From 6b6865d02e40085069223899e2cf8a9b79c3c4c8 Mon Sep 17 00:00:00 2001
From: Akshat Dubey <akshat.dubey@sourcefuse.com>
Date: Fri, 23 Jul 2021 14:50:40 +0530
Subject: [PATCH] fix(bpmn-service): fix readme for bpmn service

GH-211
---
 .../src/providers/bpmn.provider.ts            |   15 +-
 services/authentication-service/openapi.json  |  434 +++++
 services/authentication-service/openapi.md    | 1390 +++++++++++++++--
 .../src/controllers/index.ts                  |   10 +
 services/bpmn-service/README.md               |   37 +-
 5 files changed, 1689 insertions(+), 197 deletions(-)

diff --git a/sandbox/workflow-ms-example/src/providers/bpmn.provider.ts b/sandbox/workflow-ms-example/src/providers/bpmn.provider.ts
index f9daf29b7b..5b109bb584 100644
--- a/sandbox/workflow-ms-example/src/providers/bpmn.provider.ts
+++ b/sandbox/workflow-ms-example/src/providers/bpmn.provider.ts
@@ -1,16 +1,15 @@
-import {bind, BindingScope, Provider, service} from '@loopback/core';
-import {AnyObject} from '@loopback/repository';
-import {HttpErrors} from '@loopback/rest';
-import {WorflowManager, Workflow, WorkflowDto} from '@sourceloop/bpmn-service';
-import {WorkflowVersion} from '../../../../services/bpmn-service/dist';
-import {CamundaService} from '../services/camunda.service';
+import { bind, BindingScope, Provider, service } from '@loopback/core';
+import { AnyObject } from '@loopback/repository';
+import { HttpErrors } from '@loopback/rest';
+import { WorflowManager, Workflow, WorkflowVersion, WorkflowDto } from '@sourceloop/bpmn-service';
+import { CamundaService } from '../services/camunda.service';
 
