@authhero/adapter-interfaces 0.149.0 → 0.150.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/adapter-interfaces.cjs +1 -1
  2. package/dist/adapter-interfaces.d.ts +97 -28
  3. package/dist/adapter-interfaces.mjs +99 -78
  4. package/package.json +1 -1
package/dist/adapter-interfaces.cjs CHANGED
@@ -1 +1 @@
1
- "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("@hono/zod-openapi"),s=e.z.object({created_at:e.z.string(),updated_at:e.z.string()}),To=e.z.enum(["AUTH0","EMAIL","REDIRECT"]),Oo=e.z.enum(["CREATE_USER","GET_USER","UPDATE_USER","SEND_REQUEST","SEND_EMAIL"]),No=e.z.enum(["VERIFY_EMAIL"]),U=e.z.object({require_mx_record:e.z.boolean().optional(),block_aliases:e.z.boolean().optional(),block_free_emails:e.z.boolean().optional(),block_disposable_emails:e.z.boolean().optional(),blocklist:e.z.array(e.z.string()).optional(),allowlist:e.z.array(e.z.string()).optional()}),F=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("AUTH0"),action:e.z.literal("UPDATE_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({connection_id:e.z.string().optional(),user_id:e.z.string(),changes:e.z.record(e.z.string(),e.z.any())})}),x=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("EMAIL"),action:e.z.literal("VERIFY_EMAIL"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({email:e.z.string(),rules:U.optional()})}),P=e.z.enum(["change-email","account","custom"]),M=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("REDIRECT"),action:e.z.literal("REDIRECT_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({target:P.openapi({description:"The predefined target to redirect to, or 'custom' for a custom URL"}),custom_url:e.z.string().optional().openapi({description:"Custom URL to redirect to when target is 'custom'"})})}),H=e.z.union([F,x,M]),G=e.z.object({name:e.z.string().min(1).max(150).openapi({description:"The name of the flow"}),actions:e.z.array(H).optional().default([]).openapi({description:"The list of actions to execute in sequence"})}),wo=G.extend({...s.shape,id:e.z.string().openapi({description:"Unique identifier for the flow",example:"af_12tMpdJ3iek7svMyZkSh5M"})}),Ro=e.z.object({page:e.z.string().min(0).optional().default("0").transform(o=>parseInt(o,10)).openapi({description:"The page number where 0 is the first page"}),per_page:e.z.string().min(1).optional().default("10").transform(o=>parseInt(o,10)).openapi({description:"The number of items per page"}),include_totals:e.z.string().optional().default("false").transform(o=>o==="true").openapi({description:"If the total number of items should be included in the response"}),sort:e.z.string().regex(/^.+:(-1|1)$/).optional().openapi({description:"A property that should have the format 'string:-1' or 'string:1'"}),q:e.z.string().optional().openapi({description:"A lucene query string used to filter the results"})}),jo=e.z.object({start:e.z.number(),limit:e.z.number(),length:e.z.number(),total:e.z.number().optional()}),B=e.z.object({email:e.z.string().optional(),email_verified:e.z.boolean().optional(),name:e.z.string().optional(),username:e.z.string().optional(),given_name:e.z.string().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),family_name:e.z.string().optional()}).catchall(e.z.any()),W=e.z.object({connection:e.z.string(),user_id:e.z.string(),provider:e.z.string(),isSocial:e.z.boolean(),email:e.z.string().optional(),email_verified:e.z.boolean().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),username:e.z.string().optional(),access_token:e.z.string().optional(),access_token_secret:e.z.string().optional(),refresh_token:e.z.string().optional(),profileData:B.optional()}),K=e.z.object({formatted:e.z.string().optional(),street_address:e.z.string().optional(),locality:e.z.string().optional(),region:e.z.string().optional(),postal_code:e.z.string().optional(),country:e.z.string().optional()}).optional(),y=e.z.object({email:e.z.string().optional().transform(o=>o&&o.toLowerCase()),username:e.z.string().refine(o=>!o.includes("@"),{message:'Usernames must not contain "@". Use the email field for email addresses.'}).optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),given_name:e.z.string().optional(),family_name:e.z.string().optional(),nickname:e.z.string().optional(),name:e.z.string().optional(),picture:e.z.string().optional(),locale:e.z.string().optional(),linked_to:e.z.string().optional(),profileData:e.z.string().optional(),user_id:e.z.string().optional(),app_metadata:e.z.any().default({}).optional(),user_metadata:e.z.any().default({}).optional(),middle_name:e.z.string().optional(),preferred_username:e.z.string().optional(),profile:e.z.string().optional(),website:e.z.string().optional(),gender:e.z.string().optional(),birthdate:e.z.string().optional(),zoneinfo:e.z.string().optional(),address:K}),q=y.extend({email_verified:e.z.boolean().default(!1),verify_email:e.z.boolean().optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string().optional(),provider:e.z.string().optional(),connection:e.z.string(),is_social:e.z.boolean().optional(),password:e.z.object({hash:e.z.string(),algorithm:e.z.string()}).optional()}),V=e.z.object({...q.omit({password:!0}).shape,...s.shape,user_id:e.z.string(),provider:e.z.string(),is_social:e.z.boolean(),email:e.z.string().optional(),login_count:e.z.number().default(0),identities:e.z.array(W).optional()}),Do=V,Lo=y.extend({login_count:e.z.number(),multifactor:e.z.array(e.z.string()).optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string()}).catchall(e.z.any());let vo="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict",ko=(o=21)=>{let n="",i=crypto.getRandomValues(new Uint8Array(o|=0));for(;o--;)n+=vo[i[o]&63];return n};const X=e.z.object({client_id:e.z.string().openapi({description:"ID of this client."}),name:e.z.string().min(1).openapi({description:"Name of this client (min length: 1 character, does not allow < or >)."}),description:e.z.string().max(140).optional().openapi({description:"Free text description of this client (max length: 140 characters)."}),global:e.z.boolean().default(!1).openapi({description:"Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false)."}),client_secret:e.z.string().default(()=>ko()).optional().openapi({description:"Client secret (which you must not make public)."}),app_type:e.z.enum(["native","spa","regular_web","non_interactive","resource_server","express_configuration","rms","box","cloudbees","concur","dropbox","mscrm","echosign","egnyte","newrelic","office365","salesforce","sentry","sharepoint","slack","springcm","zendesk","zoom","sso_integration","oag"]).default("regular_web").optional().openapi({description:"The type of application this client represents"}),logo_uri:e.z.string().url().optional().openapi({description:"URL of the logo to display for this client. Recommended size is 150x150 pixels."}),is_first_party:e.z.boolean().default(!1).openapi({description:"Whether this client a first party client (true) or not (false)."}),oidc_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false)."}),auth0_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client follows Auth0-compatible behavior (true) or strict OIDC behavior (false). When true, profile/email claims are included in the ID token when scopes are requested. When false, these claims are only available from the userinfo endpoint (strict OIDC 5.4 compliance)."}),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),client_aliases:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of audiences/realms for SAML protocol. Used by the wsfed addon."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed."}),connections:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of connection IDs enabled for this client. The order determines the display order on the login page."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),session_transfer:e.z.record(e.z.any()).default({}).optional().openapi({description:"Native to Web SSO Configuration"}),oidc_logout:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration for OIDC backchannel logout"}),grant_types:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, urn:openid:params:grant-type:ciba, and urn:ietf:params:oauth:grant-type:device_code."}),jwt_configuration:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration related to JWTs for the client."}),signing_keys:e.z.array(e.z.record(e.z.any())).default([]).optional().openapi({description:"Signing certificates associated with this client."}),encryption_key:e.z.record(e.z.any()).default({}).optional().openapi({description:"Encryption used for WsFed responses with this client."}),sso:e.z.boolean().default(!1).openapi({description:"Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false)."}),sso_disabled:e.z.boolean().default(!0).openapi({description:"Whether Single Sign On is disabled (true) or enabled (true). Defaults to true."}),cross_origin_authentication:e.z.boolean().default(!1).openapi({description:"Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."}),cross_origin_loc:e.z.string().url().optional().openapi({description:"URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page."}),custom_login_page_on:e.z.boolean().default(!1).openapi({description:"Whether a custom login page is to be used (true) or the default provided login page (false)."}),custom_login_page:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page."}),custom_login_page_preview:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page. (Used on Previews)"}),form_template:e.z.string().optional().openapi({description:"HTML form template to be used for WS-Federation."}),addons:e.z.record(e.z.any()).default({}).optional().openapi({description:"Addons enabled for this client and their associated configurations."}),token_endpoint_auth_method:e.z.enum(["none","client_secret_post","client_secret_basic"]).default("client_secret_basic").optional().openapi({description:"Defines the requested authentication method for the token endpoint. Can be none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), or client_secret_basic (client uses HTTP Basic)."}),client_metadata:e.z.record(e.z.string().max(255)).default({}).optional().openapi({description:'Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/()<>@ [Tab][Space]'}),mobile:e.z.record(e.z.any()).default({}).optional().openapi({description:"Additional configuration for native mobile apps."}),initiate_login_uri:e.z.string().url().optional().openapi({description:"Initiate login uri, must be https"}),native_social_login:e.z.record(e.z.any()).default({}).optional(),refresh_token:e.z.record(e.z.any()).default({}).optional().openapi({description:"Refresh token configuration"}),default_organization:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines the default Organization ID and flows"}),organization_usage:e.z.enum(["deny","allow","require"]).default("deny").optional().openapi({description:"Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require."}),organization_require_behavior:e.z.enum(["no_prompt","pre_login_prompt","post_login_prompt"]).default("no_prompt").optional().openapi({description:"Defines how to proceed during an authentication transaction when client.organization_usage: 'require'. Can be no_prompt (default), pre_login_prompt or post_login_prompt. post_login_prompt requires oidc_conformant: true."}),client_authentication_methods:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines client authentication methods."}),require_pushed_authorization_requests:e.z.boolean().default(!1).openapi({description:"Makes the use of Pushed Authorization Requests mandatory for this client"}),require_proof_of_possession:e.z.boolean().default(!1).openapi({description:"Makes the use of Proof-of-Possession mandatory for this client"}),signed_request_object:e.z.record(e.z.any()).default({}).optional().openapi({description:"JWT-secured Authorization Requests (JAR) settings."}),compliance_level:e.z.enum(["none","fapi1_adv_pkj_par","fapi1_adv_mtls_par","fapi2_sp_pkj_mtls","fapi2_sp_mtls_mtls"]).optional().openapi({description:"Defines the compliance level for this client, which may restrict it's capabilities"}),par_request_expiry:e.z.number().optional().openapi({description:"Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"}),token_quota:e.z.record(e.z.any()).default({}).optional()}),Uo=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),...X.shape}),Y=e.z.object({client_id:e.z.string().min(1).openapi({description:"ID of the client."}),audience:e.z.string().min(1).openapi({description:"The audience (API identifier) of this client grant."}),scope:e.z.array(e.z.string()).optional().openapi({description:"Scopes allowed for this client grant."}),organization_usage:e.z.enum(["deny","allow","require"]).optional().openapi({description:"Defines whether organizations can be used with client credentials exchanges for this grant."}),allow_any_organization:e.z.boolean().optional().openapi({description:"If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations."}),is_system:e.z.boolean().optional().openapi({description:"If enabled, this grant is a special grant created by Auth0. It cannot be modified or deleted directly."}),subject_type:e.z.enum(["client","user"]).optional().openapi({description:"The type of application access the client grant allows. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."}),authorization_details_types:e.z.array(e.z.string()).optional().openapi({description:"Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."})}),Q=e.z.object({id:e.z.string().openapi({description:"ID of the client grant."}),...Y.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),Fo=e.z.array(Q),d=e.z.object({x:e.z.number(),y:e.z.number()});var C=(o=>(o.RICH_TEXT="RICH_TEXT",o.NEXT_BUTTON="NEXT_BUTTON",o.BACK_BUTTON="BACK_BUTTON",o.SUBMIT_BUTTON="SUBMIT_BUTTON",o.DIVIDER="DIVIDER",o.TEXT="TEXT",o.EMAIL="EMAIL",o.PASSWORD="PASSWORD",o.NUMBER="NUMBER",o.PHONE="PHONE",o.DATE="DATE",o.CHECKBOX="CHECKBOX",o.RADIO="RADIO",o.SELECT="SELECT",o.HIDDEN="HIDDEN",o.LEGAL="LEGAL",o))(C||{}),T=(o=>(o.BLOCK="BLOCK",o.FIELD="FIELD",o))(T||{});const I=e.z.object({id:e.z.string(),category:e.z.nativeEnum(T),type:e.z.nativeEnum(C)}),Z=I.extend({category:e.z.literal("BLOCK"),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}).passthrough()}),J=I.extend({category:e.z.literal("BLOCK"),type:e.z.union([e.z.literal("NEXT_BUTTON"),e.z.literal("BACK_BUTTON"),e.z.literal("SUBMIT_BUTTON")]),config:e.z.object({text:e.z.string()}).passthrough()}),$=I.extend({category:e.z.literal("FIELD"),type:e.z.literal("LEGAL"),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({text:e.z.string()}).passthrough()}),ee=I.extend({category:e.z.literal("FIELD"),type:e.z.union([e.z.literal("TEXT"),e.z.literal("EMAIL"),e.z.literal("PASSWORD"),e.z.literal("NUMBER"),e.z.literal("PHONE"),e.z.literal("DATE"),e.z.literal("CHECKBOX"),e.z.literal("RADIO"),e.z.literal("SELECT"),e.z.literal("HIDDEN")]),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({label:e.z.string().optional(),placeholder:e.z.string().optional()}).passthrough()}),oe=e.z.object({id:e.z.string(),category:e.z.string(),type:e.z.string()}).passthrough(),te=e.z.union([Z,J,$,ee,oe]);var ne=(o=>(o.STEP="STEP",o.FLOW="FLOW",o.CONDITION="CONDITION",o.ACTION="ACTION",o))(ne||{});const ie=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({components:e.z.array(te),next_node:e.z.string()}).passthrough()}),ae=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({flow_id:e.z.string(),next_node:e.z.string()})}),re=e.z.object({id:e.z.string(),type:e.z.literal("ACTION"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({action_type:e.z.enum(["REDIRECT"]).openapi({description:"The type of action to perform"}),target:e.z.enum(["change-email","account","custom"]).openapi({description:"The predefined target to redirect to"}),custom_url:e.z.string().optional().openapi({description:"Custom URL when target is 'custom'"}),next_node:e.z.string().openapi({description:"The next node to navigate to after action (for non-redirect actions)"})}).passthrough()}),se=e.z.object({id:e.z.string(),type:e.z.string(),coordinates:d}).passthrough(),le=e.z.union([ie,ae,re,se]),ce=e.z.object({next_node:e.z.string(),coordinates:d}).passthrough(),pe=e.z.object({resume_flow:e.z.boolean().optional(),coordinates:d}).passthrough(),_e=e.z.object({id:e.z.string(),name:e.z.string(),languages:e.z.object({primary:e.z.string()}).passthrough(),nodes:e.z.array(le),start:ce,ending:pe,created_at:e.z.string(),updated_at:e.z.string(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).passthrough()}).passthrough(),xo=_e.omit({id:!0,created_at:!0,updated_at:!0});var O=(o=>(o.TOKEN="token",o.ID_TOKEN="id_token",o.TOKEN_ID_TOKEN="token id_token",o.CODE="code",o))(O||{}),N=(o=>(o.QUERY="query",o.FRAGMENT="fragment",o.FORM_POST="form_post",o.WEB_MESSAGE="web_message",o.SAML_POST="saml_post",o))(N||{}),w=(o=>(o.S256="S256",o.Plain="plain",o))(w||{});const de=e.z.object({client_id:e.z.string(),act_as:e.z.string().optional(),response_type:e.z.nativeEnum(O).optional(),response_mode:e.z.nativeEnum(N).optional(),redirect_uri:e.z.string().optional(),audience:e.z.string().optional(),organization:e.z.string().optional(),state:e.z.string().optional(),nonce:e.z.string().optional(),scope:e.z.string().optional(),prompt:e.z.string().optional(),code_challenge_method:e.z.nativeEnum(w).optional(),code_challenge:e.z.string().optional(),username:e.z.string().optional(),ui_locales:e.z.string().optional(),max_age:e.z.number().optional(),acr_values:e.z.string().optional(),vendor_id:e.z.string().optional()}),Po=e.z.object({colors:e.z.object({primary:e.z.string(),page_background:e.z.object({type:e.z.string().optional(),start:e.z.string().optional(),end:e.z.string().optional(),angle_deg:e.z.number().optional()}).optional()}).optional(),logo_url:e.z.string().optional(),favicon_url:e.z.string().optional(),powered_by_logo_url:e.z.string().optional(),font:e.z.object({url:e.z.string()}).optional()}),ze=e.z.enum(["password_reset","email_verification","otp","mfa_otp","authorization_code","oauth2_state","ticket"]),ge=e.z.object({code_id:e.z.string().openapi({description:"The code that will be used in for instance an email verification flow"}),login_id:e.z.string().openapi({description:"The id of the login session that the code is connected to"}),connection_id:e.z.string().optional().openapi({description:"The connection that the code is connected to"}),code_type:ze,code_verifier:e.z.string().optional().openapi({description:"The code verifier used in PKCE in outbound flows"}),code_challenge:e.z.string().optional().openapi({description:"The code challenge used in PKCE in outbound flows"}),code_challenge_method:e.z.enum(["plain","S256"]).optional().openapi({description:"The code challenge method used in PKCE in outbound flows"}),redirect_uri:e.z.string().optional().openapi({description:"The redirect URI associated with the code"}),otp:e.z.string().optional().openapi({description:"The one-time password value for OTP-based flows"}),nonce:e.z.string().optional().openapi({description:"The nonce value used for security in OIDC flows"}),state:e.z.string().optional().openapi({description:"The state parameter used for CSRF protection in OAuth