@authhero/adapter-interfaces 0.89.0 → 0.90.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/adapter-interfaces.cjs +1 -1
  2. package/dist/adapter-interfaces.d.ts +167 -148
  3. package/dist/adapter-interfaces.mjs +12 -9
  4. package/package.json +1 -1
package/dist/adapter-interfaces.cjs CHANGED
@@ -1 +1 @@
1
- "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("@hono/zod-openapi"),Ue=e.z.object({start:e.z.number(),limit:e.z.number(),length:e.z.number()}),n=e.z.object({created_at:e.z.string(),updated_at:e.z.string()}),u=e.z.object({email:e.z.string().optional(),email_verified:e.z.boolean().optional(),name:e.z.string().optional(),username:e.z.string().optional(),given_name:e.z.string().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),family_name:e.z.string().optional()}).catchall(e.z.any()),m=e.z.object({connection:e.z.string(),user_id:e.z.string(),provider:e.z.string(),isSocial:e.z.boolean(),access_token:e.z.string().optional(),access_token_secret:e.z.string().optional(),refresh_token:e.z.string().optional(),profileData:u.optional()}),l=e.z.object({email:e.z.string().optional().transform(t=>t&&t.toLowerCase()),username:e.z.string().optional(),phone_number:e.z.string().optional(),given_name:e.z.string().optional(),family_name:e.z.string().optional(),nickname:e.z.string().optional(),name:e.z.string().optional(),picture:e.z.string().optional(),locale:e.z.string().optional(),linked_to:e.z.string().optional(),profileData:e.z.string().optional(),user_id:e.z.string().optional(),app_metadata:e.z.any().default({}).optional(),user_metadata:e.z.any().default({}).optional()}),h=l.extend({email_verified:e.z.boolean().default(!1),verify_email:e.z.boolean().optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string().optional(),provider:e.z.string().default("email"),connection:e.z.string().default("email"),is_social:e.z.boolean().optional()}),S=e.z.object({...h.shape,...n.shape,user_id:e.z.string(),is_social:e.z.boolean(),email:e.z.string().optional(),login_count:e.z.number().default(0),identities:e.z.array(m).optional()}),Fe=S,ke=l.extend({login_count:e.z.number(),multifactor:e.z.array(e.z.string()).optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string()}).catchall(e.z.any()),je="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict";let E=(t=21)=>{let a="",s=crypto.getRandomValues(new Uint8Array(t));for(;t--;)a+=je[s[t]&63];return a};const f=e.z.object({audience:e.z.string().optional(),recipient:e.z.string().optional(),createUpnClaim:e.z.boolean().optional(),mapUnknownClaimsAsIs:e.z.boolean().optional(),passthroughClaimsWithNoMapping:e.z.boolean().optional(),mapIdentities:e.z.boolean().optional(),signatureAlgorithm:e.z.string().optional(),digestAlgorithm:e.z.string().optional(),issuer:e.z.string().optional(),destination:e.z.string().optional(),lifetimeInSeconds:e.z.number().optional(),signResponse:e.z.boolean().optional(),nameIdentifierFormat:e.z.string().optional(),nameIdentifierProbes:e.z.array(e.z.string()).optional(),authnContextClassRef:e.z.string().optional(),mappings:e.z.record(e.z.string()).optional()}),b=e.z.object({id:e.z.string(),name:e.z.string(),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level. Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"Ids of clients that will be allowed to perform delegation requests. Clients that will be allowed to make delegation request. By default, all your clients will be allowed. This field allows you to specify specific clients"}),addons:e.z.object({samlp:f.optional()}).default({}).optional().openapi({description:"Addons associated with the client. The key is the addon's package name and the value is an object with the configuration for the addon."}),email_validation:e.z.enum(["enabled","disabled","enforced"]).default("enforced").optional().openapi({description:"Defines if it possible to sign in with an unverified email and if verification emails will be sent. This is not available in auth0"}),client_secret:e.z.string().default(()=>E()).optional(),disable_sign_ups:e.z.boolean().optional().default(!1).openapi({description:"Prevents users from signing up using the hosted login page. This is not available in auth0"}),client_metadata:e.z.record(e.z.string().length(255)).optional()}),A=e.z.object({created_at:e.z.string().transform(t=>t===null?"":t),updated_at:e.z.string().transform(t=>t===null?"":t),...b.shape}),C=e.z.object({client_id:e.z.string().openapi({description:"ID of this client."}),name:e.z.string().min(1).openapi({description:"Name of this client (min length: 1 character, does not allow < or >)."}),description:e.z.string().max(140).optional().openapi({description:"Free text description of this client (max length: 140 characters)."}),global:e.z.boolean().default(!1).openapi({description:"Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false)."}),client_secret:e.z.string().default(()=>E()).optional().openapi({description:"Client secret (which you must not make public)."}),app_type:e.z.enum(["native","spa","regular_web","non_interactive","resource_server","express_configuration","rms","box","cloudbees","concur","dropbox","mscrm","echosign","egnyte","newrelic","office365","salesforce","sentry","sharepoint","slack","springcm","zendesk","zoom","sso_integration","oag"]).default("regular_web").optional().openapi({description:"The type of application this client represents"}),logo_uri:e.z.string().url().optional().openapi({description:"URL of the logo to display for this client. Recommended size is 150x150 pixels."}),is_first_party:e.z.boolean().default(!1).openapi({description:"Whether this client a first party client (true) or not (false)."}),oidc_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false)."}),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),client_aliases:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of audiences/realms for SAML protocol. Used by the wsfed addon."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),session_transfer:e.z.record(e.z.any()).default({}).optional().openapi({description:"Native to Web SSO Configuration"}),oidc_logout:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration for OIDC backchannel logout"}),grant_types:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, urn:openid:params:grant-type:ciba, and urn:ietf:params:oauth:grant-type:device_code."}),jwt_configuration:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration related to JWTs for the client."}),signing_keys:e.z.array(e.z.record(e.z.any())).default([]).optional().openapi({description:"Signing certificates associated with this client."}),encryption_key:e.z.record(e.z.any()).default({}).optional().openapi({description:"Encryption used for WsFed responses with this client."}),sso:e.z.boolean().default(!1).openapi({description:"Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false)."}),sso_disabled:e.z.boolean().default(!0).openapi({description:"Whether Single Sign On is disabled (true) or enabled (true). Defaults to true."}),cross_origin_authentication:e.z.boolean().default(!1).openapi({description:"Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."}),cross_origin_loc:e.z.string().url().optional().openapi({description:"URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page."}),custom_login_page_on:e.z.boolean().default(!1).openapi({description:"Whether a custom login page is to be used (true) or the default provided login page (false)."}),custom_login_page:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page."}),custom_login_page_preview:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page. (Used on Previews)"}),form_template:e.z.string().optional().openapi({description:"HTML form template to be used for WS-Federation."}),addons:e.z.record(e.z.any()).default({}).optional().openapi({description:"Addons enabled for this client and their associated configurations."}),token_endpoint_auth_method:e.z.enum(["none","client_secret_post","client_secret_basic"]).default("client_secret_basic").optional().openapi({description:"Defines the requested authentication method for the token endpoint. Can be none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), or client_secret_basic (client uses HTTP Basic)."}),client_metadata:e.z.record(e.z.string().max(255)).default({}).optional().openapi({description:'Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/()<>@ [Tab][Space]'}),mobile:e.z.record(e.z.any()).default({}).optional().openapi({description:"Additional configuration for native mobile apps."}),initiate_login_uri:e.z.string().url().optional().openapi({description:"Initiate login uri, must be https"}),native_social_login:e.z.record(e.z.any()).default({}).optional(),refresh_token:e.z.record(e.z.any()).default({}).optional().openapi({description:"Refresh token configuration"}),default_organization:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines the default Organization ID and flows"}),organization_usage:e.z.enum(["deny","allow","require"]).default("deny").optional().openapi({description:"Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require."}),organization_require_behavior:e.z.enum(["no_prompt","pre_login_prompt","post_login_prompt"]).default("no_prompt").optional().openapi({description:"Defines how to proceed during an authentication transaction when client.organization_usage: 'require'. Can be no_prompt (default), pre_login_prompt or post_login_prompt. post_login_prompt requires oidc_conformant: true."}),client_authentication_methods:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines client authentication methods."}),require_pushed_authorization_requests:e.z.boolean().default(!1).openapi({description:"Makes the use of Pushed Authorization Requests mandatory for this client"}),require_proof_of_possession:e.z.boolean().default(!1).openapi({description:"Makes the use of Proof-of-Possession mandatory for this client"}),signed_request_object:e.z.record(e.z.any()).default({}).optional().openapi({description:"JWT-secured Authorization Requests (JAR) settings."}),compliance_level:e.z.enum(["none","fapi1_adv_pkj_par","fapi1_adv_mtls_par","fapi2_sp_pkj_mtls","fapi2_sp_mtls_mtls"]).optional().openapi({description:"Defines the compliance level for this client, which may restrict it's capabilities"}),par_request_expiry:e.z.number().optional().openapi({description:"Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"}),token_quota:e.z.record(e.z.any()).default({}).optional()}),ve=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),...C.shape}),i=e.z.object({x:e.z.number(),y:e.z.number()});var p=(t=>(t.RICH_TEXT="RICH_TEXT",t.NEXT_BUTTON="NEXT_BUTTON",t.BACK_BUTTON="BACK_BUTTON",t.SUBMIT_BUTTON="SUBMIT_BUTTON",t.DIVIDER="DIVIDER",t.TEXT="TEXT",t.EMAIL="EMAIL",t.PASSWORD="PASSWORD",t.NUMBER="NUMBER",t.PHONE="PHONE",t.DATE="DATE",t.CHECKBOX="CHECKBOX",t.RADIO="RADIO",t.SELECT="SELECT",t.HIDDEN="HIDDEN",t.LEGAL="LEGAL",t))(p||{}),_=(t=>(t.BLOCK="BLOCK",t.FIELD="FIELD",t))(_||{});const r=e.z.object({id:e.z.string(),category:e.z.nativeEnum(_),type:e.z.nativeEnum(p)}),I=r.extend({category:e.z.literal("BLOCK"),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}).passthrough()}),O=r.extend({category:e.z.literal("BLOCK"),type:e.z.union([e.z.literal("NEXT_BUTTON"),e.z.literal("BACK_BUTTON"),e.z.literal("SUBMIT_BUTTON")]),config:e.z.object({text:e.z.string()}).passthrough()}),T=r.extend({category:e.z.literal("FIELD"),type:e.z.literal("LEGAL"),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({text:e.z.string()}).passthrough()}),N=r.extend({category:e.z.literal("FIELD"),type:e.z.union([e.z.literal("TEXT"),e.z.literal("EMAIL"),e.z.literal("PASSWORD"),e.z.literal("NUMBER"),e.z.literal("PHONE"),e.z.literal("DATE"),e.z.literal("CHECKBOX"),e.z.literal("RADIO"),e.z.literal("SELECT"),e.z.literal("HIDDEN")]),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({label:e.z.string().optional(),placeholder:e.z.string().optional()}).passthrough()}),y=e.z.object({id:e.z.string(),category:e.z.string(),type:e.z.string()}).passthrough(),R=e.z.union([I,O,T,N,y]);var L=(t=>(t.STEP="STEP",t.FLOW="FLOW",t.CONDITION="CONDITION",t.ACTION="ACTION",t))(L||{});const D=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:i,alias:e.z.string().optional(),config:e.z.object({components:e.z.array(R),next_node:e.z.string()}).passthrough()}),w=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:i,alias:e.z.string().optional(),config:e.z.object({flow_id:e.z.string(),next_node:e.z.string()})}),U=e.z.object({id:e.z.string(),type:e.z.string(),coordinates:i}).passthrough(),F=e.z.union([D,w,U]),k=e.z.object({next_node:e.z.string(),coordinates:i}).passthrough(),j=e.z.object({resume_flow:e.z.boolean().optional(),coordinates:i}).passthrough(),v=e.z.object({id:e.z.string(),name:e.z.string(),languages:e.z.object({primary:e.z.string()}).passthrough(),nodes:e.z.array(F),start:k,ending:j,created_at:e.z.string(),updated_at:e.z.string(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).passthrough()}).passthrough(),Pe=v.omit({id:!0,created_at:!0,updated_at:!0});var d=(t=>(t.TOKEN="token",t.TOKEN_ID_TOKEN="token id_token",t.CODE="code",t))(d||{}),z=(t=>(t.QUERY="query",t.FRAGMENT="fragment",t.FORM_POST="form_post",t.WEB_MESSAGE="web_message",t.SAML_POST="saml_post",t))(z||{}),g=(t=>(t.S256="S256",t.Plain="plain",t))(g||{});const