@authhero/cloudflare-adapter 2.30.1 → 2.31.1

package/dist/cloudflare-adapter.d.ts

@@ -1,1151 +1,59 @@
-// Generated by dts-bundle-generator v9.5.1
+import { StatsAdapter, LogsDataAdapter, AnalyticsAdapter, ActionExecutionsAdapter, RateLimitScope, RateLimitAdapter, CustomDomainsAdapter, CodeExecutor, CodeExecutionResult, CacheAdapter, GeoAdapter } from '@authhero/adapter-interfaces';
 
-import { z } from '@hono/zod-openapi';
-
-declare const actionExecutionSchema: z.ZodObject<{
-	id: z.ZodString;
-	tenant_id: z.ZodString;
-	trigger_id: z.ZodString;
-	status: z.ZodEnum<[
-		"unspecified",
-		"pending",
-		"final",
-		"partial",
-		"canceled",
-		"suspended"
-	]>;
-	results: z.ZodArray<z.ZodObject<{
-		action_name: z.ZodString;
-		error: z.ZodNullable<z.ZodObject<{
-			id: z.ZodString;
-			msg: z.ZodString;
-			url: z.ZodOptional<z.ZodString>;
-		}, "strip", z.ZodTypeAny, {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		}, {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		}>>;
-		started_at: z.ZodString;
-		ended_at: z.ZodString;
-	}, "strip", z.ZodTypeAny, {
-		action_name: string;
-		error: {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		} | null;
-		started_at: string;
-		ended_at: string;
-	}, {
-		action_name: string;
-		error: {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		} | null;
-		started_at: string;
-		ended_at: string;
-	}>, "many">;
-	logs: z.ZodOptional<z.ZodArray<z.ZodObject<{
-		action_name: z.ZodString;
-		lines: z.ZodArray<z.ZodObject<{
-			level: z.ZodEnum<[
-				"log",
-				"info",
-				"warn",
-				"error",
-				"debug"
-			]>;
-			message: z.ZodString;
-		}, "strip", z.ZodTypeAny, {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}, {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}>, "many">;
-	}, "strip", z.ZodTypeAny, {
-		action_name: string;
-		lines: {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}[];
-	}, {
-		action_name: string;
-		lines: {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}[];
-	}>, "many">>;
-	created_at: z.ZodString;
-	updated_at: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-	created_at: string;
-	updated_at: string;
-	status: "unspecified" | "pending" | "final" | "partial" | "canceled" | "suspended";
-	id: string;
-	tenant_id: string;
-	trigger_id: string;
-	results: {
-		action_name: string;
-		error: {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		} | null;
-		started_at: string;
-		ended_at: string;
-	}[];
-	logs?: {
-		action_name: string;
-		lines: {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}[];
-	}[] | undefined;
-}, {
-	created_at: string;
-	updated_at: string;
-	status: "unspecified" | "pending" | "final" | "partial" | "canceled" | "suspended";
-	id: string;
-	tenant_id: string;
-	trigger_id: string;
-	results: {
-		action_name: string;
-		error: {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		} | null;
-		started_at: string;
-		ended_at: string;
-	}[];
-	logs?: {
-		action_name: string;
-		lines: {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}[];
-	}[] | undefined;
-}>;
-export type ActionExecution = z.infer<typeof actionExecutionSchema>;
-declare const actionExecutionInsertSchema: z.ZodObject<Omit<{
-	id: z.ZodString;
-	tenant_id: z.ZodString;
-	trigger_id: z.ZodString;
-	status: z.ZodEnum<[
-		"unspecified",
-		"pending",
-		"final",
-		"partial",
-		"canceled",
-		"suspended"
-	]>;
-	results: z.ZodArray<z.ZodObject<{
-		action_name: z.ZodString;
-		error: z.ZodNullable<z.ZodObject<{
-			id: z.ZodString;
-			msg: z.ZodString;
-			url: z.ZodOptional<z.ZodString>;
-		}, "strip", z.ZodTypeAny, {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		}, {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		}>>;
-		started_at: z.ZodString;
-		ended_at: z.ZodString;
-	}, "strip", z.ZodTypeAny, {
-		action_name: string;
-		error: {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		} | null;
-		started_at: string;
-		ended_at: string;
-	}, {
-		action_name: string;
-		error: {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		} | null;
-		started_at: string;
-		ended_at: string;
-	}>, "many">;
-	logs: z.ZodOptional<z.ZodArray<z.ZodObject<{
-		action_name: z.ZodString;
-		lines: z.ZodArray<z.ZodObject<{
-			level: z.ZodEnum<[
-				"log",
-				"info",
-				"warn",
-				"error",
-				"debug"
-			]>;
-			message: z.ZodString;
-		}, "strip", z.ZodTypeAny, {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}, {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}>, "many">;
-	}, "strip", z.ZodTypeAny, {
-		action_name: string;
-		lines: {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}[];
-	}, {
-		action_name: string;
-		lines: {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}[];
-	}>, "many">>;
-	created_at: z.ZodString;
-	updated_at: z.ZodString;
-}, "created_at" | "updated_at" | "tenant_id">, "strip", z.ZodTypeAny, {
-	status: "unspecified" | "pending" | "final" | "partial" | "canceled" | "suspended";
-	id: string;
-	trigger_id: string;
-	results: {
-		action_name: string;
-		error: {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		} | null;
-		started_at: string;
-		ended_at: string;
-	}[];
-	logs?: {
-		action_name: string;
-		lines: {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}[];
-	}[] | undefined;
-}, {
-	status: "unspecified" | "pending" | "final" | "partial" | "canceled" | "suspended";
-	id: string;
-	trigger_id: string;
-	results: {
-		action_name: string;
-		error: {
-			id: string;
-			msg: string;
-			url?: string | undefined;
-		} | null;