-@bind({scope: BindingScope.TRANSIENT})
+@bind({ scope: BindingScope.TRANSIENT })
 export class BpmnProvider implements Provider<WorflowManager> {
   constructor(
     @service(CamundaService)
     private readonly camunda: CamundaService,
-  ) {}
+  ) { }
   value(): WorflowManager {
     return {
       getWorkflowById: async workflow => {
diff --git a/services/authentication-service/openapi.json b/services/authentication-service/openapi.json
index af33afe6c1..ebaec14c8c 100644
--- a/services/authentication-service/openapi.json
+++ b/services/authentication-service/openapi.json
@@ -7,6 +7,44 @@
     "contact": {}
   },
   "paths": {
+    "/auth/apple-oauth-redirect": {
+      "get": {
+        "x-controller-name": "AppleLoginController",
+        "x-operation-name": "appleCallback",
+        "tags": [
+          "AppleLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "Apple Redirect Token Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "code",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "state",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "operationId": "AppleLoginController.appleCallback"
+      }
+    },
     "/auth/change-password": {
       "patch": {
         "x-controller-name": "LoginController",
@@ -45,6 +83,75 @@
         "operationId": "LoginController.resetPassword"
       }
     },
+    "/auth/facebook": {
+      "post": {
+        "x-controller-name": "FacebookLoginController",
+        "x-operation-name": "postLoginViaFacebook",
+        "tags": [
+          "FacebookLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "POST Call for Facebook based login",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "requestBody": {
+          "content": {
+            "application/x-www-form-urlencoded": {
+              "schema": {
+                "$ref": "#/components/schemas/ClientAuthRequest"
+              }
+            }
+          }
+        },
+        "operationId": "FacebookLoginController.postLoginViaFacebook"
+      }
+    },
+    "/auth/facebook-auth-redirect": {
+      "get": {
+        "x-controller-name": "FacebookLoginController",
+        "x-operation-name": "facebookCallback",
+        "tags": [
+          "FacebookLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "Facebook Redirect Token Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "code",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "state",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "operationId": "FacebookLoginController.facebookCallback"
+      }
+    },
     "/auth/forget-password": {
       "post": {
         "x-controller-name": "ForgetPasswordController",
@@ -93,6 +200,288 @@
         "operationId": "ForgetPasswordController.forgetPassword"
       }
     },
+    "/auth/google": {
+      "post": {
+        "x-controller-name": "GoogleLoginController",
+        "x-operation-name": "postLoginViaGoogle",
+        "tags": [
+          "GoogleLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "POST Call for Google based login",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "requestBody": {
+          "content": {
+            "application/x-www-form-urlencoded": {
+              "schema": {
+                "$ref": "#/components/schemas/ClientAuthRequest"
+              }
+            }
+          }
+        },
+        "operationId": "GoogleLoginController.postLoginViaGoogle"
+      },
+      "get": {
+        "x-controller-name": "GoogleLoginController",
+        "x-operation-name": "loginViaGoogle",
+        "tags": [
+          "GoogleLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "Google Token Response (Deprecated: Possible security issue if secret is passed via query params, please use the post endpoint)",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "deprecated": true,
+        "parameters": [
+          {
+            "name": "client_id",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "client_secret",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "operationId": "GoogleLoginController.loginViaGoogle"
+      }
+    },
+    "/auth/google-auth-redirect": {
+      "get": {
+        "x-controller-name": "GoogleLoginController",
+        "x-operation-name": "googleCallback",
+        "tags": [
+          "GoogleLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "Google Redirect Token Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "code",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "state",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "operationId": "GoogleLoginController.googleCallback"
+      }
+    },
+    "/auth/instagram": {
+      "post": {
+        "x-controller-name": "InstagramLoginController",
+        "x-operation-name": "postLoginViaInstagram",
+        "tags": [
+          "InstagramLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "POST Call for Instagram based login",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "requestBody": {
+          "content": {
+            "application/x-www-form-urlencoded": {
+              "schema": {
+                "$ref": "#/components/schemas/ClientAuthRequest"
+              }
+            }
+          }
+        },
+        "operationId": "InstagramLoginController.postLoginViaInstagram"
+      }
+    },
+    "/auth/instagram-auth-redirect": {
+      "get": {
+        "x-controller-name": "InstagramLoginController",
+        "x-operation-name": "instagramCallback",
+        "tags": [
+          "InstagramLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "Instagram Redirect Token Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "code",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "state",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "operationId": "InstagramLoginController.instagramCallback"
+      }
+    },
+    "/auth/keycloak": {
+      "post": {
+        "x-controller-name": "KeycloakLoginController",
+        "x-operation-name": "postLoginViaKeycloak",
+        "tags": [
+          "KeycloakLoginController"
+        ],
+        "description": "POST Call for keycloak based login",
+        "responses": {
+          "200": {
+            "description": "Keycloak Token Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "requestBody": {
+          "content": {
+            "application/x-www-form-urlencoded": {
+              "schema": {
+                "$ref": "#/components/schemas/ClientAuthRequest"
+              }
+            }
+          }
+        },
+        "operationId": "KeycloakLoginController.postLoginViaKeycloak"
+      },
+      "get": {
+        "x-controller-name": "KeycloakLoginController",
+        "x-operation-name": "loginViaKeycloak",
+        "tags": [
+          "KeycloakLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "Keycloak Token Response (Deprecated: Possible security issue if secret is passed via query params, please use the post endpoint)",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "deprecated": true,
+        "parameters": [
+          {
+            "name": "client_id",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "client_secret",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "operationId": "KeycloakLoginController.loginViaKeycloak"
+      }
+    },
+    "/auth/keycloak-auth-redirect": {
+      "get": {
+        "x-controller-name": "KeycloakLoginController",
+        "x-operation-name": "keycloakCallback",
+        "tags": [
+          "KeycloakLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "Keycloak Redirect Token Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TokenResponse"
+                }
+              }
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "code",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "state",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "operationId": "KeycloakLoginController.keycloakCallback"
+      }
+    },
     "/auth/login": {
       "post": {
         "x-controller-name": "LoginController",
@@ -218,6 +607,31 @@
         "operationId": "LoginController.me"
       }
     },
+    "/auth/oauth-apple": {
+      "post": {
+        "x-controller-name": "AppleLoginController",
+        "x-operation-name": "postLoginViaApple",
+        "tags": [
+          "AppleLoginController"
+        ],
+        "responses": {
+          "200": {
+            "description": "POST Call for Apple based login",
+            "content": {}
+          }
+        },
+        "requestBody": {
+          "content": {
+            "application/x-www-form-urlencoded": {
+              "schema": {
+                "$ref": "#/components/schemas/ClientAuthRequest"
+              }
+            }
+          }
+        },
+        "operationId": "AppleLoginController.postLoginViaApple"
+      }
+    },
     "/auth/reset-password": {
       "patch": {
         "x-controller-name": "ForgetPasswordController",
@@ -1175,6 +1589,26 @@
         ],
         "additionalProperties": false
       },
+      "ClientAuthRequest": {
+        "title": "ClientAuthRequest",
+        "type": "object",
+        "description": "This is signature for client authentication request.",
+        "properties": {
+          "client_id": {
+            "type": "string",
+            "description": "This property is supposed to be a string and is a required field"
+          },
+          "client_secret": {
+            "type": "string",
+            "description": "This property is supposed to be a string and is a required field"
+          }
+        },
+        "required": [
+          "client_id",
+          "client_secret"
+        ],
+        "additionalProperties": false
+      },
       "SuccessResponse": {
         "title": "SuccessResponse",
         "type": "object",
diff --git a/services/authentication-service/openapi.md b/services/authentication-service/openapi.md
index 48b1e9d0af..8d2869d4a7 100644
--- a/services/authentication-service/openapi.md
+++ b/services/authentication-service/openapi.md
@@ -30,6 +30,170 @@ Base URLs:
 
 - HTTP Authentication, scheme: bearer 
 
+<h1 id="authentication-service-applelogincontroller">AppleLoginController</h1>
+
+## AppleLoginController.appleCallback
+
+<a id="opIdAppleLoginController.appleCallback"></a>
+
+> Code samples
+
+```javascript
+
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/apple-oauth-redirect',
+{
+  method: 'GET',
+
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/apple-oauth-redirect',
+{
+  method: 'GET',
+
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`GET /auth/apple-oauth-redirect`
+
+<h3 id="applelogincontroller.applecallback-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|code|query|string|false|none|
+|state|query|string|false|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
+}
+```
+
+<h3 id="applelogincontroller.applecallback-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Apple Redirect Token Response|[TokenResponse](#schematokenresponse)|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+## AppleLoginController.postLoginViaApple
+
+<a id="opIdAppleLoginController.postLoginViaApple"></a>
+
+> Code samples
+
+```javascript
+const inputBody = '{
+  "client_id": "string",
+  "client_secret": "string"
+}';
+const headers = {
+  'Content-Type':'application/x-www-form-urlencoded'
+};
+
+fetch('/auth/oauth-apple',
+{
+  method: 'POST',
+  body: inputBody,
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+const inputBody = {
+  "client_id": "string",
+  "client_secret": "string"
+};
+const headers = {
+  'Content-Type':'application/x-www-form-urlencoded'
+};
+
+fetch('/auth/oauth-apple',
+{
+  method: 'POST',
+  body: JSON.stringify(inputBody),
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`POST /auth/oauth-apple`
+
+> Body parameter
+
+```yaml
+client_id: string
+client_secret: string
+
+```
+
+<h3 id="applelogincontroller.postloginviaapple-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|body|body|[ClientAuthRequest](#schemaclientauthrequest)|false|none|
+
+> Example responses
+
+<h3 id="applelogincontroller.postloginviaapple-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|POST Call for Apple based login|None|
+
+<h3 id="applelogincontroller.postloginviaapple-responseschema">Response Schema</h3>
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
 <h1 id="authentication-service-logincontroller">LoginController</h1>
 
