From 2c9d94f0340d4e07ab8baa5c7079f5d4827c6d7e Mon Sep 17 00:00:00 2001
From: Ryan Wang <i@ryanc.cc>
Date: Wed, 26 Jun 2024 18:53:24 +0800
Subject: [PATCH] Refine UI for device managment

---
 .../run/halo/app/core/extension/Device.java   |  65 ++
 .../core/extension/notification/Reason.java   |   2 +
 .../extension/notification/Subscription.java  |   1 +
 .../app/security/device/DeviceService.java    |  14 +
 ui/package.json                               |   2 +
 ui/packages/api-client/entry/api-client.ts    |   8 +-
 .../api-client/src/.openapi-generator/FILES   |   7 +
 ui/packages/api-client/src/api.ts             |   2 +
 ...i-security-halo-run-v1alpha1-device-api.ts | 128 ++++
 .../src/api/device-v1alpha1-uc-api.ts         | 215 ++++++
 .../security-halo-run-v1alpha1-device-api.ts  | 564 +++++++++++++++
 ...i-security-halo-run-v1alpha1-device-api.ts | 215 ++++++
 .../src/api/v1alpha1-v1alpha1-api.ts          | 665 ++++++++++++++++++
 .../api-client/src/models/device-list.ts      |  81 +++
 .../api-client/src/models/device-spec.ts      |  66 ++
 .../api-client/src/models/device-status.ts    |  36 +
 ui/packages/api-client/src/models/device.ts   |  63 ++
 ui/packages/api-client/src/models/index.ts    |   5 +
 .../src/models/subscription-subscriber.ts     |   2 +-
 .../api-client/src/models/user-device.ts      |  45 ++
 .../api-client/src/models/v1alpha1-list.ts    |  81 +++
 ui/pnpm-lock.yaml                             |  16 +
 ui/src/locales/en.yaml                        |  21 +
 ui/src/locales/zh-CN.yaml                     |  19 +
 ui/src/locales/zh-TW.yaml                     |  18 +
 ui/uc-src/modules/profile/Profile.vue         |   7 +
 ui/uc-src/modules/profile/tabs/Devices.vue    |  36 +
 .../tabs/components/DeviceDetailModal.vue     |  92 +++
 .../tabs/components/DeviceListItem.vue        | 119 ++++
 .../tabs/composables/use-user-agent.ts        |  22 +
 .../tabs/composables/use-user-device.ts       |  29 +
 31 files changed, 2644 insertions(+), 2 deletions(-)
 create mode 100644 api/src/main/java/run/halo/app/core/extension/Device.java
 create mode 100644 api/src/main/java/run/halo/app/security/device/DeviceService.java
 create mode 100644 ui/packages/api-client/src/api/console-api-security-halo-run-v1alpha1-device-api.ts
 create mode 100644 ui/packages/api-client/src/api/device-v1alpha1-uc-api.ts
 create mode 100644 ui/packages/api-client/src/api/security-halo-run-v1alpha1-device-api.ts
 create mode 100644 ui/packages/api-client/src/api/uc-api-security-halo-run-v1alpha1-device-api.ts
 create mode 100644 ui/packages/api-client/src/api/v1alpha1-v1alpha1-api.ts
 create mode 100644 ui/packages/api-client/src/models/device-list.ts
 create mode 100644 ui/packages/api-client/src/models/device-spec.ts
 create mode 100644 ui/packages/api-client/src/models/device-status.ts
 create mode 100644 ui/packages/api-client/src/models/device.ts
 create mode 100644 ui/packages/api-client/src/models/user-device.ts
 create mode 100644 ui/packages/api-client/src/models/v1alpha1-list.ts
 create mode 100644 ui/uc-src/modules/profile/tabs/Devices.vue
 create mode 100644 ui/uc-src/modules/profile/tabs/components/DeviceDetailModal.vue
 create mode 100644 ui/uc-src/modules/profile/tabs/components/DeviceListItem.vue
 create mode 100644 ui/uc-src/modules/profile/tabs/composables/use-user-agent.ts
 create mode 100644 ui/uc-src/modules/profile/tabs/composables/use-user-device.ts

diff --git a/api/src/main/java/run/halo/app/core/extension/Device.java b/api/src/main/java/run/halo/app/core/extension/Device.java
new file mode 100644
index 000000000..8410e6472
--- /dev/null
+++ b/api/src/main/java/run/halo/app/core/extension/Device.java
@@ -0,0 +1,65 @@
+package run.halo.app.core.extension;
+
+import static io.swagger.v3.oas.annotations.media.Schema.RequiredMode.REQUIRED;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import java.time.Instant;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.experimental.Accessors;
+import org.springframework.lang.NonNull;
+import run.halo.app.extension.AbstractExtension;
+import run.halo.app.extension.GVK;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+@GVK(group = Device.GROUP, version = Device.VERSION, kind = Device.KIND, plural = "devices",
+    singular = "device")
+public class Device extends AbstractExtension {
+    public static final String GROUP = "security.halo.run";
+    public static final String VERSION = "v1alpha1";
+    public static final String KIND = "v1alpha1";
+
+    @Schema(requiredMode = REQUIRED)
+    private Spec spec;
+
+    @Getter(onMethod_ = @NonNull)
+    private Status status = new Status();
+
+    public void setStatus(Status status) {
+        this.status = (status == null ? new Status() : status);
+    }
+
+    @Data
+    @Accessors(chain = true)
+    @Schema(name = "DeviceSpec")
+    public static class Spec {
+
+        @Schema(requiredMode = REQUIRED, minLength = 1)
+        private String sessionId;
+
+        @Schema(requiredMode = REQUIRED, minLength = 1)
+        private String principalName;
+
+        @Schema(requiredMode = REQUIRED, maxLength = 129)
+        private String ipAddress;
+
+        @Schema(maxLength = 500)
+        private String userAgent;
+
+        private String rememberMeSeriesId;
+
+        private Instant lastAccessedTime;
+
+        private Instant lastAuthenticatedTime;
+    }
+
+    @Data
+    @Accessors(chain = true)
+    @Schema(name = "DeviceStatus")
+    public static class Status {
+        private String browser;
+        private String os;
+    }
+}
diff --git a/api/src/main/java/run/halo/app/core/extension/notification/Reason.java b/api/src/main/java/run/halo/app/core/extension/notification/Reason.java
index db033859e..3a835212b 100644
--- a/api/src/main/java/run/halo/app/core/extension/notification/Reason.java
+++ b/api/src/main/java/run/halo/app/core/extension/notification/Reason.java
@@ -9,6 +9,7 @@ import lombok.Builder;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
+import lombok.experimental.Accessors;
 import run.halo.app.extension.AbstractExtension;
 import run.halo.app.extension.GVK;
 import run.halo.app.notification.ReasonAttributes;
@@ -31,6 +32,7 @@ public class Reason extends AbstractExtension {
     private Spec spec;
 
     @Data
+    @Accessors(chain = true)
     @Schema(name = "ReasonSpec")
     public static class Spec {
         @Schema(requiredMode = REQUIRED)
diff --git a/api/src/main/java/run/halo/app/core/extension/notification/Subscription.java b/api/src/main/java/run/halo/app/core/extension/notification/Subscription.java
index 7c8655bd8..bd19c216d 100644
--- a/api/src/main/java/run/halo/app/core/extension/notification/Subscription.java
+++ b/api/src/main/java/run/halo/app/core/extension/notification/Subscription.java
@@ -124,6 +124,7 @@ public class Subscription extends AbstractExtension {
     @Data
     @Schema(name = "SubscriptionSubscriber")
     public static class Subscriber {
+        @Schema(requiredMode = REQUIRED, minLength = 1)
         private String name;
 
         @Override
diff --git a/api/src/main/java/run/halo/app/security/device/DeviceService.java b/api/src/main/java/run/halo/app/security/device/DeviceService.java
new file mode 100644
index 000000000..ba52cd2c4
--- /dev/null
+++ b/api/src/main/java/run/halo/app/security/device/DeviceService.java
@@ -0,0 +1,14 @@
+package run.halo.app.security.device;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+public interface DeviceService {
+
+    Mono<Void> loginSuccess(ServerWebExchange exchange, Authentication successfullAuthentication);
+
+    Mono<Void> changeSessionId(ServerWebExchange exchange);
+
+    Mono<Void> revoke(String principalName, String deviceId);
+}
diff --git a/ui/package.json b/ui/package.json
index 9d96097de..5c0c04899 100644
--- a/ui/package.json
+++ b/ui/package.json
@@ -95,6 +95,7 @@
     "qs": "^6.11.1",
     "short-unique-id": "^5.0.2",
     "transliteration": "^2.3.5",
+    "ua-parser-js": "^1.0.38",
     "vue": "^3.4.27",
     "vue-demi": "^0.14.7",
     "vue-draggable-plus": "^0.4.1",
@@ -116,6 +117,7 @@
     "@types/node": "^18.11.19",
     "@types/qs": "^6.9.7",
     "@types/randomstring": "^1.1.8",
+    "@types/ua-parser-js": "^0.7.39",
     "@vitejs/plugin-vue": "^5.0.4",
     "@vitejs/plugin-vue-jsx": "^3.1.0",
     "@vitest/ui": "^0.34.1",
diff --git a/ui/packages/api-client/entry/api-client.ts b/ui/packages/api-client/entry/api-client.ts
index 436619bcd..2dded36c0 100644
--- a/ui/packages/api-client/entry/api-client.ts
+++ b/ui/packages/api-client/entry/api-client.ts
@@ -14,6 +14,7 @@ import {
   CommentV1alpha1PublicApi,
   ConfigMapV1alpha1Api,
   CounterV1alpha1Api,
+  DeviceV1alpha1UcApi,
   ExtensionDefinitionV1alpha1Api,
   ExtensionPointDefinitionV1alpha1Api,
   GroupV1alpha1Api,
@@ -64,7 +65,7 @@ import {
   UserConnectionV1alpha1Api,
   UserV1alpha1Api,
   UserV1alpha1ConsoleApi,
-  UserV1alpha1PublicApi,
+  UserV1alpha1PublicApi
 } from "../src";
 