-		started_at: string;
-		ended_at: string;
-	}[];
-	logs?: {
-		action_name: string;
-		lines: {
-			message: string;
-			level: "error" | "log" | "info" | "warn" | "debug";
-		}[];
-	}[] | undefined;
-}>;
-export type ActionExecutionInsert = z.infer<typeof actionExecutionInsertSchema>;
-export interface Totals {
-	start: number;
-	limit: number;
-	length: number;
-	total?: number;
-}
-declare const customDomainInsertSchema: z.ZodObject<{
-	domain: z.ZodString;
-	custom_domain_id: z.ZodOptional<z.ZodString>;
-	type: z.ZodEnum<[
-		"auth0_managed_certs",
-		"self_managed_certs"
-	]>;
-	verification_method: z.ZodOptional<z.ZodEnum<[
-		"txt"
-	]>>;
-	tls_policy: z.ZodOptional<z.ZodEnum<[
-		"recommended"
-	]>>;
-	custom_client_ip_header: z.ZodOptional<z.ZodEnum<[
-		"true-client-ip",
-		"cf-connecting-ip",
-		"x-forwarded-for",
-		"x-azure-clientip",
-		"null"
-	]>>;
-	domain_metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
-}, "strip", z.ZodTypeAny, {
-	type: "auth0_managed_certs" | "self_managed_certs";
-	domain: string;
-	verification_method?: "txt" | undefined;
-	custom_domain_id?: string | undefined;
-	tls_policy?: "recommended" | undefined;
-	custom_client_ip_header?: "null" | "true-client-ip" | "cf-connecting-ip" | "x-forwarded-for" | "x-azure-clientip" | undefined;
-	domain_metadata?: Record<string, string> | undefined;
-}, {
-	type: "auth0_managed_certs" | "self_managed_certs";
-	domain: string;
-	verification_method?: "txt" | undefined;
-	custom_domain_id?: string | undefined;
-	tls_policy?: "recommended" | undefined;
-	custom_client_ip_header?: "null" | "true-client-ip" | "cf-connecting-ip" | "x-forwarded-for" | "x-azure-clientip" | undefined;
-	domain_metadata?: Record<string, string> | undefined;
-}>;
-export type CustomDomainInsert = z.infer<typeof customDomainInsertSchema>;
-declare const customDomainSchema: z.ZodObject<{
-	custom_domain_id: z.ZodString;
-	primary: z.ZodBoolean;
-	status: z.ZodEnum<[
-		"disabled",
-		"pending",
-		"pending_verification",
-		"ready"
-	]>;
-	origin_domain_name: z.ZodOptional<z.ZodString>;
-	verification: z.ZodOptional<z.ZodObject<{
-		methods: z.ZodArray<z.ZodDiscriminatedUnion<"name", [
-			z.ZodObject<{
-				name: z.ZodLiteral<"txt">;
-				record: z.ZodString;
-				domain: z.ZodString;
-			}, "strip", z.ZodTypeAny, {
-				name: "txt";
-				domain: string;
-				record: string;
-			}, {
-				name: "txt";
-				domain: string;
-				record: string;
-			}>,
-			z.ZodObject<{
-				name: z.ZodLiteral<"http">;
-				http_body: z.ZodString;
-				http_url: z.ZodString;
-			}, "strip", z.ZodTypeAny, {
-				name: "http";
-				http_body: string;
-				http_url: string;
-			}, {
-				name: "http";
-				http_body: string;
-				http_url: string;
-			}>
-		]>, "many">;
-	}, "strip", z.ZodTypeAny, {
-		methods: ({
-			name: "txt";
-			domain: string;
-			record: string;
-		} | {
-			name: "http";
-			http_body: string;
-			http_url: string;
-		})[];
-	}, {
-		methods: ({
-			name: "txt";
-			domain: string;
-			record: string;
-		} | {
-			name: "http";
-			http_body: string;
-			http_url: string;
-		})[];
-	}>>;
-	tls_policy: z.ZodOptional<z.ZodString>;
-	domain: z.ZodString;
-	type: z.ZodEnum<[
-		"auth0_managed_certs",
-		"self_managed_certs"
-	]>;
-	verification_method: z.ZodOptional<z.ZodEnum<[
-		"txt"
-	]>>;
-	custom_client_ip_header: z.ZodOptional<z.ZodEnum<[
-		"true-client-ip",
-		"cf-connecting-ip",
-		"x-forwarded-for",
-		"x-azure-clientip",
-		"null"
-	]>>;
-	domain_metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
-}, "strip", z.ZodTypeAny, {
-	type: "auth0_managed_certs" | "self_managed_certs";
-	status: "pending" | "disabled" | "pending_verification" | "ready";
-	primary: boolean;
-	domain: string;
-	custom_domain_id: string;
-	verification?: {
-		methods: ({
-			name: "txt";
-			domain: string;
-			record: string;
-		} | {
-			name: "http";
-			http_body: string;
-			http_url: string;
-		})[];
-	} | undefined;
-	verification_method?: "txt" | undefined;
-	tls_policy?: string | undefined;
-	custom_client_ip_header?: "null" | "true-client-ip" | "cf-connecting-ip" | "x-forwarded-for" | "x-azure-clientip" | undefined;
-	domain_metadata?: Record<string, string> | undefined;
-	origin_domain_name?: string | undefined;
-}, {
-	type: "auth0_managed_certs" | "self_managed_certs";
-	status: "pending" | "disabled" | "pending_verification" | "ready";
-	primary: boolean;
-	domain: string;
-	custom_domain_id: string;
-	verification?: {
-		methods: ({
-			name: "txt";
-			domain: string;
-			record: string;
-		} | {
-			name: "http";
-			http_body: string;
-			http_url: string;
-		})[];
-	} | undefined;
-	verification_method?: "txt" | undefined;
-	tls_policy?: string | undefined;
-	custom_client_ip_header?: "null" | "true-client-ip" | "cf-connecting-ip" | "x-forwarded-for" | "x-azure-clientip" | undefined;
-	domain_metadata?: Record<string, string> | undefined;
-	origin_domain_name?: string | undefined;
-}>;
-export type CustomDomain = z.infer<typeof customDomainSchema>;
-declare const customDomainWithTenantIdSchema: z.ZodObject<{
-	custom_domain_id: z.ZodString;
-	primary: z.ZodBoolean;
-	status: z.ZodEnum<[
-		"disabled",
-		"pending",
-		"pending_verification",
-		"ready"
-	]>;
-	origin_domain_name: z.ZodOptional<z.ZodString>;
-	verification: z.ZodOptional<z.ZodObject<{
-		methods: z.ZodArray<z.ZodDiscriminatedUnion<"name", [
-			z.ZodObject<{
-				name: z.ZodLiteral<"txt">;
-				record: z.ZodString;
-				domain: z.ZodString;
-			}, "strip", z.ZodTypeAny, {
-				name: "txt";
-				domain: string;
