npm - @authhero/adapter-interfaces - Versions diffs - 0.125.0 → 0.127.0 - Mend

@authhero/adapter-interfaces 0.125.0 → 0.127.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/adapter-interfaces.cjs +1 -1
package/dist/adapter-interfaces.d.ts +28 -1074
package/dist/adapter-interfaces.mjs +498 -503
package/package.json +1 -1

package/dist/adapter-interfaces.mjs CHANGED Viewed

@@ -2,13 +2,13 @@ import { z as e } from "@hono/zod-openapi";
 const r = e.object({
   created_at: e.string(),
   updated_at: e.string()
-}), to = e.enum(["AUTH0", "EMAIL", "REDIRECT"]), oo = e.enum([
+}), Zt = e.enum(["AUTH0", "EMAIL", "REDIRECT"]), $t = e.enum([
   "CREATE_USER",
   "GET_USER",
   "UPDATE_USER",
   "SEND_REQUEST",
   "SEND_EMAIL"
-]), no = e.enum(["VERIFY_EMAIL"]), P = e.object({
+]), eo = e.enum(["VERIFY_EMAIL"]), P = e.object({
   require_mx_record: e.boolean().optional(),
   block_aliases: e.boolean().optional(),
   block_free_emails: e.boolean().optional(),
@@ -65,13 +65,13 @@ const r = e.object({
   actions: e.array(K).optional().default([]).openapi({
     description: "The list of actions to execute in sequence"
   })
-}), io = W.extend({
+}), to = W.extend({
   ...r.shape,
   id: e.string().openapi({
     description: "Unique identifier for the flow",
     example: "af_12tMpdJ3iek7svMyZkSh5M"
   })
-}), ao = e.object({
+}), oo = e.object({
   page: e.string().min(0).optional().default("0").transform((t) => parseInt(t, 10)).openapi({
     description: "The page number where 0 is the first page"
   }),
@@ -87,7 +87,7 @@ const r = e.object({
   q: e.string().optional().openapi({
     description: "A lucene query string used to filter the results"
   })
-}), ro = e.object({
+}), no = e.object({
   start: e.number(),
   limit: e.number(),
   length: e.number(),
@@ -172,7 +172,7 @@ const r = e.object({
   email: e.string().optional(),
   login_count: e.number().default(0),
   identities: e.array(X).optional()
-}), so = Y, lo = I.extend({
+}), io = Y, ao = I.extend({
   login_count: e.number(),
   multifactor: e.array(e.string()).optional(),
   last_ip: e.string().optional(),
@@ -358,11 +358,11 @@ const Z = e.object({
     description: "Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"
   }),
   token_quota: e.record(e.any()).default({}).optional()
-}), $ = e.object({
+}), ro = e.object({
   created_at: e.string(),
   updated_at: e.string(),
   ...Z.shape
-}), ee = e.object({
+}), $ = e.object({
   client_id: e.string().min(1).openapi({
     description: "ID of the client."
   }),
@@ -387,14 +387,14 @@ const Z = e.object({
   authorization_details_types: e.array(e.string()).optional().openapi({
     description: "Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."
   })
-}), te = e.object({
+}), ee = e.object({
   id: e.string().openapi({
     description: "ID of the client grant."
   }),
-  ...ee.shape,
+  ...$.shape,
   created_at: e.string().optional(),
   updated_at: e.string().optional()
-}), co = e.array(te), c = e.object({
+}), so = e.array(ee), c = e.object({
   x: e.number(),
   y: e.number()
 });
@@ -403,7 +403,7 @@ const u = e.object({
   id: e.string(),
   category: e.nativeEnum(y),
   type: e.nativeEnum(C)
-}), oe = u.extend({
+}), te = u.extend({
   category: e.literal(
     "BLOCK"
     /* BLOCK */
@@ -415,7 +415,7 @@ const u = e.object({
   config: e.object({
     content: e.string()
   }).passthrough()
-}), ne = u.extend({
+}), oe = u.extend({
   category: e.literal(
     "BLOCK"
     /* BLOCK */
@@ -437,7 +437,7 @@ const u = e.object({
   config: e.object({
     text: e.string()
   }).passthrough()
-}), ie = u.extend({
+}), ne = u.extend({
   category: e.literal(
     "FIELD"
     /* FIELD */
@@ -451,7 +451,7 @@ const u = e.object({
   config: e.object({
     text: e.string()
   }).passthrough()
-}), ae = u.extend({
+}), ie = u.extend({
   category: e.literal(
     "FIELD"
     /* FIELD */
@@ -504,19 +504,19 @@ const u = e.object({
     label: e.string().optional(),
     placeholder: e.string().optional()
   }).passthrough()
-}), re = e.object({
+}), ae = e.object({
   id: e.string(),
   category: e.string(),
   type: e.string()
-}).passthrough(), se = e.union([
+}).passthrough(), re = e.union([
+  te,
   oe,
   ne,
   ie,
-  ae,
-  re
+  ae
 ]);
-var le = /* @__PURE__ */ ((t) => (t.STEP = "STEP", t.FLOW = "FLOW", t.CONDITION = "CONDITION", t.ACTION = "ACTION", t))(le || {});
-const ce = e.object({
+var se = /* @__PURE__ */ ((t) => (t.STEP = "STEP", t.FLOW = "FLOW", t.CONDITION = "CONDITION", t.ACTION = "ACTION", t))(se || {});
+const le = e.object({
   id: e.string(),
   type: e.literal(
     "STEP"
@@ -525,10 +525,10 @@ const ce = e.object({
   coordinates: c,
   alias: e.string().optional(),
   config: e.object({
-    components: e.array(se),
+    components: e.array(re),
     next_node: e.string()
   }).passthrough()
-}), pe = e.object({
+}), ce = e.object({
   id: e.string(),
   type: e.literal(
     "FLOW"
@@ -540,7 +540,7 @@ const ce = e.object({
     flow_id: e.string(),
     next_node: e.string()
   })
-}), _e = e.object({
+}), pe = e.object({
   id: e.string(),
   type: e.literal(
     "ACTION"
@@ -562,43 +562,43 @@ const ce = e.object({
       description: "The next node to navigate to after action (for non-redirect actions)"
     })
   }).passthrough()
-}), de = e.object({
+}), _e = e.object({
   id: e.string(),
   type: e.string(),
   coordinates: c
-}).passthrough(), ge = e.union([
+}).passthrough(), de = e.union([
+  le,
   ce,
   pe,
-  _e,
-  de
-]), ue = e.object({
+  _e
+]), ge = e.object({
   next_node: e.string(),
   coordinates: c
-}).passthrough(), me = e.object({
+}).passthrough(), ue = e.object({
   resume_flow: e.boolean().optional(),
   coordinates: c
-}).passthrough(), he = e.object({
+}).passthrough(), me = e.object({
   id: e.string(),
   name: e.string(),
   languages: e.object({
     primary: e.string()
   }).passthrough(),
-  nodes: e.array(ge),
-  start: ue,
-  ending: me,
+  nodes: e.array(de),
+  start: ge,
+  ending: ue,
   created_at: e.string(),
   updated_at: e.string(),
   links: e.object({
     sdkSrc: e.string().optional(),
     sdk_src: e.string().optional()
   }).passthrough()
-}).passthrough(), po = he.omit({
+}).passthrough(), lo = me.omit({
   id: !0,
   created_at: !0,
   updated_at: !0
 });
 var O = /* @__PURE__ */ ((t) => (t.TOKEN = "token", t.ID_TOKEN = "id_token", t.TOKEN_ID_TOKEN = "token id_token", t.CODE = "code", t))(O || {}), T = /* @__PURE__ */ ((t) => (t.QUERY = "query", t.FRAGMENT = "fragment", t.FORM_POST = "form_post", t.WEB_MESSAGE = "web_message", t.SAML_POST = "saml_post", t))(T || {}), N = /* @__PURE__ */ ((t) => (t.S256 = "S256", t.Plain = "plain", t))(N || {});
-const be = e.object({
+const he = e.object({
   client_id: e.string(),
   act_as: e.string().optional(),
   response_type: e.nativeEnum(O).optional(),
@@ -622,7 +622,7 @@ const be = e.object({
   acr_values: e.string().optional(),
   // The following fields are not available in Auth0
   vendor_id: e.string().optional()
-}), _o = e.object({
+}), co = e.object({
   colors: e.object({
     primary: e.string(),
     page_background: e.object({
@@ -638,184 +638,14 @@ const be = e.object({
   font: e.object({
     url: e.string()
   }).optional()
