@authhero/adapter-interfaces 0.143.0 → 0.145.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/adapter-interfaces.cjs +1 -1
  2. package/dist/adapter-interfaces.d.ts +31 -0
  3. package/dist/adapter-interfaces.mjs +29 -25
  4. package/package.json +1 -1
package/dist/adapter-interfaces.cjs CHANGED
@@ -1 +1 @@
1
- "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("@hono/zod-openapi"),s=e.z.object({created_at:e.z.string(),updated_at:e.z.string()}),Io=e.z.enum(["AUTH0","EMAIL","REDIRECT"]),yo=e.z.enum(["CREATE_USER","GET_USER","UPDATE_USER","SEND_REQUEST","SEND_EMAIL"]),Co=e.z.enum(["VERIFY_EMAIL"]),U=e.z.object({require_mx_record:e.z.boolean().optional(),block_aliases:e.z.boolean().optional(),block_free_emails:e.z.boolean().optional(),block_disposable_emails:e.z.boolean().optional(),blocklist:e.z.array(e.z.string()).optional(),allowlist:e.z.array(e.z.string()).optional()}),F=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("AUTH0"),action:e.z.literal("UPDATE_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({connection_id:e.z.string().optional(),user_id:e.z.string(),changes:e.z.record(e.z.string(),e.z.any())})}),x=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("EMAIL"),action:e.z.literal("VERIFY_EMAIL"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({email:e.z.string(),rules:U.optional()})}),P=e.z.enum(["change-email","account","custom"]),M=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("REDIRECT"),action:e.z.literal("REDIRECT_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({target:P.openapi({description:"The predefined target to redirect to, or 'custom' for a custom URL"}),custom_url:e.z.string().optional().openapi({description:"Custom URL to redirect to when target is 'custom'"})})}),H=e.z.union([F,x,M]),G=e.z.object({name:e.z.string().min(1).max(150).openapi({description:"The name of the flow"}),actions:e.z.array(H).optional().default([]).openapi({description:"The list of actions to execute in sequence"})}),To=G.extend({...s.shape,id:e.z.string().openapi({description:"Unique identifier for the flow",example:"af_12tMpdJ3iek7svMyZkSh5M"})}),Oo=e.z.object({page:e.z.string().min(0).optional().default("0").transform(o=>parseInt(o,10)).openapi({description:"The page number where 0 is the first page"}),per_page:e.z.string().min(1).optional().default("10").transform(o=>parseInt(o,10)).openapi({description:"The number of items per page"}),include_totals:e.z.string().optional().default("false").transform(o=>o==="true").openapi({description:"If the total number of items should be included in the response"}),sort:e.z.string().regex(/^.+:(-1|1)$/).optional().openapi({description:"A property that should have the format 'string:-1' or 'string:1'"}),q:e.z.string().optional().openapi({description:"A lucene query string used to filter the results"})}),No=e.z.object({start:e.z.number(),limit:e.z.number(),length:e.z.number(),total:e.z.number().optional()}),B=e.z.object({email:e.z.string().optional(),email_verified:e.z.boolean().optional(),name:e.z.string().optional(),username:e.z.string().optional(),given_name:e.z.string().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),family_name:e.z.string().optional()}).catchall(e.z.any()),W=e.z.object({connection:e.z.string(),user_id:e.z.string(),provider:e.z.string(),isSocial:e.z.boolean(),email:e.z.string().optional(),email_verified:e.z.boolean().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),username:e.z.string().optional(),access_token:e.z.string().optional(),access_token_secret:e.z.string().optional(),refresh_token:e.z.string().optional(),profileData:B.optional()}),K=e.z.object({formatted:e.z.string().optional(),street_address:e.z.string().optional(),locality:e.z.string().optional(),region:e.z.string().optional(),postal_code:e.z.string().optional(),country:e.z.string().optional()}).optional(),y=e.z.object({email:e.z.string().optional().transform(o=>o&&o.toLowerCase()),username:e.z.string().refine(o=>!o.includes("@"),{message:'Usernames must not contain "@". Use the email field for email addresses.'}).optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),given_name:e.z.string().optional(),family_name:e.z.string().optional(),nickname:e.z.string().optional(),name:e.z.string().optional(),picture:e.z.string().optional(),locale:e.z.string().optional(),linked_to:e.z.string().optional(),profileData:e.z.string().optional(),user_id:e.z.string().optional(),app_metadata:e.z.any().default({}).optional(),user_metadata:e.z.any().default({}).optional(),middle_name:e.z.string().optional(),preferred_username:e.z.string().optional(),profile:e.z.string().optional(),website:e.z.string().optional(),gender:e.z.string().optional(),birthdate:e.z.string().optional(),zoneinfo:e.z.string().optional(),address:K}),q=y.extend({email_verified:e.z.boolean().default(!1),verify_email:e.z.boolean().optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string().optional(),provider:e.z.string().optional(),connection:e.z.string(),is_social:e.z.boolean().optional(),password:e.z.object({hash:e.z.string(),algorithm:e.z.string()}).optional()}),X=e.z.object({...q.omit({password:!0}).shape,...s.shape,user_id:e.z.string(),provider:e.z.string(),is_social:e.z.boolean(),email:e.z.string().optional(),login_count:e.z.number().default(0),identities:e.z.array(W).optional()}),Ro=X,wo=y.extend({login_count:e.z.number(),multifactor:e.z.array(e.z.string()).optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string()}).catchall(e.z.any());let jo="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict",Lo=(o=21)=>{let n="",i=crypto.getRandomValues(new Uint8Array(o|=0));for(;o--;)n+=jo[i[o]&63];return n};const V=e.z.object({client_id:e.z.string().openapi({description:"ID of this client."}),name:e.z.string().min(1).openapi({description:"Name of this client (min length: 1 character, does not allow < or >)."}),description:e.z.string().max(140).optional().openapi({description:"Free text description of this client (max length: 140 characters)."}),global:e.z.boolean().default(!1).openapi({description:"Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false)."}),client_secret:e.z.string().default(()=>Lo()).optional().openapi({description:"Client secret (which you must not make public)."}),app_type:e.z.enum(["native","spa","regular_web","non_interactive","resource_server","express_configuration","rms","box","cloudbees","concur","dropbox","mscrm","echosign","egnyte","newrelic","office365","salesforce","sentry","sharepoint","slack","springcm","zendesk","zoom","sso_integration","oag"]).default("regular_web").optional().openapi({description:"The type of application this client represents"}),logo_uri:e.z.string().url().optional().openapi({description:"URL of the logo to display for this client. Recommended size is 150x150 pixels."}),is_first_party:e.z.boolean().default(!1).openapi({description:"Whether this client a first party client (true) or not (false)."}),oidc_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false)."}),auth0_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client follows Auth0-compatible behavior (true) or strict OIDC behavior (false). When true, profile/email claims are included in the ID token when scopes are requested. When false, these claims are only available from the userinfo endpoint (strict OIDC 5.4 compliance)."}),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),client_aliases:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of audiences/realms for SAML protocol. Used by the wsfed addon."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed."}),connections:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of connection IDs enabled for this client. The order determines the display order on the login page."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),session_transfer:e.z.record(e.z.any()).default({}).optional().openapi({description:"Native to Web SSO Configuration"}),oidc_logout:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration for OIDC backchannel logout"}),grant_types:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, urn:openid:params:grant-type:ciba, and urn:ietf:params:oauth:grant-type:device_code."}),jwt_configuration:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration related to JWTs for the client."}),signing_keys:e.z.array(e.z.record(e.z.any())).default([]).optional().openapi({description:"Signing certificates associated with this client."}),encryption_key:e.z.record(e.z.any()).default({}).optional().openapi({description:"Encryption used for WsFed responses with this client."}),sso:e.z.boolean().default(!1).openapi({description:"Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false)."}),sso_disabled:e.z.boolean().default(!0).openapi({description:"Whether Single Sign On is disabled (true) or enabled (true). Defaults to true."}),cross_origin_authentication:e.z.boolean().default(!1).openapi({description:"Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."}),cross_origin_loc:e.z.string().url().optional().openapi({description:"URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page."}),custom_login_page_on:e.z.boolean().default(!1).openapi({description:"Whether a custom login page is to be used (true) or the default provided login page (false)."}),custom_login_page:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page."}),custom_login_page_preview:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page. (Used on Previews)"}),form_template:e.z.string().optional().openapi({description:"HTML form template to be used for WS-Federation."}),addons:e.z.record(e.z.any()).default({}).optional().openapi({description:"Addons enabled for this client and their associated configurations."}),token_endpoint_auth_method:e.z.enum(["none","client_secret_post","client_secret_basic"]).default("client_secret_basic").optional().openapi({description:"Defines the requested authentication method for the token endpoint. Can be none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), or client_secret_basic (client uses HTTP Basic)."}),client_metadata:e.z.record(e.z.string().max(255)).default({}).optional().openapi({description:'Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/()<>@ [Tab][Space]'}),mobile:e.z.record(e.z.any()).default({}).optional().openapi({description:"Additional configuration for native mobile apps."}),initiate_login_uri:e.z.string().url().optional().openapi({description:"Initiate login uri, must be https"}),native_social_login:e.z.record(e.z.any()).default({}).optional(),refresh_token:e.z.record(e.z.any()).default({}).optional().openapi({description:"Refresh token configuration"}),default_organization:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines the default Organization ID and flows"}),organization_usage:e.z.enum(["deny","allow","require"]).default("deny").optional().openapi({description:"Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require."}),organization_require_behavior:e.z.enum(["no_prompt","pre_login_prompt","post_login_prompt"]).default("no_prompt").optional().openapi({description:"Defines how to proceed during an authentication transaction when client.organization_usage: 'require'. Can be no_prompt (default), pre_login_prompt or post_login_prompt. post_login_prompt requires oidc_conformant: true."}),client_authentication_methods:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines client authentication methods."}),require_pushed_authorization_requests:e.z.boolean().default(!1).openapi({description:"Makes the use of Pushed Authorization Requests mandatory for this client"}),require_proof_of_possession:e.z.boolean().default(!1).openapi({description:"Makes the use of Proof-of-Possession mandatory for this client"}),signed_request_object:e.z.record(e.z.any()).default({}).optional().openapi({description:"JWT-secured Authorization Requests (JAR) settings."}),compliance_level:e.z.enum(["none","fapi1_adv_pkj_par","fapi1_adv_mtls_par","fapi2_sp_pkj_mtls","fapi2_sp_mtls_mtls"]).optional().openapi({description:"Defines the compliance level for this client, which may restrict it's capabilities"}),par_request_expiry:e.z.number().optional().openapi({description:"Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"}),token_quota:e.z.record(e.z.any()).default({}).optional()}),Do=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),...V.shape}),Y=e.z.object({client_id:e.z.string().min(1).openapi({description:"ID of the client."}),audience:e.z.string().min(1).openapi({description:"The audience (API identifier) of this client grant."}),scope:e.z.array(e.z.string()).optional().openapi({description:"Scopes allowed for this client grant."}),organization_usage:e.z.enum(["deny","allow","require"]).optional().openapi({description:"Defines whether organizations can be used with client credentials exchanges for this grant."}),allow_any_organization:e.z.boolean().optional().openapi({description:"If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations."}),is_system:e.z.boolean().optional().openapi({description:"If enabled, this grant is a special grant created by Auth0. It cannot be modified or deleted directly."}),subject_type:e.z.enum(["client","user"]).optional().openapi({description:"The type of application access the client grant allows. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."}),authorization_details_types:e.z.array(e.z.string()).optional().openapi({description:"Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."})}),Q=e.z.object({id:e.z.string().openapi({description:"ID of the client grant."}),...Y.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),vo=e.z.array(Q),d=e.z.object({x:e.z.number(),y:e.z.number()});var C=(o=>(o.RICH_TEXT="RICH_TEXT",o.NEXT_BUTTON="NEXT_BUTTON",o.BACK_BUTTON="BACK_BUTTON",o.SUBMIT_BUTTON="SUBMIT_BUTTON",o.DIVIDER="DIVIDER",o.TEXT="TEXT",o.EMAIL="EMAIL",o.PASSWORD="PASSWORD",o.NUMBER="NUMBER",o.PHONE="PHONE",o.DATE="DATE",o.CHECKBOX="CHECKBOX",o.RADIO="RADIO",o.SELECT="SELECT",o.HIDDEN="HIDDEN",o.LEGAL="LEGAL",o))(C||{}),T=(o=>(o.BLOCK="BLOCK",o.FIELD="FIELD",o))(T||{});const I=e.z.object({id:e.z.string(),category:e.z.nativeEnum(T),type:e.z.nativeEnum(C)}),J=I.extend({category:e.z.literal("BLOCK"),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}).passthrough()}),Z=I.extend({category:e.z.literal("BLOCK"),type:e.z.union([e.z.literal("NEXT_BUTTON"),e.z.literal("BACK_BUTTON"),e.z.literal("SUBMIT_BUTTON")]),config:e.z.object({text:e.z.string()}).passthrough()}),$=I.extend({category:e.z.literal("FIELD"),type:e.z.literal("LEGAL"),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({text:e.z.string()}).passthrough()}),ee=I.extend({category:e.z.literal("FIELD"),type:e.z.union([e.z.literal("TEXT"),e.z.literal("EMAIL"),e.z.literal("PASSWORD"),e.z.literal("NUMBER"),e.z.literal("PHONE"),e.z.literal("DATE"),e.z.literal("CHECKBOX"),e.z.literal("RADIO"),e.z.literal("SELECT"),e.z.literal("HIDDEN")]),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({label:e.z.string().optional(),placeholder:e.z.string().optional()}).passthrough()}),oe=e.z.object({id:e.z.string(),category:e.z.string(),type:e.z.string()}).passthrough(),te=e.z.union([J,Z,$,ee,oe]);var ne=(o=>(o.STEP="STEP",o.FLOW="FLOW",o.CONDITION="CONDITION",o.ACTION="ACTION",o))(ne||{});const ie=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({components:e.z.array(te),next_node:e.z.string()}).passthrough()}),ae=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({flow_id:e.z.string(),next_node:e.z.string()})}),re=e.z.object({id:e.z.string(),type:e.z.literal("ACTION"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({action_type:e.z.enum(["REDIRECT"]).openapi({description:"The type of action to perform"}),target:e.z.enum(["change-email","account","custom"]).openapi({description:"The predefined target to redirect to"}),custom_url:e.z.string().optional().openapi({description:"Custom URL when target is 'custom'"}),next_node:e.z.string().openapi({description:"The next node to navigate to after action (for non-redirect actions)"})}).passthrough()}),se=e.z.object({id:e.z.string(),type:e.z.string(),coordinates:d}).passthrough(),le=e.z.union([ie,ae,re,se]),ce=e.z.object({next_node:e.z.string(),coordinates:d}).passthrough(),pe=e.z.object({resume_flow:e.z.boolean().optional(),coordinates:d}).passthrough(),_e=e.z.object({id:e.z.string(),name:e.z.string(),languages:e.z.object({primary:e.z.string()}).passthrough(),nodes:e.z.array(le),start:ce,ending:pe,created_at:e.z.string(),updated_at:e.z.string(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).passthrough()}).passthrough(),ko=_e.omit({id:!0,created_at:!0,updated_at:!0});var O=(o=>(o.TOKEN="token",o.ID_TOKEN="id_token",o.TOKEN_ID_TOKEN="token id_token",o.CODE="code",o))(O||{}),N=(o=>(o.QUERY="query",o.FRAGMENT="fragment",o.FORM_POST="form_post",o.WEB_MESSAGE="web_message",o.SAML_POST="saml_post",o))(N||{}),R=(o=>(o.S256="S256",o.Plain="plain",o))(R||{});const de=e.z.object({client_id:e.z.string(),act_as:e.z.string().optional(),response_type:e.z.nativeEnum(O).optional(),response_mode:e.z.nativeEnum(N).optional(),redirect_uri:e.z.string().optional(),audience:e.z.string().optional(),organization:e.z.string().optional(),state:e.z.string().optional(),nonce:e.z.string().optional(),scope:e.z.string().optional(),prompt:e.z.string().optional(),code_challenge_method:e.z.nativeEnum(R).optional(),code_challenge:e.z.string().optional(),username:e.z.string().optional(),ui_locales:e.z.string().optional(),max_age:e.z.number().optional(),acr_values:e.z.string().optional(),vendor_id:e.z.string().optional()}),Uo=e.z.object({colors:e.z.object({primary:e.z.string(),page_background:e.z.object({type:e.z.string().optional(),start:e.z.string().optional(),end:e.z.string().optional(),angle_deg:e.z.number().optional()}).optional()}).optional(),logo_url:e.z.string().optional(),favicon_url:e.z.string().optional(),powered_by_logo_url:e.z.string().optional(),font:e.z.object({url:e.z.string()}).optional()}),ze=e.z.enum(["password_reset","email_verification","otp","authorization_code","oauth2_state","ticket"]),ge=e.z.object({code_id:e.z.string().openapi({description:"The code that will be used in for instance an email verification flow"}),login_id:e.z.string().openapi({description:"The id of the login session that the code is connected