-				record: string;
-			}, {
-				name: "txt";
-				domain: string;
-				record: string;
-			}>,
-			z.ZodObject<{
-				name: z.ZodLiteral<"http">;
-				http_body: z.ZodString;
-				http_url: z.ZodString;
-			}, "strip", z.ZodTypeAny, {
-				name: "http";
-				http_body: string;
-				http_url: string;
-			}, {
-				name: "http";
-				http_body: string;
-				http_url: string;
-			}>
-		]>, "many">;
-	}, "strip", z.ZodTypeAny, {
-		methods: ({
-			name: "txt";
-			domain: string;
-			record: string;
-		} | {
-			name: "http";
-			http_body: string;
-			http_url: string;
-		})[];
-	}, {
-		methods: ({
-			name: "txt";
-			domain: string;
-			record: string;
-		} | {
-			name: "http";
-			http_body: string;
-			http_url: string;
-		})[];
-	}>>;
-	tls_policy: z.ZodOptional<z.ZodString>;
-	domain: z.ZodString;
-	type: z.ZodEnum<[
-		"auth0_managed_certs",
-		"self_managed_certs"
-	]>;
-	verification_method: z.ZodOptional<z.ZodEnum<[
-		"txt"
-	]>>;
-	custom_client_ip_header: z.ZodOptional<z.ZodEnum<[
-		"true-client-ip",
-		"cf-connecting-ip",
-		"x-forwarded-for",
-		"x-azure-clientip",
-		"null"
-	]>>;
-	domain_metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
-} & {
-	tenant_id: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-	type: "auth0_managed_certs" | "self_managed_certs";
-	status: "pending" | "disabled" | "pending_verification" | "ready";
-	tenant_id: string;
-	primary: boolean;
-	domain: string;
-	custom_domain_id: string;
-	verification?: {
-		methods: ({
-			name: "txt";
-			domain: string;
-			record: string;
-		} | {
-			name: "http";
-			http_body: string;
-			http_url: string;
-		})[];
-	} | undefined;
-	verification_method?: "txt" | undefined;
-	tls_policy?: string | undefined;
-	custom_client_ip_header?: "null" | "true-client-ip" | "cf-connecting-ip" | "x-forwarded-for" | "x-azure-clientip" | undefined;
-	domain_metadata?: Record<string, string> | undefined;
-	origin_domain_name?: string | undefined;
-}, {
-	type: "auth0_managed_certs" | "self_managed_certs";
-	status: "pending" | "disabled" | "pending_verification" | "ready";
-	tenant_id: string;
-	primary: boolean;
-	domain: string;
-	custom_domain_id: string;
-	verification?: {
-		methods: ({
-			name: "txt";
-			domain: string;
-			record: string;
-		} | {
-			name: "http";
-			http_body: string;
-			http_url: string;
-		})[];
-	} | undefined;
-	verification_method?: "txt" | undefined;
-	tls_policy?: string | undefined;
-	custom_client_ip_header?: "null" | "true-client-ip" | "cf-connecting-ip" | "x-forwarded-for" | "x-azure-clientip" | undefined;
-	domain_metadata?: Record<string, string> | undefined;
-	origin_domain_name?: string | undefined;
-}>;
-export type CustomDomainWithTenantId = z.infer<typeof customDomainWithTenantIdSchema>;
-export interface ListParams {
-	page?: number;
-	per_page?: number;
-	include_totals?: boolean;
-	q?: string;
-	sort?: {
-		sort_by: string;
-		sort_order: "asc" | "desc";
-	};
-	from?: string;
-	take?: number;
-	from_date?: number;
-	to_date?: number;
-}
-declare const logInsertSchema: z.ZodObject<{
-	type: z.ZodEffects<z.ZodString, "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "fn" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "i" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "sapi" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum", string>;
-	date: z.ZodString;
-	description: z.ZodOptional<z.ZodString>;
-	ip: z.ZodOptional<z.ZodString>;
-	user_agent: z.ZodOptional<z.ZodString>;
-	details: z.ZodOptional<z.ZodAny>;
-	isMobile: z.ZodBoolean;
-	user_id: z.ZodOptional<z.ZodString>;
-	user_name: z.ZodOptional<z.ZodString>;
-	connection: z.ZodOptional<z.ZodString>;
-	connection_id: z.ZodOptional<z.ZodString>;
-	client_id: z.ZodOptional<z.ZodString>;
-	client_name: z.ZodOptional<z.ZodString>;
-	audience: z.ZodOptional<z.ZodString>;
-	scope: z.ZodOptional<z.ZodString>;
-	strategy: z.ZodOptional<z.ZodString>;
-	strategy_type: z.ZodOptional<z.ZodString>;
-	hostname: z.ZodOptional<z.ZodString>;
-	auth0_client: z.ZodOptional<z.ZodObject<{
-		name: z.ZodString;
-		version: z.ZodString;
-		env: z.ZodOptional<z.ZodObject<{
-			node: z.ZodOptional<z.ZodString>;
-		}, "strip", z.ZodTypeAny, {
-			node?: string | undefined;
-		}, {
-			node?: string | undefined;
-		}>>;
-	}, "strip", z.ZodTypeAny, {
-		version: string;
-		name: string;
-		env?: {
-			node?: string | undefined;
-		} | undefined;
-	}, {
-		version: string;
-		name: string;
-		env?: {
-			node?: string | undefined;
-		} | undefined;
-	}>>;
-	log_id: z.ZodOptional<z.ZodString>;
-	location_info: z.ZodOptional<z.ZodObject<{
-		country_code: z.ZodString;
-		city_name: z.ZodString;
-		latitude: z.ZodString;
-		longitude: z.ZodString;
-		time_zone: z.ZodString;
-		continent_code: z.ZodString;
-	}, "strip", z.ZodTypeAny, {
-		country_code: string;
-		city_name: string;
-		latitude: string;
-		longitude: string;
-		time_zone: string;
-		continent_code: string;
-	}, {
-		country_code: string;
-		city_name: string;
-		latitude: string;
-		longitude: string;
-		time_zone: string;
-		continent_code: string;
-	}>>;
-}, "strip", z.ZodTypeAny, {
-	type: "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "fn" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "i" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "sapi" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
-	date: string;
-	isMobile: boolean;
-	description?: string | undefined;
-	client_id?: string | undefined;
-	ip?: string | undefined;
-	user_agent?: string | undefined;
-	connection?: string | undefined;
