures](https://jwt.io/introduction) documentation for more information. */
+    idTokenSigningAlgorithm?: OidcSettingsSchemaIdTokenSigningAlgorithm;
 }
diff --git a/frontend/src/openapi/models/oidcSettingsSchemaDefaultRootRole.ts b/frontend/src/openapi/models/oidcSettingsSchemaDefaultRootRole.ts
index 3aff86a484c..ad1bfee89aa 100644
--- a/frontend/src/openapi/models/oidcSettingsSchemaDefaultRootRole.ts
+++ b/frontend/src/openapi/models/oidcSettingsSchemaDefaultRootRole.ts
@@ -4,6 +4,9 @@
  * See `gen:api` script in package.json
  */
 
+/**
+ * [Default role](https://docs.getunleash.io/reference/rbac#standard-roles) granted to users auto-created from email. Only relevant if autoCreate is `true`
+ */
 export type OidcSettingsSchemaDefaultRootRole =
     typeof OidcSettingsSchemaDefaultRootRole[keyof typeof OidcSettingsSchemaDefaultRootRole];
 
diff --git a/frontend/src/openapi/models/oidcSettingsSchemaIdTokenSigningAlgorithm.ts b/frontend/src/openapi/models/oidcSettingsSchemaIdTokenSigningAlgorithm.ts
new file mode 100644
index 00000000000..27fc38981b0
--- /dev/null
+++ b/frontend/src/openapi/models/oidcSettingsSchemaIdTokenSigningAlgorithm.ts
@@ -0,0 +1,18 @@
+/**
+ * Generated by Orval
+ * Do not edit manually.
+ * See `gen:api` script in package.json
+ */
+
+/**
+ * The signing algorithm used to sign our token. Refer to the [JWT signatures](https://jwt.io/introduction) documentation for more information.
+ */
+export type OidcSettingsSchemaIdTokenSigningAlgorithm =
+    typeof OidcSettingsSchemaIdTokenSigningAlgorithm[keyof typeof OidcSettingsSchemaIdTokenSigningAlgorithm];
+
+// eslint-disable-next-line @typescript-eslint/no-redeclare
+export const OidcSettingsSchemaIdTokenSigningAlgorithm = {
+    RS256: 'RS256',
+    RS384: 'RS384',
+    RS512: 'RS512',
+} as const;
diff --git a/frontend/src/openapi/models/segmentSchema.ts b/frontend/src/openapi/models/segmentSchema.ts
index 75346a94810..0f9cc743bdc 100644
--- a/frontend/src/openapi/models/segmentSchema.ts
+++ b/frontend/src/openapi/models/segmentSchema.ts
@@ -5,9 +5,16 @@
  */
 import type { ConstraintSchema } from './constraintSchema';
 
+/**
+ * Represents a segment of users defined by a set of constraints.
+ */
 export interface SegmentSchema {
+    /** The segment's id. */
     id: number;
+    /** The name of the segment. */
     name?: string;
+    /** The description of the segment. */
     description?: string | null;
+    /** List of constraints that determine which users are part of the segment */
     constraints: ConstraintSchema[];
 }
diff --git a/frontend/src/openapi/models/tagSchema.ts b/frontend/src/openapi/models/tagSchema.ts
index 8dd9f51217f..20c09503dea 100644
--- a/frontend/src/openapi/models/tagSchema.ts
+++ b/frontend/src/openapi/models/tagSchema.ts
@@ -4,7 +4,12 @@
  * See `gen:api` script in package.json
  */
 
+/**
+ * Representation of a tag
+ */
 export interface TagSchema {
+    /** The value of the tag */
     value: string;
+    /** The type of the tag */
     type: string;
 }
diff --git a/frontend/src/openapi/models/tagsBulkAddSchema.ts b/frontend/src/openapi/models/tagsBulkAddSchema.ts
index 234f235967c..4f92073d54f 100644
--- a/frontend/src/openapi/models/tagsBulkAddSchema.ts
+++ b/frontend/src/openapi/models/tagsBulkAddSchema.ts
@@ -5,7 +5,12 @@
  */
 import type { UpdateTagsSchema } from './updateTagsSchema';
 
+/**
+ * Represents tag changes to be applied to a list of features.
+ */
 export interface TagsBulkAddSchema {
+    /** The list of features that will be affected by the tag changes. */
     features: string[];
+    /** The tag changes to be applied to the features. */
     tags: UpdateTagsSchema;
 }
diff --git a/frontend/src/openapi/models/tagsSchema.ts b/frontend/src/openapi/models/tagsSchema.ts
index 2dfa7fdaa63..dc6576a0dce 100644
--- a/frontend/src/openapi/models/tagsSchema.ts
+++ b/frontend/src/openapi/models/tagsSchema.ts
@@ -5,7 +5,12 @@
  */
 import type { TagSchema } from './tagSchema';
 