to"}),connection_id:e.z.string().optional().openapi({description:"The connection that the code is connected to"}),code_type:ze,code_verifier:e.z.string().optional().openapi({description:"The code verifier used in PKCE in outbound flows"}),code_challenge:e.z.string().optional().openapi({description:"The code challenge used in PKCE in outbound flows"}),code_challenge_method:e.z.enum(["plain","S256"]).optional().openapi({description:"The code challenge method used in PKCE in outbound flows"}),redirect_uri:e.z.string().optional().openapi({description:"The redirect URI associated with the code"}),nonce:e.z.string().optional().openapi({description:"The nonce value used for security in OIDC flows"}),state:e.z.string().optional().openapi({description:"The state parameter used for CSRF protection in OAuth flows"}),expires_at:e.z.string(),used_at:e.z.string().optional(),user_id:e.z.string().optional()}),Fo=e.z.object({...ge.shape,created_at:e.z.string()}),me=e.z.object({kid:e.z.string().optional(),team_id:e.z.string().optional(),realms:e.z.string().optional(),authentication_method:e.z.string().optional(),client_id:e.z.string().optional(),client_secret:e.z.string().optional(),app_secret:e.z.string().optional(),scope:e.z.string().optional(),authorization_endpoint:e.z.string().optional(),token_endpoint:e.z.string().optional(),userinfo_endpoint:e.z.string().optional(),jwks_uri:e.z.string().optional(),discovery_url:e.z.string().optional(),issuer:e.z.string().optional(),provider:e.z.string().optional(),from:e.z.string().optional(),twilio_sid:e.z.string().optional(),twilio_token:e.z.string().optional(),icon_url:e.z.string().optional(),passwordPolicy:e.z.enum(["none","low","fair","good","excellent"]).optional(),password_complexity_options:e.z.object({min_length:e.z.number().optional()}).optional(),password_history:e.z.object({enable:e.z.boolean().optional(),size:e.z.number().optional()}).optional(),password_no_personal_info:e.z.object({enable:e.z.boolean().optional()}).optional(),password_dictionary:e.z.object({enable:e.z.boolean().optional(),dictionary:e.z.array(e.z.string()).optional()}).optional(),disable_signup:e.z.boolean().optional(),brute_force_protection:e.z.boolean().optional(),import_mode:e.z.boolean().optional(),attributes:e.z.object({email:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional(),verification:e.z.object({active:e.z.boolean().optional()}).optional()}).optional(),validation:e.z.object({allowed:e.z.boolean().optional()}).optional(),unique:e.z.boolean().optional(),profile_required:e.z.boolean().optional(),verification_method:e.z.enum(["link","code"]).optional()}).optional(),username:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional()}).optional(),validation:e.z.object({max_length:e.z.number().optional(),min_length:e.z.number().optional(),allowed_types:e.z.object({email:e.z.boolean().optional(),phone_number:e.z.boolean().optional()}).optional()}).optional(),profile_required:e.z.boolean().optional()}).optional(),phone_number:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional()}).optional()}).optional()}).optional(),authentication_methods:e.z.object({password:e.z.object({enabled:e.z.boolean().optional()}).optional(),passkey:e.z.object({enabled:e.z.boolean().optional()}).optional()}).optional(),passkey_options:e.z.object({challenge_ui:e.z.enum(["both","autofill","button"]).optional(),local_enrollment_enabled:e.z.boolean().optional(),progressive_enrollment_enabled:e.z.boolean().optional()}).optional(),requires_username:e.z.boolean().optional(),validation:e.z.object({username:e.z.object({min:e.z.number().optional(),max:e.z.number().optional()}).optional()}).optional()}),ue=e.z.object({id:e.z.string().optional(),name:e.z.string(),display_name:e.z.string().optional(),strategy:e.z.string(),options:me.default({}),enabled_clients:e.z.array(e.z.string()).default([]).optional(),response_type:e.z.custom().optional(),response_mode:e.z.custom().optional(),is_domain_connection:e.z.boolean().optional(),show_as_button:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional(),is_system:e.z.boolean().optional()}),xo=e.z.object({id:e.z.string(),created_at:e.z.string().transform(o=>o===null?"":o),updated_at:e.z.string().transform(o=>o===null?"":o)}).extend(ue.shape),he=e.z.object({domain:e.z.string(),custom_domain_id:e.z.string().optional(),type:e.z.enum(["auth0_managed_certs","self_managed_certs"]),verification_method:e.z.enum(["txt"]).optional(),tls_policy:e.z.enum(["recommended"]).optional(),custom_client_ip_header:e.z.enum(["true-client-ip","cf-connecting-ip","x-forwarded-for","x-azure-clientip","null"]).optional(),domain_metadata:e.z.record(e.z.string().max(255)).optional()}),be=e.z.discriminatedUnion("name",[e.z.object({name:e.z.literal("txt"),record:e.z.string(),domain:e.z.string()}),e.z.object({name:e.z.literal("http"),http_body:e.z.string(),http_url:e.z.string()})]),fe=e.z.object({...he.shape,custom_domain_id:e.z.string(),primary:e.z.boolean(),status:e.z.enum(["disabled","pending","pending_verification","ready"]),origin_domain_name:e.z.string().optional(),verification:e.z.object({methods:e.z.array(be)}).optional(),tls_policy:e.z.string().optional()}),Po=fe.extend({tenant_id:e.z.string()}),w=e.z.object({id:e.z.string(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),l=w.extend({category:e.z.literal("BLOCK").optional()}),Mo=l.extend({type:e.z.literal("DIVIDER"),config:e.z.object({text:e.z.string().optional()}).optional()}),Ho=l.extend({type:e.z.literal("HTML"),config:e.z.object({content:e.z.string().optional()}).optional()}),Go=l.extend({type:e.z.literal("IMAGE"),config:e.z.object({src:e.z.string().optional(),alt:e.z.string().optional(),width:e.z.number().optional(),height:e.z.number().optional()}).optional()}),Bo=l.extend({type:e.z.literal("JUMP_BUTTON"),config:e.z.object({text:e.z.string().optional(),target_step:e.z.string().optional()})}),Wo=l.extend({type:e.z.literal("RESEND_BUTTON"),config:e.z.object({text:e.z.string().optional(),resend_action:e.z.string().optional()})}),Ko=l.extend({type:e.z.literal("NEXT_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),qo=l.extend({type:e.z.literal("PREVIOUS_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),Xo=l.extend({type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string().optional()}).optional()}),j=w.extend({category:e.z.literal("WIDGET").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Vo=j.extend({type:e.z.literal("AUTH0_VERIFIABLE_CREDENTIALS"),config:e.z.object({credential_type:e.z.string().optional()})}),Yo=j.extend({type:e.z.literal("GMAPS_ADDRESS"),config:e.z.object({api_key:e.z.string().optional()})}),Qo=j.extend({type:e.z.literal("RECAPTCHA"),config:e.z.object({site_key:e.z.string().optional()})}),t=w.extend({category:e.z.literal("FIELD").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),messages:e.z.array(e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])})).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Jo=t.extend({type:e.z.literal("BOOLEAN"),config:e.z.object({default_value:e.z.boolean().optional()}).optional()}),Zo=t.extend({type:e.z.literal("CARDS"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string(),description:e.z.string().optional(),image:e.z.string().optional()})).optional(),multi_select:e.z.boolean().optional()}).optional()}),$o=t.extend({type:e.z.literal("CHOICE"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),display:e.z.enum(["radio","checkbox"]).optional(),multiple:e.z.boolean().optional(),default_value:e.z.union([e.z.string(),e.z.array(e.z.string())]).optional()}).optional()}),et=t.extend({type:e.z.literal("CUSTOM"),config:e.z.object({component:e.z.string().optional(),props:e.z.record(e.z.any()).optional(),schema:e.z.record(e.z.any()).optional(),code:e.z.string().optional()})}),ot=t.extend({type:e.z.literal("DATE"),config:e.z.object({format:e.z.string().optional(),min:e.z.string().optional(),max:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),tt=t.extend({type:e.z.literal("DROPDOWN"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),placeholder:e.z.string().optional(),searchable:e.z.boolean().optional(),multiple:e.z.boolean().optional(),default_value:e.z.union([e.z.string(),e.z.array(e.z.string())]).optional()}).optional()}),nt=t.extend({type:e.z.literal("EMAIL"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),it=t.extend({type:e.z.literal("FILE"),config:e.z.object({accept:e.z.string().optional(),max_size:e.z.number().optional(),multiple:e.z.boolean().optional()}).optional()}),at=t.extend({type:e.z.literal("LEGAL"),config:e.z.object({text:e.z.string(),html:e.z.boolean().optional()}).optional()}),rt=t.extend({type:e.z.literal("NUMBER"),config:e.z.object({placeholder:e.z.string().optional(),min:e.z.number().optional(),max:e.z.number().optional(),step:e.z.number().optional(),default_value:e.z.string().optional()}).optional()}),st=t.extend({type:e.z.literal("PASSWORD"),config:e.z.object({placeholder:e.z.string().optional(),min_length:e.z.number().optional(),show_toggle:e.z.boolean().optional(),forgot_password_link:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),lt=t.extend({type:e.z.literal("PAYMENT"),config:e.z.object({provider:e.z.string().optional(),currency:e.z.string().optional()}).optional()}),ct=t.extend({type:e.z.literal("SOCIAL"),config:e.z.object({providers:e.z.array(e.z.string()).optional(),provider_details:e.z.array(e.z.object({name:e.z.string(),strategy:e.z.string().optional(),display_name:e.z.string().optional(),icon_url:e.z.string().optional()})).optional()}).optional()}),pt=t.extend({type:e.z.literal("TEL"),config:e.z.object({placeholder:e.z.string().optional(),default_country:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),_t=t.extend({type:e.z.literal("TEXT"),config:e.z.object({placeholder:e.z.string().optional(),multiline:e.z.boolean().optional(),max_length:e.z.number().optional(),default_value:e.z.string().optional()}).optional()}),dt=t.extend({type:e.z.literal("URL"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),Se=e.z.discriminatedUnion("type",[Mo,Ho,Go,Bo,Wo,Ko,qo,Xo]),Ee=e.z.discriminatedUnion("type",[Vo,Yo,Qo]),Ae=e.z.discriminatedUnion("type",[Jo,Zo,$o,et,ot,tt,nt,it,at,rt,st,lt,ct,pt,_t,dt]),L=e.z.union([Se,Ee,Ae]),zt=new Set(["BOOLEAN","CARDS","CHOICE","DATE","DROPDOWN","EMAIL","LEGAL","NUMBER","PASSWORD","TEL","TEXT","URL"]),gt=e.z.object({id:e.z.string(),type:e.z.literal("submit"),label:e.z.string(),className:e.z.string().optional(),disabled:e.z.boolean().optional().default(!1),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0),customizations:e.z.record(e.z.string(),e.z.any()).optional()}),b=e.z.object({x:e.z.number(),y:e.z.number()}),mt=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:b,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({flow_id:e.z.string().max(30),next_node:e.z.string().optional()})}),ut=e.z.object({id:e.z.string(),type:e.z.literal("ROUTER"),coordinates:b,alias:e.z.string().min(1).max(150),config:e.z.object({rules:e.z.array(e.z.object({id:e.z.string(),alias:e.z.string().min(1).max(150).optional(),condition:e.z.any(),next_node:e.z.string()})),fallback:e.z.string()})}),ht=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:b,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({components:e.z.array(L),next_node:e.z.string().optional()})}),Ie=e.z.discriminatedUnion("type",[mt,ut,ht]),ye=e.z.object({name:e.z.string().openapi({description:"The name of the form"}),messages:e.z.object({errors:e.z.record(e.z.string(),e.z.any()).optional(),custom:e.z.record(e.z.string(),e.z.any()).optional()}).optional(),languages:e.z.object({primary:e.z.string().optional(),default:e.z.string().optional()}).optional(),translations:e.z.record(e.z.string(),e.z.any()).optional(),nodes:e.z.array(Ie).optional(),start:e.z.object({hidden_fields:e.z.array(e.z.object({key:e.z.string(),value:e.z.string()})).optional(),next_node:e.z.string().optional(),coordinates:b.optional()}).optional(),ending:e.z.object({redirection:e.z.object({delay:e.z.number().optional(),target:e.z.string().optional()}).optional(),after_submit:e.z.object({flow_id:e.z.string().optional()}).optional(),coordinates:b.optional(),resume_flow:e.z.boolean().optional()}).optional(),style:e.z.object({css:e.z.string().optional()}).optional(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).optional()}).openapi({description:"Schema for flow-based forms (matches Auth0 Forms structure)"}),bt=e.z.object({...s.shape,...ye.shape,id:e.z.string()}),Ce=e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])}),Te=e.z.object({id:e.z.string().optional(),text:e.z.string(),href:e.z.string(),linkText:e.z.string().optional()}),ft=e.z.object({name:e.z.string().optional(),action:e.z.string(),method:e.z.enum(["POST","GET"]),title:e.z.string().optional(),description:e.z.string().optional(),components:e.z.array(L),messages:e.z.array(Ce).optional(),links:e.z.array(Te).optional(),footer:e.z.string().optional()});function St(o){return o.category==="BLOCK"}function Et(o){return o.category==="WIDGET"}function At(o){return o.category==="FIELD"}const Oe=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),Ne=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),Re=e.z.enum(["post-user-login","credentials-exchange"]),D=e.z.enum(["ensure-username","set-preferred-username"]),It={"ensure-username":{name:"Ensure Username",description:"Automatically assigns a username to users who sign in without one. Creates a linked username account for social/email users.",trigger_id:"post-user-login"},"set-preferred-username":{name:"Set Preferred Username",description:"Sets the preferred_username claim on tokens based on the username from the primary or linked user.",trigger_id:"credentials-exchange"}},m={enabled:e.z.boolean().default(!1),synchronous:e.z.boolean().default(!1),priority:e.z.number().optional(),hook_id:e.z.string().optional()},yt=e.z.object({...m,trigger_id:Oe,url:e.z.string()}),Ct=e.z.object({...m,trigger_id:Ne,form_id:e.z.string()}),Tt=e.z.object({...m,trigger_id:Re,template_id:D}),Ot=e.z.union([yt,Ct,Tt]),Nt=e.z.object({...m,trigger_id:Oe,...s.shape,hook_id:e.z.string(),url:e.z.string()}),Rt=e.z.object({...m,trigger_id:Ne,...s.shape,hook_id:e.z.string(),form_id:e.z.string()}),wt=e.z.object({...m,trigger_id:Re,...s.shape,hook_id:e.z.string(),template_id:D}),jt=e.z.union([Nt,Rt,wt]),we=e.z.object({name:e.z.string().optional()}),je=e.z.object({email:e.z.string().optional()}),Le=e.z.object({organization_id:e.z.string().max(50),inviter:we,invitee:je,invitation_url:e.z.string().url(),client_id:e.z.string(),connection_id:e.z.string().optional(),app_metadata:e.z.record(e.z.any()).default({}).optional(),user_metadata:e.z.record(e.z.any()).default({}).optional(),ttl_sec:e.z.number().int().max(2592e3).default(604800).optional(),roles:e.z.array(e.z.string()).default([]).optional(),send_invitation_email:e.z.boolean().default(!0).optional()}),Lt=e.z.object({id:e.z.string(),organization_id:e.z.string().max(50),created_at:e.z.string().datetime(),expires_at:e.z.string().datetime(),ticket_id:e.z.string().optional()}).extend(Le.shape),De=e.z.object({alg:e.z.enum(["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512"]),e:e.z.string(),kid:e.z.string(),kty:e.z.enum(["RSA","EC","oct"]),n:e.z.string(),x5t:e.z.string().optional(),x5c:e.z.array(e.z.string()).optional(),use:e.z.enum(["sig","enc"]).optional()}),Dt=e.z.object({keys:e.z.array(De)}),vt=e.z.object({issuer:e.z.string(),authorization_endpoint:e.z.string(),token_endpoint:e.z.string(),device_authorization_endpoint:e.z.string(),userinfo_endpoint:e.z.string(),mfa_challenge_endpoint:e.z.string(),jwks_uri:e.z.string(),registration_endpoint:e.z.string(),revocation_endpoint:e.z.string(),scopes_supported:e.z.array(e.z.string()),response_types_supported:e.z.array(e.z.string()),code_challenge_methods_supported:e.z.array(e.z.string()),response_modes_supported:e.z.array(e.z.string()),subject_types_supported:e.z.array(e.z.string()),id_token_signing_alg_values_supported:e.z.array(e.z.string()),token_endpoint_auth_methods_supported:e.z.array(e.z.string()),claims_supported:e.z.array(e.z.string()),request_uri_parameter_supported:e.z.boolean(),request_parameter_supported:e.z.boolean(),token_endpoint_auth_signing_alg_values_supported:e.z.array(e.z.string())});var v=(o=>(o.PENDING="pending",o.AUTHENTICATED="authenticated",o.AWAITING_EMAIL_VERIFICATION="awaiting_email_verification",o.AWAITING_HOOK="awaiting_hook",o.AWAITING_CONTINUATION="awaiting_continuation",o.COMPLETED="completed",o.FAILED="failed",o.EXPIRED="expired",o))(v||{});const ve=e.z.nativeEnum(v),ke=e.z.object({csrf_token:e.z.string(),auth0Client:e.z.string().optional(),authParams:de,expires_at:e.z.string(),deleted_at:e.z.string().optional(),ip:e.z.string().optional(),useragent:e.z.string().optional(),session_id:e.z.string().optional(),authorization_url:e.z.string().optional(),state:ve.optional().default("pending"),state_data:e.z.string().optional(),failure_reason:e.z.string().optional(),user_id:e.z.string().optional()}).openapi({description:"This represents a login sesion"}),kt=e.z.object({...ke.shape,id:e.z.string().openapi({description:"This is is used as the state in the universal