Schemathesis v4.6.8 ━━━━━━━━━━━━━━━━━━━ ✅ Loaded specification from http://0.0.0.0:36115/openapi.json (in 1.95s) Base URL: http://0.0.0.0:36115 Specification: Open API 3.1.0 Operations: 229 selected / 229 total Configuration: /home/stranger6667/programming/workbench/schemathes… ✅ API capabilities: Supports NULL byte in headers: ✘ ❌ Examples (in 2.04s) ✅ 34 passed ❌ 17 failed ⏭ 178 skipped ❌ Coverage (in 968.03s) ❌ 229 failed 🚫 Fuzzing (in 2348.55s) ✅ 9 passed ❌ 218 failed 🚫 2 errors ❌ Stateful (in 115.39s) Scenarios: 1866 API Links: 0 covered / 788 selected / 788 total (788 inferred) ✅ 1822 passed ❌ 44 failed ==================================== ERRORS ==================================== ___________________________ PATCH /v1/customers/{id} ___________________________ Runtime Error PointerToNowhere: '/x-bundled/schema1645' does not exist within {'examples': [['911144442', 'us_ein'], ['FR61954506077', 'eu_vat']], 'maxItems': 2, 'minItems': 2, 'prefixItems': [{'type': 'string'}, {'$ref': '#/x-bundled/schema1645'}], 'type': 'array'} Traceback (most recent call last): File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/referencing/_core.py", line 276, in pointer contents = contents[segment] # type: ignore[reportUnknownArgumentType] ~~~~~~~~^^^^^^^^^ KeyError: 'x-bundled' The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 463, in _validate_reference resolved = self._resolver.lookup(ref) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/referencing/_core.py", line 690, in lookup return retrieved.value.pointer(pointer=fragment, resolver=resolver) ~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/referencing/_core.py", line 279, in pointer raise error from lookup_error referencing.exceptions.PointerToNowhere: '/x-bundled/schema1645' does not exist within {'examples': [['911144442', 'us_ein'], ['FR61954506077', 'eu_vat']], 'maxItems': 2, 'minItems': 2, 'prefixItems': [{'type': 'string'}, {'$ref': '#/x-bundled/schema1645'}], 'type': 'array'} The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/schemathesis/engine/phases/unit/_executor.py", line 128, in run_test test_function( ~~~~~~~~~~~~~^ ctx=ctx, ^^^^^^^^ ...<6 lines>... continue_on_failure=continue_on_failure, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ) ^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/schemathesis/generation/hypothesis/builder.py", line 244, in test_func def test_wrapper(*args: Any, **kwargs: Any) -> Any: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/core.py", line 2234, in wrapped_test raise the_error_hypothesis_found File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/schemathesis/specs/openapi/_hypothesis.py", line 199, in openapi_cases body_result = draw(strategy) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/internal/conjecture/data.py", line 1206, in draw return unwrapped.do_draw(self) ~~~~~~~~~~~~~~~~~^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/strategies/_internal/core.py", line 1902, in do_draw return self.definition(data.draw, *self.args, **self.kwargs) ~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis_jsonschema/_from_schema.py", line 711, in from_object_schema out[key] = draw( ~~~~^ merged_as_strategies( ^^^^^^^^^^^^^^^^^^^^^ ...<3 lines>... ) ^ ) ^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/internal/conjecture/data.py", line 1206, in draw return unwrapped.do_draw(self) ~~~~~~~~~~~~~~~~~^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/strategies/_internal/strategies.py", line 840, in do_draw return data.draw(strategy) ~~~~~~~~~^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/internal/conjecture/data.py", line 1206, in draw return unwrapped.do_draw(self) ~~~~~~~~~~~~~~~~~^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/strategies/_internal/strategies.py", line 1190, in do_draw result = self.do_filtered_draw(data) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/strategies/_internal/strategies.py", line 1200, in do_filtered_draw if self.condition(value): ~~~~~~~~~~~~~~^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis_jsonschema/_from_schema.py", line 109, in ): all(v(obj) for v in validators) ~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis_jsonschema/_from_schema.py", line 109, in ): all(v(obj) for v in validators) ~^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 500, in is_valid error = next(self.iter_errors(instance), None) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 384, in iter_errors for error in errors: ^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/_keywords.py", line 444, in prefixItems yield from validator.descend( ...