flows"}),expires_at:e.z.string(),used_at:e.z.string().optional(),user_id:e.z.string().optional()}),Mo=e.z.object({...ge.shape,created_at:e.z.string()}),me=e.z.object({kid:e.z.string().optional(),team_id:e.z.string().optional(),realms:e.z.string().optional(),authentication_method:e.z.string().optional(),client_id:e.z.string().optional(),client_secret:e.z.string().optional(),app_secret:e.z.string().optional(),scope:e.z.string().optional(),authorization_endpoint:e.z.string().optional(),token_endpoint:e.z.string().optional(),userinfo_endpoint:e.z.string().optional(),jwks_uri:e.z.string().optional(),discovery_url:e.z.string().optional(),issuer:e.z.string().optional(),provider:e.z.string().optional(),from:e.z.string().optional(),twilio_sid:e.z.string().optional(),twilio_token:e.z.string().optional(),icon_url:e.z.string().optional(),passwordPolicy:e.z.enum(["none","low","fair","good","excellent"]).optional(),password_complexity_options:e.z.object({min_length:e.z.number().optional()}).optional(),password_history:e.z.object({enable:e.z.boolean().optional(),size:e.z.number().optional()}).optional(),password_no_personal_info:e.z.object({enable:e.z.boolean().optional()}).optional(),password_dictionary:e.z.object({enable:e.z.boolean().optional(),dictionary:e.z.array(e.z.string()).optional()}).optional(),disable_signup:e.z.boolean().optional(),brute_force_protection:e.z.boolean().optional(),import_mode:e.z.boolean().optional(),attributes:e.z.object({email:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional(),verification:e.z.object({active:e.z.boolean().optional()}).optional()}).optional(),validation:e.z.object({allowed:e.z.boolean().optional()}).optional(),unique:e.z.boolean().optional(),profile_required:e.z.boolean().optional(),verification_method:e.z.enum(["link","code"]).optional()}).optional(),username:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional()}).optional(),validation:e.z.object({max_length:e.z.number().optional(),min_length:e.z.number().optional(),allowed_types:e.z.object({email:e.z.boolean().optional(),phone_number:e.z.boolean().optional()}).optional()}).optional(),profile_required:e.z.boolean().optional()}).optional(),phone_number:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional()}).optional()}).optional()}).optional(),authentication_methods:e.z.object({password:e.z.object({enabled:e.z.boolean().optional()}).optional(),passkey:e.z.object({enabled:e.z.boolean().optional()}).optional()}).optional(),passkey_options:e.z.object({challenge_ui:e.z.enum(["both","autofill","button"]).optional(),local_enrollment_enabled:e.z.boolean().optional(),progressive_enrollment_enabled:e.z.boolean().optional()}).optional(),requires_username:e.z.boolean().optional(),validation:e.z.object({username:e.z.object({min:e.z.number().optional(),max:e.z.number().optional()}).optional()}).optional(),set_user_root_attributes:e.z.enum(["on_each_login","on_first_login","never_on_login"]).optional()}),ue=e.z.object({id:e.z.string().optional(),name:e.z.string(),display_name:e.z.string().optional(),strategy:e.z.string(),options:me.default({}),enabled_clients:e.z.array(e.z.string()).default([]).optional(),response_type:e.z.custom().optional(),response_mode:e.z.custom().optional(),is_domain_connection:e.z.boolean().optional(),show_as_button:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional(),is_system:e.z.boolean().optional()}),Ho=e.z.object({id:e.z.string(),created_at:e.z.string().transform(o=>o===null?"":o),updated_at:e.z.string().transform(o=>o===null?"":o)}).extend(ue.shape),he=e.z.object({domain:e.z.string(),custom_domain_id:e.z.string().optional(),type:e.z.enum(["auth0_managed_certs","self_managed_certs"]),verification_method:e.z.enum(["txt"]).optional(),tls_policy:e.z.enum(["recommended"]).optional(),custom_client_ip_header:e.z.enum(["true-client-ip","cf-connecting-ip","x-forwarded-for","x-azure-clientip","null"]).optional(),domain_metadata:e.z.record(e.z.string().max(255)).optional()}),be=e.z.discriminatedUnion("name",[e.z.object({name:e.z.literal("txt"),record:e.z.string(),domain:e.z.string()}),e.z.object({name:e.z.literal("http"),http_body:e.z.string(),http_url:e.z.string()})]),fe=e.z.object({...he.shape,custom_domain_id:e.z.string(),primary:e.z.boolean(),status:e.z.enum(["disabled","pending","pending_verification","ready"]),origin_domain_name:e.z.string().optional(),verification:e.z.object({methods:e.z.array(be)}).optional(),tls_policy:e.z.string().optional()}),Go=fe.extend({tenant_id:e.z.string()}),R=e.z.object({id:e.z.string(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),l=R.extend({category:e.z.literal("BLOCK").optional()}),Bo=l.extend({type:e.z.literal("DIVIDER"),config:e.z.object({text:e.z.string().optional()}).optional()}),Wo=l.extend({type:e.z.literal("HTML"),config:e.z.object({content:e.z.string().optional()}).optional()}),Ko=l.extend({type:e.z.literal("IMAGE"),config:e.z.object({src:e.z.string().optional(),alt:e.z.string().optional(),width:e.z.number().optional(),height:e.z.number().optional()}).optional()}),qo=l.extend({type:e.z.literal("JUMP_BUTTON"),config:e.z.object({text:e.z.string().optional(),target_step:e.z.string().optional()})}),Vo=l.extend({type:e.z.literal("RESEND_BUTTON"),config:e.z.object({text:e.z.string().optional(),resend_action:e.z.string().optional()})}),Xo=l.extend({type:e.z.literal("NEXT_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),Yo=l.extend({type:e.z.literal("PREVIOUS_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),Qo=l.extend({type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string().optional()}).optional()}),j=R.extend({category:e.z.literal("WIDGET").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Zo=j.extend({type:e.z.literal("AUTH0_VERIFIABLE_CREDENTIALS"),config:e.z.object({credential_type:e.z.string().optional()})}),Jo=j.extend({type:e.z.literal("GMAPS_ADDRESS"),config:e.z.object({api_key:e.z.string().optional()})}),$o=j.extend({type:e.z.literal("RECAPTCHA"),config:e.z.object({site_key:e.z.string().optional()})}),t=R.extend({category:e.z.literal("FIELD").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),messages:e.z.array(e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])})).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),et=t.extend({type:e.z.literal("BOOLEAN"),config:e.z.object({default_value:e.z.boolean().optional()}).optional()}),ot=t.extend({type:e.z.literal("CARDS"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string(),description:e.z.string().optional(),image:e.z.string().optional()})).optional(),multi_select:e.z.boolean().optional()}).optional()}),tt=t.extend({type:e.z.literal("CHOICE"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),display:e.z.enum(["radio","checkbox"]).optional(),multiple:e.z.boolean().optional(),default_value:e.z.union([e.z.string(),e.z.array(e.z.string())]).optional()}).optional()}),nt=t.extend({type:e.z.literal("CUSTOM"),config:e.z.object({component:e.z.string().optional(),props:e.z.record(e.z.any()).optional(),schema:e.z.record(e.z.any()).optional(),code:e.z.string().optional()})}),it=t.extend({type:e.z.literal("DATE"),config:e.z.object({format:e.z.string().optional(),min:e.z.string().optional(),max:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),at=t.extend({type:e.z.literal("DROPDOWN"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),placeholder:e.z.string().optional(),searchable:e.z.boolean().optional(),multiple:e.z.boolean().optional(),default_value:e.z.union([e.z.string(),e.z.array(e.z.string())]).optional()}).optional()}),rt=t.extend({type:e.z.literal("EMAIL"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),st=t.extend({type:e.z.literal("FILE"),config:e.z.object({accept:e.z.string().optional(),max_size:e.z.number().optional(),multiple:e.z.boolean().optional()}).optional()}),lt=t.extend({type:e.z.literal("LEGAL"),config:e.z.object({text:e.z.string(),html:e.z.boolean().optional()}).optional()}),ct=t.extend({type:e.z.literal("NUMBER"),config:e.z.object({placeholder:e.z.string().optional(),min:e.z.number().optional(),max:e.z.number().optional(),step:e.z.number().optional(),default_value:e.z.string().optional()}).optional()}),pt=t.extend({type:e.z.literal("PASSWORD"),config:e.z.object({placeholder:e.z.string().optional(),min_length:e.z.number().optional(),show_toggle:e.z.boolean().optional(),forgot_password_link:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),_t=t.extend({type:e.z.literal("PAYMENT"),config:e.z.object({provider:e.z.string().optional(),currency:e.z.string().optional()}).optional()}),dt=t.extend({type:e.z.literal("SOCIAL"),config:e.z.object({providers:e.z.array(e.z.string()).optional(),provider_details:e.z.array(e.z.object({name:e.z.string(),strategy:e.z.string().optional(),display_name:e.z.string().optional(),icon_url:e.z.string().optional(),href:e.z.string().optional()})).optional()}).optional()}),zt=t.extend({type:e.z.literal("TEL"),config:e.z.object({placeholder:e.z.string().optional(),default_country:e.z.string().optional(),default_value:e.z.string().optional(),allow_email:e.z.boolean().optional()}).optional()}),gt=t.extend({type:e.z.literal("TEXT"),config:e.z.object({placeholder:e.z.string().optional(),multiline:e.z.boolean().optional(),max_length:e.z.number().optional(),default_value:e.z.string().optional()}).optional()}),mt=t.extend({type:e.z.literal("COUNTRY"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),ut=t.extend({type:e.z.literal("URL"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),Se=e.z.discriminatedUnion("type",[Bo,Wo,Ko,qo,Vo,Xo,Yo,Qo]),Ee=e.z.discriminatedUnion("type",[Zo,Jo,$o]),Ae=e.z.discriminatedUnion("type",[et,ot,tt,mt,nt,it,at,rt,st,lt,ct,pt,_t,dt,zt,gt,ut]),D=e.z.union([Se,Ee,Ae]),ht=new Set(["BOOLEAN","CARDS","CHOICE","COUNTRY","DATE","DROPDOWN","EMAIL","LEGAL","NUMBER","PASSWORD","TEL","TEXT","URL"]),bt=e.z.object({id:e.z.string(),type:e.z.literal("submit"),label:e.z.string(),className:e.z.string().optional(),disabled:e.z.boolean().optional().default(!1),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0),customizations:e.z.record(e.z.string(),e.z.any()).optional()}),b=e.z.object({x:e.z.number(),y:e.z.number()}),ft=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:b,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({flow_id:e.z.string().max(30),next_node:e.z.string().optional()})}),St=e.z.object({id:e.z.string(),type:e.z.literal("ROUTER"),coordinates:b,alias:e.z.string().min(1).max(150),config:e.z.object({rules:e.z.array(e.z.object({id:e.z.string(),alias:e.z.string().min(1).max(150).optional(),condition:e.z.any(),next_node:e.z.string()})),fallback:e.z.string()})}),Et=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:b,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({components:e.z.array(D),next_node:e.z.string().optional()})}),Ie=e.z.discriminatedUnion("type",[ft,St,Et]),ye=e.z.object({name:e.z.string().openapi({description:"The name of the form"}),messages:e.z.object({errors:e.z.record(e.z.string(),e.z.any()).optional(),custom:e.z.record(e.z.string(),e.z.any()).optional()}).optional(),languages:e.z.object({primary:e.z.string().optional(),default:e.z.string().optional()}).optional(),translations:e.z.record(e.z.string(),e.z.any()).optional(),nodes:e.z.array(Ie).optional(),start:e.z.object({hidden_fields:e.z.array(e.z.object({key:e.z.string(),value:e.z.string()})).optional(),next_node:e.z.string().optional(),coordinates:b.optional()}).optional(),ending:e.z.object({redirection:e.z.object({delay:e.z.number().optional(),target:e.z.string().optional()}).optional(),after_submit:e.z.object({flow_id:e.z.string().optional()}).optional(),coordinates:b.optional(),resume_flow:e.z.boolean().optional()}).optional(),style:e.z.object({css:e.z.string().optional()}).optional(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).optional()}).openapi({description:"Schema for flow-based forms (matches Auth0 Forms structure)"}),At=e.z.object({...s.shape,...ye.shape,id:e.z.string()}),Ce=e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])}),Te=e.z.object({id:e.z.string().optional(),text:e.z.string(),href:e.z.string(),linkText:e.z.string().optional()}),It=e.z.object({name:e.z.string().optional(),action:e.z.string(),method:e.z.enum(["POST","GET"]),title:e.z.string().optional(),description:e.z.string().optional(),components:e.z.array(D),messages:e.z.array(Ce).optional(),links:e.z.array(Te).optional(),footer:e.z.string().optional()});function yt(o){return o.category==="BLOCK"}function Ct(o){return o.category==="WIDGET"}function Tt(o){return o.category==="FIELD"}const Oe=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),Ne=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),we=e.z.enum(["post-user-login","credentials-exchange"]),L=e.z.enum(["ensure-username","set-preferred-username"]),Ot={"ensure-username":{name:"Ensure Username",description:"Automatically assigns a username to users who sign in without one. Creates a linked username account for social/email users.",trigger_id:"post-user-login"},"set-preferred-username":{name:"Set Preferred Username",description:"Sets the preferred_username claim on tokens based on the username from the primary or linked user.",trigger_id:"credentials-exchange"}},m={enabled:e.z.boolean().default(!1),synchronous:e.z.boolean().default(!1),priority:e.z.number().optional(),hook_id:e.z.string().optional()},Nt=e.z.object({...m,trigger_id:Oe,url:e.z.string()}),wt=e.z.object({...m,trigger_id:Ne,form_id:e.z.string()}),Rt=e.z.object({...m,trigger_id:we,template_id:L}),jt=e.z.union([Nt,wt,Rt]),Dt=e.z.object({...m,trigger_id:Oe,...s.shape,hook_id:e.z.string(),url:e.z.string()}),Lt=e.z.object({...m,trigger_id:Ne,...s.shape,hook_id:e.z.string(),form_id:e.z.string()}),vt=e.z.object({...m,trigger_id:we,...s.shape,hook_id:e.z.string(),template_id:L}),kt=e.z.union([Dt,Lt,vt]),Re=e.z.object({name:e.z.string().optional()}),je=e.z.object({email:e.z.string().optional()}),De=e.z.object({organization_id:e.z.string().max(50),inviter:Re,invitee:je,invitation_url:e.z.string().url(),client_id:e.z.string(),connection_id:e.z.string().optional(),app_metadata:e.z.record(e.z.any()).default({}).optional(),user_metadata:e.z.record(e.z.any()).default({}).optional(),ttl_sec:e.z.number().int().max(2592e3).default(604800).optional(),roles:e.z.array(e.z.string()).default([]).optional(),send_invitation_email:e.z.boolean().default(!0).optional()}),Ut=e.z.object({id:e.z.string(),organization_id:e.z.string().max(50),created_at:e.z.string().datetime(),expires_at:e.z.string().datetime(),ticket_id:e.z.string().optional()}).extend(De.shape),Le=e.z.object({alg:e.z.enum(["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512"]),e:e.z.string(),kid:e.z.string(),kty:e.z.enum(["RSA","EC","oct"]),n:e.z.string(),x5t:e.z.string().optional(),x5c:e.z.array(e.z.string()).optional(),use:e.z.enum(["sig","enc"]).optional()}),Ft=e.z.object({keys:e.z.array(Le)}),xt=e.z.object({issuer:e.z.string(),authorization_endpoint:e.z.string(),token_endpoint:e.z.string(),device_authorization_endpoint:e.z.string(),userinfo_endpoint:e.z.string(),mfa_challenge_endpoint:e.z.string(),jwks_uri:e.z.string(),registration_endpoint:e.z.string(),revocation_endpoint:e.z.string(),scopes_supported:e.z.array(e.z.string()),response_types_supported:e.z.array(e.z.string()),code_challenge_methods_supported:e.z.array(e.z.string()),response_modes_supported:e.z.array(e.z.string()),subject_types_supported:e.z.array(e.z.string()),id_token_signing_alg_values_supported:e.z.array(e.z.string()),token_endpoint_auth_methods_supported:e.z.array(e.z.string()),claims_supported:e.z.array(e.z.string()),request_uri_parameter_supported:e.z.boolean(),request_parameter_supported:e.z.boolean(),token_endpoint_auth_signing_alg_values_supported:e.z.array(e.z.string())});var v=(o=>(o.PENDING="pending",o.AUTHENTICATED="authenticated",o.AWAITING_EMAIL_VERIFICATION="awaiting_email_verification",o.AWAITING_MFA="awaiting_mfa",o.AWAITING_HOOK="awaiting_hook",o.AWAITING_CONTINUATION="awaiting_continuation",o.COMPLETED="completed",o.FAILED="failed",o.EXPIRED="expired",o))(v||{});const ve=e.z.nativeEnum(v),ke=e.z.object({csrf_token:e.z.string(),auth0Client:e.z.string().optional(),authParams:de,expires_at:e.z.string(),deleted_at:e.z.string().optional(),ip:e.z.string().optional(),useragent:e.z.string().optional(),session_id:e.z.string().optional(),authorization_url:e.z.string().optional(),state:ve.optional().default("pending"),state_data:e.z.string().optional(),failure_reason:e.z.string().optional(),user_id:e.z.string().optional(),auth_connection:e.z.string().optional()}).openapi({description:"This represents a login sesion"}),Pt=e.z.object({...ke.shape,id:e.z.string().openapi({description:"This is is used as the state in the universal login"}),created_at:e.z.string(),updated_at:e.z.string()}),Ue={ACLS_SUMMARY:"acls_summary",ACTIONS_EXECUTION_FAILED:"actions_execution_failed",API_LIMIT:"api_limit",API_LIMIT_WARNING:"api_limit_warning",APPI:"appi",CIBA_EXCHANGE_FAILED:"ciba_exchange_failed",CIBA_EXCHANGE_SUCCEEDED:"ciba_exchange_succeeded",CIBA_START_FAILED:"ciba_start_failed",CIBA_START_SUCCEEDED:"ciba_start_succeeded",CODE_LINK_SENT:"cls",CODE_SENT:"cs",DEPRECATION_NOTICE:"depnote",FAILED_LOGIN:"f",FAILED_BY_CONNECTOR:"fc",FAILED_CHANGE_EMAIL:"fce",FAILED_BY_CORS:"fco",FAILED_CROSS_ORIGIN_AUTHENTICATION:"fcoa",FAILED_CHANGE_PASSWORD:"fcp",FAILED_POST_CHANGE_PASSWORD_HOOK:"fcph",FAILED_CHANGE_PHONE_NUMBER:"fcpn",FAILED_CHANGE_PASSWORD_REQUEST:"fcpr",FAILED_CONNECTOR_PROVISIONING:"fcpro",FAILED_CHANGE_USERNAME:"fcu",FAILED_DELEGATION:"fd",FAILED_DEVICE_ACTIVATION:"fdeac",FAILED_DEVICE_AUTHORIZATION_REQUEST:"fdeaz",USER_CANCELED_DEVICE_CONFIRMATION:"fdecc",FAILED_USER_DELETION:"fdu",FAILED_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"feacft",FAILED_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"feccft",FAILED_EXCHANGE_CUSTOM_TOKEN:"fecte",FAILED_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"fede",FAILED_FEDERATED_LOGOUT:"federated_logout_failed",FAILED_EXCHANGE_NATIVE_SOCIAL_LOGIN:"fens",FAILED_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"feoobft",FAILED_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"feotpft",FAILED_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"fepft",FAILED_EXCHANGE_PASSWORDLESS_OTP_FOR_ACCESS_TOKEN:"fepotpft",FAILED_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"fercft",FAILED_EXCHANGE_ROTATING_REFRESH_TOKEN:"ferrt",FAILED_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"fertft",FAILED_HOOK:"fh",FAILED_IMPERSONATION:"fimp",FAILED_INVITE_ACCEPT:"fi",FAILED_LOGOUT:"flo",FLOWS_EXECUTION_COMPLETED:"flows_execution_completed",FLOWS_EXECUTION_FAILED:"flows_execution_failed",FAILED_SENDING_NOTIFICATION:"fn",FORMS_SUBMISSION_FAILED:"forms_submission_failed",FORMS_SUBMISSION_SUCCEEDED:"forms_submission_succeeded",FAILED_LOGIN_INCORRECT_PASSWORD:"fp",FAILED_PUSHED_AUTHORIZATION_REQUEST:"fpar",FAILED_POST_USER_REGISTRATION_HOOK:"fpurh",FAILED_SIGNUP:"fs",FAILED_SILENT_AUTH:"fsa",FAILED_LOGIN_INVALID_EMAIL_USERNAME:"fu",FAILED_USERS_IMPORT:"fui",FAILED_VERIFICATION_EMAIL:"fv",FAILED_VERIFICATION_EMAIL_REQUEST:"fvr",EMAIL_VERIFICATION_CONFIRMED:"gd_auth_email_verification",EMAIL_VERIFICATION_FAILED:"gd_auth_fail_email_verification",MFA_AUTH_FAILED:"gd_auth_failed",MFA_AUTH_REJECTED:"gd_auth_rejected",MFA_AUTH_SUCCESS:"gd_auth_succeed",MFA_ENROLLMENT_COMPLETE:"gd_enrollment_complete",TOO_MANY_MFA_FAILURES:"gd_otp_rate_limit_exceed",MFA_RECOVERY_FAILED:"gd_recovery_failed",MFA_RECOVERY_RATE_LIMIT_EXCEED:"gd_recovery_rate_limit_exceed",MFA_RECOVERY_SUCCESS:"gd_recovery_succeed",MFA_EMAIL_SENT:"gd_send_email",EMAIL_VERIFICATION_SENT:"gd_send_email_verification",EMAIL_VERIFICATION_SEND_FAILURE:"gd_send_email_verification_failure",PUSH_NOTIFICATION_SENT:"gd_send_pn",ERROR_SENDING_MFA_PUSH_NOTIFICATION:"gd_send_pn_failure",MFA_SMS_SENT:"gd_send_sms",ERROR_SENDING_MFA_SMS:"gd_send_sms_failure",MFA_VOICE_CALL_SUCCESS:"gd_send_voice",MFA_VOICE_CALL_FAILED:"gd_send_voice_failure",SECOND_FACTOR_STARTED:"gd_start_auth",MFA_ENROLL_STARTED:"gd_start_enroll",MFA_ENROLLMENT_FAILED:"gd_start_enroll_failed",GUARDIAN_TENANT_UPDATE:"gd_tenant_update",UNENROLL_DEVICE_ACCOUNT:"gd_unenroll",UPDATE_DEVICE_ACCOUNT:"gd_update_device_account",WEBAUTHN_CHALLENGE_FAILED:"gd_webauthn_challenge_failed",WEBAUTHN_ENROLLMENT_FAILED:"gd_webauthn_enrollment_failed",FAILED_KMS_API_OPERATION:"kms_key_management_failure",SUCCESS_KMS_API_OPERATION:"kms_key_management_success",KMS_KEY_STATE_CHANGED:"kms_key_state_changed",TOO_MANY_CALLS_TO_DELEGATION:"limit_delegation",BLOCKED_IP_ADDRESS:"limit_mu",BLOCKED_ACCOUNT_IP:"limit_sul",BLOCKED_ACCOUNT_EMAIL:"limit_wc",MFA_REQUIRED:"mfar",MANAGEMENT_API_READ_OPERATION:"mgmt_api_read",FAILED_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_failed",SUCCESSFUL_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_succeeded",FAILED_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_failed",SUCCESSFUL_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_succeeded",ORGANIZATION_MEMBER_ADDED:"organization_member_added",PASSKEY_CHALLENGE_FAILED:"passkey_challenge_failed",PASSKEY_CHALLENGE_STARTED:"passkey_challenge_started",PRE_LOGIN_ASSESSMENT:"pla",BREACHED_PASSWORD:"pwd_leak",BREACHED_PASSWORD_ON_RESET:"reset_pwd_leak",SUCCESS_RESOURCE_CLEANUP:"resource_cleanup",RICH_CONSENTS_ACCESS_ERROR:"rich_consents_access_error",SUCCESS_LOGIN:"s",SUCCESS_API_OPERATION:"sapi",SUCCESS_CHANGE_EMAIL:"sce",SUCCESS_CROSS_ORIGIN_AUTHENTICATION:"scoa",SUCCESS_CHANGE_PASSWORD:"scp",SUCCESS_CHANGE_PHONE_NUMBER:"scpn",SUCCESS_CHANGE_PASSWORD_REQUEST:"scpr",SUCCESS_CHANGE_USERNAME:"scu",SUCCESS_CREDENTIAL_VALIDATION:"scv",SUCCESS_DELEGATION:"sd",SUCCESS_USER_DELETION:"sdu",SUCCESS_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"seacft",SUCCESS_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"seccft",SUCCESS_EXCHANGE_CUSTOM_TOKEN:"secte",SUCCESS_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"sede",SUCCESS_EXCHANGE_NATIVE_SOCIAL_LOGIN:"sens",SUCCESS_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"seoobft",SUCCESS_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"seotpft",SUCCESS_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"sepft",SUCCESS_EXCHANGE_PASSKEY_OOB_FOR_ACCESS_TOKEN:"sepkoobft",SUCCESS_EXCHANGE_PASSKEY_OTP_FOR_ACCESS_TOKEN:"sepkotpft",SUCCESS_EXCHANGE_PASSKEY_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sepkrcft",SUCCESS_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sercft",SUCCESS_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"sertft",SUCCESS_IMPERSONATION:"simp",SUCCESSFULLY_ACCEPTED_USER_INVITE:"si",BREACHED_PASSWORD_ON_SIGNUP:"signup_pwd_leak",SUCCESS_LOGOUT:"slo",SUCCESS_REVOCATION:"srrt",SUCCESS_SIGNUP:"ss",FAILED_SS_SSO_OPERATION:"ss_sso_failure",INFORMATION_FROM_SS_SSO_OPERATION:"ss_sso_info",SUCCESS_SS_SSO_OPERATION:"ss_sso_success",SUCCESS_SILENT_AUTH:"ssa",SUCCESSFUL_SCIM_OPERATION:"sscim",SUCCESSFULLY_IMPORTED_USERS:"sui",SUCCESS_VERIFICATION_EMAIL:"sv",SUCCESS_VERIFICATION_EMAIL_REQUEST:"svr",MAX_AMOUNT_OF_AUTHENTICATORS:"too_many_records",USER_LOGIN_BLOCK_RELEASED:"ublkdu",FAILED_UNIVERSAL_LOGOUT:"universal_logout_failed",SUCCESSFUL_UNIVERSAL_LOGOUT:"universal_logout_succeeded",WARNING_DURING_LOGIN:"w",WARNING_SENDING_NOTIFICATION:"wn",WARNING_USER_MANAGEMENT:"wum"},Mt=e.z.string().refine(o=>Object.values(Ue).includes(o),{message:"Invalid log