-}), fe = e.object({
-  kid: e.string().optional(),
-  team_id: e.string().optional(),
-  realms: e.string().optional(),
-  authentication_method: e.string().optional(),
-  client_id: e.string().optional(),
-  client_secret: e.string().optional(),
-  app_secret: e.string().optional(),
-  scope: e.string().optional(),
-  authorization_endpoint: e.string().optional(),
-  token_endpoint: e.string().optional(),
-  userinfo_endpoint: e.string().optional(),
-  jwks_uri: e.string().optional(),
-  discovery_url: e.string().optional(),
-  issuer: e.string().optional(),
-  provider: e.string().optional(),
-  from: e.string().optional(),
-  twilio_sid: e.string().optional(),
-  twilio_token: e.string().optional(),
-  icon_url: e.string().optional()
-}), Ee = e.object({
-  id: e.string().optional(),
-  name: e.string(),
-  display_name: e.string().optional(),
-  strategy: e.string(),
-  options: fe.default({}),
-  enabled_clients: e.array(e.string()).default([]).optional(),
-  response_type: e.custom().optional(),
-  response_mode: e.custom().optional(),
-  is_domain_connection: e.boolean().optional(),
-  show_as_button: e.boolean().optional(),
-  metadata: e.record(e.any()).optional(),
-  is_system: e.boolean().optional()
-}), Se = e.object({
-  id: e.string(),
-  created_at: e.string().transform((t) => t === null ? "" : t),
-  updated_at: e.string().transform((t) => t === null ? "" : t)
-}).extend(Ee.shape), Ae = e.object({
-  id: e.string().optional(),
-  // Basic settings
-  audience: e.string(),
-  friendly_name: e.string(),
-  // Required - replaces the old 'name' field
-  picture_url: e.string().optional(),
-  support_email: e.string().optional(),
-  support_url: e.string().optional(),
-  sender_email: e.string().email(),
-  sender_name: e.string(),
-  // Tenant Settings fields (merged from TenantSettings)
-  // Session settings
-  session_lifetime: e.number().optional(),
-  idle_session_lifetime: e.number().optional(),
-  ephemeral_session_lifetime: e.number().optional(),
-  idle_ephemeral_session_lifetime: e.number().optional(),
-  session_cookie: e.object({
-    mode: e.enum(["persistent", "non-persistent"]).optional()
-  }).optional(),
-  // Logout settings
-  allowed_logout_urls: e.array(e.string()).optional(),
-  // Universal Login settings
-  default_redirection_uri: e.string().optional(),
-  // Advanced settings
-  enabled_locales: e.array(e.string()).optional(),
-  default_directory: e.string().optional(),
-  error_page: e.object({
-    html: e.string().optional(),
-    show_log_link: e.boolean().optional(),
-    url: e.string().optional()
-  }).optional(),
-  // Flags
-  flags: e.object({
-    allow_changing_enable_sso: e.boolean().optional(),
-    allow_legacy_delegation_grant_types: e.boolean().optional(),
-    allow_legacy_ro_grant_types: e.boolean().optional(),
-    allow_legacy_tokeninfo_endpoint: e.boolean().optional(),
-    change_pwd_flow_v1: e.boolean().optional(),
-    custom_domains_provisioning: e.boolean().optional(),
-    dashboard_insights_view: e.boolean().optional(),
-    dashboard_log_streams_next: e.boolean().optional(),
-    disable_clickjack_protection_headers: e.boolean().optional(),
-    disable_fields_map_fix: e.boolean().optional(),
-    disable_impersonation: e.boolean().optional(),
-    disable_management_api_sms_obfuscation: e.boolean().optional(),
-    enable_adfs_waad_email_verification: e.boolean().optional(),
-    enable_apis_section: e.boolean().optional(),
-    enable_client_connections: e.boolean().optional(),
-    enable_custom_domain_in_emails: e.boolean().optional(),
-    enable_dynamic_client_registration: e.boolean().optional(),
-    enable_idtoken_api2: e.boolean().optional(),
-    enable_legacy_logs_search_v2: e.boolean().optional(),
-    enable_legacy_profile: e.boolean().optional(),
-    enable_pipeline2: e.boolean().optional(),
-    enable_public_signup_user_exists_error: e.boolean().optional(),
-    enable_sso: e.boolean().optional(),
-    enforce_client_authentication_on_passwordless_start: e.boolean().optional(),
-    genai_trial: e.boolean().optional(),
-    improved_signup_bot_detection_in_classic: e.boolean().optional(),
-    mfa_show_factor_list_on_enrollment: e.boolean().optional(),
-    no_disclose_enterprise_connections: e.boolean().optional(),
-    remove_alg_from_jwks: e.boolean().optional(),
-    revoke_refresh_token_grant: e.boolean().optional(),
-    trust_azure_adfs_email_verified_connection_property: e.boolean().optional(),
-    use_scope_descriptions_for_consent: e.boolean().optional(),
-    // When enabled, tenant-level permissions will be inherited when users request
-    // organization-scoped tokens. This allows users with tenant-level roles to maintain
-    // their permissions when accessing resources in an organization context.
-    inherit_global_permissions_in_organizations: e.boolean().optional()
-  }).optional(),
-  // Sandbox settings
-  sandbox_version: e.string().optional(),
-  legacy_sandbox_version: e.string().optional(),
-  sandbox_versions_available: e.array(e.string()).optional(),
-  // Change password settings
-  change_password: e.object({
-    enabled: e.boolean().optional(),
-    html: e.string().optional()
-  }).optional(),
-  // Guardian MFA settings
-  guardian_mfa_page: e.object({
-    enabled: e.boolean().optional(),
-    html: e.string().optional()
-  }).optional(),
-  // Device flow settings
-  device_flow: e.object({
-    charset: e.enum(["base20", "digits"]).optional(),
-    mask: e.string().max(20).optional()
-  }).optional(),
-  // Default token quota
-  default_token_quota: e.object({
-    clients: e.object({
-      client_credentials: e.record(e.any()).optional()
-    }).optional(),
-    organizations: e.object({
-      client_credentials: e.record(e.any()).optional()
-    }).optional()
-  }).optional(),
-  // Default audience
-  default_audience: e.string().optional(),
-  // Default organization
-  default_organization: e.string().optional(),
-  // Session management
-  sessions: e.object({
-    oidc_logout_prompt_enabled: e.boolean().optional()
-  }).optional(),
-  // OIDC logout settings
-  oidc_logout: e.object({
-    rp_logout_end_session_endpoint_discovery: e.boolean().optional()
-  }).optional(),
-  // Organization settings
-  allow_organization_name_in_authentication_api: e.boolean().optional(),
-  // MFA settings
-  customize_mfa_in_postlogin_action: e.boolean().optional(),
-  // ACR values
-  acr_values_supported: e.array(e.string()).optional(),
-  // mTLS settings
-  mtls: e.object({
-    enable_endpoint_aliases: e.boolean().optional()
-  }).optional(),
-  // Authorization settings
-  pushed_authorization_requests_supported: e.boolean().optional(),
-  authorization_response_iss_parameter_supported: e.boolean().optional()
-}), Ie = e.object({
-  created_at: e.string().nullable().transform((t) => t ?? ""),
-  updated_at: e.string().nullable().transform((t) => t ?? ""),
-  ...Ae.shape,
-  id: e.string()
-}), go = e.object({
-  ...$.shape,
-  tenant: Ie,
-  connections: e.array(Se)
-}), Ce = e.enum([
+}), be = e.enum([
   "password_reset",
   "email_verification",
   "otp",
   "authorization_code",
   "oauth2_state",
   "ticket"
-]), ye = e.object({
+]), fe = e.object({
   code_id: e.string().openapi({