-	strategy?: string | undefined;
-	strategy_type?: string | undefined;
-	audience?: string | undefined;
-	scope?: string | undefined;
-	auth0_client?: {
-		version: string;
-		name: string;
-		env?: {
-			node?: string | undefined;
-		} | undefined;
-	} | undefined;
-	hostname?: string | undefined;
-	connection_id?: string | undefined;
-	user_id?: string | undefined;
-	details?: any;
-	user_name?: string | undefined;
-	client_name?: string | undefined;
-	log_id?: string | undefined;
-	location_info?: {
-		country_code: string;
-		city_name: string;
-		latitude: string;
-		longitude: string;
-		time_zone: string;
-		continent_code: string;
-	} | undefined;
-}, {
-	type: string;
-	date: string;
-	isMobile: boolean;
-	description?: string | undefined;
-	client_id?: string | undefined;
-	ip?: string | undefined;
-	user_agent?: string | undefined;
-	connection?: string | undefined;
-	strategy?: string | undefined;
-	strategy_type?: string | undefined;
-	audience?: string | undefined;
-	scope?: string | undefined;
-	auth0_client?: {
-		version: string;
-		name: string;
-		env?: {
-			node?: string | undefined;
-		} | undefined;
-	} | undefined;
-	hostname?: string | undefined;
-	connection_id?: string | undefined;
-	user_id?: string | undefined;
-	details?: any;
-	user_name?: string | undefined;
-	client_name?: string | undefined;
-	log_id?: string | undefined;
-	location_info?: {
-		country_code: string;
-		city_name: string;
-		latitude: string;
-		longitude: string;
-		time_zone: string;
-		continent_code: string;
-	} | undefined;
-}>;
-export type LogInsert = z.infer<typeof logInsertSchema>;
-declare const logSchema: z.ZodObject<{
-	log_id: z.ZodString;
-	type: z.ZodEffects<z.ZodString, "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "fn" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "i" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "sapi" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum", string>;
-	date: z.ZodString;
-	description: z.ZodOptional<z.ZodString>;
-	ip: z.ZodOptional<z.ZodString>;
-	user_agent: z.ZodOptional<z.ZodString>;
-	details: z.ZodOptional<z.ZodAny>;
-	isMobile: z.ZodBoolean;
-	user_id: z.ZodOptional<z.ZodString>;
-	user_name: z.ZodOptional<z.ZodString>;
-	connection: z.ZodOptional<z.ZodString>;
-	connection_id: z.ZodOptional<z.ZodString>;
-	client_id: z.ZodOptional<z.ZodString>;
-	client_name: z.ZodOptional<z.ZodString>;
-	audience: z.ZodOptional<z.ZodString>;
-	scope: z.ZodOptional<z.ZodString>;
-	strategy: z.ZodOptional<z.ZodString>;
-	strategy_type: z.ZodOptional<z.ZodString>;
-	hostname: z.ZodOptional<z.ZodString>;
-	auth0_client: z.ZodOptional<z.ZodObject<{
-		name: z.ZodString;
-		version: z.ZodString;
-		env: z.ZodOptional<z.ZodObject<{
-			node: z.ZodOptional<z.ZodString>;
-		}, "strip", z.ZodTypeAny, {
-			node?: string | undefined;
-		}, {
-			node?: string | undefined;
-		}>>;
-	}, "strip", z.ZodTypeAny, {
-		version: string;
-		name: string;
-		env?: {
-			node?: string | undefined;
-		} | undefined;
-	}, {
-		version: string;
-		name: string;
-		env?: {
-			node?: string | undefined;
-		} | undefined;
-	}>>;
-	location_info: z.ZodOptional<z.ZodObject<{
-		country_code: z.ZodString;
-		city_name: z.ZodString;
-		latitude: z.ZodString;
-		longitude: z.ZodString;
-		time_zone: z.ZodString;
-		continent_code: z.ZodString;
-	}, "strip", z.ZodTypeAny, {
-		country_code: string;
-		city_name: string;
-		latitude: string;
-		longitude: string;
-		time_zone: string;
-		continent_code: string;
-	}, {
-		country_code: string;
-		city_name: string;
-		latitude: string;
-		longitude: string;
-		time_zone: string;
-		continent_code: string;
-	}>>;
-}, "strip", z.ZodTypeAny, {
-	type: "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "fn" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "i" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "sapi" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
-	date: string;
-	isMobile: boolean;
-	log_id: string;
-	description?: string | undefined;
-	client_id?: string | undefined;
-	ip?: string | undefined;
-	user_agent?: string | undefined;
-	connection?: string | undefined;
-	strategy?: string | undefined;
-	strategy_type?: string | undefined;
-	audience?: string | undefined;
-	scope?: string | undefined;
-	auth0_client?: {
-		version: string;
-		name: string;
-		env?: {
-			node?: string | undefined;
-		} | undefined;
-	} | undefined;
-	hostname?: string | undefined;
-	connection_id?: string | undefined;
-	user_id?: string | undefined;
-	details?: any;
-	user_name?: string | undefined;
-	client_name?: string | undefined;
-	location_info?: {
-		country_code: string;
-		city_name: string;
-		latitude: string;
-		longitude: string;
-		time_zone: string;
-		continent_code: string;
-	} | undefined;
-}, {
-	type: string;
-	date: string;
-	isMobile: boolean;
-	log_id: string;
-	description?: string | undefined;
-	client_id?: string | undefined;
-	ip?: string | undefined;
-	user_agent?: string | undefined;
-	connection?: string | undefined;
-	strategy?: string | undefined;
-	strategy_type?: string | undefined;
-	audience?: string | undefined;
-	scope?: string | undefined;
-	auth0_client?: {
-		version: string;
-		name: string;
-		env?: {
-			node?: string | undefined;
-		} | undefined;
-	} | undefined;
-	hostname?: string | undefined;
-	connection_id?: string | undefined;
-	user_id?: string | undefined;
-	details?: any;
-	user_name?: string | undefined;
-	client_name?: string | undefined;
-	location_info?: {
-		country_code: string;
-		city_name: string;