login"}),created_at:e.z.string(),updated_at:e.z.string()}),Ue={ACLS_SUMMARY:"acls_summary",ACTIONS_EXECUTION_FAILED:"actions_execution_failed",API_LIMIT:"api_limit",API_LIMIT_WARNING:"api_limit_warning",APPI:"appi",CIBA_EXCHANGE_FAILED:"ciba_exchange_failed",CIBA_EXCHANGE_SUCCEEDED:"ciba_exchange_succeeded",CIBA_START_FAILED:"ciba_start_failed",CIBA_START_SUCCEEDED:"ciba_start_succeeded",CODE_LINK_SENT:"cls",CODE_SENT:"cs",DEPRECATION_NOTICE:"depnote",FAILED_LOGIN:"f",FAILED_BY_CONNECTOR:"fc",FAILED_CHANGE_EMAIL:"fce",FAILED_BY_CORS:"fco",FAILED_CROSS_ORIGIN_AUTHENTICATION:"fcoa",FAILED_CHANGE_PASSWORD:"fcp",FAILED_POST_CHANGE_PASSWORD_HOOK:"fcph",FAILED_CHANGE_PHONE_NUMBER:"fcpn",FAILED_CHANGE_PASSWORD_REQUEST:"fcpr",FAILED_CONNECTOR_PROVISIONING:"fcpro",FAILED_CHANGE_USERNAME:"fcu",FAILED_DELEGATION:"fd",FAILED_DEVICE_ACTIVATION:"fdeac",FAILED_DEVICE_AUTHORIZATION_REQUEST:"fdeaz",USER_CANCELED_DEVICE_CONFIRMATION:"fdecc",FAILED_USER_DELETION:"fdu",FAILED_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"feacft",FAILED_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"feccft",FAILED_EXCHANGE_CUSTOM_TOKEN:"fecte",FAILED_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"fede",FAILED_FEDERATED_LOGOUT:"federated_logout_failed",FAILED_EXCHANGE_NATIVE_SOCIAL_LOGIN:"fens",FAILED_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"feoobft",FAILED_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"feotpft",FAILED_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"fepft",FAILED_EXCHANGE_PASSWORDLESS_OTP_FOR_ACCESS_TOKEN:"fepotpft",FAILED_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"fercft",FAILED_EXCHANGE_ROTATING_REFRESH_TOKEN:"ferrt",FAILED_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"fertft",FAILED_HOOK:"fh",FAILED_IMPERSONATION:"fimp",FAILED_INVITE_ACCEPT:"fi",FAILED_LOGOUT:"flo",FLOWS_EXECUTION_COMPLETED:"flows_execution_completed",FLOWS_EXECUTION_FAILED:"flows_execution_failed",FAILED_SENDING_NOTIFICATION:"fn",FORMS_SUBMISSION_FAILED:"forms_submission_failed",FORMS_SUBMISSION_SUCCEEDED:"forms_submission_succeeded",FAILED_LOGIN_INCORRECT_PASSWORD:"fp",FAILED_PUSHED_AUTHORIZATION_REQUEST:"fpar",FAILED_POST_USER_REGISTRATION_HOOK:"fpurh",FAILED_SIGNUP:"fs",FAILED_SILENT_AUTH:"fsa",FAILED_LOGIN_INVALID_EMAIL_USERNAME:"fu",FAILED_USERS_IMPORT:"fui",FAILED_VERIFICATION_EMAIL:"fv",FAILED_VERIFICATION_EMAIL_REQUEST:"fvr",EMAIL_VERIFICATION_CONFIRMED:"gd_auth_email_verification",EMAIL_VERIFICATION_FAILED:"gd_auth_fail_email_verification",MFA_AUTH_FAILED:"gd_auth_failed",MFA_AUTH_REJECTED:"gd_auth_rejected",MFA_AUTH_SUCCESS:"gd_auth_succeed",MFA_ENROLLMENT_COMPLETE:"gd_enrollment_complete",TOO_MANY_MFA_FAILURES:"gd_otp_rate_limit_exceed",MFA_RECOVERY_FAILED:"gd_recovery_failed",MFA_RECOVERY_RATE_LIMIT_EXCEED:"gd_recovery_rate_limit_exceed",MFA_RECOVERY_SUCCESS:"gd_recovery_succeed",MFA_EMAIL_SENT:"gd_send_email",EMAIL_VERIFICATION_SENT:"gd_send_email_verification",EMAIL_VERIFICATION_SEND_FAILURE:"gd_send_email_verification_failure",PUSH_NOTIFICATION_SENT:"gd_send_pn",ERROR_SENDING_MFA_PUSH_NOTIFICATION:"gd_send_pn_failure",MFA_SMS_SENT:"gd_send_sms",ERROR_SENDING_MFA_SMS:"gd_send_sms_failure",MFA_VOICE_CALL_SUCCESS:"gd_send_voice",MFA_VOICE_CALL_FAILED:"gd_send_voice_failure",SECOND_FACTOR_STARTED:"gd_start_auth",MFA_ENROLL_STARTED:"gd_start_enroll",MFA_ENROLLMENT_FAILED:"gd_start_enroll_failed",GUARDIAN_TENANT_UPDATE:"gd_tenant_update",UNENROLL_DEVICE_ACCOUNT:"gd_unenroll",UPDATE_DEVICE_ACCOUNT:"gd_update_device_account",WEBAUTHN_CHALLENGE_FAILED:"gd_webauthn_challenge_failed",WEBAUTHN_ENROLLMENT_FAILED:"gd_webauthn_enrollment_failed",FAILED_KMS_API_OPERATION:"kms_key_management_failure",SUCCESS_KMS_API_OPERATION:"kms_key_management_success",KMS_KEY_STATE_CHANGED:"kms_key_state_changed",TOO_MANY_CALLS_TO_DELEGATION:"limit_delegation",BLOCKED_IP_ADDRESS:"limit_mu",BLOCKED_ACCOUNT_IP:"limit_sul",BLOCKED_ACCOUNT_EMAIL:"limit_wc",MFA_REQUIRED:"mfar",MANAGEMENT_API_READ_OPERATION:"mgmt_api_read",FAILED_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_failed",SUCCESSFUL_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_succeeded",FAILED_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_failed",SUCCESSFUL_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_succeeded",ORGANIZATION_MEMBER_ADDED:"organization_member_added",PASSKEY_CHALLENGE_FAILED:"passkey_challenge_failed",PASSKEY_CHALLENGE_STARTED:"passkey_challenge_started",PRE_LOGIN_ASSESSMENT:"pla",BREACHED_PASSWORD:"pwd_leak",BREACHED_PASSWORD_ON_RESET:"reset_pwd_leak",SUCCESS_RESOURCE_CLEANUP:"resource_cleanup",RICH_CONSENTS_ACCESS_ERROR:"rich_consents_access_error",SUCCESS_LOGIN:"s",SUCCESS_API_OPERATION:"sapi",SUCCESS_CHANGE_EMAIL:"sce",SUCCESS_CROSS_ORIGIN_AUTHENTICATION:"scoa",SUCCESS_CHANGE_PASSWORD:"scp",SUCCESS_CHANGE_PHONE_NUMBER:"scpn",SUCCESS_CHANGE_PASSWORD_REQUEST:"scpr",SUCCESS_CHANGE_USERNAME:"scu",SUCCESS_CREDENTIAL_VALIDATION:"scv",SUCCESS_DELEGATION:"sd",SUCCESS_USER_DELETION:"sdu",SUCCESS_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"seacft",SUCCESS_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"seccft",SUCCESS_EXCHANGE_CUSTOM_TOKEN:"secte",SUCCESS_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"sede",SUCCESS_EXCHANGE_NATIVE_SOCIAL_LOGIN:"sens",SUCCESS_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"seoobft",SUCCESS_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"seotpft",SUCCESS_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"sepft",SUCCESS_EXCHANGE_PASSKEY_OOB_FOR_ACCESS_TOKEN:"sepkoobft",SUCCESS_EXCHANGE_PASSKEY_OTP_FOR_ACCESS_TOKEN:"sepkotpft",SUCCESS_EXCHANGE_PASSKEY_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sepkrcft",SUCCESS_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sercft",SUCCESS_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"sertft",SUCCESS_IMPERSONATION:"simp",SUCCESSFULLY_ACCEPTED_USER_INVITE:"si",BREACHED_PASSWORD_ON_SIGNUP:"signup_pwd_leak",SUCCESS_LOGOUT:"slo",SUCCESS_REVOCATION:"srrt",SUCCESS_SIGNUP:"ss",FAILED_SS_SSO_OPERATION:"ss_sso_failure",INFORMATION_FROM_SS_SSO_OPERATION:"ss_sso_info",SUCCESS_SS_SSO_OPERATION:"ss_sso_success",SUCCESS_SILENT_AUTH:"ssa",SUCCESSFUL_SCIM_OPERATION:"sscim",SUCCESSFULLY_IMPORTED_USERS:"sui",SUCCESS_VERIFICATION_EMAIL:"sv",SUCCESS_VERIFICATION_EMAIL_REQUEST:"svr",MAX_AMOUNT_OF_AUTHENTICATORS:"too_many_records",USER_LOGIN_BLOCK_RELEASED:"ublkdu",FAILED_UNIVERSAL_LOGOUT:"universal_logout_failed",SUCCESSFUL_UNIVERSAL_LOGOUT:"universal_logout_succeeded",WARNING_DURING_LOGIN:"w",WARNING_SENDING_NOTIFICATION:"wn",WARNING_USER_MANAGEMENT:"wum"},Ut=e.z.string().refine(o=>Object.values(Ue).includes(o),{message:"Invalid log type"}),Fe=e.z.object({name:e.z.string(),version:e.z.string(),env:e.z.object({node:e.z.string().optional()}).optional()}),xe=e.z.object({country_code:e.z.string().length(2),city_name:e.z.string(),latitude:e.z.string(),longitude:e.z.string(),time_zone:e.z.string(),continent_code:e.z.string()}),Pe=e.z.object({type:Ut,date:e.z.string(),description:e.z.string().optional(),ip:e.z.string().optional(),user_agent:e.z.string().optional(),details:e.z.any().optional(),isMobile:e.z.boolean(),user_id:e.z.string().optional(),user_name:e.z.string().optional(),connection:e.z.string().optional(),connection_id:e.z.string().optional(),client_id:e.z.string().optional(),client_name:e.z.string().optional(),audience:e.z.string().optional(),scope:e.z.string().optional(),strategy:e.z.string().optional(),strategy_type:e.z.string().optional(),hostname:e.z.string().optional(),auth0_client:Fe.optional(),log_id:e.z.string().optional(),location_info:xe.optional()}),Ft=e.z.object({...Pe.shape,log_id:e.z.string()}),Me=e.z.object({id:e.z.string().optional(),user_id:e.z.string(),password:e.z.string(),algorithm:e.z.enum(["bcrypt","argon2id"]).default("argon2id"),is_current:e.z.boolean().default(!0)}),xt=Me.extend({id:e.z.string(),created_at:e.z.string(),updated_at:e.z.string()}),He=e.z.object({initial_user_agent:e.z.string().describe("First user agent of the device from which this user logged in"),initial_ip:e.z.string().describe("First IP address associated with this session"),initial_asn:e.z.string().describe("First autonomous system number associated with this session"),last_user_agent:e.z.string().describe("Last user agent of the device from which this user logged in"),last_ip:e.z.string().describe("Last IP address from which this user logged in"),last_asn:e.z.string().describe("Last autonomous system number from which this user logged in")}),Ge=e.z.object({id:e.z.string(),revoked_at:e.z.string().optional(),used_at:e.z.string().optional(),user_id:e.z.string().describe("The user ID associated with the session"),expires_at:e.z.string().optional(),login_session_id:e.z.string(),idle_expires_at:e.z.string().optional(),device:He.describe("Metadata related to the device used in the session"),clients:e.z.array(e.z.string()).describe("List of client details for the session")}),Pt=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),authenticated_at:e.z.string(),last_interaction_at:e.z.string(),...Ge.shape}),Mt=e.z.object({kid:e.z.string().openapi({description:"The key id of the signing key"}),cert:e.z.string().openapi({description:"The public certificate of the signing key"}),fingerprint:e.z.string().openapi({description:"The cert fingerprint"}),thumbprint:e.z.string().openapi({description:"The cert thumbprint"}),pkcs7:e.z.string().optional().openapi({description:"The private key in pkcs7 format"}),current:e.z.boolean().optional().openapi({description:"True if the key is the current key"}),next:e.z.boolean().optional().openapi({description:"True if the key is the next key"}),previous:e.z.boolean().optional().openapi({description:"True if the key is the previous key"}),current_since:e.z.string().optional().openapi({description:"The date and time when the key became the current key"}),current_until:e.z.string().optional().openapi({description:"The date and time when the current key was rotated"}),revoked:e.z.boolean().optional().openapi({description:"True if the key is revoked"}),revoked_at:e.z.string().optional().openapi({description:"The date and time when the key was revoked"}),connection:e.z.string().optional().openapi({description:"The connection identifier associated with the key"}),type:e.z.enum(["jwt_signing","saml_encryption"]).openapi({description:"The type of the signing key"})}),Be=e.z.object({id:e.z.string().optional(),audience:e.z.string(),friendly_name:e.z.string(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sender_email:e.z.string().email(),sender_name:e.z.string(),session_lifetime:e.z.number().optional(),idle_session_lifetime:e.z.number().optional(),ephemeral_session_lifetime:e.z.number().optional(),idle_ephemeral_session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),allowed_logout_urls:e.z.array(e.z.string()).optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_changing_enable_sso:e.z.boolean().optional(),allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),change_pwd_flow_v1:e.z.boolean().optional(),custom_domains_provisioning:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),disable_impersonation:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),enable_sso:e.z.boolean().optional(),enforce_client_authentication_on_passwordless_start:e.z.boolean().optional(),genai_trial:e.z.boolean().optional(),improved_signup_bot_detection_in_classic:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional(),no_disclose_enterprise_connections:e.z.boolean().optional(),remove_alg_from_jwks:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),trust_azure_adfs_email_verified_connection_property:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),inherit_global_permissions_in_organizations:e.z.boolean().optional()}).optional(),sandbox_version:e.z.string().optional(),legacy_sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),device_flow:e.z.object({charset:e.z.enum(["base20","digits"]).optional(),mask:e.z.string().max(20).optional()}).optional(),default_token_quota:e.z.object({clients:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional(),organizations:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),oidc_logout:e.z.object({rp_logout_end_session_endpoint_discovery:e.z.boolean().optional()}).optional(),allow_organization_name_in_authentication_api:e.z.boolean().optional(),customize_mfa_in_postlogin_action:e.z.boolean().optional(),acr_values_supported:e.z.array(e.z.string()).optional(),mtls:e.z.object({enable_endpoint_aliases:e.z.boolean().optional()}).optional(),pushed_authorization_requests_supported:e.z.boolean().optional(),authorization_response_iss_parameter_supported:e.z.boolean().optional(),mfa:e.z.object({factors:e.z.object({sms:e.z.boolean().default(!1),otp:e.z.boolean().default(!1),email:e.z.boolean().default(!1),push_notification:e.z.boolean().default(!1),webauthn_roaming:e.z.boolean().default(!1),webauthn_platform:e.z.boolean().default(!1),recovery_code:e.z.boolean().default(!1),duo:e.z.boolean().default(!1)}).optional(),sms_provider:e.z.object({provider:e.z.enum(["twilio","vonage","aws_sns","phone_message_hook"]).optional()}).optional(),twilio:e.z.object({sid:e.z.string().optional(),auth_token:e.z.string().optional(),from:e.z.string().optional(),messaging_service_sid:e.z.string().optional()}).optional(),phone_message:e.z.object({message:e.z.string().optional()}).optional()}).optional()}),Ht=e.z.object({created_at:e.z.string().nullable().transform(o=>o??""),updated_at:e.z.string().nullable().transform(o=>o??""),...Be.shape,id:e.z.string()});var We=(o=>(o.RefreshToken="refresh_token",o.AuthorizationCode="authorization_code",o.ClientCredential="client_credentials",o.Passwordless="passwordless",o.Password="password",o.OTP="http://auth0.com/oauth/grant-type/passwordless/otp",o))(We||{});const Gt=e.z.object({access_token:e.z.string(),id_token:e.z.string().optional(),scope:e.z.string().optional(),state:e.z.string().optional(),refresh_token:e.z.string().optional(),token_type:e.z.string(),expires_in:e.z.number()});e.z.object({code:e.z.string(),state:e.z.string().optional()});const Ke=e.z.object({button_border_radius:e.z.number(),button_border_weight:e.z.number(),buttons_style:e.z.enum(["pill","rounded","sharp"]),input_border_radius:e.z.number(),input_border_weight:e.z.number(),inputs_style:e.z.enum(["pill","rounded","sharp"]),show_widget_shadow:e.z.boolean(),widget_border_weight:e.z.number(),widget_corner_radius:e.z.number()}),qe=e.z.object({base_focus_color:e.z.string(),base_hover_color:e.z.string(),body_text:e.z.string(),captcha_widget_theme:e.z.enum(["auto","dark","light"]),error:e.z.string(),header:e.z.string(),icons:e.z.string(),input_background:e.z.string(),input_border:e.z.string(),input_filled_text:e.z.string(),input_labels_placeholders:e.z.string(),links_focused_components:e.z.string(),primary_button:e.z.string(),primary_button_label:e.z.string(),secondary_button_border:e.z.string(),secondary_button_label:e.z.string(),success:e.z.string(),widget_background:e.z.string(),widget_border:e.z.string()}),_=e.z.object({bold:e.z.boolean(),size:e.z.number()}),Xe=e.z.object({body_text:_,buttons_text:_,font_url:e.z.string(),input_labels:_,links:_,links_style:e.z.enum(["normal","underlined"]),reference_text_size:e.z.number(),subtitle:_,title:_}),Ve=e.z.object({background_color:e.z.string(),background_image_url:e.z.string(),page_layout:e.z.enum(["center","left","right"])}),Ye=e.z.object({header_text_alignment:e.z.enum(["center","left","right"]),logo_height:e.z.number(),logo_position:e.z.enum(["center","left","none","right"]),logo_url:e.z.string(),social_buttons_layout:e.z.enum(["bottom","top"])}),Qe=e.z.object({borders:Ke,colors:qe,displayName:e.z.string(),fonts:Xe,page_background:Ve,widget:Ye}),Bt=Qe.extend({themeId:e.z.string()}),Wt=e.z.object({universal_login_experience:e.z.enum(["new","classic"]).default("new"),identifier_first:e.z.boolean().default(!0),password_first:e.z.boolean().default(!1),webauthn_platform_first_factor:e.z.boolean()}),Kt=e.z.object({name:e.z.string(),enabled:e.z.boolean().optional().default(!0),default_from_address:e.z.string().optional(),credentials:e.z.union([e.z.object({accessKeyId:e.z.string(),secretAccessKey:e.z.string(),region:e.z.string()}),e.z.object({smtp_host:e.z.array(e.z.string()),smtp_port:e.z.number(),smtp_user:e.z.string(),smtp_pass:e.z.string()}),e.z.object({api_key:e.z.string(),domain:e.z.string().optional()}),e.z.object({connectionString:e.z.string()}),e.z.object({tenantId:e.z.string(),clientId:e.z.string(),clientSecret:e.z.string()})]),settings:e.z.object({}).optional()}),Je=e.z.object({id:e.z.string(),login_id:e.z.string(),user_id:e.z.string(),client_id:e.z.string(),expires_at:e.z.string().optional(),idle_expires_at:e.z.string().optional(),last_exchanged_at:e.z.string().optional(),device:He,resource_servers:e.z.array(e.z.object({audience:e.z.string(),scopes:e.z.string()})),rotating:e.z.boolean()}),qt=e.z.object({created_at:e.z.string(),...Je.shape}),Xt=e.z.object({to:e.z.string(),message:e.z.string()}),Vt=e.z.object({name:e.z.string(),options:e.z.object({})}),Ze=e.z.object({value:e.z.string(),description:e.z.string().optional()}),$e=e.z.object({token_dialect:e.z.enum(["access_token","access_token_authz"]).optional(),enforce_policies:e.z.boolean().optional(),allow_skipping_userinfo:e.z.boolean().optional(),skip_userinfo:e.z.boolean().optional(),persist_client_authorization:e.z.boolean().optional(),enable_introspection_endpoint:e.z.boolean().optional(),mtls:e.z.object({bound_access_tokens:e.z.boolean().optional()}).optional()}),eo=e.z.object({id:e.z.string().optional(),name:e.z.string(),identifier:e.z.string(),scopes:e.z.array(Ze).optional(),signing_alg:e.z.string().optional(),signing_secret:e.z.string().optional(),token_lifetime:e.z.number().optional(),token_lifetime_for_web:e.z.number().optional(),skip_consent_for_verifiable_first_party_clients:e.z.boolean().optional(),allow_offline_access:e.z.boolean().optional(),verificationKey:e.z.string().optional(),options:$e.optional(),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional()}),oo=e.z.object({...eo.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),Yt=e.z.array(oo),to=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string()}),no=e.z.object({...to.shape,created_at:e.z.string()}),Qt=e.z.array(no),io=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string(),organization_id:e.z.string().optional()}),ao=e.z.object({...io.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),Jt=e.z.array(ao),ro=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional(),organization_id:e.z.string().optional()}),Zt=e.z.array(ro),so=e.z.object({user_id:e.z.string(),role_id:e.z.string(),organization_id:e.z.string().optional()}),lo=e.z.object({...so.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),$t=e.z.array(lo),co=e.z.object({id:e.z.string().optional().openapi({description:"The unique identifier of the role. If not provided, one will be generated."}),name:e.z.string().min(1).max(50).openapi({description:"The name of the role. Cannot include '<' or '>'"}),description:e.z.string().max(255).optional().openapi({description:"The description of the role"}),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional().openapi({description:"Metadata associated with the role. Can be used to control sync behavior in multi-tenancy scenarios."