type"}),Fe=e.z.object({name:e.z.string(),version:e.z.string(),env:e.z.object({node:e.z.string().optional()}).optional()}),xe=e.z.object({country_code:e.z.string().length(2),city_name:e.z.string(),latitude:e.z.string(),longitude:e.z.string(),time_zone:e.z.string(),continent_code:e.z.string()}),Pe=e.z.object({type:Mt,date:e.z.string(),description:e.z.string().optional(),ip:e.z.string().optional(),user_agent:e.z.string().optional(),details:e.z.any().optional(),isMobile:e.z.boolean(),user_id:e.z.string().optional(),user_name:e.z.string().optional(),connection:e.z.string().optional(),connection_id:e.z.string().optional(),client_id:e.z.string().optional(),client_name:e.z.string().optional(),audience:e.z.string().optional(),scope:e.z.string().optional(),strategy:e.z.string().optional(),strategy_type:e.z.string().optional(),hostname:e.z.string().optional(),auth0_client:Fe.optional(),log_id:e.z.string().optional(),location_info:xe.optional()}),Ht=e.z.object({...Pe.shape,log_id:e.z.string()}),Me=e.z.object({id:e.z.string().optional(),user_id:e.z.string(),password:e.z.string(),algorithm:e.z.enum(["bcrypt","argon2id"]).default("argon2id"),is_current:e.z.boolean().default(!0)}),Gt=Me.extend({id:e.z.string(),created_at:e.z.string(),updated_at:e.z.string()}),He=e.z.object({initial_user_agent:e.z.string().describe("First user agent of the device from which this user logged in"),initial_ip:e.z.string().describe("First IP address associated with this session"),initial_asn:e.z.string().describe("First autonomous system number associated with this session"),last_user_agent:e.z.string().describe("Last user agent of the device from which this user logged in"),last_ip:e.z.string().describe("Last IP address from which this user logged in"),last_asn:e.z.string().describe("Last autonomous system number from which this user logged in")}),Ge=e.z.object({id:e.z.string(),revoked_at:e.z.string().optional(),used_at:e.z.string().optional(),user_id:e.z.string().describe("The user ID associated with the session"),expires_at:e.z.string().optional(),login_session_id:e.z.string(),idle_expires_at:e.z.string().optional(),device:He.describe("Metadata related to the device used in the session"),clients:e.z.array(e.z.string()).describe("List of client details for the session")}),Bt=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),authenticated_at:e.z.string(),last_interaction_at:e.z.string(),...Ge.shape}),Wt=e.z.object({kid:e.z.string().openapi({description:"The key id of the signing key"}),cert:e.z.string().openapi({description:"The public certificate of the signing key"}),fingerprint:e.z.string().openapi({description:"The cert fingerprint"}),thumbprint:e.z.string().openapi({description:"The cert thumbprint"}),pkcs7:e.z.string().optional().openapi({description:"The private key in pkcs7 format"}),current:e.z.boolean().optional().openapi({description:"True if the key is the current key"}),next:e.z.boolean().optional().openapi({description:"True if the key is the next key"}),previous:e.z.boolean().optional().openapi({description:"True if the key is the previous key"}),current_since:e.z.string().optional().openapi({description:"The date and time when the key became the current key"}),current_until:e.z.string().optional().openapi({description:"The date and time when the current key was rotated"}),revoked:e.z.boolean().optional().openapi({description:"True if the key is revoked"}),revoked_at:e.z.string().optional().openapi({description:"The date and time when the key was revoked"}),connection:e.z.string().optional().openapi({description:"The connection identifier associated with the key"}),type:e.z.enum(["jwt_signing","saml_encryption"]).openapi({description:"The type of the signing key"})}),Be=e.z.object({id:e.z.string().optional(),audience:e.z.string(),friendly_name:e.z.string(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sender_email:e.z.string().email(),sender_name:e.z.string(),session_lifetime:e.z.number().optional(),idle_session_lifetime:e.z.number().optional(),ephemeral_session_lifetime:e.z.number().optional(),idle_ephemeral_session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),allowed_logout_urls:e.z.array(e.z.string()).optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_changing_enable_sso:e.z.boolean().optional(),allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),change_pwd_flow_v1:e.z.boolean().optional(),custom_domains_provisioning:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),disable_impersonation:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),enable_sso:e.z.boolean().optional(),enforce_client_authentication_on_passwordless_start:e.z.boolean().optional(),genai_trial:e.z.boolean().optional(),improved_signup_bot_detection_in_classic:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional(),no_disclose_enterprise_connections:e.z.boolean().optional(),remove_alg_from_jwks:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),trust_azure_adfs_email_verified_connection_property:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),inherit_global_permissions_in_organizations:e.z.boolean().optional()}).optional(),sandbox_version:e.z.string().optional(),legacy_sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),device_flow:e.z.object({charset:e.z.enum(["base20","digits"]).optional(),mask:e.z.string().max(20).optional()}).optional(),default_token_quota:e.z.object({clients:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional(),organizations:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),oidc_logout:e.z.object({rp_logout_end_session_endpoint_discovery:e.z.boolean().optional()}).optional(),allow_organization_name_in_authentication_api:e.z.boolean().optional(),customize_mfa_in_postlogin_action:e.z.boolean().optional(),acr_values_supported:e.z.array(e.z.string()).optional(),mtls:e.z.object({enable_endpoint_aliases:e.z.boolean().optional()}).optional(),pushed_authorization_requests_supported:e.z.boolean().optional(),authorization_response_iss_parameter_supported:e.z.boolean().optional(),mfa:e.z.object({policy:e.z.enum(["never","always"]).default("never").optional(),factors:e.z.object({sms:e.z.boolean().default(!1),otp:e.z.boolean().default(!1),email:e.z.boolean().default(!1),push_notification:e.z.boolean().default(!1),webauthn_roaming:e.z.boolean().default(!1),webauthn_platform:e.z.boolean().default(!1),recovery_code:e.z.boolean().default(!1),duo:e.z.boolean().default(!1)}).optional(),sms_provider:e.z.object({provider:e.z.enum(["twilio","vonage","aws_sns","phone_message_hook"]).optional()}).optional(),twilio:e.z.object({sid:e.z.string().optional(),auth_token:e.z.string().optional(),from:e.z.string().optional(),messaging_service_sid:e.z.string().optional()}).optional(),phone_message:e.z.object({message:e.z.string().optional()}).optional()}).optional()}),Kt=e.z.object({created_at:e.z.string().nullable().transform(o=>o??""),updated_at:e.z.string().nullable().transform(o=>o??""),...Be.shape,id:e.z.string()});var We=(o=>(o.RefreshToken="refresh_token",o.AuthorizationCode="authorization_code",o.ClientCredential="client_credentials",o.Passwordless="passwordless",o.Password="password",o.OTP="http://auth0.com/oauth/grant-type/passwordless/otp",o))(We||{});const qt=e.z.object({access_token:e.z.string(),id_token:e.z.string().optional(),scope:e.z.string().optional(),state:e.z.string().optional(),refresh_token:e.z.string().optional(),token_type:e.z.string(),expires_in:e.z.number()});e.z.object({code:e.z.string(),state:e.z.string().optional()});const Ke=e.z.object({button_border_radius:e.z.number(),button_border_weight:e.z.number(),buttons_style:e.z.enum(["pill","rounded","sharp"]),input_border_radius:e.z.number(),input_border_weight:e.z.number(),inputs_style:e.z.enum(["pill","rounded","sharp"]),show_widget_shadow:e.z.boolean(),widget_border_weight:e.z.number(),widget_corner_radius:e.z.number()}),qe=e.z.object({base_focus_color:e.z.string(),base_hover_color:e.z.string(),body_text:e.z.string(),captcha_widget_theme:e.z.enum(["auto","dark","light"]),error:e.z.string(),header:e.z.string(),icons:e.z.string(),input_background:e.z.string(),input_border:e.z.string(),input_filled_text:e.z.string(),input_labels_placeholders:e.z.string(),links_focused_components:e.z.string(),primary_button:e.z.string(),primary_button_label:e.z.string(),secondary_button_border:e.z.string(),secondary_button_label:e.z.string(),success:e.z.string(),widget_background:e.z.string(),widget_border:e.z.string()}),_=e.z.object({bold:e.z.boolean(),size:e.z.number()}),Ve=e.z.object({body_text:_,buttons_text:_,font_url:e.z.string(),input_labels:_,links:_,links_style:e.z.enum(["normal","underlined"]),reference_text_size:e.z.number(),subtitle:_,title:_}),Xe=e.z.object({background_color:e.z.string(),background_image_url:e.z.string(),page_layout:e.z.enum(["center","left","right"])}),Ye=e.z.object({header_text_alignment:e.z.enum(["center","left","right"]),logo_height:e.z.number(),logo_position:e.z.enum(["center","left","none","right"]),logo_url:e.z.string(),social_buttons_layout:e.z.enum(["bottom","top"])}),Qe=e.z.object({borders:Ke,colors:qe,displayName:e.z.string(),fonts:Ve,page_background:Xe,widget:Ye}),Vt=Qe.extend({themeId:e.z.string()}),Xt=e.z.object({universal_login_experience:e.z.enum(["new","classic"]).default("new"),identifier_first:e.z.boolean().default(!0),password_first:e.z.boolean().default(!1),webauthn_platform_first_factor:e.z.boolean()}),Yt=e.z.object({name:e.z.string(),enabled:e.z.boolean().optional().default(!0),default_from_address:e.z.string().optional(),credentials:e.z.union([e.z.object({accessKeyId:e.z.string(),secretAccessKey:e.z.string(),region:e.z.string()}),e.z.object({smtp_host:e.z.array(e.z.string()),smtp_port:e.z.number(),smtp_user:e.z.string(),smtp_pass:e.z.string()}),e.z.object({api_key:e.z.string(),domain:e.z.string().optional()}),e.z.object({connectionString:e.z.string()}),e.z.object({tenantId:e.z.string(),clientId:e.z.string(),clientSecret:e.z.string()})]),settings:e.z.object({}).optional()}),Ze=e.z.object({id:e.z.string(),login_id:e.z.string(),user_id:e.z.string(),client_id:e.z.string(),expires_at:e.z.string().optional(),idle_expires_at:e.z.string().optional(),last_exchanged_at:e.z.string().optional(),device:He,resource_servers:e.z.array(e.z.object({audience:e.z.string(),scopes:e.z.string()})),rotating:e.z.boolean()}),Qt=e.z.object({created_at:e.z.string(),...Ze.shape}),Zt=e.z.object({to:e.z.string(),message:e.z.string()}),Jt=e.z.object({name:e.z.string(),options:e.z.object({})}),Je=e.z.object({value:e.z.string(),description:e.z.string().optional()}),$e=e.z.object({token_dialect:e.z.enum(["access_token","access_token_authz"]).optional(),enforce_policies:e.z.boolean().optional(),allow_skipping_userinfo:e.z.boolean().optional(),skip_userinfo:e.z.boolean().optional(),persist_client_authorization:e.z.boolean().optional(),enable_introspection_endpoint:e.z.boolean().optional(),mtls:e.z.object({bound_access_tokens:e.z.boolean().optional()}).optional()}),eo=e.z.object({id:e.z.string().optional(),name:e.z.string(),identifier:e.z.string(),scopes:e.z.array(Je).optional(),signing_alg:e.z.string().optional(),signing_secret:e.z.string().optional(),token_lifetime:e.z.number().optional(),token_lifetime_for_web:e.z.number().optional(),skip_consent_for_verifiable_first_party_clients:e.z.boolean().optional(),allow_offline_access:e.z.boolean().optional(),verificationKey:e.z.string().optional(),options:$e.optional(),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional()}),oo=e.z.object({...eo.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),$t=e.z.array(oo),to=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string()}),no=e.z.object({...to.shape,created_at:e.z.string()}),en=e.z.array(no),io=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string(),organization_id:e.z.string().optional()}),ao=e.z.object({...io.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),on=e.z.array(ao),ro=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional(),organization_id:e.z.string().optional()}),tn=e.z.array(ro),so=e.z.object({user_id:e.z.string(),role_id:e.z.string(),organization_id:e.z.string().optional()}),lo=e.z.object({...so.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),nn=e.z.array(lo),co=e.z.object({id:e.z.string().optional().openapi({description:"The unique identifier of the role. If not provided, one will be generated."}),name:e.z.string().min(1).max(50).openapi({description:"The name of the role. Cannot include '<' or '>'"}),description:e.z.string().max(255).optional().openapi({description:"The description of the role"}),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional().openapi({description:"Metadata associated with the role. Can be used to control sync behavior in multi-tenancy scenarios."})}),po=co.extend({id:e.z.string().openapi({description:"The unique identifier of the role"}),created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),an=e.z.array(po),_o=e.z.object({logo_url:e.z.string().optional().openapi({description:"URL of the organization's logo"}),colors:e.z.object({primary:e.z.string().optional().openapi({description:"Primary color in hex format (e.g., #FF0000)"}),page_background:e.z.string().optional().openapi({description:"Page background color in hex format (e.g., #FFFFFF)"})}).optional()}).optional(),zo=e.z.object({connection_id:e.z.string().openapi({description:"ID of the connection"}),assign_membership_on_login:e.z.boolean().default(!1).openapi({description:"Whether to assign membership to the organization on login"}),show_as_button:e.z.boolean().default(!0).openapi({description:"Whether to show this connection as a button in the login screen"}),is_signup_enabled:e.z.boolean().default(!0).openapi({description:"Whether signup is enabled for this connection"})}),go=e.z.object({client_credentials:e.z.object({enforce:e.z.boolean().default(!1).openapi({description:"Whether to enforce token quota limits"}),per_day:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per day (0 = unlimited)"}),per_hour:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per hour (0 = unlimited)"})}).optional()}).optional(),mo=e.z.object({id:e.z.string().optional(),name:e.z.string().min(1).regex(/^[a-z0-9_-]+$/,{message:"Organization name must be lowercase and can only contain letters, numbers, hyphens, and underscores"}).openapi({description:"The name of the organization. Must be lowercase and can only contain letters, numbers, hyphens, and underscores."}),display_name:e.z.string().optional().openapi({description:"The display name of the organization"}),branding:_o,metadata:e.z.record(e.z.any()).default({}).optional().openapi({description:"Custom metadata for the organization"}),enabled_connections:e.z.array(zo).default([]).optional().openapi({description:"List of enabled connections for the organization"}),token_quota:go}),rn=e.z.object({...mo.shape,...s.shape,id:e.z.string(),name:e.z.string().min(1).openapi({description:"The name of the organization"})}),uo=e.z.object({user_id:e.z.string().openapi({description:"ID of the user"}),organization_id:e.z.string().openapi({description:"ID of the organization"})}),sn=e.z.object({...uo.shape,...s.shape,id:e.z.string()}),ln=e.z.object({idle_session_lifetime:e.z.number().optional(),session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),enable_client_connections:e.z.boolean().optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional()}).optional(),friendly_name:e.z.string().optional(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),mfa:e.z.object({policy:e.z.enum(["never","always"]).default("never").optional(),factors:e.z.object({sms:e.z.boolean().default(!1),otp:e.z.boolean().default(!1),email:e.z.boolean().default(!1),push_notification:e.z.boolean().default(!1),webauthn_roaming:e.z.boolean().default(!1),webauthn_platform:e.z.boolean().default(!1),recovery_code:e.z.boolean().default(!1),duo:e.z.boolean().default(!1)}).optional(),sms_provider:e.z.object({provider:e.z.enum(["twilio","vonage","aws_sns","phone_message_hook"]).optional()}).optional(),twilio:e.z.object({sid:e.z.string().optional(),auth_token:e.z.string().optional(),from:e.z.string().optional(),messaging_service_sid:e.z.string().optional()}).optional(),phone_message:e.z.object({message:e.z.string().optional()}).optional()}).optional()}),cn=e.z.object({date:e.z.string().openapi({description:"Date these events occurred in ISO 8601 format",example:"2025-12-19"}),logins:e.z.number().openapi({description:"Number of logins on this date",example:150}),signups:e.z.number().openapi({description:"Number of signups on this date",example:25}),leaked_passwords:e.z.number().openapi({description:"Number of breached-password detections on this date (subscription required)",example:0}),updated_at:e.z.string().openapi({description:"Date and time this stats entry was last updated in ISO 8601 format",example:"2025-12-19T10:30:00.000Z"}),created_at:e.z.string().openapi({description:"Approximate date and time the first event occurred in ISO 8601 format",example:"2025-12-19T00:00:00.000Z"})}),pn=e.z.number().openapi({description:"Number of active users in the last 30 days",example:1234}),ho=e.z.enum(["login","login-id","login-password","signup","signup-id","signup-password","reset-password","consent","mfa","mfa-push","mfa-otp","mfa-voice","mfa-phone","mfa-webauthn","mfa-email","mfa-recovery-code","status","device-flow","email-verification","email-otp-challenge","organizations","invitation","common","passkeys","captcha","custom-form","login-passwordless"]),bo=e.z.record(e.z.string(),e.z.record(e.z.string(),e.z.string())).openapi({type:"object",additionalProperties:{type:"object",additionalProperties:{type:"string"}}}),_n=e.z.object({prompt:ho,language:e.z.string(),custom_text:bo}),dn={EMAIL:"email",SMS:"sms",USERNAME_PASSWORD:"Username-Password-Authentication",GOOGLE_OAUTH2:"google-oauth2",APPLE:"apple",FACEBOOK:"facebook",GITHUB:"github",MICROSOFT:"microsoft",VIPPS:"vipps",OIDC:"oidc",OAUTH2:"oauth2",SAMLP:"samlp",WAAD:"waad",ADFS:"adfs"},zn={DATABASE:"database",SOCIAL:"social",PASSWORDLESS:"passwordless"},fo=e.z.enum(["phone","totp","email","push","webauthn"]),So=e.z.object({user_id:e.z.string(),type:fo,phone_number:e.z.string().optional(),totp_secret:e.z.string().optional(),confirmed:e.z.boolean().default(!1)});function Eo(o,n){o.type==="phone"&&!o.phone_number&&n.addIssue({code:e.z.ZodIssueCode.custom,message:"phone_number is required when type is 'phone'",path:["phone_number"]}),o.type==="totp"&&!o.totp_secret&&n.addIssue({code:e.z.ZodIssueCode.custom,message:"totp_secret is required when type is 'totp'",path:["totp_secret"]})}const gn=So.superRefine(Eo),mn=e.z.object({...So.shape,id:e.z.string(),created_at:e.z.string(),updated_at:e.z.string()}).superRefine(Eo);function un(o){const[n,i]=o.split("|");if(!n||!i)throw new Error(`Invalid user_id: ${o}`);return{connection:n,id:i}}function hn(o){const{primary:n,secondaries:i,syncMethods:k=["create","update","remove","delete","set"]}=o,f={get(c,a){if(typeof a=="symbol")return c[a];const p=c[a];return typeof p!="function"?p:k.includes(a)?async(...z)=>{const S=await p.apply(c,z),g=[];for(const r of i){const u=r.adapter[a];if(typeof u!="function")continue;const E=(async()=>{try{await u.apply(r.adapter,z)}catch(h){try{r.onError?r.onError(h,a,z):console.error(`Passthrough adapter: secondary write failed for ${a}:`,h)}catch(A){console.error(`Passthrough adapter: onError handler threw for ${a}:`,A)}}})();r.blocking&&g.push(E)}return g.length>0&&await Promise.all(g),S}:p.bind(c)}};return new Proxy(n,f)}function bn(o){return o}function fn(o){var f,c,a,p,z,S,g,r,u,E,h,A;const n=o==null?void 0:o.options;if(!n)return{usernameIdentifierActive:!1,emailIdentifierActive:!0,usernameMinLength:1,usernameMaxLength:15};const i=n.attributes;if(i){const Ao=((c=(f=i.username)==null?void 0:f.identifier)==null?void 0:c.active)===!0,Io=((p=(a=i.email)==null?void 0:a.identifier)==null?void 0:p.active)!