     description: "The code that will be used in for instance an email verification flow"
   }),
@@ -825,7 +655,7 @@ const be = e.object({
   connection_id: e.string().optional().openapi({
     description: "The connection that the code is connected to"
   }),
-  code_type: Ce,
+  code_type: be,
   code_verifier: e.string().optional().openapi({
     description: "The code verifier used in PKCE in outbound flows"
   }),
@@ -847,10 +677,47 @@ const be = e.object({
   expires_at: e.string(),
   used_at: e.string().optional(),
   user_id: e.string().optional()
-}), uo = e.object({
-  ...ye.shape,
+}), po = e.object({
+  ...fe.shape,
   created_at: e.string()
-}), Oe = e.object({
+}), Ee = e.object({
+  kid: e.string().optional(),
+  team_id: e.string().optional(),
+  realms: e.string().optional(),
+  authentication_method: e.string().optional(),
+  client_id: e.string().optional(),
+  client_secret: e.string().optional(),
+  app_secret: e.string().optional(),
+  scope: e.string().optional(),
+  authorization_endpoint: e.string().optional(),
+  token_endpoint: e.string().optional(),
+  userinfo_endpoint: e.string().optional(),
+  jwks_uri: e.string().optional(),
+  discovery_url: e.string().optional(),
+  issuer: e.string().optional(),
+  provider: e.string().optional(),
+  from: e.string().optional(),
+  twilio_sid: e.string().optional(),
+  twilio_token: e.string().optional(),
+  icon_url: e.string().optional()
+}), Se = e.object({
+  id: e.string().optional(),
+  name: e.string(),
+  display_name: e.string().optional(),
+  strategy: e.string(),
+  options: Ee.default({}),
+  enabled_clients: e.array(e.string()).default([]).optional(),
+  response_type: e.custom().optional(),
+  response_mode: e.custom().optional(),
+  is_domain_connection: e.boolean().optional(),
+  show_as_button: e.boolean().optional(),
+  metadata: e.record(e.any()).optional(),
+  is_system: e.boolean().optional()
+}), _o = e.object({
+  id: e.string(),
+  created_at: e.string().transform((t) => t === null ? "" : t),
+  updated_at: e.string().transform((t) => t === null ? "" : t)
+}).extend(Se.shape), Ae = e.object({
   domain: e.string(),
   custom_domain_id: e.string().optional(),
   type: e.enum(["auth0_managed_certs", "self_managed_certs"]),
@@ -864,21 +731,21 @@ const be = e.object({
     "null"
   ]).optional(),
   domain_metadata: e.record(e.string().max(255)).optional()
-}), Te = e.object({
+}), Ie = e.object({
   name: e.literal("txt"),
   record: e.string(),
   domain: e.string()
-}), Ne = e.object({
-  ...Oe.shape,
+}), Ce = e.object({
+  ...Ae.shape,
   custom_domain_id: e.string(),
   primary: e.boolean(),
   status: e.enum(["disabled", "pending", "pending_verification", "ready"]),
   origin_domain_name: e.string().optional(),
   verification: e.object({
-    methods: e.array(Te)
+    methods: e.array(Ie)
   }).optional(),
   tls_policy: e.string().optional()
-}), mo = Ne.extend({
+}), go = Ce.extend({
   tenant_id: e.string()
 }), f = e.object({
   id: e.string(),
@@ -886,15 +753,15 @@ const be = e.object({
   visible: e.boolean().optional().default(!0)
 }), i = f.extend({
   category: e.literal("BLOCK").optional()
-}), Re = i.extend({
+}), ye = i.extend({
   type: e.literal("DIVIDER"),
   config: e.object({}).optional()
-}), De = i.extend({
+}), Oe = i.extend({
   type: e.literal("HTML"),
   config: e.object({
     content: e.string().optional()
   }).optional()
-}), Le = i.extend({
+}), Te = i.extend({
   type: e.literal("IMAGE"),
   config: e.object({
     src: e.string().optional(),
@@ -902,29 +769,29 @@ const be = e.object({
     width: e.number().optional(),
     height: e.number().optional()
   }).optional()
-}), we = i.extend({
+}), Ne = i.extend({
   type: e.literal("JUMP_BUTTON"),
   config: e.object({
     text: e.string().optional(),
     target_step: e.string().optional()
   })
-}), je = i.extend({
+}), Re = i.extend({
   type: e.literal("RESEND_BUTTON"),
   config: e.object({
     text: e.string().optional(),
     resend_action: e.string().optional()
   })
-}), Ue = i.extend({
+}), De = i.extend({
   type: e.literal("NEXT_BUTTON"),
   config: e.object({
     text: e.string().optional()
   })
-}), Fe = i.extend({
+}), Le = i.extend({
   type: e.literal("PREVIOUS_BUTTON"),
   config: e.object({
     text: e.string().optional()
   })
-}), ke = i.extend({
+}), we = i.extend({
   type: e.literal("RICH_TEXT"),
   config: e.object({
     content: e.string().optional()
@@ -935,17 +802,17 @@ const be = e.object({
   hint: e.string().min(1).max(500).optional(),
   required: e.boolean().optional(),
   sensitive: e.boolean().optional()
-}), ve = E.extend({
+}), je = E.extend({
   type: e.literal("AUTH0_VERIFIABLE_CREDENTIALS"),
   config: e.object({
     credential_type: e.string().optional()
   })
-}), xe = E.extend({
+}), Ue = E.extend({
   type: e.literal("GMAPS_ADDRESS"),
   config: e.object({
     api_key: e.string().optional()
   })
-}), Pe = E.extend({
+}), Fe = E.extend({
   type: e.literal("RECAPTCHA"),
   config: e.object({
     site_key: e.string().optional()
@@ -956,12 +823,12 @@ const be = e.object({
   hint: e.string().min(1).max(500).optional(),
   required: e.boolean().optional(),
   sensitive: e.boolean().optional()
-}), Me = o.extend({
+}), ke = o.extend({
   type: e.literal("BOOLEAN"),
   config: e.object({
     default_value: e.boolean().optional()
   }).optional()
-}), He = o.extend({
+}), ve = o.extend({
   type: e.literal("CARDS"),
   config: e.object({
     options: e.array(
@@ -974,7 +841,7 @@ const be = e.object({
     ).optional(),
     multi_select: e.boolean().optional()
   }).optional()
-}), Ge = o.extend({
+}), xe = o.extend({
   type: e.literal("CHOICE"),
   config: e.object({
     options: e.array(
@@ -985,20 +852,20 @@ const be = e.object({
     ).optional(),
     display: e.enum(["radio", "checkbox"]).optional()
   }).optional()
-}), Be = o.extend({
+}), Pe = o.extend({
   type: e.literal("CUSTOM"),
   config: e.object({
     component: e.string().optional(),
     props: e.record(e.any()).optional()
   })
-}), Ke = o.extend({
+}), Me = o.extend({
   type: e.literal("DATE"),
   config: e.object({
     format: e.string().optional(),
     min: e.string().optional(),
     max: e.string().optional()
   }).optional()
-}), We = o.extend({
+}), He = o.extend({
   type: e.literal("DROPDOWN"),
   config: e.object({
     options: e.array(
@@ -1010,25 +877,25 @@ const be = e.object({
     placeholder: e.string().optional(),
     searchable: e.boolean().optional()
   }).optional()
-}), ze = o.extend({
+}), Ge = o.extend({
   type: e.literal("EMAIL"),
   config: e.object({
     placeholder: e.string().optional()
   }).optional()
-}), Xe = o.extend({
+}), Be = o.extend({
   type: e.literal("FILE"),
   config: e.object({
     accept: e.string().optional(),
     max_size: e.number().optional(),
     multiple: e.boolean().optional()
   }).optional()
-}), Ve = o.extend({
+}), Ke = o.extend({
   type: e.literal("LEGAL"),
   config: e.object({
     text: e.string(),
     html: e.boolean().optional()
   }).optional()
-}), qe = o.extend({
+}), We = o.extend({
   type: e.literal("NUMBER"),
   config: e.object({
     placeholder: e.string().optional(),
@@ -1036,7 +903,7 @@ const be = e.object({