})}),po=co.extend({id:e.z.string().openapi({description:"The unique identifier of the role"}),created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),en=e.z.array(po),_o=e.z.object({logo_url:e.z.string().optional().openapi({description:"URL of the organization's logo"}),colors:e.z.object({primary:e.z.string().optional().openapi({description:"Primary color in hex format (e.g., #FF0000)"}),page_background:e.z.string().optional().openapi({description:"Page background color in hex format (e.g., #FFFFFF)"})}).optional()}).optional(),zo=e.z.object({connection_id:e.z.string().openapi({description:"ID of the connection"}),assign_membership_on_login:e.z.boolean().default(!1).openapi({description:"Whether to assign membership to the organization on login"}),show_as_button:e.z.boolean().default(!0).openapi({description:"Whether to show this connection as a button in the login screen"}),is_signup_enabled:e.z.boolean().default(!0).openapi({description:"Whether signup is enabled for this connection"})}),go=e.z.object({client_credentials:e.z.object({enforce:e.z.boolean().default(!1).openapi({description:"Whether to enforce token quota limits"}),per_day:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per day (0 = unlimited)"}),per_hour:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per hour (0 = unlimited)"})}).optional()}).optional(),mo=e.z.object({id:e.z.string().optional(),name:e.z.string().min(1).regex(/^[a-z0-9_-]+$/,{message:"Organization name must be lowercase and can only contain letters, numbers, hyphens, and underscores"}).openapi({description:"The name of the organization. Must be lowercase and can only contain letters, numbers, hyphens, and underscores."}),display_name:e.z.string().optional().openapi({description:"The display name of the organization"}),branding:_o,metadata:e.z.record(e.z.any()).default({}).optional().openapi({description:"Custom metadata for the organization"}),enabled_connections:e.z.array(zo).default([]).optional().openapi({description:"List of enabled connections for the organization"}),token_quota:go}),on=e.z.object({...mo.shape,...s.shape,id:e.z.string(),name:e.z.string().min(1).openapi({description:"The name of the organization"})}),uo=e.z.object({user_id:e.z.string().openapi({description:"ID of the user"}),organization_id:e.z.string().openapi({description:"ID of the organization"})}),tn=e.z.object({...uo.shape,...s.shape,id:e.z.string()}),nn=e.z.object({idle_session_lifetime:e.z.number().optional(),session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),enable_client_connections:e.z.boolean().optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional()}).optional(),friendly_name:e.z.string().optional(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),mfa:e.z.object({factors:e.z.object({sms:e.z.boolean().default(!1),otp:e.z.boolean().default(!1),email:e.z.boolean().default(!1),push_notification:e.z.boolean().default(!1),webauthn_roaming:e.z.boolean().default(!1),webauthn_platform:e.z.boolean().default(!1),recovery_code:e.z.boolean().default(!1),duo:e.z.boolean().default(!1)}).optional(),sms_provider:e.z.object({provider:e.z.enum(["twilio","vonage","aws_sns","phone_message_hook"]).optional()}).optional(),twilio:e.z.object({sid:e.z.string().optional(),auth_token:e.z.string().optional(),from:e.z.string().optional(),messaging_service_sid:e.z.string().optional()}).optional(),phone_message:e.z.object({message:e.z.string().optional()}).optional()}).optional()}),an=e.z.object({date:e.z.string().openapi({description:"Date these events occurred in ISO 8601 format",example:"2025-12-19"}),logins:e.z.number().openapi({description:"Number of logins on this date",example:150}),signups:e.z.number().openapi({description:"Number of signups on this date",example:25}),leaked_passwords:e.z.number().openapi({description:"Number of breached-password detections on this date (subscription required)",example:0}),updated_at:e.z.string().openapi({description:"Date and time this stats entry was last updated in ISO 8601 format",example:"2025-12-19T10:30:00.000Z"}),created_at:e.z.string().openapi({description:"Approximate date and time the first event occurred in ISO 8601 format",example:"2025-12-19T00:00:00.000Z"})}),rn=e.z.number().openapi({description:"Number of active users in the last 30 days",example:1234}),ho=e.z.enum(["login","login-id","login-password","signup","signup-id","signup-password","reset-password","consent","mfa","mfa-push","mfa-otp","mfa-voice","mfa-phone","mfa-webauthn","mfa-sms","mfa-email","mfa-recovery-code","status","device-flow","email-verification","email-otp-challenge","organizations","invitation","common","passkeys","captcha","custom-form"]),bo=e.z.record(e.z.string(),e.z.record(e.z.string(),e.z.string())).openapi({type:"object",additionalProperties:{type:"object",additionalProperties:{type:"string"}}}),sn=e.z.object({prompt:ho,language:e.z.string(),custom_text:bo});function ln(o){const[n,i]=o.split("|");if(!n||!i)throw new Error(`Invalid user_id: ${o}`);return{connection:n,id:i}}function cn(o){const{primary:n,secondaries:i,syncMethods:k=["create","update","remove","delete","set"]}=o,f={get(c,a){if(typeof a=="symbol")return c[a];const p=c[a];return typeof p!="function"?p:k.includes(a)?async(...z)=>{const S=await p.apply(c,z),g=[];for(const r of i){const u=r.adapter[a];if(typeof u!="function")continue;const E=(async()=>{try{await u.apply(r.adapter,z)}catch(h){try{r.onError?r.onError(h,a,z):console.error(`Passthrough adapter: secondary write failed for ${a}:`,h)}catch(A){console.error(`Passthrough adapter: onError handler threw for ${a}:`,A)}}})();r.blocking&&g.push(E)}return g.length>0&&await Promise.all(g),S}:p.bind(c)}};return new Proxy(n,f)}function pn(o){return o}function _n(o){var f,c,a,p,z,S,g,r,u,E,h,A;const n=o==null?void 0:o.options;if(!n)return{usernameIdentifierActive:!1,emailIdentifierActive:!0,usernameMinLength:1,usernameMaxLength:15};const i=n.attributes;if(i){const fo=((c=(f=i.username)==null?void 0:f.identifier)==null?void 0:c.active)===!0,So=((p=(a=i.email)==null?void 0:a.identifier)==null?void 0:p.active)!==!1,Eo=((S=(z=i.username)==null?void 0:z.validation)==null?void 0:S.min_length)??1,Ao=((r=(g=i.username)==null?void 0:g.validation)==null?void 0:r.max_length)??15;return{usernameIdentifierActive:fo,emailIdentifierActive:So,usernameMinLength:Eo,usernameMaxLength:Ao}}return{usernameIdentifierActive:n.requires_username===!0,emailIdentifierActive:!0,usernameMinLength:((E=(u=n.validation)==null?void 0:u.username)==null?void 0:E.min)??1,usernameMaxLength:((A=(h=n.validation)==null?void 0:h.username)==null?void 0:A.max)??15}}exports.Auth0ActionEnum=yo;exports.Auth0Client=Fe;exports.AuthorizationResponseMode=N;exports.AuthorizationResponseType=O;exports.CodeChallengeMethod=R;exports.ComponentCategory=T;exports.ComponentType=C;exports.EmailActionEnum=Co;exports.FORM_FIELD_TYPES=zt;exports.FlowActionTypeEnum=Io;exports.GrantType=We;exports.LocationInfo=xe;exports.LogTypes=Ue;exports.LoginSessionState=v;exports.NodeType=ne;exports.RedirectTargetEnum=P;exports.actionNodeSchema=re;exports.activeUsersResponseSchema=rn;exports.addressSchema=K;exports.auth0FlowInsertSchema=ko;exports.auth0FlowSchema=_e;exports.auth0QuerySchema=Oo;exports.auth0UpdateUserActionSchema=F;exports.auth0UserResponseSchema=Ro;exports.authParamsSchema=de;exports.baseUserSchema=y;exports.blockComponentSchema=Se;exports.bordersSchema=Ke;exports.brandingSchema=Uo;exports.buttonComponentSchema=Z;exports.clientGrantInsertSchema=Y;exports.clientGrantListSchema=vo;exports.clientGrantSchema=Q;exports.clientInsertSchema=V;exports.clientSchema=Do;exports.codeInsertSchema=ge;exports.codeSchema=Fo;exports.codeTypeSchema=ze;exports.colorsSchema=qe;exports.componentMessageSchema=Ce;exports.componentSchema=te;exports.connectionInsertSchema=ue;exports.connectionOptionsSchema=me;exports.connectionSchema=xo;exports.coordinatesSchema=d;exports.createPassthroughAdapter=cn;exports.createWriteOnlyAdapter=pn;exports.customDomainInsertSchema=he;exports.customDomainSchema=fe;exports.customDomainWithTenantIdSchema=Po;exports.customTextEntrySchema=sn;exports.customTextSchema=bo;exports.dailyStatsSchema=an;exports.emailProviderSchema=Kt;exports.emailVerificationRulesSchema=U;exports.emailVerifyActionSchema=x;exports.endingSchema=pe;exports.fieldComponentSchema=Ae;exports.flowActionStepSchema=H;exports.flowInsertSchema=G;exports.flowSchema=To;exports.flowsFieldComponentSchema=ee;exports.flowsFlowNodeSchema=ae;exports.flowsStepNodeSchema=ie;exports.fontDetailsSchema=_;exports.fontsSchema=Xe;exports.formControlSchema=gt;exports.formInsertSchema=ye;exports.formNodeComponentDefinition=L;exports.formNodeSchema=Ie;exports.formSchema=bt;exports.genericComponentSchema=oe;exports.genericNodeSchema=se;exports.getConnectionIdentifierConfig=_n;exports.hookInsertSchema=Ot;exports.hookSchema=jt;exports.hookTemplateId=D;exports.hookTemplates=It;exports.identitySchema=W;exports.inviteInsertSchema=Le;exports.inviteSchema=Lt;exports.inviteeSchema=je;exports.inviterSchema=we;exports.isBlockComponent=St;exports.isFieldComponent=At;exports.isWidgetComponent=Et;exports.jwksKeySchema=Dt;exports.jwksSchema=De;exports.legalComponentSchema=$;exports.logInsertSchema=Pe;exports.logSchema=Ft;exports.loginSessionInsertSchema=ke;exports.loginSessionSchema=kt;exports.loginSessionStateSchema=ve;exports.nodeSchema=le;exports.openIDConfigurationSchema=vt;exports.organizationBrandingSchema=_o;exports.organizationEnabledConnectionSchema=zo;exports.organizationInsertSchema=mo;exports.organizationSchema=on;exports.organizationTokenQuotaSchema=go;exports.pageBackgroundSchema=Ve;exports.parseUserId=ln;exports.passwordInsertSchema=Me;exports.passwordSchema=xt;exports.profileDataSchema=B;exports.promptScreenSchema=ho;exports.promptSettingSchema=Wt;exports.redirectActionSchema=M;exports.refreshTokenInsertSchema=Je;exports.refreshTokenSchema=qt;exports.resourceServerInsertSchema=eo;exports.resourceServerListSchema=Yt;exports.resourceServerOptionsSchema=$e;exports.resourceServerSchema=oo;exports.resourceServerScopeSchema=Ze;exports.richTextComponentSchema=J;exports.roleInsertSchema=co;exports.roleListSchema=en;exports.rolePermissionInsertSchema=to;exports.rolePermissionListSchema=Qt;exports.rolePermissionSchema=no;exports.roleSchema=po;exports.screenLinkSchema=Te;exports.sessionInsertSchema=Ge;exports.sessionSchema=Pt;exports.signingKeySchema=Mt;exports.smsProviderSchema=Vt;exports.smsSendParamsSchema=Xt;exports.startSchema=ce;exports.tenantInsertSchema=Be;exports.tenantSchema=Ht;exports.tenantSettingsSchema=nn;exports.themeInsertSchema=Qe;exports.themeSchema=Bt;exports.tokenResponseSchema=Gt;exports.totalsSchema=No;exports.uiScreenSchema=ft;exports.userInsertSchema=q;exports.userOrganizationInsertSchema=uo;exports.userOrganizationSchema=tn;exports.userPermissionInsertSchema=io;exports.userPermissionListSchema=Jt;exports.userPermissionSchema=ao;exports.userPermissionWithDetailsListSchema=Zt;exports.userPermissionWithDetailsSchema=ro;exports.userResponseSchema=wo;exports.userRoleInsertSchema=so;exports.userRoleListSchema=$t;exports.userRoleSchema=lo;exports.userSchema=X;exports.verificationMethodsSchema=be;exports.widgetComponentSchema=Ee;exports.widgetSchema=Ye;
1
+ "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("@hono/zod-openapi"),s=e.z.object({created_at:e.z.string(),updated_at:e.z.string()}),Io=e.z.enum(["AUTH0","EMAIL","REDIRECT"]),yo=e.z.enum(["CREATE_USER","GET_USER","UPDATE_USER","SEND_REQUEST","SEND_EMAIL"]),Co=e.z.enum(["VERIFY_EMAIL"]),U=e.z.object({require_mx_record:e.z.boolean().optional(),block_aliases:e.z.boolean().optional(),block_free_emails:e.z.boolean().optional(),block_disposable_emails:e.z.boolean().optional(),blocklist:e.z.array(e.z.string()).optional(),allowlist:e.z.array(e.z.string()).optional()}),F=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("AUTH0"),action:e.z.literal("UPDATE_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({connection_id:e.z.string().optional(),user_id:e.z.string(),changes:e.z.record(e.z.string(),e.z.any())})}),x=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("EMAIL"),action:e.z.literal("VERIFY_EMAIL"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({email:e.z.string(),rules:U.optional()})}),P=e.z.enum(["change-email","account","custom"]),M=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("REDIRECT"),action:e.z.literal("REDIRECT_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({target:P.openapi({description:"The predefined target to redirect to, or 'custom' for a custom URL"}),custom_url:e.z.string().optional().openapi({description:"Custom URL to redirect to when target is 'custom'"})})}),H=e.z.union([F,x,M]),G=e.z.object({name:e.z.string().min(1).max(150).openapi({description:"The name of the flow"}),actions:e.z.array(H).optional().default([]).openapi({description:"The list of actions to execute in sequence"})}),To=G.extend({...s.shape,id:e.z.string().openapi({description:"Unique identifier for the flow",example:"af_12tMpdJ3iek7svMyZkSh5M"})}),Oo=e.z.object({page:e.z.string().min(0).optional().default("0").transform(o=>parseInt(o,10)).openapi({description:"The page number where 0 is the first page"}),per_page:e.z.string().min(1).optional().default("10").transform(o=>parseInt(o,10)).openapi({description:"The number of items per page"}),include_totals:e.z.string().optional().default("false").transform(o=>o==="true").openapi({description:"If the total number of items should be included in the response"}),sort:e.z.string().regex(/^.+:(-1|1)$/).optional().openapi({description:"A property that should have the format 'string:-1' or 'string:1'"}),q:e.z.string().optional().openapi({description:"A lucene query string used to filter the results"})}),No=e.z.object({start:e.z.number(),limit:e.z.number(),length:e.z.number(),total:e.z.number().optional()}),B=e.z.object({email:e.z.string().optional(),email_verified:e.z.boolean().optional(),name:e.z.string().optional(),username:e.z.string().optional(),given_name:e.z.string().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),family_name:e.z.string().optional()}).catchall(e.z.any()),W=e.z.object({connection:e.z.string(),user_id:e.z.string(),provider:e.z.string(),isSocial:e.z.boolean(),email:e.z.string().optional(),email_verified:e.z.boolean().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),username:e.z.string().optional(),access_token:e.z.string().optional(),access_token_secret:e.z.string().optional(),refresh_token:e.z.string().optional(),profileData:B.optional()}),K=e.z.object({formatted:e.z.string().optional(),street_address:e.z.string().optional(),locality:e.z.string().optional(),region:e.z.string().optional(),postal_code:e.z.string().optional(),country:e.z.string().optional()}).optional(),y=e.z.object({email:e.z.string().optional().transform(o=>o&&o.toLowerCase()),username:e.z.string().refine(o=>!o.includes("@"),{message:'Usernames must not contain "@". Use the email field for email addresses.'}).optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),given_name:e.z.string().optional(),family_name:e.z.string().optional(),nickname:e.z.string().optional(),name:e.z.string().optional(),picture:e.z.string().optional(),locale:e.z.string().optional(),linked_to:e.z.string().optional(),profileData:e.z.string().optional(),user_id:e.z.string().optional(),app_metadata:e.z.any().default({}).optional(),user_metadata:e.z.any().default({}).optional(),middle_name:e.z.string().optional(),preferred_username:e.z.string().optional(),profile:e.z.string().optional(),website:e.z.string().optional(),gender:e.z.string().optional(),birthdate:e.z.string().optional(),zoneinfo:e.z.string().optional(),address:K}),q=y.extend({email_verified:e.z.boolean().default(!1),verify_email:e.z.boolean().optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string().optional(),provider:e.z.string().optional(),connection:e.z.string(),is_social:e.z.boolean().optional(),password:e.z.object({hash:e.z.string(),algorithm:e.z.string()}).optional()}),X=e.z.object({...q.omit({password:!0}).shape,...s.shape,user_id:e.z.string(),provider:e.z.string(),is_social:e.z.boolean(),email:e.z.string().optional(),login_count:e.z.number().default(0),identities:e.z.array(W).optional()}),Ro=X,wo=y.extend({login_count:e.z.number(),multifactor:e.z.array(e.z.string()).optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string()}).catchall(e.z.any());let jo="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict",Lo=(o=21)=>{let n="",i=crypto.getRandomValues(new Uint8Array(o|=0));for(;o--;)n+=jo[i[o]&63];return n};const V=e.z.object({client_id:e.z.string().openapi({description:"ID of this client."}),name:e.z.string().min(1).openapi({description:"Name of this client (min length: 1 character, does not allow < or >)."}),description:e.z.string().max(140).optional().openapi({description:"Free text description of this client (max length: 140 characters)."}),global:e.z.boolean().default(!1).openapi({description:"Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false)."}),client_secret:e.z.string().default(()=>Lo()).optional().openapi({description:"Client secret (which you must not make public)."}),app_type:e.z.enum(["native","spa","regular_web","non_interactive","resource_server","express_configuration","rms","box","cloudbees","concur","dropbox","mscrm","echosign","egnyte","newrelic","office365","salesforce","sentry","sharepoint","slack","springcm","zendesk","zoom","sso_integration","oag"]).default("regular_web").optional().openapi({description:"The type of application this client represents"}),logo_uri:e.z.string().url().optional().openapi({description:"URL of the logo to display for this client. Recommended size is 150x150 pixels."}),is_first_party:e.z.boolean().default(!1).openapi({description:"Whether this client a first party client (true) or not (false)."}),oidc_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false)."}),auth0_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client follows Auth0-compatible behavior (true) or strict OIDC behavior (false). When true, profile/email claims are included in the ID token when scopes are requested. When false, these claims are only available from the userinfo endpoint (strict OIDC 5.4 compliance)."}),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),client_aliases:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of audiences/realms for SAML protocol. Used by the wsfed addon."