+/**
+ * A list of tags with a version number
+ */
 export interface TagsSchema {
+    /** The version of the schema used to model the tags. */
     version: number;
+    /** A list of tags. */
     tags: TagSchema[];
 }
diff --git a/frontend/src/openapi/models/toggleMaintenanceSchema.ts b/frontend/src/openapi/models/toggleMaintenanceSchema.ts
new file mode 100644
index 00000000000..dd25de596ee
--- /dev/null
+++ b/frontend/src/openapi/models/toggleMaintenanceSchema.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by Orval
+ * Do not edit manually.
+ * See `gen:api` script in package.json
+ */
+
+export interface ToggleMaintenanceSchema {
+    enabled: boolean;
+}
diff --git a/frontend/src/openapi/models/tokenStringListSchema.ts b/frontend/src/openapi/models/tokenStringListSchema.ts
new file mode 100644
index 00000000000..c31c07e42d3
--- /dev/null
+++ b/frontend/src/openapi/models/tokenStringListSchema.ts
@@ -0,0 +1,14 @@
+/**
+ * Generated by Orval
+ * Do not edit manually.
+ * See `gen:api` script in package.json
+ */
+
+/**
+ * A list of unleash tokens to validate against known tokens
+ */
+export interface TokenStringListSchema {
+    /** Tokens that we want to get access information about */
+    tokens: string[];
+    [key: string]: any;
+}
diff --git a/frontend/src/openapi/models/updateTagsSchema.ts b/frontend/src/openapi/models/updateTagsSchema.ts
index f3b2440452f..d47dbe542d6 100644
--- a/frontend/src/openapi/models/updateTagsSchema.ts
+++ b/frontend/src/openapi/models/updateTagsSchema.ts
@@ -5,7 +5,12 @@
  */
 import type { TagSchema } from './tagSchema';
 
+/**
+ * Represents a set of changes to tags of a feature.
+ */
 export interface UpdateTagsSchema {
+    /** Tags to add to the feature. */
     addedTags: TagSchema[];
+    /** Tags to remove from the feature. */
     removedTags: TagSchema[];
 }
diff --git a/frontend/src/openapi/models/validateEdgeTokensSchema.ts b/frontend/src/openapi/models/validateEdgeTokensSchema.ts
deleted file mode 100644
index b421a5d7b78..00000000000
--- a/frontend/src/openapi/models/validateEdgeTokensSchema.ts
+++ /dev/null
@@ -1,10 +0,0 @@
-/**
- * Generated by Orval
- * Do not edit manually.
- * See `gen:api` script in package.json
- */
-import type { ValidateEdgeTokensSchemaTokensItem } from './validateEdgeTokensSchemaTokensItem';
-
-export interface ValidateEdgeTokensSchema {
-    tokens: ValidateEdgeTokensSchemaTokensItem[];
-}
diff --git a/frontend/src/openapi/models/validateEdgeTokensSchemaTokensItem.ts b/frontend/src/openapi/models/validateEdgeTokensSchemaTokensItem.ts
deleted file mode 100644
index ae70ccc628d..00000000000
--- a/frontend/src/openapi/models/validateEdgeTokensSchemaTokensItem.ts
+++ /dev/null
@@ -1,8 +0,0 @@
-/**
- * Generated by Orval
- * Do not edit manually.
- * See `gen:api` script in package.json
- */
-import type { EdgeTokenSchema } from './edgeTokenSchema';
-
-export type ValidateEdgeTokensSchemaTokensItem = EdgeTokenSchema | string;
diff --git a/frontend/src/openapi/models/validatedEdgeTokensSchema.ts b/frontend/src/openapi/models/validatedEdgeTokensSchema.ts
new file mode 100644
index 00000000000..750b0dc1c36
--- /dev/null
+++ b/frontend/src/openapi/models/validatedEdgeTokensSchema.ts
@@ -0,0 +1,14 @@
+/**
+ * Generated by Orval
+ * Do not edit manually.
+ * See `gen:api` script in package.json
+ */
+import type { EdgeTokenSchema } from './edgeTokenSchema';
+
+/**
+ * A object containing a list of valid Unleash tokens.
+ */
+export interface ValidatedEdgeTokensSchema {
+    /** The list of Unleash token objects. Each object contains the token itself and some additional metadata. */
+    tokens: EdgeTokenSchema[];
+}