 const defaultAxiosInstance = axios.create({
@@ -374,6 +375,11 @@ function createUcApiClient(axiosInstance: AxiosInstance) {
         baseURL,
         axiosInstance
       ),
+      device: new DeviceV1alpha1UcApi(
+        undefined,
+        baseURL,
+        axiosInstance
+      ),
     },
     notification: {
       notification: new NotificationV1alpha1UcApi(
diff --git a/ui/packages/api-client/src/.openapi-generator/FILES b/ui/packages/api-client/src/.openapi-generator/FILES
index 646a35a37..838880e56 100644
--- a/ui/packages/api-client/src/.openapi-generator/FILES
+++ b/ui/packages/api-client/src/.openapi-generator/FILES
@@ -17,6 +17,7 @@ api/comment-v1alpha1-console-api.ts
 api/comment-v1alpha1-public-api.ts
 api/config-map-v1alpha1-api.ts
 api/counter-v1alpha1-api.ts
+api/device-v1alpha1-uc-api.ts
 api/extension-definition-v1alpha1-api.ts
 api/extension-point-definition-v1alpha1-api.ts
 api/group-v1alpha1-api.ts
@@ -73,6 +74,7 @@ api/user-connection-v1alpha1-api.ts
 api/user-v1alpha1-api.ts
 api/user-v1alpha1-console-api.ts
 api/user-v1alpha1-public-api.ts
+api/v1alpha1-v1alpha1-api.ts
 base.ts
 common.ts
 configuration.ts
@@ -133,6 +135,9 @@ models/create-user-request.ts
 models/custom-templates.ts
 models/dashboard-stats.ts
 models/detailed-user.ts
+models/device-spec.ts
+models/device-status.ts
+models/device.ts
 models/email-config-validation-request.ts
 models/email-verify-request.ts
 models/excerpt.ts
@@ -314,11 +319,13 @@ models/upgrade-from-uri-request.ts
 models/user-connection-list.ts
 models/user-connection-spec.ts
 models/user-connection.ts
+models/user-device.ts
 models/user-endpoint-listed-user-list.ts
 models/user-list.ts
 models/user-permission.ts
 models/user-spec.ts
 models/user-status.ts
 models/user.ts
+models/v1alpha1-list.ts
 models/verify-code-request.ts
 models/vote-request.ts
diff --git a/ui/packages/api-client/src/api.ts b/ui/packages/api-client/src/api.ts
index 07dda349f..198325519 100644
--- a/ui/packages/api-client/src/api.ts
+++ b/ui/packages/api-client/src/api.ts
@@ -30,6 +30,7 @@ export * from './api/comment-v1alpha1-console-api';
 export * from './api/comment-v1alpha1-public-api';
 export * from './api/config-map-v1alpha1-api';
 export * from './api/counter-v1alpha1-api';
+export * from './api/device-v1alpha1-uc-api';
 export * from './api/extension-definition-v1alpha1-api';
 export * from './api/extension-point-definition-v1alpha1-api';
 export * from './api/group-v1alpha1-api';
@@ -86,4 +87,5 @@ export * from './api/user-connection-v1alpha1-api';
 export * from './api/user-v1alpha1-api';
 export * from './api/user-v1alpha1-console-api';
 export * from './api/user-v1alpha1-public-api';
+export * from './api/v1alpha1-v1alpha1-api';
 