P=e.z.object({client_id:e.z.string(),act_as:e.z.string().optional(),response_type:e.z.nativeEnum(d).optional(),response_mode:e.z.nativeEnum(z).optional(),redirect_uri:e.z.string().optional(),audience:e.z.string().optional(),organization:e.z.string().optional(),state:e.z.string().optional(),nonce:e.z.string().optional(),scope:e.z.string().optional(),prompt:e.z.string().optional(),code_challenge_method:e.z.nativeEnum(g).optional(),code_challenge:e.z.string().optional(),username:e.z.string().optional(),ui_locales:e.z.string().optional(),vendor_id:e.z.string().optional()}),Me=e.z.object({colors:e.z.object({primary:e.z.string(),page_background:e.z.object({type:e.z.string().optional(),start:e.z.string().optional(),end:e.z.string().optional(),angle_deg:e.z.number().optional()}).optional()}).optional(),logo_url:e.z.string().optional(),favicon_url:e.z.string().optional(),font:e.z.object({url:e.z.string()}).optional()}),M=e.z.object({kid:e.z.string().optional(),team_id:e.z.string().optional(),realms:e.z.string().optional(),authentication_method:e.z.string().optional(),client_id:e.z.string().optional(),client_secret:e.z.string().optional(),app_secret:e.z.string().optional(),scope:e.z.string().optional(),authorization_endpoint:e.z.string().optional(),token_endpoint:e.z.string().optional(),userinfo_endpoint:e.z.string().optional(),jwks_uri:e.z.string().optional(),discovery_url:e.z.string().optional(),issuer:e.z.string().optional(),provider:e.z.string().optional(),from:e.z.string().optional(),twilio_sid:e.z.string().optional(),twilio_token:e.z.string().optional()}),H=e.z.object({id:e.z.string().optional(),name:e.z.string(),strategy:e.z.string(),options:M.default({}),enabled_clients:e.z.array(e.z.string()).default([]).optional(),response_type:e.z.custom().optional(),response_mode:e.z.custom().optional()}),x=e.z.object({id:e.z.string(),created_at:e.z.string().transform(t=>t===null?"":t),updated_at:e.z.string().transform(t=>t===null?"":t)}).extend(H.shape),G=e.z.object({name:e.z.string(),audience:e.z.string(),sender_email:e.z.string().email(),sender_name:e.z.string(),support_url:e.z.string().url().optional(),logo:e.z.string().url().optional(),primary_color:e.z.string().optional(),secondary_color:e.z.string().optional(),language:e.z.string().optional(),id:e.z.string().optional()}),K=e.z.object({created_at:e.z.string().transform(t=>t===null?"":t),updated_at:e.z.string().transform(t=>t===null?"":t),...G.shape,id:e.z.string()});e.z.object({...A.shape,tenant:K,connections:e.z.array(x)});const W=e.z.enum(["password_reset","email_verification","otp","authorization_code","oauth2_state","ticket"]),B=e.z.object({code_id:e.z.string().openapi({description:"The code that will be used in for instance an email verification flow"}),login_id:e.z.string().openapi({description:"The id of the login session that the code is connected to"}),connection_id:e.z.string().optional().openapi({description:"The connection that the code is connected to"}),code_type:W,code_verifier:e.z.string().optional().openapi({description:"The code verifier used in PKCE in outbound flows"}),code_challenge:e.z.string().optional().openapi({description:"The code challenge used in PKCE in outbound flows"}),code_challenge_method:e.z.enum(["plain","S256"]).optional().openapi({description:"The code challenge method used in PKCE in outbound flows"}),redirect_uri:e.z.string().optional().openapi({description:"The redirect URI associated with the code"}),nonce:e.z.string().optional().openapi({description:"The nonce value used for security in OIDC flows"}),state:e.z.string().optional().openapi({description:"The state parameter used for CSRF protection in OAuth flows"}),expires_at:e.z.string(),used_at:e.z.string().optional(),user_id:e.z.string().optional()}),He=e.z.object({...B.shape,created_at:e.z.string()}),X=e.z.object({domain:e.z.string(),custom_domain_id:e.z.string().optional(),type:e.z.enum(["auth0_managed_certs","self_managed_certs"]),verification_method:e.z.enum(["txt"]).optional(),tls_policy:e.z.enum(["recommended"]).optional(),custom_client_ip_header:e.z.enum(["true-client-ip","cf-connecting-ip","x-forwarded-for","x-azure-clientip","null"]).optional(),domain_metadata:e.z.record(e.z.string().max(255)).optional()}),V=e.z.object({name:e.z.literal("txt"),record:e.z.string(),domain:e.z.string()}),q=e.z.object({...X.shape,custom_domain_id:e.z.string(),primary:e.z.boolean(),status:e.z.enum(["disabled","pending","pending_verification","ready"]),origin_domain_name:e.z.string().optional(),verification:e.z.object({methods:e.z.array(V)}).optional(),tls_policy:e.z.string().optional()}),xe=q.extend({tenant_id:e.z.string()}),Ge=e.z.object({id:e.z.string(),type:e.z.literal("submit"),label:e.z.string(),className:e.z.string().optional(),disabled:e.z.boolean().optional().default(!1),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0),customizations:e.z.record(e.z.string(),e.z.any()).optional()}),Y=e.z.discriminatedUnion("type",[e.z.object({id:e.z.string(),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),e.z.object({id:e.z.string(),type:e.z.literal("LEGAL"),config:e.z.object({text:e.z.string(),html:e.z.boolean().optional()}),required:e.z.boolean().optional(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),e.z.object({id:e.z.string(),type:e.z.literal("TEXT"),config:e.z.object({placeholder:e.z.string().optional(),multiline:e.z.boolean().optional()}),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),e.z.object({id:e.z.string(),type:e.z.literal("NEXT_BUTTON"),config:e.z.object({text:e.z.string().optional()}),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)})]),Q=e.z.object({name:e.z.string().openapi({description:"The name of the form"}),messages:e.z.object({errors:e.z.record(e.z.string(),e.z.any()).optional(),custom:e.z.record(e.z.string(),e.z.any()).optional()}).optional(),languages:e.z.object({primary:e.z.string().optional(),default:e.z.string().optional()}).optional(),translations:e.z.record(e.z.string(),e.z.any()).optional(),nodes:e.z.array(e.z.discriminatedUnion("type",[e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}),alias:e.z.string().min(1).max(150).optional(),config:e.z.object({flow_id:e.z.string().max(30),next_node:e.z.string()})}),e.z.object({id:e.z.string(),type:e.z.literal("ROUTER"),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}),alias:e.z.string().min(1).max(150),config:e.z.object({rules:e.z.array(e.z.object({id:e.z.string(),alias:e.z.string().min(1).max(150).optional(),condition:e.z.any(),next_node:e.z.string()})),fallback:e.z.array(e.z.string())})}),e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}),alias:e.z.string().min(1).max(150).optional(),config:e.z.object({components:e.z.array(Y),next_node:e.z.string()})})])).optional(),start:e.z.object({hidden_fields:e.z.array(e.z.object({key:e.z.string(),value:e.z.string()})).optional(),next_node:e.z.string().optional(),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}).optional()}).optional(),ending:e.z.object({redirection:e.z.object({delay:e.z.number().optional(),target:e.z.string().optional()}).optional(),after_submit:e.z.object({flow_id:e.z.string().optional()}).optional(),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}).optional(),resume_flow:e.z.boolean().optional()}).optional(),style:e.z.object({css:e.z.string().optional()}).optional()}).openapi({description:"Schema for flow-based forms (matches new JSON structure)"}),Ke=e.z.object({...n.shape,...Q.shape,id:e.z.string()}),J=e.z.enum(["pre-user-signup","post-user-registration","post-user-login"]),Z=e.z.enum(["pre-user-signup","post-user-registration","post-user-login"]),c={enabled:e.z.boolean().default(!1),synchronous:e.z.boolean().default(!1),priority:e.z.number().optional(),hook_id:e.z.string().optional()},We=e.z.object({...c,trigger_id:J,url:e.z.string()}),Be=e.z.object({...c,trigger_id:Z,form_id:e.z.string()}),Xe=e.z.union([We,Be]),Ve=e.z.object({...c,trigger_id:J,...n.shape,hook_id:e.z.string(),url:e.z.string()}),qe=e.z.object({...c,trigger_id:Z,...n.shape,hook_id:e.z.string(),form_id:e.z.string()}),Ye=e.z.union([Ve,qe]),$=e.z.object({alg:e.z.enum(["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512"]),e:e.z.string(),kid:e.z.string(),kty:e.z.enum(["RSA","EC","oct"]),n:e.z.string(),x5t:e.z.string().optional(),x5c:e.z.array(e.z.string()).optional(),use:e.z.enum(["sig","enc"]).optional()}),Qe=e.z.object({keys:e.z.array($)}),Je=e.z.object({issuer:e.z.string(),authorization_endpoint:e.z.string(),token_endpoint:e.z.string(),device_authorization_endpoint:e.z.string(),userinfo_endpoint:e.z.string(),mfa_challenge_endpoint:e.z.string(),jwks_uri:e.z.string(),registration_endpoint:e.z.string(),revocation_endpoint:e.z.string(),scopes_supported:e.z.array(e.z.string()),response_types_supported:e.z.array(e.z.string()),code_challenge_methods_supported:e.z.array(e.z.string()),response_modes_supported:e.z.array(e.z.string()),subject_types_supported:e.z.array(e.z.string()),id_token_signing_alg_values_supported:e.z.array(e.z.string()),token_endpoint_auth_methods_supported:e.z.array(e.z.string()),claims_supported:e.z.array(e.z.string()),request_uri_parameter_supported:e.z.boolean(),request_parameter_supported:e.z.boolean(),token_endpoint_auth_signing_alg_values_supported:e.z.array(e.z.string())}),ee=e.z.object({csrf_token:e.z.string(),auth0Client:e.z.string().optional(),authParams:P,expires_at:e.z.string(),deleted_at:e.z.string().optional(),ip:e.z.string().optional(),useragent:e.z.string().optional(),session_id:e.z.string().optional(),authorization_url:e.z.string().optional(),login_completed:e.z.boolean().optional().default(!1)}).openapi({description:"This represents a login sesion"}),Ze=e.z.object({...ee.shape,id:e.z.string().openapi({description:"This is is used as the state in the universal login"}),created_at:e.z.string(),updated_at:e.z.string()}),te={ACLS_SUMMARY:"acls_summary",ACTIONS_EXECUTION_FAILED:"actions_execution_failed",API_LIMIT:"api_limit",API_LIMIT_WARNING:"api_limit_warning",APPI:"appi",CIBA_EXCHANGE_FAILED:"ciba_exchange_failed",CIBA_EXCHANGE_SUCCEEDED:"ciba_exchange_succeeded",CIBA_START_FAILED:"ciba_start_failed",CIBA_START_SUCCEEDED:"ciba_start_succeeded",CODE_LINK_SENT:"cls",CODE_SENT:"cs",DEPRECATION_NOTICE:"depnote",FAILED_LOGIN:"f",FAILED_BY_CONNECTOR:"fc",FAILED_CHANGE_EMAIL:"fce",FAILED_BY_CORS:"fco",FAILED_CROSS_ORIGIN_AUTHENTICATION:"fcoa",FAILED_CHANGE_PASSWORD:"fcp",FAILED_POST_CHANGE_PASSWORD_HOOK:"fcph",FAILED_CHANGE_PHONE_NUMBER:"fcpn",FAILED_CHANGE_PASSWORD_REQUEST:"fcpr",FAILED_CONNECTOR_PROVISIONING:"fcpro",FAILED_CHANGE_USERNAME:"fcu",FAILED_DELEGATION:"fd",FAILED_DEVICE_ACTIVATION:"fdeac",FAILED_DEVICE_AUTHORIZATION_REQUEST:"fdeaz",USER_CANCELED_DEVICE_CONFIRMATION:"fdecc",FAILED_USER_DELETION:"fdu",FAILED_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"feacft",FAILED_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"feccft",FAILED_EXCHANGE_CUSTOM_TOKEN:"fecte",FAILED_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"fede",FAILED_FEDERATED_LOGOUT:"federated_logout_failed",FAILED_EXCHANGE_NATIVE_SOCIAL_LOGIN:"fens",FAILED_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"feoobft",FAILED_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"feotpft",FAILED_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"fepft",FAILED_EXCHANGE_PASSWORDLESS_OTP_FOR_ACCESS_TOKEN:"fepotpft",FAILED_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"fercft",FAILED_EXCHANGE_ROTATING_REFRESH_TOKEN:"ferrt",FAILED_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"fertft",FAILED_HOOK:"fh",FAILED_INVITE_ACCEPT:"fi",FAILED_LOGOUT:"flo",FLOWS_EXECUTION_COMPLETED:"flows_execution_completed",FLOWS_EXECUTION_FAILED:"flows_execution_failed",FAILED_SENDING_NOTIFICATION:"fn",FORMS_SUBMISSION_FAILED:"forms_submission_failed",FORMS_SUBMISSION_SUCCEEDED:"forms_submission_succeeded",FAILED_LOGIN_INCORRECT_PASSWORD:"fp",FAILED_PUSHED_AUTHORIZATION_REQUEST:"fpar",FAILED_POST_USER_REGISTRATION_HOOK:"fpurh",FAILED_SIGNUP:"fs",FAILED_SILENT_AUTH:"fsa",FAILED_LOGIN_INVALID_EMAIL_USERNAME:"fu",FAILED_USERS_IMPORT:"fui",FAILED_VERIFICATION_EMAIL:"fv",FAILED_VERIFICATION_EMAIL_REQUEST:"fvr",EMAIL_VERIFICATION_CONFIRMED:"gd_auth_email_verification",EMAIL_VERIFICATION_FAILED:"gd_auth_fail_email_verification",MFA_AUTH_FAILED:"gd_auth_failed",MFA_AUTH_REJECTED:"gd_auth_rejected",MFA_AUTH_SUCCESS:"gd_auth_succeed",MFA_ENROLLMENT_COMPLETE:"gd_enrollment_complete",TOO_MANY_MFA_FAILURES:"gd_otp_rate_limit_exceed",MFA_RECOVERY_FAILED:"gd_recovery_failed",MFA_RECOVERY_RATE_LIMIT_EXCEED:"gd_recovery_rate_limit_exceed",MFA_RECOVERY_SUCCESS:"gd_recovery_succeed",MFA_EMAIL_SENT:"gd_send_email",EMAIL_VERIFICATION_SENT:"gd_send_email_verification",EMAIL_VERIFICATION_SEND_FAILURE:"gd_send_email_verification_failure",PUSH_NOTIFICATION_SENT:"gd_send_pn",ERROR_SENDING_MFA_PUSH_NOTIFICATION:"gd_send_pn_failure",MFA_SMS_SENT:"gd_send_sms",ERROR_SENDING_MFA_SMS:"gd_send_sms_failure",MFA_VOICE_CALL_SUCCESS:"gd_send_voice",MFA_VOICE_CALL_FAILED:"gd_send_voice_failure",SECOND_FACTOR_STARTED:"gd_start_auth",MFA_ENROLL_STARTED:"gd_start_enroll",MFA_ENROLLMENT_FAILED:"gd_start_enroll_failed",GUARDIAN_TENANT_UPDATE:"gd_tenant_update",UNENROLL_DEVICE_ACCOUNT:"gd_unenroll",UPDATE_DEVICE_ACCOUNT:"gd_update_device_account",WEBAUTHN_CHALLENGE_FAILED:"gd_webauthn_challenge_failed",WEBAUTHN_ENROLLMENT_FAILED:"gd_webauthn_enrollment_failed",FAILED_KMS_API_OPERATION:"kms_key_management_failure",SUCCESS_KMS_API_OPERATION:"kms_key_management_success",KMS_KEY_STATE_CHANGED:"kms_key_state_changed",TOO_MANY_CALLS_TO_DELEGATION:"limit_delegation",BLOCKED_IP_ADDRESS:"limit_mu",BLOCKED_ACCOUNT_IP:"limit_sul",BLOCKED_ACCOUNT_EMAIL:"limit_wc",MFA_REQUIRED:"mfar",MANAGEMENT_API_READ_OPERATION:"mgmt_api_read",FAILED_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