==!1,yo=((S=(z=i.username)==null?void 0:z.validation)==null?void 0:S.min_length)??1,Co=((r=(g=i.username)==null?void 0:g.validation)==null?void 0:r.max_length)??15;return{usernameIdentifierActive:Ao,emailIdentifierActive:Io,usernameMinLength:yo,usernameMaxLength:Co}}return{usernameIdentifierActive:n.requires_username===!0,emailIdentifierActive:!0,usernameMinLength:((E=(u=n.validation)==null?void 0:u.username)==null?void 0:E.min)??1,usernameMaxLength:((A=(h=n.validation)==null?void 0:h.username)==null?void 0:A.max)??15}}exports.Auth0ActionEnum=Oo;exports.Auth0Client=Fe;exports.AuthorizationResponseMode=N;exports.AuthorizationResponseType=O;exports.CodeChallengeMethod=w;exports.ComponentCategory=T;exports.ComponentType=C;exports.EmailActionEnum=No;exports.FORM_FIELD_TYPES=ht;exports.FlowActionTypeEnum=To;exports.GrantType=We;exports.LocationInfo=xe;exports.LogTypes=Ue;exports.LoginSessionState=v;exports.NodeType=ne;exports.RedirectTargetEnum=P;exports.Strategy=dn;exports.StrategyType=zn;exports.actionNodeSchema=re;exports.activeUsersResponseSchema=pn;exports.addressSchema=K;exports.auth0FlowInsertSchema=xo;exports.auth0FlowSchema=_e;exports.auth0QuerySchema=Ro;exports.auth0UpdateUserActionSchema=F;exports.auth0UserResponseSchema=Do;exports.authParamsSchema=de;exports.baseUserSchema=y;exports.blockComponentSchema=Se;exports.bordersSchema=Ke;exports.brandingSchema=Po;exports.buttonComponentSchema=J;exports.clientGrantInsertSchema=Y;exports.clientGrantListSchema=Fo;exports.clientGrantSchema=Q;exports.clientInsertSchema=X;exports.clientSchema=Uo;exports.codeInsertSchema=ge;exports.codeSchema=Mo;exports.codeTypeSchema=ze;exports.colorsSchema=qe;exports.componentMessageSchema=Ce;exports.componentSchema=te;exports.connectionInsertSchema=ue;exports.connectionOptionsSchema=me;exports.connectionSchema=Ho;exports.coordinatesSchema=d;exports.createPassthroughAdapter=hn;exports.createWriteOnlyAdapter=bn;exports.customDomainInsertSchema=he;exports.customDomainSchema=fe;exports.customDomainWithTenantIdSchema=Go;exports.customTextEntrySchema=_n;exports.customTextSchema=bo;exports.dailyStatsSchema=cn;exports.emailProviderSchema=Yt;exports.emailVerificationRulesSchema=U;exports.emailVerifyActionSchema=x;exports.endingSchema=pe;exports.fieldComponentSchema=Ae;exports.flowActionStepSchema=H;exports.flowInsertSchema=G;exports.flowSchema=wo;exports.flowsFieldComponentSchema=ee;exports.flowsFlowNodeSchema=ae;exports.flowsStepNodeSchema=ie;exports.fontDetailsSchema=_;exports.fontsSchema=Ve;exports.formControlSchema=bt;exports.formInsertSchema=ye;exports.formNodeComponentDefinition=D;exports.formNodeSchema=Ie;exports.formSchema=At;exports.genericComponentSchema=oe;exports.genericNodeSchema=se;exports.getConnectionIdentifierConfig=fn;exports.hookInsertSchema=jt;exports.hookSchema=kt;exports.hookTemplateId=L;exports.hookTemplates=Ot;exports.identitySchema=W;exports.inviteInsertSchema=De;exports.inviteSchema=Ut;exports.inviteeSchema=je;exports.inviterSchema=Re;exports.isBlockComponent=yt;exports.isFieldComponent=Tt;exports.isWidgetComponent=Ct;exports.jwksKeySchema=Ft;exports.jwksSchema=Le;exports.legalComponentSchema=$;exports.logInsertSchema=Pe;exports.logSchema=Ht;exports.loginSessionInsertSchema=ke;exports.loginSessionSchema=Pt;exports.loginSessionStateSchema=ve;exports.mfaEnrollmentInsertSchema=gn;exports.mfaEnrollmentSchema=mn;exports.mfaEnrollmentTypeSchema=fo;exports.nodeSchema=le;exports.openIDConfigurationSchema=xt;exports.organizationBrandingSchema=_o;exports.organizationEnabledConnectionSchema=zo;exports.organizationInsertSchema=mo;exports.organizationSchema=rn;exports.organizationTokenQuotaSchema=go;exports.pageBackgroundSchema=Xe;exports.parseUserId=un;exports.passwordInsertSchema=Me;exports.passwordSchema=Gt;exports.profileDataSchema=B;exports.promptScreenSchema=ho;exports.promptSettingSchema=Xt;exports.redirectActionSchema=M;exports.refreshTokenInsertSchema=Ze;exports.refreshTokenSchema=Qt;exports.resourceServerInsertSchema=eo;exports.resourceServerListSchema=$t;exports.resourceServerOptionsSchema=$e;exports.resourceServerSchema=oo;exports.resourceServerScopeSchema=Je;exports.richTextComponentSchema=Z;exports.roleInsertSchema=co;exports.roleListSchema=an;exports.rolePermissionInsertSchema=to;exports.rolePermissionListSchema=en;exports.rolePermissionSchema=no;exports.roleSchema=po;exports.screenLinkSchema=Te;exports.sessionInsertSchema=Ge;exports.sessionSchema=Bt;exports.signingKeySchema=Wt;exports.smsProviderSchema=Jt;exports.smsSendParamsSchema=Zt;exports.startSchema=ce;exports.tenantInsertSchema=Be;exports.tenantSchema=Kt;exports.tenantSettingsSchema=ln;exports.themeInsertSchema=Qe;exports.themeSchema=Vt;exports.tokenResponseSchema=qt;exports.totalsSchema=jo;exports.uiScreenSchema=It;exports.userInsertSchema=q;exports.userOrganizationInsertSchema=uo;exports.userOrganizationSchema=sn;exports.userPermissionInsertSchema=io;exports.userPermissionListSchema=on;exports.userPermissionSchema=ao;exports.userPermissionWithDetailsListSchema=tn;exports.userPermissionWithDetailsSchema=ro;exports.userResponseSchema=Lo;exports.userRoleInsertSchema=so;exports.userRoleListSchema=nn;exports.userRoleSchema=lo;exports.userSchema=V;exports.verificationMethodsSchema=be;exports.widgetComponentSchema=Ee;exports.widgetSchema=Ye;
1
+ "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("@hono/zod-openapi"),r=e.z.object({created_at:e.z.string(),updated_at:e.z.string()}),To=e.z.enum(["AUTH0","EMAIL","REDIRECT"]),Oo=e.z.enum(["CREATE_USER","GET_USER","UPDATE_USER","SEND_REQUEST","SEND_EMAIL"]),No=e.z.enum(["VERIFY_EMAIL"]),U=e.z.object({require_mx_record:e.z.boolean().optional(),block_aliases:e.z.boolean().optional(),block_free_emails:e.z.boolean().optional(),block_disposable_emails:e.z.boolean().optional(),blocklist:e.z.array(e.z.string()).optional(),allowlist:e.z.array(e.z.string()).optional()}),F=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("AUTH0"),action:e.z.literal("UPDATE_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({connection_id:e.z.string().optional(),user_id:e.z.string(),changes:e.z.record(e.z.string(),e.z.any())})}),x=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("EMAIL"),action:e.z.literal("VERIFY_EMAIL"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({email:e.z.string(),rules:U.optional()})}),P=e.z.enum(["change-email","account","custom"]),M=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("REDIRECT"),action:e.z.literal("REDIRECT_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({target:P.openapi({description:"The predefined target to redirect to, or 'custom' for a custom URL"}),custom_url:e.z.string().optional().openapi({description:"Custom URL to redirect to when target is 'custom'"})})}),H=e.z.union([F,x,M]),G=e.z.object({name:e.z.string().min(1).max(150).openapi({description:"The name of the flow"}),actions:e.z.array(H).optional().default([]).openapi({description:"The list of actions to execute in sequence"})}),wo=G.extend({...r.shape,id:e.z.string().openapi({description:"Unique identifier for the flow",example:"af_12tMpdJ3iek7svMyZkSh5M"})}),Ro=e.z.object({page:e.z.string().min(0).optional().default("0").transform(o=>parseInt(o,10)).openapi({description:"The page number where 0 is the first page"}),per_page:e.z.string().min(1).optional().default("10").transform(o=>parseInt(o,10)).openapi({description:"The number of items per page"}),include_totals:e.z.string().optional().default("false").transform(o=>o==="true").openapi({description:"If the total number of items should be included in the response"}),sort:e.z.string().regex(/^.+:(-1|1)$/).optional().openapi({description:"A property that should have the format 'string:-1' or 'string:1'"}),q:e.z.string().optional().openapi({description:"A lucene query string used to filter the results"})}),jo=e.z.object({start:e.z.number(),limit:e.z.number(),length:e.z.number(),total:e.z.number().optional()}),B=e.z.object({email:e.z.string().optional(),email_verified:e.z.boolean().optional(),name:e.z.string().optional(),username:e.z.string().optional(),given_name:e.z.string().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),family_name:e.z.string().optional()}).catchall(e.z.any()),W=e.z.object({connection:e.z.string(),user_id:e.z.string(),provider:e.z.string(),isSocial:e.z.boolean(),email:e.z.string().optional(),email_verified:e.z.boolean().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),username:e.z.string().optional(),access_token:e.z.string().optional(),access_token_secret:e.z.string().optional(),refresh_token:e.z.string().optional(),profileData:B.optional()}),K=e.z.object({formatted:e.z.string().optional(),street_address:e.z.string().optional(),locality:e.z.string().optional(),region:e.z.string().optional(),postal_code:e.z.string().optional(),country:e.z.string().optional()}).optional(),y=e.z.object({email:e.z.string().optional().transform(o=>o&&o.toLowerCase()),username:e.z.string().refine(o=>!o.includes("@"),{message:'Usernames must not contain "@". Use the email field for email addresses.'}).optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),given_name:e.z.string().optional(),family_name:e.z.string().optional(),nickname:e.z.string().optional(),name:e.z.string().optional(),picture:e.z.string().optional(),locale:e.z.string().optional(),linked_to:e.z.string().optional(),profileData:e.z.string().optional(),user_id:e.z.string().optional(),app_metadata:e.z.any().default({}).optional(),user_metadata:e.z.any().default({}).optional(),middle_name:e.z.string().optional(),preferred_username:e.z.string().optional(),profile:e.z.string().optional(),website:e.z.string().optional(),gender:e.z.string().optional(),birthdate:e.z.string().optional(),zoneinfo:e.z.string().optional(),address:K}),q=y.extend({email_verified:e.z.boolean().default(!1),verify_email:e.z.boolean().optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string().optional(),provider:e.z.string().optional(),connection:e.z.string(),is_social:e.z.boolean().optional(),password:e.z.object({hash:e.z.string(),algorithm:e.z.string()}).optional()}),V=e.z.object({...q.omit({password:!0}).shape,...r.shape,user_id:e.z.string(),provider:e.z.string(),is_social:e.z.boolean(),email:e.z.string().optional(),login_count:e.z.number().default(0),identities:e.z.array(W).optional()}),Do=V,Lo=y.extend({login_count:e.z.number(),multifactor:e.z.array(e.z.string()).optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string()}).catchall(e.z.any());let vo="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict",ko=(o=21)=>{let t="",i=crypto.getRandomValues(new Uint8Array(o|=0));for(;o--;)t+=vo[i[o]&63];return t};const X=e.z.object({client_id:e.z.string().openapi({description:"ID of this client."}),name:e.z.string().min(1).openapi({description:"Name of this client (min length: 1 character, does not allow < or >)."}),description:e.z.string().max(140).optional().openapi({description:"Free text description of this client (max length: 140 characters)."}),global:e.z.boolean().default(!1).openapi({description:"Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false)."}),client_secret:e.z.string().default(()=>ko()).optional().openapi({description:"Client secret (which you must not make public)."}),app_type:e.z.enum(["native","spa","regular_web","non_interactive","resource_server","express_configuration","rms","box","cloudbees","concur","dropbox","mscrm","echosign","egnyte","newrelic","office365","salesforce","sentry","sharepoint","slack","springcm","zendesk","zoom","sso_integration","oag"]).default("regular_web").optional().openapi({description:"The type of application this client represents"}),logo_uri:e.z.string().url().optional().openapi({description:"URL of the logo to display for this client. Recommended size is 150x150 pixels."}),is_first_party:e.z.boolean().default(!1).openapi({description:"Whether this client a first party client (true) or not (false)."}),oidc_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false)."}),auth0_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client follows Auth0-compatible behavior (true) or strict OIDC behavior (false). When true, profile/email claims are included in the ID token when scopes are requested. When false, these claims are only available from the userinfo endpoint (strict OIDC 5.4 compliance)."}),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),client_aliases:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of audiences/realms for SAML protocol. Used by the wsfed addon."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed."}),connections:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of connection IDs enabled for this client. The order determines the display order on the login page."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),session_transfer:e.z.record(e.z.any()).default({}).optional().openapi({description:"Native to Web SSO Configuration"}),oidc_logout:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration for OIDC backchannel logout"}),grant_types:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, urn:openid:params:grant-type:ciba, and urn:ietf:params:oauth:grant-type:device_code."}),jwt_configuration:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration related to JWTs for the client."}),signing_keys:e.z.array(e.z.record(e.z.any())).default([]).optional().openapi({description:"Signing certificates associated with this client."}),encryption_key:e.z.record(e.z.any()).default({}).optional().openapi({description:"Encryption used for WsFed responses with this client."}),sso:e.z.boolean().default(!1).openapi({description:"Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false)."}),sso_disabled:e.z.boolean().default(!0).openapi({description:"Whether Single Sign On is disabled (true) or enabled (true). Defaults to true."}),cross_origin_authentication:e.z.boolean().default(!1).openapi({description:"Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."}),cross_origin_loc:e.z.string().url().optional().openapi({description:"URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page."}),custom_login_page_on:e.z.boolean().default(!1).openapi({description:"Whether a custom login page is to be used (true) or the default provided login page (false)."}),custom_login_page:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page."}),custom_login_page_preview:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page. (Used on Previews)"}),form_template:e.z.string().optional().openapi({description:"HTML form template to be used for WS-Federation."}),addons:e.z.record(e.z.any()).default({}).optional().openapi({description:"Addons enabled for this client and their associated configurations."}),token_endpoint_auth_method:e.z.enum(["none","client_secret_post","client_secret_basic"]).default("client_secret_basic").optional().openapi({description:"Defines the requested authentication method for the token endpoint. Can be none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), or client_secret_basic (client uses HTTP Basic)."}),client_metadata:e.z.record(e.z.string().max(255)).default({}).optional().openapi({description:'Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/()<>@ [Tab][Space]'}),mobile:e.z.record(e.z.any()).default({}).optional().openapi({description:"Additional configuration for native mobile apps."}),initiate_login_uri:e.z.string().url().optional().openapi({description:"Initiate login uri, must be https"}),native_social_login:e.z.record(e.z.any()).default({}).optional(),refresh_token:e.z.record(e.z.any()).default({}).optional().openapi({description:"Refresh token configuration"}),default_organization:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines the default Organization ID and flows"}),organization_usage:e.z.enum(["deny","allow","require"]).default("deny").optional().openapi({description:"Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require."}),organization_require_behavior:e.z.enum(["no_prompt","pre_login_prompt","post_login_prompt"]).default("no_prompt").optional().openapi({description:"Defines how to proceed during an authentication transaction when client.organization_usage: 'require'. Can be no_prompt (default), pre_login_prompt or post_login_prompt. post_login_prompt requires oidc_conformant: true."}),client_authentication_methods:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines client authentication methods."}),require_pushed_authorization_requests:e.z.boolean().default(!1).openapi({description:"Makes the use of Pushed Authorization Requests mandatory for this client"}),require_proof_of_possession:e.z.boolean().default(!1).openapi({description:"Makes the use of Proof-of-Possession mandatory for this client"}),signed_request_object:e.z.record(e.z.any()).default({}).optional().openapi({description:"JWT-secured Authorization Requests (JAR) settings."}),compliance_level:e.z.enum(["none","fapi1_adv_pkj_par","fapi1_adv_mtls_par","fapi2_sp_pkj_mtls","fapi2_sp_mtls_mtls"]).optional().openapi({description:"Defines the compliance level for this client, which may restrict it's capabilities"}),par_request_expiry:e.z.number().optional().openapi({description:"Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"}),token_quota:e.z.record(e.z.any()).default({}).optional()}),Uo=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),...X.shape}),Y=e.z.object({client_id:e.z.string().min(1).openapi({description:"ID of the client."}),audience:e.z.string().min(1).openapi({description:"The audience (API identifier) of this client grant."}),scope:e.z.array(e.z.string()).optional().openapi({description:"Scopes allowed for this client grant."}),organization_usage:e.z.enum(["deny","allow","require"]).optional().openapi({description:"Defines whether organizations can be used with client credentials exchanges for this grant."}),allow_any_organization:e.z.boolean().optional().openapi({description:"If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations."}),is_system:e.z.boolean().optional().openapi({description:"If enabled, this grant is a special grant created by Auth0. It cannot be modified or deleted directly."}),subject_type:e.z.enum(["client","user"]).optional().openapi({description:"The type of application access the client grant allows. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."}),authorization_details_types:e.z.array(e.z.string()).optional().openapi({description:"Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."})}),Q=e.z.object({id:e.z.string().openapi({description:"ID of the client grant."}),...Y.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),Fo=e.z.array(Q),d=e.z.object({x:e.z.number(),y:e.z.number()});var C=(o=>(o.RICH_TEXT="RICH_TEXT",o.NEXT_BUTTON="NEXT_BUTTON",o.BACK_BUTTON="BACK_BUTTON",o.SUBMIT_BUTTON="SUBMIT_BUTTON",o.DIVIDER="DIVIDER",o.TEXT="TEXT",o.EMAIL="EMAIL",o.PASSWORD="PASSWORD",o.NUMBER="NUMBER",o.PHONE="PHONE",o.DATE="DATE",o.CHECKBOX="CHECKBOX",o.RADIO="RADIO",o.SELECT="SELECT",o.HIDDEN="HIDDEN",o.LEGAL="LEGAL",o))(C||{}),T=(o=>(o.BLOCK="BLOCK",o.FIELD="FIELD",o))(T||{});const I=e.z.object({id:e.z.string(),category:e.z.nativeEnum(T),type:e.z.nativeEnum(C)}),Z=I.extend({category:e.z.literal("BLOCK"),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}).passthrough()}),$=I.extend({category:e.z.literal("BLOCK"),type:e.z.union([e.z.literal("NEXT_BUTTON"),e.z.literal("BACK_BUTTON"),e.z.literal("SUBMIT_BUTTON")]),config:e.z.object({text:e.z.string()}).passthrough()}),J=I.extend({category:e.z.literal("FIELD"),type:e.z.literal("LEGAL"),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({text:e.z.string()}).passthrough()}),ee=I.extend({category:e.z.literal("FIELD"),type:e.z.union([e.z.literal("TEXT"),e.z.literal("EMAIL"),e.z.literal("PASSWORD"),e.z.literal("NUMBER"),e.z.literal("PHONE"),e.z.literal("DATE"),e.z.literal("CHECKBOX"),e.z.literal("RADIO"),e.z.literal("SELECT"),e.z.literal("HIDDEN")]),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({label:e.z.string().optional(),placeholder:e.z.string().optional()}).passthrough()}),oe=e.z.object({id:e.z.string(),category:e.z.string(),type:e.z.string()}).passthrough(),te=e.z.union([Z,$,J,ee,oe]);var ne=(o=>(o.STEP="STEP",o.FLOW="FLOW",o.CONDITION="CONDITION",o.ACTION="ACTION",o))(ne||{});const ie=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({components:e.z.array(te),next_node:e.z.string()}).passthrough()}),ae=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({flow_id:e.z.string(),next_node:e.z.string()})}),se=e.z.object({id:e.z.string(),type:e.z.literal("ACTION"),coordinates:d,alias:e.z.string().optional(),config:e.z.object({action_type:e.z.enum(["REDIRECT"]).openapi({description:"The type of action to perform"}),target:e.z.enum(["change-email","account","custom"]).openapi({description:"The predefined target to redirect to"}),custom_url:e.z.string().optional().openapi({description:"Custom URL when target is 'custom'"}),next_node:e.z.string().openapi({description:"The next node to navigate to after action (for non-redirect actions)"})}).passthrough()}),re=e.z.object({id:e.z.string(),type:e.z.string(),coordinates:d}).passthrough(),le=e.z.union([ie,ae,se,re]),ce=e.z.object({next_node:e.z.string(),coordinates:d}).passthrough(),pe=e.z.object({resume_flow:e.z.boolean().optional(),coordinates:d}).passthrough(),_e=e.z.object({id:e.z.string(),name:e.z.string(),languages:e.z.object({primary:e.z.string()}).passthrough(),nodes:e.z.array(le),start:ce,ending:pe,created_at:e.z.string(),updated_at:e.z.string(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).passthrough()}).passthrough(),xo=_e.omit({id:!0,created_at:!0,updated_at:!0});var O=(o=>(o.TOKEN="token",o.ID_TOKEN="id_token",o.TOKEN_ID_TOKEN="token id_token",o.CODE="code",o))(O||{}),N=(o=>(o.QUERY="query",o.FRAGMENT="fragment",o.FORM_POST="form_post",o.WEB_MESSAGE="web_message",o.SAML_POST="saml_post",o))(N||{}),w=(o=>(o.S256="S256",o.Plain="plain",o))(w||{});const de=e.z.object({client_id:e.z.string(),act_as:e.z.string().optional(),response_type:e.z.nativeEnum(O).optional(),response_mode:e.z.nativeEnum(N).optional(),redirect_uri:e.z.string().optional(),audience:e.z.string().optional(),organization:e.z.string().optional(),state:e.z.string().optional(),nonce:e.z.string().optional(),scope:e.z.string().optional(),prompt:e.z.string().optional(),code_challenge_method:e.z.nativeEnum(w).optional(),code_challenge:e.z.string().optional(),username:e.z.string().optional(),ui_locales:e.z.string().optional(),max_age:e.z.number().optional(),acr_values:e.z.string().optional(),vendor_id:e.z.string().optional()}),Po=e.z.object({colors:e.z.object({primary:e.z.string(),page_background:e.z.object({type:e.z.string().optional(),start:e.z.string().optional(),end:e.z.string().optional(),angle_deg:e.z.number().optional()}).optional()}).optional(),logo_url:e.z.string().optional(),favicon_url:e.z.string().optional(),powered_by_logo_url:e.z.string().optional(),font:e.z.object({url:e.z.string()}).optional()}),ze=e.z.enum(["password_reset","email_verification","otp","mfa_otp","authorization_code","oauth2_state","ticket"]),ge=e.z.object({code_id:e.z.string().openapi({description:"The