<4 lines>... ) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 432, in descend for error in errors: ^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/_keywords.py", line 275, in ref yield from validator._validate_reference(ref=ref, instance=instance) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 465, in _validate_reference raise exceptions._WrappedReferencingError(err) from err jsonschema.exceptions._WrappedReferencingError: PointerToNowhere: '/x-bundled/schema1645' does not exist within {'examples': [['911144442', 'us_ein'], ['FR61954506077', 'eu_vat']], 'maxItems': 2, 'minItems': 2, 'prefixItems': [{'type': 'string'}, {'$ref': '#/x-bundled/schema1645'}], 'type': 'array'} _____________________________ POST /v1/customers/ ______________________________ Runtime Error PointerToNowhere: '/x-bundled/schema1641' does not exist within {'examples': [['911144442', 'us_ein'], ['FR61954506077', 'eu_vat']], 'maxItems': 2, 'minItems': 2, 'prefixItems': [{'type': 'string'}, {'$ref': '#/x-bundled/schema1641'}], 'type': 'array'} Traceback (most recent call last): File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/referencing/_core.py", line 276, in pointer contents = contents[segment] # type: ignore[reportUnknownArgumentType] ~~~~~~~~^^^^^^^^^ KeyError: 'x-bundled' The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 463, in _validate_reference resolved = self._resolver.lookup(ref) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/referencing/_core.py", line 690, in lookup return retrieved.value.pointer(pointer=fragment, resolver=resolver) ~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/referencing/_core.py", line 279, in pointer raise error from lookup_error referencing.exceptions.PointerToNowhere: '/x-bundled/schema1641' does not exist within {'examples': [['911144442', 'us_ein'], ['FR61954506077', 'eu_vat']], 'maxItems': 2, 'minItems': 2, 'prefixItems': [{'type': 'string'}, {'$ref': '#/x-bundled/schema1641'}], 'type': 'array'} The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/schemathesis/engine/phases/unit/_executor.py", line 128, in run_test test_function( ~~~~~~~~~~~~~^ ctx=ctx, ^^^^^^^^ ...<6 lines>... continue_on_failure=continue_on_failure, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ) ^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/schemathesis/generation/hypothesis/builder.py", line 244, in test_func def test_wrapper(*args: Any, **kwargs: Any) -> Any: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/core.py", line 2234, in wrapped_test raise the_error_hypothesis_found File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/schemathesis/specs/openapi/_hypothesis.py", line 199, in openapi_cases body_result = draw(strategy) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/internal/conjecture/data.py", line 1206, in draw return unwrapped.do_draw(self) ~~~~~~~~~~~~~~~~~^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/strategies/_internal/core.py", line 1902, in do_draw return self.definition(data.draw, *self.args, **self.kwargs) ~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis_jsonschema/_from_schema.py", line 711, in from_object_schema out[key] = draw( ~~~~^ merged_as_strategies( ^^^^^^^^^^^^^^^^^^^^^ ...<3 lines>... ) ^ ) ^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/internal/conjecture/data.py", line 1206, in draw return unwrapped.do_draw(self) ~~~~~~~~~~~~~~~~~^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/strategies/_internal/strategies.py", line 840, in do_draw return data.draw(strategy) ~~~~~~~~~^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/internal/conjecture/data.py", line 1206, in draw return unwrapped.do_draw(self) ~~~~~~~~~~~~~~~~~^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/strategies/_internal/strategies.py", line 1190, in do_draw result = self.do_filtered_draw(data) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis/strategies/_internal/strategies.py", line 1200, in do_filtered_draw if self.condition(value): ~~~~~~~~~~~~~~^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis_jsonschema/_from_schema.py", line 109, in ): all(v(obj) for v in validators) ~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/hypothesis_jsonschema/_from_schema.py", line 109, in ): all(v(obj) for v in validators) ~^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 500, in is_valid error = next(self.iter_errors(instance), None) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 384, in iter_errors for error in errors: ^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/_keywords.py", line 444, in prefixItems yield from validator.descend( ...