diff --git a/ui/packages/api-client/src/api/console-api-security-halo-run-v1alpha1-device-api.ts b/ui/packages/api-client/src/api/console-api-security-halo-run-v1alpha1-device-api.ts
new file mode 100644
index 000000000..3bb7694a9
--- /dev/null
+++ b/ui/packages/api-client/src/api/console-api-security-halo-run-v1alpha1-device-api.ts
@@ -0,0 +1,128 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo Next API
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.0.0
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+import type { Configuration } from '../configuration';
+import type { AxiosPromise, AxiosInstance, RawAxiosRequestConfig } from 'axios';
+import globalAxios from 'axios';
+// Some imports not used depending on template conditions
+// @ts-ignore
+import { DUMMY_BASE_URL, assertParamExists, setApiKeyToObject, setBasicAuthToObject, setBearerAuthToObject, setOAuthToObject, setSearchParams, serializeDataIfNeeded, toPathString, createRequestFunction } from '../common';
+// @ts-ignore
+import { BASE_PATH, COLLECTION_FORMATS, RequestArgs, BaseAPI, RequiredError, operationServerMap } from '../base';
+// @ts-ignore
+import { UserDevice } from '../models';
+/**
+ * ConsoleApiSecurityHaloRunV1alpha1DeviceApi - axios parameter creator
+ * @export
+ */
+export const ConsoleApiSecurityHaloRunV1alpha1DeviceApiAxiosParamCreator = function (configuration?: Configuration) {
+    return {
+        /**
+         * List all user devices
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listDevices: async (options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/apis/console.api.security.halo.run/v1alpha1/devices`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication BasicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication BearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+    }
+};
+
+/**
+ * ConsoleApiSecurityHaloRunV1alpha1DeviceApi - functional programming interface
+ * @export
+ */
+export const ConsoleApiSecurityHaloRunV1alpha1DeviceApiFp = function(configuration?: Configuration) {
+    const localVarAxiosParamCreator = ConsoleApiSecurityHaloRunV1alpha1DeviceApiAxiosParamCreator(configuration)
+    return {
+        /**
+         * List all user devices
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async listDevices(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<UserDevice>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.listDevices(options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['ConsoleApiSecurityHaloRunV1alpha1DeviceApi.listDevices']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+    }
+};
+
+/**
+ * ConsoleApiSecurityHaloRunV1alpha1DeviceApi - factory interface
+ * @export
+ */
+export const ConsoleApiSecurityHaloRunV1alpha1DeviceApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) {
+    const localVarFp = ConsoleApiSecurityHaloRunV1alpha1DeviceApiFp(configuration)
+    return {
+        /**
+         * List all user devices
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listDevices(options?: RawAxiosRequestConfig): AxiosPromise<UserDevice> {
+            return localVarFp.listDevices(options).then((request) => request(axios, basePath));
+        },
+    };
+};
+
+/**
+ * ConsoleApiSecurityHaloRunV1alpha1DeviceApi - object-oriented interface
+ * @export
+ * @class ConsoleApiSecurityHaloRunV1alpha1DeviceApi
+ * @extends {BaseAPI}
+ */
+export class ConsoleApiSecurityHaloRunV1alpha1DeviceApi extends BaseAPI {
+    /**
+     * List all user devices
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof ConsoleApiSecurityHaloRunV1alpha1DeviceApi
+     */
+    public listDevices(options?: RawAxiosRequestConfig) {
+        return ConsoleApiSecurityHaloRunV1alpha1DeviceApiFp(this.configuration).listDevices(options).then((request) => request(this.axios, this.basePath));
+    }
+}
+
diff --git a/ui/packages/api-client/src/api/device-v1alpha1-uc-api.ts b/ui/packages/api-client/src/api/device-v1alpha1-uc-api.ts
new file mode 100644
index 000000000..61c5668b9
--- /dev/null
+++ b/ui/packages/api-client/src/api/device-v1alpha1-uc-api.ts
@@ -0,0 +1,215 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.17.0-SNAPSHOT
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+import type { Configuration } from '../configuration';
+import type { AxiosPromise, AxiosInstance, RawAxiosRequestConfig } from 'axios';
+import globalAxios from 'axios';
+// Some imports not used depending on template conditions
+// @ts-ignore
+import { DUMMY_BASE_URL, assertParamExists, setApiKeyToObject, setBasicAuthToObject, setBearerAuthToObject, setOAuthToObject, setSearchParams, serializeDataIfNeeded, toPathString, createRequestFunction } from '../common';
+// @ts-ignore
+import { BASE_PATH, COLLECTION_FORMATS, RequestArgs, BaseAPI, RequiredError, operationServerMap } from '../base';
+// @ts-ignore
+import { UserDevice } from '../models';
+/**
+ * DeviceV1alpha1UcApi - axios parameter creator
+ * @export
+ */
+export const DeviceV1alpha1UcApiAxiosParamCreator = function (configuration?: Configuration) {
+    return {
+        /**
+         * List all user devices
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listDevices: async (options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/apis/uc.api.security.halo.run/v1alpha1/devices`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Revoke a own device
+         * @param {string} deviceId Device ID
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        revokeDevice: async (deviceId: string, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'deviceId' is not null or undefined
+            assertParamExists('revokeDevice', 'deviceId', deviceId)
+            const localVarPath = `/apis/uc.api.security.halo.run/v1alpha1/devices/{deviceId}`
+                .replace(`{${"deviceId"}}`, encodeURIComponent(String(deviceId)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+    }
+};
+
+/**
+ * DeviceV1alpha1UcApi - functional programming interface
+ * @export
+ */
+export const DeviceV1alpha1UcApiFp = function(configuration?: Configuration) {
+    const localVarAxiosParamCreator = DeviceV1alpha1UcApiAxiosParamCreator(configuration)
+    return {
+        /**
+         * List all user devices
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async listDevices(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Array<UserDevice>>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.listDevices(options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['DeviceV1alpha1UcApi.listDevices']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * Revoke a own device
+         * @param {string} deviceId Device ID
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async revokeDevice(deviceId: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<void>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.revokeDevice(deviceId, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['DeviceV1alpha1UcApi.revokeDevice']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+    }
+};
+
+/**
+ * DeviceV1alpha1UcApi - factory interface
+ * @export
+ */
+export const DeviceV1alpha1UcApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) {
+    const localVarFp = DeviceV1alpha1UcApiFp(configuration)
+    return {
+        /**
+         * List all user devices
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listDevices(options?: RawAxiosRequestConfig): AxiosPromise<Array<UserDevice>> {
+            return localVarFp.listDevices(options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Revoke a own device
+         * @param {DeviceV1alpha1UcApiRevokeDeviceRequest} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        revokeDevice(requestParameters: DeviceV1alpha1UcApiRevokeDeviceRequest, options?: RawAxiosRequestConfig): AxiosPromise<void> {
+            return localVarFp.revokeDevice(requestParameters.deviceId, options).then((request) => request(axios, basePath));
+        },
+    };
+};
+
+/**
+ * Request parameters for revokeDevice operation in DeviceV1alpha1UcApi.
+ * @export
+ * @interface DeviceV1alpha1UcApiRevokeDeviceRequest
+ */
+export interface DeviceV1alpha1UcApiRevokeDeviceRequest {
+    /**
+     * Device ID
+     * @type {string}
+     * @memberof DeviceV1alpha1UcApiRevokeDevice
+     */
+    readonly deviceId: string
+}
+
+/**
+ * DeviceV1alpha1UcApi - object-oriented interface
+ * @export
+ * @class DeviceV1alpha1UcApi
+ * @extends {BaseAPI}
+ */
+export class DeviceV1alpha1UcApi extends BaseAPI {
+    /**
+     * List all user devices
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof DeviceV1alpha1UcApi
+     */
+    public listDevices(options?: RawAxiosRequestConfig) {
+        return DeviceV1alpha1UcApiFp(this.configuration).listDevices(options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * Revoke a own device
+     * @param {DeviceV1alpha1UcApiRevokeDeviceRequest} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof DeviceV1alpha1UcApi
+     */
+    public revokeDevice(requestParameters: DeviceV1alpha1UcApiRevokeDeviceRequest, options?: RawAxiosRequestConfig) {
+        return DeviceV1alpha1UcApiFp(this.configuration).revokeDevice(requestParameters.deviceId, options).then((request) => request(this.axios, this.basePath));
+    }
+}
+
diff --git a/ui/packages/api-client/src/api/security-halo-run-v1alpha1-device-api.ts b/ui/packages/api-client/src/api/security-halo-run-v1alpha1-device-api.ts
new file mode 100644
index 000000000..f5ceee60e
--- /dev/null
+++ b/ui/packages/api-client/src/api/security-halo-run-v1alpha1-device-api.ts
@@ -0,0 +1,564 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo Next API
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.0.0
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+import type { Configuration } from '../configuration';
+import type { AxiosPromise, AxiosInstance, RawAxiosRequestConfig } from 'axios';
+import globalAxios from 'axios';
+// Some imports not used depending on template conditions
+// @ts-ignore
+import { DUMMY_BASE_URL, assertParamExists, setApiKeyToObject, setBasicAuthToObject, setBearerAuthToObject, setOAuthToObject, setSearchParams, serializeDataIfNeeded, toPathString, createRequestFunction } from '../common';
+// @ts-ignore
+import { BASE_PATH, COLLECTION_FORMATS, RequestArgs, BaseAPI, RequiredError, operationServerMap } from '../base';
+// @ts-ignore
+import { Device } from '../models';
+// @ts-ignore
+import { DeviceList } from '../models';
+/**
+ * SecurityHaloRunV1alpha1DeviceApi - axios parameter creator
+ * @export
+ */
+export const SecurityHaloRunV1alpha1DeviceApiAxiosParamCreator = function (configuration?: Configuration) {
+    return {
+        /**
+         * Create security.halo.run/v1alpha1/Device
+         * @param {Device} [device] Fresh device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        createSecurityHaloRunV1alpha1Device: async (device?: Device, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication BasicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication BearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            localVarHeaderParameter['Content-Type'] = 'application/json';
+
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+            localVarRequestOptions.data = serializeDataIfNeeded(device, localVarRequestOptions, configuration)
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Delete security.halo.run/v1alpha1/Device
+         * @param {string} name Name of device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        deleteSecurityHaloRunV1alpha1Device: async (name: string, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'name' is not null or undefined
+            assertParamExists('deleteSecurityHaloRunV1alpha1Device', 'name', name)
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices/{name}`
+                .replace(`{${"name"}}`, encodeURIComponent(String(name)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication BasicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication BearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Get security.halo.run/v1alpha1/Device
+         * @param {string} name Name of device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getSecurityHaloRunV1alpha1Device: async (name: string, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'name' is not null or undefined
+            assertParamExists('getSecurityHaloRunV1alpha1Device', 'name', name)
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices/{name}`
+                .replace(`{${"name"}}`, encodeURIComponent(String(name)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication BasicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication BearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * List security.halo.run/v1alpha1/Device
+         * @param {number} [page] Page number. Default is 0.
+         * @param {number} [size] Size number. Default is 0.
+         * @param {Array<string>} [labelSelector] Label selector. e.g.: hidden!&#x3D;true
+         * @param {Array<string>} [fieldSelector] Field selector. e.g.: metadata.name&#x3D;&#x3D;halo
+         * @param {Array<string>} [sort] Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listSecurityHaloRunV1alpha1Device: async (page?: number, size?: number, labelSelector?: Array<string>, fieldSelector?: Array<string>, sort?: Array<string>, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication BasicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication BearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+            if (page !== undefined) {
+                localVarQueryParameter['page'] = page;
+            }
+
+            if (size !== undefined) {
+                localVarQueryParameter['size'] = size;
+            }
+
+            if (labelSelector) {
+                localVarQueryParameter['labelSelector'] = labelSelector;
+            }
+
+            if (fieldSelector) {
+                localVarQueryParameter['fieldSelector'] = fieldSelector;
+            }
+
+            if (sort) {
+                localVarQueryParameter['sort'] = sort;
+            }
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Update security.halo.run/v1alpha1/Device
+         * @param {string} name Name of device
+         * @param {Device} [device] Updated device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        updateSecurityHaloRunV1alpha1Device: async (name: string, device?: Device, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'name' is not null or undefined
+            assertParamExists('updateSecurityHaloRunV1alpha1Device', 'name', name)
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices/{name}`
+                .replace(`{${"name"}}`, encodeURIComponent(String(name)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication BasicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication BearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            localVarHeaderParameter['Content-Type'] = 'application/json';
+
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+            localVarRequestOptions.data = serializeDataIfNeeded(device, localVarRequestOptions, configuration)
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+    }
+};
+
+/**
+ * SecurityHaloRunV1alpha1DeviceApi - functional programming interface
+ * @export
+ */
+export const SecurityHaloRunV1alpha1DeviceApiFp = function(configuration?: Configuration) {
+    const localVarAxiosParamCreator = SecurityHaloRunV1alpha1DeviceApiAxiosParamCreator(configuration)
+    return {
+        /**
+         * Create security.halo.run/v1alpha1/Device
+         * @param {Device} [device] Fresh device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async createSecurityHaloRunV1alpha1Device(device?: Device, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Device>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.createSecurityHaloRunV1alpha1Device(device, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['SecurityHaloRunV1alpha1DeviceApi.createSecurityHaloRunV1alpha1Device']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * Delete security.halo.run/v1alpha1/Device
+         * @param {string} name Name of device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async deleteSecurityHaloRunV1alpha1Device(name: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<void>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.deleteSecurityHaloRunV1alpha1Device(name, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['SecurityHaloRunV1alpha1DeviceApi.deleteSecurityHaloRunV1alpha1Device']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * Get security.halo.run/v1alpha1/Device
+         * @param {string} name Name of device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async getSecurityHaloRunV1alpha1Device(name: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Device>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.getSecurityHaloRunV1alpha1Device(name, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['SecurityHaloRunV1alpha1DeviceApi.getSecurityHaloRunV1alpha1Device']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * List security.halo.run/v1alpha1/Device
+         * @param {number} [page] Page number. Default is 0.
+         * @param {number} [size] Size number. Default is 0.
+         * @param {Array<string>} [labelSelector] Label selector. e.g.: hidden!&#x3D;true
+         * @param {Array<string>} [fieldSelector] Field selector. e.g.: metadata.name&#x3D;&#x3D;halo
+         * @param {Array<string>} [sort] Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async listSecurityHaloRunV1alpha1Device(page?: number, size?: number, labelSelector?: Array<string>, fieldSelector?: Array<string>, sort?: Array<string>, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<DeviceList>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.listSecurityHaloRunV1alpha1Device(page, size, labelSelector, fieldSelector, sort, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['SecurityHaloRunV1alpha1DeviceApi.listSecurityHaloRunV1alpha1Device']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * Update security.halo.run/v1alpha1/Device
+         * @param {string} name Name of device
+         * @param {Device} [device] Updated device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async updateSecurityHaloRunV1alpha1Device(name: string, device?: Device, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Device>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.updateSecurityHaloRunV1alpha1Device(name, device, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['SecurityHaloRunV1alpha1DeviceApi.updateSecurityHaloRunV1alpha1Device']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+    }
+};
+
+/**
+ * SecurityHaloRunV1alpha1DeviceApi - factory interface
+ * @export
+ */
+export const SecurityHaloRunV1alpha1DeviceApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) {
+    const localVarFp = SecurityHaloRunV1alpha1DeviceApiFp(configuration)
+    return {
+        /**
+         * Create security.halo.run/v1alpha1/Device
+         * @param {SecurityHaloRunV1alpha1DeviceApiCreateSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        createSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiCreateSecurityHaloRunV1alpha1DeviceRequest = {}, options?: RawAxiosRequestConfig): AxiosPromise<Device> {
+            return localVarFp.createSecurityHaloRunV1alpha1Device(requestParameters.device, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Delete security.halo.run/v1alpha1/Device
+         * @param {SecurityHaloRunV1alpha1DeviceApiDeleteSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        deleteSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiDeleteSecurityHaloRunV1alpha1DeviceRequest, options?: RawAxiosRequestConfig): AxiosPromise<void> {