 ## LoginController.resetPassword
@@ -436,12 +600,920 @@ const inputBody = {
   "clientId": "string"
 };
 const headers = {
-  'Content-Type':'application/json',
-  'Accept':'application/json',
-  'device_id':'string'
+  'Content-Type':'application/json',
+  'Accept':'application/json',
+  'device_id':'string'
+};
+
+fetch('/auth/token',
+{
+  method: 'POST',
+  body: JSON.stringify(inputBody),
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`POST /auth/token`
+
+Send the code received from the POST /auth/login api and get refresh token and access token (webapps)
+
+> Body parameter
+
+```json
+{
+  "code": "string",
+  "clientId": "string"
+}
+```
+
+<h3 id="logincontroller.gettoken-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|device_id|header|string|false|none|
+|body|body|[AuthTokenRequest](#schemaauthtokenrequest)|false|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
+}
+```
+
+<h3 id="logincontroller.gettoken-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Token Response|[TokenResponse](#schematokenresponse)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|The syntax of the request entity is incorrect.|None|
+|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|Invalid Credentials.|None|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|The entity requested does not exist.|None|
+|422|[Unprocessable Entity](https://tools.ietf.org/html/rfc2518#section-10.3)|The syntax of the request entity is incorrect|None|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+## LoginController.exchangeToken
+
+<a id="opIdLoginController.exchangeToken"></a>
+
+> Code samples
+
+```javascript
+const inputBody = '{
+  "refreshToken": "string"
+}';
+const headers = {
+  'Content-Type':'application/json',
+  'Accept':'application/json',
+  'device_id':'string',
+  'Authorization':'string'
+};
+
+fetch('/auth/token-refresh',
+{
+  method: 'POST',
+  body: inputBody,
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+const inputBody = {
+  "refreshToken": "string"
+};
+const headers = {
+  'Content-Type':'application/json',
+  'Accept':'application/json',
+  'device_id':'string',
+  'Authorization':'string'
+};
+
+fetch('/auth/token-refresh',
+{
+  method: 'POST',
+  body: JSON.stringify(inputBody),
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`POST /auth/token-refresh`
+
+Gets you a new access and refresh token once your access token is expired. (both mobile and web)
+
+> Body parameter
+
+```json
+{
+  "refreshToken": "string"
+}
+```
+
+<h3 id="logincontroller.exchangetoken-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|device_id|header|string|false|none|
+|Authorization|header|string|false|none|
+|body|body|[AuthRefreshTokenRequest](#schemaauthrefreshtokenrequest)|false|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
+}
+```
+
+<h3 id="logincontroller.exchangetoken-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|New Token Response|[TokenResponse](#schematokenresponse)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|The syntax of the request entity is incorrect.|None|
+|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|Invalid Credentials.|None|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|The entity requested does not exist.|None|
+|422|[Unprocessable Entity](https://tools.ietf.org/html/rfc2518#section-10.3)|The syntax of the request entity is incorrect|None|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+<h1 id="authentication-service-facebooklogincontroller">FacebookLoginController</h1>
+
+## FacebookLoginController.postLoginViaFacebook
+
+<a id="opIdFacebookLoginController.postLoginViaFacebook"></a>
+
+> Code samples
+
+```javascript
+const inputBody = '{
+  "client_id": "string",
+  "client_secret": "string"
+}';
+const headers = {
+  'Content-Type':'application/x-www-form-urlencoded',
+  'Accept':'application/json'
+};
+
+fetch('/auth/facebook',
+{
+  method: 'POST',
+  body: inputBody,
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+const inputBody = {
+  "client_id": "string",
+  "client_secret": "string"
+};
+const headers = {
+  'Content-Type':'application/x-www-form-urlencoded',
+  'Accept':'application/json'
+};
+
+fetch('/auth/facebook',
+{
+  method: 'POST',
+  body: JSON.stringify(inputBody),
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`POST /auth/facebook`
+
+> Body parameter
+
+```yaml
+client_id: string
+client_secret: string
+
+```
+
+<h3 id="facebooklogincontroller.postloginviafacebook-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|body|body|[ClientAuthRequest](#schemaclientauthrequest)|false|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
+}
+```
+
+<h3 id="facebooklogincontroller.postloginviafacebook-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|POST Call for Facebook based login|[TokenResponse](#schematokenresponse)|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+## FacebookLoginController.facebookCallback
+
+<a id="opIdFacebookLoginController.facebookCallback"></a>
+
+> Code samples
+
+```javascript
+
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/facebook-auth-redirect',
+{
+  method: 'GET',
+
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/facebook-auth-redirect',
+{
+  method: 'GET',
+
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`GET /auth/facebook-auth-redirect`
+
+<h3 id="facebooklogincontroller.facebookcallback-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|code|query|string|false|none|
+|state|query|string|false|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
+}
+```
+
+<h3 id="facebooklogincontroller.facebookcallback-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Facebook Redirect Token Response|[TokenResponse](#schematokenresponse)|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+<h1 id="authentication-service-forgetpasswordcontroller">ForgetPasswordController</h1>
+
+## ForgetPasswordController.forgetPassword
+
+<a id="opIdForgetPasswordController.forgetPassword"></a>
+
+> Code samples
+
+```javascript
+const inputBody = '{
+  "username": "string",
+  "client_id": "string",
+  "client_secret": "string"
+}';
+const headers = {
+  'Content-Type':'application/json',
+  'Accept':'application/json',
+  'Authorization':'Bearer {access-token}'
+};
+
+fetch('/auth/forget-password',
+{
+  method: 'POST',
+  body: inputBody,
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+const inputBody = {
+  "username": "string",
+  "client_id": "string",
+  "client_secret": "string"
+};
+const headers = {
+  'Content-Type':'application/json',
+  'Accept':'application/json',
+  'Authorization':'Bearer {access-token}'
+};
+
+fetch('/auth/forget-password',
+{
+  method: 'POST',
+  body: JSON.stringify(inputBody),
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`POST /auth/forget-password`
+
+> Body parameter
+
+```json
+{
+  "username": "string",
+  "client_id": "string",
+  "client_secret": "string"
+}
+```
+
+<h3 id="forgetpasswordcontroller.forgetpassword-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|body|body|[ForgetPasswordDto](#schemaforgetpassworddto)|false|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "code": "string",
+  "expiry": 0,
+  "email": "string",
+  "user": {
+    "deleted": true,
+    "deletedOn": "2019-08-24T14:15:22Z",
+    "deletedBy": "string",
+    "createdOn": "2019-08-24T14:15:22Z",
+    "modifiedOn": "2019-08-24T14:15:22Z",
+    "createdBy": "string",
+    "modifiedBy": "string",
+    "id": "string",
+    "firstName": "string",
+    "lastName": "string",
+    "middleName": "string",
