fix: remove required constraints from SamlApplicationSettingsSignOn schema

docs/SamlApplicationSettingsSignOn.md

@@ -11,31 +11,31 @@ Name | Type | Description | Notes
 **assertion_encryption** | [**SamlAssertionEncryption**](SamlAssertionEncryption.md) |  | [optional] 
 **assertion_signed** | **bool** | Determines whether the SAML assertion is digitally signed | 
 **attribute_statements** | [**List[SamlAttributeStatement]**](SamlAttributeStatement.md) | A list of custom attribute statements for the app's SAML assertion. See [SAML 2.0 Technical Overview](https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.html).  There are two types of attribute statements: | Type | Description | | ---- | ----------- | | EXPRESSION | Generic attribute statement that can be dynamic and supports [Okta Expression Language](https://developer.okta.com/docs/reference/okta-expression-language/) | | GROUP | Group attribute statement |  | [optional] 
-**audience** | **str** | The entity ID of the SP. Use the entity ID value exactly as provided by the SP. | 
+**audience** | **str** | The entity ID of the SP. Use the entity ID value exactly as provided by the SP. | [optional] 
 **audience_override** | **str** | Audience override for CASB configuration. See [CASB config guide](https://help.okta.com/en-us/Content/Topics/Apps/CASB-config-guide.htm). | [optional] 
-**authn_context_class_ref** | **str** | Identifies the SAML authentication context class for the assertion's authentication statement | 
+**authn_context_class_ref** | **str** | Identifies the SAML authentication context class for the assertion's authentication statement | [optional] 
 **configured_attribute_statements** | [**List[SamlAttributeStatement]**](SamlAttributeStatement.md) | The list of dynamic attribute statements for the SAML assertion inherited from app metadata (apps from the OIN) during app creation.  There are two types of attribute statements: `EXPRESSION` and `GROUP`.  | [optional] 
 **default_relay_state** | **str** | Identifies a specific application resource in an IdP-initiated SSO scenario | [optional] 
-**destination** | **str** | Identifies the location inside the SAML assertion where the SAML response should be sent | 
+**destination** | **str** | Identifies the location inside the SAML assertion where the SAML response should be sent | [optional] 
 **destination_override** | **str** | Destination override for CASB configuration. See [CASB config guide](https://help.okta.com/en-us/Content/Topics/Apps/CASB-config-guide.htm). | [optional] 
-**digest_algorithm** | **str** | Determines the digest algorithm used to digitally sign the SAML assertion and response | 
+**digest_algorithm** | **str** | Determines the digest algorithm used to digitally sign the SAML assertion and response | [optional] 
 **honor_force_authn** | **bool** | Set to `true` to prompt users for their credentials when a SAML request has the `ForceAuthn` attribute set to `true` | 
-**idp_issuer** | **str** | SAML Issuer ID | 
+**idp_issuer** | **str** | SAML Issuer ID | [optional] 
 **inline_hooks** | [**List[SignOnInlineHook]**](SignOnInlineHook.md) | Associates the app with SAML inline hooks. See [the SAML assertion inline hook reference](https://developer.okta.com/docs/reference/saml-hook/). | [optional] 
 **participate_slo** | [**SloParticipate**](SloParticipate.md) |  | [optional] 
-**recipient** | **str** | The location where the app may present the SAML assertion | 
+**recipient** | **str** | The location where the app may present the SAML assertion | [optional] 
 **recipient_override** | **str** | Recipient override for CASB configuration. See [CASB config guide](https://help.okta.com/en-us/Content/Topics/Apps/CASB-config-guide.htm). | [optional] 
 **request_compressed** | **bool** | Determines whether the SAML request is expected to be compressed | 
 **response_signed** | **bool** | Determines whether the SAML authentication response message is digitally signed by the IdP > **Note:** Either (or both) `responseSigned` or `assertionSigned` must be `TRUE`. | 
 **saml_assertion_lifetime_seconds** | **int** | Determines the SAML app session lifetimes with Okta | [optional] 
-**signature_algorithm** | **str** | Determines the signing algorithm used to digitally sign the SAML assertion and response | 
+**signature_algorithm** | **str** | Determines the signing algorithm used to digitally sign the SAML assertion and response | [optional] 
 **slo** | [**SingleLogout**](SingleLogout.md) |  | [optional] 
 **sp_certificate** | [**SamlSpCertificate**](SamlSpCertificate.md) |  | [optional] 
 **sp_issuer** | **str** | The issuer ID for the Service Provider. This property appears when SLO is enabled. | [optional] 
-**sso_acs_url** | **str** | Single Sign-On Assertion Consumer Service (ACS) URL | 
+**sso_acs_url** | **str** | Single Sign-On Assertion Consumer Service (ACS) URL | [optional] 
 **sso_acs_url_override** | **str** | Assertion Consumer Service (ACS) URL override for CASB configuration. See [CASB config guide](https://help.okta.com/en-us/Content/Topics/Apps/CASB-config-guide.htm). | [optional] 
-**subject_name_id_format** | **str** | Identifies the SAML processing rules. Supported values: | 
-**subject_name_id_template** | **str** | Template for app user's username when a user is assigned to the app | 
+**subject_name_id_format** | **str** | Identifies the SAML processing rules. Supported values: | [optional] 
+**subject_name_id_template** | **str** | Template for app user's username when a user is assigned to the app | [optional] 
 