code that will be used in for instance an email verification flow"}),login_id:e.z.string().openapi({description:"The id of the login session that the code is connected to"}),connection_id:e.z.string().optional().openapi({description:"The connection that the code is connected to"}),code_type:ze,code_verifier:e.z.string().optional().openapi({description:"The code verifier used in PKCE in outbound flows"}),code_challenge:e.z.string().optional().openapi({description:"The code challenge used in PKCE in outbound flows"}),code_challenge_method:e.z.enum(["plain","S256"]).optional().openapi({description:"The code challenge method used in PKCE in outbound flows"}),redirect_uri:e.z.string().optional().openapi({description:"The redirect URI associated with the code"}),otp:e.z.string().optional().openapi({description:"The one-time password value for OTP-based flows"}),nonce:e.z.string().optional().openapi({description:"The nonce value used for security in OIDC flows"}),state:e.z.string().optional().openapi({description:"The state parameter used for CSRF protection in OAuth flows"}),expires_at:e.z.string(),used_at:e.z.string().optional(),user_id:e.z.string().optional()}),Mo=e.z.object({...ge.shape,created_at:e.z.string()}),me=e.z.object({kid:e.z.string().optional(),team_id:e.z.string().optional(),realms:e.z.string().optional(),authentication_method:e.z.string().optional(),client_id:e.z.string().optional(),client_secret:e.z.string().optional(),app_secret:e.z.string().optional(),scope:e.z.string().optional(),authorization_endpoint:e.z.string().optional(),token_endpoint:e.z.string().optional(),userinfo_endpoint:e.z.string().optional(),jwks_uri:e.z.string().optional(),discovery_url:e.z.string().optional(),issuer:e.z.string().optional(),provider:e.z.string().optional(),from:e.z.string().optional(),twilio_sid:e.z.string().optional(),twilio_token:e.z.string().optional(),icon_url:e.z.string().optional(),passwordPolicy:e.z.enum(["none","low","fair","good","excellent"]).optional(),password_complexity_options:e.z.object({min_length:e.z.number().optional()}).optional(),password_history:e.z.object({enable:e.z.boolean().optional(),size:e.z.number().optional()}).optional(),password_no_personal_info:e.z.object({enable:e.z.boolean().optional()}).optional(),password_dictionary:e.z.object({enable:e.z.boolean().optional(),dictionary:e.z.array(e.z.string()).optional()}).optional(),disable_signup:e.z.boolean().optional(),brute_force_protection:e.z.boolean().optional(),import_mode:e.z.boolean().optional(),attributes:e.z.object({email:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional(),verification:e.z.object({active:e.z.boolean().optional()}).optional()}).optional(),validation:e.z.object({allowed:e.z.boolean().optional()}).optional(),unique:e.z.boolean().optional(),profile_required:e.z.boolean().optional(),verification_method:e.z.enum(["link","code"]).optional()}).optional(),username:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional()}).optional(),validation:e.z.object({max_length:e.z.number().optional(),min_length:e.z.number().optional(),allowed_types:e.z.object({email:e.z.boolean().optional(),phone_number:e.z.boolean().optional()}).optional()}).optional(),profile_required:e.z.boolean().optional()}).optional(),phone_number:e.z.object({identifier:e.z.object({active:e.z.boolean().optional()}).optional(),signup:e.z.object({status:e.z.enum(["required","optional","disabled"]).optional()}).optional()}).optional()}).optional(),authentication_methods:e.z.object({password:e.z.object({enabled:e.z.boolean().optional()}).optional(),passkey:e.z.object({enabled:e.z.boolean().optional()}).optional()}).optional(),passkey_options:e.z.object({challenge_ui:e.z.enum(["both","autofill","button"]).optional(),local_enrollment_enabled:e.z.boolean().optional(),progressive_enrollment_enabled:e.z.boolean().optional()}).optional(),requires_username:e.z.boolean().optional(),validation:e.z.object({username:e.z.object({min:e.z.number().optional(),max:e.z.number().optional()}).optional()}).optional(),set_user_root_attributes:e.z.enum(["on_each_login","on_first_login","never_on_login"]).optional()}),ue=e.z.object({id:e.z.string().optional(),name:e.z.string(),display_name:e.z.string().optional(),strategy:e.z.string(),options:me.default({}),enabled_clients:e.z.array(e.z.string()).default([]).optional(),response_type:e.z.custom().optional(),response_mode:e.z.custom().optional(),is_domain_connection:e.z.boolean().optional(),show_as_button:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional(),is_system:e.z.boolean().optional()}),Ho=e.z.object({id:e.z.string(),created_at:e.z.string().transform(o=>o===null?"":o),updated_at:e.z.string().transform(o=>o===null?"":o)}).extend(ue.shape),he=e.z.object({domain:e.z.string(),custom_domain_id:e.z.string().optional(),type:e.z.enum(["auth0_managed_certs","self_managed_certs"]),verification_method:e.z.enum(["txt"]).optional(),tls_policy:e.z.enum(["recommended"]).optional(),custom_client_ip_header:e.z.enum(["true-client-ip","cf-connecting-ip","x-forwarded-for","x-azure-clientip","null"]).optional(),domain_metadata:e.z.record(e.z.string().max(255)).optional()}),be=e.z.discriminatedUnion("name",[e.z.object({name:e.z.literal("txt"),record:e.z.string(),domain:e.z.string()}),e.z.object({name:e.z.literal("http"),http_body:e.z.string(),http_url:e.z.string()})]),fe=e.z.object({...he.shape,custom_domain_id:e.z.string(),primary:e.z.boolean(),status:e.z.enum(["disabled","pending","pending_verification","ready"]),origin_domain_name:e.z.string().optional(),verification:e.z.object({methods:e.z.array(be)}).optional(),tls_policy:e.z.string().optional()}),Go=fe.extend({tenant_id:e.z.string()}),R=e.z.object({id:e.z.string(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),l=R.extend({category:e.z.literal("BLOCK").optional()}),Bo=l.extend({type:e.z.literal("DIVIDER"),config:e.z.object({text:e.z.string().optional()}).optional()}),Wo=l.extend({type:e.z.literal("HTML"),config:e.z.object({content:e.z.string().optional()}).optional()}),Ko=l.extend({type:e.z.literal("IMAGE"),config:e.z.object({src:e.z.string().optional(),alt:e.z.string().optional(),width:e.z.number().optional(),height:e.z.number().optional()}).optional()}),qo=l.extend({type:e.z.literal("JUMP_BUTTON"),config:e.z.object({text:e.z.string().optional(),target_step:e.z.string().optional()})}),Vo=l.extend({type:e.z.literal("RESEND_BUTTON"),config:e.z.object({text:e.z.string().optional(),resend_action:e.z.string().optional()})}),Xo=l.extend({type:e.z.literal("NEXT_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),Yo=l.extend({type:e.z.literal("PREVIOUS_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),Qo=l.extend({type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string().optional()}).optional()}),j=R.extend({category:e.z.literal("WIDGET").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Zo=j.extend({type:e.z.literal("AUTH0_VERIFIABLE_CREDENTIALS"),config:e.z.object({credential_type:e.z.string().optional()})}),$o=j.extend({type:e.z.literal("GMAPS_ADDRESS"),config:e.z.object({api_key:e.z.string().optional()})}),Jo=j.extend({type:e.z.literal("RECAPTCHA"),config:e.z.object({site_key:e.z.string().optional()})}),n=R.extend({category:e.z.literal("FIELD").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),messages:e.z.array(e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])})).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),et=n.extend({type:e.z.literal("BOOLEAN"),config:e.z.object({default_value:e.z.boolean().optional()}).optional()}),ot=n.extend({type:e.z.literal("CARDS"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string(),description:e.z.string().optional(),image:e.z.string().optional()})).optional(),multi_select:e.z.boolean().optional()}).optional()}),tt=n.extend({type:e.z.literal("CHOICE"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),display:e.z.enum(["radio","checkbox"]).optional(),multiple:e.z.boolean().optional(),default_value:e.z.union([e.z.string(),e.z.array(e.z.string())]).optional()}).optional()}),nt=n.extend({type:e.z.literal("CUSTOM"),config:e.z.object({component:e.z.string().optional(),props:e.z.record(e.z.any()).optional(),schema:e.z.record(e.z.any()).optional(),code:e.z.string().optional()})}),it=n.extend({type:e.z.literal("DATE"),config:e.z.object({format:e.z.string().optional(),min:e.z.string().optional(),max:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),at=n.extend({type:e.z.literal("DROPDOWN"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),placeholder:e.z.string().optional(),searchable:e.z.boolean().optional(),multiple:e.z.boolean().optional(),default_value:e.z.union([e.z.string(),e.z.array(e.z.string())]).optional()}).optional()}),st=n.extend({type:e.z.literal("EMAIL"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),rt=n.extend({type:e.z.literal("FILE"),config:e.z.object({accept:e.z.string().optional(),max_size:e.z.number().optional(),multiple:e.z.boolean().optional()}).optional()}),lt=n.extend({type:e.z.literal("LEGAL"),config:e.z.object({text:e.z.string(),html:e.z.boolean().optional()}).optional()}),ct=n.extend({type:e.z.literal("NUMBER"),config:e.z.object({placeholder:e.z.string().optional(),min:e.z.number().optional(),max:e.z.number().optional(),step:e.z.number().optional(),default_value:e.z.string().optional()}).optional()}),pt=n.extend({type:e.z.literal("PASSWORD"),config:e.z.object({placeholder:e.z.string().optional(),min_length:e.z.number().optional(),show_toggle:e.z.boolean().optional(),forgot_password_link:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),_t=n.extend({type:e.z.literal("PAYMENT"),config:e.z.object({provider:e.z.string().optional(),currency:e.z.string().optional()}).optional()}),dt=n.extend({type:e.z.literal("SOCIAL"),config:e.z.object({providers:e.z.array(e.z.string()).optional(),provider_details:e.z.array(e.z.object({name:e.z.string(),strategy:e.z.string().optional(),display_name:e.z.string().optional(),icon_url:e.z.string().optional(),href:e.z.string().optional()})).optional()}).optional()}),zt=n.extend({type:e.z.literal("TEL"),config:e.z.object({placeholder:e.z.string().optional(),default_country:e.z.string().optional(),default_value:e.z.string().optional(),allow_email:e.z.boolean().optional()}).optional()}),gt=n.extend({type:e.z.literal("TEXT"),config:e.z.object({placeholder:e.z.string().optional(),multiline:e.z.boolean().optional(),max_length:e.z.number().optional(),default_value:e.z.string().optional()}).optional()}),mt=n.extend({type:e.z.literal("COUNTRY"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),ut=n.extend({type:e.z.literal("URL"),config:e.z.object({placeholder:e.z.string().optional(),default_value:e.z.string().optional()}).optional()}),Se=e.z.discriminatedUnion("type",[Bo,Wo,Ko,qo,Vo,Xo,Yo,Qo]),Ee=e.z.discriminatedUnion("type",[Zo,$o,Jo]),Ae=e.z.discriminatedUnion("type",[et,ot,tt,mt,nt,it,at,st,rt,lt,ct,pt,_t,dt,zt,gt,ut]),D=e.z.union([Se,Ee,Ae]),ht=new Set(["BOOLEAN","CARDS","CHOICE","COUNTRY","DATE","DROPDOWN","EMAIL","LEGAL","NUMBER","PASSWORD","TEL","TEXT","URL"]),bt=e.z.object({id:e.z.string(),type:e.z.literal("submit"),label:e.z.string(),className:e.z.string().optional(),disabled:e.z.boolean().optional().default(!1),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0),customizations:e.z.record(e.z.string(),e.z.any()).optional()}),b=e.z.object({x:e.z.number(),y:e.z.number()}),ft=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:b,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({flow_id:e.z.string().max(30),next_node:e.z.string().optional()})}),St=e.z.object({id:e.z.string(),type:e.z.literal("ROUTER"),coordinates:b,alias:e.z.string().min(1).max(150),config:e.z.object({rules:e.z.array(e.z.object({id:e.z.string(),alias:e.z.string().min(1).max(150).optional(),condition:e.z.any(),next_node:e.z.string()})),fallback:e.z.string()})}),Et=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:b,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({components:e.z.array(D),next_node:e.z.string().optional()})}),Ie=e.z.discriminatedUnion("type",[ft,St,Et]),ye=e.z.object({name:e.z.string().openapi({description:"The name of the form"}),messages:e.z.object({errors:e.z.record(e.z.string(),e.z.any()).optional(),custom:e.z.record(e.z.string(),e.z.any()).optional()}).optional(),languages:e.z.object({primary:e.z.string().optional(),default:e.z.string().optional()}).optional(),translations:e.z.record(e.z.string(),e.z.any()).optional(),nodes:e.z.array(Ie).optional(),start:e.z.object({hidden_fields:e.z.array(e.z.object({key:e.z.string(),value:e.z.string()})).optional(),next_node:e.z.string().optional(),coordinates:b.optional()}).optional(),ending:e.z.object({redirection:e.z.object({delay:e.z.number().optional(),target:e.z.string().optional()}).optional(),after_submit:e.z.object({flow_id:e.z.string().optional()}).optional(),coordinates:b.optional(),resume_flow:e.z.boolean().optional()}).optional(),style:e.z.object({css:e.z.string().optional()}).optional(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).optional()}).openapi({description:"Schema for flow-based forms (matches Auth0 Forms structure)"}),At=e.z.object({...r.shape,...ye.shape,id:e.z.string()}),Ce=e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])}),Te=e.z.object({id:e.z.string().optional(),text:e.z.string(),href:e.z.string(),linkText:e.z.string().optional()}),It=e.z.object({name:e.z.string().optional(),action:e.z.string(),method:e.z.enum(["POST","GET"]),title:e.z.string().optional(),description:e.z.string().optional(),components:e.z.array(D),messages:e.z.array(Ce).optional(),links:e.z.array(Te).optional(),footer:e.z.string().optional()});function yt(o){return o.category==="BLOCK"}function Ct(o){return o.category==="WIDGET"}function Tt(o){return o.category==="FIELD"}const Oe=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),Ne=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),we=e.z.enum(["post-user-login","credentials-exchange"]),L=e.z.enum(["ensure-username","set-preferred-username"]),Ot={"ensure-username":{name:"Ensure Username",description:"Automatically assigns a username to users who sign in without one. Creates a linked username account for social/email users.",trigger_id:"post-user-login"},"set-preferred-username":{name:"Set Preferred Username",description:"Sets the preferred_username claim on tokens based on the username from the primary or linked user.",trigger_id:"credentials-exchange"}},m={enabled:e.z.boolean().default(!1),synchronous:e.z.boolean().default(!1),priority:e.z.number().optional(),hook_id:e.z.string().optional()},Nt=e.z.object({...m,trigger_id:Oe,url:e.z.string()}),wt=e.z.object({...m,trigger_id:Ne,form_id:e.z.string()}),Rt=e.z.object({...m,trigger_id:we,template_id:L}),jt=e.z.union([Nt,wt,Rt]),Dt=e.z.object({...m,trigger_id:Oe,...r.shape,hook_id:e.z.string(),url:e.z.string()}),Lt=e.z.object({...m,trigger_id:Ne,...r.shape,hook_id:e.z.string(),form_id:e.z.string()}),vt=e.z.object({...m,trigger_id:we,...r.shape,hook_id:e.z.string(),template_id:L}),kt=e.z.union([Dt,Lt,vt]),Re=e.z.object({name:e.z.string().optional()}),je=e.z.object({email:e.z.string().optional()}),De=e.z.object({organization_id:e.z.string().max(50),inviter:Re,invitee:je,invitation_url:e.z.string().url(),client_id:e.z.string(),connection_id:e.z.string().optional(),app_metadata:e.z.record(e.z.any()).default({}).optional(),user_metadata:e.z.record(e.z.any()).default({}).optional(),ttl_sec:e.z.number().int().max(2592e3).default(604800).optional(),roles:e.z.array(e.z.string()).default([]).optional(),send_invitation_email:e.z.boolean().default(!0).optional()}),Ut=e.z.object({id:e.z.string(),organization_id:e.z.string().max(50),created_at:e.z.string().datetime(),expires_at:e.z.string().datetime(),ticket_id:e.z.string().optional()}).extend(De.shape),Le=e.z.object({alg:e.z.enum(["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512"]),e:e.z.string(),kid:e.z.string(),kty:e.z.enum(["RSA","EC","oct"]),n:e.z.string(),x5t:e.z.string().optional(),x5c:e.z.array(e.z.string()).optional(),use:e.z.enum(["sig","enc"]).optional()}),Ft=e.z.object({keys:e.z.array(Le)}),xt=e.z.object({issuer:e.z.string(),authorization_endpoint:e.z.string(),token_endpoint:e.z.string(),device_authorization_endpoint:e.z.string(),userinfo_endpoint:e.z.string(),mfa_challenge_endpoint:e.z.string(),jwks_uri:e.z.string(),registration_endpoint:e.z.string(),revocation_endpoint:e.z.string(),scopes_supported:e.z.array(e.z.string()),response_types_supported:e.z.array(e.z.string()),code_challenge_methods_supported:e.z.array(e.z.string()),response_modes_supported:e.z.array(e.z.string()),subject_types_supported:e.z.array(e.z.string()),id_token_signing_alg_values_supported:e.z.array(e.z.string()),token_endpoint_auth_methods_supported:e.z.array(e.z.string()),claims_supported:e.z.array(e.z.string()),request_uri_parameter_supported:e.z.boolean(),request_parameter_supported:e.z.boolean(),token_endpoint_auth_signing_alg_values_supported:e.z.array(e.z.string())});var v=(o=>(o.PENDING="pending",o.AUTHENTICATED="authenticated",o.AWAITING_EMAIL_VERIFICATION="awaiting_email_verification",o.AWAITING_MFA="awaiting_mfa",o.AWAITING_HOOK="awaiting_hook",o.AWAITING_CONTINUATION="awaiting_continuation",o.COMPLETED="completed",o.FAILED="failed",o.EXPIRED="expired",o))(v||{});const ve=e.z.nativeEnum(v),ke=e.z.object({csrf_token:e.z.string(),auth0Client:e.z.string().optional(),authParams:de,expires_at:e.z.string(),deleted_at:e.z.string().optional(),ip:e.z.string().optional(),useragent:e.z.string().optional(),session_id:e.z.string().optional(),authorization_url:e.z.string().optional(),state:ve.optional().default("pending"),state_data:e.z.string().optional(),failure_reason:e.z.string().optional(),user_id:e.z.string().optional(),auth_connection:e.z.string().optional()}).openapi({description:"This represents a login sesion"}),Pt=e.z.object({...ke.shape,id:e.z.string().openapi({description:"This is is used as the state in the universal