     max: e.number().optional(),
     step: e.number().optional()
   }).optional()
-}), Ye = o.extend({
+}), ze = o.extend({
   type: e.literal("PASSWORD"),
   config: e.object({
     placeholder: e.string().optional(),
@@ -1044,49 +911,53 @@ const be = e.object({
     show_toggle: e.boolean().optional(),
     forgot_password_link: e.string().optional()
   }).optional()
-}), Qe = o.extend({
+}), Xe = o.extend({
   type: e.literal("PAYMENT"),
   config: e.object({
     provider: e.string().optional(),
     currency: e.string().optional()
   }).optional()
-}), Je = o.extend({
+}), Ve = o.extend({
   type: e.literal("SOCIAL"),
   config: e.object({
     providers: e.array(e.string()).optional()
   }).optional()
-}), Ze = o.extend({
+}), qe = o.extend({
   type: e.literal("TEL"),
   config: e.object({
     placeholder: e.string().optional(),
     default_country: e.string().optional()
   }).optional()
-}), $e = o.extend({
+}), Ye = o.extend({
   type: e.literal("TEXT"),
   config: e.object({
     placeholder: e.string().optional(),
     multiline: e.boolean().optional(),
     max_length: e.number().optional()
   }).optional()
-}), et = o.extend({
+}), Qe = o.extend({
   type: e.literal("URL"),
   config: e.object({
     placeholder: e.string().optional()
   }).optional()
-}), tt = e.discriminatedUnion("type", [
+}), Je = e.discriminatedUnion("type", [
+  ye,
+  Oe,
+  Te,
+  Ne,
   Re,
   De,
   Le,
-  we,
+  we
+]), Ze = e.discriminatedUnion("type", [
   je,
   Ue,
-  Fe,
-  ke
-]), ot = e.discriminatedUnion("type", [
+  Fe
+]), $e = e.discriminatedUnion("type", [
+  ke,
   ve,
   xe,
-  Pe
-]), nt = e.discriminatedUnion("type", [
+  Pe,
   Me,
   He,
   Ge,
@@ -1098,16 +969,12 @@ const be = e.object({
   Ve,
   qe,
   Ye,
-  Qe,
+  Qe
+]), R = e.union([
   Je,
   Ze,
-  $e,
-  et
-]), R = e.union([
-  tt,
-  ot,
-  nt
-]), ho = e.object({
+  $e
+]), uo = e.object({
   id: e.string(),
   type: e.literal("submit"),
   label: e.string(),
@@ -1119,7 +986,7 @@ const be = e.object({
 }), _ = e.object({
   x: e.number(),
   y: e.number()
-}), it = e.object({
+}), et = e.object({
   id: e.string(),
   type: e.literal("FLOW"),
   coordinates: _,
@@ -1128,7 +995,7 @@ const be = e.object({
     flow_id: e.string().max(30),
     next_node: e.string().optional()
   })
-}), at = e.object({
+}), tt = e.object({
   id: e.string(),
   type: e.literal("ROUTER"),
   coordinates: _,
@@ -1144,7 +1011,7 @@ const be = e.object({
     ),
     fallback: e.string()
   })
-}), rt = e.object({
+}), ot = e.object({
   id: e.string(),
   type: e.literal("STEP"),
   coordinates: _,
@@ -1153,11 +1020,11 @@ const be = e.object({
     components: e.array(R),
     next_node: e.string().optional()
   })
-}), st = e.discriminatedUnion("type", [
-  it,
-  at,
-  rt
-]), lt = e.object({
+}), nt = e.discriminatedUnion("type", [
+  et,
+  tt,
+  ot
+]), it = e.object({
   name: e.string().openapi({
     description: "The name of the form"
   }),
@@ -1170,7 +1037,7 @@ const be = e.object({
     default: e.string().optional()
   }).optional(),
   translations: e.record(e.string(), e.any()).optional(),
-  nodes: e.array(st).optional(),
+  nodes: e.array(nt).optional(),
   start: e.object({
     hidden_fields: e.array(e.object({ key: e.string(), value: e.string() })).optional(),
     next_node: e.string().optional(),
@@ -1188,35 +1055,35 @@ const be = e.object({
   style: e.object({ css: e.string().optional() }).optional()
 }).openapi({
   description: "Schema for flow-based forms (matches Auth0 Forms structure)"
-}), bo = e.object({
+}), mo = e.object({
   ...r.shape,
-  ...lt.shape,
+  ...it.shape,
   id: e.string()
-}), ct = e.object({
+}), at = e.object({
   id: e.number().optional(),
   text: e.string(),
   type: e.enum(["info", "error", "success", "warning"])
-}), pt = e.object({
+}), rt = e.object({
   id: e.string().optional(),
   text: e.string(),
   href: e.string(),
   linkText: e.string().optional()
-}), fo = e.object({
+}), ho = e.object({
   action: e.string(),
   method: e.enum(["POST", "GET"]),
   title: e.string().optional(),
   description: e.string().optional(),
   components: e.array(R),
-  messages: e.array(ct).optional(),
-  links: e.array(pt).optional()
+  messages: e.array(at).optional(),
+  links: e.array(rt).optional()
 });
-function Eo(t) {
+function bo(t) {
   return t.category === "BLOCK";
 }
-function So(t) {
+function fo(t) {
   return t.category === "WIDGET";
 }
-function Ao(t) {
+function Eo(t) {
   return t.category === "FIELD";
 }
 const D = e.enum([
@@ -1239,37 +1106,37 @@ const D = e.enum([
   synchronous: e.boolean().default(!1),
   priority: e.number().optional(),
   hook_id: e.string().optional()
-}, _t = e.object({
+}, st = e.object({
   ...m,
   trigger_id: D,
   url: e.string()
-}), dt = e.object({
+}), lt = e.object({
   ...m,
   trigger_id: L,
   form_id: e.string()
-}), Io = e.union([
-  _t,
-  dt
-]), gt = e.object({
+}), So = e.union([
+  st,
+  lt
+]), ct = e.object({
   ...m,
   trigger_id: D,
   ...r.shape,
   hook_id: e.string(),
   url: e.string()
-}), ut = e.object({
+}), pt = e.object({
   ...m,
   trigger_id: L,
   ...r.shape,
   hook_id: e.string(),
   form_id: e.string()
-}), Co = e.union([gt, ut]), mt = e.object({
+}), Ao = e.union([ct, pt]), _t = e.object({
   name: e.string().optional()
-}), ht = e.object({
+}), dt = e.object({
   email: e.string().optional()
-}), bt = e.object({
+}), gt = e.object({
   organization_id: e.string().max(50),
-  inviter: mt,
-  invitee: ht,
+  inviter: _t,
+  invitee: dt,
   invitation_url: e.string().url(),
   client_id: e.string(),
   connection_id: e.string().optional(),
@@ -1278,13 +1145,13 @@ const D = e.enum([
   ttl_sec: e.number().int().max(2592e3).default(604800).optional(),
   roles: e.array(e.string()).default([]).optional(),
   send_invitation_email: e.boolean().default(!0).optional()
-}), yo = e.object({
+}), Io = e.object({
   id: e.string(),
   organization_id: e.string().max(50),
   created_at: e.string().datetime(),
   expires_at: e.string().datetime(),
   ticket_id: e.string().optional()
-}).extend(bt.shape), ft = e.object({
+}).extend(gt.shape), ut = e.object({
   alg: e.enum([
     "RS256",
     "RS384",
@@ -1303,9 +1170,9 @@ const D = e.enum([
   x5t: e.string().optional(),
   x5c: e.array(e.string()).optional(),
   use: e.enum(["sig", "enc"]).optional()
-}), Oo = e.object({
-  keys: e.array(ft)
-}), To = e.object({
+}), Co = e.object({
+  keys: e.array(ut)
+}), yo = e.object({
   issuer: e.string(),
   authorization_endpoint: e.string(),
   token_endpoint: e.string(),
@@ -1328,17 +1195,17 @@ const D = e.enum([
   token_endpoint_auth_signing_alg_values_supported: e.array(e.string())
 });
 var w = /* @__PURE__ */ ((t) => (t.PENDING = "pending", t.AUTHENTICATED = "authenticated", t.AWAITING_EMAIL_VERIFICATION = "awaiting_email_verification", t.AWAITING_HOOK = "awaiting_hook", t.AWAITING_CONTINUATION = "awaiting_continuation", t.COMPLETED = "completed", t.FAILED = "failed", t.EXPIRED = "expired", t))(w || {});
-const Et = e.nativeEnum(w), St = e.object({
+const mt = e.nativeEnum(w), ht = e.object({
   csrf_token: e.string(),
   auth0Client: e.string().optional(),
-  authParams: be,
+  authParams: he,
   expires_at: e.string(),