+    "username": "string",
+    "email": "string",
+    "phone": "string",
+    "authClientIds": "string",
+    "lastLogin": "2019-08-24T14:15:22Z",
+    "dob": "2019-08-24T14:15:22Z",
+    "gender": "M",
+    "defaultTenantId": "string"
+  }
+}
+```
+
+<h3 id="forgetpasswordcontroller.forgetpassword-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Success Response.|[ForgetPasswordResponseDto](#schemaforgetpasswordresponsedto)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|The syntax of the request entity is incorrect.|None|
+|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|Invalid Credentials.|None|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|The entity requested does not exist.|None|
+|422|[Unprocessable Entity](https://tools.ietf.org/html/rfc2518#section-10.3)|The syntax of the request entity is incorrect|None|
+
+<aside class="warning">
+To perform this operation, you must be authenticated by means of one of the following methods:
+HTTPBearer
+</aside>
+
+## ForgetPasswordController.resetPassword
+
+<a id="opIdForgetPasswordController.resetPassword"></a>
+
+> Code samples
+
+```javascript
+const inputBody = '{
+  "token": "string",
+  "password": "string",
+  "client_id": "string",
+  "client_secret": "string"
+}';
+const headers = {
+  'Content-Type':'application/json',
+  'Authorization':'Bearer {access-token}'
+};
+
+fetch('/auth/reset-password',
+{
+  method: 'PATCH',
+  body: inputBody,
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+const inputBody = {
+  "token": "string",
+  "password": "string",
+  "client_id": "string",
+  "client_secret": "string"
+};
+const headers = {
+  'Content-Type':'application/json',
+  'Authorization':'Bearer {access-token}'
+};
+
+fetch('/auth/reset-password',
+{
+  method: 'PATCH',
+  body: JSON.stringify(inputBody),
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`PATCH /auth/reset-password`
+
+> Body parameter
+
+```json
+{
+  "token": "string",
+  "password": "string",
+  "client_id": "string",
+  "client_secret": "string"
+}
+```
+
+<h3 id="forgetpasswordcontroller.resetpassword-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|body|body|[ResetPasswordWithClient](#schemaresetpasswordwithclient)|false|none|
+
+<h3 id="forgetpasswordcontroller.resetpassword-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|204|[No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5)|If User password successfully changed.|None|
+
+<aside class="warning">
+To perform this operation, you must be authenticated by means of one of the following methods:
+HTTPBearer
+</aside>
+
+## ForgetPasswordController.verifyResetPasswordLink
+
+<a id="opIdForgetPasswordController.verifyResetPasswordLink"></a>
+
+> Code samples
+
+```javascript
+
+fetch('/auth/verify-reset-password-link?token=string',
+{
+  method: 'GET'
+
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+
+fetch('/auth/verify-reset-password-link?token=string',
+{
+  method: 'GET'
+
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`GET /auth/verify-reset-password-link`
+
+<h3 id="forgetpasswordcontroller.verifyresetpasswordlink-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|token|query|string|true|none|
+
+<h3 id="forgetpasswordcontroller.verifyresetpasswordlink-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Check if Token Is Valid and not Expired.|None|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+<h1 id="authentication-service-googlelogincontroller">GoogleLoginController</h1>
+
+## GoogleLoginController.postLoginViaGoogle
+
+<a id="opIdGoogleLoginController.postLoginViaGoogle"></a>
+
+> Code samples
+
+```javascript
+const inputBody = '{
+  "client_id": "string",
+  "client_secret": "string"
+}';
+const headers = {
+  'Content-Type':'application/x-www-form-urlencoded',
+  'Accept':'application/json'
+};
+
+fetch('/auth/google',
+{
+  method: 'POST',
+  body: inputBody,
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+const inputBody = {
+  "client_id": "string",
+  "client_secret": "string"
+};
+const headers = {
+  'Content-Type':'application/x-www-form-urlencoded',
+  'Accept':'application/json'
+};
+
+fetch('/auth/google',
+{
+  method: 'POST',
+  body: JSON.stringify(inputBody),
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`POST /auth/google`
+
+> Body parameter
+
+```yaml
+client_id: string
+client_secret: string
+
+```
+
+<h3 id="googlelogincontroller.postloginviagoogle-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|body|body|[ClientAuthRequest](#schemaclientauthrequest)|false|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
+}
+```
+
+<h3 id="googlelogincontroller.postloginviagoogle-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|POST Call for Google based login|[TokenResponse](#schematokenresponse)|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+## GoogleLoginController.loginViaGoogle
+
+<a id="opIdGoogleLoginController.loginViaGoogle"></a>
+
+> Code samples
+
+```javascript
+
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/google',
+{
+  method: 'GET',
+
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/google',
+{
+  method: 'GET',
+
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`GET /auth/google`
+
+<h3 id="googlelogincontroller.loginviagoogle-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|client_id|query|string|false|none|
+|client_secret|query|string|false|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
+}
+```
+
+<h3 id="googlelogincontroller.loginviagoogle-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Google Token Response (Deprecated: Possible security issue if secret is passed via query params, please use the post endpoint)|[TokenResponse](#schematokenresponse)|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+## GoogleLoginController.googleCallback
+
+<a id="opIdGoogleLoginController.googleCallback"></a>
+
+> Code samples
+
+```javascript
+
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/google-auth-redirect',
+{
+  method: 'GET',
+
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/google-auth-redirect',
+{
+  method: 'GET',
+
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+`GET /auth/google-auth-redirect`
+
+<h3 id="googlelogincontroller.googlecallback-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|code|query|string|false|none|
+|state|query|string|false|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
+}
+```
+
+<h3 id="googlelogincontroller.googlecallback-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Google Redirect Token Response|[TokenResponse](#schematokenresponse)|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+<h1 id="authentication-service-instagramlogincontroller">InstagramLoginController</h1>
+
+## InstagramLoginController.postLoginViaInstagram
+
+<a id="opIdInstagramLoginController.postLoginViaInstagram"></a>
+
+> Code samples
+
+```javascript
+const inputBody = '{
+  "client_id": "string",
+  "client_secret": "string"
+}';
+const headers = {
+  'Content-Type':'application/x-www-form-urlencoded',
+  'Accept':'application/json'
+};
+
+fetch('/auth/instagram',
+{
+  method: 'POST',
+  body: inputBody,
+  headers: headers
+})
+.then(function(res) {
+    return res.json();
+}).then(function(body) {
+    console.log(body);
+});
+
+```
+
+```javascript--nodejs
+const fetch = require('node-fetch');
+const inputBody = {
+  "client_id": "string",
+  "client_secret": "string"
+};
+const headers = {
+  'Content-Type':'application/x-www-form-urlencoded',
+  'Accept':'application/json'
 };
 