<4 lines>... ) File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 432, in descend for error in errors: ^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/_keywords.py", line 275, in ref yield from validator._validate_reference(ref=ref, instance=instance) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/stranger6667/programming/workbench/.venv/lib/python3.13/site-packages/jsonschema/validators.py", line 465, in _validate_reference raise exceptions._WrappedReferencingError(err) from err jsonschema.exceptions._WrappedReferencingError: PointerToNowhere: '/x-bundled/schema1641' does not exist within {'examples': [['911144442', 'us_ein'], ['FR61954506077', 'eu_vat']], 'maxItems': 2, 'minItems': 2, 'prefixItems': [{'type': 'string'}, {'$ref': '#/x-bundled/schema1641'}], 'type': 'array'} Need more help? Join our Discord server: https://discord.gg/R9ASRAmHnA =================================== FAILURES =================================== ____________________ PATCH /v1/customer-portal/customers/me ____________________ 1. Test Case ID: dHyhfu - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X PATCH -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": {"country": "FR"}}' http://0.0.0.0:36115/v1/customer-portal/customers/me 2. Test Case ID: oCJQPO - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": null, "billing_name": null, "tax_id": null}' http://0.0.0.0:36115/v1/customer-portal/customers/me __________________ PATCH /v1/customers/external/{external_id} __________________ 1. Test Case ID: erKmJD - API rejected schema-compliant request Valid data should have been accepted Expected: 2xx, 401, 403, 404, 5xx [422] Unprocessable Content: `{"error":"RequestValidationError","detail":[{"type":"value_error","loc":["body","email"],"msg":"customer@example.com is not a valid email address: The domain name example.com does not accept email.","input":"customer@example.com","ctx":{"email":"customer@example.com","reason":"The domain name example.com does not accept email."}}]}` Reproduce with: curl -X PATCH -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"email": "customer@example.com", "name": "John Doe", "billing_address": {"country": "FR"}, "tax_id": ["911144442", "us_ein"]}' http://0.0.0.0:36115/v1/customers/external/0 2. Test Case ID: W5oMBW - Undocumented HTTP status code Received: 401 Documented: 200, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X PATCH -H 'Content-Type: application/json' -d '{"billing_address": null, "email": "customer@example.com", "metadata": {}, "name": null, "tax_id": null}' 'http://0.0.0.0:36115/v1/customers/external/0?include_members=true' 3. Test Case ID: RveWXf - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": null, "email": "customer@example.com", "metadata": {}, "name": null, "tax_id": null}' 'http://0.0.0.0:36115/v1/customers/external/0?include_members=true' ___________________________ GET /v1/customers/export ___________________________ 1. Test Case ID: Qdi1fV - Undocumented Content-Type Received: text/csv; charset=utf-8 Documented: application/json [200] OK: `ID,External ID,Created At,Email,Name,Tax ID,Billing Address Line 1,Billing Address Line 2,Billing Address City,Billing Address State,Billing Address Zip,Billing Address Country,Metadata` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/customers/export?organization_id=1dbfc517-0bbf-4301-9ba8-555ca42b9737' 2. Test Case ID: WDj89c - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X GET 'http://0.0.0.0:36115/v1/customers/export?organization_id=1dbfc517-0bbf-4301-9ba8-555ca42b9737' 3. Test Case ID: q8LFnU - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/customers/export?organization_id=1dbfc517-0bbf-4301-9ba8-555ca42b9737' ____________________________ GET /v1/orders/export _____________________________ 1. Test Case ID: 8qdTgQ - Undocumented Content-Type Received: text/csv; charset=utf-8 Documented: application/json [200] OK: `Email,Created At,Product,Amount,Currency,Status,Invoice number` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/orders/export?organization_id=1dbfc517-0bbf-4301-9ba8-555ca42b9737' 2. Test Case ID: SPb7ns - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/orders/export?product_id=' 3. Test Case ID: AfLmqc - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/orders/export?organization_id=1dbfc517-0bbf-4301-9ba8-555ca42b9737&product_id=' ______________________ GET /v1/organizations/{id}/members ______________________ 1. Test Case ID: 6oo7TV - Undocumented HTTP status code Received: 404 Documented: 200, 422 [404] Not Found: `{"error":"ResourceNotFound","detail":"Not found"}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/organizations/1dbfc517-0bbf-4301-9ba8-555ca42b9737/members 2. Test Case ID: 7Vzy7N - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X GET http://0.0.0.0:36115/v1/organizations/1dbfc517-0bbf-4301-9ba8-555ca42b9737/members 3. Test Case ID: tO6VTQ - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/organizations/1dbfc517-0bbf-4301-9ba8-555ca42b9737/members _________________________ GET /v1/subscriptions/export _________________________ 1. Test Case ID: UXvYpH - Undocumented Content-Type Received: text/csv; charset=utf-8 Documented: application/json [200] OK: `Email,Created At,Active,Product,Price,Currency,Interval` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/subscriptions/export?organization_id=1dbfc517-0bbf-4301-9ba8-555ca42b9737' 2. Test Case ID: J1Hlv3 - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X GET 'http://0.0.0.0:36115/v1/subscriptions/export?organization_id=1dbfc517-0bbf-4301-9ba8-555ca42b9737' 3. Test Case ID: y99Ulc - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/subscriptions/export?organization_id=1dbfc517-0bbf-4301-9ba8-555ca42b9737' ___________________________ PATCH /v1/accounts/{id} ____________________________ 1. Test Case ID: 8AKYqX - Undocumented HTTP status code Received: 404 Documented: 200, 422 [404] Not Found: `{"error":"ResourceNotFound","detail":"Not found"}` Reproduce with: curl -X PATCH -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": {"country": "FR"}}' http://0.0.0.0:36115/v1/accounts/e3e70682-c209-4cac-629f-6fbed82c07cd 2. Test Case ID: mkAZjr - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X PATCH -H 'Content-Type: application/json' -d '{"billing_additional_info": null, "billing_address": null, "billing_name": null, "billing_notes": null}' http://0.0.0.0:36115/v1/accounts/e3e70682-c209-4cac-629f-6fbed82c07cd 3. Test Case ID: XptguD - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_additional_info": null, "billing_address": null, "billing_name": null, "billing_notes": null}' http://0.0.0.0:36115/v1/accounts/e3e70682-c209-4cac-629f-6fbed82c07cd ___________________________ PATCH /v1/checkouts/{id} ___________________________ 1. Test Case ID: 12GUfN - API rejected schema-compliant request Valid data should have been accepted Expected: 2xx, 401, 403, 404, 5xx [422] Unprocessable Content: `{"error":"RequestValidationError","detail":[{"type":"uuid_parsing","loc":["path","id"],"msg":"Input should be a valid UUID, invalid length: expected length 32 for simple format, found 1","input":"0","ctx":{"error":"invalid length: expected length 32 for simple format, found 1"}}]}` Reproduce with: curl -X PATCH -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"customer_name": "John Doe", "customer_billing_address": {"country": "FR"}}' http://0.0.0.0:36115/v1/checkouts/0 2. Test Case ID: vyfbqE - Undocumented HTTP status code Received: 401 Documented: 200, 404, 403, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X PATCH -H 'Content-Type: application/json' -d '{"allow_discount_codes": null, "allow_trial": null, "amount": null, "custom_field_data": {}, "customer_billing_address": null, "customer_billing_name": null, "customer_email": null, "customer_ip_address": null, "customer_metadata": {}, "customer_name": null, "customer_tax_id": null, "discount_id": null, "embed_origin": null, "is_business_customer": null, "metadata": {}, "product_id": null, "product_price_id": null, "require_billing_address": null, "return_url": null, "seats": null, "success_url": null, "trial_interval": null, "trial_interval_count": null}' http://0.0.0.0:36115/v1/checkouts/0 3. Test Case ID: 5RyjYE - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"allow_discount_codes": null, "allow_trial": null, "amount": null, "custom_field_data": {}, "customer_billing_address": null, "customer_billing_name": null, "customer_email": null, "customer_ip_address": null, "customer_metadata": {}, "customer_name": null, "customer_tax_id": null, "discount_id": null, "embed_origin": null, "is_business_customer": null, "metadata": {}, "product_id": null, "product_price_id": null, "require_billing_address": null, "return_url": null, "seats": null, "success_url": null, "trial_interval": null, "trial_interval_count": null}' http://0.0.0.0:36115/v1/checkouts/0 ____________________ PATCH /v1/customer-portal/orders/{id} _____________________ 1. Test Case ID: 9JIF2F - Undocumented HTTP status code Received: 401 Documented: 200, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X PATCH -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": {"country": "FR"}, "billing_name": null}' http://0.0.0.0:36115/v1/customer-portal/orders/0 2. Test Case ID: iJ5hWm - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": null, "billing_name": null}' http://0.0.0.0:36115/v1/customer-portal/orders/0 ___________________________ PATCH /v1/customers/{id} ___________________________ 1. Test Case ID: mifUZ6 - API rejected schema-compliant request Valid data should have been accepted Expected: 2xx, 401, 403, 404, 5xx [422] Unprocessable Content: `{"error":"RequestValidationError","detail":[{"type":"uuid_parsing","loc":["path","id"],"msg":"Input should be a valid UUID, invalid length: expected length 32 for simple format, found 1","input":"0","ctx":{"error":"invalid length: expected length 32 for simple format, found 1"}},{"type":"value_error","loc":["body","email"],"msg":"customer@example.com is not a valid email address: The domain name example.com does not accept email.","input":"customer@example.com","ctx":{"email":"customer@example.com","reason" // Output truncated...