-		latitude: string;
-		longitude: string;
-		time_zone: string;
-		continent_code: string;
-	} | undefined;
-}>;
-export type Log = z.infer<typeof logSchema>;
-declare const dailyStatsSchema: z.ZodObject<{
-	date: z.ZodString;
-	logins: z.ZodNumber;
-	signups: z.ZodNumber;
-	leaked_passwords: z.ZodNumber;
-	updated_at: z.ZodString;
-	created_at: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-	created_at: string;
-	updated_at: string;
-	date: string;
-	logins: number;
-	signups: number;
-	leaked_passwords: number;
-}, {
-	created_at: string;
-	updated_at: string;
-	date: string;
-	logins: number;
-	signups: number;
-	leaked_passwords: number;
-}>;
-export type DailyStats = z.infer<typeof dailyStatsSchema>;
-declare const analyticsResourceSchema: z.ZodEnum<[
-	"active-users",
-	"logins",
-	"signups",
-	"refresh-tokens",
-	"sessions"
-]>;
-export type AnalyticsResource = z.infer<typeof analyticsResourceSchema>;
-declare const analyticsIntervalSchema: z.ZodEnum<[
-	"hour",
-	"day",
-	"week",
-	"month"
-]>;
-export type AnalyticsInterval = z.infer<typeof analyticsIntervalSchema>;
-declare const analyticsGroupBySchema: z.ZodEnum<[
-	"time",
-	"connection",
-	"client_id",
-	"user_type",
-	"event"
-]>;
-export type AnalyticsGroupBy = z.infer<typeof analyticsGroupBySchema>;
-declare const analyticsUserTypeSchema: z.ZodEnum<[
-	"password",
-	"social",
-	"passwordless",
-	"enterprise"
-]>;
-export type AnalyticsUserType = z.infer<typeof analyticsUserTypeSchema>;
-export interface AnalyticsFilters {
-	connection?: string[];
-	client_id?: string[];
-	user_type?: AnalyticsUserType[];
-	user_id?: string[];
-}
-export interface AnalyticsQueryParams {
-	/** Inclusive lower bound, ISO 8601 datetime in UTC */
-	from: string;
-	/** Exclusive upper bound, ISO 8601 datetime in UTC */
-	to: string;
-	interval: AnalyticsInterval;
-	/** IANA timezone for bucket boundaries */
-	tz: string;
-	filters: AnalyticsFilters;
-	group_by: AnalyticsGroupBy[];
-	limit: number;
-	offset: number;
-	/** Column name, prefix with `-` for descending */
-	order_by?: string;
-}
-export interface AnalyticsColumnMeta {
-	name: string;
-	/** ClickHouse-style type label (e.g. "Date", "String", "UInt64", "DateTime") */
-	type: string;
-}
-export interface AnalyticsQueryResponse {
-	meta: AnalyticsColumnMeta[];
-	data: Array<Record<string, unknown>>;
-	rows: number;
-	rows_before_limit_at_least?: number;
-	statistics?: {
-		elapsed: number;
-		rows_read?: number;
-		bytes_read?: number;
-	};
-}
-export interface ActionExecutionsAdapter {
-	create: (tenant_id: string, execution: ActionExecutionInsert) => Promise<ActionExecution>;
-	get: (tenant_id: string, execution_id: string) => Promise<ActionExecution | null>;
-}
-export interface CacheAdapter {
-	/**
-	 * Get a value from the cache
-	 * @param key The cache key
-	 * @returns The cached value or null if not found or expired
-	 */
-	get<T = any>(key: string): Promise<T | null>;
-	/**
-	 * Set a value in the cache
-	 * @param key The cache key
-	 * @param value The value to cache
-	 * @param ttlSeconds Time to live in seconds (optional)
-	 */
-	set<T = any>(key: string, value: T, ttlSeconds?: number): Promise<void>;
-	/**
-	 * Delete a value from the cache
-	 * @param key The cache key
-	 * @returns True if the key existed and was deleted, false otherwise
-	 */
-	delete(key: string): Promise<boolean>;
-	/**
-	 * Delete all values from the cache that match a key prefix
-	 * @param prefix The key prefix to match
-	 * @returns The number of keys deleted
-	 */
-	deleteByPrefix(prefix: string): Promise<number>;
-	/**
-	 * Clear all items from the cache
-	 */
-	clear(): Promise<void>;
-}
-export interface ListLogsResponse extends Totals {
-	logs: Log[];
-}
-export interface LogsDataAdapter {
-	create(tenantId: string, params: LogInsert): Promise<Log>;
-	list(tenantId: string, params?: ListParams): Promise<ListLogsResponse>;
-	get(tenantId: string, logId: string): Promise<Log | null>;
-}
-export interface CustomDomainsAdapter {
-	create: (tenant_id: string, custom_domain: CustomDomainInsert) => Promise<CustomDomain>;
-	get: (tenant_id: string, id: string) => Promise<CustomDomain | null>;
-	getByDomain: (domain: string) => Promise<CustomDomainWithTenantId | null>;
-	list: (tenant_id: string) => Promise<CustomDomain[]>;
-	remove: (tenant_id: string, id: string) => Promise<boolean>;
-	update: (tenant_id: string, id: string, custom_domain: Partial<CustomDomain>) => Promise<boolean>;
-}
-export interface GeoInfo {
-	country_code: string;
-	city_name: string;
-	latitude: string;
-	longitude: string;
-	time_zone: string;
-	continent_code: string;
-}
-export interface GeoAdapter {
-	/**
-	 * Get geo information from request headers
-	 * @param headers - Record of HTTP headers (lowercase keys)
-	 * @returns Geo information or null if not available
-	 */
-	getGeoInfo(headers: Record<string, string>): Promise<GeoInfo | null>;
-}
-export interface StatsListParams {
-	from?: string;
-	to?: string;
-}
-export interface StatsAdapter {
-	/**
-	 * Get daily statistics (logins, signups, etc.) for a date range
-	 */
-	getDaily(tenantId: string, params?: StatsListParams): Promise<DailyStats[]>;
-	/**
-	 * Get the number of active users in the last 30 days
-	 */
-	getActiveUsers(tenantId: string): Promise<number>;
-}
-export interface AnalyticsAdapter {
-	/**
-	 * Run an analytics query for a tenant. The adapter is responsible for
-	 * injecting the tenant_id predicate; the route handler never trusts a
-	 * tenant value from a client-controlled source.