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed."}),connections:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of connection IDs enabled for this client. The order determines the display order on the login page."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),session_transfer:e.z.record(e.z.any()).default({}).optional().openapi({description:"Native to Web SSO Configuration"}),oidc_logout:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration for OIDC backchannel logout"}),grant_types:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, urn:openid:params:grant-type:ciba, and urn:ietf:params:oauth:grant-type:device_code."}),jwt_configuration:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration related to JWTs for the client."}),signing_keys:e.z.array(e.z.record(e.z.any())).default([]).optional().openapi({description:"Signing certificates associated with this client."}),encryption_key:e.z.record(e.z.any()).default({}).optional().openapi({description:"Encryption used for WsFed responses with this client."}),sso:e.z.boolean().default(!1).openapi({description:"Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false)."}),sso_disabled:e.z.boolean().default(!0).openapi({description:"Whether Single Sign On is disabled (true) or enabled (true). Defaults to true."}),cross_origin_authentication:e.z.boolean().default(!1).openapi({description:"Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."}),cross_origin_loc:e.z.string().url().optional().openapi({description:"URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page."}),custom_login_page_on:e.z.boolean().default(!1).openapi({description:"Whether a custom login page is to be used (true) or the default provided login page (false)."}),custom_login_page:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page."}),custom_login_page_preview:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page. (Used on Previews)"}),form_template:e.z.string().optional().openapi({description:"HTML form template to be used for WS-Federation."}),addons:e.z.record(e.z.any()).default({}).optional().openapi({description:"Addons enabled for this client and their associated configurations."}),token_endpoint_auth_method:e.z.enum(["none","client_secret_post","client_secret_basic"]).default("client_secret_basic").optional().openapi({description:"Defines the requested authentication method for the token endpoint. Can be none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), or client_secret_basic (client uses HTTP Basic)."}),client_metadata:e.z.record(e.z.string().max(255)).default({}).optional().openapi({description:'Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/()<>@ [Tab][Space]'}),mobile:e.z.record(e.z.any()).default({}).optional().openapi({description:"Additional configuration for native mobile apps."}),initiate_login_uri:e.z.string().url().optional().openapi({description:"Initiate login uri, must be https"}),native_social_login:e.z.record(e.z.any()).default({}).optional(),refresh_token:e.z.record(e.z.any()).default({}).optional().openapi({description:"Refresh token configuration"}),default_organization:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines the default Organization ID and flows"}),organization_usage:e.z.enum(["deny","allow","require"]).default("deny").optional().openapi({description:"Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require."}),organization_require_behavior:e.z.enum(["no_prompt","pre_login_prompt","post_login_prompt"]).default("no_prompt").optional().openapi({description:"Defines how to proceed during an authentication transaction when client.organization_usage: 'require'. Can be no_prompt (default), pre_login_prompt or post_login_prompt. post_login_prompt requires oidc_conformant: true."}),client_authentication_methods:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines client authentication methods."}),require_pushed_authorization_requests:e.z.boolean().default(!1).openapi({description:"Makes the use of Pushed Authorization Requests mandatory for this client"}),require_proof_of_possession:e.z.boolean().default(!1).openapi({description:"Makes the use of Proof-of-Possession mandatory for this client"}),signed_request_object:e.z.record(e.z.any()).default({}).optional().openapi({description:"JWT-secured Authorization Requests (JAR) settings."}),compliance_level:e.z.enum(["none","fapi1_adv_pkj_par","fapi1_adv_mtls_par","fapi2_sp_pkj_mtls","fapi2_sp_mtls_mtls"]).optional().openapi({description:"Defines the compliance level for this client, which may restrict it's capabilities"}),par_request_expiry:e.z.number().optional().openapi({description:"Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"}),token_quota:e.z.record(e.z.any()).default({}).optional()}),Do=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),...V.shape}),Y=e.z.object({client_id:e.z.string().min(1).openapi({description:"ID of the client."}),audience:e.z.string().min(1).openapi({description:"The audience (API identifier) of this client grant."}),scope:e.z.array(e.z.string()).optional().openapi({description:"Scopes allowed for this client grant."}),organization_usage:e.z.enum(["deny","allow","require"]).optional().openapi({description:"Defines whether organizations can be used with client credentials exchanges for this grant."}),allow_any_organization:e.z.boolean().optional().openapi({description:"If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations."}),is_system:e.z.boolean().optional().openapi({description:"If enabled, this grant is a special grant created by Auth0. It cannot be modified or deleted directly."}),subject_type:e.z.enum(["client","user"]).optional().openapi({description:"The type of application access the client grant allows. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."}),authorization_details_types:e.z.array(e.z.string()).optional().openapi({description:"Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."})}),Q=e.z.object({id:e.z.string().openapi({description:"ID of the client grant."}),...Y.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),vo=e.z.array(Q),d=e.z.object({x:e.z.number(),y:e.z.number()});var C=(o=>(o.RICH_TEXT="RICH_TEXT",o.NEXT_BUTTON="NEXT_BUTTON",o.BACK_BUTTON="BACK_BUTTON",o.SUBMIT_BUTTON="SUBMIT_BUTTON",o.DIVIDER="DIVIDER",o.TEXT="TEXT",o.EMAIL="EMAIL",o.PASSWORD="PASSWORD",o.NUMBER="NUMBER",o.PHONE="PHONE",o.DATE="DATE",o.CHECKBOX="CHECKBOX",o.RADIO="RADIO",o.SELECT="SELECT",o.HIDDEN="HIDDEN",o.LEGAL="LEGAL",o))(C||{}),T=(o=>(o.BLOCK="BLOCK",o.FIELD="FIELD",o))(T||{});const I=e.z.object({id:e.z.string(),category:e.z.nativeEnum(T),type:e.z.nativeEnum(C)}),J=I.extend({category:e.z.literal("BLOCK"),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}).passthrough()}),Z=I.extend({category:e.z.literal("BLOCK"),type:e.z.union([e.z.literal("NEXT_BUTTON"),e.z.literal("BACK_BUTTON"),e.z.literal("SUBMIT_BUTTON")]),config:e.z.object({text:e.z.string()}).passthrough()}),$=I.extend({category:e.z.literal("FIELD"),type:e.z.literal("LEGAL"),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({text:e.z.string()}).passthrough()}),ee=I.extend({category:e.z.literal("FIELD"),type:e.z.union([e.z.literal("TEXT"),e.z.literal("EMAIL"),e.z.literal("PASSWORD"),e.z.literal("NUMBER"),e.z.literal("PHONE"),e.z.literal("DATE"),e.z.literal("CHECKBOX"),e.z.literal("RADIO"),e.z.literal("SELECT"),e.z.literal("HIDDEN")]),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({label:e.z.string().optional(),placeholder:e.z.string().optional()}).passthrough()}),oe=e.z.object({id:e.z.string(),category:e.z.string(),type:e.z.string()}).passthrough(),te=e.z.union([J,Z,$,ee,oe]);var ne=(o=>(o.STEP="STEP",o.FLOW="FLOW",o.CONDITION="CONDITION",o.ACTION="ACTION",o))(ne||{});const ie=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({components:e.z.array(te),next_node:e.z.string()}).passthrough()}),ae=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({flow_id:e.z.string(),next_node:e.z.string()})}),re=e.z.object({id:e.z.string(),type:e.z.literal("ACTION"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({action_type:e.z.enum(["REDIRECT"]).openapi({description:"The type of action to perform"}),target:e.z.enum(["change-email","account","custom"]).openapi({description:"The predefined target to redirect to"}),custom_url:e.z.string().optional().openapi({description:"Custom URL when target is 'custom'"}),next_node:e.z.string().openapi({description:"The next node to navigate to after action (for non-redirect actions)"})}).passthrough()}),se=e.z.object({id:e.z.string(),type:e.z.string(),coordinates:d}).passthrough(),le=e.z.union([ie,ae,re,se]),ce=e.z.object({next_node:e.z.string(),coordinates:d}).passthrough(),pe=e.z.object({resume_flow:e.z.boolean().optional(),coordinates:d}).passthrough(),_e=e.z.object({id:e.z.string(),name:e.z.string(),languages:e.z.object({primary:e.z.string()}).passthrough(),nodes:e.z.array(le),start:ce,ending:pe,created_at:e.z.string(),updated_at:e.z.string(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).passthrough()}).passthrough(),ko=_e.omit({id:!0,created_at:!0,updated_at:!0});var O=(o=>(o.TOKEN="token",o.ID_TOKEN="id_token",o.TOKEN_ID_TOKEN="token id_token",o.CODE="code",o))(O||{}),N=(o=>(o.QUERY="query",o.FRAGMENT="fragment",o.FORM_POST="form_post",o.WEB_MESSAGE="web_message",o.SAML_POST="saml_post",o))(N||{}),R=(o=>(o.S256="S256",o.Plain="plain",o))(R||{});const de=e.z.object({client_id:e.z.string(),act_as:e.z.string().optional(),response_type:e.z.nativeEnum(O).optional(),response_mode:e.z.nativeEnum(N).optional(),redirect_uri:e.z.string().optional(),audience:e.z.string().optional(),organization:e.z.string().optional(),state:e.z.string().optional(),nonce:e.z.string().optional(),scope:e.z.string().optional(),prompt:e.z.string().optional(),code_challenge_method:e.z.nativeEnum(R).optional(),code_challenge:e.z.string().optional(),username:e.z.string().optional(),ui_locales:e.z.string().optional(),max_age:e.z.number().optional(),acr_values:e.z.string().optional(),vendor_id:e.z.string().optional()}),Uo=e.z.object({colors:e.z.object({primary:e.z.string(),page_background:e.z.object({type:e.z.string().optional(),start:e.z.string().optional(),end:e.z.string().optional(),angle_deg:e.z.number().optional()}).optional()}).optional(),logo_url:e.z.string().optional(),favicon_url:e.z.string().optional(),powered_by_logo_url:e.z.string().optional(),font:e.z.object({url:e.z.string()}).optional()}),ze=e.z.enum(["password_reset","email_verification","otp","authorization_code","oauth2_state","ticket"]),ge=e.z.object({code_id:e.z.string().openapi({description:"The code that will be used in for instance an email verification flow"}),login_id:e.z.string().openapi({description:"The id of the login session that the code is connected to"}),connection_id:e.z.string().optional().openapi({description:"The connection that the code is connected to"}),code_type:ze,code_verifier:e.z.string().optional().openapi({description:"The code verifier used in PKCE in outbound flows"}),code_challenge:e.z.string().optional().openapi({description:"The code challenge used in PKCE in outbound flows"}),code_challenge_method:e.z.enum(["plain","S256"]).optional().openapi({description:"The code challenge method used in PKCE in outbound flows"}),redirect_uri:e.z.string().optional().openapi({description:"The redirect URI associated with the code"}),nonce:e.z.string().optional().openapi({description:"The nonce value used for security in OIDC flows"}),state:e.z.string().optional().openapi({description:"The state parameter used for CSRF protection in OAuth flows"}),expires_at:e.z.string(),used_at:e.z.string().optional(),user_id:e.z.string().optional()}),Fo=e.z.object({...ge.shape,created_at:e.z.string()}),me=e.z.object({kid:e.z.string().optional(),team_id:e.z.string().optional(),realms:e.z.string().optional(),authentication_method:e.z.string().optional(),client_id:e.z.string().optional(),client_secret:e.z.string().optional(),app_secret:e.z.string().optional(),scope:e.z.string().optional(),authorization_endpoint:e.z.string().optional(),token_endpoint:e.z.string().optional(),userinfo_endpoint:e.z.string().optional(),jwks_uri:e.z.string().optional(),discovery_url:e.z.string().optional(),issuer:e.z.string().optional(),provider:e.z.string().optional(),from:e.z.string().optional(),twilio_sid:e.z.string().optional(),twilio_token:e.z.string().optional(),icon_url:e.z.string().optional(),passwordPolicy:e.z.enum(["none","low","fair","good","excellent"]).optional(),password_complexity_options:e.z.object({min_length:e.z.number().optional()}).optional(),password_history:e.z.object({enable:e.z.boolean().optional(),size:e.z.number().optional()}).optional(),password_no_personal_info:e.z.object({enable:e.z.boolean().optional()}).optional(),password_dictionary:e.z.object({enable:e.z.boolean().optional(),dictionary:e.z.array(e.z.string()).optional()}).optional(),disable_signup:e.z.boolean().optional(),brute_force_protection:e.z.boolean().optional(),import_mode:e.z.boolean().optional(),attributes:e.z.object({email:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional(),verification:e.z.object({active:e.z.boolean().optional()}).optional()}).optional(),validation:e.z.object({allowed:e.z.boolean().optional()}).optional(),unique:e.z.boolean().optional(),profile_required:e.z.boolean().optional(),verification_method:e.z.enum(["link","code"]).optional()}).optional(),username:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional()}).optional(),validation:e.z.object({max_length:e.z.number().optional(),min_length:e.z.number().optional(),allowed_types:e.z.object({email:e.z.boolean().optional(),phone_number:e.z.boolean().optional()}).optional()}).optional(),profile_required:e.z.boolean().optional()}).optional(),phone_number:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional()}).optional()}).optional()}).optional(),authentication_methods:e.z.object({password:e.z.object({enabled:e.z.boolean().optional()}).optional(),passkey:e.z.object({enabled:e.z.boolean().optional()}).optional()}).optional(),passkey_options:e.z.object({challenge_ui:e.z.enum(["both","autofill","button"]).optional(),local_enrollment_enabled:e.z.boolean().optional(),progressive_enrollment_enabled:e.z.boolean().optional()}).optional(),requires_username:e.z.boolean().optional(),validation:e.z.object({username:e.z.object({min:e.z.number().optional(),max:e.z.number().optional()}).optional()}).optional(),set_user_root_attributes:e.z.enum(["on_each_login","on_first_login","never_on_login"]).optional()}),ue=e.z.object({id:e.z.string().optional(),name:e.z.string(),display_name:e.z.string().optional(),strategy:e.z.string(),options:me.default({}),enabled_clients:e.z.array(e.z.string()).default([]).optional(),response_type:e.z.custom().optional(),response_mode:e.z.custom().optional(),is_domain_connection:e.z.boolean().optional(),show_as_button:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional(),is_system:e.z.boolean().optional()}),xo=e.z.object({id:e.z.string(),created_at:e.z.string().transform(o=>o===null?"":o),updated_at:e.z.string().transform(o=>o===null?"":o)}).extend(ue.shape),he=e.z.object({domain:e.z.string(),custom_domain_id:e.z.string().optional(),type:e.z.enum(["auth0_managed_certs","self_managed_certs"]),verification_method:e.z.enum(["txt"]).optional(),tls_policy:e.z.enum(["recommended"]).optional(),custom_client_ip_header:e.z.enum(["true-client-ip","cf-connecting-ip","x-forwarded-for","x-azure-clientip","null"]).optional(),domain_metadata:e.z.record(e.z.string().max(255)).optional()}),be=e.z.discriminatedUnion("name",[e.z.object({name:e.z.literal("txt"),record:e.z.string(),domain:e.z.string()}),e.z.object({name:e.z.literal("http"),http_body:e.z.string(),http_url:e.z.string()})]),fe=e.z.object({...he.shape,custom_domain_id:e.z.string(),primary:e.z.boolean(),status:e.z.enum(["disabled","pending","pending_verification","ready"]),origin_domain_name:e.z.string().optional(),verification:e.z.object({methods:e.z.array(be)}).optional(),tls_policy:e.z.string().optional()}),Po=fe.extend({tenant_id:e.z.string()}),w=e.z.object({id:e.z.string(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),l=w.extend({category:e.z.literal("BLOCK").optional()}),Mo=l.extend({type:e.z.literal("DIVIDER"),config:e.z.object({text:e.z.string().optional()}).optional()}),Ho=l.extend({type:e.z.literal("HTML"),config:e.z.object({content:e.z.string().optional()}).optional()}),Go=l.extend({type:e.z.literal("IMAGE"),config:e.z.object({src:e.z.string().optional(),alt:e.z.string().optional(),width:e.z.number().optional(),height:e.z.number().optional()}).optional()}),Bo=l.extend({type:e.z.literal("JUMP_BUTTON"),config:e.z.object({text:e.z.string().optional(),target_step:e.z.string().optional()})}),Wo=l.extend({type:e.z.literal("RESEND_BUTTON"),config:e.z.object({text:e.z.string().optional(),resend_action:e.z.string().optional()})}),Ko=l.extend({type:e.z.literal("NEXT_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),qo=l.extend({type:e.z.literal("PREVIOUS_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),Xo=l.extend({type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string().optional()}).optional()}),j=w.extend({category:e.z.literal("WIDGET").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Vo=j.extend({type:e.z.literal("AUTH0_VERIFIABLE_CREDENTIALS"),config:e.z.object({credential_type:e.z.string().optional()})}),Yo=j.extend({type:e.z.literal("GMAPS_ADDRESS"),config:e.z.object({api_key:e.z.string().optional()})}),Qo=j.extend({type:e.z.literal("RECAPTCHA"),config:e.z.object({site_key:e.z.string().optional()})}),t=w.extend({category:e.z.literal("FIELD").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),messages:e.z.array(e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])})).