_failed",SUCCESSFUL_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_succeeded",FAILED_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_failed",SUCCESSFUL_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_succeeded",ORGANIZATION_MEMBER_ADDED:"organization_member_added",PASSKEY_CHALLENGE_FAILED:"passkey_challenge_failed",PASSKEY_CHALLENGE_STARTED:"passkey_challenge_started",PRE_LOGIN_ASSESSMENT:"pla",BREACHED_PASSWORD:"pwd_leak",BREACHED_PASSWORD_ON_RESET:"reset_pwd_leak",SUCCESS_RESOURCE_CLEANUP:"resource_cleanup",RICH_CONSENTS_ACCESS_ERROR:"rich_consents_access_error",SUCCESS_LOGIN:"s",SUCCESS_API_OPERATION:"sapi",SUCCESS_CHANGE_EMAIL:"sce",SUCCESS_CROSS_ORIGIN_AUTHENTICATION:"scoa",SUCCESS_CHANGE_PASSWORD:"scp",SUCCESS_CHANGE_PHONE_NUMBER:"scpn",SUCCESS_CHANGE_PASSWORD_REQUEST:"scpr",SUCCESS_CHANGE_USERNAME:"scu",SUCCESS_CREDENTIAL_VALIDATION:"scv",SUCCESS_DELEGATION:"sd",SUCCESS_USER_DELETION:"sdu",SUCCESS_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"seacft",SUCCESS_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"seccft",SUCCESS_EXCHANGE_CUSTOM_TOKEN:"secte",SUCCESS_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"sede",SUCCESS_EXCHANGE_NATIVE_SOCIAL_LOGIN:"sens",SUCCESS_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"seoobft",SUCCESS_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"seotpft",SUCCESS_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"sepft",SUCCESS_EXCHANGE_PASSKEY_OOB_FOR_ACCESS_TOKEN:"sepkoobft",SUCCESS_EXCHANGE_PASSKEY_OTP_FOR_ACCESS_TOKEN:"sepkotpft",SUCCESS_EXCHANGE_PASSKEY_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sepkrcft",SUCCESS_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sercft",SUCCESS_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"sertft",SUCCESSFULLY_ACCEPTED_USER_INVITE:"si",BREACHED_PASSWORD_ON_SIGNUP:"signup_pwd_leak",SUCCESS_LOGOUT:"slo",SUCCESS_REVOCATION:"srrt",SUCCESS_SIGNUP:"ss",FAILED_SS_SSO_OPERATION:"ss_sso_failure",INFORMATION_FROM_SS_SSO_OPERATION:"ss_sso_info",SUCCESS_SS_SSO_OPERATION:"ss_sso_success",SUCCESS_SILENT_AUTH:"ssa",SUCCESSFUL_SCIM_OPERATION:"sscim",SUCCESSFULLY_IMPORTED_USERS:"sui",SUCCESS_VERIFICATION_EMAIL:"sv",SUCCESS_VERIFICATION_EMAIL_REQUEST:"svr",MAX_AMOUNT_OF_AUTHENTICATORS:"too_many_records",USER_LOGIN_BLOCK_RELEASED:"ublkdu",FAILED_UNIVERSAL_LOGOUT:"universal_logout_failed",SUCCESSFUL_UNIVERSAL_LOGOUT:"universal_logout_succeeded",WARNING_DURING_LOGIN:"w",WARNING_SENDING_NOTIFICATION:"wn",WARNING_USER_MANAGEMENT:"wum"},$e=e.z.string().refine(t=>Object.values(te).includes(t),{message:"Invalid log type"}),oe=e.z.object({name:e.z.string(),version:e.z.string(),env:e.z.object({node:e.z.string().optional()}).optional()}),et=e.z.object({type:$e,date:e.z.string(),description:e.z.string().optional(),log_id:e.z.string().optional(),_id:e.z.string().optional(),ip:e.z.string(),user_agent:e.z.string(),details:e.z.any().optional(),isMobile:e.z.boolean(),user_id:e.z.string().optional(),user_name:e.z.string().optional(),connection:e.z.string().optional(),connection_id:e.z.string().optional(),client_id:e.z.string().optional(),client_name:e.z.string().optional(),audience:e.z.string().optional(),scope:e.z.array(e.z.string()).optional(),strategy:e.z.string().optional(),strategy_type:e.z.string().optional(),hostname:e.z.string().optional(),auth0_client:oe.optional()}),ne=e.z.object({user_id:e.z.string(),password:e.z.string(),algorithm:e.z.enum(["bcrypt","argon2id"]).default("argon2id")}),tt=e.z.object({...ne.shape,created_at:e.z.string(),updated_at:e.z.string()}),ie=e.z.object({initial_user_agent:e.z.string().describe("First user agent of the device from which this user logged in"),initial_ip:e.z.string().describe("First IP address associated with this session"),initial_asn:e.z.string().describe("First autonomous system number associated with this session"),last_user_agent:e.z.string().describe("Last user agent of the device from which this user logged in"),last_ip:e.z.string().describe("Last IP address from which this user logged in"),last_asn:e.z.string().describe("Last autonomous system number from which this user logged in")}),ae=e.z.object({id:e.z.string(),revoked_at:e.z.string().optional(),used_at:e.z.string().optional(),user_id:e.z.string().describe("The user ID associated with the session"),expires_at:e.z.string().optional(),login_session_id:e.z.string(),idle_expires_at:e.z.string().optional(),device:ie.describe("Metadata related to the device used in the session"),clients:e.z.array(e.z.string()).describe("List of client details for the session")}),ot=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),authenticated_at:e.z.string(),last_interaction_at:e.z.string(),...ae.shape}),nt=e.z.object({kid:e.z.string().openapi({description:"The key id of the signing key"}),cert:e.z.string().openapi({description:"The public certificate of the signing key"}),fingerprint:e.z.string().openapi({description:"The cert fingerprint"}),thumbprint:e.z.string().openapi({description:"The cert thumbprint"}),pkcs7:e.z.string().optional().openapi({description:"The private key in pkcs7 format"}),current:e.z.boolean().optional().openapi({description:"True if the key is the current key"}),next:e.z.boolean().optional().openapi({description:"True if the key is the next key"}),previous:e.z.boolean().optional().openapi({description:"True if the key is the previous key"}),current_since:e.z.string().optional().openapi({description:"The date and time when the key became the current key"}),current_until:e.z.string().optional().openapi({description:"The date and time when the current key was rotated"}),revoked:e.z.boolean().optional().openapi({description:"True if the key is revoked"}),revoked_at:e.z.string().optional().openapi({description:"The date and time when the key was revoked"}),connection:e.z.string().optional().openapi({description:"The connection identifier associated with the key"}),type:e.z.enum(["jwt_signing","saml_encryption"]).openapi({description:"The type of the signing key"})});var se=(t=>(t.RefreshToken="refresh_token",t.AuthorizationCode="authorization_code",t.ClientCredential="client_credentials",t.Passwordless="passwordless",t.Password="password",t.OTP="http://auth0.com/oauth/grant-type/passwordless/otp",t))(se||{});const it=e.z.object({access_token:e.z.string(),id_token:e.z.string().optional(),scope:e.z.string().optional(),state:e.z.string().optional(),refresh_token:e.z.string().optional(),token_type:e.z.string(),expires_in:e.z.number()});e.z.object({code:e.z.string(),state:e.z.string().optional()});const re=e.z.object({button_border_radius:e.z.number(),button_border_weight:e.z.number(),buttons_style:e.z.enum(["pill","rounded","sharp"]),input_border_radius:e.z.number(),input_border_weight:e.z.number(),inputs_style:e.z.enum(["pill","rounded","sharp"]),show_widget_shadow:e.z.boolean(),widget_border_weight:e.z.number(),widget_corner_radius:e.z.number()}),ce=e.z.object({base_focus_color:e.z.string(),base_hover_color:e.z.string(),body_text:e.z.string(),captcha_widget_theme:e.z.enum(["auto","dark","light"]),error:e.z.string(),header:e.z.string(),icons:e.z.string(),input_background:e.z.string(),input_border:e.z.string(),input_filled_text:e.z.string(),input_labels_placeholders:e.z.string(),links_focused_components:e.z.string(),primary_button:e.z.string(),primary_button_label:e.z.string(),secondary_button_border:e.z.string(),secondary_button_label:e.z.string(),success:e.z.string(),widget_background:e.z.string(),widget_border:e.z.string()}),o=e.z.object({bold:e.z.boolean(),size:e.z.number()}),le=e.z.object({body_text:o,buttons_text:o,font_url:e.z.string(),input_labels:o,links:o,links_style:e.z.enum(["normal","underlined"]),reference_text_size:e.z.number(),subtitle:o,title:o}),pe=e.z.object({background_color:e.z.string(),background_image_url:e.z.string(),page_layout:e.z.enum(["center","left","right"])}),_e=e.z.object({header_text_alignment:e.z.enum(["center","left","right"]),logo_height:e.z.number(),logo_position:e.z.enum(["center","left","none","right"]),logo_url:e.z.string(),social_buttons_layout:e.z.enum(["bottom","top"])}),de=e.z.object({borders:re,colors:ce,displayName:e.z.string(),fonts:le,page_background:pe,widget:_e}),at=de.extend({themeId:e.z.string()}),st=e.z.object({universal_login_experience:e.z.enum(["new","classic"]).default("new"),identifier_first:e.z.boolean().default(!0),password_first:e.z.boolean().default(!1),webauthn_platform_first_factor:e.z.boolean()}),rt=e.z.object({name:e.z.string(),enabled:e.z.boolean().optional().default(!0),default_from_address:e.z.string().optional(),credentials:e.z.union([e.z.object({accessKeyId:e.z.string(),secretAccessKey:e.z.string(),region:e.z.string()}),e.z.object({smtp_host:e.z.array(e.z.string()),smtp_port:e.z.number(),smtp_user:e.z.string(),smtp_pass:e.z.string()}),e.z.object({api_key:e.z.string(),domain:e.z.string().optional()}),e.z.object({connectionString:e.z.string()}),e.z.object({tenantId:e.z.string(),clientId:e.z.string(),clientSecret:e.z.string()})]),settings:e.z.object({}).optional()}),ze=e.z.object({id:e.z.string(),session_id:e.z.string(),user_id:e.z.string(),client_id:e.z.string(),expires_at:e.z.string().optional(),idle_expires_at:e.z.string().optional(),last_exchanged_at:e.z.string().optional(),device:ie,resource_servers:e.z.array(e.z.object({audience:e.z.string(),scopes:e.z.string()})),rotating:e.z.boolean()}),ct=e.z.object({created_at:e.z.string(),...ze.shape}),lt=e.z.object({to:e.z.string(),message:e.z.string()}),pt=e.z.object({name:e.z.string(),options:e.z.object({})}),ge=e.z.object({value:e.z.string(),description:e.z.string().optional()}),ue=e.z.object({token_dialect:e.z.enum(["access_token","access_token_authz"]).optional(),enforce_policies:e.z.boolean().optional(),allow_skipping_userinfo:e.z.boolean().optional(),skip_userinfo:e.z.boolean().optional(),persist_client_authorization:e.z.boolean().optional(),enable_introspection_endpoint:e.z.boolean().optional(),mtls:e.z.object({bound_access_tokens:e.z.boolean().optional()}).optional()}),me=e.z.object({name:e.z.string(),identifier:e.z.string(),scopes:e.z.array(ge).optional(),signing_alg:e.z.string().optional(),signing_secret:e.z.string().optional(),token_lifetime:e.z.number().optional(),token_lifetime_for_web:e.z.number().optional(),skip_consent_for_verifiable_first_party_clients:e.z.boolean().optional(),allow_offline_access:e.z.boolean().optional(),verificationKey:e.z.string().optional(),options:ue.optional()}),he=e.z.object({id:e.z.string().optional(),...me.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),_t=e.z.array(he),Se=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string()}),Ee=e.z.object({...Se.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),dt=e.z.array(Ee),fe=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional()}),zt=e.z.array(fe),be=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string(),organization_id:e.z.string().optional()}),Ae=e.z.object({...be.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),gt=e.z.array(Ae),Ce=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional(),organization_id:e.z.string().optional()}),ut=e.z.array(Ce),Ie=e.z.object({user_id:e.z.string(),role_id:e.z.string(),organization_id:e.z.string().optional()}),Oe=e.z.object({...Ie.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),mt=e.z.array(Oe),Te=e.z.object({name:e.z.string().min(1).max(50).openapi({description:"The name of the role. Cannot include '<' or '>'"}),description:e.z.string().max(255).optional().openapi({description:"The description of the role"})}),Ne=e.z.object({id:e.z.string().openapi({description:"The unique identifier of the role"}),...Te.