+            return localVarFp.deleteSecurityHaloRunV1alpha1Device(requestParameters.name, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Get security.halo.run/v1alpha1/Device
+         * @param {SecurityHaloRunV1alpha1DeviceApiGetSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiGetSecurityHaloRunV1alpha1DeviceRequest, options?: RawAxiosRequestConfig): AxiosPromise<Device> {
+            return localVarFp.getSecurityHaloRunV1alpha1Device(requestParameters.name, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * List security.halo.run/v1alpha1/Device
+         * @param {SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1DeviceRequest = {}, options?: RawAxiosRequestConfig): AxiosPromise<DeviceList> {
+            return localVarFp.listSecurityHaloRunV1alpha1Device(requestParameters.page, requestParameters.size, requestParameters.labelSelector, requestParameters.fieldSelector, requestParameters.sort, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Update security.halo.run/v1alpha1/Device
+         * @param {SecurityHaloRunV1alpha1DeviceApiUpdateSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        updateSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiUpdateSecurityHaloRunV1alpha1DeviceRequest, options?: RawAxiosRequestConfig): AxiosPromise<Device> {
+            return localVarFp.updateSecurityHaloRunV1alpha1Device(requestParameters.name, requestParameters.device, options).then((request) => request(axios, basePath));
+        },
+    };
+};
+
+/**
+ * Request parameters for createSecurityHaloRunV1alpha1Device operation in SecurityHaloRunV1alpha1DeviceApi.
+ * @export
+ * @interface SecurityHaloRunV1alpha1DeviceApiCreateSecurityHaloRunV1alpha1DeviceRequest
+ */
+export interface SecurityHaloRunV1alpha1DeviceApiCreateSecurityHaloRunV1alpha1DeviceRequest {
+    /**
+     * Fresh device
+     * @type {Device}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiCreateSecurityHaloRunV1alpha1Device
+     */
+    readonly device?: Device
+}
+
+/**
+ * Request parameters for deleteSecurityHaloRunV1alpha1Device operation in SecurityHaloRunV1alpha1DeviceApi.
+ * @export
+ * @interface SecurityHaloRunV1alpha1DeviceApiDeleteSecurityHaloRunV1alpha1DeviceRequest
+ */
+export interface SecurityHaloRunV1alpha1DeviceApiDeleteSecurityHaloRunV1alpha1DeviceRequest {
+    /**
+     * Name of device
+     * @type {string}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiDeleteSecurityHaloRunV1alpha1Device
+     */
+    readonly name: string
+}
+
+/**
+ * Request parameters for getSecurityHaloRunV1alpha1Device operation in SecurityHaloRunV1alpha1DeviceApi.
+ * @export
+ * @interface SecurityHaloRunV1alpha1DeviceApiGetSecurityHaloRunV1alpha1DeviceRequest
+ */
+export interface SecurityHaloRunV1alpha1DeviceApiGetSecurityHaloRunV1alpha1DeviceRequest {
+    /**
+     * Name of device
+     * @type {string}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiGetSecurityHaloRunV1alpha1Device
+     */
+    readonly name: string
+}
+
+/**
+ * Request parameters for listSecurityHaloRunV1alpha1Device operation in SecurityHaloRunV1alpha1DeviceApi.
+ * @export
+ * @interface SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1DeviceRequest
+ */
+export interface SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1DeviceRequest {
+    /**
+     * Page number. Default is 0.
+     * @type {number}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1Device
+     */
+    readonly page?: number
+
+    /**
+     * Size number. Default is 0.
+     * @type {number}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1Device
+     */
+    readonly size?: number
+
+    /**
+     * Label selector. e.g.: hidden!&#x3D;true
+     * @type {Array<string>}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1Device
+     */
+    readonly labelSelector?: Array<string>
+
+    /**
+     * Field selector. e.g.: metadata.name&#x3D;&#x3D;halo
+     * @type {Array<string>}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1Device
+     */
+    readonly fieldSelector?: Array<string>
+
+    /**
+     * Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.
+     * @type {Array<string>}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1Device
+     */
+    readonly sort?: Array<string>
+}
+
+/**
+ * Request parameters for updateSecurityHaloRunV1alpha1Device operation in SecurityHaloRunV1alpha1DeviceApi.
+ * @export
+ * @interface SecurityHaloRunV1alpha1DeviceApiUpdateSecurityHaloRunV1alpha1DeviceRequest
+ */
+export interface SecurityHaloRunV1alpha1DeviceApiUpdateSecurityHaloRunV1alpha1DeviceRequest {
+    /**
+     * Name of device
+     * @type {string}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiUpdateSecurityHaloRunV1alpha1Device
+     */
+    readonly name: string
+
+    /**
+     * Updated device
+     * @type {Device}
+     * @memberof SecurityHaloRunV1alpha1DeviceApiUpdateSecurityHaloRunV1alpha1Device
+     */
+    readonly device?: Device
+}
+
+/**
+ * SecurityHaloRunV1alpha1DeviceApi - object-oriented interface
+ * @export
+ * @class SecurityHaloRunV1alpha1DeviceApi
+ * @extends {BaseAPI}
+ */
+export class SecurityHaloRunV1alpha1DeviceApi extends BaseAPI {
+    /**
+     * Create security.halo.run/v1alpha1/Device
+     * @param {SecurityHaloRunV1alpha1DeviceApiCreateSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof SecurityHaloRunV1alpha1DeviceApi
+     */
+    public createSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiCreateSecurityHaloRunV1alpha1DeviceRequest = {}, options?: RawAxiosRequestConfig) {
+        return SecurityHaloRunV1alpha1DeviceApiFp(this.configuration).createSecurityHaloRunV1alpha1Device(requestParameters.device, options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * Delete security.halo.run/v1alpha1/Device
+     * @param {SecurityHaloRunV1alpha1DeviceApiDeleteSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof SecurityHaloRunV1alpha1DeviceApi
+     */
+    public deleteSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiDeleteSecurityHaloRunV1alpha1DeviceRequest, options?: RawAxiosRequestConfig) {
+        return SecurityHaloRunV1alpha1DeviceApiFp(this.configuration).deleteSecurityHaloRunV1alpha1Device(requestParameters.name, options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * Get security.halo.run/v1alpha1/Device
+     * @param {SecurityHaloRunV1alpha1DeviceApiGetSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof SecurityHaloRunV1alpha1DeviceApi
+     */
+    public getSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiGetSecurityHaloRunV1alpha1DeviceRequest, options?: RawAxiosRequestConfig) {
+        return SecurityHaloRunV1alpha1DeviceApiFp(this.configuration).getSecurityHaloRunV1alpha1Device(requestParameters.name, options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * List security.halo.run/v1alpha1/Device
+     * @param {SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof SecurityHaloRunV1alpha1DeviceApi
+     */
+    public listSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiListSecurityHaloRunV1alpha1DeviceRequest = {}, options?: RawAxiosRequestConfig) {
+        return SecurityHaloRunV1alpha1DeviceApiFp(this.configuration).listSecurityHaloRunV1alpha1Device(requestParameters.page, requestParameters.size, requestParameters.labelSelector, requestParameters.fieldSelector, requestParameters.sort, options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * Update security.halo.run/v1alpha1/Device
+     * @param {SecurityHaloRunV1alpha1DeviceApiUpdateSecurityHaloRunV1alpha1DeviceRequest} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof SecurityHaloRunV1alpha1DeviceApi
+     */
+    public updateSecurityHaloRunV1alpha1Device(requestParameters: SecurityHaloRunV1alpha1DeviceApiUpdateSecurityHaloRunV1alpha1DeviceRequest, options?: RawAxiosRequestConfig) {
+        return SecurityHaloRunV1alpha1DeviceApiFp(this.configuration).updateSecurityHaloRunV1alpha1Device(requestParameters.name, requestParameters.device, options).then((request) => request(this.axios, this.basePath));
+    }
+}
+
diff --git a/ui/packages/api-client/src/api/uc-api-security-halo-run-v1alpha1-device-api.ts b/ui/packages/api-client/src/api/uc-api-security-halo-run-v1alpha1-device-api.ts
new file mode 100644
index 000000000..d1edfb02c
--- /dev/null
+++ b/ui/packages/api-client/src/api/uc-api-security-halo-run-v1alpha1-device-api.ts
@@ -0,0 +1,215 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.17.0-SNAPSHOT
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+import type { Configuration } from '../configuration';
+import type { AxiosPromise, AxiosInstance, RawAxiosRequestConfig } from 'axios';
+import globalAxios from 'axios';
+// Some imports not used depending on template conditions
+// @ts-ignore
+import { DUMMY_BASE_URL, assertParamExists, setApiKeyToObject, setBasicAuthToObject, setBearerAuthToObject, setOAuthToObject, setSearchParams, serializeDataIfNeeded, toPathString, createRequestFunction } from '../common';
+// @ts-ignore
+import { BASE_PATH, COLLECTION_FORMATS, RequestArgs, BaseAPI, RequiredError, operationServerMap } from '../base';
+// @ts-ignore
+import { UserDevice } from '../models';
+/**
+ * UcApiSecurityHaloRunV1alpha1DeviceApi - axios parameter creator
+ * @export
+ */
+export const UcApiSecurityHaloRunV1alpha1DeviceApiAxiosParamCreator = function (configuration?: Configuration) {
+    return {
+        /**
+         * List all user devices
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listDevices: async (options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/apis/uc.api.security.halo.run/v1alpha1/devices`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Revoke a own device
+         * @param {string} deviceId Device ID
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        revokeDevice: async (deviceId: string, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'deviceId' is not null or undefined
+            assertParamExists('revokeDevice', 'deviceId', deviceId)
+            const localVarPath = `/apis/uc.api.security.halo.run/v1alpha1/devices/{deviceId}`
+                .replace(`{${"deviceId"}}`, encodeURIComponent(String(deviceId)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+    }
+};
+
+/**
+ * UcApiSecurityHaloRunV1alpha1DeviceApi - functional programming interface
+ * @export
+ */
+export const UcApiSecurityHaloRunV1alpha1DeviceApiFp = function(configuration?: Configuration) {
+    const localVarAxiosParamCreator = UcApiSecurityHaloRunV1alpha1DeviceApiAxiosParamCreator(configuration)
+    return {
+        /**
+         * List all user devices
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async listDevices(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Array<UserDevice>>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.listDevices(options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['UcApiSecurityHaloRunV1alpha1DeviceApi.listDevices']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * Revoke a own device
+         * @param {string} deviceId Device ID
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async revokeDevice(deviceId: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<void>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.revokeDevice(deviceId, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['UcApiSecurityHaloRunV1alpha1DeviceApi.revokeDevice']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+    }
+};
+
+/**
+ * UcApiSecurityHaloRunV1alpha1DeviceApi - factory interface
+ * @export
+ */
+export const UcApiSecurityHaloRunV1alpha1DeviceApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) {
+    const localVarFp = UcApiSecurityHaloRunV1alpha1DeviceApiFp(configuration)
+    return {
+        /**
+         * List all user devices
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listDevices(options?: RawAxiosRequestConfig): AxiosPromise<Array<UserDevice>> {
+            return localVarFp.listDevices(options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Revoke a own device
+         * @param {UcApiSecurityHaloRunV1alpha1DeviceApiRevokeDeviceRequest} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        revokeDevice(requestParameters: UcApiSecurityHaloRunV1alpha1DeviceApiRevokeDeviceRequest, options?: RawAxiosRequestConfig): AxiosPromise<void> {
+            return localVarFp.revokeDevice(requestParameters.deviceId, options).then((request) => request(axios, basePath));
+        },
+    };
+};
+
+/**
+ * Request parameters for revokeDevice operation in UcApiSecurityHaloRunV1alpha1DeviceApi.
+ * @export
+ * @interface UcApiSecurityHaloRunV1alpha1DeviceApiRevokeDeviceRequest
+ */
+export interface UcApiSecurityHaloRunV1alpha1DeviceApiRevokeDeviceRequest {
+    /**
+     * Device ID
+     * @type {string}
+     * @memberof UcApiSecurityHaloRunV1alpha1DeviceApiRevokeDevice
+     */
+    readonly deviceId: string
+}
+
+/**
+ * UcApiSecurityHaloRunV1alpha1DeviceApi - object-oriented interface
+ * @export
+ * @class UcApiSecurityHaloRunV1alpha1DeviceApi
+ * @extends {BaseAPI}
+ */
+export class UcApiSecurityHaloRunV1alpha1DeviceApi extends BaseAPI {
+    /**
+     * List all user devices
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof UcApiSecurityHaloRunV1alpha1DeviceApi
+     */
+    public listDevices(options?: RawAxiosRequestConfig) {
+        return UcApiSecurityHaloRunV1alpha1DeviceApiFp(this.configuration).listDevices(options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * Revoke a own device
+     * @param {UcApiSecurityHaloRunV1alpha1DeviceApiRevokeDeviceRequest} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof UcApiSecurityHaloRunV1alpha1DeviceApi
+     */
+    public revokeDevice(requestParameters: UcApiSecurityHaloRunV1alpha1DeviceApiRevokeDeviceRequest, options?: RawAxiosRequestConfig) {
+        return UcApiSecurityHaloRunV1alpha1DeviceApiFp(this.configuration).revokeDevice(requestParameters.deviceId, options).then((request) => request(this.axios, this.basePath));
+    }
+}
+
diff --git a/ui/packages/api-client/src/api/v1alpha1-v1alpha1-api.ts b/ui/packages/api-client/src/api/v1alpha1-v1alpha1-api.ts
new file mode 100644
index 000000000..11fd231e3
--- /dev/null
+++ b/ui/packages/api-client/src/api/v1alpha1-v1alpha1-api.ts
@@ -0,0 +1,665 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.17.0-SNAPSHOT
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+import type { Configuration } from '../configuration';
+import type { AxiosPromise, AxiosInstance, RawAxiosRequestConfig } from 'axios';
+import globalAxios from 'axios';
+// Some imports not used depending on template conditions
+// @ts-ignore
+import { DUMMY_BASE_URL, assertParamExists, setApiKeyToObject, setBasicAuthToObject, setBearerAuthToObject, setOAuthToObject, setSearchParams, serializeDataIfNeeded, toPathString, createRequestFunction } from '../common';
+// @ts-ignore
+import { BASE_PATH, COLLECTION_FORMATS, RequestArgs, BaseAPI, RequiredError, operationServerMap } from '../base';
+// @ts-ignore
+import { Device } from '../models';
+// @ts-ignore
+import { JsonPatchInner } from '../models';
+// @ts-ignore
+import { V1alpha1List } from '../models';
+/**
+ * V1alpha1V1alpha1Api - axios parameter creator
+ * @export
+ */
+export const V1alpha1V1alpha1ApiAxiosParamCreator = function (configuration?: Configuration) {
+    return {
+        /**
+         * Create v1alpha1
+         * @param {Device} [device] Fresh device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        createv1alpha1: async (device?: Device, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            localVarHeaderParameter['Content-Type'] = 'application/json';
+
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+            localVarRequestOptions.data = serializeDataIfNeeded(device, localVarRequestOptions, configuration)
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Delete v1alpha1
+         * @param {string} name Name of device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        deletev1alpha1: async (name: string, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'name' is not null or undefined
+            assertParamExists('deletev1alpha1', 'name', name)
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices/{name}`
+                .replace(`{${"name"}}`, encodeURIComponent(String(name)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Get v1alpha1
+         * @param {string} name Name of device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getv1alpha1: async (name: string, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'name' is not null or undefined
+            assertParamExists('getv1alpha1', 'name', name)
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices/{name}`
+                .replace(`{${"name"}}`, encodeURIComponent(String(name)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * List v1alpha1
+         * @param {number} [page] Page number. Default is 0.
+         * @param {number} [size] Size number. Default is 0.
+         * @param {Array<string>} [labelSelector] Label selector. e.g.: hidden!&#x3D;true
+         * @param {Array<string>} [fieldSelector] Field selector. e.g.: metadata.name&#x3D;&#x3D;halo
+         * @param {Array<string>} [sort] Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listv1alpha1: async (page?: number, size?: number, labelSelector?: Array<string>, fieldSelector?: Array<string>, sort?: Array<string>, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+            if (page !== undefined) {
+                localVarQueryParameter['page'] = page;
+            }
+
+            if (size !== undefined) {
+                localVarQueryParameter['size'] = size;
+            }
+
+            if (labelSelector) {
+                localVarQueryParameter['labelSelector'] = labelSelector;
+            }
+
+            if (fieldSelector) {
+                localVarQueryParameter['fieldSelector'] = fieldSelector;
+            }
+
+            if (sort) {
+                localVarQueryParameter['sort'] = sort;
+            }
+
+
+    
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Patch v1alpha1
+         * @param {string} name Name of device
+         * @param {Array<JsonPatchInner>} [jsonPatchInner] 
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        patchv1alpha1: async (name: string, jsonPatchInner?: Array<JsonPatchInner>, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'name' is not null or undefined
+            assertParamExists('patchv1alpha1', 'name', name)
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices/{name}`
+                .replace(`{${"name"}}`, encodeURIComponent(String(name)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'PATCH', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            localVarHeaderParameter['Content-Type'] = 'application/json-patch+json';
+
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+            localVarRequestOptions.data = serializeDataIfNeeded(jsonPatchInner, localVarRequestOptions, configuration)
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Update v1alpha1
+         * @param {string} name Name of device
+         * @param {Device} [device] Updated device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        updatev1alpha1: async (name: string, device?: Device, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'name' is not null or undefined
+            assertParamExists('updatev1alpha1', 'name', name)
+            const localVarPath = `/apis/security.halo.run/v1alpha1/devices/{name}`
+                .replace(`{${"name"}}`, encodeURIComponent(String(name)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication basicAuth required
+            // http basic authentication required
