## Summary

This Fern regeneration includes several significant changes across 61
files:

### Bug Fix: Pagination (Fixes #783)
- Fixed incorrect page advancement in **64 paginated endpoints** across
all `raw_client.py` files
- **Before (broken):** `page = page + len(_items or [])` — skipped pages
when `per_page > 1`
- **After (fixed):** `page = page + 1` - correctly advances one page at
a time

### New Feature: SDK Logging Infrastructure
- Added configurable logging via new `logging` parameter on the `Auth0`
client
- New `core/logging.py` module with `ConsoleLogger`, `Logger`,
`LogConfig`, and `ILogger` protocol
- Supports log levels: `debug`, `info`, `warn`, `error` with a `silent`
mode (default)
- HTTP request/response logging at debug level with method, URL, status
code
- Sensitive header redaction (`Authorization`, `Cookie`, `X-Api-Key`,
etc.) in log output
- Custom logger support via `ILogger` protocol

### New Types: OAuth1 & DPoP Connection Support
- 10 new connection type files for OAuth1 connections
(`connection_access_token_url_oauth1`, `connection_client_id_oauth1`,
`connection_scripts_oauth1`, etc.)
- DPoP signing algorithm types (`connection_dpop_signing_alg_enum`,
`connection_dpop_signing_alg_values_supported`)
- OIDC metadata types (`connection_options_oidc_metadata`,
`connection_options_common_oidc`)
- New `client_token_exchange_type_enum` and
`resource_server_proof_of_possession_required_for_enum`

### Other Changes
- Self-service profiles: updated response types (`create`, `get`,
`update`) and `self_service_profile` model
- Removed `core/custom_pagination.py` (replaced by standard pagination)
- Updated `reference.md` and test configuration (`conftest.py`)

### Manual Fixes (on top of Fern regeneration)
- Fixed `client_wrapper.py` to accept and forward the `logging`
parameter to `HttpClient`/`AsyncHttpClient` (was missing, causing
`TypeError` at runtime)
- Added `ManagementClient` and `AsyncManagementClient` to
`TYPE_CHECKING` and `__all__` exports in `__init__.py` (Fixes #793)

## Breaking Changes
- `custom_pagination.py` has been removed — any code importing from it
will need to update

## Test Plan
- [x] Pagination: Created 5 roles, paginated with `per_page=2`, verified
3 pages returned with all 5 roles
- [x] Logging: Verified debug logging captures HTTP method/URL/status,
header redaction works, level filtering suppresses lower levels, silent
mode produces zero output
- [x] Existing tests (auth, management, Issue #778) continue to pass

---------

Co-authored-by: fern-api[bot] <115122769+fern-api[bot]@users.noreply.github.com>
Co-authored-by: Snehil Kishore <[email protected]>

…and Management clients (#802)

### Changes

- Add optional `client_info` dict param to `RestClientOptions` to
override the default telemetry payload
- Use provided `client_info` as the `Auth0-Client` header value in
`RestClient` when telemetry is enabled
- Thread `client_info` param through `AuthenticationBase` constructor to
`RestClientOptions`
- Add `client_info` param to `ManagementClient` - encodes and merges
into headers dict
- Add `client_info` param to `AsyncManagementClient` with identical
behavior
- `telemetry=False` still takes precedence and suppresses all telemetry
headers
- `User-Agent` header remains `Python/{version}` regardless of
`client_info`
- No changes to any Fern-generated files (`client.py`,
`client_wrapper.py`, `http_client.py`)

### Usage

```python
# Authentication
from auth0.authentication import GetToken

client = GetToken(
    "tenant.auth0.com",
    client_id="YOUR_CLIENT_ID",
    client_info={"name": "auth0-ai-langchain", "version": "1.0.0", "env": {"python": "3.11.0"}},
)

# Management
from auth0.management import ManagementClient

client = ManagementClient(
    domain="tenant.auth0.com",
    token="YOUR_TOKEN",
    client_info={"name": "auth0-ai-langchain", "version": "1.0.0", "env": {"python": "3.11.0"}},
)
```

…nt SCIM listing; remove MiiCard/Renren providers (#801)

### Changes

#### New API Endpoints
- Add `custom_domains.get_default()`- retrieve the tenant's default
domain (`GET /custom-domains/default`)
- Add `custom_domains.set_default(domain)` - set the default custom
domain for the tenant (`PATCH /custom-domains/default`)
- Add `connections.keys.create(id, request)` - provision initial
connection keys for Okta/OIDC strategies enabling zero-downtime Private
Key JWT transitions (`POST /connections/{id}/keys`)
- Add `connections.scim_configuration.list(from_, take)` - retrieve
paginated list of all SCIM configurations at the tenant level (`GET
/connections-scim-configurations`)

#### Updated Endpoints

**Client Grants**
- `client_grants.create()` -`client_id` is now optional; `audience` is
the first required parameter (signature reorder)

**LinkedIn Connections**
- Restructure `ConnectionOptionsLinkedin`- base class changed from
`ConnectionOptionsOAuth2Common` to `ConnectionOptionsCommon`
- Add new LinkedIn-specific types: `ConnectionClientIdLinkedin`,
`ConnectionClientSecretLinkedin`, `ConnectionFreeformScopesLinkedin`,
`ConnectionScopeLinkedin`
- Add `full_profile`, `network`, `openid` boolean fields to LinkedIn
options