login"}),created_at:e.z.string(),updated_at:e.z.string()}),Ue={ACLS_SUMMARY:"acls_summary",ACTIONS_EXECUTION_FAILED:"actions_execution_failed",API_LIMIT:"api_limit",API_LIMIT_WARNING:"api_limit_warning",APPI:"appi",CIBA_EXCHANGE_FAILED:"ciba_exchange_failed",CIBA_EXCHANGE_SUCCEEDED:"ciba_exchange_succeeded",CIBA_START_FAILED:"ciba_start_failed",CIBA_START_SUCCEEDED:"ciba_start_succeeded",CODE_LINK_SENT:"cls",CODE_SENT:"cs",DEPRECATION_NOTICE:"depnote",FAILED_LOGIN:"f",FAILED_BY_CONNECTOR:"fc",FAILED_CHANGE_EMAIL:"fce",FAILED_BY_CORS:"fco",FAILED_CROSS_ORIGIN_AUTHENTICATION:"fcoa",FAILED_CHANGE_PASSWORD:"fcp",FAILED_POST_CHANGE_PASSWORD_HOOK:"fcph",FAILED_CHANGE_PHONE_NUMBER:"fcpn",FAILED_CHANGE_PASSWORD_REQUEST:"fcpr",FAILED_CONNECTOR_PROVISIONING:"fcpro",FAILED_CHANGE_USERNAME:"fcu",FAILED_DELEGATION:"fd",FAILED_DEVICE_ACTIVATION:"fdeac",FAILED_DEVICE_AUTHORIZATION_REQUEST:"fdeaz",USER_CANCELED_DEVICE_CONFIRMATION:"fdecc",FAILED_USER_DELETION:"fdu",FAILED_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"feacft",FAILED_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"feccft",FAILED_EXCHANGE_CUSTOM_TOKEN:"fecte",FAILED_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"fede",FAILED_FEDERATED_LOGOUT:"federated_logout_failed",FAILED_EXCHANGE_NATIVE_SOCIAL_LOGIN:"fens",FAILED_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"feoobft",FAILED_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"feotpft",FAILED_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"fepft",FAILED_EXCHANGE_PASSWORDLESS_OTP_FOR_ACCESS_TOKEN:"fepotpft",FAILED_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"fercft",FAILED_EXCHANGE_ROTATING_REFRESH_TOKEN:"ferrt",FAILED_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"fertft",FAILED_HOOK:"fh",FAILED_IMPERSONATION:"fimp",FAILED_INVITE_ACCEPT:"fi",FAILED_LOGOUT:"flo",FLOWS_EXECUTION_COMPLETED:"flows_execution_completed",FLOWS_EXECUTION_FAILED:"flows_execution_failed",FAILED_SENDING_NOTIFICATION:"fn",FORMS_SUBMISSION_FAILED:"forms_submission_failed",FORMS_SUBMISSION_SUCCEEDED:"forms_submission_succeeded",FAILED_LOGIN_INCORRECT_PASSWORD:"fp",FAILED_PUSHED_AUTHORIZATION_REQUEST:"fpar",FAILED_POST_USER_REGISTRATION_HOOK:"fpurh",FAILED_SIGNUP:"fs",FAILED_SILENT_AUTH:"fsa",FAILED_LOGIN_INVALID_EMAIL_USERNAME:"fu",FAILED_USERS_IMPORT:"fui",FAILED_VERIFICATION_EMAIL:"fv",FAILED_VERIFICATION_EMAIL_REQUEST:"fvr",EMAIL_VERIFICATION_CONFIRMED:"gd_auth_email_verification",EMAIL_VERIFICATION_FAILED:"gd_auth_fail_email_verification",MFA_AUTH_FAILED:"gd_auth_failed",MFA_AUTH_REJECTED:"gd_auth_rejected",MFA_AUTH_SUCCESS:"gd_auth_succeed",MFA_ENROLLMENT_COMPLETE:"gd_enrollment_complete",TOO_MANY_MFA_FAILURES:"gd_otp_rate_limit_exceed",MFA_RECOVERY_FAILED:"gd_recovery_failed",MFA_RECOVERY_RATE_LIMIT_EXCEED:"gd_recovery_rate_limit_exceed",MFA_RECOVERY_SUCCESS:"gd_recovery_succeed",MFA_EMAIL_SENT:"gd_send_email",EMAIL_VERIFICATION_SENT:"gd_send_email_verification",EMAIL_VERIFICATION_SEND_FAILURE:"gd_send_email_verification_failure",PUSH_NOTIFICATION_SENT:"gd_send_pn",ERROR_SENDING_MFA_PUSH_NOTIFICATION:"gd_send_pn_failure",MFA_SMS_SENT:"gd_send_sms",ERROR_SENDING_MFA_SMS:"gd_send_sms_failure",MFA_VOICE_CALL_SUCCESS:"gd_send_voice",MFA_VOICE_CALL_FAILED:"gd_send_voice_failure",SECOND_FACTOR_STARTED:"gd_start_auth",MFA_ENROLL_STARTED:"gd_start_enroll",MFA_ENROLLMENT_FAILED:"gd_start_enroll_failed",GUARDIAN_TENANT_UPDATE:"gd_tenant_update",UNENROLL_DEVICE_ACCOUNT:"gd_unenroll",UPDATE_DEVICE_ACCOUNT:"gd_update_device_account",WEBAUTHN_CHALLENGE_FAILED:"gd_webauthn_challenge_failed",WEBAUTHN_ENROLLMENT_FAILED:"gd_webauthn_enrollment_failed",FAILED_KMS_API_OPERATION:"kms_key_management_failure",SUCCESS_KMS_API_OPERATION:"kms_key_management_success",KMS_KEY_STATE_CHANGED:"kms_key_state_changed",TOO_MANY_CALLS_TO_DELEGATION:"limit_delegation",BLOCKED_IP_ADDRESS:"limit_mu",BLOCKED_ACCOUNT_IP:"limit_sul",BLOCKED_ACCOUNT_EMAIL:"limit_wc",MFA_REQUIRED:"mfar",MANAGEMENT_API_READ_OPERATION:"mgmt_api_read",FAILED_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_failed",SUCCESSFUL_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_succeeded",FAILED_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_failed",SUCCESSFUL_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_succeeded",ORGANIZATION_MEMBER_ADDED:"organization_member_added",PASSKEY_CHALLENGE_FAILED:"passkey_challenge_failed",PASSKEY_CHALLENGE_STARTED:"passkey_challenge_started",PRE_LOGIN_ASSESSMENT:"pla",BREACHED_PASSWORD:"pwd_leak",BREACHED_PASSWORD_ON_RESET:"reset_pwd_leak",SUCCESS_RESOURCE_CLEANUP:"resource_cleanup",RICH_CONSENTS_ACCESS_ERROR:"rich_consents_access_error",SUCCESS_LOGIN:"s",SUCCESS_API_OPERATION:"sapi",SUCCESS_CHANGE_EMAIL:"sce",SUCCESS_CROSS_ORIGIN_AUTHENTICATION:"scoa",SUCCESS_CHANGE_PASSWORD:"scp",SUCCESS_CHANGE_PHONE_NUMBER:"scpn",SUCCESS_CHANGE_PASSWORD_REQUEST:"scpr",SUCCESS_CHANGE_USERNAME:"scu",SUCCESS_CREDENTIAL_VALIDATION:"scv",SUCCESS_DELEGATION:"sd",SUCCESS_USER_DELETION:"sdu",SUCCESS_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"seacft",SUCCESS_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"seccft",SUCCESS_EXCHANGE_CUSTOM_TOKEN:"secte",SUCCESS_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"sede",SUCCESS_EXCHANGE_NATIVE_SOCIAL_LOGIN:"sens",SUCCESS_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"seoobft",SUCCESS_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"seotpft",SUCCESS_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"sepft",SUCCESS_EXCHANGE_PASSKEY_OOB_FOR_ACCESS_TOKEN:"sepkoobft",SUCCESS_EXCHANGE_PASSKEY_OTP_FOR_ACCESS_TOKEN:"sepkotpft",SUCCESS_EXCHANGE_PASSKEY_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sepkrcft",SUCCESS_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sercft",SUCCESS_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"sertft",SUCCESS_IMPERSONATION:"simp",SUCCESSFULLY_ACCEPTED_USER_INVITE:"si",BREACHED_PASSWORD_ON_SIGNUP:"signup_pwd_leak",SUCCESS_LOGOUT:"slo",SUCCESS_REVOCATION:"srrt",SUCCESS_SIGNUP:"ss",FAILED_SS_SSO_OPERATION:"ss_sso_failure",INFORMATION_FROM_SS_SSO_OPERATION:"ss_sso_info",SUCCESS_SS_SSO_OPERATION:"ss_sso_success",SUCCESS_SILENT_AUTH:"ssa",SUCCESSFUL_SCIM_OPERATION:"sscim",SUCCESSFULLY_IMPORTED_USERS:"sui",SUCCESS_VERIFICATION_EMAIL:"sv",SUCCESS_VERIFICATION_EMAIL_REQUEST:"svr",MAX_AMOUNT_OF_AUTHENTICATORS:"too_many_records",USER_LOGIN_BLOCK_RELEASED:"ublkdu",FAILED_UNIVERSAL_LOGOUT:"universal_logout_failed",SUCCESSFUL_UNIVERSAL_LOGOUT:"universal_logout_succeeded",WARNING_DURING_LOGIN:"w",WARNING_SENDING_NOTIFICATION:"wn",WARNING_USER_MANAGEMENT:"wum"},Mt=e.z.string().refine(o=>Object.values(Ue).includes(o),{message:"Invalid log type"}),Fe=e.z.object({name:e.z.string(),version:e.z.string(),env:e.z.object({node:e.z.string().optional()}).optional()}),xe=e.z.object({country_code:e.z.string().length(2),city_name:e.z.string(),latitude:e.z.string(),longitude:e.z.string(),time_zone:e.z.string(),continent_code:e.z.string()}),Pe=e.z.object({type:Mt,date:e.z.string(),description:e.z.string().optional(),ip:e.z.string().optional(),user_agent:e.z.string().optional(),details:e.z.any().optional(),isMobile:e.z.boolean(),user_id:e.z.string().optional(),user_name:e.z.string().optional(),connection:e.z.string().optional(),connection_id:e.z.string().optional(),client_id:e.z.string().optional(),client_name:e.z.string().optional(),audience:e.z.string().optional(),scope:e.z.string().optional(),strategy:e.z.string().optional(),strategy_type:e.z.string().optional(),hostname:e.z.string().optional(),auth0_client:Fe.optional(),log_id:e.z.string().optional(),location_info:xe.optional()}),Ht=e.z.object({...Pe.shape,log_id:e.z.string()}),Me=e.z.object({id:e.z.string().optional(),user_id:e.z.string(),password:e.z.string(),algorithm:e.z.enum(["bcrypt","argon2id"]).default("argon2id"),is_current:e.z.boolean().default(!0)}),Gt=Me.extend({id:e.z.string(),created_at:e.z.string(),updated_at:e.z.string()}),He=e.z.object({initial_user_agent:e.z.string().describe("First user agent of the device from which this user logged in"),initial_ip:e.z.string().describe("First IP address associated with this session"),initial_asn:e.z.string().describe("First autonomous system number associated with this session"),last_user_agent:e.z.string().describe("Last user agent of the device from which this user logged in"),last_ip:e.z.string().describe("Last IP address from which this user logged in"),last_asn:e.z.string().describe("Last autonomous system number from which this user logged in")}),Ge=e.z.object({id:e.z.string(),revoked_at:e.z.string().optional(),used_at:e.z.string().optional(),user_id:e.z.string().describe("The user ID associated with the session"),expires_at:e.z.string().optional(),login_session_id:e.z.string(),idle_expires_at:e.z.string().optional(),device:He.describe("Metadata related to the device used in the session"),clients:e.z.array(e.z.string()).describe("List of client details for the session")}),Bt=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),authenticated_at:e.z.string(),last_interaction_at:e.z.string(),...Ge.shape}),Wt=e.z.object({kid:e.z.string().openapi({description:"The key id of the signing key"}),cert:e.z.string().openapi({description:"The public certificate of the signing key"}),fingerprint:e.z.string().openapi({description:"The cert fingerprint"}),thumbprint:e.z.string().openapi({description:"The cert thumbprint"}),pkcs7:e.z.string().optional().openapi({description:"The private key in pkcs7 format"}),current:e.z.boolean().optional().openapi({description:"True if the key is the current key"}),next:e.z.boolean().optional().openapi({description:"True if the key is the next key"}),previous:e.z.boolean().optional().openapi({description:"True if the key is the previous key"}),current_since:e.z.string().optional().openapi({description:"The date and time when the key became the current key"}),current_until:e.z.string().optional().openapi({description:"The date and time when the current key was rotated"}),revoked:e.z.boolean().optional().openapi({description:"True if the key is revoked"}),revoked_at:e.z.string().optional().openapi({description:"The date and time when the key was revoked"}),connection:e.z.string().optional().openapi({description:"The connection identifier associated with the key"}),type:e.z.enum(["jwt_signing","saml_encryption"]).openapi({description:"The type of the signing key"})}),Be=e.z.object({id:e.z.string().optional(),audience:e.z.string(),friendly_name:e.z.string(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sender_email:e.z.string().email(),sender_name:e.z.string(),session_lifetime:e.z.number().optional(),idle_session_lifetime:e.z.number().optional(),ephemeral_session_lifetime:e.z.number().optional(),idle_ephemeral_session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),allowed_logout_urls:e.z.array(e.z.string()).optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_changing_enable_sso:e.z.boolean().optional(),allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),change_pwd_flow_v1:e.z.boolean().optional(),custom_domains_provisioning:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),disable_impersonation:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),enable_sso:e.z.boolean().optional(),enforce_client_authentication_on_passwordless_start:e.z.boolean().optional(),genai_trial:e.z.boolean().optional(),improved_signup_bot_detection_in_classic:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional(),no_disclose_enterprise_connections:e.z.boolean().optional(),remove_alg_from_jwks:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),trust_azure_adfs_email_verified_connection_property:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),inherit_global_permissions_in_organizations:e.z.boolean().optional()}).optional(),sandbox_version:e.z.string().optional(),legacy_sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),device_flow:e.z.object({charset:e.z.enum(["base20","digits"]).optional(),mask:e.z.string().max(20).optional()}).optional(),default_token_quota:e.z.object({clients:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional(),organizations:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),oidc_logout:e.z.object({rp_logout_end_session_endpoint_discovery:e.z.boolean().optional()}).optional(),allow_organization_name_in_authentication_api:e.z.boolean().optional(),customize_mfa_in_postlogin_action:e.z.boolean().optional(),acr_values_supported:e.z.array(e.z.string()).optional(),mtls:e.z.object({enable_endpoint_aliases:e.z.boolean().optional()}).optional(),pushed_authorization_requests_supported:e.z.boolean().optional(),authorization_response_iss_parameter_supported:e.z.boolean().optional(),mfa:e.z.object({policy:e.z.enum(["never","always"]).default("never").optional(),factors:e.z.object({sms:e.z.boolean().default(!1),otp:e.z.boolean().default(!1),email:e.z.boolean().default(!1),push_notification:e.z.boolean().default(!1),webauthn_roaming:e.z.boolean().default(!1),webauthn_platform:e.z.boolean().default(!1),recovery_code:e.z.boolean().default(!1),duo:e.z.boolean().default(!1)}).optional(),sms_provider:e.z.object({provider:e.z.enum(["twilio","vonage","aws_sns","phone_message_hook"]).optional()}).optional(),twilio:e.z.object({sid:e.z.string().optional(),auth_token:e.z.string().optional(),from:e.z.string().optional(),messaging_service_sid:e.z.string().optional()}).optional(),phone_message:e.z.object({message:e.z.string().optional()}).optional()}).optional()}),Kt=e.z.object({created_at:e.z.string().nullable().transform(o=>o??""),updated_at:e.z.string().nullable().transform(o=>o??""),...Be.shape,id:e.z.string()});var We=(o=>(o.RefreshToken="refresh_token",o.AuthorizationCode="authorization_code",o.ClientCredential="client_credentials",o.Passwordless="passwordless",o.Password="password",o.OTP="http://auth0.com/oauth/grant-type/passwordless/otp",o))(We||{});const qt=e.z.object({access_token:e.z.string(),id_token:e.z.string().optional(),scope:e.z.string().optional(),state:e.z.string().optional(),refresh_token:e.z.string().optional(),token_type:e.z.string(),expires_in:e.z.number()});e.z.object({code:e.z.string(),state:e.z.string().optional()});const Ke=e.z.object({button_border_radius:e.z.number(),button_border_weight:e.z.number(),buttons_style:e.z.enum(["pill","rounded","sharp"]),input_border_radius:e.z.number(),input_border_weight:e.z.number(),inputs_style:e.z.enum(["pill","rounded","sharp"]),show_widget_shadow:e.z.boolean(),widget_border_weight:e.z.number(),widget_corner_radius:e.z.number()}),qe=e.z.object({base_focus_color:e.z.string(),base_hover_color:e.z.string(),body_text:e.z.string(),captcha_widget_theme:e.z.enum(["auto","dark","light"]),error:e.z.string(),header:e.z.string(),icons:e.z.string(),input_background:e.z.string(),input_border:e.z.string(),input_filled_text:e.z.string(),input_labels_placeholders:e.z.string(),links_focused_components:e.z.string(),primary_button:e.z.string(),primary_button_label:e.z.string(),secondary_button_border:e.z.string(),secondary_button_label:e.z.string(),success:e.z.string(),widget_background:e.z.string(),widget_border:e.z.string()}),_=e.z.object({bold:e.z.boolean(),size:e.z.number()}),Ve=e.z.object({body_text:_,buttons_text:_,font_url:e.z.string(),input_labels:_,links:_,links_style:e.z.enum(["normal","underlined"]),reference_text_size:e.z.number(),subtitle:_,title:_}),Xe=e.z.object({background_color:e.z.string(),background_image_url:e.z.string(),page_layout:e.z.enum(["center","left","right"])}),Ye=e.z.object({header_text_alignment:e.z.enum(["center","left","right"]),logo_height:e.z.number(),logo_position:e.z.enum(["center","left","none","right"]),logo_url:e.z.string(),social_buttons_layout:e.z.enum(["bottom","top"])}),Qe=e.z.object({borders:Ke,colors:qe,displayName:e.z.string(),fonts:Ve,page_background:Xe,widget:Ye}),Vt=Qe.extend({themeId:e.z.string()}),Xt=e.z.object({universal_login_experience:e.z.enum(["new","classic"]).default("new"),identifier_first:e.z.boolean().default(!0),password_first:e.z.boolean().default(!1),webauthn_platform_first_factor:e.z.boolean()}),Yt=e.z.object({name:e.z.string(),enabled:e.z.boolean().optional().default(!0),default_from_address:e.z.string().optional(),credentials:e.z.union([e.z.object({accessKeyId:e.z.string(),secretAccessKey:e.z.string(),region:e.z.string()}),e.z.object({smtp_host:e.z.array(e.z.string()),smtp_port:e.z.number(),smtp_user:e.z.string(),smtp_pass:e.z.string()}),e.z.object({api_key:e.z.string(),domain:e.z.string().optional()}),e.z.object({connectionString:e.z.string()}),e.z.object({tenantId:e.z.string(),clientId:e.z.string(),clientSecret:e.z.string()})]),settings:e.z.object({}).optional()}),Ze=e.z.object({id:e.z.string(),login_id:e.z.string(),user_id:e.z.string(),client_id:e.z.string(),expires_at:e.z.string().optional(),idle_expires_at:e.z.string().optional(),last_exchanged_at:e.z.string().optional(),device:He,resource_servers:e.z.array(e.z.object({audience:e.z.string(),scopes:e.z.string()})),rotating:e.z.boolean()}),Qt=e.z.object({created_at:e.z.string(),...Ze.shape}),Zt=e.z.object({to:e.z.string(),message:e.z.string()}),$t=e.z.object({name:e.z.string(),options:e.z.object({})}),$e=e.z.object({value:e.z.string(),description:e.z.string().optional()}),Je=e.z.object({token_dialect:e.z.enum(["access_token","access_token_authz"]).optional(),enforce_policies:e.z.boolean().optional(),allow_skipping_userinfo:e.z.boolean().optional(),skip_userinfo:e.z.boolean().optional(),persist_client_authorization:e.z.boolean().optional(),enable_introspection_endpoint:e.z.boolean().optional(),mtls:e.z.object({bound_access_tokens:e.z.boolean().optional()}).optional()}),eo=e.z.object({id:e.z.string().optional(),name:e.z.string(),identifier:e.z.string(),scopes:e.z.array($e).optional(),signing_alg:e.z.string().optional(),signing_secret:e.z.string().optional(),token_lifetime:e.z.number().optional(),token_lifetime_for_web:e.z.number().optional(),skip_consent_for_verifiable_first_party_clients:e.z.boolean().optional(),allow_offline_access:e.z.boolean().optional(),verificationKey:e.z.string().optional(),options:Je.optional(),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional()}),oo=e.z.object({...eo.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),Jt=e.z.array(oo),to=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string()}),no=e.z.object({...to.shape,created_at:e.z.string()}),en=e.z.array(no),io=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string(),organization_id:e.z.string().optional()}),ao=e.z.object({...io.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),on=e.z.array(ao),so=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional(),organization_id:e.z.string().optional()}),tn=e.z.array(so),ro=e.z.object({user_id:e.z.string(),role_id:e.z.string(),organization_id:e.z.string().optional()}),lo=e.z.object({...ro.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),nn=e.z.array(lo),co=e.z.object({id:e.z.string().optional().openapi({description:"The unique identifier of the role. If not provided, one will be generated."}),name:e.z.string().min(1).max(50).openapi({description:"The name of the role. Cannot include '<' or '>'"}),description:e.z.string().max(255).optional().openapi({description:"The description of the role"}),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional().openapi({description:"Metadata associated with the role. Can be used to control sync behavior in multi-tenancy scenarios."})}),po=co.extend({id:e.z.string().openapi({description:"The unique identifier of the role"}),created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),an=e.z.array(po),_o=e.z.object({logo_url:e.z.string().optional().openapi({description:"URL of the organization's logo"}),colors:e.z.object({primary:e.z.string().optional().openapi({description:"Primary color in hex format (e.g., #FF0000)"}),page_background:e.z.string().optional().openapi({description:"Page background color in hex format (e.g., #FFFFFF)"})}).optional()}).optional(),zo=e.z.object({connection_id:e.z.string().openapi({description:"ID of the connection"}),assign_membership_on_login:e.z.boolean().default(!1).openapi({description:"Whether to assign membership to the organization on login"}),show_as_button:e.z.boolean().default(!0).openapi({description:"Whether to show this connection as a button in the login screen"}),is_signup_enabled:e.z.boolean().default(!0).openapi({description:"Whether signup is enabled for this connection"})}),go=e.z.object({client_credentials:e.z.object({enforce:e.z.boolean().default(!1).openapi({description:"Whether to enforce token quota limits"}),per_day:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per day (0 = unlimited)"}),per_hour:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per hour (0 = unlimited)"})}).optional()}).optional(),mo=e.z.object({id:e.z.string().optional(),name:e.z.string().min(1).regex(/^[a-z0-9_-]+$/,{message:"Organization name must be lowercase and can only contain letters, numbers, hyphens, and underscores"}).openapi({description:"The name of the organization. Must be lowercase and can only contain letters, numbers, hyphens, and underscores."}),display_name:e.z.string().optional().openapi({description:"The display name of the organization"}),branding:_o,metadata:e.z.record(e.z.any()).default({}).optional().openapi({description:"Custom metadata for the organization"}),enabled_connections:e.z.array(zo).default([]).optional().openapi({description:"List of enabled connections for the organization"}),token_quota:go}),sn=e.z.object({...mo.shape,...r.shape,id:e.z.string(),name:e.z.string().min(1).openapi({description:"The name of the organization"})}),uo=e.z.object({user_id:e.z.string().openapi({description:"ID of the user"}),organization_id:e.z.string().openapi({description:"ID of the organization"})}),rn=e.z.object({...uo.shape,...r.shape,id:e.z.string()}),ln=e.z.object({idle_session_lifetime:e.z.number().optional(),session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),enable_client_connections:e.z.boolean().optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional()}).optional(),friendly_name:e.z.string().optional(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),mfa:e.z.object({policy:e.z.enum(["never","always"]).default("never").optional(),factors:e.z.object({sms:e.z.boolean().default(!1),otp:e.z.boolean().default(!1),email:e.z.boolean().default(!1),push_notification:e.z.boolean().default(!1),webauthn_roaming:e.z.boolean().default(!1),webauthn_platform:e.z.boolean().default(!1),recovery_code:e.z.boolean().default(!1),duo:e.z.boolean().default(!1)}).optional(),sms_provider:e.z.object({provider:e.z.enum(["twilio","vonage","aws_sns","phone_message_hook"]).optional()}).optional(),twilio:e.z.object({sid:e.z.string().optional(),auth_token:e.z.string().optional(),from:e.z.string().optional(),messaging_service_sid:e.z.string().optional()}).optional(),phone_message:e.z.object({message:e.z.string().optional()}).optional()}).optional()}),cn=e.z.object({date:e.z.string().openapi({description:"Date these events occurred in ISO 8601 format",example:"2025-12-19"}),logins:e.z.number().openapi({description:"Number of logins on this date",example:150}),signups:e.z.number().openapi({description:"Number of signups on this date",example:25}),leaked_passwords:e.z.number().openapi({description:"Number of breached-password detections on this date (subscription required)",example:0}),updated_at:e.z.string().openapi({description:"Date and time this stats entry was last updated in ISO 8601 format",example:"2025-12-19T10:30:00.000Z"}),created_at:e.z.string().openapi({description:"Approximate date and time the first event occurred in ISO 8601 format",example:"2025-12-19T00:00:00.000Z"})}),pn=e.z.number().openapi({description:"Number of active users in the last 30 days",example:1234}),ho=e.z.enum(["login","login-id","login-password","signup","signup-id","signup-password","reset-password","consent","mfa","mfa-push","mfa-otp","mfa-voice","mfa-phone","mfa-webauthn","mfa-email","mfa-recovery-code","status","device-flow","email-verification","email-otp-challenge","organizations","invitation","common","passkeys","captcha","custom-form","login-passwordless","mfa-login-options"]),bo=e.z.record(e.z.string(),e.z.record(e.z.string(),e.z.string())).openapi({type:"object",additionalProperties:{type:"object",additionalProperties:{type:"string"}}}),_n=e.z.object({prompt:ho,language:e.z.string(),custom_text:bo}),dn={EMAIL:"email",SMS:"sms",USERNAME_PASSWORD:"Username-Password-Authentication",GOOGLE_OAUTH2:"google-oauth2",APPLE:"apple",FACEBOOK:"facebook",GITHUB:"github",MICROSOFT:"microsoft",VIPPS:"vipps",OIDC:"oidc",OAUTH2:"oauth2",SAMLP:"samlp",WAAD:"waad",ADFS:"adfs"},zn={DATABASE:"database",SOCIAL:"social",PASSWORDLESS:"passwordless"},fo=e.z.enum(["phone","totp","email","push","webauthn-roaming","webauthn-platform","passkey"]),So=e.z.object({user_id:e.z.string(),type:fo,phone_number:e.z.string().optional(),totp_secret:e.z.string().optional(),credential_id:e.z.string().optional(),public_key:e.z.string().optional(),sign_count:e.z.number().int().nonnegative().optional(),credential_backed_up:e.z.boolean().optional(),transports:e.z.array(e.z.string()).optional(),friendly_name:e.z.string().optional(),confirmed:e.z.boolean().default(!1)});function Eo(o,t){o.type==="phone"&&!o.phone_number&&t.addIssue({code:e.z.ZodIssueCode.custom,message:"phone_number is required when type is 'phone'",path:["phone_number"]}),o.type==="totp"&&!o.totp_secret&&t.addIssue({code:e.z.ZodIssueCode.custom,message:"totp_secret is required when type is 'totp'",path:["totp_secret"]}),["webauthn-roaming","webauthn-platform","passkey"].includes(o.type)&&(o.credential_id||t.addIssue({code:e.z.ZodIssueCode.custom,message:`credential_id is required when type is '${o.type}'`,path:["credential_id"]}),o.public_key||t.addIssue({code:e.z.ZodIssueCode.custom,message:`public_key is required when type is '${o.type}'`,path:["public_key"]}))}const gn=So.superRefine(Eo),mn=e.z.object({...So.shape,id:e.z.string(),created_at:e.z.string(),updated_at:e.z.string()}).superRefine(Eo);function un(o){const[t,i]=o.split("|");if(!t||!i)throw new Error(`Invalid user_id: ${o}`);return{connection:t,id:i}}function hn(o){const{primary:t,secondaries:i,syncMethods:k=["create","update","remove","delete","set"]}=o,f={get(c,a){if(typeof a=="symbol")return c[a];const p=c[a];return typeof p!