+            setBasicAuthToObject(localVarRequestOptions, configuration)
+
+            // authentication bearerAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+
+    
+            localVarHeaderParameter['Content-Type'] = 'application/json';
+
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+            localVarRequestOptions.data = serializeDataIfNeeded(device, localVarRequestOptions, configuration)
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+    }
+};
+
+/**
+ * V1alpha1V1alpha1Api - functional programming interface
+ * @export
+ */
+export const V1alpha1V1alpha1ApiFp = function(configuration?: Configuration) {
+    const localVarAxiosParamCreator = V1alpha1V1alpha1ApiAxiosParamCreator(configuration)
+    return {
+        /**
+         * Create v1alpha1
+         * @param {Device} [device] Fresh device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async createv1alpha1(device?: Device, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Device>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.createv1alpha1(device, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['V1alpha1V1alpha1Api.createv1alpha1']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * Delete v1alpha1
+         * @param {string} name Name of device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async deletev1alpha1(name: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<void>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.deletev1alpha1(name, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['V1alpha1V1alpha1Api.deletev1alpha1']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * Get v1alpha1
+         * @param {string} name Name of device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async getv1alpha1(name: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Device>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.getv1alpha1(name, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['V1alpha1V1alpha1Api.getv1alpha1']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * List v1alpha1
+         * @param {number} [page] Page number. Default is 0.
+         * @param {number} [size] Size number. Default is 0.
+         * @param {Array<string>} [labelSelector] Label selector. e.g.: hidden!&#x3D;true
+         * @param {Array<string>} [fieldSelector] Field selector. e.g.: metadata.name&#x3D;&#x3D;halo
+         * @param {Array<string>} [sort] Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async listv1alpha1(page?: number, size?: number, labelSelector?: Array<string>, fieldSelector?: Array<string>, sort?: Array<string>, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<V1alpha1List>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.listv1alpha1(page, size, labelSelector, fieldSelector, sort, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['V1alpha1V1alpha1Api.listv1alpha1']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * Patch v1alpha1
+         * @param {string} name Name of device
+         * @param {Array<JsonPatchInner>} [jsonPatchInner] 
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async patchv1alpha1(name: string, jsonPatchInner?: Array<JsonPatchInner>, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Device>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.patchv1alpha1(name, jsonPatchInner, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['V1alpha1V1alpha1Api.patchv1alpha1']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+        /**
+         * Update v1alpha1
+         * @param {string} name Name of device
+         * @param {Device} [device] Updated device
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async updatev1alpha1(name: string, device?: Device, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Device>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.updatev1alpha1(name, device, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['V1alpha1V1alpha1Api.updatev1alpha1']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
+    }
+};
+
+/**
+ * V1alpha1V1alpha1Api - factory interface
+ * @export
+ */
+export const V1alpha1V1alpha1ApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) {
+    const localVarFp = V1alpha1V1alpha1ApiFp(configuration)
+    return {
+        /**
+         * Create v1alpha1
+         * @param {V1alpha1V1alpha1ApiCreatev1alpha1Request} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        createv1alpha1(requestParameters: V1alpha1V1alpha1ApiCreatev1alpha1Request = {}, options?: RawAxiosRequestConfig): AxiosPromise<Device> {
+            return localVarFp.createv1alpha1(requestParameters.device, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Delete v1alpha1
+         * @param {V1alpha1V1alpha1ApiDeletev1alpha1Request} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        deletev1alpha1(requestParameters: V1alpha1V1alpha1ApiDeletev1alpha1Request, options?: RawAxiosRequestConfig): AxiosPromise<void> {
+            return localVarFp.deletev1alpha1(requestParameters.name, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Get v1alpha1
+         * @param {V1alpha1V1alpha1ApiGetv1alpha1Request} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getv1alpha1(requestParameters: V1alpha1V1alpha1ApiGetv1alpha1Request, options?: RawAxiosRequestConfig): AxiosPromise<Device> {
+            return localVarFp.getv1alpha1(requestParameters.name, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * List v1alpha1
+         * @param {V1alpha1V1alpha1ApiListv1alpha1Request} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        listv1alpha1(requestParameters: V1alpha1V1alpha1ApiListv1alpha1Request = {}, options?: RawAxiosRequestConfig): AxiosPromise<V1alpha1List> {
+            return localVarFp.listv1alpha1(requestParameters.page, requestParameters.size, requestParameters.labelSelector, requestParameters.fieldSelector, requestParameters.sort, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Patch v1alpha1
+         * @param {V1alpha1V1alpha1ApiPatchv1alpha1Request} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        patchv1alpha1(requestParameters: V1alpha1V1alpha1ApiPatchv1alpha1Request, options?: RawAxiosRequestConfig): AxiosPromise<Device> {
+            return localVarFp.patchv1alpha1(requestParameters.name, requestParameters.jsonPatchInner, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Update v1alpha1
+         * @param {V1alpha1V1alpha1ApiUpdatev1alpha1Request} requestParameters Request parameters.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        updatev1alpha1(requestParameters: V1alpha1V1alpha1ApiUpdatev1alpha1Request, options?: RawAxiosRequestConfig): AxiosPromise<Device> {
+            return localVarFp.updatev1alpha1(requestParameters.name, requestParameters.device, options).then((request) => request(axios, basePath));
+        },
+    };
+};
+
+/**
+ * Request parameters for createv1alpha1 operation in V1alpha1V1alpha1Api.
+ * @export
+ * @interface V1alpha1V1alpha1ApiCreatev1alpha1Request
+ */
+export interface V1alpha1V1alpha1ApiCreatev1alpha1Request {
+    /**
+     * Fresh device
+     * @type {Device}
+     * @memberof V1alpha1V1alpha1ApiCreatev1alpha1
+     */
+    readonly device?: Device
+}
+
+/**
+ * Request parameters for deletev1alpha1 operation in V1alpha1V1alpha1Api.
+ * @export
+ * @interface V1alpha1V1alpha1ApiDeletev1alpha1Request
+ */
+export interface V1alpha1V1alpha1ApiDeletev1alpha1Request {
+    /**
+     * Name of device
+     * @type {string}
+     * @memberof V1alpha1V1alpha1ApiDeletev1alpha1
+     */
+    readonly name: string
+}
+
+/**
+ * Request parameters for getv1alpha1 operation in V1alpha1V1alpha1Api.
+ * @export
+ * @interface V1alpha1V1alpha1ApiGetv1alpha1Request
+ */
+export interface V1alpha1V1alpha1ApiGetv1alpha1Request {
+    /**
+     * Name of device
+     * @type {string}
+     * @memberof V1alpha1V1alpha1ApiGetv1alpha1
+     */
+    readonly name: string
+}
+
+/**
+ * Request parameters for listv1alpha1 operation in V1alpha1V1alpha1Api.
+ * @export
+ * @interface V1alpha1V1alpha1ApiListv1alpha1Request
+ */
+export interface V1alpha1V1alpha1ApiListv1alpha1Request {
+    /**
+     * Page number. Default is 0.
+     * @type {number}
+     * @memberof V1alpha1V1alpha1ApiListv1alpha1
+     */
+    readonly page?: number
+
+    /**
+     * Size number. Default is 0.
+     * @type {number}
+     * @memberof V1alpha1V1alpha1ApiListv1alpha1
+     */
+    readonly size?: number
+
+    /**
+     * Label selector. e.g.: hidden!&#x3D;true
+     * @type {Array<string>}
+     * @memberof V1alpha1V1alpha1ApiListv1alpha1
+     */
+    readonly labelSelector?: Array<string>
+
+    /**
+     * Field selector. e.g.: metadata.name&#x3D;&#x3D;halo
+     * @type {Array<string>}
+     * @memberof V1alpha1V1alpha1ApiListv1alpha1
+     */
+    readonly fieldSelector?: Array<string>
+
+    /**
+     * Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported.
+     * @type {Array<string>}
+     * @memberof V1alpha1V1alpha1ApiListv1alpha1
+     */
+    readonly sort?: Array<string>
+}
+
+/**
+ * Request parameters for patchv1alpha1 operation in V1alpha1V1alpha1Api.
+ * @export
+ * @interface V1alpha1V1alpha1ApiPatchv1alpha1Request
+ */
+export interface V1alpha1V1alpha1ApiPatchv1alpha1Request {
+    /**
+     * Name of device
+     * @type {string}
+     * @memberof V1alpha1V1alpha1ApiPatchv1alpha1
+     */
+    readonly name: string
+
+    /**
+     * 
+     * @type {Array<JsonPatchInner>}
+     * @memberof V1alpha1V1alpha1ApiPatchv1alpha1
+     */
+    readonly jsonPatchInner?: Array<JsonPatchInner>
+}
+
+/**
+ * Request parameters for updatev1alpha1 operation in V1alpha1V1alpha1Api.
+ * @export
+ * @interface V1alpha1V1alpha1ApiUpdatev1alpha1Request
+ */
+export interface V1alpha1V1alpha1ApiUpdatev1alpha1Request {
+    /**
+     * Name of device
+     * @type {string}
+     * @memberof V1alpha1V1alpha1ApiUpdatev1alpha1
+     */
+    readonly name: string
+
+    /**
+     * Updated device
+     * @type {Device}
+     * @memberof V1alpha1V1alpha1ApiUpdatev1alpha1
+     */
+    readonly device?: Device
+}
+
+/**
+ * V1alpha1V1alpha1Api - object-oriented interface
+ * @export
+ * @class V1alpha1V1alpha1Api
+ * @extends {BaseAPI}
+ */
+export class V1alpha1V1alpha1Api extends BaseAPI {
+    /**
+     * Create v1alpha1
+     * @param {V1alpha1V1alpha1ApiCreatev1alpha1Request} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof V1alpha1V1alpha1Api
+     */
+    public createv1alpha1(requestParameters: V1alpha1V1alpha1ApiCreatev1alpha1Request = {}, options?: RawAxiosRequestConfig) {
+        return V1alpha1V1alpha1ApiFp(this.configuration).createv1alpha1(requestParameters.device, options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * Delete v1alpha1
+     * @param {V1alpha1V1alpha1ApiDeletev1alpha1Request} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof V1alpha1V1alpha1Api
+     */
+    public deletev1alpha1(requestParameters: V1alpha1V1alpha1ApiDeletev1alpha1Request, options?: RawAxiosRequestConfig) {
+        return V1alpha1V1alpha1ApiFp(this.configuration).deletev1alpha1(requestParameters.name, options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * Get v1alpha1
+     * @param {V1alpha1V1alpha1ApiGetv1alpha1Request} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof V1alpha1V1alpha1Api
+     */
+    public getv1alpha1(requestParameters: V1alpha1V1alpha1ApiGetv1alpha1Request, options?: RawAxiosRequestConfig) {
+        return V1alpha1V1alpha1ApiFp(this.configuration).getv1alpha1(requestParameters.name, options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * List v1alpha1
+     * @param {V1alpha1V1alpha1ApiListv1alpha1Request} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof V1alpha1V1alpha1Api
+     */
+    public listv1alpha1(requestParameters: V1alpha1V1alpha1ApiListv1alpha1Request = {}, options?: RawAxiosRequestConfig) {
+        return V1alpha1V1alpha1ApiFp(this.configuration).listv1alpha1(requestParameters.page, requestParameters.size, requestParameters.labelSelector, requestParameters.fieldSelector, requestParameters.sort, options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * Patch v1alpha1
+     * @param {V1alpha1V1alpha1ApiPatchv1alpha1Request} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof V1alpha1V1alpha1Api
+     */
+    public patchv1alpha1(requestParameters: V1alpha1V1alpha1ApiPatchv1alpha1Request, options?: RawAxiosRequestConfig) {
+        return V1alpha1V1alpha1ApiFp(this.configuration).patchv1alpha1(requestParameters.name, requestParameters.jsonPatchInner, options).then((request) => request(this.axios, this.basePath));
+    }
+
+    /**
+     * Update v1alpha1
+     * @param {V1alpha1V1alpha1ApiUpdatev1alpha1Request} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof V1alpha1V1alpha1Api
+     */
+    public updatev1alpha1(requestParameters: V1alpha1V1alpha1ApiUpdatev1alpha1Request, options?: RawAxiosRequestConfig) {
+        return V1alpha1V1alpha1ApiFp(this.configuration).updatev1alpha1(requestParameters.name, requestParameters.device, options).then((request) => request(this.axios, this.basePath));
+    }
+}
+
diff --git a/ui/packages/api-client/src/models/device-list.ts b/ui/packages/api-client/src/models/device-list.ts
new file mode 100644
index 000000000..1332f1380
--- /dev/null
+++ b/ui/packages/api-client/src/models/device-list.ts
@@ -0,0 +1,81 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo Next API
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.0.0
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+// May contain unused imports in some cases
+// @ts-ignore
+import { Device } from './device';
+
+/**
+ * 
+ * @export
+ * @interface DeviceList
+ */
+export interface DeviceList {
+    /**
+     * Indicates whether current page is the first page.
+     * @type {boolean}
+     * @memberof DeviceList
+     */
+    'first': boolean;
+    /**
+     * Indicates whether current page has previous page.
+     * @type {boolean}
+     * @memberof DeviceList
+     */
+    'hasNext': boolean;
+    /**
+     * Indicates whether current page has previous page.
+     * @type {boolean}
+     * @memberof DeviceList
+     */
+    'hasPrevious': boolean;
+    /**
+     * A chunk of items.
+     * @type {Array<Device>}
+     * @memberof DeviceList
+     */
+    'items': Array<Device>;
+    /**
+     * Indicates whether current page is the last page.
+     * @type {boolean}
+     * @memberof DeviceList
+     */
+    'last': boolean;
+    /**
+     * Page number, starts from 1. If not set or equal to 0, it means no pagination.
+     * @type {number}
+     * @memberof DeviceList
+     */
+    'page': number;
+    /**
+     * Size of each page. If not set or equal to 0, it means no pagination.
+     * @type {number}
+     * @memberof DeviceList
+     */
+    'size': number;
+    /**
+     * Total elements.
+     * @type {number}
+     * @memberof DeviceList
+     */
+    'total': number;
+    /**
+     * Indicates total pages.
+     * @type {number}
+     * @memberof DeviceList
+     */
+    'totalPages': number;
+}
+
diff --git a/ui/packages/api-client/src/models/device-spec.ts b/ui/packages/api-client/src/models/device-spec.ts
new file mode 100644
index 000000000..b6b92adff
--- /dev/null
+++ b/ui/packages/api-client/src/models/device-spec.ts
@@ -0,0 +1,66 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.17.0-SNAPSHOT
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+
+/**
+ * 
+ * @export
+ * @interface DeviceSpec
+ */
+export interface DeviceSpec {
+    /**
+     * 
+     * @type {string}
+     * @memberof DeviceSpec
+     */
+    'ipAddress': string;
+    /**
+     * 
+     * @type {string}
+     * @memberof DeviceSpec
+     */
+    'lastAccessedTime'?: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof DeviceSpec
+     */
+    'lastAuthenticatedTime'?: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof DeviceSpec
+     */
+    'principalName': string;
+    /**
+     * 
+     * @type {string}
+     * @memberof DeviceSpec
+     */
+    'rememberMeSeriesId'?: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof DeviceSpec
+     */
+    'sessionId': string;
+    /**
+     * 
+     * @type {string}
+     * @memberof DeviceSpec
+     */
+    'userAgent'?: string;
+}
+
diff --git a/ui/packages/api-client/src/models/device-status.ts b/ui/packages/api-client/src/models/device-status.ts
new file mode 100644
index 000000000..f1b6522cd
--- /dev/null
+++ b/ui/packages/api-client/src/models/device-status.ts
@@ -0,0 +1,36 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.17.0-SNAPSHOT
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+
+/**
+ * 
+ * @export
+ * @interface DeviceStatus
+ */
+export interface DeviceStatus {
+    /**
+     * 
+     * @type {string}
+     * @memberof DeviceStatus
+     */
+    'browser'?: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof DeviceStatus
+     */
+    'os'?: string;
+}
+
diff --git a/ui/packages/api-client/src/models/device.ts b/ui/packages/api-client/src/models/device.ts
new file mode 100644
index 000000000..561191190
--- /dev/null
+++ b/ui/packages/api-client/src/models/device.ts
@@ -0,0 +1,63 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.17.0-SNAPSHOT
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+// May contain unused imports in some cases
+// @ts-ignore
+import { DeviceSpec } from './device-spec';
+// May contain unused imports in some cases
+// @ts-ignore
+import { DeviceStatus } from './device-status';
+// May contain unused imports in some cases
+// @ts-ignore
+import { Metadata } from './metadata';
+
+/**
+ * 
+ * @export
+ * @interface Device
+ */
+export interface Device {
+    /**
+     * 
+     * @type {string}
+     * @memberof Device
+     */
+    'apiVersion': string;
+    /**
+     * 
+     * @type {string}
+     * @memberof Device
+     */
+    'kind': string;
+    /**
+     * 
+     * @type {Metadata}
+     * @memberof Device
+     */
+    'metadata': Metadata;
+    /**
+     * 
+     * @type {DeviceSpec}
+     * @memberof Device
+     */
+    'spec': DeviceSpec;
+    /**
+     * 
+     * @type {DeviceStatus}
+     * @memberof Device
+     */
+    'status': DeviceStatus;
+}
+
diff --git a/ui/packages/api-client/src/models/index.ts b/ui/packages/api-client/src/models/index.ts
index c2ff8ee3d..83ed9e3bc 100644
--- a/ui/packages/api-client/src/models/index.ts
+++ b/ui/packages/api-client/src/models/index.ts
@@ -53,6 +53,9 @@ export * from './create-user-request';
 export * from './custom-templates';
 export * from './dashboard-stats';
 export * from './detailed-user';
+export * from './device';
+export * from './device-spec';
+export * from './device-status';
 export * from './email-config-validation-request';
 export * from './email-verify-request';
 export * from './excerpt';
@@ -234,10 +237,12 @@ export * from './user';
 export * from './user-connection';
 export * from './user-connection-list';
 export * from './user-connection-spec';
+export * from './user-device';
 export * from './user-endpoint-listed-user-list';
 export * from './user-list';
 export * from './user-permission';
 export * from './user-spec';
 export * from './user-status';
+export * from './v1alpha1-list';
 export * from './verify-code-request';
 export * from './vote-request';
diff --git a/ui/packages/api-client/src/models/subscription-subscriber.ts b/ui/packages/api-client/src/models/subscription-subscriber.ts
index 97ebbc439..3fe8a9afa 100644
--- a/ui/packages/api-client/src/models/subscription-subscriber.ts
+++ b/ui/packages/api-client/src/models/subscription-subscriber.ts
@@ -25,6 +25,6 @@ export interface SubscriptionSubscriber {
      * @type {string}
      * @memberof SubscriptionSubscriber
      */
-    'name'?: string;
+    'name': string;
 }
 