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Jo=t.extend({type:e.z.literal("BOOLEAN"),config:e.z.object({default_value:e.z.boolean().optional()}).optional()}),Zo=t.extend({type:e.z.literal("CARDS"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string(),description:e.z.string().optional(),image:e.z.string().optional()})).optional(),multi_select:e.z.boolean().optional()}).optional()}),$o=t.extend({type:e.z.literal("CHOICE"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),display:e.z.enum(["radio","checkbox"]).optional(),multiple:e.z.boolean().optional(),default_value:e.z.union([e.z.string(),e.z.array(e.z.string())]).optional()}).optional()}),et=t.extend({type:e.z.literal("CUSTOM"),config:e.z.object({component:e.z.string().optional(),props:e.z.record(e.z.any()).optional(),schema:e.z.record(e.z.any()).optional(),code:e.z.string().optional()})}),ot=t.extend({type:e.z.literal("DATE"),config:e.z.object({format:e.z.string().optional(),min:e.z.string().optional(),max:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),tt=t.extend({type:e.z.literal("DROPDOWN"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),placeholder:e.z.string().optional(),searchable:e.z.boolean().optional(),multiple:e.z.boolean().optional(),default_value:e.z.union([e.z.string(),e.z.array(e.z.string())]).optional()}).optional()}),nt=t.extend({type:e.z.literal("EMAIL"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),it=t.extend({type:e.z.literal("FILE"),config:e.z.object({accept:e.z.string().optional(),max_size:e.z.number().optional(),multiple:e.z.boolean().optional()}).optional()}),at=t.extend({type:e.z.literal("LEGAL"),config:e.z.object({text:e.z.string(),html:e.z.boolean().optional()}).optional()}),rt=t.extend({type:e.z.literal("NUMBER"),config:e.z.object({placeholder:e.z.string().optional(),min:e.z.number().optional(),max:e.z.number().optional(),step:e.z.number().optional(),default_value:e.z.string().optional()}).optional()}),st=t.extend({type:e.z.literal("PASSWORD"),config:e.z.object({placeholder:e.z.string().optional(),min_length:e.z.number().optional(),show_toggle:e.z.boolean().optional(),forgot_password_link:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),lt=t.extend({type:e.z.literal("PAYMENT"),config:e.z.object({provider:e.z.string().optional(),currency:e.z.string().optional()}).optional()}),ct=t.extend({type:e.z.literal("SOCIAL"),config:e.z.object({providers:e.z.array(e.z.string()).optional(),provider_details:e.z.array(e.z.object({name:e.z.string(),strategy:e.z.string().optional(),display_name:e.z.string().optional(),icon_url:e.z.string().optional()})).optional()}).optional()}),pt=t.extend({type:e.z.literal("TEL"),config:e.z.object({placeholder:e.z.string().optional(),default_country:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),_t=t.extend({type:e.z.literal("TEXT"),config:e.z.object({placeholder:e.z.string().optional(),multiline:e.z.boolean().optional(),max_length:e.z.number().optional(),default_value:e.z.string().optional()}).optional()}),dt=t.extend({type:e.z.literal("URL"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),Se=e.z.discriminatedUnion("type",[Mo,Ho,Go,Bo,Wo,Ko,qo,Xo]),Ee=e.z.discriminatedUnion("type",[Vo,Yo,Qo]),Ae=e.z.discriminatedUnion("type",[Jo,Zo,$o,et,ot,tt,nt,it,at,rt,st,lt,ct,pt,_t,dt]),L=e.z.union([Se,Ee,Ae]),zt=new Set(["BOOLEAN","CARDS","CHOICE","DATE","DROPDOWN","EMAIL","LEGAL","NUMBER","PASSWORD","TEL","TEXT","URL"]),gt=e.z.object({id:e.z.string(),type:e.z.literal("submit"),label:e.z.string(),className:e.z.string().optional(),disabled:e.z.boolean().optional().default(!1),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0),customizations:e.z.record(e.z.string(),e.z.any()).optional()}),b=e.z.object({x:e.z.number(),y:e.z.number()}),mt=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:b,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({flow_id:e.z.string().max(30),next_node:e.z.string().optional()})}),ut=e.z.object({id:e.z.string(),type:e.z.literal("ROUTER"),coordinates:b,alias:e.z.string().min(1).max(150),config:e.z.object({rules:e.z.array(e.z.object({id:e.z.string(),alias:e.z.string().min(1).max(150).optional(),condition:e.z.any(),next_node:e.z.string()})),fallback:e.z.string()})}),ht=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:b,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({components:e.z.array(L),next_node:e.z.string().optional()})}),Ie=e.z.discriminatedUnion("type",[mt,ut,ht]),ye=e.z.object({name:e.z.string().openapi({description:"The name of the form"}),messages:e.z.object({errors:e.z.record(e.z.string(),e.z.any()).optional(),custom:e.z.record(e.z.string(),e.z.any()).optional()}).optional(),languages:e.z.object({primary:e.z.string().optional(),default:e.z.string().optional()}).optional(),translations:e.z.record(e.z.string(),e.z.any()).optional(),nodes:e.z.array(Ie).optional(),start:e.z.object({hidden_fields:e.z.array(e.z.object({key:e.z.string(),value:e.z.string()})).optional(),next_node:e.z.string().optional(),coordinates:b.optional()}).optional(),ending:e.z.object({redirection:e.z.object({delay:e.z.number().optional(),target:e.z.string().optional()}).optional(),after_submit:e.z.object({flow_id:e.z.string().optional()}).optional(),coordinates:b.optional(),resume_flow:e.z.boolean().optional()}).optional(),style:e.z.object({css:e.z.string().optional()}).optional(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).optional()}).openapi({description:"Schema for flow-based forms (matches Auth0 Forms structure)"}),bt=e.z.object({...s.shape,...ye.shape,id:e.z.string()}),Ce=e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])}),Te=e.z.object({id:e.z.string().optional(),text:e.z.string(),href:e.z.string(),linkText:e.z.string().optional()}),ft=e.z.object({name:e.z.string().optional(),action:e.z.string(),method:e.z.enum(["POST","GET"]),title:e.z.string().optional(),description:e.z.string().optional(),components:e.z.array(L),messages:e.z.array(Ce).optional(),links:e.z.array(Te).optional(),footer:e.z.string().optional()});function St(o){return o.category==="BLOCK"}function Et(o){return o.category==="WIDGET"}function At(o){return o.category==="FIELD"}const Oe=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),Ne=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),Re=e.z.enum(["post-user-login","credentials-exchange"]),D=e.z.enum(["ensure-username","set-preferred-username"]),It={"ensure-username":{name:"Ensure Username",description:"Automatically assigns a username to users who sign in without one. Creates a linked username account for social/email users.",trigger_id:"post-user-login"},"set-preferred-username":{name:"Set Preferred Username",description:"Sets the preferred_username claim on tokens based on the username from the primary or linked user.",trigger_id:"credentials-exchange"}},m={enabled:e.z.boolean().default(!1),synchronous:e.z.boolean().default(!1),priority:e.z.number().optional(),hook_id:e.z.string().optional()},yt=e.z.object({...m,trigger_id:Oe,url:e.z.string()}),Ct=e.z.object({...m,trigger_id:Ne,form_id:e.z.string()}),Tt=e.z.object({...m,trigger_id:Re,template_id:D}),Ot=e.z.union([yt,Ct,Tt]),Nt=e.z.object({...m,trigger_id:Oe,...s.shape,hook_id:e.z.string(),url:e.z.string()}),Rt=e.z.object({...m,trigger_id:Ne,...s.shape,hook_id:e.z.string(),form_id:e.z.string()}),wt=e.z.object({...m,trigger_id:Re,...s.shape,hook_id:e.z.string(),template_id:D}),jt=e.z.union([Nt,Rt,wt]),we=e.z.object({name:e.z.string().optional()}),je=e.z.object({email:e.z.string().optional()}),Le=e.z.object({organization_id:e.z.string().max(50),inviter:we,invitee:je,invitation_url:e.z.string().url(),client_id:e.z.string(),connection_id:e.z.string().optional(),app_metadata:e.z.record(e.z.any()).default({}).optional(),user_metadata:e.z.record(e.z.any()).default({}).optional(),ttl_sec:e.z.number().int().max(2592e3).default(604800).optional(),roles:e.z.array(e.z.string()).default([]).optional(),send_invitation_email:e.z.boolean().default(!0).optional()}),Lt=e.z.object({id:e.z.string(),organization_id:e.z.string().max(50),created_at:e.z.string().datetime(),expires_at:e.z.string().datetime(),ticket_id:e.z.string().optional()}).extend(Le.shape),De=e.z.object({alg:e.z.enum(["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512"]),e:e.z.string(),kid:e.z.string(),kty:e.z.enum(["RSA","EC","oct"]),n:e.z.string(),x5t:e.z.string().optional(),x5c:e.z.array(e.z.string()).optional(),use:e.z.enum(["sig","enc"]).optional()}),Dt=e.z.object({keys:e.z.array(De)}),vt=e.z.object({issuer:e.z.string(),authorization_endpoint:e.z.string(),token_endpoint:e.z.string(),device_authorization_endpoint:e.z.string(),userinfo_endpoint:e.z.string(),mfa_challenge_endpoint:e.z.string(),jwks_uri:e.z.string(),registration_endpoint:e.z.string(),revocation_endpoint:e.z.string(),scopes_supported:e.z.array(e.z.string()),response_types_supported:e.z.array(e.z.string()),code_challenge_methods_supported:e.z.array(e.z.string()),response_modes_supported:e.z.array(e.z.string()),subject_types_supported:e.z.array(e.z.string()),id_token_signing_alg_values_supported:e.z.array(e.z.string()),token_endpoint_auth_methods_supported:e.z.array(e.z.string()),claims_supported:e.z.array(e.z.string()),request_uri_parameter_supported:e.z.boolean(),request_parameter_supported:e.z.boolean(),token_endpoint_auth_signing_alg_values_supported:e.z.array(e.z.string())});var v=(o=>(o.PENDING="pending",o.AUTHENTICATED="authenticated",o.AWAITING_EMAIL_VERIFICATION="awaiting_email_verification",o.AWAITING_HOOK="awaiting_hook",o.AWAITING_CONTINUATION="awaiting_continuation",o.COMPLETED="completed",o.FAILED="failed",o.EXPIRED="expired",o))(v||{});const ve=e.z.nativeEnum(v),ke=e.z.object({csrf_token:e.z.string(),auth0Client:e.z.string().optional(),authParams:de,expires_at:e.z.string(),deleted_at:e.z.string().optional(),ip:e.z.string().optional(),useragent:e.z.string().optional(),session_id:e.z.string().optional(),authorization_url:e.z.string().optional(),state:ve.optional().default("pending"),state_data:e.z.string().optional(),failure_reason:e.z.string().optional(),user_id:e.z.string().optional(),auth_connection:e.z.string().optional()}).openapi({description:"This represents a login sesion"}),kt=e.z.object({...ke.shape,id:e.z.string().openapi({description:"This is is used as the state in the universal login"}),created_at:e.z.string(),updated_at:e.z.string()}),Ue={ACLS_SUMMARY:"acls_summary",ACTIONS_EXECUTION_FAILED:"actions_execution_failed",API_LIMIT:"api_limit",API_LIMIT_WARNING:"api_limit_warning",APPI:"appi",CIBA_EXCHANGE_FAILED:"ciba_exchange_failed",CIBA_EXCHANGE_SUCCEEDED:"ciba_exchange_succeeded",CIBA_START_FAILED:"ciba_start_failed",CIBA_START_SUCCEEDED:"ciba_start_succeeded",CODE_LINK_SENT:"cls",CODE_SENT:"cs",DEPRECATION_NOTICE:"depnote",FAILED_LOGIN:"f",FAILED_BY_CONNECTOR:"fc",FAILED_CHANGE_EMAIL:"fce",FAILED_BY_CORS:"fco",FAILED_CROSS_ORIGIN_AUTHENTICATION:"fcoa",FAILED_CHANGE_PASSWORD:"fcp",FAILED_POST_CHANGE_PASSWORD_HOOK:"fcph",FAILED_CHANGE_PHONE_NUMBER:"fcpn",FAILED_CHANGE_PASSWORD_REQUEST:"fcpr",FAILED_CONNECTOR_PROVISIONING:"fcpro",FAILED_CHANGE_USERNAME:"fcu",FAILED_DELEGATION:"fd",FAILED_DEVICE_ACTIVATION:"fdeac",FAILED_DEVICE_AUTHORIZATION_REQUEST:"fdeaz",USER_CANCELED_DEVICE_CONFIRMATION:"fdecc",FAILED_USER_DELETION:"fdu",FAILED_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"feacft",FAILED_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"feccft",FAILED_EXCHANGE_CUSTOM_TOKEN:"fecte",FAILED_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"fede",FAILED_FEDERATED_LOGOUT:"federated_logout_failed",FAILED_EXCHANGE_NATIVE_SOCIAL_LOGIN:"fens",FAILED_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"feoobft",FAILED_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"feotpft",FAILED_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"fepft",FAILED_EXCHANGE_PASSWORDLESS_OTP_FOR_ACCESS_TOKEN:"fepotpft",FAILED_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"fercft",FAILED_EXCHANGE_ROTATING_REFRESH_TOKEN:"ferrt",FAILED_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"fertft",FAILED_HOOK:"fh",FAILED_IMPERSONATION:"fimp",FAILED_INVITE_ACCEPT:"fi",FAILED_LOGOUT:"flo",FLOWS_EXECUTION_COMPLETED:"flows_execution_completed",FLOWS_EXECUTION_FAILED:"flows_execution_failed",FAILED_SENDING_NOTIFICATION:"fn",FORMS_SUBMISSION_FAILED:"forms_submission_failed",FORMS_SUBMISSION_SUCCEEDED:"forms_submission_succeeded",FAILED_LOGIN_INCORRECT_PASSWORD:"fp",FAILED_PUSHED_AUTHORIZATION_REQUEST:"fpar",FAILED_POST_USER_REGISTRATION_HOOK:"fpurh",FAILED_SIGNUP:"fs",FAILED_SILENT_AUTH:"fsa",FAILED_LOGIN_INVALID_EMAIL_USERNAME:"fu",FAILED_USERS_IMPORT:"fui",FAILED_VERIFICATION_EMAIL:"fv",FAILED_VERIFICATION_EMAIL_REQUEST:"fvr",EMAIL_VERIFICATION_CONFIRMED:"gd_auth_email_verification",EMAIL_VERIFICATION_FAILED:"gd_auth_fail_email_verification",MFA_AUTH_FAILED:"gd_auth_failed",MFA_AUTH_REJECTED:"gd_auth_rejected",MFA_AUTH_SUCCESS:"gd_auth_succeed",MFA_ENROLLMENT_COMPLETE:"gd_enrollment_complete",TOO_MANY_MFA_FAILURES:"gd_otp_rate_limit_exceed",MFA_RECOVERY_FAILED:"gd_recovery_failed",MFA_RECOVERY_RATE_LIMIT_EXCEED:"gd_recovery_rate_limit_exceed",MFA_RECOVERY_SUCCESS:"gd_recovery_succeed",MFA_EMAIL_SENT:"gd_send_email",EMAIL_VERIFICATION_SENT:"gd_send_email_verification",EMAIL_VERIFICATION_SEND_FAILURE:"gd_send_email_verification_failure",PUSH_NOTIFICATION_SENT:"gd_send_pn",ERROR_SENDING_MFA_PUSH_NOTIFICATION:"gd_send_pn_failure",MFA_SMS_SENT:"gd_send_sms",ERROR_SENDING_MFA_SMS:"gd_send_sms_failure",MFA_VOICE_CALL_SUCCESS:"gd_send_voice",MFA_VOICE_CALL_FAILED:"gd_send_voice_failure",SECOND_FACTOR_STARTED:"gd_start_auth",MFA_ENROLL_STARTED:"gd_start_enroll",MFA_ENROLLMENT_FAILED:"gd_start_enroll_failed",GUARDIAN_TENANT_UPDATE:"gd_tenant_update",UNENROLL_DEVICE_ACCOUNT:"gd_unenroll",UPDATE_DEVICE_ACCOUNT:"gd_update_device_account",WEBAUTHN_CHALLENGE_FAILED:"gd_webauthn_challenge_failed",WEBAUTHN_ENROLLMENT_FAILED:"gd_webauthn_enrollment_failed",FAILED_KMS_API_OPERATION:"kms_key_management_failure",SUCCESS_KMS_API_OPERATION:"kms_key_management_success",KMS_KEY_STATE_CHANGED:"kms_key_state_changed",TOO_MANY_CALLS_TO_DELEGATION:"limit_delegation",BLOCKED_IP_ADDRESS:"limit_mu",BLOCKED_ACCOUNT_IP:"limit_sul",BLOCKED_ACCOUNT_EMAIL:"limit_wc",MFA_REQUIRED:"mfar",MANAGEMENT_API_READ_OPERATION:"mgmt_api_read",FAILED_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_failed",SUCCESSFUL_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_succeeded",FAILED_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_failed",SUCCESSFUL_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_succeeded",ORGANIZATION_MEMBER_ADDED:"organization_member_added",PASSKEY_CHALLENGE_FAILED:"passkey_challenge_failed",PASSKEY_CHALLENGE_STARTED:"passkey_challenge_started",PRE_LOGIN_ASSESSMENT:"pla",BREACHED_PASSWORD:"pwd_leak",BREACHED_PASSWORD_ON_RESET:"reset_pwd_leak",SUCCESS_RESOURCE_CLEANUP:"resource_cleanup",RICH_CONSENTS_ACCESS_ERROR:"rich_consents_access_error",SUCCESS_LOGIN:"s",SUCCESS_API_OPERATION:"sapi",SUCCESS_CHANGE_EMAIL:"sce",SUCCESS_CROSS_ORIGIN_AUTHENTICATION:"scoa",SUCCESS_CHANGE_PASSWORD:"scp",SUCCESS_CHANGE_PHONE_NUMBER:"scpn",SUCCESS_CHANGE_PASSWORD_REQUEST:"scpr",SUCCESS_CHANGE_USERNAME:"scu",SUCCESS_CREDENTIAL_VALIDATION:"scv",SUCCESS_DELEGATION:"sd",SUCCESS_USER_DELETION:"sdu",SUCCESS_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"seacft",SUCCESS_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"seccft",SUCCESS_EXCHANGE_CUSTOM_TOKEN:"secte",SUCCESS_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"sede",SUCCESS_EXCHANGE_NATIVE_SOCIAL_LOGIN:"sens",SUCCESS_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"seoobft",SUCCESS_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"seotpft",SUCCESS_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"sepft",SUCCESS_EXCHANGE_PASSKEY_OOB_FOR_ACCESS_TOKEN:"sepkoobft",SUCCESS_EXCHANGE_PASSKEY_OTP_FOR_ACCESS_TOKEN:"sepkotpft",SUCCESS_EXCHANGE_PASSKEY_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sepkrcft",SUCCESS_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sercft",SUCCESS_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"sertft",SUCCESS_IMPERSONATION:"simp",SUCCESSFULLY_ACCEPTED_USER_INVITE:"si",BREACHED_PASSWORD_ON_SIGNUP:"signup_pwd_leak",SUCCESS_LOGOUT:"slo",SUCCESS_REVOCATION:"srrt",SUCCESS_SIGNUP:"ss",FAILED_SS_SSO_OPERATION:"ss_sso_failure",INFORMATION_FROM_SS_SSO_OPERATION:"ss_sso_info",SUCCESS_SS_SSO_OPERATION:"ss_sso_success",SUCCESS_SILENT_AUTH:"ssa",SUCCESSFUL_SCIM_OPERATION:"sscim",SUCCESSFULLY_IMPORTED_USERS:"sui",SUCCESS_VERIFICATION_EMAIL:"sv",SUCCESS_VERIFICATION_EMAIL_REQUEST:"svr",MAX_AMOUNT_OF_AUTHENTICATORS:"too_many_records",USER_LOGIN_BLOCK_RELEASED:"ublkdu",FAILED_UNIVERSAL_LOGOUT:"universal_logout_failed",SUCCESSFUL_UNIVERSAL_LOGOUT:"universal_logout_succeeded",WARNING_DURING_LOGIN:"w",WARNING_SENDING_NOTIFICATION:"wn",WARNING_USER_MANAGEMENT:"wum"},Ut=e.z.string().refine(o=>Object.values(Ue).includes(o),{message:"Invalid log type"}),Fe=e.z.object({name:e.z.string(),version:e.z.string(),env:e.z.object({node:e.z.string().optional()}).optional()}),xe=e.z.object({country_code:e.z.string().length(2),city_name:e.z.string(),latitude:e.z.string(),longitude:e.z.string(),time_zone:e.z.string(),continent_code:e.z.string()}),Pe=e.z.object({type:Ut,date:e.z.string(),description:e.z.string().optional(),ip:e.z.string().optional(),user_agent:e.z.string().optional(),details:e.z.any().optional(),isMobile:e.z.boolean(),user_id:e.z.string().optional(),user_name:e.z.string().optional(),connection:e.z.string().optional(),connection_id:e.z.string().optional(),client_id:e.z.string().optional(),client_name:e.z.string().optional(),audience:e.z.string().optional(),scope:e.z.string().optional(),strategy:e.z.string().optional(),strategy_type:e.z.string().optional(),hostname:e.z.string().optional(),auth0_client:Fe.optional(),log_id:e.z.string().optional(),location_info:xe.optional()}),Ft=e.z.object({...Pe.shape,log_id:e.z.string()}),Me=e.z.object({id:e.z.string().optional(),user_id:e.z.string(),password:e.z.string(),algorithm:e.z.enum(["bcrypt","argon2id"]).default("argon2id"),is_current:e.z.boolean().default(!0)}),xt=Me.extend({id:e.z.string(),created_at:e.z.string(),updated_at:e.z.string()}),He=e.z.object({initial_user_agent:e.z.string().describe("First user agent of the device from which this user logged in"),initial_ip:e.z.string().describe("First IP address associated with this session"),initial_asn:e.z.string().describe("First autonomous system number associated with this session"),last_user_agent:e.z.string().describe("Last user agent of the device from which this user logged in"),last_ip:e.z.string().describe("Last IP address from which this user logged in"),last_asn:e.z.string().describe("Last autonomous system number