-	 */
-	query(tenantId: string, resource: AnalyticsResource, params: AnalyticsQueryParams): Promise<AnalyticsQueryResponse>;
-}
-/**
- * Logical buckets that consumers can rate-limit against. Backends decide
- * how each scope is enforced (e.g. mapping to a separate Cloudflare Workers
- * Rate Limiter binding with its own deploy-time limit/period).
- */
-export type RateLimitScope = "pre-login" | "pre-user-registration" | "brute-force";
-export interface RateLimitDecision {
-	/** True if the request is allowed; false if the limit was exceeded. */
-	allowed: boolean;
-	/** Optional retry-after hint in seconds (omitted if the backend can't tell). */
-	retryAfterSeconds?: number;
-}
-export interface RateLimitAdapter {
-	/**
-	 * Consume one unit of quota for the given scope and key.
-	 *
-	 * The numeric threshold and window are backend-specific; the
-	 * Cloudflare Workers Rate Limiter binding bakes them in at deploy
-	 * time and cannot honor a per-tenant override. Callers that need
-	 * per-tenant `max_attempts` should layer their own counter on top.
-	 *
-	 * Returns `{ allowed: true }` if the scope is not configured, so
-	 * callers can opt in by configuring backends without changing call
-	 * sites.
-	 */
-	consume(scope: RateLimitScope, key: string): Promise<RateLimitDecision>;
-}
-export interface CodeExecutionLog {
-	level: "log" | "info" | "warn" | "error" | "debug";
-	message: string;
-}
-export interface CodeExecutionResult {
-	success: boolean;
-	error?: string;
-	durationMs: number;
-	apiCalls: Array<{
-		method: string;
-		args: unknown[];
-	}>;
-	/**
-	 * Console output captured from the user code during execution. Populated by
-	 * executors that shadow `console.*` inside the sandbox; absent on executors
-	 * that don't support capture.
-	 */
-	logs?: CodeExecutionLog[];
-}
-export interface CodeExecutor {
-	execute(params: {
-		code: string;
-		hookCodeId?: string;
-		triggerId: string;
-		event: Record<string, unknown>;
-		/** Wall-clock timeout for the entire execution (ms). */
-		timeoutMs?: number;
-		/**
-		 * CPU-time limit (ms) for runtimes that distinguish CPU time from
-		 * wall-clock time (e.g. Cloudflare Workers for Platforms).
-		 * Ignored by executors that do not support CPU-time limits.
-		 */
-		cpuLimitMs?: number;
-	}): Promise<CodeExecutionResult>;
-	/**
-	 * Deploy user code to the execution environment.
-	 * Called when hook code is created or updated.
-	 * Optional — LocalCodeExecutor does not need this.
-	 */
-	deploy?(hookCodeId: string, code: string): Promise<void>;
-	/**
-	 * Remove user code from the execution environment.
-	 * Called when hook code is deleted.
-	 * Optional — LocalCodeExecutor does not need this.
-	 */
-	remove?(hookCodeId: string): Promise<void>;
-}
-export interface R2SQLLogsAdapterConfig {
-	/**
-	 * Cloudflare Pipeline HTTP endpoint URL for ingesting logs
-	 * Example: "https://{stream-id}.ingest.cloudflare.com"
-	 * Optional if using pipelineBinding or baseAdapter
-	 */
-	pipelineEndpoint?: string;
-	/**
-	 * Cloudflare Pipeline binding (for Workers)
-	 * Use this instead of pipelineEndpoint when running in a Worker
-	 * Pass the Pipeline object from env (e.g., env.AUTH_LOGS_STREAM)
-	 * The Pipeline has a send() method for ingesting data
-	 */
-	pipelineBinding?: {
-		send: (data: any) => Promise<void>;
-	};
-	/**
-	 * Cloudflare account ID for R2 SQL API
-	 * Required for the official API endpoint
-	 * Can be passed via environment variable: CLOUDFLARE_ACCOUNT_ID
-	 */
-	accountId: string;
-	/**
-	 * Cloudflare R2 SQL API token for querying logs
-	 * Can be passed via environment variable: R2_SQL_AUTH_TOKEN
-	 */
-	authToken: string;
-	/**
-	 * R2 warehouse name (e.g., "default")
-	 * Can be passed via environment variable: R2_WAREHOUSE_NAME
-	 */
-	warehouseName: string;
-	/**
-	 * Catalog database/namespace for logs (default: "default")
-	 */
-	namespace?: string;
-	/**
-	 * Catalog table name for logs (default: "logs")
-	 */
-	tableName?: string;
-	/**
-	 * HTTP timeout in milliseconds (default: 30000)
-	 */
-	timeout?: number;
+interface R2SQLLogsAdapterConfig {
+    /**
+     * Cloudflare Pipeline HTTP endpoint URL for ingesting logs
+     * Example: "https://{stream-id}.ingest.cloudflare.com"
+     * Optional if using pipelineBinding or baseAdapter
+     */
+    pipelineEndpoint?: string;
+    /**
+     * Cloudflare Pipeline binding (for Workers)
+     * Use this instead of pipelineEndpoint when running in a Worker
+     * Pass the Pipeline object from env (e.g., env.AUTH_LOGS_STREAM)
+     * The Pipeline has a send() method for ingesting data
+     */
+    pipelineBinding?: {
+        send: (data: any) => Promise<void>;
+    };
+    /**
+     * Cloudflare account ID for R2 SQL API
+     * Required for the official API endpoint
+     * Can be passed via environment variable: CLOUDFLARE_ACCOUNT_ID
+     */
+    accountId: string;
+    /**
+     * Cloudflare R2 SQL API token for querying logs
+     * Can be passed via environment variable: R2_SQL_AUTH_TOKEN
+     */
+    authToken: string;
+    /**
+     * R2 warehouse name (e.g., "default")
+     * Can be passed via environment variable: R2_WAREHOUSE_NAME
+     */
+    warehouseName: string;
+    /**
+     * Catalog database/namespace for logs (default: "default")
+     */
+    namespace?: string;
+    /**
+     * Catalog table name for logs (default: "logs")
+     */
+    tableName?: string;
+    /**
+     * HTTP timeout in milliseconds (default: 30000)
+     */
+    timeout?: number;
 }
+
 /**
  * Create a stats adapter for R2 SQL that returns "not supported" errors
  *
  * R2 SQL logs does not currently support stats queries.