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),ht=e.z.array(Ne),ye=e.z.object({logo_url:e.z.string().optional().openapi({description:"URL of the organization's logo"}),colors:e.z.object({primary:e.z.string().optional().openapi({description:"Primary color in hex format (e.g., #FF0000)"}),page_background:e.z.string().optional().openapi({description:"Page background color in hex format (e.g., #FFFFFF)"})}).optional()}).optional(),Re=e.z.object({connection_id:e.z.string().openapi({description:"ID of the connection"}),assign_membership_on_login:e.z.boolean().default(!1).openapi({description:"Whether to assign membership to the organization on login"}),show_as_button:e.z.boolean().default(!0).openapi({description:"Whether to show this connection as a button in the login screen"}),is_signup_enabled:e.z.boolean().default(!0).openapi({description:"Whether signup is enabled for this connection"})}),Le=e.z.object({client_credentials:e.z.object({enforce:e.z.boolean().default(!1).openapi({description:"Whether to enforce token quota limits"}),per_day:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per day (0 = unlimited)"}),per_hour:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per hour (0 = unlimited)"})}).optional()}).optional(),De=e.z.object({id:e.z.string().optional(),name:e.z.string().min(1).openapi({description:"The name of the organization"}),display_name:e.z.string().optional().openapi({description:"The display name of the organization"}),branding:ye,metadata:e.z.record(e.z.any()).default({}).optional().openapi({description:"Custom metadata for the organization"}),enabled_connections:e.z.array(Re).default([]).optional().openapi({description:"List of enabled connections for the organization"}),token_quota:Le}),St=e.z.object({...De.shape,...n.shape,id:e.z.string()}),we=e.z.object({user_id:e.z.string().openapi({description:"ID of the user"}),organization_id:e.z.string().openapi({description:"ID of the organization"})}),Et=e.z.object({...we.shape,...n.shape,id:e.z.string()});function ft(t){const[a,s]=t.split("|");if(!a||!s)throw new Error(`Invalid user_id: ${t}`);return{connection:a,id:s}}exports.Auth0Client=oe;exports.AuthorizationResponseMode=z;exports.AuthorizationResponseType=d;exports.CodeChallengeMethod=g;exports.ComponentCategory=_;exports.ComponentType=p;exports.GrantType=se;exports.LogTypes=te;exports.NodeType=L;exports.applicationInsertSchema=b;exports.applicationSchema=A;exports.auth0FlowInsertSchema=Pe;exports.auth0FlowSchema=v;exports.auth0UserResponseSchema=Fe;exports.authParamsSchema=P;exports.baseUserSchema=l;exports.bordersSchema=re;exports.brandingSchema=Me;exports.buttonComponentSchema=O;exports.clientInsertSchema=C;exports.clientSchema=ve;exports.codeInsertSchema=B;exports.codeSchema=He;exports.codeTypeSchema=W;exports.colorsSchema=ce;exports.componentSchema=R;exports.connectionInsertSchema=H;exports.connectionOptionsSchema=M;exports.connectionSchema=x;exports.coordinatesSchema=i;exports.customDomainInsertSchema=X;exports.customDomainSchema=q;exports.customDomainWithTenantIdSchema=xe;exports.emailProviderSchema=rt;exports.endingSchema=j;exports.fieldComponentSchema=N;exports.flowNodeSchema=w;exports.fontDetailsSchema=o;exports.fontsSchema=le;exports.formControlSchema=Ge;exports.formInsertSchema=Q;exports.formNodeComponentDefinition=Y;exports.formSchema=Ke;exports.genericComponentSchema=y;exports.genericNodeSchema=U;exports.hookInsertSchema=Xe;exports.hookSchema=Ye;exports.identitySchema=m;exports.jwksKeySchema=Qe;exports.jwksSchema=$;exports.legalComponentSchema=T;exports.logSchema=et;exports.loginSessionInsertSchema=ee;exports.loginSessionSchema=Ze;exports.nodeSchema=F;exports.openIDConfigurationSchema=Je;exports.organizationBrandingSchema=ye;exports.organizationEnabledConnectionSchema=Re;exports.organizationInsertSchema=De;exports.organizationSchema=St;exports.organizationTokenQuotaSchema=Le;exports.pageBackgroundSchema=pe;exports.parseUserId=ft;exports.passwordInsertSchema=ne;exports.passwordSchema=tt;exports.profileDataSchema=u;exports.promptSettingSchema=st;exports.refreshTokenInsertSchema=ze;exports.refreshTokenSchema=ct;exports.resourceServerInsertSchema=me;exports.resourceServerListSchema=_t;exports.resourceServerOptionsSchema=ue;exports.resourceServerSchema=he;exports.resourceServerScopeSchema=ge;exports.richTextComponentSchema=I;exports.roleInsertSchema=Te;exports.roleListSchema=ht;exports.rolePermissionInsertSchema=Se;exports.rolePermissionListSchema=dt;exports.rolePermissionSchema=Ee;exports.rolePermissionWithDetailsListSchema=zt;exports.rolePermissionWithDetailsSchema=fe;exports.roleSchema=Ne;exports.samlpAddon=f;exports.sessionInsertSchema=ae;exports.sessionSchema=ot;exports.signingKeySchema=nt;exports.smsProviderSchema=pt;exports.smsSendParamsSchema=lt;exports.startSchema=k;exports.stepNodeSchema=D;exports.tenantInsertSchema=G;exports.tenantSchema=K;exports.themeInsertSchema=de;exports.themeSchema=at;exports.tokenResponseSchema=it;exports.totalsSchema=Ue;exports.userInsertSchema=h;exports.userOrganizationInsertSchema=we;exports.userOrganizationSchema=Et;exports.userPermissionInsertSchema=be;exports.userPermissionListSchema=gt;exports.userPermissionSchema=Ae;exports.userPermissionWithDetailsListSchema=ut;exports.userPermissionWithDetailsSchema=Ce;exports.userResponseSchema=ke;exports.userRoleInsertSchema=Ie;exports.userRoleListSchema=mt;exports.userRoleSchema=Oe;exports.userSchema=S;exports.verificationMethodsSchema=V;exports.widgetSchema=_e;
1
+ "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require("@hono/zod-openapi"),Ue=e.z.object({start:e.z.number(),limit:e.z.number(),length:e.z.number()}),n=e.z.object({created_at:e.z.string(),updated_at:e.z.string()}),u=e.z.object({email:e.z.string().optional(),email_verified:e.z.boolean().optional(),name:e.z.string().optional(),username:e.z.string().optional(),given_name:e.z.string().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),family_name:e.z.string().optional()}).catchall(e.z.any()),m=e.z.object({connection:e.z.string(),user_id:e.z.string(),provider:e.z.string(),isSocial:e.z.boolean(),access_token:e.z.string().optional(),access_token_secret:e.z.string().optional(),refresh_token:e.z.string().optional(),profileData:u.optional()}),l=e.z.object({email:e.z.string().optional().transform(t=>t&&t.toLowerCase()),username:e.z.string().optional(),phone_number:e.z.string().optional(),given_name:e.z.string().optional(),family_name:e.z.string().optional(),nickname:e.z.string().optional(),name:e.z.string().optional(),picture:e.z.string().optional(),locale:e.z.string().optional(),linked_to:e.z.string().optional(),profileData:e.z.string().optional(),user_id:e.z.string().optional(),app_metadata:e.z.any().default({}).optional(),user_metadata:e.z.any().default({}).optional()}),h=l.extend({email_verified:e.z.boolean().default(!1),verify_email:e.z.boolean().optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string().optional(),provider:e.z.string().default("email"),connection:e.z.string().default("email"),is_social:e.z.boolean().optional()}),S=e.z.object({...h.shape,...n.shape,user_id:e.z.string(),is_social:e.z.boolean(),email:e.z.string().optional(),login_count:e.z.number().default(0),identities:e.z.array(m).optional()}),Fe=S,ke=l.extend({login_count:e.z.number(),multifactor:e.z.array(e.z.string()).optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string()}).catchall(e.z.any()),je="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict";let E=(t=21)=>{let a="",s=crypto.getRandomValues(new Uint8Array(t));for(;t--;)a+=je[s[t]&63];return a};const f=e.z.object({audience:e.z.string().optional(),recipient:e.z.string().optional(),createUpnClaim:e.z.boolean().optional(),mapUnknownClaimsAsIs:e.z.boolean().optional(),passthroughClaimsWithNoMapping:e.z.boolean().optional(),mapIdentities:e.z.boolean().optional(),signatureAlgorithm:e.z.string().optional(),digestAlgorithm:e.z.string().optional(),issuer:e.z.string().optional(),destination:e.z.string().optional(),lifetimeInSeconds:e.z.number().optional(),signResponse:e.z.boolean().optional(),nameIdentifierFormat:e.z.string().optional(),nameIdentifierProbes:e.z.array(e.z.string()).optional(),authnContextClassRef:e.z.string().optional(),mappings:e.z.record(e.z.string()).optional()}),b=e.z.object({id:e.z.string(),name:e.z.string(),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level. Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"Ids of clients that will be allowed to perform delegation requests. Clients that will be allowed to make delegation request. By default, all your clients will be allowed. This field allows you to specify specific clients"}),addons:e.z.object({samlp:f.optional()}).default({}).optional().openapi({description:"Addons associated with the client. The key is the addon's package name and the value is an object with the configuration for the addon."}),email_validation:e.z.enum(["enabled","disabled","enforced"]).default("enforced").optional().openapi({description:"Defines if it possible to sign in with an unverified email and if verification emails will be sent. This is not available in auth0"}),client_secret:e.z.string().default(()=>E()).optional(),disable_sign_ups:e.z.boolean().optional().default(!1).openapi({description:"Prevents users from signing up using the hosted login page. This is not available in auth0"}),client_metadata:e.z.record(e.z.string().length(255)).optional()}),ve=e.z.object({created_at:e.z.string().transform(t=>t===null?"":t),updated_at:e.z.string().transform(t=>t===null?"":t),...b.shape}),A=e.z.object({client_id:e.z.string().openapi({description:"ID of this client."}),name:e.z.string().min(1).openapi({description:"Name of this client (min length: 1 character, does not allow < or >)."}),description:e.z.string().max(140).optional().openapi({description:"Free text description of this client (max length: 140 characters)."}),global:e.z.boolean().default(!1).openapi({description:"Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false)."}),client_secret:e.z.string().default(()=>E()).optional().openapi({description:"Client secret (which you must not make public)."}),app_type:e.z.enum(["native","spa","regular_web","non_interactive","resource_server","express_configuration","rms","box","cloudbees","concur","dropbox","mscrm","echosign","egnyte","newrelic","office365","salesforce","sentry","sharepoint","slack","springcm","zendesk","zoom","sso_integration","oag"]).default("regular_web").optional().openapi({description:"The type of application this client represents"}),logo_uri:e.z.string().url().optional().openapi({description:"URL of the logo to display for this client. Recommended size is 150x150 pixels."}),is_first_party:e.z.boolean().default(!1).openapi({description:"Whether this client a first party client (true) or not (false)."}),oidc_conformant:e.z.boolean().default(!0).openapi({description:"Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false)."}),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),client_aliases:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of audiences/realms for SAML protocol. Used by the wsfed addon."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),session_transfer:e.z.record(e.z.any()).default({}).optional().openapi({description:"Native to Web SSO Configuration"}),oidc_logout:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration for OIDC backchannel logout"}),grant_types:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, urn:openid:params:grant-type:ciba, and urn:ietf:params:oauth:grant-type:device_code."}),jwt_configuration:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration related to JWTs for the client."}),signing_keys:e.z.array(e.z.record(e.z.any())).default([]).optional().openapi({description:"Signing certificates associated with this client."}),encryption_key:e.z.record(e.z.any()).default({}).optional().openapi({description:"Encryption used for WsFed responses with this client."}),sso:e.z.boolean().default(!1).openapi({description:"Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false)."}),sso_disabled:e.z.boolean().default(!0).openapi({description:"Whether Single Sign On is disabled (true) or enabled (true). Defaults to true."}),cross_origin_authentication:e.z.boolean().default(!1).openapi({description:"Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."}),cross_origin_loc:e.z.string().url().optional().openapi({description:"URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page."}),custom_login_page_on:e.z.boolean().default(!1).openapi({description:"Whether a custom login page is to be used (true) or the default provided login page (false)."}),custom_login_page:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page."}),custom_login_page_preview:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page. (Used on Previews)"}),form_template:e.z.string().optional().openapi({description:"HTML form template to be used for WS-Federation."}),addons:e.z.record(e.z.any()).default({}).optional().openapi({description:"Addons enabled for this client and their associated configurations."}),token_endpoint_auth_method:e.z.enum(["none","client_secret_post","client_secret_basic"]).default("client_secret_basic").optional().openapi({description:"Defines the requested authentication method for the token endpoint. Can be none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), or client_secret_basic (client uses HTTP Basic)."}),client_metadata:e.z.record(e.z.string().max(255)).default({}).optional().openapi({description:'Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/()<>@ [Tab][Space]'}),mobile:e.z.record(e.z.any()).default({}).optional().openapi({description:"Additional configuration for native mobile apps."}),initiate_login_uri:e.z.string().url().optional().openapi({description:"Initiate login uri, must be https"}),native_social_login:e.z.record(e.z.any()).default({}).optional(),refresh_token:e.z.record(e.z.any()).default({}).optional().openapi({description:"Refresh token configuration"}),default_organization:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines the default Organization ID and flows"}),organization_usage:e.z.enum(["deny","allow","require"]).default("deny").optional().openapi({description:"Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require."}),organization_require_behavior:e.z.enum(["no_prompt","pre_login_prompt","post_login_prompt"]).default("no_prompt").optional().openapi({description:"Defines how to proceed during an authentication transaction when client.organization_usage: 'require'. Can be no_prompt (default), pre_login_prompt or post_login_prompt. post_login_prompt requires oidc_conformant: true."}),client_authentication_methods:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines client authentication methods."}),require_pushed_authorization_requests:e.z.boolean().default(!1).openapi({description:"Makes the use of Pushed Authorization Requests mandatory for this client"}),require_proof_of_possession:e.z.boolean().default(!1).openapi({description:"Makes the use of Proof-of-Possession mandatory for this client"}),signed_request_object:e.z.record(e.z.any()).default({}).optional().openapi({description:"JWT-secured Authorization Requests (JAR) settings."