diff --git a/ui/packages/api-client/src/models/user-device.ts b/ui/packages/api-client/src/models/user-device.ts
new file mode 100644
index 000000000..27e7c7bc7
--- /dev/null
+++ b/ui/packages/api-client/src/models/user-device.ts
@@ -0,0 +1,45 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.17.0-SNAPSHOT
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+// May contain unused imports in some cases
+// @ts-ignore
+import { Device } from './device';
+
+/**
+ * 
+ * @export
+ * @interface UserDevice
+ */
+export interface UserDevice {
+    /**
+     * 
+     * @type {boolean}
+     * @memberof UserDevice
+     */
+    'active': boolean;
+    /**
+     * 
+     * @type {boolean}
+     * @memberof UserDevice
+     */
+    'currentDevice': boolean;
+    /**
+     * 
+     * @type {Device}
+     * @memberof UserDevice
+     */
+    'device': Device;
+}
+
diff --git a/ui/packages/api-client/src/models/v1alpha1-list.ts b/ui/packages/api-client/src/models/v1alpha1-list.ts
new file mode 100644
index 000000000..bbfc270f0
--- /dev/null
+++ b/ui/packages/api-client/src/models/v1alpha1-list.ts
@@ -0,0 +1,81 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Halo
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 2.17.0-SNAPSHOT
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+
+// May contain unused imports in some cases
+// @ts-ignore
+import { Device } from './device';
+
+/**
+ * 
+ * @export
+ * @interface V1alpha1List
+ */
+export interface V1alpha1List {
+    /**
+     * Indicates whether current page is the first page.
+     * @type {boolean}
+     * @memberof V1alpha1List
+     */
+    'first': boolean;
+    /**
+     * Indicates whether current page has previous page.
+     * @type {boolean}
+     * @memberof V1alpha1List
+     */
+    'hasNext': boolean;
+    /**
+     * Indicates whether current page has previous page.
+     * @type {boolean}
+     * @memberof V1alpha1List
+     */
+    'hasPrevious': boolean;
+    /**
+     * A chunk of items.
+     * @type {Array<Device>}
+     * @memberof V1alpha1List
+     */
+    'items': Array<Device>;
+    /**
+     * Indicates whether current page is the last page.
+     * @type {boolean}
+     * @memberof V1alpha1List
+     */
+    'last': boolean;
+    /**
+     * Page number, starts from 1. If not set or equal to 0, it means no pagination.
+     * @type {number}
+     * @memberof V1alpha1List
+     */
+    'page': number;
+    /**
+     * Size of each page. If not set or equal to 0, it means no pagination.
+     * @type {number}
+     * @memberof V1alpha1List
+     */
+    'size': number;
+    /**
+     * Total elements.
+     * @type {number}
+     * @memberof V1alpha1List
+     */
+    'total': number;
+    /**
+     * Indicates total pages.
+     * @type {number}
+     * @memberof V1alpha1List
+     */
+    'totalPages': number;
+}
+
diff --git a/ui/pnpm-lock.yaml b/ui/pnpm-lock.yaml
index 96d037911..482a68892 100644
--- a/ui/pnpm-lock.yaml
+++ b/ui/pnpm-lock.yaml
@@ -179,6 +179,9 @@ importers:
       transliteration:
         specifier: ^2.3.5
         version: 2.3.5
+      ua-parser-js:
+        specifier: ^1.0.38
+        version: 1.0.38
       vue:
         specifier: ^3.4.27
         version: 3.4.27(typescript@5.3.3)
@@ -237,6 +240,9 @@ importers:
       '@types/randomstring':
         specifier: ^1.1.8
         version: 1.1.8
+      '@types/ua-parser-js':
+        specifier: ^0.7.39
+        version: 0.7.39
       '@vitejs/plugin-vue':
         specifier: ^5.0.4
         version: 5.0.4(vite@5.2.11(@types/node@18.13.0)(less@4.2.0)(sass@1.60.0)(terser@5.31.0))(vue@3.4.27(typescript@5.3.3))
@@ -4055,6 +4061,9 @@ packages:
   '@types/trusted-types@2.0.7':
     resolution: {integrity: sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==}
 