-fetch('/auth/token',
+fetch('/auth/instagram',
 {
   method: 'POST',
   body: JSON.stringify(inputBody),
@@ -455,25 +1527,21 @@ fetch('/auth/token',
 
 ```
 
-`POST /auth/token`
-
-Send the code received from the POST /auth/login api and get refresh token and access token (webapps)
+`POST /auth/instagram`
 
 > Body parameter
 
-```json
-{
-  "code": "string",
-  "clientId": "string"
-}
+```yaml
+client_id: string
+client_secret: string
+
 ```
 
-<h3 id="logincontroller.gettoken-parameters">Parameters</h3>
+<h3 id="instagramlogincontroller.postloginviainstagram-parameters">Parameters</h3>
 
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
-|device_id|header|string|false|none|
-|body|body|[AuthTokenRequest](#schemaauthtokenrequest)|false|none|
+|body|body|[ClientAuthRequest](#schemaclientauthrequest)|false|none|
 
 > Example responses
 
@@ -488,41 +1556,32 @@ Send the code received from the POST /auth/login api and get refresh token and a
 }
 ```
 
-<h3 id="logincontroller.gettoken-responses">Responses</h3>
+<h3 id="instagramlogincontroller.postloginviainstagram-responses">Responses</h3>
 
 |Status|Meaning|Description|Schema|
 |---|---|---|---|
-|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Token Response|[TokenResponse](#schematokenresponse)|
-|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|The syntax of the request entity is incorrect.|None|
-|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|Invalid Credentials.|None|
-|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|The entity requested does not exist.|None|
-|422|[Unprocessable Entity](https://tools.ietf.org/html/rfc2518#section-10.3)|The syntax of the request entity is incorrect|None|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|POST Call for Instagram based login|[TokenResponse](#schematokenresponse)|
 
 <aside class="success">
 This operation does not require authentication
 </aside>
 
-## LoginController.exchangeToken
+## InstagramLoginController.instagramCallback
 
-<a id="opIdLoginController.exchangeToken"></a>
+<a id="opIdInstagramLoginController.instagramCallback"></a>
 
 > Code samples
 
 ```javascript
-const inputBody = '{
-  "refreshToken": "string"
-}';
+
 const headers = {
-  'Content-Type':'application/json',
-  'Accept':'application/json',
-  'device_id':'string',
-  'Authorization':'string'
+  'Accept':'application/json'
 };
 