}),compliance_level:e.z.enum(["none","fapi1_adv_pkj_par","fapi1_adv_mtls_par","fapi2_sp_pkj_mtls","fapi2_sp_mtls_mtls"]).optional().openapi({description:"Defines the compliance level for this client, which may restrict it's capabilities"}),par_request_expiry:e.z.number().optional().openapi({description:"Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"}),token_quota:e.z.record(e.z.any()).default({}).optional()}),C=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),...A.shape}),i=e.z.object({x:e.z.number(),y:e.z.number()});var p=(t=>(t.RICH_TEXT="RICH_TEXT",t.NEXT_BUTTON="NEXT_BUTTON",t.BACK_BUTTON="BACK_BUTTON",t.SUBMIT_BUTTON="SUBMIT_BUTTON",t.DIVIDER="DIVIDER",t.TEXT="TEXT",t.EMAIL="EMAIL",t.PASSWORD="PASSWORD",t.NUMBER="NUMBER",t.PHONE="PHONE",t.DATE="DATE",t.CHECKBOX="CHECKBOX",t.RADIO="RADIO",t.SELECT="SELECT",t.HIDDEN="HIDDEN",t.LEGAL="LEGAL",t))(p||{}),_=(t=>(t.BLOCK="BLOCK",t.FIELD="FIELD",t))(_||{});const r=e.z.object({id:e.z.string(),category:e.z.nativeEnum(_),type:e.z.nativeEnum(p)}),I=r.extend({category:e.z.literal("BLOCK"),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}).passthrough()}),O=r.extend({category:e.z.literal("BLOCK"),type:e.z.union([e.z.literal("NEXT_BUTTON"),e.z.literal("BACK_BUTTON"),e.z.literal("SUBMIT_BUTTON")]),config:e.z.object({text:e.z.string()}).passthrough()}),T=r.extend({category:e.z.literal("FIELD"),type:e.z.literal("LEGAL"),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({text:e.z.string()}).passthrough()}),N=r.extend({category:e.z.literal("FIELD"),type:e.z.union([e.z.literal("TEXT"),e.z.literal("EMAIL"),e.z.literal("PASSWORD"),e.z.literal("NUMBER"),e.z.literal("PHONE"),e.z.literal("DATE"),e.z.literal("CHECKBOX"),e.z.literal("RADIO"),e.z.literal("SELECT"),e.z.literal("HIDDEN")]),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({label:e.z.string().optional(),placeholder:e.z.string().optional()}).passthrough()}),y=e.z.object({id:e.z.string(),category:e.z.string(),type:e.z.string()}).passthrough(),R=e.z.union([I,O,T,N,y]);var L=(t=>(t.STEP="STEP",t.FLOW="FLOW",t.CONDITION="CONDITION",t.ACTION="ACTION",t))(L||{});const D=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:i,alias:e.z.string().optional(),config:e.z.object({components:e.z.array(R),next_node:e.z.string()}).passthrough()}),w=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:i,alias:e.z.string().optional(),config:e.z.object({flow_id:e.z.string(),next_node:e.z.string()})}),U=e.z.object({id:e.z.string(),type:e.z.string(),coordinates:i}).passthrough(),F=e.z.union([D,w,U]),k=e.z.object({next_node:e.z.string(),coordinates:i}).passthrough(),j=e.z.object({resume_flow:e.z.boolean().optional(),coordinates:i}).passthrough(),v=e.z.object({id:e.z.string(),name:e.z.string(),languages:e.z.object({primary:e.z.string()}).passthrough(),nodes:e.z.array(F),start:k,ending:j,created_at:e.z.string(),updated_at:e.z.string(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).passthrough()}).passthrough(),Pe=v.omit({id:!0,created_at:!0,updated_at:!0});var d=(t=>(t.TOKEN="token",t.TOKEN_ID_TOKEN="token id_token",t.CODE="code",t))(d||{}),z=(t=>(t.QUERY="query",t.FRAGMENT="fragment",t.FORM_POST="form_post",t.WEB_MESSAGE="web_message",t.SAML_POST="saml_post",t))(z||{}),g=(t=>(t.S256="S256",t.Plain="plain",t))(g||{});const P=e.z.object({client_id:e.z.string(),act_as:e.z.string().optional(),response_type:e.z.nativeEnum(d).optional(),response_mode:e.z.nativeEnum(z).optional(),redirect_uri:e.z.string().optional(),audience:e.z.string().optional(),organization:e.z.string().optional(),state:e.z.string().optional(),nonce:e.z.string().optional(),scope:e.z.string().optional(),prompt:e.z.string().optional(),code_challenge_method:e.z.nativeEnum(g).optional(),code_challenge:e.z.string().optional(),username:e.z.string().optional(),ui_locales:e.z.string().optional(),vendor_id:e.z.string().optional()}),Me=e.z.object({colors:e.z.object({primary:e.z.string(),page_background:e.z.object({type:e.z.string().optional(),start:e.z.string().optional(),end:e.z.string().optional(),angle_deg:e.z.number().optional()}).optional()}).optional(),logo_url:e.z.string().optional(),favicon_url:e.z.string().optional(),font:e.z.object({url:e.z.string()}).optional()}),M=e.z.object({kid:e.z.string().optional(),team_id:e.z.string().optional(),realms:e.z.string().optional(),authentication_method:e.z.string().optional(),client_id:e.z.string().optional(),client_secret:e.z.string().optional(),app_secret:e.z.string().optional(),scope:e.z.string().optional(),authorization_endpoint:e.z.string().optional(),token_endpoint:e.z.string().optional(),userinfo_endpoint:e.z.string().optional(),jwks_uri:e.z.string().optional(),discovery_url:e.z.string().optional(),issuer:e.z.string().optional(),provider:e.z.string().optional(),from:e.z.string().optional(),twilio_sid:e.z.string().optional(),twilio_token:e.z.string().optional()}),H=e.z.object({id:e.z.string().optional(),name:e.z.string(),strategy:e.z.string(),options:M.default({}),enabled_clients:e.z.array(e.z.string()).default([]).optional(),response_type:e.z.custom().optional(),response_mode:e.z.custom().optional()}),x=e.z.object({id:e.z.string(),created_at:e.z.string().transform(t=>t===null?"":t),updated_at:e.z.string().transform(t=>t===null?"":t)}).extend(H.shape),G=e.z.object({name:e.z.string(),audience:e.z.string(),sender_email:e.z.string().email(),sender_name:e.z.string(),support_url:e.z.string().url().optional(),logo:e.z.string().url().optional(),primary_color:e.z.string().optional(),secondary_color:e.z.string().optional(),language:e.z.string().optional(),id:e.z.string().optional()}),K=e.z.object({created_at:e.z.string().transform(t=>t===null?"":t),updated_at:e.z.string().transform(t=>t===null?"":t),...G.shape,id:e.z.string()});e.z.object({...C.shape,tenant:K,connections:e.z.array(x),disable_sign_ups:e.z.boolean(),email_validation:e.z.string()});const W=e.z.enum(["password_reset","email_verification","otp","authorization_code","oauth2_state","ticket"]),B=e.z.object({code_id:e.z.string().openapi({description:"The code that will be used in for instance an email verification flow"}),login_id:e.z.string().openapi({description:"The id of the login session that the code is connected to"}),connection_id:e.z.string().optional().openapi({description:"The connection that the code is connected to"}),code_type:W,code_verifier:e.z.string().optional().openapi({description:"The code verifier used in PKCE in outbound flows"}),code_challenge:e.z.string().optional().openapi({description:"The code challenge used in PKCE in outbound flows"}),code_challenge_method:e.z.enum(["plain","S256"]).optional().openapi({description:"The code challenge method used in PKCE in outbound flows"}),redirect_uri:e.z.string().optional().openapi({description:"The redirect URI associated with the code"}),nonce:e.z.string().optional().openapi({description:"The nonce value used for security in OIDC flows"}),state:e.z.string().optional().openapi({description:"The state parameter used for CSRF protection in OAuth flows"}),expires_at:e.z.string(),used_at:e.z.string().optional(),user_id:e.z.string().optional()}),He=e.z.object({...B.shape,created_at:e.z.string()}),X=e.z.object({domain:e.z.string(),custom_domain_id:e.z.string().optional(),type:e.z.enum(["auth0_managed_certs","self_managed_certs"]),verification_method:e.z.enum(["txt"]).optional(),tls_policy:e.z.enum(["recommended"]).optional(),custom_client_ip_header:e.z.enum(["true-client-ip","cf-connecting-ip","x-forwarded-for","x-azure-clientip","null"]).optional(),domain_metadata:e.z.record(e.z.string().max(255)).optional()}),V=e.z.object({name:e.z.literal("txt"),record:e.z.string(),domain:e.z.string()}),q=e.z.object({...X.shape,custom_domain_id:e.z.string(),primary:e.z.boolean(),status:e.z.enum(["disabled","pending","pending_verification","ready"]),origin_domain_name:e.z.string().optional(),verification:e.z.object({methods:e.z.array(V)}).optional(),tls_policy:e.z.string().optional()}),xe=q.extend({tenant_id:e.z.string()}),Ge=e.z.object({id:e.z.string(),type:e.z.literal("submit"),label:e.z.string(),className:e.z.string().optional(),disabled:e.z.boolean().optional().default(!1),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0),customizations:e.z.record(e.z.string(),e.z.any()).optional()}),Y=e.z.discriminatedUnion("type",[e.z.object({id:e.z.string(),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),e.z.object({id:e.z.string(),type:e.z.literal("LEGAL"),config:e.z.object({text:e.z.string(),html:e.z.boolean().optional()}),required:e.z.boolean().optional(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),e.z.object({id:e.z.string(),type:e.z.literal("TEXT"),config:e.z.object({placeholder:e.z.string().optional(),multiline:e.z.boolean().optional()}),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)}),e.z.object({id:e.z.string(),type:e.z.literal("NEXT_BUTTON"),config:e.z.object({text:e.z.string().optional()}),order:e.z.number().optional(),visible:e.z.boolean().optional().default(!0)})]),Q=e.z.object({name:e.z.string().openapi({description:"The name of the form"}),messages:e.z.object({errors:e.z.record(e.z.string(),e.z.any()).optional(),custom:e.z.record(e.z.string(),e.z.any()).optional()}).optional(),languages:e.z.object({primary:e.z.string().optional(),default:e.z.string().optional()}).optional(),translations:e.z.record(e.z.string(),e.z.any()).optional(),nodes:e.z.array(e.z.discriminatedUnion("type",[e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}),alias:e.z.string().min(1).max(150).optional(),config:e.z.object({flow_id:e.z.string().max(30),next_node:e.z.string()})}),e.z.object({id:e.z.string(),type:e.z.literal("ROUTER"),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}),alias:e.z.string().min(1).max(150),config:e.z.object({rules:e.z.array(e.z.object({id:e.z.string(),alias:e.z.string().min(1).max(150).optional(),condition:e.z.any(),next_node:e.z.string()})),fallback:e.z.array(e.z.string())})}),e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}),alias:e.z.string().min(1).max(150).optional(),config:e.z.object({components:e.z.array(Y),next_node:e.z.string()})})])).optional(),start:e.z.object({hidden_fields:e.z.array(e.z.object({key:e.z.string(),value:e.z.string()})).optional(),next_node:e.z.string().optional(),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}).optional()}).optional(),ending:e.z.object({redirection:e.z.object({delay:e.z.number().optional(),target:e.z.string().optional()}).optional(),after_submit:e.z.object({flow_id:e.z.string().optional()}).optional(),coordinates:e.z.object({x:e.z.number(),y:e.z.number()}).optional(),resume_flow:e.z.boolean().optional()}).optional(),style:e.z.object({css:e.z.string().optional()}).optional()}).openapi({description:"Schema for flow-based forms (matches new JSON structure)"}),Ke=e.z.object({...n.shape,...Q.shape,id:e.z.string()}),J=e.z.enum(["pre-user-signup","post-user-registration","post-user-login"]),Z=e.z.enum(["pre-user-signup","post-user-registration","post-user-login"]),c={enabled:e.z.boolean().default(!1),synchronous:e.z.boolean().default(!1),priority:e.z.number().optional(),hook_id:e.z.string().optional()},We=e.z.object({...c,trigger_id:J,url:e.z.string()}),Be=e.z.object({...c,trigger_id:Z,form_id:e.z.string()}),Xe=e.z.union([We,Be]),Ve=e.z.object({...c,trigger_id:J,...n.shape,hook_id:e.z.string(),url:e.z.string()}),qe=e.z.object({...c,trigger_id:Z,...n.shape,hook_id:e.z.string(),form_id:e.z.string()}),Ye=e.z.union([Ve,qe]),$=e.z.object({alg:e.z.enum(["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512"]),e:e.z.string(),kid:e.z.string(),kty:e.z.enum(["RSA","EC","oct"]),n:e.z.string(),x5t:e.z.string().optional(),x5c:e.z.array(e.z.string()).optional(),use:e.z.enum(["sig","enc"]).optional()}),Qe=e.z.object({keys:e.z.array($)}),Je=e.z.object({issuer:e.z.string(),authorization_endpoint:e.z.string(),token_endpoint:e.z.string(),device_authorization_endpoint:e.z.string(),userinfo_endpoint:e.z.string(),mfa_challenge_endpoint:e.z.string(),jwks_uri:e.z.string(),registration_endpoint:e.z.string(),revocation_endpoint:e.z.string(),scopes_supported:e.z.array(e.z.string()),response_types_supported:e.z.array(e.z.string()),code_challenge_methods_supported:e.z.array(e.z.string()),response_modes_supported:e.z.array(e.z.string()),subject_types_supported:e.z.array(e.z.string()),id_token_signing_alg_values_supported:e.z.array(e.z.string()),token_endpoint_auth_methods_supported:e.z.array(e.z.string()),claims_supported:e.z.array(e.z.string()),request_uri_parameter_supported:e.z.boolean(),request_parameter_supported:e.z.boolean(),token_endpoint_auth_signing_alg_values_supported:e.z.array(e.z.string())}),ee=e.z.object({csrf_token:e.z.string(),auth0Client:e.z.string().optional(),authParams:P,expires_at:e.z.string(),deleted_at:e.z.string().optional(),ip:e.z.string().optional(),useragent:e.z.string().optional(),session_id:e.z.string().optional(),authorization_url:e.z.string().optional(),login_completed:e.z.boolean().optional().default(!1)}).openapi({description:"This represents a login sesion"}),Ze=e.z.object({...ee.shape,id:e.z.string().openapi({description:"This is is used as the state in the universal