` Reproduce with: curl -X PATCH -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"email": "customer@example.com", "name": "John Doe", "billing_address": {"country": "FR"}, "tax_id": ["911144442", "us_ein"], "external_id": "usr_1337"}' http://0.0.0.0:36115/v1/customers/0 2. Test Case ID: gEjkXZ - Undocumented HTTP status code Received: 401 Documented: 200, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X PATCH -H 'Content-Type: application/json' -d '{"billing_address": null, "email": "customer@example.com", "external_id": "usr_1337", "metadata": {}, "name": null, "tax_id": null}' 'http://0.0.0.0:36115/v1/customers/0?include_members=true' 3. Test Case ID: SyEGeu - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": null, "email": "customer@example.com", "external_id": "usr_1337", "metadata": {}, "name": null, "tax_id": null}' 'http://0.0.0.0:36115/v1/customers/0?include_members=true' ____________________________ PATCH /v1/orders/{id} _____________________________ 1. Test Case ID: GtBU8A - API rejected schema-compliant request Valid data should have been accepted Expected: 2xx, 401, 403, 404, 5xx [422] Unprocessable Content: `{"error":"RequestValidationError","detail":[{"type":"uuid_parsing","loc":["path","id"],"msg":"Input should be a valid UUID, invalid length: expected length 32 for simple format, found 1","input":"0","ctx":{"error":"invalid length: expected length 32 for simple format, found 1"}}]}` Reproduce with: curl -X PATCH -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": {"country": "FR"}, "billing_name": null}' http://0.0.0.0:36115/v1/orders/0 2. Test Case ID: pTCzkp - Undocumented HTTP status code Received: 401 Documented: 200, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X PATCH -H 'Content-Type: application/json' -d '{"billing_address": null, "billing_name": null}' http://0.0.0.0:36115/v1/orders/0 3. Test Case ID: a6UM1D - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": null, "billing_name": null}' http://0.0.0.0:36115/v1/orders/0 ______________________ PATCH /v1/webhooks/endpoints/{id} _______________________ 1. Test Case ID: 6SBdIb - API rejected schema-compliant request Valid data should have been accepted Expected: 2xx, 401, 403, 404, 5xx [422] Unprocessable Content: `{"error":"RequestValidationError","detail":[{"type":"uuid_parsing","loc":["path","id"],"msg":"Input should be a valid UUID, invalid length: expected length 32 for simple format, found 1","input":"0","ctx":{"error":"invalid length: expected length 32 for simple format, found 1"}}]}` Reproduce with: curl -X PATCH -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"url": "https://webhook.site/cb791d80-f26e-4f8c-be88-6e56054192b0", "secret": "polar_whs_ovyN6cPrTv56AApvzCaJno08SSmGJmgbWilb33N2JuK"}' http://0.0.0.0:36115/v1/webhooks/endpoints/0 2. Test Case ID: UBvNnj - Undocumented HTTP status code Received: 401 Documented: 200, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X PATCH -H 'Content-Type: application/json' -d '{"enabled": null, "events": null, "format": null, "secret": null, "url": null}' http://0.0.0.0:36115/v1/webhooks/endpoints/0 3. Test Case ID: VO5L3D - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"enabled": null, "events": null, "format": null, "secret": null, "url": null}' http://0.0.0.0:36115/v1/webhooks/endpoints/0 _____________________________ POST /v1/customers/ ______________________________ 1. Test Case ID: 7ppMPj - API rejected schema-compliant request Valid data should have been accepted Expected: 2xx, 401, 403, 404, 5xx [422] Unprocessable Content: `{"error":"RequestValidationError","detail":[{"type":"value_error","loc":["body","email"],"msg":"customer@example.com is not a valid email address: The domain name example.com does not accept email.","input":"customer@example.com","ctx":{"email":"customer@example.com","reason":"The domain name example.com does not accept email."}},{"type":"value_error","loc":["body","owner","email"],"msg":"member@example.com is not a valid email address: The domain name example.com does not accept email.","input":"member@exa // Output truncated...` Reproduce with: curl -X POST -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"external_id": "usr_1337", "email": "customer@example.com", "name": "John Doe", "billing_address": {"country": "FR"}, "tax_id": ["911144442", "us_ein"], "organization_id": "1dbfc517-0bbf-4301-9ba8-555ca42b9737", "owner": {"email": "member@example.com", "name": "Jane Doe", "external_id": "usr_1337"}}' http://0.0.0.0:36115/v1/customers/ 2. Test Case ID: KBJe5w - Undocumented HTTP status code Received: 401 Documented: 201, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X POST -H 'Content-Type: application/json' -d '{"billing_address": null, "email": "customer@example.com", "external_id": "usr_1337", "metadata": {}, "name": null, "organization_id": null, "owner": null, "tax_id": null}' 'http://0.0.0.0:36115/v1/customers/?include_members=true' 3. Test Case ID: j2LxxP - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"billing_address": null, "email": "customer@example.com", "external_id": "usr_1337", "metadata": {}, "name": null, "organization_id": null, "owner": null, "tax_id": null}' 'http://0.0.0.0:36115/v1/customers/?include_members=true' _______________________________ POST /v1/meters/ _______________________________ 1. Test Case ID: yOKnHE - API rejected schema-compliant request Valid data should have been accepted Expected: 2xx, 401, 403, 404, 5xx [422] Unprocessable Content: `{"error":"RequestValidationError","detail":[{"type":"union_tag_not_found","loc":["body","aggregation"],"msg":"Unable to extract tag using discriminator 'func'","input":{"property":""},"ctx":{"discriminator":"'func'"}}]}` Reproduce with: curl -X POST -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"organization_id": "1dbfc517-0bbf-4301-9ba8-555ca42b9737", "name": "000", "filter": {"clauses": [], "conjunction": "or"}, "aggregation": {"property": ""}}' http://0.0.0.0:36115/v1/meters/ 2. Test Case ID: yAQnJj - Undocumented HTTP status code Received: 401 Documented: 201, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X POST -H 'Content-Type: application/json' -d '{"aggregation": {}, "filter": {"clauses": [], "conjunction": "or"}, "metadata": {}, "name": "000", "organization_id": null}' http://0.0.0.0:36115/v1/meters/ 3. Test Case ID: 9yTqmu - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"aggregation": {}, "filter": {"clauses": [], "conjunction": "or"}, "metadata": {}, "name": "000", "organization_id": null}' http://0.0.0.0:36115/v1/meters/ __________________ POST /v1/organizations/{id}/members/invite __________________ 1. Test Case ID: rURDEo - Undocumented HTTP status code Received: 404 Documented: 200, 422 [404] Not Found: `{"error":"ResourceNotFound","detail":"Not found"}` Reproduce with: curl -X POST -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"email": "0@A.COM"}' http://0.0.0.0:36115/v1/organizations/1dbfc517-0bbf-4301-9ba8-555ca42b9737/members/invite 2. Test Case ID: hgpOHH - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X POST -H 'Content-Type: application/json' -d '{"email": "0@A.COM"}' http://0.0.0.0:36115/v1/organizations/1dbfc517-0bbf-4301-9ba8-555ca42b9737/members/invite 3. Test Case ID: TiIzaT - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"email": "0@A.COM"}' http://0.0.0.0:36115/v1/organizations/1dbfc517-0bbf-4301-9ba8-555ca42b9737/members/invite _________________________ POST /v1/wallets/{id}/top-up _________________________ 1. Test Case ID: u06I6L - API rejected schema-compliant request Valid data should have been accepted Expected: 2xx, 401, 403, 404, 5xx [422] Unprocessable Content: `{"error":"RequestValidationError","detail":[{"type":"uuid_parsing","loc":["path","id"],"msg":"Input should be a valid UUID, invalid length: expected length 32 for simple format, found 1","input":"0","ctx":{"error":"invalid length: expected length 32 for simple format, found 1"}}]}` Reproduce with: curl -X POST -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"amount": 2000, "currency": "usd"}' http://0.0.0.0:36115/v1/wallets/0/top-up 2. Test Case ID: xqnxYx - Undocumented HTTP status code Received: 401 Documented: 200, 201, 400, 404, 402, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X POST -H 'Content-Type: application/json' -d '{"amount": 2000, "currency": "usd"}' http://0.0.0.0:36115/v1/wallets/0/top-up 3. Test Case ID: paogUy - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"amount": 2000, "currency": "usd"}' http://0.0.0.0:36115/v1/wallets/0/top-up _________________________ POST /v1/webhooks/endpoints __________________________ 1. Test Case ID: Zf0EtS - API rejected schema-compliant request Valid data should have been accepted Expected: 2xx, 401, 403, 404, 5xx [422] Unprocessable Content: `{"error":"PolarRequestValidationError","detail":[{"type":"value_error","loc":["body","organization_id"],"msg":"Organization not found.","input":"1dbfc517-0bbf-4301-9ba8-555ca42b9737"}]}` Reproduce with: curl -X POST -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"url": "https://webhook.site/cb791d80-f26e-4f8c-be88-6e56054192b0", "secret": "polar_whs_ovyN6cPrTv56AApvzCaJno08SSmGJmgbWilb33N2JuK", "organization_id": "1dbfc517-0bbf-4301-9ba8-555ca42b9737", "format": "raw", "events": []}' http://0.0.0.0:36115/v1/webhooks/endpoints 2. Test Case ID: nmWOh7 - Undocumented HTTP status code Received: 401 Documented: 201, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X POST -H 'Content-Type: application/json' -d '{"events": [], "format": "raw", "organization_id": null, "secret": null, "url": "https://webhook.site/cb791d80-f26e-4f8c-be88-6e56054192b0"}' http://0.0.0.0:36115/v1/webhooks/endpoints 3. Test Case ID: mpksNh - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' -H 'Content-Type: application/json' -d '{"events": [], "format": "raw", "organization_id": null, "secret": null, "url": "https://webhook.site/cb791d80-f26e-4f8c-be88-6e56054192b0"}' http://0.0.0.0:36115/v1/webhooks/endpoints _________ DELETE /v1/customer-portal/customers/me/payment-methods/{id} _________ 1. Test Case ID: X0R34F - Undocumented HTTP status code Received: 401 Documented: 204, 400, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X DELETE http://0.0.0.0:36115/v1/customer-portal/customers/me/payment-methods/0 _________________ DELETE /v1/customers/external/{external_id} __________________ 1. Test Case ID: y2EKvB - Undocumented HTTP status code Received: 401 Documented: 204, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X DELETE http://0.0.0.0:36115/v1/customers/external/0 ____________________ DELETE /v1/oauth2/register/{client_id} ____________________ 1. Test Case ID: gn3VZB - Missing header not rejected Got 400 when missing required 'Authorization' header, expected 401 - Undocumented HTTP status code Received: 400 Documented: 200, 422 [400] Bad Request: `{"error": "access_denied", "error_description": "The resource owner or authorization server denied the request"}` Reproduce with: curl -X DELETE http://0.0.0.0:36115/v1/oauth2/register/0 2. Test Case ID: 8EnbaH - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_client", "error_description": "The client does not exist on this server."