  * Use the Analytics Engine stats adapter or Kysely stats adapter instead.
  */
-export declare function createR2SQLStatsAdapter(): StatsAdapter;
+declare function createR2SQLStatsAdapter(): StatsAdapter;
+
 /**
  * Create an R2 SQL logs adapter
  *
@@ -1200,51 +108,55 @@ export declare function createR2SQLStatsAdapter(): StatsAdapter;
  * });
  * ```
  */
-export declare function createR2SQLLogsAdapter(config: R2SQLLogsAdapterConfig): LogsDataAdapter;
+declare function createR2SQLLogsAdapter(config: R2SQLLogsAdapterConfig): LogsDataAdapter;
+
 /**
  * Analytics Engine dataset binding type
  * This is the binding object provided by Cloudflare Workers
  */
-export interface AnalyticsEngineDataset {
-	writeDataPoint(data: {
-		blobs?: string[];
-		doubles?: number[];
-		indexes?: string[];
-	}): void;
-}
-export interface AnalyticsEngineLogsAdapterConfig {
-	/**
-	 * Cloudflare Analytics Engine dataset binding (for Workers)
-	 * Pass the Analytics Engine dataset object from env (e.g., env.AUTH_LOGS)
-	 */
-	analyticsEngineBinding?: AnalyticsEngineDataset;
-	/**
-	 * Cloudflare account ID for querying logs via SQL API
-	 * Required for the SQL API endpoint
-	 * Can be passed via environment variable: CLOUDFLARE_ACCOUNT_ID
-	 */
-	accountId: string;
-	/**
-	 * Cloudflare API token for querying logs via SQL API
-	 * Must have Analytics Engine SQL API permissions
-	 * Can be passed via environment variable: ANALYTICS_ENGINE_API_TOKEN
-	 */
-	apiToken: string;
-	/**
-	 * Analytics Engine dataset name (default: "authhero_logs")
-	 * This should match the dataset name configured in wrangler.toml
-	 */
-	dataset?: string;
-	/**
-	 * HTTP timeout in milliseconds for SQL API queries (default: 30000)
-	 */
-	timeout?: number;
+interface AnalyticsEngineDataset {
+    writeDataPoint(data: {
+        blobs?: string[];
+        doubles?: number[];
+        indexes?: string[];
+    }): void;
+}
+interface AnalyticsEngineLogsAdapterConfig {
+    /**
+     * Cloudflare Analytics Engine dataset binding (for Workers)
+     * Pass the Analytics Engine dataset object from env (e.g., env.AUTH_LOGS)
+     */
+    analyticsEngineBinding?: AnalyticsEngineDataset;
+    /**
+     * Cloudflare account ID for querying logs via SQL API
+     * Required for the SQL API endpoint
+     * Can be passed via environment variable: CLOUDFLARE_ACCOUNT_ID
+     */
+    accountId: string;
+    /**
+     * Cloudflare API token for querying logs via SQL API
+     * Must have Analytics Engine SQL API permissions
+     * Can be passed via environment variable: ANALYTICS_ENGINE_API_TOKEN
+     */
+    apiToken: string;
+    /**
+     * Analytics Engine dataset name (default: "authhero_logs")
+     * This should match the dataset name configured in wrangler.toml
+     */
+    dataset?: string;
+    /**
+     * HTTP timeout in milliseconds for SQL API queries (default: 30000)
+     */
+    timeout?: number;
 }
+
 /**
  * Create a stats adapter that queries Analytics Engine
  */
-export declare function createAnalyticsEngineStatsAdapter(config: AnalyticsEngineLogsAdapterConfig): StatsAdapter;
-export declare function createAnalyticsEngineAnalyticsAdapter(config: AnalyticsEngineLogsAdapterConfig): AnalyticsAdapter;
+declare function createAnalyticsEngineStatsAdapter(config: AnalyticsEngineLogsAdapterConfig): StatsAdapter;
+
+declare function createAnalyticsEngineAnalyticsAdapter(config: AnalyticsEngineLogsAdapterConfig): AnalyticsAdapter;
+
 /**
  * Create an Analytics Engine logs adapter
  *
@@ -1292,35 +204,37 @@ export declare function createAnalyticsEngineAnalyticsAdapter(config: AnalyticsE
  * });
  * ```
  */
-export declare function createAnalyticsEngineLogsAdapter(config: AnalyticsEngineLogsAdapterConfig): LogsDataAdapter;
-export interface AnalyticsEngineActionExecutionsAdapterConfig {
-	/**
-	 * Cloudflare Analytics Engine dataset binding (for Workers).
-	 * Pass the Analytics Engine dataset object from env (e.g.
-	 * env.AUTH_ACTION_EXECUTIONS).
-	 */
-	analyticsEngineBinding?: AnalyticsEngineDataset;
-	/**
-	 * Cloudflare account ID for querying via the SQL API.
-	 * Can be passed via environment variable: CLOUDFLARE_ACCOUNT_ID.
-	 */
-	accountId: string;
-	/**
-	 * Cloudflare API token for querying via the SQL API.
-	 * Must have Analytics Engine SQL API permissions.
-	 * Can be passed via environment variable: ANALYTICS_ENGINE_API_TOKEN.
-	 */
-	apiToken: string;
-	/**
-	 * Analytics Engine dataset name (default: "authhero_action_executions").
-	 * Should match the dataset name configured in wrangler.toml.