 ## Example
 

okta/models/saml_application_settings_sign_on.py

@@ -80,16 +80,18 @@ class SamlApplicationSettingsSignOn(BaseModel):
         "statement | ",
         alias="attributeStatements",
     )
-    audience: StrictStr = Field(
-        description="The entity ID of the SP. Use the entity ID value exactly as provided by the SP."
+    audience: Optional[StrictStr] = Field(
+        default=None,
+        description="The entity ID of the SP. Use the entity ID value exactly as provided by the SP.",
     )
     audience_override: Optional[StrictStr] = Field(
         default=None,
         description="Audience override for CASB configuration. See [CASB config guide]("
         "https://help.okta.com/en-us/Content/Topics/Apps/CASB-config-guide.htm).",
         alias="audienceOverride",
     )
-    authn_context_class_ref: StrictStr = Field(
+    authn_context_class_ref: Optional[StrictStr] = Field(
+        default=None,
         description="Identifies the SAML authentication context class for the assertion's authentication statement",
         alias="authnContextClassRef",
     )
@@ -104,16 +106,18 @@ class SamlApplicationSettingsSignOn(BaseModel):
         description="Identifies a specific application resource in an IdP-initiated SSO scenario",
         alias="defaultRelayState",
     )
-    destination: StrictStr = Field(
-        description="Identifies the location inside the SAML assertion where the SAML response should be sent"
+    destination: Optional[StrictStr] = Field(
+        default=None,
+        description="Identifies the location inside the SAML assertion where the SAML response should be sent",
     )
     destination_override: Optional[StrictStr] = Field(
         default=None,
         description="Destination override for CASB configuration. See [CASB config guide]("
         "https://help.okta.com/en-us/Content/Topics/Apps/CASB-config-guide.htm).",
         alias="destinationOverride",
     )
-    digest_algorithm: StrictStr = Field(
+    digest_algorithm: Optional[StrictStr] = Field(
+        default=None,
         description="Determines the digest algorithm used to digitally sign the SAML assertion and response",
         alias="digestAlgorithm",
     )
@@ -122,7 +126,9 @@ class SamlApplicationSettingsSignOn(BaseModel):
         "set to `true`",
         alias="honorForceAuthn",
     )
-    idp_issuer: StrictStr = Field(description="SAML Issuer ID", alias="idpIssuer")
+    idp_issuer: Optional[StrictStr] = Field(
+        default=None, description="SAML Issuer ID", alias="idpIssuer"
+    )
     inline_hooks: Optional[List[SignOnInlineHook]] = Field(
         default=None,
         description="Associates the app with SAML inline hooks. See [the SAML assertion inline hook reference]("
@@ -132,8 +138,9 @@ class SamlApplicationSettingsSignOn(BaseModel):
     participate_slo: Optional[SloParticipate] = Field(
         default=None, alias="participateSlo"
     )
-    recipient: StrictStr = Field(
-        description="The location where the app may present the SAML assertion"
+    recipient: Optional[StrictStr] = Field(
+        default=None,
+        description="The location where the app may present the SAML assertion",
     )
     recipient_override: Optional[StrictStr] = Field(
         default=None,
@@ -155,7 +162,8 @@ class SamlApplicationSettingsSignOn(BaseModel):
         description="Determines the SAML app session lifetimes with Okta",
         alias="samlAssertionLifetimeSeconds",