="function"?p:k.includes(a)?async(...z)=>{const S=await p.apply(c,z),g=[];for(const s of i){const u=s.adapter[a];if(typeof u!="function")continue;const E=(async()=>{try{await u.apply(s.adapter,z)}catch(h){try{s.onError?s.onError(h,a,z):console.error(`Passthrough adapter: secondary write failed for ${a}:`,h)}catch(A){console.error(`Passthrough adapter: onError handler threw for ${a}:`,A)}}})();s.blocking&&g.push(E)}return g.length>0&&await Promise.all(g),S}:p.bind(c)}};return new Proxy(t,f)}function bn(o){return o}function fn(o){var f,c,a,p,z,S,g,s,u,E,h,A;const t=o==null?void 0:o.options;if(!t)return{usernameIdentifierActive:!1,emailIdentifierActive:!0,usernameMinLength:1,usernameMaxLength:15};const i=t.attributes;if(i){const Ao=((c=(f=i.username)==null?void 0:f.identifier)==null?void 0:c.active)===!0,Io=((p=(a=i.email)==null?void 0:a.identifier)==null?void 0:p.active)!==!1,yo=((S=(z=i.username)==null?void 0:z.validation)==null?void 0:S.min_length)??1,Co=((s=(g=i.username)==null?void 0:g.validation)==null?void 0:s.max_length)??15;return{usernameIdentifierActive:Ao,emailIdentifierActive:Io,usernameMinLength:yo,usernameMaxLength:Co}}return{usernameIdentifierActive:t.requires_username===!0,emailIdentifierActive:!0,usernameMinLength:((E=(u=t.validation)==null?void 0:u.username)==null?void 0:E.min)??1,usernameMaxLength:((A=(h=t.validation)==null?void 0:h.username)==null?void 0:A.max)??15}}exports.Auth0ActionEnum=Oo;exports.Auth0Client=Fe;exports.AuthorizationResponseMode=N;exports.AuthorizationResponseType=O;exports.CodeChallengeMethod=w;exports.ComponentCategory=T;exports.ComponentType=C;exports.EmailActionEnum=No;exports.FORM_FIELD_TYPES=ht;exports.FlowActionTypeEnum=To;exports.GrantType=We;exports.LocationInfo=xe;exports.LogTypes=Ue;exports.LoginSessionState=v;exports.NodeType=ne;exports.RedirectTargetEnum=P;exports.Strategy=dn;exports.StrategyType=zn;exports.actionNodeSchema=se;exports.activeUsersResponseSchema=pn;exports.addressSchema=K;exports.auth0FlowInsertSchema=xo;exports.auth0FlowSchema=_e;exports.auth0QuerySchema=Ro;exports.auth0UpdateUserActionSchema=F;exports.auth0UserResponseSchema=Do;exports.authParamsSchema=de;exports.authenticationMethodInsertSchema=gn;exports.authenticationMethodSchema=mn;exports.authenticationMethodTypeSchema=fo;exports.baseUserSchema=y;exports.blockComponentSchema=Se;exports.bordersSchema=Ke;exports.brandingSchema=Po;exports.buttonComponentSchema=$;exports.clientGrantInsertSchema=Y;exports.clientGrantListSchema=Fo;exports.clientGrantSchema=Q;exports.clientInsertSchema=X;exports.clientSchema=Uo;exports.codeInsertSchema=ge;exports.codeSchema=Mo;exports.codeTypeSchema=ze;exports.colorsSchema=qe;exports.componentMessageSchema=Ce;exports.componentSchema=te;exports.connectionInsertSchema=ue;exports.connectionOptionsSchema=me;exports.connectionSchema=Ho;exports.coordinatesSchema=d;exports.createPassthroughAdapter=hn;exports.createWriteOnlyAdapter=bn;exports.customDomainInsertSchema=he;exports.customDomainSchema=fe;exports.customDomainWithTenantIdSchema=Go;exports.customTextEntrySchema=_n;exports.customTextSchema=bo;exports.dailyStatsSchema=cn;exports.emailProviderSchema=Yt;exports.emailVerificationRulesSchema=U;exports.emailVerifyActionSchema=x;exports.endingSchema=pe;exports.fieldComponentSchema=Ae;exports.flowActionStepSchema=H;exports.flowInsertSchema=G;exports.flowSchema=wo;exports.flowsFieldComponentSchema=ee;exports.flowsFlowNodeSchema=ae;exports.flowsStepNodeSchema=ie;exports.fontDetailsSchema=_;exports.fontsSchema=Ve;exports.formControlSchema=bt;exports.formInsertSchema=ye;exports.formNodeComponentDefinition=D;exports.formNodeSchema=Ie;exports.formSchema=At;exports.genericComponentSchema=oe;exports.genericNodeSchema=re;exports.getConnectionIdentifierConfig=fn;exports.hookInsertSchema=jt;exports.hookSchema=kt;exports.hookTemplateId=L;exports.hookTemplates=Ot;exports.identitySchema=W;exports.inviteInsertSchema=De;exports.inviteSchema=Ut;exports.inviteeSchema=je;exports.inviterSchema=Re;exports.isBlockComponent=yt;exports.isFieldComponent=Tt;exports.isWidgetComponent=Ct;exports.jwksKeySchema=Ft;exports.jwksSchema=Le;exports.legalComponentSchema=J;exports.logInsertSchema=Pe;exports.logSchema=Ht;exports.loginSessionInsertSchema=ke;exports.loginSessionSchema=Pt;exports.loginSessionStateSchema=ve;exports.nodeSchema=le;exports.openIDConfigurationSchema=xt;exports.organizationBrandingSchema=_o;exports.organizationEnabledConnectionSchema=zo;exports.organizationInsertSchema=mo;exports.organizationSchema=sn;exports.organizationTokenQuotaSchema=go;exports.pageBackgroundSchema=Xe;exports.parseUserId=un;exports.passwordInsertSchema=Me;exports.passwordSchema=Gt;exports.profileDataSchema=B;exports.promptScreenSchema=ho;exports.promptSettingSchema=Xt;exports.redirectActionSchema=M;exports.refreshTokenInsertSchema=Ze;exports.refreshTokenSchema=Qt;exports.resourceServerInsertSchema=eo;exports.resourceServerListSchema=Jt;exports.resourceServerOptionsSchema=Je;exports.resourceServerSchema=oo;exports.resourceServerScopeSchema=$e;exports.richTextComponentSchema=Z;exports.roleInsertSchema=co;exports.roleListSchema=an;exports.rolePermissionInsertSchema=to;exports.rolePermissionListSchema=en;exports.rolePermissionSchema=no;exports.roleSchema=po;exports.screenLinkSchema=Te;exports.sessionInsertSchema=Ge;exports.sessionSchema=Bt;exports.signingKeySchema=Wt;exports.smsProviderSchema=$t;exports.smsSendParamsSchema=Zt;exports.startSchema=ce;exports.tenantInsertSchema=Be;exports.tenantSchema=Kt;exports.tenantSettingsSchema=ln;exports.themeInsertSchema=Qe;exports.themeSchema=Vt;exports.tokenResponseSchema=qt;exports.totalsSchema=jo;exports.uiScreenSchema=It;exports.userInsertSchema=q;exports.userOrganizationInsertSchema=uo;exports.userOrganizationSchema=rn;exports.userPermissionInsertSchema=io;exports.userPermissionListSchema=on;exports.userPermissionSchema=ao;exports.userPermissionWithDetailsListSchema=tn;exports.userPermissionWithDetailsSchema=so;exports.userResponseSchema=Lo;exports.userRoleInsertSchema=ro;exports.userRoleListSchema=nn;exports.userRoleSchema=lo;exports.userSchema=V;exports.verificationMethodsSchema=be;exports.widgetComponentSchema=Ee;exports.widgetSchema=Ye;
package/dist/adapter-interfaces.d.ts CHANGED
@@ -47240,7 +47240,8 @@ export declare const promptScreenSchema: z.ZodEnum<[
47240
47240
  "passkeys",
47241
47241
  "captcha",
47242
47242
  "custom-form",
47243
- "login-passwordless"
47243
+ "login-passwordless",
47244
+ "mfa-login-options"
47244
47245
  ]>;
47245
47246
  export type PromptScreen = z.infer<typeof promptScreenSchema>;
47246
47247
  /**
@@ -47281,16 +47282,17 @@ export declare const customTextEntrySchema: z.ZodObject<{
47281
47282
  "passkeys",
47282
47283
  "captcha",
47283
47284
  "custom-form",
47284
- "login-passwordless"
47285
+ "login-passwordless",
47286
+ "mfa-login-options"
47285
47287
  ]>;
47286
47288
  language: z.ZodString;
47287
47289
  custom_text: z.ZodRecord<z.ZodString, z.ZodRecord<z.ZodString, z.ZodString>>;
47288
47290
  }, "strip", z.ZodTypeAny, {
47289
- prompt: "status" | "signup" | "organizations" | "mfa" | "login" | "login-id" | "login-password" | "signup-id" | "signup-password" | "reset-password" | "consent" | "mfa-push" | "mfa-otp" | "mfa-voice" | "mfa-phone" | "mfa-webauthn" | "mfa-email" | "mfa-recovery-code" | "device-flow" | "email-verification" | "email-otp-challenge" | "invitation" | "common" | "passkeys" | "captcha" | "custom-form" | "login-passwordless";
47291
+ prompt: "status" | "signup" | "organizations" | "mfa" | "login" | "login-id" | "login-password" | "signup-id" | "signup-password" | "reset-password" | "consent" | "mfa-push" | "mfa-otp" | "mfa-voice" | "mfa-phone" | "mfa-webauthn" | "mfa-email" | "mfa-recovery-code" | "device-flow" | "email-verification" | "email-otp-challenge" | "invitation" | "common" | "passkeys" | "captcha" | "custom-form" | "login-passwordless" | "mfa-login-options";
47290
47292
  language: string;
47291
47293
  custom_text: Record<string, Record<string, string>>;
47292
47294
  }, {
47293
- prompt: "status" | "signup" | "organizations" | "mfa" | "login" | "login-id" | "login-password" | "signup-id" | "signup-password" | "reset-password" | "consent" | "mfa-push" | "mfa-otp" | "mfa-voice" | "mfa-phone" | "mfa-webauthn" | "mfa-email" | "mfa-recovery-code" | "device-flow" | "email-verification" | "email-otp-challenge" | "invitation" | "common" | "passkeys" | "captcha" | "custom-form" | "login-passwordless";
47295
+ prompt: "status" | "signup" | "organizations" | "mfa" | "login" | "login-id" | "login-password" | "signup-id" | "signup-password" | "reset-password" | "consent" | "mfa-push" | "mfa-otp" | "mfa-voice" | "mfa-phone" | "mfa-webauthn" | "mfa-email" | "mfa-recovery-code" | "device-flow" | "email-verification" | "email-otp-challenge" | "invitation" | "common" | "passkeys" | "captcha" | "custom-form" | "login-passwordless" | "mfa-login-options";
47294
47296
  language: string;
47295
47297
  custom_text: Record<string, Record<string, string>>;
47296
47298
  }>;
@@ -47316,53 +47318,88 @@ export declare const StrategyType: {
47316
47318
  readonly SOCIAL: "social";
47317
47319
  readonly PASSWORDLESS: "passwordless";
47318
47320
  };
47319
- export declare const mfaEnrollmentTypeSchema: z.ZodEnum<[
47321
+ export declare const authenticationMethodTypeSchema: z.ZodEnum<[
47320
47322
  "phone",
47321
47323
  "totp",
47322
47324
  "email",
47323
47325
  "push",
47324
- "webauthn"
47326
+ "webauthn-roaming",
47327
+ "webauthn-platform",
47328
+ "passkey"
47325
47329
  ]>;
47326
- export type MfaEnrollmentType = z.infer<typeof mfaEnrollmentTypeSchema>;
47327
- export declare const mfaEnrollmentInsertSchema: z.ZodEffects<z.ZodObject<{
47330
+ export type AuthenticationMethodType = z.infer<typeof authenticationMethodTypeSchema>;
47331
+ export declare const authenticationMethodInsertSchema: z.ZodEffects<z.ZodObject<{
47328
47332
  user_id: z.ZodString;
47329
47333
  type: z.ZodEnum<[
47330
47334
  "phone",
47331
47335
  "totp",
47332
47336
  "email",
47333
47337
  "push",
47334
- "webauthn"
47338
+ "webauthn-roaming",
47339
+ "webauthn-platform",
47340
+ "passkey"
47335
47341
  ]>;
47336
47342
  phone_number: z.ZodOptional<z.ZodString>;
47337
47343
  totp_secret: z.ZodOptional<z.ZodString>;
47344
+ credential_id: z.ZodOptional<z.ZodString>;
47345
+ public_key: z.ZodOptional<z.ZodString>;
47346
+ sign_count: z.ZodOptional<z.ZodNumber>;
47347
+ credential_backed_up: z.ZodOptional<z.ZodBoolean>;
47348
+ transports: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
47349
+ friendly_name: z.ZodOptional<z.ZodString>;
47338
47350
  confirmed: z.ZodDefault<z.ZodBoolean>;
47339
47351
  }, "strip", z.ZodTypeAny, {
47340
- type: "push" | "email" | "phone" | "totp" | "webauthn";
47352
+ type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
47341
47353
  user_id: string;
47342
47354
  confirmed: boolean;
47343
47355
  phone_number?: string | undefined;
47356
+ friendly_name?: string | undefined;
47344
47357
  totp_secret?: string | undefined;
47358
+ credential_id?: string | undefined;
47359
+ public_key?: string | undefined;
47360
+ sign_count?: number | undefined;
47361
+ credential_backed_up?: boolean | undefined;
47362
+ transports?: string[] | undefined;
47345
47363
  }, {
47346
- type: "push" | "email" | "phone" | "totp" | "webauthn";
47364
+ type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
47347
47365
  user_id: string;
47348
47366
  phone_number?: string | undefined;
47367
+ friendly_name?: string | undefined;
47349
47368
  totp_secret?: string | undefined;
47369
+ credential_id?: string | undefined;
47370
+ public_key?: string | undefined;
47371
+ sign_count?: number | undefined;
47372
+ credential_backed_up?: boolean | undefined;
47373
+ transports?: string[] | undefined;
47350
47374
  confirmed?: boolean | undefined;
47351
47375
  }>, {
47352
- type: "push" | "email" | "phone" | "totp" | "webauthn";
47376
+ type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
47353
47377
  user_id: string;
47354
47378
  confirmed: boolean;
47355
47379
  phone_number?: string | undefined;
47380
+ friendly_name?: string | undefined;
47356
47381
  totp_secret?: string | undefined;
47382
+ credential_id?: string | undefined;
47383
+ public_key?: string | undefined;
47384
+ sign_count?: number | undefined;
47385
+ credential_backed_up?: boolean | undefined;
47386
+ transports?: string[] | undefined;
47357
47387
  }, {
47358
- type: "push" | "email" | "phone" | "totp" | "webauthn";
47388
+ type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
47359
47389
  user_id: string;
47360
47390
  phone_number?: string | undefined;
47391
+ friendly_name?: string | undefined;
47361
47392
  totp_secret?: string | undefined;
47393
+ credential_id?: string | undefined;
47394
+ public_key?: string | undefined;
47395
+ sign_count?: number | undefined;
47396
+ credential_backed_up?: boolean | undefined;
47397
+ transports?: string[] | undefined;
47362
47398
  confirmed?: boolean | undefined;
47363
47399
  }>;
47364
- export type MfaEnrollmentInsert = z.infer<typeof mfaEnrollmentInsertSchema>;
47365
- export declare const mfaEnrollmentSchema: z.ZodEffects<z.ZodObject<{
47400
+ export type AuthenticationMethodInsert = z.infer<typeof authenticationMethodInsertSchema>;
47401
+ export type AuthenticationMethodUpdate = Partial<Omit<AuthenticationMethodInsert, "user_id" | "type">>;
47402
+ export declare const authenticationMethodSchema: z.ZodEffects<z.ZodObject<{
47366
47403
  id: z.ZodString;
47367
47404
  created_at: z.ZodString;
47368
47405
  updated_at: z.ZodString;
@@ -47372,49 +47409,81 @@ export declare const mfaEnrollmentSchema: z.ZodEffects<z.ZodObject<{
47372
47409
  "totp",
47373
47410
  "email",
47374
47411
  "push",
47375
- "webauthn"
47412
+ "webauthn-roaming",
47413
+ "webauthn-platform",
47414
+ "passkey"
47376
47415
  ]>;
47377
47416
  phone_number: z.ZodOptional<z.ZodString>;
47378
47417
  totp_secret: z.ZodOptional<z.ZodString>;
47418
+ credential_id: z.ZodOptional<z.ZodString>;
47419
+ public_key: z.ZodOptional<z.ZodString>;
47420
+ sign_count: z.ZodOptional<z.ZodNumber>;
47421
+ credential_backed_up: z.ZodOptional<z.ZodBoolean>;
47422
+ transports: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
47423
+ friendly_name: z.ZodOptional<z.ZodString>;
47379
47424
  confirmed: z.ZodDefault<z.ZodBoolean>;
47380
47425
  }, "strip", z.ZodTypeAny, {
47381
47426
  created_at: string;
47382
47427
  updated_at: string;
47383
- type: "push" | "email" | "phone" | "totp" | "webauthn";
47428
+ type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
47384
47429
  id: string;
47385
47430
  user_id: string;
47386
47431
  confirmed: boolean;
47387
47432
  phone_number?: string | undefined;
47433
+ friendly_name?: string | undefined;
47388
47434
  totp_secret?: string | undefined;
47435
+ credential_id?: string | undefined;
47436
+ public_key?: string | undefined;
47437
+ sign_count?: number | undefined;
47438
+ credential_backed_up?: boolean | undefined;
47439
+ transports?: string[] | undefined;
47389
47440
  }, {
47390
47441
  created_at: string;
47391
47442
  updated_at: string;
47392
- type: "push" | "email" | "phone" | "totp" | "webauthn";
47443
+ type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
47393
47444
  id: string;
47394
47445
  user_id: string;
47395
47446
  phone_number?: string | undefined;
47447
+ friendly_name?: string | undefined;
47396
47448
  totp_secret?: string | undefined;
47449
+ credential_id?: string | undefined;
47450
+ public_key?: string | undefined;
47451
+ sign_count?: number | undefined;
47452
+ credential_backed_up?: boolean | undefined;
47453
+ transports?: string[] | undefined;
47397
47454
  confirmed?: boolean | undefined;
47398
47455
  }>, {
47399
47456
  created_at: string;
47400
47457
  updated_at: string;
47401
- type: "push" | "email" | "phone" | "totp" | "webauthn";
47458
+ type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
47402
47459
  id: string;
47403
47460
  user_id: string;
47404
47461
  confirmed: boolean;
47405
47462
  phone_number?: string | undefined;
47463
+ friendly_name?: string | undefined;
47406
47464
  totp_secret?: string | undefined;
47465
+ credential_id?: string | undefined;
47466
+ public_key?: string | undefined;
47467
+ sign_count?: number | undefined;
47468
+ credential_backed_up?: boolean | undefined;
47469
+ transports?: string[] | undefined;
47407
47470
  }, {
47408
47471
  created_at: string;
47409
47472
  updated_at: string;
47410
- type: "push" | "email" | "phone" | "totp" | "webauthn";
47473
+ type: "push" | "email" | "passkey" | "phone" | "totp" | "webauthn-roaming" | "webauthn-platform";
47411
47474
  id: string;
47412
47475
  user_id: string;
47413
47476
  phone_number?: string | undefined;
47477
+ friendly_name?: string | undefined;
47414
47478
  totp_secret?: string | undefined;
47479
+ credential_id?: string | undefined;
47480
+ public_key?: string | undefined;
47481
+ sign_count?: number | undefined;
47482
+ credential_backed_up?: boolean | undefined;
47483
+ transports?: string[] | undefined;
47415
47484
  confirmed?: boolean | undefined;
47416
47485
  }>;
47417
- export type MfaEnrollment = z.infer<typeof mfaEnrollmentSchema>;
47486
+ export type AuthenticationMethod = z.infer<typeof authenticationMethodSchema>;
47418
47487
  export declare function parseUserId(user_id: string): {
47419
47488
  connection: string;
47420
47489
  id: string;
@@ -47905,12 +47974,12 @@ export interface GeoAdapter {
47905
47974
  */
47906
47975
  getGeoInfo(headers: Record<string, string>): Promise<GeoInfo | null>;
47907
47976
  }
47908
- export interface MfaEnrollmentsAdapter {
47909
- create: (tenant_id: string, enrollment: MfaEnrollmentInsert) => Promise<MfaEnrollment>;
47910
- get: (tenant_id: string, enrollment_id: string) => Promise<MfaEnrollment | null>;
47911
- list: (tenant_id: string, user_id: string) => Promise<MfaEnrollment[]>;
47912
- update: (tenant_id: string, enrollment_id: string, data: Partial<MfaEnrollmentInsert>) => Promise<MfaEnrollment>;
47913
- remove: (tenant_id: string, enrollment_id: string) => Promise<boolean>;
47977
+ export interface AuthenticationMethodsAdapter {
47978
+ create: (tenant_id: string, method: AuthenticationMethodInsert) => Promise<AuthenticationMethod>;
47979
+ get: (tenant_id: string, method_id: string) => Promise<AuthenticationMethod | null>;
47980
+ list: (tenant_id: string, user_id: string) => Promise<AuthenticationMethod[]>;
47981
+ update: (tenant_id: string, method_id: string, data: AuthenticationMethodUpdate) => Promise<AuthenticationMethod>;
47982
+ remove: (tenant_id: string, method_id: string) => Promise<boolean>;
47914
47983
  }
47915
47984
  export interface StatsListParams {
47916
47985
  from?: string;
@@ -47998,7 +48067,7 @@ export interface DataAdapters {
47998
48067
  users: UserDataAdapter;
47999
48068
  userRoles: UserRolesAdapter;
48000
48069
  organizations: OrganizationsAdapter;
48001
- mfaEnrollments: MfaEnrollmentsAdapter;
48070
+ authenticationMethods: AuthenticationMethodsAdapter;
48002
48071
  userOrganizations: UserOrganizationsAdapter;
48003
48072
  /**
48004
48073
  * Optional session cleanup function.