-fetch('/auth/token-refresh',
+fetch('/auth/instagram-auth-redirect',
 {
-  method: 'POST',
-  body: inputBody,
+  method: 'GET',
+
   headers: headers
 })
 .then(function(res) {
@@ -535,20 +1594,15 @@ fetch('/auth/token-refresh',
 
 ```javascript--nodejs
 const fetch = require('node-fetch');
-const inputBody = {
-  "refreshToken": "string"
-};
+
 const headers = {
-  'Content-Type':'application/json',
-  'Accept':'application/json',
-  'device_id':'string',
-  'Authorization':'string'
+  'Accept':'application/json'
 };
 
-fetch('/auth/token-refresh',
+fetch('/auth/instagram-auth-redirect',
 {
-  method: 'POST',
-  body: JSON.stringify(inputBody),
+  method: 'GET',
+
   headers: headers
 })
 .then(function(res) {
@@ -559,25 +1613,14 @@ fetch('/auth/token-refresh',
 
 ```
 
-`POST /auth/token-refresh`
-
-Gets you a new access and refresh token once your access token is expired. (both mobile and web)
-
-> Body parameter
-
-```json
-{
-  "refreshToken": "string"
-}
-```
+`GET /auth/instagram-auth-redirect`
 
-<h3 id="logincontroller.exchangetoken-parameters">Parameters</h3>
+<h3 id="instagramlogincontroller.instagramcallback-parameters">Parameters</h3>
 
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
-|device_id|header|string|false|none|
-|Authorization|header|string|false|none|
-|body|body|[AuthRefreshTokenRequest](#schemaauthrefreshtokenrequest)|false|none|
+|code|query|string|false|none|
+|state|query|string|false|none|
 
 > Example responses
 
@@ -592,41 +1635,35 @@ Gets you a new access and refresh token once your access token is expired. (both
 }
 ```
 
-<h3 id="logincontroller.exchangetoken-responses">Responses</h3>
+<h3 id="instagramlogincontroller.instagramcallback-responses">Responses</h3>
 
 |Status|Meaning|Description|Schema|
 |---|---|---|---|
-|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|New Token Response|[TokenResponse](#schematokenresponse)|
-|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|The syntax of the request entity is incorrect.|None|
-|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|Invalid Credentials.|None|
-|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|The entity requested does not exist.|None|
-|422|[Unprocessable Entity](https://tools.ietf.org/html/rfc2518#section-10.3)|The syntax of the request entity is incorrect|None|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Instagram Redirect Token Response|[TokenResponse](#schematokenresponse)|
 
 <aside class="success">
 This operation does not require authentication
 </aside>
 
-<h1 id="authentication-service-forgetpasswordcontroller">ForgetPasswordController</h1>
+<h1 id="authentication-service-keycloaklogincontroller">KeycloakLoginController</h1>
 
-## ForgetPasswordController.forgetPassword
+## KeycloakLoginController.postLoginViaKeycloak
 
-<a id="opIdForgetPasswordController.forgetPassword"></a>
+<a id="opIdKeycloakLoginController.postLoginViaKeycloak"></a>
 
 > Code samples
 
 ```javascript
 const inputBody = '{
-  "username": "string",
   "client_id": "string",
   "client_secret": "string"
 }';
 const headers = {
-  'Content-Type':'application/json',
-  'Accept':'application/json',
-  'Authorization':'Bearer {access-token}'
+  'Content-Type':'application/x-www-form-urlencoded',
+  'Accept':'application/json'
 };
 
-fetch('/auth/forget-password',
+fetch('/auth/keycloak',
 {
   method: 'POST',
   body: inputBody,
@@ -643,17 +1680,15 @@ fetch('/auth/forget-password',
 ```javascript--nodejs
 const fetch = require('node-fetch');
 const inputBody = {
-  "username": "string",
   "client_id": "string",
   "client_secret": "string"
 };
 const headers = {
-  'Content-Type':'application/json',
-  'Accept':'application/json',
-  'Authorization':'Bearer {access-token}'
+  'Content-Type':'application/x-www-form-urlencoded',
+  'Accept':'application/json'
 };
 
-fetch('/auth/forget-password',
+fetch('/auth/keycloak',
 {
   method: 'POST',
   body: JSON.stringify(inputBody),
@@ -667,23 +1702,23 @@ fetch('/auth/forget-password',
 
 ```
 
-`POST /auth/forget-password`
+`POST /auth/keycloak`
+
+POST Call for keycloak based login
 
 > Body parameter
 
-```json
-{
-  "username": "string",
-  "client_id": "string",
-  "client_secret": "string"
-}
+```yaml
+client_id: string
+client_secret: string
+
 ```
 
-<h3 id="forgetpasswordcontroller.forgetpassword-parameters">Parameters</h3>
+<h3 id="keycloaklogincontroller.postloginviakeycloak-parameters">Parameters</h3>
 
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
-|body|body|[ForgetPasswordDto](#schemaforgetpassworddto)|false|none|
+|body|body|[ClientAuthRequest](#schemaclientauthrequest)|false|none|
 
 > Example responses
 
@@ -691,70 +1726,39 @@ fetch('/auth/forget-password',
 
