From bdd4a0bf2e782897a720e383c9714e35a979b423 Mon Sep 17 00:00:00 2001
From: Klaus Herrmann <klaus.herrmann@ory.sh>
Date: Tue, 25 Jul 2023 12:24:28 +0200
Subject: [PATCH] chore: replace he/she with them

---
 docs/ecosystem/projects.mdx      | 2 +-
 docs/hydra/login-consent-flow.md | 2 +-
 docs/reference/api.json          | 6 +++---
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/ecosystem/projects.mdx b/docs/ecosystem/projects.mdx
index cc9c28f6f..9b1cd736d 100644
--- a/docs/ecosystem/projects.mdx
+++ b/docs/ecosystem/projects.mdx
@@ -46,7 +46,7 @@ shipped as a 5MB Docker Image with almost no configuration required.
 ![Ory Oathkeeper](https://raw.githubusercontent.com/ory/meta/master/static/logos/logo-oathkeeper.svg)
 
 Now that your users access your application through, for example, a React/Angular app and a REST api, you need a way to
-authenticate the user and to check if he/she has the necessary permissions (we call this "access control" from now on). One way
+authenticate the user and to check if they have the necessary permissions (we call this "access control" from now on). One way
 would be, of course, to add these checks in your code. Another is to deploy the 5MB Ory Oathkeeper Docker Image, define access
 rules for your API endpoints (for example OAuth 2.0 Access Token + certain set of permissions, a valid JSON Web Token, a valid
 SAML assertion, ...) and put it - like a firewall - in front of your services.
diff --git a/docs/hydra/login-consent-flow.md b/docs/hydra/login-consent-flow.md
index 7394492fc..fbcf2b888 100644
--- a/docs/hydra/login-consent-flow.md
+++ b/docs/hydra/login-consent-flow.md
@@ -29,7 +29,7 @@ The flow itself works as follows:
 4. The user's user agent follows the redirect and lands back at Ory OAuth2 & OpenID Connect. Next, Ory OAuth2 & OpenID Connect
    redirects the user's user agent to the Consent Provider, hosted at - for example -
    `http://consent-service/consent?consent_challenge=4567...`
-5. The Consent Provider shows a user interface which asks the user if he/she would like to grant the OAuth 2.0 Client the
+5. The Consent Provider shows a user interface which asks the user if they would like to grant the OAuth 2.0 Client the
    requested permissions ("OAuth 2.0 Scope"). You've probably seen this screen around, which is usually something similar to:
    _"Would you like to grant Facebook Image Backup access to all your private and public images?"_.
 6. The Consent Provider makes another REST request to Ory OAuth2 & OpenID Connect to let it know which permissions the user
diff --git a/docs/reference/api.json b/docs/reference/api.json
index f0b004491..3932e0458 100644
--- a/docs/reference/api.json
+++ b/docs/reference/api.json
@@ -8330,7 +8330,7 @@
     },
     "/admin/oauth2/auth/requests/consent": {
       "get": {
-        "description": "When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider\nto authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if\nthe OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf.\n\nThe consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent\nprovider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted\nor rejected the request.\n\nThe default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please\nhead over to the OAuth 2.0 documentation.",
+        "description": "When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider\nto authenticate the subject and then tell Ory now about it. If the subject authenticated, they must now be asked if\nthe OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf.\n\nThe consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent\nprovider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted\nor rejected the request.\n\nThe default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please\nhead over to the OAuth 2.0 documentation.",
         "operationId": "getOAuth2ConsentRequest",
         "parameters": [
           {
@@ -8386,7 +8386,7 @@
     },
     "/admin/oauth2/auth/requests/consent/accept": {
       "put": {
-        "description": "When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider\nto authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if\nthe OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf.\n\nThe consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent\nprovider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted\nor rejected the request.\n\nThis endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf.\nThe consent provider includes additional information, such as session data for access and ID tokens, and if the\nconsent request should be used as basis for future requests.\n\nThe response contains a redirect URL which the consent provider should redirect the user-agent to.\n\nThe default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please\nhead over to the OAuth 2.0 documentation.",
+        "description": "When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider\nto authenticate the subject and then tell Ory now about it. If the subject authenticated, they must now be asked if\nthe OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf.\n\nThe consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent\nprovider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted\nor rejected the request.\n\nThis endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf.\nThe consent provider includes additional information, such as session data for access and ID tokens, and if the\nconsent request should be used as basis for future requests.\n\nThe response contains a redirect URL which the consent provider should redirect the user-agent to.\n\nThe default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please\nhead over to the OAuth 2.0 documentation.",
         "operationId": "acceptOAuth2ConsentRequest",
         "parameters": [
           {
@@ -8442,7 +8442,7 @@
     },
     "/admin/oauth2/auth/requests/consent/reject": {
       "put": {
-        "description": "When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider\nto authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if\nthe OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf.\n\nThe consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent\nprovider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted\nor rejected the request.\n\nThis endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf.\nThe consent provider must include a reason why the consent was not granted.\n\nThe response contains a redirect URL which the consent provider should redirect the user-agent to.\n\nThe default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please\nhead over to the OAuth 2.0 documentation.",
+        "description": "When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider\nto authenticate the subject and then tell Ory now about it. If the subject authenticated, they must now be asked if\nthe OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf.\n\nThe consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent\nprovider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted\nor rejected the request.\n\nThis endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf.\nThe consent provider must include a reason why the consent was not granted.\n\nThe response contains a redirect URL which the consent provider should redirect the user-agent to.\n\nThe default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please\nhead over to the OAuth 2.0 documentation.",
         "operationId": "rejectOAuth2ConsentRequest",
         "parameters": [
           {