}` Reproduce with: curl -X DELETE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/oauth2/register/0 _____________________________ DELETE /v1/users/me ______________________________ 1. Test Case ID: Hoh2xY - Undocumented HTTP status code Received: 401 Documented: 200 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X DELETE http://0.0.0.0:36115/v1/users/me ________________ DELETE /v1/users/me/oauth-accounts/{platform} _________________ 1. Test Case ID: 02oON2 - Undocumented HTTP status code Received: 401 Documented: 204, 404, 400, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X DELETE http://0.0.0.0:36115/v1/users/me/oauth-accounts/github 2. Test Case ID: UKBZHo - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/users/me/oauth-accounts/github ___________________________ GET /v1/accounts/search ____________________________ 1. Test Case ID: pdMqZZ - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/accounts/search?page=0' 2. Test Case ID: D7IEwM - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/accounts/search?page=1&limit=10' _____________________________ GET /v1/auth/logout ______________________________ 1. Test Case ID: 6J0Qmw - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/auth/logout 2. Test Case ID: juBzZl - Undocumented HTTP status code Received: 401 Documented: 200 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/auth/logout ___________________ GET /v1/checkouts/client/{client_secret} ___________________ 1. Test Case ID: iXDb6y - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/checkouts/client/0 2. Test Case ID: QpY2eX - Undocumented HTTP status code Received: 401 Documented: 200, 404, 410, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/checkouts/client/0 _____________ GET /v1/customer-portal/customer-session/introspect ______________ 1. Test Case ID: e5JS1b - Undocumented HTTP status code Received: 401 Documented: 200 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X GET http://0.0.0.0:36115/v1/customer-portal/customer-session/introspect 2. Test Case ID: Er8QmW - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-portal/customer-session/introspect _____________________ GET /v1/customer-portal/customers/me _____________________ 1. Test Case ID: RZ2EcN - Undocumented HTTP status code Received: 401 Documented: 200 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X GET http://0.0.0.0:36115/v1/customer-portal/customers/me 2. Test Case ID: 9UPwdj - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-portal/customers/me _____________ GET /v1/customer-portal/customers/me/payment-methods _____________ 1. Test Case ID: jB4rew - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/customer-portal/customers/me/payment-methods?page=0' 2. Test Case ID: 8CEanD - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/customer-portal/customers/me/payment-methods?page=1&limit=10' ________________ GET /v1/customer-portal/downloadables/{token} _________________ 1. Test Case ID: cHdji4 - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-portal/downloadables/0 2. Test Case ID: aQnrIe - Undocumented HTTP status code Received: 401 Documented: 200, 302, 400, 404, 410, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-portal/downloadables/0 __________________ GET /v1/customer-portal/license-keys/{id} ___________________ 1. Test Case ID: 65648X - Undocumented HTTP status code Received: 401 Documented: 200, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X GET http://0.0.0.0:36115/v1/customer-portal/license-keys/0 2. Test Case ID: N6XmHg - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-portal/license-keys/0 _______________ GET /v1/customer-portal/oauth-accounts/callback ________________ 1. Test Case ID: CHdiIo - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/customer-portal/oauth-accounts/callback?error=null&error=null&state=' 2. Test Case ID: 8yBr2h - Server error - Missing header not rejected Got 500 when missing required 'Authorization' header, expected 401 - Undocumented HTTP status code Received: 500 Documented: 200, 422 [500] Internal Server Error: `Internal Server Error` Reproduce with: curl -X GET 'http://0.0.0.0:36115/v1/customer-portal/oauth-accounts/callback?state=&code=&error=' 3. Test Case ID: FpvSNT - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/customer-portal/oauth-accounts/callback?state=&code=&error=' _________________ GET /v1/customer-portal/organizations/{slug} _________________ 1. Test Case ID: QdK3Dk - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-portal/organizations/0 2. Test Case ID: VJta01 - Undocumented HTTP status code Received: 401 Documented: 200, 404, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-portal/organizations/0 _________________ GET /v1/customer-portal/seats/subscriptions __________________ 1. Test Case ID: 6ihdxV - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-portal/seats/subscriptions _______________________ GET /v1/customer-portal/wallets/ _______________________ 1. Test Case ID: U8a4Zf - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/customer-portal/wallets/?page=1' 2. Test Case ID: YYCkEb - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/customer-portal/wallets/?page=1&limit=10' _______________ GET /v1/customer-seats/claim/{invitation_token} ________________ 1. Test Case ID: bKvKdi - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-seats/claim/0 2. Test Case ID: yXdwTV - Undocumented HTTP status code Received: 401 Documented: 200, 400, 403, 404, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customer-seats/claim/0 ___________________ GET /v1/customers/external/{external_id} ___________________ 1. Test Case ID: YUx6u1 - Undocumented HTTP status code Received: 401 Documented: 200, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X GET 'http://0.0.0.0:36115/v1/customers/external/0?include_members=true' 2. Test Case ID: g49Ypu - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/customers/external/0?include_members=true' ________________ GET /v1/customers/external/{external_id}/state ________________ 1. Test Case ID: VVcB0d - Undocumented HTTP status code Received: 401 Documented: 200, 404, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X GET http://0.0.0.0:36115/v1/customers/external/0/state 2. Test Case ID: woOvuf - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/customers/external/0/state _____________________ GET /v1/integrations/apple/authorize _____________________ 1. Test Case ID: bJqJwK - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/integrations/apple/authorize?return_to=null&return_to=null' 2. Test Case ID: 5Hbphd - Missing header not rejected Got 403 when missing required 'Authorization' header, expected 401 - Undocumented HTTP status code Received: 403 Documented: 200, 422 [403] Forbidden: ` 403 Forbidden

403 Forbidden

Apple
` Reproduce with: curl -X GET 'http://0.0.0.0:36115/v1/integrations/apple/authorize?return_to=&attribution=' 3. Test Case ID: wG7U2t - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/integrations/apple/authorize?return_to=&attribution=' __________________ GET /v1/integrations/discord/bot/authorize __________________ 1. Test Case ID: 3nGmLP - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error":"Unauthorized","detail":"Unauthorized"}` Reproduce with: curl -X GET 'http://0.0.0.0:36115/v1/integrations/discord/bot/authorize?return_to=' 2. Test Case ID: BkZOfa - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/integrations/discord/bot/authorize?return_to=' __________________ GET /v1/integrations/discord/bot/callback ___________________ 1. Test Case ID: CkfZCW - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/integrations/discord/bot/callback?state=&code_verifier=&error=' 2. Test Case ID: ztdTyC - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/integrations/discord/bot/callback?state=&code=&code_verifier=&error=' __________________ GET /v1/integrations/discord/guild/lookup ___________________ 1. Test Case ID: PvOQXS - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' http://0.0.0.0:36115/v1/integrations/discord/guild/lookup 2. Test Case ID: C0u2qY - Unsupported methods Unsupported method TRACE returned 401, expected 405 Method Not Allowed Return 405 for methods not listed in the OpenAPI spec [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X TRACE -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/integrations/discord/guild/lookup?guild_token=%5BFiltered%5D' ____________________ GET /v1/integrations/github/authorize _____________________ 1. Test Case ID: x533Tq - Undocumented HTTP status code Received: 401 Documented: 200, 422 [401] Unauthorized: `{"error": "invalid_token", "error_description": "The access token provided is expired, revoked, malformed, or invalid for other reasons."}` Reproduce with: curl -X GET -H 'Authorization: [Filtered]' 'http://0.0.0.0:36115/v1/integrations/github/authorize?payment_intent_id=&return_to=' 2. Test Case ID: SQ5leo - API accepts requests without authentication Expected 401, got `200 OK` for `GET /v1/integrations/github/authorize` - Missing header not rejected Got 200 when missing required 'Authorization' header, expected 401 - Undocumented Content-Type Received: text/html; charset=utf-8 Documented: application/json [200] OK: `