from which this user logged in")}),Ge=e.z.object({id:e.z.string(),revoked_at:e.z.string().optional(),used_at:e.z.string().optional(),user_id:e.z.string().describe("The user ID associated with the session"),expires_at:e.z.string().optional(),login_session_id:e.z.string(),idle_expires_at:e.z.string().optional(),device:He.describe("Metadata related to the device used in the session"),clients:e.z.array(e.z.string()).describe("List of client details for the session")}),Pt=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),authenticated_at:e.z.string(),last_interaction_at:e.z.string(),...Ge.shape}),Mt=e.z.object({kid:e.z.string().openapi({description:"The key id of the signing key"}),cert:e.z.string().openapi({description:"The public certificate of the signing key"}),fingerprint:e.z.string().openapi({description:"The cert fingerprint"}),thumbprint:e.z.string().openapi({description:"The cert thumbprint"}),pkcs7:e.z.string().optional().openapi({description:"The private key in pkcs7 format"}),current:e.z.boolean().optional().openapi({description:"True if the key is the current key"}),next:e.z.boolean().optional().openapi({description:"True if the key is the next key"}),previous:e.z.boolean().optional().openapi({description:"True if the key is the previous key"}),current_since:e.z.string().optional().openapi({description:"The date and time when the key became the current key"}),current_until:e.z.string().optional().openapi({description:"The date and time when the current key was rotated"}),revoked:e.z.boolean().optional().openapi({description:"True if the key is revoked"}),revoked_at:e.z.string().optional().openapi({description:"The date and time when the key was revoked"}),connection:e.z.string().optional().openapi({description:"The connection identifier associated with the key"}),type:e.z.enum(["jwt_signing","saml_encryption"]).openapi({description:"The type of the signing key"})}),Be=e.z.object({id:e.z.string().optional(),audience:e.z.string(),friendly_name:e.z.string(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sender_email:e.z.string().email(),sender_name:e.z.string(),session_lifetime:e.z.number().optional(),idle_session_lifetime:e.z.number().optional(),ephemeral_session_lifetime:e.z.number().optional(),idle_ephemeral_session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),allowed_logout_urls:e.z.array(e.z.string()).optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_changing_enable_sso:e.z.boolean().optional(),allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),change_pwd_flow_v1:e.z.boolean().optional(),custom_domains_provisioning:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),disable_impersonation:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),enable_sso:e.z.boolean().optional(),enforce_client_authentication_on_passwordless_start:e.z.boolean().optional(),genai_trial:e.z.boolean().optional(),improved_signup_bot_detection_in_classic:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional(),no_disclose_enterprise_connections:e.z.boolean().optional(),remove_alg_from_jwks:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),trust_azure_adfs_email_verified_connection_property:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),inherit_global_permissions_in_organizations:e.z.boolean().optional()}).optional(),sandbox_version:e.z.string().optional(),legacy_sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),device_flow:e.z.object({charset:e.z.enum(["base20","digits"]).optional(),mask:e.z.string().max(20).optional()}).optional(),default_token_quota:e.z.object({clients:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional(),organizations:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),oidc_logout:e.z.object({rp_logout_end_session_endpoint_discovery:e.z.boolean().optional()}).optional(),allow_organization_name_in_authentication_api:e.z.boolean().optional(),customize_mfa_in_postlogin_action:e.z.boolean().optional(),acr_values_supported:e.z.array(e.z.string()).optional(),mtls:e.z.object({enable_endpoint_aliases:e.z.boolean().optional()}).optional(),pushed_authorization_requests_supported:e.z.boolean().optional(),authorization_response_iss_parameter_supported:e.z.boolean().optional(),mfa:e.z.object({factors:e.z.object({sms:e.z.boolean().default(!1),otp:e.z.boolean().default(!1),email:e.z.boolean().default(!1),push_notification:e.z.boolean().default(!1),webauthn_roaming:e.z.boolean().default(!1),webauthn_platform:e.z.boolean().default(!1),recovery_code:e.z.boolean().default(!1),duo:e.z.boolean().default(!1)}).optional(),sms_provider:e.z.object({provider:e.z.enum(["twilio","vonage","aws_sns","phone_message_hook"]).optional()}).optional(),twilio:e.z.object({sid:e.z.string().optional(),auth_token:e.z.string().optional(),from:e.z.string().optional(),messaging_service_sid:e.z.string().optional()}).optional(),phone_message:e.z.object({message:e.z.string().optional()}).optional()}).optional()}),Ht=e.z.object({created_at:e.z.string().nullable().transform(o=>o??""),updated_at:e.z.string().nullable().transform(o=>o??""),...Be.shape,id:e.z.string()});var We=(o=>(o.RefreshToken="refresh_token",o.AuthorizationCode="authorization_code",o.ClientCredential="client_credentials",o.Passwordless="passwordless",o.Password="password",o.OTP="http://auth0.com/oauth/grant-type/passwordless/otp",o))(We||{});const Gt=e.z.object({access_token:e.z.string(),id_token:e.z.string().optional(),scope:e.z.string().optional(),state:e.z.string().optional(),refresh_token:e.z.string().optional(),token_type:e.z.string(),expires_in:e.z.number()});e.z.object({code:e.z.string(),state:e.z.string().optional()});const Ke=e.z.object({button_border_radius:e.z.number(),button_border_weight:e.z.number(),buttons_style:e.z.enum(["pill","rounded","sharp"]),input_border_radius:e.z.number(),input_border_weight:e.z.number(),inputs_style:e.z.enum(["pill","rounded","sharp"]),show_widget_shadow:e.z.boolean(),widget_border_weight:e.z.number(),widget_corner_radius:e.z.number()}),qe=e.z.object({base_focus_color:e.z.string(),base_hover_color:e.z.string(),body_text:e.z.string(),captcha_widget_theme:e.z.enum(["auto","dark","light"]),error:e.z.string(),header:e.z.string(),icons:e.z.string(),input_background:e.z.string(),input_border:e.z.string(),input_filled_text:e.z.string(),input_labels_placeholders:e.z.string(),links_focused_components:e.z.string(),primary_button:e.z.string(),primary_button_label:e.z.string(),secondary_button_border:e.z.string(),secondary_button_label:e.z.string(),success:e.z.string(),widget_background:e.z.string(),widget_border:e.z.string()}),_=e.z.object({bold:e.z.boolean(),size:e.z.number()}),Xe=e.z.object({body_text:_,buttons_text:_,font_url:e.z.string(),input_labels:_,links:_,links_style:e.z.enum(["normal","underlined"]),reference_text_size:e.z.number(),subtitle:_,title:_}),Ve=e.z.object({background_color:e.z.string(),background_image_url:e.z.string(),page_layout:e.z.enum(["center","left","right"])}),Ye=e.z.object({header_text_alignment:e.z.enum(["center","left","right"]),logo_height:e.z.number(),logo_position:e.z.enum(["center","left","none","right"]),logo_url:e.z.string(),social_buttons_layout:e.z.enum(["bottom","top"])}),Qe=e.z.object({borders:Ke,colors:qe,displayName:e.z.string(),fonts:Xe,page_background:Ve,widget:Ye}),Bt=Qe.extend({themeId:e.z.string()}),Wt=e.z.object({universal_login_experience:e.z.enum(["new","classic"]).default("new"),identifier_first:e.z.boolean().default(!0),password_first:e.z.boolean().default(!1),webauthn_platform_first_factor:e.z.boolean()}),Kt=e.z.object({name:e.z.string(),enabled:e.z.boolean().optional().default(!0),default_from_address:e.z.string().optional(),credentials:e.z.union([e.z.object({accessKeyId:e.z.string(),secretAccessKey:e.z.string(),region:e.z.string()}),e.z.object({smtp_host:e.z.array(e.z.string()),smtp_port:e.z.number(),smtp_user:e.z.string(),smtp_pass:e.z.string()}),e.z.object({api_key:e.z.string(),domain:e.z.string().optional()}),e.z.object({connectionString:e.z.string()}),e.z.object({tenantId:e.z.string(),clientId:e.z.string(),clientSecret:e.z.string()})]),settings:e.z.object({}).optional()}),Je=e.z.object({id:e.z.string(),login_id:e.z.string(),user_id:e.z.string(),client_id:e.z.string(),expires_at:e.z.string().optional(),idle_expires_at:e.z.string().optional(),last_exchanged_at:e.z.string().optional(),device:He,resource_servers:e.z.array(e.z.object({audience:e.z.string(),scopes:e.z.string()})),rotating:e.z.boolean()}),qt=e.z.object({created_at:e.z.string(),...Je.shape}),Xt=e.z.object({to:e.z.string(),message:e.z.string()}),Vt=e.z.object({name:e.z.string(),options:e.z.object({})}),Ze=e.z.object({value:e.z.string(),description:e.z.string().optional()}),$e=e.z.object({token_dialect:e.z.enum(["access_token","access_token_authz"]).optional(),enforce_policies:e.z.boolean().optional(),allow_skipping_userinfo:e.z.boolean().optional(),skip_userinfo:e.z.boolean().optional(),persist_client_authorization:e.z.boolean().optional(),enable_introspection_endpoint:e.z.boolean().optional(),mtls:e.z.object({bound_access_tokens:e.z.boolean().optional()}).optional()}),eo=e.z.object({id:e.z.string().optional(),name:e.z.string(),identifier:e.z.string(),scopes:e.z.array(Ze).optional(),signing_alg:e.z.string().optional(),signing_secret:e.z.string().optional(),token_lifetime:e.z.number().optional(),token_lifetime_for_web:e.z.number().optional(),skip_consent_for_verifiable_first_party_clients:e.z.boolean().optional(),allow_offline_access:e.z.boolean().optional(),verificationKey:e.z.string().optional(),options:$e.optional(),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional()}),oo=e.z.object({...eo.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),Yt=e.z.array(oo),to=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string()}),no=e.z.object({...to.shape,created_at:e.z.string()}),Qt=e.z.array(no),io=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string(),organization_id:e.z.string().optional()}),ao=e.z.object({...io.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),Jt=e.z.array(ao),ro=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional(),organization_id:e.z.string().optional()}),Zt=e.z.array(ro),so=e.z.object({user_id:e.z.string(),role_id:e.z.string(),organization_id:e.z.string().optional()}),lo=e.z.object({...so.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),$t=e.z.array(lo),co=e.z.object({id:e.z.string().optional().openapi({description:"The unique identifier of the role. If not provided, one will be generated."}),name:e.z.string().min(1).max(50).openapi({description:"The name of the role. Cannot include '<' or '>'"}),description:e.z.string().max(255).optional().openapi({description:"The description of the role"}),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional().openapi({description:"Metadata associated with the role. Can be used to control sync behavior in multi-tenancy scenarios."})}),po=co.extend({id:e.z.string().openapi({description:"The unique identifier of the role"}),created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),en=e.z.array(po),_o=e.z.object({logo_url:e.z.string().optional().openapi({description:"URL of the organization's logo"}),colors:e.z.object({primary:e.z.string().optional().openapi({description:"Primary color in hex format (e.g., #FF0000)"}),page_background:e.z.string().optional().openapi({description:"Page background color in hex format (e.g., #FFFFFF)"})}).optional()}).optional(),zo=e.z.object({connection_id:e.z.string().openapi({description:"ID of the connection"}),assign_membership_on_login:e.z.boolean().default(!1).openapi({description:"Whether to assign membership to the organization on login"}),show_as_button:e.z.boolean().default(!0).openapi({description:"Whether to show this connection as a button in the login screen"}),is_signup_enabled:e.z.boolean().default(!0).openapi({description:"Whether signup is enabled for this connection"})}),go=e.z.object({client_credentials:e.z.object({enforce:e.z.boolean().default(!1).openapi({description:"Whether to enforce token quota limits"}),per_day:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per day (0 = unlimited)"}),per_hour:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per hour (0 = unlimited)"})}).optional()}).optional(),mo=e.z.object({id:e.z.string().optional(),name:e.z.string().min(1).regex(/^[a-z0-9_-]+$/,{message:"Organization name must be lowercase and can only contain letters, numbers, hyphens, and underscores"}).openapi({description:"The name of the organization. Must be lowercase and can only contain letters, numbers, hyphens, and underscores."}),display_name:e.z.string().optional().openapi({description:"The display name of the organization"}),branding:_o,metadata:e.z.record(e.z.any()).default({}).optional().openapi({description:"Custom metadata for the organization"}),enabled_connections:e.z.array(zo).default([]).optional().openapi({description:"List of enabled connections for the organization"}),token_quota:go}),on=e.z.object({...mo.shape,...s.shape,id:e.z.string(),name:e.z.string().min(1).openapi({description:"The name of the organization"})}),uo=e.z.object({user_id:e.z.string().openapi({description:"ID of the user"}),organization_id:e.z.string().openapi({description:"ID of the organization"})}),tn=e.z.object({...uo.shape,...s.shape,id:e.z.string()}),nn=e.z.object({idle_session_lifetime:e.z.number().optional(),session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),enable_client_connections:e.z.boolean().optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional()}).optional(),friendly_name:e.z.string().optional(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),mfa:e.z.object({factors:e.z.object({sms:e.z.boolean().default(!1),otp:e.z.boolean().default(!1),email:e.z.boolean().default(!1),push_notification:e.z.boolean().default(!1),webauthn_roaming:e.z.boolean().default(!1),webauthn_platform:e.z.boolean().default(!1),recovery_code:e.z.boolean().default(!1),duo:e.z.boolean().default(!1)}).optional(),sms_provider:e.z.object({provider:e.z.enum(["twilio","vonage","aws_sns","phone_message_hook"]).optional()}).optional(),twilio:e.z.object({sid:e.z.string().optional(),auth_token:e.z.string().optional(),from:e.z.string().optional(),messaging_service_sid:e.z.string().optional()}).optional(),phone_message:e.z.object({message:e.z.string().optional()}).optional()}).optional()}),an=e.z.object({date:e.z.string().openapi({description:"Date these events occurred in ISO 8601 format",example:"2025-12-19"}),logins:e.z.number().openapi({description:"Number of logins on this date",example:150}),signups:e.z.number().openapi({description:"Number of signups on this date",example:25}),leaked_passwords:e.z.number().openapi({description:"Number of breached-password detections on this date (subscription required)",example:0}),updated_at:e.z.string().openapi({description:"Date and time this stats entry was last updated in ISO 8601 format",example:"2025-12-19T10:30:00.000Z"}),created_at:e.z.string().openapi({description:"Approximate date and time the first event occurred in ISO 8601 format",example:"2025-12-19T00:00:00.000Z"})}),rn=e.z.number().openapi({description:"Number of active users in the last 30 days",example:1234}),ho=e.z.enum(["login","login-id","login-password","signup","signup-id","signup-password","reset-password","consent","mfa","mfa-push","mfa-otp","mfa-voice","mfa-phone","mfa-webauthn","mfa-sms","mfa-email","mfa-recovery-code","status","device-flow","email-verification","email-otp-challenge","organizations","invitation","common","passkeys","captcha","custom-form"]),bo=e.z.record(e.z.string(),e.z.record(e.z.string(),e.z.string())).openapi({type:"object",additionalProperties:{type:"object",additionalProperties:{type:"string"}}}),sn=e.z.object({prompt:ho,language:e.z.string(),custom_text:bo});function ln(o){const[n,i]=o.split("|");if(!n||!i)throw new Error(`Invalid user_id: ${o}`);return{connection:n,id:i}}function cn(o){const{primary:n,secondaries:i,syncMethods:k=["create","update","remove","delete","set"]}=o,f={get(c,a){if(typeof a=="symbol")return c[a];const p=c[a];return typeof p!="function"?p:k.includes(a)?async(...z)=>{const S=await p.apply(c,z),g=[];for(const r of i){const u=r.adapter[a];if(typeof u!="function")continue;const E=(async()=>{try{await u.apply(r.adapter,z)}catch(h){try{r.onError?r.onError(h,a,z):console.error(`Passthrough adapter: secondary write failed for ${a}:`,h)}catch(A){console.error(`Passthrough adapter: onError handler threw for ${a}:`,A)}}})();r.blocking&&g.push(E)}return g.length>0&&await Promise.all(g),S}:p.bind(c)}};return new Proxy(n,f)}function pn(o){return o}function _n(o){var f,c,a,p,z,S,g,r,u,E,h,A;const n=o==null?void 0:o.options;if(!n)return{usernameIdentifierActive:!1,emailIdentifierActive:!0,usernameMinLength:1,usernameMaxLength:15};const i=n.attributes;if(i){const fo=((c=(f=i.username)==null?void 0:f.identifier)==null?void 0:c.active)===!0,So=((p=(a=i.email)==null?void 0:a.identifier)==null?void 0:p.active)!