   deleted_at: e.string().optional(),
   ip: e.string().optional(),
   useragent: e.string().optional(),
   session_id: e.string().optional(),
   authorization_url: e.string().optional(),
-  state: Et.optional().default(
+  state: mt.optional().default(
     "pending"
     /* PENDING */
   ),
@@ -1349,14 +1216,14 @@ const Et = e.nativeEnum(w), St = e.object({
   // Set once user is authenticated
 }).openapi({
   description: "This represents a login sesion"
-}), No = e.object({
-  ...St.shape,
+}), Oo = e.object({
+  ...ht.shape,
   id: e.string().openapi({
     description: "This is is used as the state in the universal login"
   }),
   created_at: e.string(),
   updated_at: e.string()
-}), At = {
+}), bt = {
   // Network & System
   ACLS_SUMMARY: "acls_summary",
   ACTIONS_EXECUTION_FAILED: "actions_execution_failed",
@@ -1527,24 +1394,24 @@ const Et = e.nativeEnum(w), St = e.object({
   WARNING_DURING_LOGIN: "w",
   WARNING_SENDING_NOTIFICATION: "wn",
   WARNING_USER_MANAGEMENT: "wum"
-}, It = e.string().refine(
-  (t) => Object.values(At).includes(t),
+}, ft = e.string().refine(
+  (t) => Object.values(bt).includes(t),
   { message: "Invalid log type" }
-), Ct = e.object({
+), Et = e.object({
   name: e.string(),
   version: e.string(),
   env: e.object({
     node: e.string().optional()
   }).optional()
-}), yt = e.object({
+}), St = e.object({
   country_code: e.string().length(2),
   city_name: e.string(),
   latitude: e.string(),
   longitude: e.string(),
   time_zone: e.string(),
   continent_code: e.string()
-}), Ot = e.object({
-  type: It,
+}), At = e.object({
+  type: ft,
   date: e.string(),
   description: e.string().optional(),
   ip: e.string().optional(),
@@ -1563,19 +1430,19 @@ const Et = e.nativeEnum(w), St = e.object({
   strategy: e.string().optional(),
   strategy_type: e.string().optional(),
   hostname: e.string().optional(),
-  auth0_client: Ct.optional(),
+  auth0_client: Et.optional(),
   log_id: e.string().optional(),
-  location_info: yt.optional()
-}), Ro = e.object({
-  ...Ot.shape,
+  location_info: St.optional()
+}), To = e.object({
+  ...At.shape,
   log_id: e.string()
-}), Tt = e.object({
+}), It = e.object({
   id: e.string().optional(),
   user_id: e.string(),
   password: e.string(),
   algorithm: e.enum(["bcrypt", "argon2id"]).default("argon2id"),
   is_current: e.boolean().default(!0)
-}), Do = Tt.extend({
+}), No = It.extend({
   id: e.string(),
   created_at: e.string(),
   updated_at: e.string()
@@ -1586,7 +1453,7 @@ const Et = e.nativeEnum(w), St = e.object({
   last_user_agent: e.string().describe("Last user agent of the device from which this user logged in"),
   last_ip: e.string().describe("Last IP address from which this user logged in"),
   last_asn: e.string().describe("Last autonomous system number from which this user logged in")
-}), Nt = e.object({
+}), Ct = e.object({
   id: e.string(),
   revoked_at: e.string().optional(),
   used_at: e.string().optional(),
@@ -1598,13 +1465,13 @@ const Et = e.nativeEnum(w), St = e.object({
     "Metadata related to the device used in the session"
   ),
   clients: e.array(e.string()).describe("List of client details for the session")
-}), Lo = e.object({
+}), Ro = e.object({
   created_at: e.string(),
   updated_at: e.string(),
   authenticated_at: e.string(),
   last_interaction_at: e.string(),
-  ...Nt.shape
-}), wo = e.object({
+  ...Ct.shape
+}), Do = e.object({
   kid: e.string().openapi({ description: "The key id of the signing key" }),
   cert: e.string().openapi({ description: "The public certificate of the signing key" }),
   fingerprint: e.string().openapi({ description: "The cert fingerprint" }),
@@ -1629,9 +1496,138 @@ const Et = e.nativeEnum(w), St = e.object({
   type: e.enum(["jwt_signing", "saml_encryption"]).openapi({
     description: "The type of the signing key"
   })
+}), yt = e.object({
+  id: e.string().optional(),
+  // Basic settings
+  audience: e.string(),
+  friendly_name: e.string(),
+  // Required - replaces the old 'name' field
+  picture_url: e.string().optional(),
+  support_email: e.string().optional(),
+  support_url: e.string().optional(),
+  sender_email: e.string().email(),
+  sender_name: e.string(),
+  // Tenant Settings fields (merged from TenantSettings)
+  // Session settings
+  session_lifetime: e.number().optional(),
+  idle_session_lifetime: e.number().optional(),
+  ephemeral_session_lifetime: e.number().optional(),
+  idle_ephemeral_session_lifetime: e.number().optional(),
+  session_cookie: e.object({
+    mode: e.enum(["persistent", "non-persistent"]).optional()
+  }).optional(),
+  // Logout settings
+  allowed_logout_urls: e.array(e.string()).optional(),
+  // Universal Login settings
+  default_redirection_uri: e.string().optional(),
+  // Advanced settings
+  enabled_locales: e.array(e.string()).optional(),
+  default_directory: e.string().optional(),
+  error_page: e.object({
+    html: e.string().optional(),
+    show_log_link: e.boolean().optional(),
+    url: e.string().optional()
+  }).optional(),
+  // Flags
+  flags: e.object({
+    allow_changing_enable_sso: e.boolean().optional(),
+    allow_legacy_delegation_grant_types: e.boolean().optional(),
+    allow_legacy_ro_grant_types: e.boolean().optional(),
+    allow_legacy_tokeninfo_endpoint: e.boolean().optional(),
+    change_pwd_flow_v1: e.boolean().optional(),
+    custom_domains_provisioning: e.boolean().optional(),
+    dashboard_insights_view: e.boolean().optional(),
+    dashboard_log_streams_next: e.boolean().optional(),
+    disable_clickjack_protection_headers: e.boolean().optional(),
+    disable_fields_map_fix: e.boolean().optional(),
+    disable_impersonation: e.boolean().optional(),
+    disable_management_api_sms_obfuscation: e.boolean().optional(),
+    enable_adfs_waad_email_verification: e.boolean().optional(),
+    enable_apis_section: e.boolean().optional(),
+    enable_client_connections: e.boolean().optional(),
+    enable_custom_domain_in_emails: e.boolean().optional(),
+    enable_dynamic_client_registration: e.boolean().optional(),
+    enable_idtoken_api2: e.boolean().optional(),
+    enable_legacy_logs_search_v2: e.boolean().optional(),
+    enable_legacy_profile: e.boolean().optional(),
+    enable_pipeline2: e.boolean().optional(),
+    enable_public_signup_user_exists_error: e.boolean().optional(),
+    enable_sso: e.boolean().optional(),
+    enforce_client_authentication_on_passwordless_start: e.boolean().optional(),
+    genai_trial: e.boolean().optional(),
+    improved_signup_bot_detection_in_classic: e.boolean().optional(),
+    mfa_show_factor_list_on_enrollment: e.boolean().optional(),
+    no_disclose_enterprise_connections: e.boolean().optional(),
+    remove_alg_from_jwks: e.boolean().optional(),
+    revoke_refresh_token_grant: e.boolean().optional(),
+    trust_azure_adfs_email_verified_connection_property: e.boolean().optional(),
+    use_scope_descriptions_for_consent: e.boolean().optional(),
+    // When enabled, tenant-level permissions will be inherited when users request
+    // organization-scoped tokens. This allows users with tenant-level roles to maintain
+    // their permissions when accessing resources in an organization context.