login"}),created_at:e.z.string(),updated_at:e.z.string()}),te={ACLS_SUMMARY:"acls_summary",ACTIONS_EXECUTION_FAILED:"actions_execution_failed",API_LIMIT:"api_limit",API_LIMIT_WARNING:"api_limit_warning",APPI:"appi",CIBA_EXCHANGE_FAILED:"ciba_exchange_failed",CIBA_EXCHANGE_SUCCEEDED:"ciba_exchange_succeeded",CIBA_START_FAILED:"ciba_start_failed",CIBA_START_SUCCEEDED:"ciba_start_succeeded",CODE_LINK_SENT:"cls",CODE_SENT:"cs",DEPRECATION_NOTICE:"depnote",FAILED_LOGIN:"f",FAILED_BY_CONNECTOR:"fc",FAILED_CHANGE_EMAIL:"fce",FAILED_BY_CORS:"fco",FAILED_CROSS_ORIGIN_AUTHENTICATION:"fcoa",FAILED_CHANGE_PASSWORD:"fcp",FAILED_POST_CHANGE_PASSWORD_HOOK:"fcph",FAILED_CHANGE_PHONE_NUMBER:"fcpn",FAILED_CHANGE_PASSWORD_REQUEST:"fcpr",FAILED_CONNECTOR_PROVISIONING:"fcpro",FAILED_CHANGE_USERNAME:"fcu",FAILED_DELEGATION:"fd",FAILED_DEVICE_ACTIVATION:"fdeac",FAILED_DEVICE_AUTHORIZATION_REQUEST:"fdeaz",USER_CANCELED_DEVICE_CONFIRMATION:"fdecc",FAILED_USER_DELETION:"fdu",FAILED_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"feacft",FAILED_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"feccft",FAILED_EXCHANGE_CUSTOM_TOKEN:"fecte",FAILED_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"fede",FAILED_FEDERATED_LOGOUT:"federated_logout_failed",FAILED_EXCHANGE_NATIVE_SOCIAL_LOGIN:"fens",FAILED_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"feoobft",FAILED_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"feotpft",FAILED_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"fepft",FAILED_EXCHANGE_PASSWORDLESS_OTP_FOR_ACCESS_TOKEN:"fepotpft",FAILED_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"fercft",FAILED_EXCHANGE_ROTATING_REFRESH_TOKEN:"ferrt",FAILED_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"fertft",FAILED_HOOK:"fh",FAILED_INVITE_ACCEPT:"fi",FAILED_LOGOUT:"flo",FLOWS_EXECUTION_COMPLETED:"flows_execution_completed",FLOWS_EXECUTION_FAILED:"flows_execution_failed",FAILED_SENDING_NOTIFICATION:"fn",FORMS_SUBMISSION_FAILED:"forms_submission_failed",FORMS_SUBMISSION_SUCCEEDED:"forms_submission_succeeded",FAILED_LOGIN_INCORRECT_PASSWORD:"fp",FAILED_PUSHED_AUTHORIZATION_REQUEST:"fpar",FAILED_POST_USER_REGISTRATION_HOOK:"fpurh",FAILED_SIGNUP:"fs",FAILED_SILENT_AUTH:"fsa",FAILED_LOGIN_INVALID_EMAIL_USERNAME:"fu",FAILED_USERS_IMPORT:"fui",FAILED_VERIFICATION_EMAIL:"fv",FAILED_VERIFICATION_EMAIL_REQUEST:"fvr",EMAIL_VERIFICATION_CONFIRMED:"gd_auth_email_verification",EMAIL_VERIFICATION_FAILED:"gd_auth_fail_email_verification",MFA_AUTH_FAILED:"gd_auth_failed",MFA_AUTH_REJECTED:"gd_auth_rejected",MFA_AUTH_SUCCESS:"gd_auth_succeed",MFA_ENROLLMENT_COMPLETE:"gd_enrollment_complete",TOO_MANY_MFA_FAILURES:"gd_otp_rate_limit_exceed",MFA_RECOVERY_FAILED:"gd_recovery_failed",MFA_RECOVERY_RATE_LIMIT_EXCEED:"gd_recovery_rate_limit_exceed",MFA_RECOVERY_SUCCESS:"gd_recovery_succeed",MFA_EMAIL_SENT:"gd_send_email",EMAIL_VERIFICATION_SENT:"gd_send_email_verification",EMAIL_VERIFICATION_SEND_FAILURE:"gd_send_email_verification_failure",PUSH_NOTIFICATION_SENT:"gd_send_pn",ERROR_SENDING_MFA_PUSH_NOTIFICATION:"gd_send_pn_failure",MFA_SMS_SENT:"gd_send_sms",ERROR_SENDING_MFA_SMS:"gd_send_sms_failure",MFA_VOICE_CALL_SUCCESS:"gd_send_voice",MFA_VOICE_CALL_FAILED:"gd_send_voice_failure",SECOND_FACTOR_STARTED:"gd_start_auth",MFA_ENROLL_STARTED:"gd_start_enroll",MFA_ENROLLMENT_FAILED:"gd_start_enroll_failed",GUARDIAN_TENANT_UPDATE:"gd_tenant_update",UNENROLL_DEVICE_ACCOUNT:"gd_unenroll",UPDATE_DEVICE_ACCOUNT:"gd_update_device_account",WEBAUTHN_CHALLENGE_FAILED:"gd_webauthn_challenge_failed",WEBAUTHN_ENROLLMENT_FAILED:"gd_webauthn_enrollment_failed",FAILED_KMS_API_OPERATION:"kms_key_management_failure",SUCCESS_KMS_API_OPERATION:"kms_key_management_success",KMS_KEY_STATE_CHANGED:"kms_key_state_changed",TOO_MANY_CALLS_TO_DELEGATION:"limit_delegation",BLOCKED_IP_ADDRESS:"limit_mu",BLOCKED_ACCOUNT_IP:"limit_sul",BLOCKED_ACCOUNT_EMAIL:"limit_wc",MFA_REQUIRED:"mfar",MANAGEMENT_API_READ_OPERATION:"mgmt_api_read",FAILED_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_failed",SUCCESSFUL_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_succeeded",FAILED_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_failed",SUCCESSFUL_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_succeeded",ORGANIZATION_MEMBER_ADDED:"organization_member_added",PASSKEY_CHALLENGE_FAILED:"passkey_challenge_failed",PASSKEY_CHALLENGE_STARTED:"passkey_challenge_started",PRE_LOGIN_ASSESSMENT:"pla",BREACHED_PASSWORD:"pwd_leak",BREACHED_PASSWORD_ON_RESET:"reset_pwd_leak",SUCCESS_RESOURCE_CLEANUP:"resource_cleanup",RICH_CONSENTS_ACCESS_ERROR:"rich_consents_access_error",SUCCESS_LOGIN:"s",SUCCESS_API_OPERATION:"sapi",SUCCESS_CHANGE_EMAIL:"sce",SUCCESS_CROSS_ORIGIN_AUTHENTICATION:"scoa",SUCCESS_CHANGE_PASSWORD:"scp",SUCCESS_CHANGE_PHONE_NUMBER:"scpn",SUCCESS_CHANGE_PASSWORD_REQUEST:"scpr",SUCCESS_CHANGE_USERNAME:"scu",SUCCESS_CREDENTIAL_VALIDATION:"scv",SUCCESS_DELEGATION:"sd",SUCCESS_USER_DELETION:"sdu",SUCCESS_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"seacft",SUCCESS_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"seccft",SUCCESS_EXCHANGE_CUSTOM_TOKEN:"secte",SUCCESS_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"sede",SUCCESS_EXCHANGE_NATIVE_SOCIAL_LOGIN:"sens",SUCCESS_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"seoobft",SUCCESS_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"seotpft",SUCCESS_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"sepft",SUCCESS_EXCHANGE_PASSKEY_OOB_FOR_ACCESS_TOKEN:"sepkoobft",SUCCESS_EXCHANGE_PASSKEY_OTP_FOR_ACCESS_TOKEN:"sepkotpft",SUCCESS_EXCHANGE_PASSKEY_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sepkrcft",SUCCESS_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sercft",SUCCESS_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"sertft",SUCCESSFULLY_ACCEPTED_USER_INVITE:"si",BREACHED_PASSWORD_ON_SIGNUP:"signup_pwd_leak",SUCCESS_LOGOUT:"slo",SUCCESS_REVOCATION:"srrt",SUCCESS_SIGNUP:"ss",FAILED_SS_SSO_OPERATION:"ss_sso_failure",INFORMATION_FROM_SS_SSO_OPERATION:"ss_sso_info",SUCCESS_SS_SSO_OPERATION:"ss_sso_success",SUCCESS_SILENT_AUTH:"ssa",SUCCESSFUL_SCIM_OPERATION:"sscim",SUCCESSFULLY_IMPORTED_USERS:"sui",SUCCESS_VERIFICATION_EMAIL:"sv",SUCCESS_VERIFICATION_EMAIL_REQUEST:"svr",MAX_AMOUNT_OF_AUTHENTICATORS:"too_many_records",USER_LOGIN_BLOCK_RELEASED:"ublkdu",FAILED_UNIVERSAL_LOGOUT:"universal_logout_failed",SUCCESSFUL_UNIVERSAL_LOGOUT:"universal_logout_succeeded",WARNING_DURING_LOGIN:"w",WARNING_SENDING_NOTIFICATION:"wn",WARNING_USER_MANAGEMENT:"wum"},$e=e.z.string().refine(t=>Object.values(te).includes(t),{message:"Invalid log type"}),oe=e.z.object({name:e.z.string(),version:e.z.string(),env:e.z.object({node:e.z.string().optional()}).optional()}),et=e.z.object({type:$e,date:e.z.string(),description:e.z.string().optional(),log_id:e.z.string().optional(),_id:e.z.string().optional(),ip:e.z.string(),user_agent:e.z.string(),details:e.z.any().optional(),isMobile:e.z.boolean(),user_id:e.z.string().optional(),user_name:e.z.string().optional(),connection:e.z.string().optional(),connection_id:e.z.string().optional(),client_id:e.z.string().optional(),client_name:e.z.string().optional(),audience:e.z.string().optional(),scope:e.z.array(e.z.string()).optional(),strategy:e.z.string().optional(),strategy_type:e.z.string().optional(),hostname:e.z.string().optional(),auth0_client:oe.optional()}),ne=e.z.object({user_id:e.z.string(),password:e.z.string(),algorithm:e.z.enum(["bcrypt","argon2id"]).default("argon2id")}),tt=e.z.object({...ne.shape,created_at:e.z.string(),updated_at:e.z.string()}),ie=e.z.object({initial_user_agent:e.z.string().describe("First user agent of the device from which this user logged in"),initial_ip:e.z.string().describe("First IP address associated with this session"),initial_asn:e.z.string().describe("First autonomous system number associated with this session"),last_user_agent:e.z.string().describe("Last user agent of the device from which this user logged in"),last_ip:e.z.string().describe("Last IP address from which this user logged in"),last_asn:e.z.string().describe("Last autonomous system number from which this user logged in")}),ae=e.z.object({id:e.z.string(),revoked_at:e.z.string().optional(),used_at:e.z.string().optional(),user_id:e.z.string().describe("The user ID associated with the session"),expires_at:e.z.string().optional(),login_session_id:e.z.string(),idle_expires_at:e.z.string().optional(),device:ie.describe("Metadata related to the device used in the session"),clients:e.z.array(e.z.string()).describe("List of client details for the session")}),ot=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),authenticated_at:e.z.string(),last_interaction_at:e.z.string(),...ae.shape}),nt=e.z.object({kid:e.z.string().openapi({description:"The key id of the signing key"}),cert:e.z.string().openapi({description:"The public certificate of the signing key"}),fingerprint:e.z.string().openapi({description:"The cert fingerprint"}),thumbprint:e.z.string().openapi({description:"The cert thumbprint"}),pkcs7:e.z.string().optional().openapi({description:"The private key in pkcs7 format"}),current:e.z.boolean().optional().openapi({description:"True if the key is the current key"}),next:e.z.boolean().optional().openapi({description:"True if the key is the next key"}),previous:e.z.boolean().optional().openapi({description:"True if the key is the previous key"}),current_since:e.z.string().optional().openapi({description:"The date and time when the key became the current key"}),current_until:e.z.string().optional().openapi({description:"The date and time when the current key was rotated"}),revoked:e.z.boolean().optional().openapi({description:"True if the key is revoked"}),revoked_at:e.z.string().optional().openapi({description:"The date and time when the key was revoked"}),connection:e.z.string().optional().openapi({description:"The connection identifier associated with the key"}),type:e.z.enum(["jwt_signing","saml_encryption"]).openapi({description:"The type of the signing key"})});var se=(t=>(t.RefreshToken="refresh_token",t.AuthorizationCode="authorization_code",t.ClientCredential="client_credentials",t.Passwordless="passwordless",t.Password="password",t.OTP="http://auth0.com/oauth/grant-type/passwordless/otp",t))(se||{});const it=e.z.object({access_token:e.z.string(),id_token:e.z.string().optional(),scope:e.z.string().optional(),state:e.z.string().optional(),refresh_token:e.z.string().optional(),token_type:e.z.string(),expires_in:e.z.number()});e.z.object({code:e.z.string(),state:e.z.string().optional()});const re=e.z.object({button_border_radius:e.z.number(),button_border_weight:e.z.number(),buttons_style:e.z.enum(["pill","rounded","sharp"]),input_border_radius:e.z.number(),input_border_weight:e.z.number(),inputs_style:e.z.enum(["pill","rounded","sharp"]),show_widget_shadow:e.z.boolean(),widget_border_weight:e.z.number(),widget_corner_radius:e.z.number()}),ce=e.z.object({base_focus_color:e.z.string(),base_hover_color:e.z.string(),body_text:e.z.string(),captcha_widget_theme:e.z.enum(["auto","dark","light"]),error:e.z.string(),header:e.z.string(),icons:e.z.string(),input_background:e.z.string(),input_border:e.z.string(),input_filled_text:e.z.string(),input_labels_placeholders:e.z.string(),links_focused_components:e.z.string(),primary_button:e.z.string(),primary_button_label:e.z.string(),secondary_button_border:e.z.string(),secondary_button_label:e.z.string(),success:e.z.string(),widget_background:e.z.string(),widget_border:e.z.string()}),o=e.z.object({bold:e.z.boolean(),size:e.z.number()}),le=e.z.object({body_text:o,buttons_text:o,font_url:e.z.string(),input_labels:o,links:o,links_style:e.z.enum(["normal","underlined"]),reference_text_size:e.z.number(),subtitle:o,title:o}),pe=e.z.object({background_color:e.z.string(),background_image_url:e.z.string(),page_layout:e.z.enum(["center","left","right"])}),_e=e.z.object({header_text_alignment:e.z.enum(["center","left","right"]),logo_height:e.z.number(),logo_position:e.z.enum(["center","left","none","right"]),logo_url:e.z.string(),social_buttons_layout:e.z.enum(["bottom","top"])}),de=e.z.object({borders:re,colors:ce,displayName:e.z.string(),fonts:le,page_background:pe,widget:_e}),at=de.extend({themeId:e.z.string()}),st=e.z.object({universal_login_experience:e.z.enum(["new","classic"]).default("new"),identifier_first:e.z.boolean().default(!0),password_first:e.z.boolean().default(!1),webauthn_platform_first_factor:e.z.boolean()}),rt=e.z.object({name:e.z.string(),enabled:e.z.boolean().optional().default(!0),default_from_address:e.z.string().optional(),credentials:e.z.union([e.z.object({accessKeyId:e.z.string(),secretAccessKey:e.z.string(),region:e.z.string()}),e.z.object({smtp_host:e.z.array(e.z.string()),smtp_port:e.z.number(),smtp_user:e.z.string(),smtp_pass:e.z.string()}),e.z.object({api_key:e.z.string(),domain:e.z.string().optional()}),e.z.object({connectionString:e.z.string()}),e.z.object({tenantId:e.z.string(),clientId:e.z.string(),clientSecret:e.z.string()})]),settings:e.z.object({}).optional()}),ze=e.z.object({id:e.z.string(),session_id:e.z.string(),user_id:e.z.string(),client_id:e.z.string(),expires_at:e.z.string().optional(),idle_expires_at:e.z.string().optional(),last_exchanged_at:e.z.string().optional(),device:ie,resource_servers:e.z.array(e.z.object({audience:e.z.string(),scopes:e.z.string()})),rotating:e.z.boolean()}),ct=e.z.object({created_at:e.z.string(),...ze.shape}),lt=e.z.object({to:e.z.string(),message:e.z.string()}),pt=e.z.object({name:e.z.string(),options:e.z.object({})}),ge=e.z.object({value:e.z.string(),description:e.z.string().optional()}),ue=e.z.object({token_dialect:e.z.enum(["access_token","access_token_authz"]).optional(),enforce_policies:e.z.boolean().optional(),allow_skipping_userinfo:e.z.boolean().optional(),skip_userinfo:e.z.boolean().optional(),persist_client_authorization:e.z.boolean().optional(),enable_introspection_endpoint:e.z.boolean().optional(),mtls:e.z.object({bound_access_tokens:e.z.boolean().optional()}).optional()}),me=e.z.object({name:e.z.string(),identifier:e.z.string(),scopes:e.z.array(ge).optional(),signing_alg:e.z.string().optional(),signing_secret:e.z.string().optional(),token_lifetime:e.z.number().optional(),token_lifetime_for_web:e.z.number().optional(),skip_consent_for_verifiable_first_party_clients:e.z.boolean().optional(),allow_offline_access:e.z.boolean().optional(),verificationKey:e.z.string().optional(),options:ue.optional()}),he=e.z.object({id:e.z.string().optional(),...me.