package/dist/adapter-interfaces.mjs CHANGED
@@ -57,7 +57,7 @@ const r = e.object({
57
57
  X,
58
58
  V,
59
59
  Q
60
- ]), J = e.object({
60
+ ]), $ = e.object({
61
61
  name: e.string().min(1).max(150).openapi({
62
62
  description: "The name of the flow"
63
63
  }),
@@ -65,7 +65,7 @@ const r = e.object({
65
65
  actions: e.array(Z).optional().default([]).openapi({
66
66
  description: "The list of actions to execute in sequence"
67
67
  })
68
- }), ht = J.extend({
68
+ }), ht = $.extend({
69
69
  ...r.shape,
70
70
  id: e.string().openapi({
71
71
  description: "Unique identifier for the flow",
@@ -92,7 +92,7 @@ const r = e.object({
92
92
  limit: e.number(),
93
93
  length: e.number(),
94
94
  total: e.number().optional()
95
- }), $ = e.object({
95
+ }), J = e.object({
96
96
  email: e.string().optional(),
97
97
  email_verified: e.boolean().optional(),
98
98
  name: e.string().optional(),
@@ -114,7 +114,7 @@ const r = e.object({
114
114
  access_token: e.string().optional(),
115
115
  access_token_secret: e.string().optional(),
116
116
  refresh_token: e.string().optional(),
117
- profileData: $.optional()
117
+ profileData: J.optional()
118
118
  }), oe = e.object({
119
119
  formatted: e.string().optional(),
120
120
  // Full mailing address
@@ -193,10 +193,10 @@ const r = e.object({
193
193
  user_id: e.string()
194
194
  }).catchall(e.any());
195
195
  let ie = "useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict", ae = (o = 21) => {
196
- let n = "", i = crypto.getRandomValues(new Uint8Array(o |= 0));
196
+ let t = "", i = crypto.getRandomValues(new Uint8Array(o |= 0));
197
197
  for (; o--; )
198
- n += ie[i[o] & 63];
199
- return n;
198
+ t += ie[i[o] & 63];
199
+ return t;
200
200
  };
201
201
  const se = e.object({
202
202
  client_id: e.string().openapi({
@@ -651,7 +651,7 @@ const Ce = e.object({
651
651
  font: e.object({
652
652
  url: e.string()
653
653
  }).optional()
654
- }), Oe = e.enum([
654
+ }), Te = e.enum([
655
655
  "password_reset",
656
656
  "email_verification",
657
657
  "otp",
@@ -659,7 +659,7 @@ const Ce = e.object({
659
659
  "authorization_code",
660
660
  "oauth2_state",
661
661
  "ticket"
662
- ]), Te = e.object({
662
+ ]), Oe = e.object({
663
663
  code_id: e.string().openapi({
664
664
  description: "The code that will be used in for instance an email verification flow"
665
665
  }),
@@ -669,7 +669,7 @@ const Ce = e.object({
669
669
  connection_id: e.string().optional().openapi({
670
670
  description: "The connection that the code is connected to"
671
671
  }),
672
- code_type: Oe,
672
+ code_type: Te,
673
673
  code_verifier: e.string().optional().openapi({
674
674
  description: "The code verifier used in PKCE in outbound flows"
675
675
  }),
@@ -694,8 +694,8 @@ const Ce = e.object({
694
694
  expires_at: e.string(),
695
695
  used_at: e.string().optional(),
696
696
  user_id: e.string().optional()
697
- }), Ot = e.object({
698
- ...Te.shape,
697
+ }), Tt = e.object({
698
+ ...Oe.shape,
699
699
  created_at: e.string()
700
700
  }), Ne = e.object({
701
701
  kid: e.string().optional(),
@@ -822,7 +822,7 @@ const Ce = e.object({
822
822
  show_as_button: e.boolean().optional(),
823
823
  metadata: e.record(e.any()).optional(),
824
824
  is_system: e.boolean().optional()
825
- }), Tt = e.object({
825
+ }), Ot = e.object({
826
826
  id: e.string(),
827
827
  created_at: e.string().transform((o) => o === null ? "" : o),
828
828
  updated_at: e.string().transform((o) => o === null ? "" : o)
@@ -914,28 +914,28 @@ const Ce = e.object({
914
914
  config: e.object({
915
915
  content: e.string().optional()
916
916
  }).optional()
917
- }), O = C.extend({
917
+ }), T = C.extend({
918
918
  category: e.literal("WIDGET").optional(),
919
919
  label: e.string().min(1).optional(),
920
920
  hint: e.string().min(1).max(500).optional(),
921
921
  required: e.boolean().optional(),
922
922
  sensitive: e.boolean().optional()
923
- }), He = O.extend({
923
+ }), He = T.extend({
924
924
  type: e.literal("AUTH0_VERIFIABLE_CREDENTIALS"),
925
925
  config: e.object({
926
926
  credential_type: e.string().optional()
927
927
  })
928
- }), Ge = O.extend({
928
+ }), Ge = T.extend({
929
929
  type: e.literal("GMAPS_ADDRESS"),
930
930
  config: e.object({
931
931
  api_key: e.string().optional()
932
932
  })
933
- }), Be = O.extend({
933
+ }), Be = T.extend({
934
934
  type: e.literal("RECAPTCHA"),
935
935
  config: e.object({
936
936
  site_key: e.string().optional()
937
937
  })
938
- }), t = C.extend({
938
+ }), n = C.extend({
939
939
  category: e.literal("FIELD").optional(),
940
940
  label: e.string().min(1).optional(),
941
941
  hint: e.string().min(1).max(500).optional(),
@@ -948,12 +948,12 @@ const Ce = e.object({
948
948
  ).optional(),
949
949
  required: e.boolean().optional(),
950
950
  sensitive: e.boolean().optional()
951
- }), We = t.extend({
951
+ }), We = n.extend({
952
952
  type: e.literal("BOOLEAN"),
953
953
  config: e.object({
954
954
  default_value: e.boolean().optional()
955
955
  }).optional()
956
- }), Ke = t.extend({
956
+ }), Ke = n.extend({
957
957
  type: e.literal("CARDS"),
958
958
  config: e.object({
959
959
  options: e.array(
@@ -966,7 +966,7 @@ const Ce = e.object({
966
966
  ).optional(),
967
967
  multi_select: e.boolean().optional()
968
968
  }).optional()
969
- }), ze = t.extend({
969
+ }), ze = n.extend({
970
970
  type: e.literal("CHOICE"),
971
971
  config: e.object({
972
972
  options: e.array(
@@ -979,7 +979,7 @@ const Ce = e.object({
979
979
  multiple: e.boolean().optional(),
980
980
  default_value: e.union([e.string(), e.array(e.string())]).optional()
981
981
  }).optional()
982
- }), qe = t.extend({
982
+ }), qe = n.extend({
983
983
  type: e.literal("CUSTOM"),
984
984
  config: e.object({
985
985
  component: e.string().optional(),
@@ -987,7 +987,7 @@ const Ce = e.object({
987
987
  schema: e.record(e.any()).optional(),
988
988
  code: e.string().optional()
989
989
  })
990
- }), Xe = t.extend({
990
+ }), Xe = n.extend({
991
991
  type: e.literal("DATE"),
992
992
  config: e.object({
993
993
  format: e.string().optional(),
@@ -995,7 +995,7 @@ const Ce = e.object({
995
995
  max: e.string().optional(),
996
996
  default_value: e.string().optional()
997
997
  }).optional()
998
- }), Ve = t.extend({
998
+ }), Ve = n.extend({
999
999
  type: e.literal("DROPDOWN"),
1000
1000
  config: e.object({
1001
1001
  options: e.array(
@@ -1009,26 +1009,26 @@ const Ce = e.object({
1009
1009
  multiple: e.boolean().optional(),
1010
1010
  default_value: e.union([e.string(), e.array(e.string())]).optional()
1011
1011
  }).optional()
1012
- }), Ye = t.extend({
1012
+ }), Ye = n.extend({
1013
1013
  type: e.literal("EMAIL"),
1014
1014
  config: e.object({
1015
1015
  placeholder: e.string().optional(),
1016
1016
  default_value: e.string().optional()
1017
1017
  }).optional()
1018
- }), Qe = t.extend({
1018
+ }), Qe = n.extend({
1019
1019
  type: e.literal("FILE"),
1020
1020
  config: e.object({
1021
1021
  accept: e.string().optional(),
1022
1022
  max_size: e.number().optional(),
1023
1023
  multiple: e.boolean().optional()
1024
1024
  }).optional()
1025
- }), Ze = t.extend({
1025
+ }), Ze = n.extend({
1026
1026
  type: e.literal("LEGAL"),
1027
1027
  config: e.object({
1028
1028
  text: e.string(),
1029
1029
  html: e.boolean().optional()
1030
1030
  }).optional()
1031
- }), Je = t.extend({
1031
+ }), $e = n.extend({
1032
1032
  type: e.literal("NUMBER"),
1033
1033
  config: e.object({
1034
1034
  placeholder: e.string().optional(),
@@ -1037,7 +1037,7 @@ const Ce = e.object({
1037
1037
  step: e.number().optional(),
1038
1038
  default_value: e.string().optional()
1039
1039
  }).optional()
1040
- }), $e = t.extend({
1040
+ }), Je = n.extend({
1041
1041
  type: e.literal("PASSWORD"),
1042
1042
  config: e.object({
1043
1043
  placeholder: e.string().optional(),
@@ -1046,13 +1046,13 @@ const Ce = e.object({
1046
1046
  forgot_password_link: e.string().optional(),
1047
1047
  default_value: e.string().optional()
1048
1048
  }).optional()
1049
- }), eo = t.extend({
1049
+ }), eo = n.extend({
1050
1050
  type: e.literal("PAYMENT"),
1051
1051
  config: e.object({
1052
1052
  provider: e.string().optional(),
1053
1053
  currency: e.string().optional()
1054
1054
  }).optional()
1055
- }), oo = t.extend({
1055
+ }), oo = n.extend({
1056
1056
  type: e.literal("SOCIAL"),
1057
1057
  config: e.object({
1058
1058
  providers: e.array(e.string()).optional(),
@@ -1067,7 +1067,7 @@ const Ce = e.object({
1067
1067
  })
1068
1068
  ).optional()
1069
1069
  }).optional()
1070
- }), to = t.extend({
1070
+ }), to = n.extend({
1071
1071
  type: e.literal("TEL"),
1072
1072
  config: e.object({
1073
1073
  placeholder: e.string().optional(),
@@ -1075,7 +1075,7 @@ const Ce = e.object({
1075
1075
  default_value: e.string().optional(),
1076
1076
  allow_email: e.boolean().optional()
1077
1077
  }).optional()
1078
- }), no = t.extend({
1078
+ }), no = n.extend({
1079
1079
  type: e.literal("TEXT"),
1080
1080
  config: e.object({
1081
1081
  placeholder: e.string().optional(),
@@ -1083,13 +1083,13 @@ const Ce = e.object({
1083
1083
  max_length: e.number().optional(),
1084
1084
  default_value: e.string().optional()
1085
1085
  }).optional()
1086
- }), io = t.extend({
1086
+ }), io = n.extend({
1087
1087
  type: e.literal("COUNTRY"),
1088
1088
  config: e.object({
1089
1089
  placeholder: e.string().optional(),
1090
1090
  default_value: e.string().optional()
1091
1091
  }).optional()
1092
- }), ao = t.extend({
1092
+ }), ao = n.extend({
1093
1093
  type: e.literal("URL"),
1094
1094
  config: e.object({
1095
1095
  placeholder: e.string().optional(),
@@ -1119,8 +1119,8 @@ const Ce = e.object({
1119
1119
  Ye,
1120
1120
  Qe,
1121
1121
  Ze,
1122
- Je,
1123
1122
  $e,
1123
+ Je,
1124
1124
  eo,
1125
1125
  oo,
1126
1126
  to,
@@ -1343,7 +1343,7 @@ const k = e.enum([
1343
1343
  name: e.string().optional()
1344
1344
  }), Co = e.object({
1345
1345
  email: e.string().optional()
1346
- }), Oo = e.object({
1346
+ }), To = e.object({
1347
1347
  organization_id: e.string().max(50),
1348
1348
  inviter: yo,
1349
1349
  invitee: Co,
@@ -1361,7 +1361,7 @@ const k = e.enum([
1361
1361
  created_at: e.string().datetime(),
1362
1362
  expires_at: e.string().datetime(),
1363
1363
  ticket_id: e.string().optional()
1364
- }).extend(Oo.shape), To = e.object({
1364
+ }).extend(To.shape), Oo = e.object({
1365
1365
  alg: e.enum([
1366
1366
  "RS256",
1367
1367
  "RS384",
@@ -1381,7 +1381,7 @@ const k = e.enum([
1381
1381
  x5c: e.array(e.string()).optional(),
1382
1382
  use: e.enum(["sig", "enc"]).optional()
1383
1383
  }), Mt = e.object({
1384
- keys: e.array(To)
1384
+ keys: e.array(Oo)
1385
1385
  }), Ht = e.object({
1386
1386
  issuer: e.string(),
1387
1387
  authorization_endpoint: e.string(),
@@ -2006,10 +2006,10 @@ const Po = e.object({
2006
2006
  created_at: e.string(),
2007
2007
  // Spread in the rest of the refresh token properties.
2008
2008
  ...Ko.shape
2009
- }), Jt = e.object({
2009
+ }), $t = e.object({
2010
2010
  to: e.string(),
2011
2011
  message: e.string()
2012
- }), $t = e.object({
2012
+ }), Jt = e.object({
2013
2013
  name: e.string(),
2014
2014
  options: e.object({})
2015
2015
  }), zo = e.object({
@@ -2056,11 +2056,11 @@ const Po = e.object({
2056
2056
  resource_server_identifier: e.string(),
2057
2057
  permission_name: e.string(),
2058
2058
  organization_id: e.string().optional()
2059
- }), Jo = e.object({
2059
+ }), $o = e.object({
2060
2060
  ...Zo.shape,
2061
2061
  tenant_id: e.string(),
2062
2062
  created_at: e.string().optional()
2063
- }), tn = e.array(Jo), $o = e.object({
2063
+ }), tn = e.array($o), Jo = e.object({
2064
2064
  user_id: e.string(),
2065
2065
  resource_server_identifier: e.string(),
2066
2066
  resource_server_name: e.string(),
@@ -2069,7 +2069,7 @@ const Po = e.object({
2069
2069
  created_at: e.string().optional(),
2070
2070
  organization_id: e.string().optional()
2071
2071
  }), nn = e.array(
2072
- $o
2072
+ Jo
2073
2073
  ), et = e.object({
2074
2074
  user_id: e.string(),
2075
2075
  role_id: e.string(),
@@ -2327,7 +2327,8 @@ const Po = e.object({
2327
2327
  "passkeys",
2328
2328
  "captcha",
2329
2329
  "custom-form",
2330
- "login-passwordless"
2330
+ "login-passwordless",
2331
+ "mfa-login-options"
2331
2332
  ]), ct = e.record(e.string(), e.record(e.string(), e.string())).openapi({
2332
2333
  type: "object",
2333
2334
  additionalProperties: {
@@ -2362,24 +2363,44 @@ const Po = e.object({
2362
2363
  "totp",
2363
2364
  "email",
2364
2365
  "push",
2365
- "webauthn"
2366
+ "webauthn-roaming",
2367
+ "webauthn-platform",
2368
+ "passkey"
2366
2369
  ]), H = e.object({
2367
2370
  user_id: e.string(),
2368
2371
  type: _t,
2372
+ // Phone-specific
2369
2373
  phone_number: e.string().optional(),
2374
+ // TOTP-specific
2370
2375
  totp_secret: e.string().optional(),
2376
+ // WebAuthn/Passkey-specific
2377
+ credential_id: e.string().optional(),
2378
+ public_key: e.string().optional(),
2379
+ sign_count: e.number().int().nonnegative().optional(),
2380
+ credential_backed_up: e.boolean().optional(),
2381
+ transports: e.array(e.string()).optional(),
2382
+ friendly_name: e.string().optional(),
2383
+ // Common
2371
2384
  confirmed: e.boolean().default(!1)
2372
2385
  });
2373
- function G(o, n) {
2374
- o.type === "phone" && !o.phone_number && n.addIssue({
2386
+ function G(o, t) {
2387
+ o.type === "phone" && !o.phone_number && t.addIssue({
2375
2388
  code: e.ZodIssueCode.custom,
2376
2389
  message: "phone_number is required when type is 'phone'",
2377
2390
  path: ["phone_number"]
2378
- }), o.type === "totp" && !o.totp_secret && n.addIssue({
2391
+ }), o.type === "totp" && !o.totp_secret && t.addIssue({
2379
2392
  code: e.ZodIssueCode.custom,
2380
2393
  message: "totp_secret is required when type is 'totp'",
2381
2394
  path: ["totp_secret"]
2382
- });
2395
+ }), ["webauthn-roaming", "webauthn-platform", "passkey"].includes(o.type) && (o.credential_id || t.addIssue({
2396
+ code: e.ZodIssueCode.custom,
2397
+ message: `credential_id is required when type is '${o.type}'`,
2398
+ path: ["credential_id"]
2399
+ }), o.public_key || t.addIssue({
2400
+ code: e.ZodIssueCode.custom,
2401
+ message: `public_key is required when type is '${o.type}'`,
2402
+ path: ["public_key"]
2403
+ }));
2383
2404
  }
2384
2405
  const mn = H.superRefine(G), hn = e.object({
2385
2406
  ...H.shape,
@@ -2388,22 +2409,22 @@ const mn = H.superRefine(G), hn = e.object({
2388
2409
  updated_at: e.string()
2389
2410
  }).superRefine(G);
2390
2411
  function bn(o) {
2391
- const [n, i] = o.split("|");
2392
- if (!n || !i)
2412
+ const [t, i] = o.split("|");
2413
+ if (!t || !i)
2393
2414
  throw new Error(`Invalid user_id: ${o}`);
2394
- return { connection: n, id: i };
2415
+ return { connection: t, id: i };
2395
2416
  }
2396
2417
  function fn(o) {
2397
2418
  const {
2398
- primary: n,
2419
+ primary: t,
2399
2420
  secondaries: i,
2400
- syncMethods: T = ["create", "update", "remove", "delete", "set"]
2421
+ syncMethods: O = ["create", "update", "remove", "delete", "set"]
2401
2422
  } = o, E = {
2402
2423
  get(p, a) {
2403
2424
  if (typeof a == "symbol")
2404
2425
  return p[a];
2405
2426
  const c = p[a];
2406
- return typeof c != "function" ? c : T.includes(a) ? async (..._) => {
2427
+ return typeof c != "function" ? c : O.includes(a) ? async (..._) => {
2407
2428
  const S = await c.apply(p, _), d = [];
2408
2429
  for (const s of i) {
2409
2430
  const h = s.adapter[a];
@@ -2432,22 +2453,22 @@ function fn(o) {
2432
2453
  } : c.bind(p);
2433
2454
  }
2434
2455
  };
2435
- return new Proxy(n, E);
2456
+ return new Proxy(t, E);
2436
2457
  }
2437
2458
  function En(o) {
2438
2459
  return o;
2439
2460
  }
2440
2461
  function Sn(o) {
2441
2462
  var E, p, a, c, _, S, d, s, h, A, b, I;
2442
- const n = o == null ? void 0 : o.options;
2443
- if (!n)
2463
+ const t = o == null ? void 0 : o.options;
2464
+ if (!t)
2444
2465
  return {
2445
2466
  usernameIdentifierActive: !1,
2446
2467
  emailIdentifierActive: !0,
2447
2468
  usernameMinLength: 1,
2448
2469
  usernameMaxLength: 15
2449
2470
  };
2450
- const i = n.attributes;
2471
+ const i = t.attributes;
2451
2472
  if (i) {
2452
2473
  const B = ((p = (E = i.username) == null ? void 0 : E.identifier) == null ? void 0 : p.active) === !0, W = ((c = (a = i.email) == null ? void 0 : a.identifier) == null ? void 0 : c.active) !== !1, K = ((S = (_ = i.username) == null ? void 0 : _.validation) == null ? void 0 : S.min_length) ?? 1, z = ((s = (d = i.username) == null ? void 0 : d.validation) == null ? void 0 : s.max_length) ?? 15;
2453
2474
  return {
@@ -2458,10 +2479,10 @@ function Sn(o) {
2458
2479
  };
2459
2480
  }
2460
2481
  return {
2461
- usernameIdentifierActive: n.requires_username === !0,
2482
+ usernameIdentifierActive: t.requires_username === !0,
2462
2483
  emailIdentifierActive: !0,
2463
- usernameMinLength: ((A = (h = n.validation) == null ? void 0 : h.username) == null ? void 0 : A.min) ?? 1,
2464
- usernameMaxLength: ((I = (b = n.validation) == null ? void 0 : b.username) == null ? void 0 : I.max) ?? 15
2484
+ usernameMinLength: ((A = (h = t.validation) == null ? void 0 : h.username) == null ? void 0 : A.min) ?? 1,
2485
+ usernameMaxLength: ((I = (b = t.validation) == null ? void 0 : b.username) == null ? void 0 : I.max) ?? 15
2465
2486
  };
2466
2487
  }
2467
2488
  export {
@@ -2492,6 +2513,9 @@ export {
2492
2513
  X as auth0UpdateUserActionSchema,
2493
2514
  Et as auth0UserResponseSchema,
2494
2515
  Ce as authParamsSchema,
2516
+ mn as authenticationMethodInsertSchema,
2517
+ hn as authenticationMethodSchema,
2518
+ _t as authenticationMethodTypeSchema,
2495
2519
  N as baseUserSchema,
2496
2520
  so as blockComponentSchema,
2497
2521
  Po as bordersSchema,
@@ -2502,15 +2526,15 @@ export {
2502
2526
  le as clientGrantSchema,
2503
2527
  se as clientInsertSchema,
2504
2528
  At as clientSchema,
2505
- Te as codeInsertSchema,
2506
- Ot as codeSchema,
2507
- Oe as codeTypeSchema,
2529
+ Oe as codeInsertSchema,
2530
+ Tt as codeSchema,
2531
+ Te as codeTypeSchema,
2508
2532
  Mo as colorsSchema,
2509
2533
  mo as componentMessageSchema,
2510
2534
  ue as componentSchema,
2511
2535
  we as connectionInsertSchema,
2512
2536
  Ne as connectionOptionsSchema,
2513
- Tt as connectionSchema,
2537
+ Ot as connectionSchema,
2514
2538
  u as coordinatesSchema,
2515
2539
  fn as createPassthroughAdapter,
2516
2540
  En as createWriteOnlyAdapter,
@@ -2526,7 +2550,7 @@ export {
2526
2550
  Ie as endingSchema,
2527
2551
  lo as fieldComponentSchema,
2528
2552
  Z as flowActionStepSchema,
2529
- J as flowInsertSchema,
2553
+ $ as flowInsertSchema,
2530
2554
  ht as flowSchema,
2531
2555
  de as flowsFieldComponentSchema,
2532
2556
  be as flowsFlowNodeSchema,
@@ -2546,7 +2570,7 @@ export {
2546
2570
  x as hookTemplateId,
2547
2571
  Ut as hookTemplates,
2548
2572
  ee as identitySchema,
2549
- Oo as inviteInsertSchema,
2573
+ To as inviteInsertSchema,
2550
2574
  Pt as inviteSchema,
2551
2575
  Co as inviteeSchema,
2552
2576
  yo as inviterSchema,
@@ -2554,16 +2578,13 @@ export {
2554
2578
  kt as isFieldComponent,
2555
2579
  vt as isWidgetComponent,
2556
2580
  Mt as jwksKeySchema,
2557
- To as jwksSchema,
2581
+ Oo as jwksSchema,
2558
2582
  _e as legalComponentSchema,
2559
2583
  vo as logInsertSchema,
2560
2584
  Bt as logSchema,
2561
2585
  wo as loginSessionInsertSchema,
2562
2586
  Gt as loginSessionSchema,
2563
2587
  No as loginSessionStateSchema,
2564
- mn as mfaEnrollmentInsertSchema,
2565
- hn as mfaEnrollmentSchema,
2566
- _t as mfaEnrollmentTypeSchema,
2567
2588
  Se as nodeSchema,
2568
2589
  Ht as openIDConfigurationSchema,
2569
2590
  it as organizationBrandingSchema,
@@ -2575,7 +2596,7 @@ export {
2575
2596
  bn as parseUserId,
2576
2597
  ko as passwordInsertSchema,
2577
2598
  Wt as passwordSchema,
2578
- $ as profileDataSchema,
2599
+ J as profileDataSchema,
2579
2600
  pt as promptScreenSchema,
2580
2601
  Yt as promptSettingSchema,
2581
2602
  Q as redirectActionSchema,
@@ -2597,8 +2618,8 @@ export {
2597
2618
  Uo as sessionInsertSchema,
2598
2619
  Kt as sessionSchema,
2599
2620
  zt as signingKeySchema,
2600
- $t as smsProviderSchema,
2601
- Jt as smsSendParamsSchema,
2621
+ Jt as smsProviderSchema,
2622
+ $t as smsSendParamsSchema,
2602
2623
  Ae as startSchema,
2603
2624
  Fo as tenantInsertSchema,
2604
2625
  qt as tenantSchema,
@@ -2613,9 +2634,9 @@ export {
2613
2634
  ln as userOrganizationSchema,
2614
2635
  Zo as userPermissionInsertSchema,
2615
2636
  tn as userPermissionListSchema,
2616
- Jo as userPermissionSchema,
2637
+ $o as userPermissionSchema,
2617
2638
  nn as userPermissionWithDetailsListSchema,
2618
- $o as userPermissionWithDetailsSchema,
2639
+ Jo as userPermissionWithDetailsSchema,
2619
2640
  St as userResponseSchema,
2620
2641
  et as userRoleInsertSchema,
2621
2642
  an as userRoleListSchema,
package/package.json CHANGED
@@ -11,7 +11,7 @@
11
11
  "type": "git",
12
12
  "url": "https://github.com/markusahlstrand/authhero"
13
13
  },
14
- "version": "0.149.0",
14
+ "version": "0.150.0",
15
15
  "files": [
16
16
  "dist"
17
17
  ],