==!1,Eo=((S=(z=i.username)==null?void 0:z.validation)==null?void 0:S.min_length)??1,Ao=((r=(g=i.username)==null?void 0:g.validation)==null?void 0:r.max_length)??15;return{usernameIdentifierActive:fo,emailIdentifierActive:So,usernameMinLength:Eo,usernameMaxLength:Ao}}return{usernameIdentifierActive:n.requires_username===!0,emailIdentifierActive:!0,usernameMinLength:((E=(u=n.validation)==null?void 0:u.username)==null?void 0:E.min)??1,usernameMaxLength:((A=(h=n.validation)==null?void 0:h.username)==null?void 0:A.max)??15}}exports.Auth0ActionEnum=yo;exports.Auth0Client=Fe;exports.AuthorizationResponseMode=N;exports.AuthorizationResponseType=O;exports.CodeChallengeMethod=R;exports.ComponentCategory=T;exports.ComponentType=C;exports.EmailActionEnum=Co;exports.FORM_FIELD_TYPES=zt;exports.FlowActionTypeEnum=Io;exports.GrantType=We;exports.LocationInfo=xe;exports.LogTypes=Ue;exports.LoginSessionState=v;exports.NodeType=ne;exports.RedirectTargetEnum=P;exports.actionNodeSchema=re;exports.activeUsersResponseSchema=rn;exports.addressSchema=K;exports.auth0FlowInsertSchema=ko;exports.auth0FlowSchema=_e;exports.auth0QuerySchema=Oo;exports.auth0UpdateUserActionSchema=F;exports.auth0UserResponseSchema=Ro;exports.authParamsSchema=de;exports.baseUserSchema=y;exports.blockComponentSchema=Se;exports.bordersSchema=Ke;exports.brandingSchema=Uo;exports.buttonComponentSchema=Z;exports.clientGrantInsertSchema=Y;exports.clientGrantListSchema=vo;exports.clientGrantSchema=Q;exports.clientInsertSchema=V;exports.clientSchema=Do;exports.codeInsertSchema=ge;exports.codeSchema=Fo;exports.codeTypeSchema=ze;exports.colorsSchema=qe;exports.componentMessageSchema=Ce;exports.componentSchema=te;exports.connectionInsertSchema=ue;exports.connectionOptionsSchema=me;exports.connectionSchema=xo;exports.coordinatesSchema=d;exports.createPassthroughAdapter=cn;exports.createWriteOnlyAdapter=pn;exports.customDomainInsertSchema=he;exports.customDomainSchema=fe;exports.customDomainWithTenantIdSchema=Po;exports.customTextEntrySchema=sn;exports.customTextSchema=bo;exports.dailyStatsSchema=an;exports.emailProviderSchema=Kt;exports.emailVerificationRulesSchema=U;exports.emailVerifyActionSchema=x;exports.endingSchema=pe;exports.fieldComponentSchema=Ae;exports.flowActionStepSchema=H;exports.flowInsertSchema=G;exports.flowSchema=To;exports.flowsFieldComponentSchema=ee;exports.flowsFlowNodeSchema=ae;exports.flowsStepNodeSchema=ie;exports.fontDetailsSchema=_;exports.fontsSchema=Xe;exports.formControlSchema=gt;exports.formInsertSchema=ye;exports.formNodeComponentDefinition=L;exports.formNodeSchema=Ie;exports.formSchema=bt;exports.genericComponentSchema=oe;exports.genericNodeSchema=se;exports.getConnectionIdentifierConfig=_n;exports.hookInsertSchema=Ot;exports.hookSchema=jt;exports.hookTemplateId=D;exports.hookTemplates=It;exports.identitySchema=W;exports.inviteInsertSchema=Le;exports.inviteSchema=Lt;exports.inviteeSchema=je;exports.inviterSchema=we;exports.isBlockComponent=St;exports.isFieldComponent=At;exports.isWidgetComponent=Et;exports.jwksKeySchema=Dt;exports.jwksSchema=De;exports.legalComponentSchema=$;exports.logInsertSchema=Pe;exports.logSchema=Ft;exports.loginSessionInsertSchema=ke;exports.loginSessionSchema=kt;exports.loginSessionStateSchema=ve;exports.nodeSchema=le;exports.openIDConfigurationSchema=vt;exports.organizationBrandingSchema=_o;exports.organizationEnabledConnectionSchema=zo;exports.organizationInsertSchema=mo;exports.organizationSchema=on;exports.organizationTokenQuotaSchema=go;exports.pageBackgroundSchema=Ve;exports.parseUserId=ln;exports.passwordInsertSchema=Me;exports.passwordSchema=xt;exports.profileDataSchema=B;exports.promptScreenSchema=ho;exports.promptSettingSchema=Wt;exports.redirectActionSchema=M;exports.refreshTokenInsertSchema=Je;exports.refreshTokenSchema=qt;exports.resourceServerInsertSchema=eo;exports.resourceServerListSchema=Yt;exports.resourceServerOptionsSchema=$e;exports.resourceServerSchema=oo;exports.resourceServerScopeSchema=Ze;exports.richTextComponentSchema=J;exports.roleInsertSchema=co;exports.roleListSchema=en;exports.rolePermissionInsertSchema=to;exports.rolePermissionListSchema=Qt;exports.rolePermissionSchema=no;exports.roleSchema=po;exports.screenLinkSchema=Te;exports.sessionInsertSchema=Ge;exports.sessionSchema=Pt;exports.signingKeySchema=Mt;exports.smsProviderSchema=Vt;exports.smsSendParamsSchema=Xt;exports.startSchema=ce;exports.tenantInsertSchema=Be;exports.tenantSchema=Ht;exports.tenantSettingsSchema=nn;exports.themeInsertSchema=Qe;exports.themeSchema=Bt;exports.tokenResponseSchema=Gt;exports.totalsSchema=No;exports.uiScreenSchema=ft;exports.userInsertSchema=q;exports.userOrganizationInsertSchema=uo;exports.userOrganizationSchema=tn;exports.userPermissionInsertSchema=io;exports.userPermissionListSchema=Jt;exports.userPermissionSchema=ao;exports.userPermissionWithDetailsListSchema=Zt;exports.userPermissionWithDetailsSchema=ro;exports.userResponseSchema=wo;exports.userRoleInsertSchema=so;exports.userRoleListSchema=$t;exports.userRoleSchema=lo;exports.userSchema=X;exports.verificationMethodsSchema=be;exports.widgetComponentSchema=Ee;exports.widgetSchema=Ye;
package/dist/adapter-interfaces.d.ts CHANGED
@@ -10899,6 +10899,11 @@ export declare const connectionOptionsSchema: z.ZodObject<{
10899
10899
  max?: number | undefined;
10900
10900
  } | undefined;
10901
10901
  }>>;
10902
+ set_user_root_attributes: z.ZodOptional<z.ZodEnum<[
10903
+ "on_each_login",
10904
+ "on_first_login",
10905
+ "never_on_login"
10906
+ ]>>;
10902
10907
  }, "strip", z.ZodTypeAny, {
10903
10908
  validation?: {
10904
10909
  username?: {
@@ -11001,6 +11006,7 @@ export declare const connectionOptionsSchema: z.ZodObject<{
11001
11006
  progressive_enrollment_enabled?: boolean | undefined;
11002
11007
  } | undefined;
11003
11008
  requires_username?: boolean | undefined;
11009
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
11004
11010
  }, {
11005
11011
  validation?: {
11006
11012
  username?: {
@@ -11103,6 +11109,7 @@ export declare const connectionOptionsSchema: z.ZodObject<{
11103
11109
  progressive_enrollment_enabled?: boolean | undefined;
11104
11110
  } | undefined;
11105
11111
  requires_username?: boolean | undefined;
11112
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
11106
11113
  }>;
11107
11114
  export declare const connectionInsertSchema: z.ZodObject<{
11108
11115
  id: z.ZodOptional<z.ZodString>;
@@ -11524,6 +11531,11 @@ export declare const connectionInsertSchema: z.ZodObject<{
11524
11531
  max?: number | undefined;
11525
11532
  } | undefined;
11526
11533
  }>>;
11534
+ set_user_root_attributes: z.ZodOptional<z.ZodEnum<[
11535
+ "on_each_login",
11536
+ "on_first_login",
11537
+ "never_on_login"
11538
+ ]>>;
11527
11539
  }, "strip", z.ZodTypeAny, {
11528
11540
  validation?: {
11529
11541
  username?: {
@@ -11626,6 +11638,7 @@ export declare const connectionInsertSchema: z.ZodObject<{
11626
11638
  progressive_enrollment_enabled?: boolean | undefined;
11627
11639
  } | undefined;
11628
11640
  requires_username?: boolean | undefined;
11641
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
11629
11642
  }, {
11630
11643
  validation?: {
11631
11644
  username?: {
@@ -11728,6 +11741,7 @@ export declare const connectionInsertSchema: z.ZodObject<{
11728
11741
  progressive_enrollment_enabled?: boolean | undefined;
11729
11742
  } | undefined;
11730
11743
  requires_username?: boolean | undefined;
11744
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
11731
11745
  }>>;
11732
11746
  enabled_clients: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
11733
11747
  response_type: z.ZodOptional<z.ZodType<AuthorizationResponseType, z.ZodTypeDef, AuthorizationResponseType>>;
@@ -11839,6 +11853,7 @@ export declare const connectionInsertSchema: z.ZodObject<{
11839
11853
  progressive_enrollment_enabled?: boolean | undefined;
11840
11854
  } | undefined;
11841
11855
  requires_username?: boolean | undefined;
11856
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
11842
11857
  };
11843
11858
  name: string;
11844
11859
  strategy: string;
@@ -11956,6 +11971,7 @@ export declare const connectionInsertSchema: z.ZodObject<{
11956
11971
  progressive_enrollment_enabled?: boolean | undefined;
11957
11972
  } | undefined;
11958
11973
  requires_username?: boolean | undefined;
11974
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
11959
11975
  } | undefined;
11960
11976
  id?: string | undefined;
11961
11977
  is_system?: boolean | undefined;
@@ -12391,6 +12407,11 @@ export declare const connectionSchema: z.ZodObject<{
12391
12407
  max?: number | undefined;
12392
12408
  } | undefined;
12393
12409
  }>>;
12410
+ set_user_root_attributes: z.ZodOptional<z.ZodEnum<[
12411
+ "on_each_login",
12412
+ "on_first_login",
12413
+ "never_on_login"
12414
+ ]>>;
12394
12415
  }, "strip", z.ZodTypeAny, {
12395
12416
  validation?: {
12396
12417
  username?: {
@@ -12493,6 +12514,7 @@ export declare const connectionSchema: z.ZodObject<{
12493
12514
  progressive_enrollment_enabled?: boolean | undefined;
12494
12515
  } | undefined;
12495
12516
  requires_username?: boolean | undefined;
12517
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
12496
12518
  }, {
12497
12519
  validation?: {
12498
12520
  username?: {
@@ -12595,6 +12617,7 @@ export declare const connectionSchema: z.ZodObject<{
12595
12617
  progressive_enrollment_enabled?: boolean | undefined;
12596
12618
  } | undefined;
12597
12619
  requires_username?: boolean | undefined;
12620
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
12598
12621
  }>>;
12599
12622
  enabled_clients: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
12600
12623
  response_type: z.ZodOptional<z.ZodType<AuthorizationResponseType, z.ZodTypeDef, AuthorizationResponseType>>;
@@ -12708,6 +12731,7 @@ export declare const connectionSchema: z.ZodObject<{
12708
12731
  progressive_enrollment_enabled?: boolean | undefined;
12709
12732
  } | undefined;
12710
12733
  requires_username?: boolean | undefined;
12734
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
12711
12735
  };
12712
12736
  name: string;
12713
12737
  strategy: string;
@@ -12827,6 +12851,7 @@ export declare const connectionSchema: z.ZodObject<{
12827
12851
  progressive_enrollment_enabled?: boolean | undefined;
12828
12852
  } | undefined;
12829
12853
  requires_username?: boolean | undefined;
12854
+ set_user_root_attributes?: "on_each_login" | "on_first_login" | "never_on_login" | undefined;
12830
12855
  } | undefined;
12831
12856
  id?: string | undefined;
12832
12857
  is_system?: boolean | undefined;
@@ -40793,6 +40818,7 @@ export declare const loginSessionInsertSchema: z.ZodObject<{
40793
40818
  state_data: z.ZodOptional<z.ZodString>;
40794
40819
  failure_reason: z.ZodOptional<z.ZodString>;
40795
40820
  user_id: z.ZodOptional<z.ZodString>;
40821
+ auth_connection: z.ZodOptional<z.ZodString>;
40796
40822
  }, "strip", z.ZodTypeAny, {
40797
40823
  state: LoginSessionState;
40798
40824
  expires_at: string;
@@ -40826,6 +40852,7 @@ export declare const loginSessionInsertSchema: z.ZodObject<{
40826
40852
  authorization_url?: string | undefined;
40827
40853
  state_data?: string | undefined;
40828
40854
  failure_reason?: string | undefined;
40855
+ auth_connection?: string | undefined;
40829
40856
  }, {
40830
40857
  expires_at: string;
40831
40858
  csrf_token: string;
@@ -40859,6 +40886,7 @@ export declare const loginSessionInsertSchema: z.ZodObject<{
40859
40886
  authorization_url?: string | undefined;
40860
40887
  state_data?: string | undefined;
40861
40888
  failure_reason?: string | undefined;
40889
+ auth_connection?: string | undefined;
40862
40890
  }>;
40863
40891
  export type LoginSessionInsert = z.input<typeof loginSessionInsertSchema>;
40864
40892
  export declare const loginSessionSchema: z.ZodObject<{
@@ -40935,6 +40963,7 @@ export declare const loginSessionSchema: z.ZodObject<{
40935
40963
  state_data: z.ZodOptional<z.ZodString>;
40936
40964
  failure_reason: z.ZodOptional<z.ZodString>;
40937
40965
  user_id: z.ZodOptional<z.ZodString>;
40966
+ auth_connection: z.ZodOptional<z.ZodString>;
40938
40967
  }, "strip", z.ZodTypeAny, {
40939
40968
  created_at: string;
40940
40969
  updated_at: string;
@@ -40971,6 +41000,7 @@ export declare const loginSessionSchema: z.ZodObject<{
40971
41000
  authorization_url?: string | undefined;
40972
41001
  state_data?: string | undefined;
40973
41002
  failure_reason?: string | undefined;
41003
+ auth_connection?: string | undefined;
40974
41004
  }, {
40975
41005
  created_at: string;
40976
41006
  updated_at: string;
@@ -41007,6 +41037,7 @@ export declare const loginSessionSchema: z.ZodObject<{
41007
41037
  authorization_url?: string | undefined;
41008
41038
  state_data?: string | undefined;
41009
41039
  failure_reason?: string | undefined;
41040
+ auth_connection?: string | undefined;
41010
41041
  }>;
41011
41042
  export type LoginSession = z.infer<typeof loginSessionSchema>;
41012
41043
  export declare const LogTypes: {
package/dist/adapter-interfaces.mjs CHANGED
@@ -185,7 +185,7 @@ const s = e.object({
185
185
  email: e.string().optional(),
186
186
  login_count: e.number().default(0),
187
187
  identities: e.array(Z).optional()
188
- }), mt = oe, bt = N.extend({
188
+ }), mt = oe, ht = N.extend({
189
189
  login_count: e.number(),
190
190
  multifactor: e.array(e.string()).optional(),
191
191
  last_ip: e.string().optional(),
@@ -371,7 +371,7 @@ const ie = e.object({
371
371
  description: "Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"
372
372
  }),
373
373
  token_quota: e.record(e.any()).default({}).optional()
374
- }), ht = e.object({
374
+ }), bt = e.object({
375
375
  created_at: e.string(),
376
376
  updated_at: e.string(),
377
377
  ...ie.shape
@@ -553,7 +553,7 @@ const ue = e.object({
553
553
  flow_id: e.string(),
554
554
  next_node: e.string()
555
555
  })
556
- }), be = e.object({
556
+ }), he = e.object({
557
557
  id: e.string(),
558
558
  type: e.literal(
559
559
  "ACTION"
@@ -575,15 +575,15 @@ const ue = e.object({
575
575
  description: "The next node to navigate to after action (for non-redirect actions)"
576
576
  })
577
577
  }).passthrough()
578
- }), he = e.object({
578
+ }), be = e.object({
579
579
  id: e.string(),
580
580
  type: e.string(),
581
581
  coordinates: u
582
582
  }).passthrough(), fe = e.union([
583
583
  ue,
584
584
  me,
585
- be,
586
- he
585
+ he,
586
+ be
587
587
  ]), Ee = e.object({
588
588
  next_node: e.string(),
589
589
  coordinates: u
@@ -802,7 +802,9 @@ const Ie = e.object({
802
802
  min: e.number().optional(),
803
803
  max: e.number().optional()
804
804
  }).optional()
805
- }).optional()
805
+ }).optional(),
806
+ // Controls when root user attributes are updated from external IdP
807
+ set_user_root_attributes: e.enum(["on_each_login", "on_first_login", "never_on_login"]).optional()
806
808
  }), Oe = e.object({
807
809
  id: e.string().optional(),
808
810
  name: e.string(),
@@ -1293,15 +1295,15 @@ const k = e.enum([
1293
1295
  ...m,
1294
1296
  trigger_id: U,
1295
1297
  form_id: e.string()
1296
- }), bo = e.object({
1298
+ }), ho = e.object({
1297
1299
  ...m,
1298
1300
  trigger_id: F,
1299
1301
  template_id: x
1300
1302
  }), Lt = e.union([
1301
1303
  uo,
1302
1304
  mo,
1303
- bo
1304
- ]), ho = e.object({
1305
+ ho
1306
+ ]), bo = e.object({
1305
1307
  ...m,
1306
1308
  trigger_id: k,
1307
1309
  ...s.shape,
@@ -1320,7 +1322,7 @@ const k = e.enum([
1320
1322
  hook_id: e.string(),
1321
1323
  template_id: x
1322
1324
  }), vt = e.union([
1323
- ho,
1325
+ bo,
1324
1326
  fo,
1325
1327
  Eo
1326
1328
  ]), So = e.object({
@@ -1406,8 +1408,10 @@ const Co = e.nativeEnum(P), To = e.object({
1406
1408
  state_data: e.string().optional(),
1407
1409
  // JSON: { hookId?, continuationScope?, continuationReturnUrl? }
1408
1410
  failure_reason: e.string().optional(),
1409
- user_id: e.string().optional()
1411
+ user_id: e.string().optional(),
1410
1412
  // Set once user is authenticated
1413
+ auth_connection: e.string().optional()
1414
+ // The connection used to authenticate (may differ from primary user's connection)
1411
1415
  }).openapi({
1412
1416
  description: "This represents a login sesion"
1413
1417
  }), xt = e.object({
@@ -2336,17 +2340,17 @@ function cn(o) {
2336
2340
  return typeof c != "function" ? c : O.includes(a) ? async (..._) => {
2337
2341
  const S = await c.apply(p, _), d = [];
2338
2342
  for (const r of i) {
2339
- const b = r.adapter[a];
2340
- if (typeof b != "function")
2343
+ const h = r.adapter[a];
2344
+ if (typeof h != "function")
2341
2345
  continue;
2342
2346
  const A = (async () => {
2343
2347
  try {
2344
- await b.apply(r.adapter, _);
2345
- } catch (h) {
2348
+ await h.apply(r.adapter, _);
2349
+ } catch (b) {
2346
2350
  try {
2347
- r.onError ? r.onError(h, a, _) : console.error(
2351
+ r.onError ? r.onError(b, a, _) : console.error(
2348
2352
  `Passthrough adapter: secondary write failed for ${a}:`,
2349
- h
2353
+ b
2350
2354
  );
2351
2355
  } catch (I) {
2352
2356
  console.error(
@@ -2368,7 +2372,7 @@ function _n(o) {
2368
2372
  return o;
2369
2373
  }
2370
2374
  function dn(o) {
2371
- var E, p, a, c, _, S, d, r, b, A, h, I;
2375
+ var E, p, a, c, _, S, d, r, h, A, b, I;
2372
2376
  const n = o == null ? void 0 : o.options;
2373
2377
  if (!n)
2374
2378
  return {
@@ -2390,8 +2394,8 @@ function dn(o) {
2390
2394
  return {
2391
2395
  usernameIdentifierActive: n.requires_username === !0,
2392
2396
  emailIdentifierActive: !0,
2393
- usernameMinLength: ((A = (b = n.validation) == null ? void 0 : b.username) == null ? void 0 : A.min) ?? 1,
2394
- usernameMaxLength: ((I = (h = n.validation) == null ? void 0 : h.username) == null ? void 0 : I.max) ?? 15
2397
+ usernameMinLength: ((A = (h = n.validation) == null ? void 0 : h.username) == null ? void 0 : A.min) ?? 1,
2398
+ usernameMaxLength: ((I = (b = n.validation) == null ? void 0 : b.username) == null ? void 0 : I.max) ?? 15
2395
2399
  };
2396
2400
  }
2397
2401
  export {
@@ -2411,7 +2415,7 @@ export {
2411
2415
  P as LoginSessionState,
2412
2416
  ge as NodeType,
2413
2417
  q as RedirectTargetEnum,
2414
- be as actionNodeSchema,
2418
+ he as actionNodeSchema,
2415
2419
  sn as activeUsersResponseSchema,
2416
2420
  $ as addressSchema,
2417
2421
  Et as auth0FlowInsertSchema,
@@ -2429,7 +2433,7 @@ export {
2429
2433
  ft as clientGrantListSchema,
2430
2434
  re as clientGrantSchema,
2431
2435
  ie as clientInsertSchema,
2432
- ht as clientSchema,
2436
+ bt as clientSchema,
2433
2437
  Ce as codeInsertSchema,
2434
2438
  At as codeSchema,
2435
2439
  ye as codeTypeSchema,
@@ -2467,7 +2471,7 @@ export {
2467
2471
  po as formNodeSchema,
2468
2472
  Ot as formSchema,
2469
2473
  _e as genericComponentSchema,
2470
- he as genericNodeSchema,
2474
+ be as genericNodeSchema,
2471
2475
  dn as getConnectionIdentifierConfig,
2472
2476
  Lt as hookInsertSchema,
2473
2477
  vt as hookSchema,
@@ -2541,7 +2545,7 @@ export {
2541
2545
  Yo as userPermissionSchema,
2542
2546
  $t as userPermissionWithDetailsListSchema,
2543
2547
  Qo as userPermissionWithDetailsSchema,
2544
- bt as userResponseSchema,
2548
+ ht as userResponseSchema,
2545
2549
  Jo as userRoleInsertSchema,
2546
2550
  en as userRoleListSchema,
2547
2551
  Zo as userRoleSchema,
package/package.json CHANGED
@@ -11,7 +11,7 @@
11
11
  "type": "git",
12
12
  "url": "https://github.com/markusahlstrand/authhero"
13
13
  },
14
- "version": "0.143.0",
14
+ "version": "0.145.0",
15
15
  "files": [
16
16
  "dist"
17
17
  ],