+  '@types/ua-parser-js@0.7.39':
+    resolution: {integrity: sha512-P/oDfpofrdtF5xw433SPALpdSchtJmY7nsJItf8h3KXqOslkbySh8zq4dSWXH2oTjRvJ5PczVEoCZPow6GicLg==}
+
   '@types/unist@2.0.10':
     resolution: {integrity: sha512-IfYcSBWE3hLpBg8+X2SEa8LVkJdJEkT2Ese2aaLs3ptGdVtABxndrMaxuFlQ1qdFf9Q5rDvDpxI3WwgvKFAsQA==}
 
@@ -9767,6 +9776,9 @@ packages:
     engines: {node: '>=14.17'}
     hasBin: true
 
+  ua-parser-js@1.0.38:
+    resolution: {integrity: sha512-Aq5ppTOfvrCMgAPneW1HfWj66Xi7XL+/mIy996R1/CLS/rcyJQm6QZdsKrUeivDFQ+Oc9Wyuwor8Ze8peEoUoQ==}
+
   typescript@5.4.5:
     resolution: {integrity: sha512-vcI4UpRgg81oIRUFwR0WSIHKt11nJ7SAVlYNIu+QpqeyXP+gpQJy/Z4+F0aGxSE4MqwjyXvW/TzgkLAx2AGHwQ==}
     engines: {node: '>=14.17'}
@@ -14973,6 +14985,8 @@ snapshots:
 
   '@types/trusted-types@2.0.7': {}
 
+  '@types/ua-parser-js@0.7.39': {}
+
   '@types/unist@2.0.10': {}
 
   '@types/unist@3.0.0': {}
@@ -21532,6 +21546,8 @@ snapshots:
 
   typescript@5.4.2: {}
 
+  ua-parser-js@1.0.38: {}
+
   typescript@5.4.5: {}
 
   uc.micro@2.0.0: {}
diff --git a/ui/src/locales/en.yaml b/ui/src/locales/en.yaml
index cc2ac6612..7b3aa29cb 100644
--- a/ui/src/locales/en.yaml
+++ b/ui/src/locales/en.yaml
@@ -1151,6 +1151,7 @@ core:
       detail: Detail
       notification-preferences: Notification Preferences
       pat: Personal Access Tokens
+      devices: Devices
     actions:
       update_profile:
         title: Update profile
@@ -1281,6 +1282,25 @@ core:
       titles:
         modify: Modify email address
         verify: Verify email
+    device:
+      list:
+        fields:
+          current: Current
+          last_accessed_time: "Last accessed time: {time}"
+      detail_modal:
+        title: Login device details
+        fields:
+          os: OS
+          browser: Browser
+          creation_timestamp: Creation time
+          last_accessed_times: Last accessed time
+          last_authenticated_time: Last authenticated time
+      operations:
+        revoke:
+          title: Revoke device
+          description: >-
+            Are you sure you want to revoke this device? After revoking, this
+            device will be logged out
   uc_notification:
     title: Notifications
     tabs:
@@ -1655,6 +1675,7 @@ core:
       modify: Modify
       access: Access
       schedule_publish: Schedule publish
+      revoke: Revoke
     radio:
       "yes": "Yes"
       "no": "No"
diff --git a/ui/src/locales/zh-CN.yaml b/ui/src/locales/zh-CN.yaml
index 22621039c..a6eb90b16 100644
--- a/ui/src/locales/zh-CN.yaml
+++ b/ui/src/locales/zh-CN.yaml
@@ -1083,6 +1083,7 @@ core:
       detail: 详情
       notification-preferences: 通知配置
       pat: 个人令牌
+      devices: 登录设备
     actions:
       update_profile:
         title: 修改资料
@@ -1206,6 +1207,23 @@ core:
           toast_email_empty: 请输入电子邮箱
         verify:
           toast_success: 验证成功
+    device:
+      list:
+        fields:
+          current: 当前设备
+          last_accessed_time: 上次访问：{time}
+      detail_modal:
+        title: 登录设备详情
+        fields:
+          os: 操作系统
+          browser: 浏览器
+          creation_timestamp: 创建时间
+          last_accessed_times: 上次访问时间
+          last_authenticated_time: 上次登录时间
+      operations:
+        revoke:
+          title: 撤销设备
+          description: 确定要撤销该设备吗？撤销之后，此设备会退出登录
   uc_notification:
     title: 消息
     tabs:
@@ -1584,6 +1602,7 @@ core:
       modify: 修改
       access: 访问
       schedule_publish: 定时发布
+      revoke: 撤销
     radio:
       "yes": 是
       "no": 否
diff --git a/ui/src/locales/zh-TW.yaml b/ui/src/locales/zh-TW.yaml
index ca3c5d1e3..2bd937f4a 100644
--- a/ui/src/locales/zh-TW.yaml
+++ b/ui/src/locales/zh-TW.yaml
@@ -1063,6 +1063,7 @@ core:
       detail: 詳情
       notification-preferences: 通知配置
       pat: 個人令牌
+      devices: 登錄設備
     actions:
       update_profile:
         title: 修改資料
@@ -1186,6 +1187,22 @@ core:
       titles:
         modify: 修改電子郵件信箱
         verify: 驗證電子郵件信箱
+    device:
+      list:
+        fields:
+          last_accessed_time: 上次訪問：{time}
+      detail_modal:
+        title: 登入設備詳情
+        fields:
+          os: 操作系統
+          browser: 瀏覽器
+          creation_timestamp: 創建時間
+          last_accessed_times: 上次訪問時間
+          last_authenticated_time: 上次登錄時間
+      operations:
+        revoke:
+          title: 撤銷設備
+          description: 確定要撤銷該設備嗎？撤銷之後，此裝置會退出登錄
   uc_notification:
     title: 訊息
     tabs:
@@ -1542,6 +1559,7 @@ core:
       verify: 驗證
       access: 訪問
       schedule_publish: 定時發佈
+      revoke: 撤銷
     radio:
       "yes": 是
       "no": 否
diff --git a/ui/uc-src/modules/profile/Profile.vue b/ui/uc-src/modules/profile/Profile.vue
index cee42b209..d8518d88b 100644
--- a/ui/uc-src/modules/profile/Profile.vue
+++ b/ui/uc-src/modules/profile/Profile.vue
@@ -25,6 +25,7 @@ import { useI18n } from "vue-i18n";
 import PasswordChangeModal from "./components/PasswordChangeModal.vue";
 import ProfileEditingModal from "./components/ProfileEditingModal.vue";
 import DetailTab from "./tabs/Detail.vue";
+import Devices from "./tabs/Devices.vue";
 import NotificationPreferences from "./tabs/NotificationPreferences.vue";
 import PersonalAccessTokensTab from "./tabs/PersonalAccessTokens.vue";
 import TwoFactor from "./tabs/TwoFactor.vue";
@@ -73,6 +74,12 @@ const tabs = ref<UserProfileTab[]>([
     component: markRaw(TwoFactor),
     priority: 40,
   },
+  {
+    id: "devices",
+    label: t("core.uc_profile.tabs.devices"),
+    component: markRaw(Devices),
+    priority: 50,
+  },
 ]);
 