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),_t=e.z.array(he),Se=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string()}),Ee=e.z.object({...Se.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),dt=e.z.array(Ee),fe=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional()}),zt=e.z.array(fe),be=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string(),organization_id:e.z.string().optional()}),Ae=e.z.object({...be.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),gt=e.z.array(Ae),Ce=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional(),organization_id:e.z.string().optional()}),ut=e.z.array(Ce),Ie=e.z.object({user_id:e.z.string(),role_id:e.z.string(),organization_id:e.z.string().optional()}),Oe=e.z.object({...Ie.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),mt=e.z.array(Oe),Te=e.z.object({name:e.z.string().min(1).max(50).openapi({description:"The name of the role. Cannot include '<' or '>'"}),description:e.z.string().max(255).optional().openapi({description:"The description of the role"})}),Ne=e.z.object({id:e.z.string().openapi({description:"The unique identifier of the role"}),...Te.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),ht=e.z.array(Ne),ye=e.z.object({logo_url:e.z.string().optional().openapi({description:"URL of the organization's logo"}),colors:e.z.object({primary:e.z.string().optional().openapi({description:"Primary color in hex format (e.g., #FF0000)"}),page_background:e.z.string().optional().openapi({description:"Page background color in hex format (e.g., #FFFFFF)"})}).optional()}).optional(),Re=e.z.object({connection_id:e.z.string().openapi({description:"ID of the connection"}),assign_membership_on_login:e.z.boolean().default(!1).openapi({description:"Whether to assign membership to the organization on login"}),show_as_button:e.z.boolean().default(!0).openapi({description:"Whether to show this connection as a button in the login screen"}),is_signup_enabled:e.z.boolean().default(!0).openapi({description:"Whether signup is enabled for this connection"})}),Le=e.z.object({client_credentials:e.z.object({enforce:e.z.boolean().default(!1).openapi({description:"Whether to enforce token quota limits"}),per_day:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per day (0 = unlimited)"}),per_hour:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per hour (0 = unlimited)"})}).optional()}).optional(),De=e.z.object({id:e.z.string().optional(),name:e.z.string().min(1).openapi({description:"The name of the organization"}),display_name:e.z.string().optional().openapi({description:"The display name of the organization"}),branding:ye,metadata:e.z.record(e.z.any()).default({}).optional().openapi({description:"Custom metadata for the organization"}),enabled_connections:e.z.array(Re).default([]).optional().openapi({description:"List of enabled connections for the organization"}),token_quota:Le}),St=e.z.object({...De.shape,...n.shape,id:e.z.string()}),we=e.z.object({user_id:e.z.string().openapi({description:"ID of the user"}),organization_id:e.z.string().openapi({description:"ID of the organization"})}),Et=e.z.object({...we.shape,...n.shape,id:e.z.string()});function ft(t){const[a,s]=t.split("|");if(!a||!s)throw new Error(`Invalid user_id: ${t}`);return{connection:a,id:s}}exports.Auth0Client=oe;exports.AuthorizationResponseMode=z;exports.AuthorizationResponseType=d;exports.CodeChallengeMethod=g;exports.ComponentCategory=_;exports.ComponentType=p;exports.GrantType=se;exports.LogTypes=te;exports.NodeType=L;exports.applicationInsertSchema=b;exports.applicationSchema=ve;exports.auth0FlowInsertSchema=Pe;exports.auth0FlowSchema=v;exports.auth0UserResponseSchema=Fe;exports.authParamsSchema=P;exports.baseUserSchema=l;exports.bordersSchema=re;exports.brandingSchema=Me;exports.buttonComponentSchema=O;exports.clientInsertSchema=A;exports.clientSchema=C;exports.codeInsertSchema=B;exports.codeSchema=He;exports.codeTypeSchema=W;exports.colorsSchema=ce;exports.componentSchema=R;exports.connectionInsertSchema=H;exports.connectionOptionsSchema=M;exports.connectionSchema=x;exports.coordinatesSchema=i;exports.customDomainInsertSchema=X;exports.customDomainSchema=q;exports.customDomainWithTenantIdSchema=xe;exports.emailProviderSchema=rt;exports.endingSchema=j;exports.fieldComponentSchema=N;exports.flowNodeSchema=w;exports.fontDetailsSchema=o;exports.fontsSchema=le;exports.formControlSchema=Ge;exports.formInsertSchema=Q;exports.formNodeComponentDefinition=Y;exports.formSchema=Ke;exports.genericComponentSchema=y;exports.genericNodeSchema=U;exports.hookInsertSchema=Xe;exports.hookSchema=Ye;exports.identitySchema=m;exports.jwksKeySchema=Qe;exports.jwksSchema=$;exports.legalComponentSchema=T;exports.logSchema=et;exports.loginSessionInsertSchema=ee;exports.loginSessionSchema=Ze;exports.nodeSchema=F;exports.openIDConfigurationSchema=Je;exports.organizationBrandingSchema=ye;exports.organizationEnabledConnectionSchema=Re;exports.organizationInsertSchema=De;exports.organizationSchema=St;exports.organizationTokenQuotaSchema=Le;exports.pageBackgroundSchema=pe;exports.parseUserId=ft;exports.passwordInsertSchema=ne;exports.passwordSchema=tt;exports.profileDataSchema=u;exports.promptSettingSchema=st;exports.refreshTokenInsertSchema=ze;exports.refreshTokenSchema=ct;exports.resourceServerInsertSchema=me;exports.resourceServerListSchema=_t;exports.resourceServerOptionsSchema=ue;exports.resourceServerSchema=he;exports.resourceServerScopeSchema=ge;exports.richTextComponentSchema=I;exports.roleInsertSchema=Te;exports.roleListSchema=ht;exports.rolePermissionInsertSchema=Se;exports.rolePermissionListSchema=dt;exports.rolePermissionSchema=Ee;exports.rolePermissionWithDetailsListSchema=zt;exports.rolePermissionWithDetailsSchema=fe;exports.roleSchema=Ne;exports.samlpAddon=f;exports.sessionInsertSchema=ae;exports.sessionSchema=ot;exports.signingKeySchema=nt;exports.smsProviderSchema=pt;exports.smsSendParamsSchema=lt;exports.startSchema=k;exports.stepNodeSchema=D;exports.tenantInsertSchema=G;exports.tenantSchema=K;exports.themeInsertSchema=de;exports.themeSchema=at;exports.tokenResponseSchema=it;exports.totalsSchema=Ue;exports.userInsertSchema=h;exports.userOrganizationInsertSchema=we;exports.userOrganizationSchema=Et;exports.userPermissionInsertSchema=be;exports.userPermissionListSchema=gt;exports.userPermissionSchema=Ae;exports.userPermissionWithDetailsListSchema=ut;exports.userPermissionWithDetailsSchema=Ce;exports.userResponseSchema=ke;exports.userRoleInsertSchema=Ie;exports.userRoleListSchema=mt;exports.userRoleSchema=Oe;exports.userSchema=S;exports.verificationMethodsSchema=V;exports.widgetSchema=_e;
package/dist/adapter-interfaces.d.ts CHANGED
@@ -8694,121 +8694,116 @@ declare const LegacyClientSchema: z.ZodObject<{
8694
8694
  response_mode?: AuthorizationResponseMode | undefined;
8695
8695
  enabled_clients?: string[] | undefined;
8696
8696
  }>, "many">;
8697
- id: z.ZodString;
8697
+ disable_sign_ups: z.ZodBoolean;
8698
+ email_validation: z.ZodString;
8699
+ client_id: z.ZodString;
8698
8700
  name: z.ZodString;
8701
+ description: z.ZodOptional<z.ZodString>;
8702
+ global: z.ZodDefault<z.ZodBoolean>;
8703
+ client_secret: z.ZodOptional<z.ZodDefault<z.ZodString>>;
8704
+ app_type: z.ZodOptional<z.ZodDefault<z.ZodEnum<[
8705
+ "native",
8706
+ "spa",
8707
+ "regular_web",
8708
+ "non_interactive",
8709
+ "resource_server",
8710
+ "express_configuration",
8711
+ "rms",
8712
+ "box",
8713
+ "cloudbees",
8714
+ "concur",
8715
+ "dropbox",
8716
+ "mscrm",
8717
+ "echosign",
8718
+ "egnyte",
8719
+ "newrelic",
8720
+ "office365",
8721
+ "salesforce",
8722
+ "sentry",
8723
+ "sharepoint",
8724
+ "slack",
8725
+ "springcm",
8726
+ "zendesk",
8727
+ "zoom",
8728
+ "sso_integration",
8729
+ "oag"
8730
+ ]>>>;
8731
+ logo_uri: z.ZodOptional<z.ZodString>;
8732
+ is_first_party: z.ZodDefault<z.ZodBoolean>;
8733
+ oidc_conformant: z.ZodDefault<z.ZodBoolean>;
8699
8734
  callbacks: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
8700
8735
  allowed_origins: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
8701
8736
  web_origins: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
8702
- allowed_logout_urls: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
8737
+ client_aliases: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
8703
8738
  allowed_clients: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
8704
- addons: z.ZodOptional<z.ZodDefault<z.ZodObject<{
8705
- samlp: z.ZodOptional<z.ZodObject<{
8706
- audience: z.ZodOptional<z.ZodString>;
8707
- recipient: z.ZodOptional<z.ZodString>;
8708
- createUpnClaim: z.ZodOptional<z.ZodBoolean>;
8709
- mapUnknownClaimsAsIs: z.ZodOptional<z.ZodBoolean>;
8710
- passthroughClaimsWithNoMapping: z.ZodOptional<z.ZodBoolean>;
8711
- mapIdentities: z.ZodOptional<z.ZodBoolean>;
8712
- signatureAlgorithm: z.ZodOptional<z.ZodString>;
8713
- digestAlgorithm: z.ZodOptional<z.ZodString>;
8714
- issuer: z.ZodOptional<z.ZodString>;
8715
- destination: z.ZodOptional<z.ZodString>;
8716
- lifetimeInSeconds: z.ZodOptional<z.ZodNumber>;
8717
- signResponse: z.ZodOptional<z.ZodBoolean>;
8718
- nameIdentifierFormat: z.ZodOptional<z.ZodString>;
8719
- nameIdentifierProbes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
8720
- authnContextClassRef: z.ZodOptional<z.ZodString>;
8721
- mappings: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
8722
- }, "strip", z.ZodTypeAny, {
8723
- audience?: string | undefined;
8724
- recipient?: string | undefined;
8725
- createUpnClaim?: boolean | undefined;
8726
- mapUnknownClaimsAsIs?: boolean | undefined;
8727
- passthroughClaimsWithNoMapping?: boolean | undefined;
8728
- mapIdentities?: boolean | undefined;
8729
- signatureAlgorithm?: string | undefined;
8730
- digestAlgorithm?: string | undefined;
8731
- issuer?: string | undefined;
8732
- destination?: string | undefined;
8733
- lifetimeInSeconds?: number | undefined;
8734
- signResponse?: boolean | undefined;
8735
- nameIdentifierFormat?: string | undefined;
8736
- nameIdentifierProbes?: string[] | undefined;
8737
- authnContextClassRef?: string | undefined;
8738
- mappings?: Record<string, string> | undefined;
8739
- }, {
8740
- audience?: string | undefined;
8741
- recipient?: string | undefined;
8742
- createUpnClaim?: boolean | undefined;
8743
- mapUnknownClaimsAsIs?: boolean | undefined;
8744
- passthroughClaimsWithNoMapping?: boolean | undefined;
8745
- mapIdentities?: boolean | undefined;
8746
- signatureAlgorithm?: string | undefined;
8747
- digestAlgorithm?: string | undefined;
8748
- issuer?: string | undefined;
8749
- destination?: string | undefined;
8750
- lifetimeInSeconds?: number | undefined;
8751
- signResponse?: boolean | undefined;
8752
- nameIdentifierFormat?: string | undefined;
8753
- nameIdentifierProbes?: string[] | undefined;
8754
- authnContextClassRef?: string | undefined;
8755
- mappings?: Record<string, string> | undefined;
8756
- }>>;
8757
- }, "strip", z.ZodTypeAny, {
8758
- samlp?: {
8759
- audience?: string | undefined;
8760
- recipient?: string | undefined;
8761
- createUpnClaim?: boolean | undefined;
8762
- mapUnknownClaimsAsIs?: boolean | undefined;
8763
- passthroughClaimsWithNoMapping?: boolean | undefined;
8764
- mapIdentities?: boolean | undefined;
8765
- signatureAlgorithm?: string | undefined;
8766
- digestAlgorithm?: string | undefined;
8767
- issuer?: string | undefined;
8768
- destination?: string | undefined;
8769
- lifetimeInSeconds?: number | undefined;
8770
- signResponse?: boolean | undefined;
8771
- nameIdentifierFormat?: string | undefined;
8772
- nameIdentifierProbes?: string[] | undefined;
8773
- authnContextClassRef?: string | undefined;
8774
- mappings?: Record<string, string> | undefined;
8775
- } | undefined;
8776
- }, {
8777
- samlp?: {
8778
- audience?: string | undefined;
8779
- recipient?: string | undefined;
8780
- createUpnClaim?: boolean | undefined;
8781
- mapUnknownClaimsAsIs?: boolean | undefined;
8782
- passthroughClaimsWithNoMapping?: boolean | undefined;
8783
- mapIdentities?: boolean | undefined;
8784
- signatureAlgorithm?: string | undefined;
8785
- digestAlgorithm?: string | undefined;
8786
- issuer?: string | undefined;
8787
- destination?: string | undefined;
8788
- lifetimeInSeconds?: number | undefined;
8789
- signResponse?: boolean | undefined;
8790
- nameIdentifierFormat?: string | undefined;
8791
- nameIdentifierProbes?: string[] | undefined;
8792
- authnContextClassRef?: string | undefined;
8793
- mappings?: Record<string, string> | undefined;
8794
- } | undefined;
8795
- }>>>;
8796
- email_validation: z.ZodOptional<z.ZodDefault<z.ZodEnum<[
8797
- "enabled",
8798
- "disabled",
8799
- "enforced"
8739
+ allowed_logout_urls: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
8740
+ session_transfer: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8741
+ oidc_logout: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8742
+ grant_types: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodString, "many">>>;
8743
+ jwt_configuration: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8744