+    inherit_global_permissions_in_organizations: e.boolean().optional()
+  }).optional(),
+  // Sandbox settings
+  sandbox_version: e.string().optional(),
+  legacy_sandbox_version: e.string().optional(),
+  sandbox_versions_available: e.array(e.string()).optional(),
+  // Change password settings
+  change_password: e.object({
+    enabled: e.boolean().optional(),
+    html: e.string().optional()
+  }).optional(),
+  // Guardian MFA settings
+  guardian_mfa_page: e.object({
+    enabled: e.boolean().optional(),
+    html: e.string().optional()
+  }).optional(),
+  // Device flow settings
+  device_flow: e.object({
+    charset: e.enum(["base20", "digits"]).optional(),
+    mask: e.string().max(20).optional()
+  }).optional(),
+  // Default token quota
+  default_token_quota: e.object({
+    clients: e.object({
+      client_credentials: e.record(e.any()).optional()
+    }).optional(),
+    organizations: e.object({
+      client_credentials: e.record(e.any()).optional()
+    }).optional()
+  }).optional(),
+  // Default audience
+  default_audience: e.string().optional(),
+  // Default organization
+  default_organization: e.string().optional(),
+  // Session management
+  sessions: e.object({
+    oidc_logout_prompt_enabled: e.boolean().optional()
+  }).optional(),
+  // OIDC logout settings
+  oidc_logout: e.object({
+    rp_logout_end_session_endpoint_discovery: e.boolean().optional()
+  }).optional(),
+  // Organization settings
+  allow_organization_name_in_authentication_api: e.boolean().optional(),
+  // MFA settings
+  customize_mfa_in_postlogin_action: e.boolean().optional(),
+  // ACR values
+  acr_values_supported: e.array(e.string()).optional(),
+  // mTLS settings
+  mtls: e.object({
+    enable_endpoint_aliases: e.boolean().optional()
+  }).optional(),
+  // Authorization settings
+  pushed_authorization_requests_supported: e.boolean().optional(),
+  authorization_response_iss_parameter_supported: e.boolean().optional()
+}), Lo = e.object({
+  created_at: e.string().nullable().transform((t) => t ?? ""),
+  updated_at: e.string().nullable().transform((t) => t ?? ""),
+  ...yt.shape,
+  id: e.string()
 });
-var Rt = /* @__PURE__ */ ((t) => (t.RefreshToken = "refresh_token", t.AuthorizationCode = "authorization_code", t.ClientCredential = "client_credentials", t.Passwordless = "passwordless", t.Password = "password", t.OTP = "http://auth0.com/oauth/grant-type/passwordless/otp", t))(Rt || {});
-const jo = e.object({
+var Ot = /* @__PURE__ */ ((t) => (t.RefreshToken = "refresh_token", t.AuthorizationCode = "authorization_code", t.ClientCredential = "client_credentials", t.Passwordless = "passwordless", t.Password = "password", t.OTP = "http://auth0.com/oauth/grant-type/passwordless/otp", t))(Ot || {});
+const wo = e.object({
   access_token: e.string(),
   id_token: e.string().optional(),
   scope: e.string().optional(),
@@ -1644,7 +1640,7 @@ e.object({
   code: e.string(),
   state: e.string().optional()
 });
-const Dt = e.object({
+const Tt = e.object({
   button_border_radius: e.number(),
   button_border_weight: e.number(),
   buttons_style: e.enum(["pill", "rounded", "sharp"]),
@@ -1654,7 +1650,7 @@ const Dt = e.object({
   show_widget_shadow: e.boolean(),
   widget_border_weight: e.number(),
   widget_corner_radius: e.number()
-}), Lt = e.object({
+}), Nt = e.object({
   base_focus_color: e.string(),
   base_hover_color: e.string(),
   body_text: e.string(),
@@ -1677,7 +1673,7 @@ const Dt = e.object({
 }), l = e.object({
   bold: e.boolean(),
   size: e.number()
-}), wt = e.object({
+}), Rt = e.object({
   body_text: l,
   buttons_text: l,
   font_url: e.string(),
@@ -1687,31 +1683,31 @@ const Dt = e.object({
   reference_text_size: e.number(),
   subtitle: l,
   title: l
-}), jt = e.object({
+}), Dt = e.object({
   background_color: e.string(),
   background_image_url: e.string(),
   page_layout: e.enum(["center", "left", "right"])
-}), Ut = e.object({
+}), Lt = e.object({
   header_text_alignment: e.enum(["center", "left", "right"]),
   logo_height: e.number(),
   logo_position: e.enum(["center", "left", "none", "right"]),
   logo_url: e.string(),
   social_buttons_layout: e.enum(["bottom", "top"])
-}), Ft = e.object({
-  borders: Dt,
-  colors: Lt,
+}), wt = e.object({
+  borders: Tt,
+  colors: Nt,
   displayName: e.string(),
-  fonts: wt,
-  page_background: jt,
-  widget: Ut
-}), Uo = Ft.extend({
+  fonts: Rt,
+  page_background: Dt,
+  widget: Lt
+}), jo = wt.extend({
   themeId: e.string()
-}), Fo = e.object({
+}), Uo = e.object({
   universal_login_experience: e.enum(["new", "classic"]).default("new"),
   identifier_first: e.boolean().default(!0),
   password_first: e.boolean().default(!1),
   webauthn_platform_first_factor: e.boolean()
-}), ko = e.object({
+}), Fo = e.object({
   name: e.string(),
   enabled: e.boolean().optional().default(!0),
   default_from_address: e.string().optional(),
@@ -1741,7 +1737,7 @@ const Dt = e.object({
     })
   ]),
   settings: e.object({}).optional()
-}), kt = e.object({
+}), jt = e.object({
   // The actual refresh token value (primary key).
   id: e.string(),
   // Link to the session record
@@ -1762,21 +1758,21 @@ const Dt = e.object({
     })
   ),
   rotating: e.boolean()
-}), vo = e.object({
+}), ko = e.object({
   // When the refresh token record was created.
   created_at: e.string(),
   // Spread in the rest of the refresh token properties.
-  ...kt.shape
-}), xo = e.object({
+  ...jt.shape
+}), vo = e.object({
   to: e.string(),
   message: e.string()
-}), Po = e.object({
+}), xo = e.object({
   name: e.string(),
   options: e.object({})
-}), vt = e.object({
+}), Ut = e.object({
   value: e.string(),
   description: e.string().optional()
-}), xt = e.object({
+}), Ft = e.object({
   token_dialect: e.enum(["access_token", "access_token_authz"]).optional(),
   enforce_policies: e.boolean().optional(),
   allow_skipping_userinfo: e.boolean().optional(),
@@ -1786,11 +1782,11 @@ const Dt = e.object({
   mtls: e.object({
     bound_access_tokens: e.boolean().optional()
   }).optional()
-}), Pt = e.object({
+}), kt = e.object({
   id: e.string().optional(),
   name: e.string(),
   identifier: e.string(),
-  scopes: e.array(vt).optional(),
+  scopes: e.array(Ut).optional(),
   signing_alg: e.string().optional(),
   signing_secret: e.string().optional(),
   token_lifetime: e.number().optional(),
@@ -1798,30 +1794,30 @@ const Dt = e.object({
   skip_consent_for_verifiable_first_party_clients: e.boolean().optional(),
   allow_offline_access: e.boolean().optional(),
   verificationKey: e.string().optional(),
-  options: xt.optional(),
+  options: Ft.optional(),
   is_system: e.boolean().optional(),
   metadata: e.record(e.any()).optional()
-}), Mt = e.object({
-  ...Pt.shape,
+}), vt = e.object({
+  ...kt.shape,
   created_at: e.string().optional(),
   updated_at: e.string().optional()
-}), Mo = e.array(Mt), Ht = e.object({
+}), Po = e.array(vt), xt = e.object({
   role_id: e.string(),
   resource_server_identifier: e.string(),
   permission_name: e.string()
-}), Gt = e.object({
-  ...Ht.shape,
+}), Pt = e.object({
+  ...xt.shape,
   created_at: e.string()
-}), Ho = e.array(Gt), Bt = e.object({
+}), Mo = e.array(Pt), Mt = e.object({
   user_id: e.string(),
   resource_server_identifier: e.string(),
   permission_name: e.string(),
   organization_id: e.string().optional()
-}), Kt = e.object({
-  ...Bt.shape,
+}), Ht = e.object({
+  ...Mt.shape,
   tenant_id: e.string(),
   created_at: e.string().optional()
-}), Go = e.array(Kt), Wt = e.object({
+}), Ho = e.array(Ht), Gt = e.object({
   user_id: e.string(),
   resource_server_identifier: e.string(),
   resource_server_name: e.string(),
@@ -1829,17 +1825,17 @@ const Dt = e.object({
   description: e.string().nullable().optional(),
   created_at: e.string().optional(),
   organization_id: e.string().optional()
-}), Bo = e.array(
-  Wt
-), zt = e.object({
+}), Go = e.array(
+  Gt
+), Bt = e.object({
   user_id: e.string(),
   role_id: e.string(),
   organization_id: e.string().optional()
-}), Xt = e.object({
-  ...zt.shape,
+}), Kt = e.object({
+  ...Bt.shape,
   tenant_id: e.string(),
   created_at: e.string().optional()
-}), Ko = e.array(Xt), Vt = e.object({
+}), Bo = e.array(Kt), Wt = e.object({
   id: e.string().optional().openapi({
     description: "The unique identifier of the role. If not provided, one will be generated."