     )
-    signature_algorithm: StrictStr = Field(
+    signature_algorithm: Optional[StrictStr] = Field(
+        default=None,
         description="Determines the signing algorithm used to digitally sign the SAML assertion and response",
         alias="signatureAlgorithm",
     )
@@ -168,7 +176,8 @@ class SamlApplicationSettingsSignOn(BaseModel):
         description="The issuer ID for the Service Provider. This property appears when SLO is enabled.",
         alias="spIssuer",
     )
-    sso_acs_url: StrictStr = Field(
+    sso_acs_url: Optional[StrictStr] = Field(
+        default=None,
         description="Single Sign-On Assertion Consumer Service (ACS) URL",
         alias="ssoAcsUrl",
     )
@@ -178,11 +187,13 @@ class SamlApplicationSettingsSignOn(BaseModel):
         "https://help.okta.com/en-us/Content/Topics/Apps/CASB-config-guide.htm).",
         alias="ssoAcsUrlOverride",
     )
-    subject_name_id_format: StrictStr = Field(
+    subject_name_id_format: Optional[StrictStr] = Field(
+        default=None,
         description="Identifies the SAML processing rules. Supported values:",
         alias="subjectNameIdFormat",
     )
-    subject_name_id_template: StrictStr = Field(
+    subject_name_id_template: Optional[StrictStr] = Field(
+        default=None,
         description="Template for app user's username when a user is assigned to the app",
         alias="subjectNameIdTemplate",
     )
@@ -222,6 +233,9 @@ class SamlApplicationSettingsSignOn(BaseModel):
     @field_validator("authn_context_class_ref")
     def authn_context_class_ref_validate_enum(cls, value):
         """Validates the enum"""
+        if value is None:
+            return value
+
         if value not in set(
             [
                 "urn:federation:authentication:windows",
@@ -245,20 +259,29 @@ def authn_context_class_ref_validate_enum(cls, value):
     @field_validator("digest_algorithm")
     def digest_algorithm_validate_enum(cls, value):
         """Validates the enum"""
+        if value is None:
+            return value
+
         if value not in set(["SHA1", "SHA256"]):
             raise ValueError("must be one of enum values ('SHA1', 'SHA256')")
         return value
 
     @field_validator("signature_algorithm")
     def signature_algorithm_validate_enum(cls, value):
         """Validates the enum"""
+        if value is None:
+            return value
+
         if value not in set(["RSA_SHA1", "RSA_SHA256"]):
             raise ValueError("must be one of enum values ('RSA_SHA1', 'RSA_SHA256')")
         return value
 
     @field_validator("subject_name_id_format")
     def subject_name_id_format_validate_enum(cls, value):
         """Validates the enum"""
+        if value is None:
+            return value
+
         if value not in set(
             [
                 "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",

openapi/api.yaml

@@ -77143,19 +77143,9 @@ components:
       required:
         - allowMultipleAcsEndpoints
         - assertionSigned
-        - audience
-        - authnContextClassRef
-        - destination
-        - digestAlgorithm
         - honorForceAuthn
-        - idpIssuer
-        - recipient
         - requestCompressed
         - responseSigned
-        - signatureAlgorithm
-        - ssoAcsUrl
-        - subjectNameIdFormat
-        - subjectNameIdTemplate
     SamlAssertionEncryption:
       description: Determines if the app supports encrypted assertions
       type: object