+ signing_keys: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodRecord<z.ZodString, z.ZodAny>, "many">>>;
8745
+ encryption_key: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8746
+ sso: z.ZodDefault<z.ZodBoolean>;
8747
+ sso_disabled: z.ZodDefault<z.ZodBoolean>;
8748
+ cross_origin_authentication: z.ZodDefault<z.ZodBoolean>;
8749
+ cross_origin_loc: z.ZodOptional<z.ZodString>;
8750
+ custom_login_page_on: z.ZodDefault<z.ZodBoolean>;
8751
+ custom_login_page: z.ZodOptional<z.ZodString>;
8752
+ custom_login_page_preview: z.ZodOptional<z.ZodString>;
8753
+ form_template: z.ZodOptional<z.ZodString>;
8754
+ addons: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8755
+ token_endpoint_auth_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<[
8756
+ "none",
8757
+ "client_secret_post",
8758
+ "client_secret_basic"
8800
8759
  ]>>>;
8801
- client_secret: z.ZodOptional<z.ZodDefault<z.ZodString>>;
8802
- disable_sign_ups: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
8803
- client_metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
8804
- created_at: z.ZodEffects<z.ZodString, string, string>;
8805
- updated_at: z.ZodEffects<z.ZodString, string, string>;
8760
+ client_metadata: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodString>>>;
8761
+ mobile: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8762
+ initiate_login_uri: z.ZodOptional<z.ZodString>;
8763
+ native_social_login: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8764
+ refresh_token: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8765
+ default_organization: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8766
+ organization_usage: z.ZodOptional<z.ZodDefault<z.ZodEnum<[
8767
+ "deny",
8768
+ "allow",
8769
+ "require"
8770
+ ]>>>;
8771
+ organization_require_behavior: z.ZodOptional<z.ZodDefault<z.ZodEnum<[
8772
+ "no_prompt",
8773
+ "pre_login_prompt",
8774
+ "post_login_prompt"
8775
+ ]>>>;
8776
+ client_authentication_methods: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8777
+ require_pushed_authorization_requests: z.ZodDefault<z.ZodBoolean>;
8778
+ require_proof_of_possession: z.ZodDefault<z.ZodBoolean>;
8779
+ signed_request_object: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8780
+ compliance_level: z.ZodOptional<z.ZodEnum<[
8781
+ "none",
8782
+ "fapi1_adv_pkj_par",
8783
+ "fapi1_adv_mtls_par",
8784
+ "fapi2_sp_pkj_mtls",
8785
+ "fapi2_sp_mtls_mtls"
8786
+ ]>>;
8787
+ par_request_expiry: z.ZodOptional<z.ZodNumber>;
8788
+ token_quota: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
8789
+ created_at: z.ZodString;
8790
+ updated_at: z.ZodString;
8806
8791
  }, "strip", z.ZodTypeAny, {
8807
8792
  created_at: string;
8808
8793
  updated_at: string;
8809
8794
  name: string;
8810
- id: string;
8795
+ email_validation: string;
8811
8796
  disable_sign_ups: boolean;
8797
+ client_id: string;
8798
+ global: boolean;
8799
+ is_first_party: boolean;
8800
+ oidc_conformant: boolean;
8801
+ sso: boolean;
8802
+ sso_disabled: boolean;
8803
+ cross_origin_authentication: boolean;
8804
+ custom_login_page_on: boolean;
8805
+ require_pushed_authorization_requests: boolean;
8806
+ require_proof_of_possession: boolean;
8812
8807
  tenant: {
8813
8808
  created_at: string;
8814
8809
  updated_at: string;
@@ -8853,39 +8848,48 @@ declare const LegacyClientSchema: z.ZodObject<{
8853
8848
  response_mode?: AuthorizationResponseMode | undefined;
8854
8849
  enabled_clients?: string[] | undefined;
8855
8850
  }[];
8851
+ description?: string | undefined;
8852
+ refresh_token?: Record<string, any> | undefined;
8856
8853
  callbacks?: string[] | undefined;
8857
8854
  allowed_origins?: string[] | undefined;
8858
8855
  web_origins?: string[] | undefined;
8859
8856
  allowed_logout_urls?: string[] | undefined;
8860
8857
  allowed_clients?: string[] | undefined;
8861
- addons?: {
8862
- samlp?: {
8863
- audience?: string | undefined;
8864
- recipient?: string | undefined;
8865
- createUpnClaim?: boolean | undefined;
8866
- mapUnknownClaimsAsIs?: boolean | undefined;
8867
- passthroughClaimsWithNoMapping?: boolean | undefined;
8868
- mapIdentities?: boolean | undefined;
8869
- signatureAlgorithm?: string | undefined;
8870
- digestAlgorithm?: string | undefined;
8871
- issuer?: string | undefined;
8872
- destination?: string | undefined;
8873
- lifetimeInSeconds?: number | undefined;
8874
- signResponse?: boolean | undefined;
8875
- nameIdentifierFormat?: string | undefined;
8876
- nameIdentifierProbes?: string[] | undefined;
8877
- authnContextClassRef?: string | undefined;
8878
- mappings?: Record<string, string> | undefined;
8879
- } | undefined;
8880
- } | undefined;
8881
- email_validation?: "enabled" | "disabled" | "enforced" | undefined;
8858
+ addons?: Record<string, any> | undefined;
8882
8859
  client_secret?: string | undefined;
8883
8860
  client_metadata?: Record<string, string> | undefined;
8861
+ app_type?: "native" | "spa" | "regular_web" | "non_interactive" | "resource_server" | "express_configuration" | "rms" | "box" | "cloudbees" | "concur" | "dropbox" | "mscrm" | "echosign" | "egnyte" | "newrelic" | "office365" | "salesforce" | "sentry" | "sharepoint" | "slack" | "springcm" | "zendesk" | "zoom" | "sso_integration" | "oag" | undefined;
8862
+ logo_uri?: string | undefined;
8863
+ client_aliases?: string[] | undefined;
8864
+ session_transfer?: Record<string, any> | undefined;
8865
+ oidc_logout?: Record<string, any> | undefined;
8866
+ grant_types?: string[] | undefined;
8867
+ jwt_configuration?: Record<string, any> | undefined;
8868
+ signing_keys?: Record<string, any>[] | undefined;
8869
+ encryption_key?: Record<string, any> | undefined;
8870
+ cross_origin_loc?: string | undefined;
8871
+ custom_login_page?: string | undefined;
8872
+ custom_login_page_preview?: string | undefined;
8873
+ form_template?: string | undefined;
8874
+ token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
8875
+ mobile?: Record<string, any> | undefined;
8876
+ initiate_login_uri?: string | undefined;
8877
+ native_social_login?: Record<string, any> | undefined;
8878
+ default_organization?: Record<string, any> | undefined;
8879
+ organization_usage?: "deny" | "allow" | "require" | undefined;
8880
+ organization_require_behavior?: "no_prompt" | "pre_login_prompt" | "post_login_prompt" | undefined;
8881
+ client_authentication_methods?: Record<string, any> | undefined;
8882
+ signed_request_object?: Record<string, any> | undefined;
8883
+ compliance_level?: "none" | "fapi1_adv_pkj_par" | "fapi1_adv_mtls_par" | "fapi2_sp_pkj_mtls" | "fapi2_sp_mtls_mtls" | undefined;
8884
+ par_request_expiry?: number | undefined;
8885
+ token_quota?: Record<string, any> | undefined;
8884
8886
  }, {
8885
8887
  created_at: string;
8886
8888
  updated_at: string;
8887
8889
  name: string;
8888
- id: string;
8890
+ email_validation: string;
8891
+ disable_sign_ups: boolean;
8892
+ client_id: string;
8889
8893
  tenant: {
8890
8894
  created_at: string;
8891
8895
  updated_at: string;
@@ -8930,35 +8934,50 @@ declare const LegacyClientSchema: z.ZodObject<{
8930
8934
  response_mode?: AuthorizationResponseMode | undefined;
8931
8935
  enabled_clients?: string[] | undefined;
8932
8936
  }[];
8937
+ description?: string | undefined;
8938
+ refresh_token?: Record<string, any> | undefined;
8933
8939
  callbacks?: string[] | undefined;
8934
8940
  allowed_origins?: string[] | undefined;
8935
8941
  web_origins?: string[] | undefined;
8936
8942
  allowed_logout_urls?: string[] | undefined;
8937
8943
  allowed_clients?: string[] | undefined;
8938
- addons?: {
8939
- samlp?: {
8940
- audience?: string | undefined;
8941
- recipient?: string | undefined;
8942
- createUpnClaim?: boolean | undefined;
8943
- mapUnknownClaimsAsIs?: boolean | undefined;
8944
- passthroughClaimsWithNoMapping?: boolean | undefined;
8945
- mapIdentities?: boolean | undefined;
8946
- signatureAlgorithm?: string | undefined;
8947
- digestAlgorithm?: string | undefined;
8948
- issuer?: string | undefined;
8949
- destination?: string | undefined;
8950
- lifetimeInSeconds?: number | undefined;
8951
- signResponse?: boolean | undefined;
8952
- nameIdentifierFormat?: string | undefined;
8953
- nameIdentifierProbes?: string[] | undefined;
8954
- authnContextClassRef?: string | undefined;
8955
- mappings?: Record<string, string> | undefined;
8956
- } | undefined;
8957
- } | undefined;
8958
- email_validation?: "enabled" | "disabled" | "enforced" | undefined;
8944
+ addons?: Record<string, any> | undefined;
8959
8945
  client_secret?: string | undefined;
8960
- disable_sign_ups?: boolean | undefined;
8961
8946
  client_metadata?: Record<string, string> | undefined;
8947
+ global?: boolean | undefined;
8948
+ app_type?: "native" | "spa" | "regular_web" | "non_interactive" | "resource_server" | "express_configuration" | "rms" | "box" | "cloudbees" | "concur" | "dropbox" | "mscrm" | "echosign" | "egnyte" | "newrelic" | "office365" | "salesforce" | "sentry" | "sharepoint" | "slack" | "springcm" | "zendesk" | "zoom" | "sso_integration" | "oag" | undefined;
8949
+ logo_uri?: string | undefined;
8950
+ is_first_party?: boolean | undefined;
8951
+ oidc_conformant?: boolean | undefined;
8952
+ client_aliases?: string[] | undefined;
8953
+ session_transfer?: Record<string, any> | undefined;
8954
+ oidc_logout?: Record<string, any> | undefined;
8955
+ grant_types?: string[] | undefined;
8956
+ jwt_configuration?: Record<string, any> | undefined;
8957
+ signing_keys?: Record<string, any>[] | undefined;
8958
+ encryption_key?: Record<string, any> | undefined;
8959
+ sso?: boolean | undefined;
8960
+ sso_disabled?: boolean | undefined;
8961
+ cross_origin_authentication?: boolean | undefined;
8962
+ cross_origin_loc?: string | undefined;
8963
+ custom_login_page_on?: boolean | undefined;
8964
+ custom_login_page?: string | undefined;
8965
+ custom_login_page_preview?: string | undefined;
8966
+ form_template?: string | undefined;
8967
+ token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
8968
+ mobile?: Record<string, any> | undefined;
8969
+ initiate_login_uri?: string | undefined;
8970
+ native_social_login?: Record<string, any> | undefined;
8971
+ default_organization?: Record<string, any> | undefined;
8972
+ organization_usage?: "deny" | "allow" | "require" | undefined;
8973
+ organization_require_behavior?: "no_prompt" | "pre_login_prompt" | "post_login_prompt" | undefined;
8974
+ client_authentication_methods?: Record<string, any> | undefined;
8975
+ require_pushed_authorization_requests?: boolean | undefined;
8976
+ require_proof_of_possession?: boolean | undefined;
8977
+ signed_request_object?: Record<string, any> | undefined;
8978
+ compliance_level?: "none" | "fapi1_adv_pkj_par" | "fapi1_adv_mtls_par" | "fapi2_sp_pkj_mtls" | "fapi2_sp_mtls_mtls" | undefined;
8979
+ par_request_expiry?: number | undefined;
8980
+ token_quota?: Record<string, any> | undefined;
8962
8981
  }>;
8963
8982
  export type LegacyClient = z.infer<typeof LegacyClientSchema>;
8964
8983
  export declare const codeTypeSchema: z.ZodEnum<[
package/dist/adapter-interfaces.mjs CHANGED
@@ -117,11 +117,11 @@ const O = e.object({
117
117
  description: "Prevents users from signing up using the hosted login page. This is not available in auth0"
118
118
  }),
119
119
  client_metadata: e.record(e.string().length(255)).optional()
120
- }), N = e.object({
120
+ }), Be = e.object({
121
121
  created_at: e.string().transform((t) => t === null ? "" : t),
122
122
  updated_at: e.string().transform((t) => t === null ? "" : t),
123
123
  ...T.shape
124
- }), y = e.object({
124
+ }), N = e.object({
125
125
  client_id: e.string().openapi({
126
126
  description: "ID of this client."
127
127
  }),
@@ -288,10 +288,10 @@ const O = e.object({
288
288
  description: "Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"
289
289
  }),
290
290
  token_quota: e.record(e.any()).default({}).optional()
291
- }), Be = e.object({
291
+ }), y = e.object({
292
292
  created_at: e.string(),
293
293
  updated_at: e.string(),
294
- ...y.shape
294
+ ...N.shape
295
295
  }), a = e.object({
296
296
  x: e.number(),
297
297
  y: e.number()
@@ -555,9 +555,12 @@ const K = e.object({
555
555
  id: e.string()
556
556
  });
557
557
  e.object({
558
- ...N.shape,
558
+ ...y.shape,
559
559
  tenant: V,
560
- connections: e.array(X)
560
+ connections: e.array(X),
561
+ // Legacy fields for backward compatibility - these are now stored in client_metadata
562
+ disable_sign_ups: e.boolean(),
563
+ email_validation: e.string()
561
564
  });
562
565
  const q = e.enum([
563
566
  "password_reset",
@@ -1435,7 +1438,7 @@ export {
1435
1438
  re as LogTypes,
1436
1439
  j as NodeType,
1437
1440
  T as applicationInsertSchema,
1438
- N as applicationSchema,
1441
+ Be as applicationSchema,
1439
1442
  We as auth0FlowInsertSchema,
1440
1443
  G as auth0FlowSchema,
1441
1444
  Ge as auth0UserResponseSchema,
@@ -1444,8 +1447,8 @@ export {
1444
1447
  ge as bordersSchema,
1445
1448
  Xe as brandingSchema,
1446
1449
  L as buttonComponentSchema,
1447
- y as clientInsertSchema,
1448
- Be as clientSchema,
1450
+ N as clientInsertSchema,
1451
+ y as clientSchema,
1449
1452
  Y as codeInsertSchema,
1450
1453
  ze as codeSchema,
1451
1454
  q as codeTypeSchema,
package/package.json CHANGED
@@ -11,7 +11,7 @@
11
11
  "type": "git",
12
12
  "url": "https://github.com/markusahlstrand/authhero"
13
13
  },
14
- "version": "0.89.0",
14
+ "version": "0.90.0",
15
15
  "files": [
16
16
  "dist"
17
17
  ],