   }),
@@ -1853,13 +1849,13 @@ const Dt = e.object({
   metadata: e.record(e.any()).optional().openapi({
     description: "Metadata associated with the role. Can be used to control sync behavior in multi-tenancy scenarios."
   })
-}), qt = Vt.extend({
+}), zt = Wt.extend({
   id: e.string().openapi({
     description: "The unique identifier of the role"
   }),
   created_at: e.string().optional(),
   updated_at: e.string().optional()
-}), Wo = e.array(qt), Yt = e.object({
+}), Ko = e.array(zt), Xt = e.object({
   logo_url: e.string().optional().openapi({
     description: "URL of the organization's logo"
   }),
@@ -1871,7 +1867,7 @@ const Dt = e.object({
       description: "Page background color in hex format (e.g., #FFFFFF)"
     })
   }).optional()
-}).optional(), Qt = e.object({
+}).optional(), Vt = e.object({
   connection_id: e.string().openapi({
     description: "ID of the connection"
   }),
@@ -1884,7 +1880,7 @@ const Dt = e.object({
   is_signup_enabled: e.boolean().default(!0).openapi({
     description: "Whether signup is enabled for this connection"
   })
-}), Jt = e.object({
+}), qt = e.object({
   client_credentials: e.object({
     enforce: e.boolean().default(!1).openapi({
       description: "Whether to enforce token quota limits"
@@ -1896,7 +1892,7 @@ const Dt = e.object({
       description: "Maximum tokens per hour (0 = unlimited)"
     })
   }).optional()
-}).optional(), Zt = e.object({
+}).optional(), Yt = e.object({
   id: e.string().optional(),
   name: e.string().min(1).regex(/^[a-z0-9_-]+$/, {
     message: "Organization name must be lowercase and can only contain letters, numbers, hyphens, and underscores"
@@ -1906,34 +1902,34 @@ const Dt = e.object({
   display_name: e.string().optional().openapi({
     description: "The display name of the organization"
   }),
-  branding: Yt,
+  branding: Xt,
   metadata: e.record(e.any()).default({}).optional().openapi({
     description: "Custom metadata for the organization"
   }),
-  enabled_connections: e.array(Qt).default([]).optional().openapi({
+  enabled_connections: e.array(Vt).default([]).optional().openapi({
     description: "List of enabled connections for the organization"
   }),
-  token_quota: Jt
-}), zo = e.object({
-  ...Zt.shape,
+  token_quota: qt
+}), Wo = e.object({
+  ...Yt.shape,
   ...r.shape,
   id: e.string(),
   // Override name to be lenient when reading from database (to support existing uppercase names)
   name: e.string().min(1).openapi({
     description: "The name of the organization"
   })
-}), $t = e.object({
+}), Qt = e.object({
   user_id: e.string().openapi({
     description: "ID of the user"
   }),
   organization_id: e.string().openapi({
     description: "ID of the organization"
   })
-}), Xo = e.object({
-  ...$t.shape,
+}), zo = e.object({
+  ...Qt.shape,
   ...r.shape,
   id: e.string()
-}), Vo = e.object({
+}), Xo = e.object({
   // Session settings
   idle_session_lifetime: e.number().optional(),
   session_lifetime: e.number().optional(),
@@ -2002,7 +1998,7 @@ const Dt = e.object({
   sessions: e.object({
     oidc_logout_prompt_enabled: e.boolean().optional()
   }).optional()
-}), qo = e.object({
+}), Vo = e.object({
   date: e.string().openapi({
     description: "Date these events occurred in ISO 8601 format",
     example: "2025-12-19"
@@ -2027,17 +2023,17 @@ const Dt = e.object({
     description: "Approximate date and time the first event occurred in ISO 8601 format",
     example: "2025-12-19T00:00:00.000Z"
   })
-}), Yo = e.number().openapi({
+}), qo = e.number().openapi({
   description: "Number of active users in the last 30 days",
   example: 1234
 });
-function Qo(t) {
+function Yo(t) {
   const [a, s] = t.split("|");
   if (!a || !s)
     throw new Error(`Invalid user_id: ${t}`);
   return { connection: a, id: s };
 }
-function Jo(t) {
+function Qo(t) {
   const {
     primary: a,
     secondaries: s,
@@ -2078,156 +2074,155 @@ function Jo(t) {
   };
   return new Proxy(a, F);
 }
-function Zo(t) {
+function Jo(t) {
   return t;
 }
 export {
-  oo as Auth0ActionEnum,
-  Ct as Auth0Client,
+  $t as Auth0ActionEnum,
+  Et as Auth0Client,
   T as AuthorizationResponseMode,
   O as AuthorizationResponseType,
   N as CodeChallengeMethod,
   y as ComponentCategory,
   C as ComponentType,
-  no as EmailActionEnum,
-  to as FlowActionTypeEnum,
-  Rt as GrantType,
-  yt as LocationInfo,
-  At as LogTypes,
+  eo as EmailActionEnum,
+  Zt as FlowActionTypeEnum,
+  Ot as GrantType,
+  St as LocationInfo,
+  bt as LogTypes,
   w as LoginSessionState,
-  le as NodeType,
+  se as NodeType,
   G as RedirectTargetEnum,
-  _e as actionNodeSchema,
-  Yo as activeUsersResponseSchema,
+  pe as actionNodeSchema,
+  qo as activeUsersResponseSchema,
   V as addressSchema,
-  po as auth0FlowInsertSchema,
-  he as auth0FlowSchema,
-  ao as auth0QuerySchema,
+  lo as auth0FlowInsertSchema,
+  me as auth0FlowSchema,
+  oo as auth0QuerySchema,
   M as auth0UpdateUserActionSchema,
-  so as auth0UserResponseSchema,
-  be as authParamsSchema,
+  io as auth0UserResponseSchema,
+  he as authParamsSchema,
   I as baseUserSchema,
-  tt as blockComponentSchema,
-  Dt as bordersSchema,
-  _o as brandingSchema,
-  ne as buttonComponentSchema,
-  ee as clientGrantInsertSchema,
-  co as clientGrantListSchema,
-  te as clientGrantSchema,
+  Je as blockComponentSchema,
+  Tt as bordersSchema,
+  co as brandingSchema,
+  oe as buttonComponentSchema,
+  $ as clientGrantInsertSchema,
+  so as clientGrantListSchema,
+  ee as clientGrantSchema,
   Z as clientInsertSchema,
-  $ as clientSchema,
-  ye as codeInsertSchema,
-  uo as codeSchema,
-  Ce as codeTypeSchema,
-  Lt as colorsSchema,
-  ct as componentMessageSchema,
-  se as componentSchema,
-  Ee as connectionInsertSchema,
-  fe as connectionOptionsSchema,
-  Se as connectionSchema,
+  ro as clientSchema,
+  fe as codeInsertSchema,
+  po as codeSchema,
+  be as codeTypeSchema,
+  Nt as colorsSchema,
+  at as componentMessageSchema,