 ```json
 {
-  "code": "string",
-  "expiry": 0,
-  "email": "string",
-  "user": {
-    "deleted": true,
-    "deletedOn": "2019-08-24T14:15:22Z",
-    "deletedBy": "string",
-    "createdOn": "2019-08-24T14:15:22Z",
-    "modifiedOn": "2019-08-24T14:15:22Z",
-    "createdBy": "string",
-    "modifiedBy": "string",
-    "id": "string",
-    "firstName": "string",
-    "lastName": "string",
-    "middleName": "string",
-    "username": "string",
-    "email": "string",
-    "phone": "string",
-    "authClientIds": "string",
-    "lastLogin": "2019-08-24T14:15:22Z",
-    "dob": "2019-08-24T14:15:22Z",
-    "gender": "M",
-    "defaultTenantId": "string"
-  }
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
 }
 ```
 
-<h3 id="forgetpasswordcontroller.forgetpassword-responses">Responses</h3>
+<h3 id="keycloaklogincontroller.postloginviakeycloak-responses">Responses</h3>
 
 |Status|Meaning|Description|Schema|
 |---|---|---|---|
-|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Success Response.|[ForgetPasswordResponseDto](#schemaforgetpasswordresponsedto)|
-|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|The syntax of the request entity is incorrect.|None|
-|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|Invalid Credentials.|None|
-|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|The entity requested does not exist.|None|
-|422|[Unprocessable Entity](https://tools.ietf.org/html/rfc2518#section-10.3)|The syntax of the request entity is incorrect|None|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Keycloak Token Response|[TokenResponse](#schematokenresponse)|
 
-<aside class="warning">
-To perform this operation, you must be authenticated by means of one of the following methods:
-HTTPBearer
+<aside class="success">
+This operation does not require authentication
 </aside>
 
-## ForgetPasswordController.resetPassword
+## KeycloakLoginController.loginViaKeycloak
 
-<a id="opIdForgetPasswordController.resetPassword"></a>
+<a id="opIdKeycloakLoginController.loginViaKeycloak"></a>
 
 > Code samples
 
 ```javascript
-const inputBody = '{
-  "token": "string",
-  "password": "string",
-  "client_id": "string",
-  "client_secret": "string"
-}';
+
 const headers = {
-  'Content-Type':'application/json',
-  'Authorization':'Bearer {access-token}'
+  'Accept':'application/json'
 };
 
-fetch('/auth/reset-password',
+fetch('/auth/keycloak',
 {
-  method: 'PATCH',
-  body: inputBody,
+  method: 'GET',
+
   headers: headers
 })
 .then(function(res) {
@@ -767,21 +1771,15 @@ fetch('/auth/reset-password',
 
 ```javascript--nodejs
 const fetch = require('node-fetch');
-const inputBody = {
-  "token": "string",
-  "password": "string",
-  "client_id": "string",
-  "client_secret": "string"
-};
+
 const headers = {
-  'Content-Type':'application/json',
-  'Authorization':'Bearer {access-token}'
+  'Accept':'application/json'
 };
 
-fetch('/auth/reset-password',
+fetch('/auth/keycloak',
 {
-  method: 'PATCH',
-  body: JSON.stringify(inputBody),
+  method: 'GET',
+
   headers: headers
 })
 .then(function(res) {
@@ -792,48 +1790,55 @@ fetch('/auth/reset-password',
 
 ```
 
-`PATCH /auth/reset-password`
+`GET /auth/keycloak`
 
-> Body parameter
+<h3 id="keycloaklogincontroller.loginviakeycloak-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|client_id|query|string|false|none|
+|client_secret|query|string|false|none|
+
+> Example responses
+
+> 200 Response
 
 ```json
 {
-  "token": "string",
-  "password": "string",
-  "client_id": "string",
-  "client_secret": "string"
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
 }
 ```
 
-<h3 id="forgetpasswordcontroller.resetpassword-parameters">Parameters</h3>
-
-|Name|In|Type|Required|Description|
-|---|---|---|---|---|
-|body|body|[ResetPasswordWithClient](#schemaresetpasswordwithclient)|false|none|
-
-<h3 id="forgetpasswordcontroller.resetpassword-responses">Responses</h3>
+<h3 id="keycloaklogincontroller.loginviakeycloak-responses">Responses</h3>
 
 |Status|Meaning|Description|Schema|
 |---|---|---|---|
-|204|[No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5)|If User password successfully changed.|None|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Keycloak Token Response (Deprecated: Possible security issue if secret is passed via query params, please use the post endpoint)|[TokenResponse](#schematokenresponse)|
 
-<aside class="warning">
-To perform this operation, you must be authenticated by means of one of the following methods:
-HTTPBearer
+<aside class="success">
+This operation does not require authentication
 </aside>
 
-## ForgetPasswordController.verifyResetPasswordLink
+## KeycloakLoginController.keycloakCallback
 
-<a id="opIdForgetPasswordController.verifyResetPasswordLink"></a>
+<a id="opIdKeycloakLoginController.keycloakCallback"></a>
 
 > Code samples
 
 ```javascript
 
-fetch('/auth/verify-reset-password-link?token=string',
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/keycloak-auth-redirect',
 {
-  method: 'GET'
+  method: 'GET',
 
+  headers: headers
 })
 .then(function(res) {
     return res.json();
@@ -846,10 +1851,15 @@ fetch('/auth/verify-reset-password-link?token=string',
 ```javascript--nodejs
 const fetch = require('node-fetch');
 
-fetch('/auth/verify-reset-password-link?token=string',
+const headers = {
+  'Accept':'application/json'
+};
+
+fetch('/auth/keycloak-auth-redirect',
 {
-  method: 'GET'
+  method: 'GET',
 