 // Collect uc:profile:tabs:create extension points
diff --git a/ui/uc-src/modules/profile/tabs/Devices.vue b/ui/uc-src/modules/profile/tabs/Devices.vue
new file mode 100644
index 000000000..78a557540
--- /dev/null
+++ b/ui/uc-src/modules/profile/tabs/Devices.vue
@@ -0,0 +1,36 @@
+<script lang="ts" setup>
+import { VLoading } from "@halo-dev/components";
+import { useQuery } from "@tanstack/vue-query";
+import DeviceListItem from "./components/DeviceListItem.vue";
+import { ucApiClient } from "@halo-dev/api-client";
+
+const { data, isLoading } = useQuery({
+  queryKey: ["uc:devices"],
+  queryFn: async () => {
+    const { data } = await ucApiClient.security.device.listDevices();
+    return data;
+  },
+  refetchInterval(data) {
+    const hasDeletingData = data?.some(
+      (device) => !!device.device.metadata.deletionTimestamp
+    );
+
+    return hasDeletingData ? 1000 : false;
+  },
+});
+</script>
+
+<template>
+  <VLoading v-if="isLoading" />
+
+  <Transition v-else appear name="fade">
+    <ul
+      class="box-border h-full w-full divide-y divide-gray-100 overflow-hidden rounded-base border"
+      role="list"
+    >
+      <li v-for="device in data" :key="device?.device.spec.sessionId">
+        <DeviceListItem :device="device" />
+      </li>
+    </ul>
+  </Transition>
+</template>
diff --git a/ui/uc-src/modules/profile/tabs/components/DeviceDetailModal.vue b/ui/uc-src/modules/profile/tabs/components/DeviceDetailModal.vue
new file mode 100644
index 000000000..814c2f1c5
--- /dev/null
+++ b/ui/uc-src/modules/profile/tabs/components/DeviceDetailModal.vue
@@ -0,0 +1,92 @@
+<script lang="ts" setup>
+import { formatDatetime } from "@/utils/date";
+import type { UserDevice } from "@halo-dev/api-client";
+import {
+  VButton,
+  VDescription,
+  VDescriptionItem,
+  VModal,
+  VSpace,
+} from "@halo-dev/components";
+import { ref } from "vue";
+import { useUserAgent } from "../composables/use-user-agent";
+import { useUserDevice } from "../composables/use-user-device";
+
+const props = withDefaults(
+  defineProps<{
+    device: UserDevice;
+  }>(),
+  {}
+);
+
+const emit = defineEmits<{
+  (event: "close"): void;
+}>();
+
+const modal = ref<InstanceType<typeof VModal> | null>(null);
+
+const { os, browser } = useUserAgent(props.device.device.spec.userAgent);
+
+const { handleRevoke } = useUserDevice(props.device);
+</script>
+
+<template>
+  <VModal
+    ref="modal"
+    :body-class="['!p-0']"
+    :width="650"
+    :title="$t('core.uc_profile.device.detail_modal.title')"
+    @close="emit('close')"
+  >
+    <VDescription>
+      <VDescriptionItem
+        class="!px-4"
+        :label="$t('core.uc_profile.device.detail_modal.fields.os')"
+        :content="os"
+      />
+      <VDescriptionItem
+        class="!px-4"
+        :label="$t('core.uc_profile.device.detail_modal.fields.browser')"
+        :content="browser"
+      />
+      <VDescriptionItem
+        class="!px-4"
+        label="IP"
+        :content="device.device.spec.ipAddress"
+      />
+      <VDescriptionItem
+        class="!px-4"
+        :label="
+          $t('core.uc_profile.device.detail_modal.fields.creation_timestamp')
+        "
+        :content="formatDatetime(device.device.metadata.creationTimestamp)"
+      />
+      <VDescriptionItem
+        class="!px-4"
+        :label="
+          $t('core.uc_profile.device.detail_modal.fields.last_accessed_times')
+        "
+        :content="formatDatetime(device.device.spec.lastAccessedTime)"
+      />
+      <VDescriptionItem
+        class="!px-4"
+        :label="
+          $t(
+            'core.uc_profile.device.detail_modal.fields.last_authenticated_time'
+          )
+        "
+        :content="formatDatetime(device.device.spec.lastAuthenticatedTime)"
+      />
+    </VDescription>
+    <template #footer>
+      <VSpace>
+        <VButton type="danger" @click="handleRevoke">
+          {{ $t("core.common.buttons.revoke") }}
+        </VButton>
+        <VButton @click="modal?.close()">
+          {{ $t("core.common.buttons.close") }}
+        </VButton>
+      </VSpace>
+    </template>
+  </VModal>
+</template>
diff --git a/ui/uc-src/modules/profile/tabs/components/DeviceListItem.vue b/ui/uc-src/modules/profile/tabs/components/DeviceListItem.vue
new file mode 100644
index 000000000..c9fa3529f
--- /dev/null
+++ b/ui/uc-src/modules/profile/tabs/components/DeviceListItem.vue
@@ -0,0 +1,119 @@
+<script lang="ts" setup>
+import { formatDatetime, relativeTimeTo } from "@/utils/date";
+import type { UserDevice } from "@halo-dev/api-client";
+import {
+  VDropdownDivider,
+  VDropdownItem,
+  VEntity,
+  VEntityField,
+  VStatusDot,
+  VTag,
+} from "@halo-dev/components";
+import { computed, markRaw, ref, type Component, type Raw } from "vue";
+import RiComputerLine from "~icons/ri/computer-line";
+import RiSmartphoneLine from "~icons/ri/smartphone-line";
+import RiTabletLine from "~icons/ri/tablet-line";
+import { useUserAgent } from "../composables/use-user-agent";
+import { useUserDevice } from "../composables/use-user-device";
+import DeviceDetailModal from "./DeviceDetailModal.vue";
+
+const props = withDefaults(
+  defineProps<{
+    device: UserDevice;
+  }>(),
+  {}
+);
+
+const { ua, os, browser } = useUserAgent(props.device.device.spec.userAgent);
+
+const deviceIcons: Record<string, Raw<Component>> = {
+  console: markRaw(RiComputerLine),
+  mobile: markRaw(RiSmartphoneLine),
+  tablet: markRaw(RiTabletLine),
+};
+
+const getDeviceIcon = computed(() => {
+  const deviceType = ua.value.getDevice().type;
+  const defaultIcon = deviceIcons["console"];
+
+  if (!deviceType) {
+    return defaultIcon;
+  }
+
+  return deviceIcons[deviceType] || defaultIcon;
+});
+
+const { handleRevoke } = useUserDevice(props.device);
+
+const detailModal = ref(false);
+</script>
+
+<template>
+  <VEntity>
+    <template #start>
+      <VEntityField>
+        <template #description>
+          <VStatusDot :state="device.active ? 'success' : 'default'" />
+        </template>
+      </VEntityField>
+      <VEntityField>
+        <template #description>
+          <component :is="getDeviceIcon" class="text-lg" />
+        </template>
+      </VEntityField>
+      <VEntityField
+        :title="os"
+        :description="browser"
+        class="cursor-pointer"
+        @click="detailModal = true"
+      >
+        <template v-if="device.currentDevice" #extra>
+          <VTag>
+            {{ $t("core.uc_profile.device.list.fields.current") }}
+          </VTag>
+        </template>
+      </VEntityField>
+    </template>
+    <template #end>
+      <VEntityField v-if="device.device.metadata.deletionTimestamp">
+        <template #description>
+          <VStatusDot
+            v-tooltip="$t('core.common.status.deleting')"
+            state="warning"
+            animate
+          />
+        </template>
+      </VEntityField>
+      <VEntityField :description="device.device.spec.ipAddress"></VEntityField>
+      <VEntityField v-if="device.device.spec.lastAccessedTime">
+        <template #description>
+          <span
+            v-tooltip="formatDatetime(device.device.spec.lastAccessedTime)"
+            class="truncate text-xs tabular-nums text-gray-500"
+          >
+            {{
+              $t("core.uc_profile.device.list.fields.last_accessed_time", {
+                time: relativeTimeTo(device.device.spec.lastAccessedTime),
+              })
+            }}
+          </span>
+        </template>
+      </VEntityField>
+    </template>
+    <template #dropdownItems>
+      <VDropdownItem @click="detailModal = true">
+        {{ $t("core.common.buttons.detail") }}
+      </VDropdownItem>
+      <VDropdownDivider />
+      <VDropdownItem type="danger" @click="handleRevoke">
+        {{ $t("core.common.buttons.revoke") }}
+      </VDropdownItem>
+    </template>
+  </VEntity>
+
+  <DeviceDetailModal
+    v-if="detailModal"
+    :device="device"
+    @close="detailModal = false"
+  />
+</template>
diff --git a/ui/uc-src/modules/profile/tabs/composables/use-user-agent.ts b/ui/uc-src/modules/profile/tabs/composables/use-user-agent.ts
new file mode 100644
index 000000000..9405991c7
--- /dev/null
+++ b/ui/uc-src/modules/profile/tabs/composables/use-user-agent.ts
@@ -0,0 +1,22 @@
+import { UAParser } from "ua-parser-js";
+import { computed } from "vue";
+
+export function useUserAgent(userAgent?: string) {
+  const ua = computed(() => new UAParser(userAgent));
+
+  const os = computed(() =>
+    [ua.value.getOS().name, ua.value.getOS().version].filter(Boolean).join(" ")
+  );
+
+  const browser = computed(() =>
+    [ua.value.getBrowser().name, ua.value.getBrowser().version]
+      .filter(Boolean)
+      .join(" ")
+  );
+
+  return {
+    ua,
+    os,
+    browser,
+  };
+}
diff --git a/ui/uc-src/modules/profile/tabs/composables/use-user-device.ts b/ui/uc-src/modules/profile/tabs/composables/use-user-device.ts
new file mode 100644
index 000000000..fa7a0aef9
--- /dev/null
+++ b/ui/uc-src/modules/profile/tabs/composables/use-user-device.ts
@@ -0,0 +1,29 @@
+import { ucApiClient, type UserDevice } from "@halo-dev/api-client";
+import { Dialog, Toast } from "@halo-dev/components";
+import { useQueryClient } from "@tanstack/vue-query";
+import { useI18n } from "vue-i18n";
+
+export function useUserDevice(device: UserDevice) {
+  const { t } = useI18n();
+  const queryClient = useQueryClient();
+
+  function handleRevoke() {
+    Dialog.warning({
+      title: t("core.uc_profile.device.operations.revoke.title"),
+      description: t("core.uc_profile.device.operations.revoke.description"),
+      confirmType: "danger",
+      confirmText: t("core.common.buttons.confirm"),
+      cancelText: t("core.common.buttons.cancel"),
+      async onConfirm() {
+        await ucApiClient.security.device.revokeDevice({
+          deviceId: device.device.metadata.name,
+        });
+
+        Toast.success(t("core.common.toast.delete_success"));
+
+        queryClient.invalidateQueries({ queryKey: ["uc:devices"] });
+      },
+    });
+  }
+  return { handleRevoke };
+}