**Documentation Improvements**
- Update Lucene query syntax links from HTTP to HTTPS across Users and
Custom Domains endpoints
- Add parameter descriptions for `oidc_backchannel_logout`,
`jwt_configuration`, `encryption_key`, `mobile` on Clients endpoints
- Improve `user_metadata` / `app_metadata` descriptions on Users
endpoints

#### Removed Types (Legacy Providers)
- Remove MiiCard connection support - `ConnectionOptionsMiicard`,
`ConnectionResponseContentMiicard`,
`CreateConnectionRequestContentMiicard` and related types
- Remove Renren connection support - `ConnectionOptionsRenren`,
`ConnectionResponseContentRenren`,
`CreateConnectionRequestContentRenren` and related types
- Remove `ConnectionDpopSigningAlgEnum` (deprecated)

#### New Types
- Add default domain response types:
`GetDefaultCanonicalDomainResponseContent`,
`GetDefaultCustomDomainResponseContent`,
`GetDefaultDomainResponseContent`, `UpdateDefaultDomainResponseContent`
- Add connection keys types: `PostConnectionKeysAlgEnum`,
`PostConnectionKeysRequestContent`,
`PostConnectionsKeysResponseContent`,
`PostConnectionsKeysResponseContentItem`
- Add `ListScimConfigurationsResponseContent`, `ScimConfiguration` for
tenant-level SCIM listing
- Add `SynchronizeGroupsEnum`, `SynchronizeGroupsEaEnum` for group
synchronization
- Add `ConnectionApiEnableGroups`, `ConnectionApiEnableGroupsGoogleApps`
for group enablement

### Testing

- 559 tests pass (1 skipped), 0 failures across the full test suite
- 4 new wire tests added: `test_customDomains_get_default`,
`test_customDomains_set_default`, `test_connections_keys_create`,
`test_connections_scimConfiguration_list_`

Co-authored-by: fern-api[bot] <115122769+fern-api[bot]@users.noreply.github.com>
Co-authored-by: Snehil Kishore <[email protected]>

…rop Python 3.8; replace Snyk with SCA scan (#808)

## Changes

### Python 3.8 Support Dropped

Python 3.8 reached end-of-life in October 2024. Several security-patched
dependency versions (`aiohttp`, `cryptography`, `urllib3`) require
Python >=3.9, making it impossible to keep 3.8 support while applying
security fixes. The previous minimum (`>=3.8`) allowed installation on
Python versions that can only resolve to **vulnerable** dependency
versions.

- Changed `python` from `^3.8` to `>=3.9.2,<4.0` (3.9.0 and 3.9.1 are
excluded by `cryptography` due to known bugs in those patch releases)
- Removed `Programming Language :: Python :: 3.8` classifier from
`pyproject.toml`
- Updated `README.md`, `v5_MIGRATION_GUIDE.md`, and
`github_discussion_v5_announcement.md` to reflect Python >=3.9

### Dependency Updates

#### Python Dependencies - From Dependabot PRs
- Bump `ruff` from `0.11.5` to `0.15.8`
([#806](#806))
- Bump `responses` upper bound from `<0.26.0` to `<0.28.0`
([#786](#786))

#### Python Dependencies - From Security Review
- Update `aiohttp` from `>=3.10.11` to `>=3.11.18` - fixes multiple
CVEs; previous minimum resolved to versions with known vulnerabilities
on Python 3.8
- Update `cryptography` from `>=43.0.1` to `>=44.0.0` - fixes known
vulnerabilities in older versions
- Update `urllib3` from `>=2.2.3` to `>=2.3.0` - fixes known
vulnerabilities; requires Python >=3.9

#### GitHub Actions
- Bump `codecov/codecov-action` from `5.5.1` to `6.0.0` (SHA pin
updated) ([#805](#805))

#### CI Workflow Changes
- Added `sca_scan.yml` - new SCA scan using `auth0/devsecops-tooling`
reusable workflow with `requirements.txt`
- Removed `snyk.yml` - replaced by the new `sca_scan.yml` reusable
workflow
- Removed `docs.yml` - documentation build workflow removed
- Added `.claude/` to `.gitignore`

**⚠️ Breaking: Python 3.8 support dropped**
- Python 3.8 reached end-of-life in October 2024. This release requires
**Python >=3.9.2**. Users on Python 3.8 should remain on v5.1.0 until
they upgrade their Python version.
[\#808](#808)

**Added**
- feat: Add default domain endpoints, connection key provisioning,
tenant SCIM listing; remove MiiCard/Renren providers
[\#801](#801)
([fern-api[bot]](https://github.com/apps/fern-api))
- feat: Add client_info support for custom telemetry in Authentication
and Management clients
[\#802](#802)
([kishore7snehil](https://github.com/kishore7snehil))
- feat: Add SDK logging infrastructure with configurable log levels and
header redaction [\#785](#785)
([fern-api[bot]](https://github.com/apps/fern-api))

**Fixed**
- fix: Pagination page advancement incorrectly skipping pages
[\#785](#785)
([fern-api[bot]](https://github.com/apps/fern-api))

**Changed**
- chore: Update ruff, aiohttp, cryptography, urllib3, codecov-action;
replace Snyk with SCA scan
[\#808](#808)
([kishore7snehil](https://github.com/kishore7snehil))