+  headers: headers
 })
 .then(function(res) {
     return res.json();
@@ -859,19 +1869,33 @@ fetch('/auth/verify-reset-password-link?token=string',
 
 ```
 
-`GET /auth/verify-reset-password-link`
+`GET /auth/keycloak-auth-redirect`
 
-<h3 id="forgetpasswordcontroller.verifyresetpasswordlink-parameters">Parameters</h3>
+<h3 id="keycloaklogincontroller.keycloakcallback-parameters">Parameters</h3>
 
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
-|token|query|string|true|none|
+|code|query|string|false|none|
+|state|query|string|false|none|
 
-<h3 id="forgetpasswordcontroller.verifyresetpasswordlink-responses">Responses</h3>
+> Example responses
+
+> 200 Response
+
+```json
+{
+  "accessToken": "string",
+  "refreshToken": "string",
+  "expires": 0,
+  "pubnubToken": "string"
+}
+```
+
+<h3 id="keycloaklogincontroller.keycloakcallback-responses">Responses</h3>
 
 |Status|Meaning|Description|Schema|
 |---|---|---|---|
-|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Check if Token Is Valid and not Expired.|None|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Keycloak Redirect Token Response|[TokenResponse](#schematokenresponse)|
 
 <aside class="success">
 This operation does not require authentication
@@ -2593,6 +3617,30 @@ ResetPassword
 |password|string|true|none|This property is supposed to be a string and is a required field|
 |oldPassword|string|false|none|This property is supposed to be a string and is a required field|
 
+<h2 id="tocS_ClientAuthRequest">ClientAuthRequest</h2>
+<!-- backwards compatibility -->
+<a id="schemaclientauthrequest"></a>
+<a id="schema_ClientAuthRequest"></a>
+<a id="tocSclientauthrequest"></a>
+<a id="tocsclientauthrequest"></a>
+
+```json
+{
+  "client_id": "string",
+  "client_secret": "string"
+}
+
+```
+
+ClientAuthRequest
+
+### Properties
+
+|Name|Type|Required|Restrictions|Description|
+|---|---|---|---|---|
+|client_id|string|true|none|This property is supposed to be a string and is a required field|
+|client_secret|string|true|none|This property is supposed to be a string and is a required field|
+
 <h2 id="tocS_SuccessResponse">SuccessResponse</h2>
 <!-- backwards compatibility -->
 <a id="schemasuccessresponse"></a>
diff --git a/services/authentication-service/src/controllers/index.ts b/services/authentication-service/src/controllers/index.ts
index e662e085d4..cfdd27e085 100644
--- a/services/authentication-service/src/controllers/index.ts
+++ b/services/authentication-service/src/controllers/index.ts
@@ -1,3 +1,8 @@
+import {AppleLoginController} from '../modules/auth/apple-login.controller';
+import {FacebookLoginController} from '../modules/auth/facebook-login.controller';
+import {GoogleLoginController} from '../modules/auth/google-login.controller';
+import {InstagramLoginController} from '../modules/auth/instagram-login.controller';
+import {KeycloakLoginController} from '../modules/auth/keycloak-login.controller';
 import {LoginController} from '../modules/auth/login.controller';
 import {LogoutController} from '../modules/auth/logout.controller';
 import {AuthClientController} from './auth-client.controller';
@@ -13,6 +18,11 @@ export * from './forget-password.controller';
 
 export const controllers = [
   LoginController,
+  GoogleLoginController,
+  FacebookLoginController,
+  AppleLoginController,
+  KeycloakLoginController,
+  InstagramLoginController,
   LogoutController,
   OtpController,
   AuthClientController,
diff --git a/services/bpmn-service/README.md b/services/bpmn-service/README.md
index 4289e5d98e..7d7d116970 100644
--- a/services/bpmn-service/README.md
+++ b/services/bpmn-service/README.md
@@ -4,7 +4,20 @@
 
 ## Overview
 
-A Loopback Microservice for handling BPMN workflows using engines like (Camunda)[https://camunda.com/products/cloud/]. NOTE: The microservice currently works with only one workflow definition for a single diagram.
+A Loopback Microservice for handling BPMN workflows using engines like [Camunda](https://camunda.com/products/cloud/). NOTE: The microservice currently works with only one workflow definition for a single diagram. It provides -
+
+ - Deployment and management of Workflows in a BPMN engine.
+ - Process Versioning.
+ - Executing Workflow using an endpoint, validate inputs before starting an execution.
+
+### Sandbox Example
+
+The [sandbox example](https://github.com/sourcefuse/loopback4-microservice-catalog/tree/master/sandbox/workflow-ms-example) provides a use of this microservice with the [Camunda](https://camunda.com/products/cloud/) BPMN engine.
+
+It uses [camunda-external-task-client-js](https://github.com/camunda/camunda-external-task-client-js) to implement external task workers, that are triggered on executing a workflow. The flow of control is shown in the diagram below - 
+
+![Execute Workflow](https://user-images.githubusercontent.com/77672713/126749866-1344ff59-5a1e-47cf-bf90-d366da3e9498.png)
+
 
 ### Installation
 
@@ -96,6 +109,11 @@ The service comes with a default `DataSource` using PostgreSQL, if you intend to
 
 A sample implementation of a `DataSource` using environment variables and PostgreSQL is included with the service, you can provide your own using the `BpmnDbSourceName` variable. Implementation of the sample `DataSource` can be seen [here](/src/datasources/bpmn-db.datasource.ts).
 
+### Database Schema
+
+![bpmndb](https://user-images.githubusercontent.com/77672713/126750626-205bbd2c-4b51-4b98-ad81-1b39008f2cf5.jpg)
+
+
 ### Providers
 
 #### BPMNProvider
@@ -175,23 +193,6 @@ Authorization: Bearer <token> where <token> is a JWT token signed using JWT issu
 400: Bad Request (Error message varies w.r.t API)
 201: No content: Empty Response
 
-### API Details
-
-`POST /workflow`
-Endpoint to create a new workflow, uses the `create` method from the provider.
-
-`PATCH /workflow/{id}`
-Endpoint to update a workflow, uses the `update` method from the provider.
-
-`POST /workflow/{id}/execute`
-Endpoint to trigger a workflow, uses the `execute` method from the provider.
-
-`DELETE /workflow/{id}`
-Endpoint to delete a workflow, uses the `delete` method from the provider.
-
-`GET /workflow`
-Endpoint to get all the workflows.
-
 ## API's Details
 
 Visit the [OpenAPI spec docs](./openapi.md)