+  re as componentSchema,
+  Se as connectionInsertSchema,
+  Ee as connectionOptionsSchema,
+  _o as connectionSchema,
   c as coordinatesSchema,
-  Jo as createPassthroughAdapter,
-  Zo as createWriteOnlyAdapter,
-  Oe as customDomainInsertSchema,
-  Ne as customDomainSchema,
-  mo as customDomainWithTenantIdSchema,
-  qo as dailyStatsSchema,
-  ko as emailProviderSchema,
+  Qo as createPassthroughAdapter,
+  Jo as createWriteOnlyAdapter,
+  Ae as customDomainInsertSchema,
+  Ce as customDomainSchema,
+  go as customDomainWithTenantIdSchema,
+  Vo as dailyStatsSchema,
+  Fo as emailProviderSchema,
   P as emailVerificationRulesSchema,
   H as emailVerifyActionSchema,
-  me as endingSchema,
-  nt as fieldComponentSchema,
+  ue as endingSchema,
+  $e as fieldComponentSchema,
   K as flowActionStepSchema,
   W as flowInsertSchema,
-  io as flowSchema,
-  ae as flowsFieldComponentSchema,
-  pe as flowsFlowNodeSchema,
-  ce as flowsStepNodeSchema,
+  to as flowSchema,
+  ie as flowsFieldComponentSchema,
+  ce as flowsFlowNodeSchema,
+  le as flowsStepNodeSchema,
   l as fontDetailsSchema,
-  wt as fontsSchema,
-  ho as formControlSchema,
-  lt as formInsertSchema,
+  Rt as fontsSchema,
+  uo as formControlSchema,
+  it as formInsertSchema,
   R as formNodeComponentDefinition,
-  st as formNodeSchema,
-  bo as formSchema,
-  re as genericComponentSchema,
-  de as genericNodeSchema,
-  Io as hookInsertSchema,
-  Co as hookSchema,
+  nt as formNodeSchema,
+  mo as formSchema,
+  ae as genericComponentSchema,
+  _e as genericNodeSchema,
+  So as hookInsertSchema,
+  Ao as hookSchema,
   X as identitySchema,
-  bt as inviteInsertSchema,
-  yo as inviteSchema,
-  ht as inviteeSchema,
-  mt as inviterSchema,
-  Eo as isBlockComponent,
-  Ao as isFieldComponent,
-  So as isWidgetComponent,
-  Oo as jwksKeySchema,
-  ft as jwksSchema,
-  go as legacyClientSchema,
-  ie as legalComponentSchema,
-  Ot as logInsertSchema,
-  Ro as logSchema,
-  St as loginSessionInsertSchema,
-  No as loginSessionSchema,
-  Et as loginSessionStateSchema,
-  ge as nodeSchema,
-  To as openIDConfigurationSchema,
-  Yt as organizationBrandingSchema,
-  Qt as organizationEnabledConnectionSchema,
-  Zt as organizationInsertSchema,
-  zo as organizationSchema,
-  Jt as organizationTokenQuotaSchema,
-  jt as pageBackgroundSchema,
-  Qo as parseUserId,
-  Tt as passwordInsertSchema,
-  Do as passwordSchema,
+  gt as inviteInsertSchema,
+  Io as inviteSchema,
+  dt as inviteeSchema,
+  _t as inviterSchema,
+  bo as isBlockComponent,
+  Eo as isFieldComponent,
+  fo as isWidgetComponent,
+  Co as jwksKeySchema,
+  ut as jwksSchema,
+  ne as legalComponentSchema,
+  At as logInsertSchema,
+  To as logSchema,
+  ht as loginSessionInsertSchema,
+  Oo as loginSessionSchema,
+  mt as loginSessionStateSchema,
+  de as nodeSchema,
+  yo as openIDConfigurationSchema,
+  Xt as organizationBrandingSchema,
+  Vt as organizationEnabledConnectionSchema,
+  Yt as organizationInsertSchema,
+  Wo as organizationSchema,
+  qt as organizationTokenQuotaSchema,
+  Dt as pageBackgroundSchema,
+  Yo as parseUserId,
+  It as passwordInsertSchema,
+  No as passwordSchema,
   z as profileDataSchema,
-  Fo as promptSettingSchema,
+  Uo as promptSettingSchema,
   B as redirectActionSchema,
-  kt as refreshTokenInsertSchema,
-  vo as refreshTokenSchema,
-  Pt as resourceServerInsertSchema,
-  Mo as resourceServerListSchema,
-  xt as resourceServerOptionsSchema,
-  Mt as resourceServerSchema,
-  vt as resourceServerScopeSchema,
-  oe as richTextComponentSchema,
-  Vt as roleInsertSchema,
-  Wo as roleListSchema,
-  Ht as rolePermissionInsertSchema,
-  Ho as rolePermissionListSchema,
-  Gt as rolePermissionSchema,
-  qt as roleSchema,
-  pt as screenLinkSchema,
-  Nt as sessionInsertSchema,
-  Lo as sessionSchema,
-  wo as signingKeySchema,
-  Po as smsProviderSchema,
-  xo as smsSendParamsSchema,
-  ue as startSchema,
-  Ae as tenantInsertSchema,
-  Ie as tenantSchema,
-  Vo as tenantSettingsSchema,
-  Ft as themeInsertSchema,
-  Uo as themeSchema,
-  jo as tokenResponseSchema,
-  ro as totalsSchema,
-  fo as uiScreenSchema,
+  jt as refreshTokenInsertSchema,
+  ko as refreshTokenSchema,
+  kt as resourceServerInsertSchema,
+  Po as resourceServerListSchema,
+  Ft as resourceServerOptionsSchema,
+  vt as resourceServerSchema,
+  Ut as resourceServerScopeSchema,
+  te as richTextComponentSchema,
+  Wt as roleInsertSchema,
+  Ko as roleListSchema,
+  xt as rolePermissionInsertSchema,
+  Mo as rolePermissionListSchema,
+  Pt as rolePermissionSchema,
+  zt as roleSchema,
+  rt as screenLinkSchema,
+  Ct as sessionInsertSchema,
+  Ro as sessionSchema,
+  Do as signingKeySchema,
+  xo as smsProviderSchema,
+  vo as smsSendParamsSchema,
+  ge as startSchema,
+  yt as tenantInsertSchema,
+  Lo as tenantSchema,
+  Xo as tenantSettingsSchema,
+  wt as themeInsertSchema,
+  jo as themeSchema,
+  wo as tokenResponseSchema,
+  no as totalsSchema,
+  ho as uiScreenSchema,
   q as userInsertSchema,
-  $t as userOrganizationInsertSchema,
-  Xo as userOrganizationSchema,
-  Bt as userPermissionInsertSchema,
-  Go as userPermissionListSchema,
-  Kt as userPermissionSchema,
-  Bo as userPermissionWithDetailsListSchema,
-  Wt as userPermissionWithDetailsSchema,
-  lo as userResponseSchema,
-  zt as userRoleInsertSchema,
-  Ko as userRoleListSchema,
-  Xt as userRoleSchema,
+  Qt as userOrganizationInsertSchema,
+  zo as userOrganizationSchema,
+  Mt as userPermissionInsertSchema,
+  Ho as userPermissionListSchema,
+  Ht as userPermissionSchema,
+  Go as userPermissionWithDetailsListSchema,
+  Gt as userPermissionWithDetailsSchema,
+  ao as userResponseSchema,
+  Bt as userRoleInsertSchema,
+  Bo as userRoleListSchema,
+  Kt as userRoleSchema,
   Y as userSchema,
-  Te as verificationMethodsSchema,
-  ot as widgetComponentSchema,
-  Ut as widgetSchema
+  Ie as verificationMethodsSchema,
+  Ze as widgetComponentSchema,
+  Lt as widgetSchema
 };