-	 */
-	dataset?: string;
-	/**
-	 * HTTP timeout in milliseconds for SQL API queries (default: 30000).
-	 */
-	timeout?: number;
+declare function createAnalyticsEngineLogsAdapter(config: AnalyticsEngineLogsAdapterConfig): LogsDataAdapter;
+
+interface AnalyticsEngineActionExecutionsAdapterConfig {
+    /**
+     * Cloudflare Analytics Engine dataset binding (for Workers).
+     * Pass the Analytics Engine dataset object from env (e.g.
+     * env.AUTH_ACTION_EXECUTIONS).
+     */
+    analyticsEngineBinding?: AnalyticsEngineDataset;
+    /**
+     * Cloudflare account ID for querying via the SQL API.
+     * Can be passed via environment variable: CLOUDFLARE_ACCOUNT_ID.
+     */
+    accountId: string;
+    /**
+     * Cloudflare API token for querying via the SQL API.
+     * Must have Analytics Engine SQL API permissions.
+     * Can be passed via environment variable: ANALYTICS_ENGINE_API_TOKEN.
+     */
+    apiToken: string;
+    /**
+     * Analytics Engine dataset name (default: "authhero_action_executions").
+     * Should match the dataset name configured in wrangler.toml.
+     */
+    dataset?: string;
+    /**
+     * HTTP timeout in milliseconds for SQL API queries (default: 30000).
+     */
+    timeout?: number;
 }
+
 /**
  * Create an Analytics Engine action_executions adapter.
  *
@@ -1346,7 +260,8 @@ export interface AnalyticsEngineActionExecutionsAdapterConfig {
  * });
  * ```
  */
-export declare function createAnalyticsEngineActionExecutionsAdapter(config: AnalyticsEngineActionExecutionsAdapterConfig): ActionExecutionsAdapter;
+declare function createAnalyticsEngineActionExecutionsAdapter(config: AnalyticsEngineActionExecutionsAdapterConfig): ActionExecutionsAdapter;
+
 /**
  * Minimal shape of the Cloudflare Workers Rate Limiter binding. We declare
  * it locally rather than depending on `@cloudflare/workers-types` so the
@@ -1354,12 +269,12 @@ export declare function createAnalyticsEngineActionExecutionsAdapter(config: Ana
  *
  * Reference: https://developers.cloudflare.com/workers/runtime-apis/bindings/rate-limit/
  */
-export interface CloudflareRateLimitBinding {
-	limit(options: {
-		key: string;
-	}): Promise<{
-		success: boolean;
-	}>;
+interface CloudflareRateLimitBinding {
+    limit(options: {
+        key: string;
+    }): Promise<{
+        success: boolean;
+    }>;
 }
 /**
  * Map of scopes to Cloudflare Workers Rate Limiter bindings. Each binding's
@@ -1374,50 +289,52 @@ export interface CloudflareRateLimitBinding {
  * Any scope omitted from this map results in a permissive ("allowed: true")
  * decision so callers can configure backends incrementally.
  */
-export type CloudflareRateLimitBindings = Partial<Record<RateLimitScope, CloudflareRateLimitBinding>>;
-export declare function createCloudflareRateLimitAdapter(bindings: CloudflareRateLimitBindings | undefined): RateLimitAdapter | undefined;
-export interface CloudflareConfig {
-	zoneId: string;
-	authKey: string;
-	authEmail: string;
-	enterprise?: boolean;
-	customDomainAdapter: CustomDomainsAdapter;
-	/**
-	 * Cache name to use (optional, defaults to "default")
-	 */
-	cacheName?: string;
-	/**
-	 * Default TTL in seconds for cache entries (optional)
-	 */
-	defaultTtlSeconds?: number;
-	/**
-	 * Key prefix to namespace cache entries (optional)
-	 */
-	keyPrefix?: string;
-	/**
-	 * R2 SQL logs adapter configuration (optional)
-	 * Use this for high-volume log storage with R2 Pipelines and R2 SQL
-	 */
-	r2SqlLogs?: R2SQLLogsAdapterConfig;
-	/**
-	 * Analytics Engine logs adapter configuration (optional)
-	 * Use this for low-latency log writes with Cloudflare Analytics Engine
-	 */
-	analyticsEngineLogs?: AnalyticsEngineLogsAdapterConfig;
-	/**
-	 * Analytics Engine action_executions adapter configuration (optional).
-	 * Stores Auth0-shaped action execution records in a dedicated AE dataset
-	 * so logs and the executions they reference can both live in AE.
-	 */
-	analyticsEngineActionExecutions?: AnalyticsEngineActionExecutionsAdapterConfig;
-	/**
-	 * Cloudflare Workers Rate Limiter bindings, keyed by logical scope.
-	 * Each binding's `limit` and `period` are baked in at deploy time; this
-	 * adapter can't override them per tenant. Bindings are optional — any
-	 * unconfigured scope is treated as permissive.
-	 */
-	rateLimitBindings?: CloudflareRateLimitBindings;
+type CloudflareRateLimitBindings = Partial<Record<RateLimitScope, CloudflareRateLimitBinding>>;
+declare function createCloudflareRateLimitAdapter(bindings: CloudflareRateLimitBindings | undefined): RateLimitAdapter | undefined;
+
+interface CloudflareConfig {
+    zoneId: string;
+    authKey: string;
+    authEmail: string;
+    enterprise?: boolean;
+    customDomainAdapter: CustomDomainsAdapter;
+    /**
+     * Cache name to use (optional, defaults to "default")
+     */
+    cacheName?: string;
+    /**
+     * Default TTL in seconds for cache entries (optional)
+     */
+    defaultTtlSeconds?: number;
+    /**
+     * Key prefix to namespace cache entries (optional)
+     */
+    keyPrefix?: string;
+    /**
+     * R2 SQL logs adapter configuration (optional)
+     * Use this for high-volume log storage with R2 Pipelines and R2 SQL
+     */
+    r2SqlLogs?: R2SQLLogsAdapterConfig;
+    /**
+     * Analytics Engine logs adapter configuration (optional)
+     * Use this for low-latency log writes with Cloudflare Analytics Engine
+     */
+    analyticsEngineLogs?: AnalyticsEngineLogsAdapterConfig;
+    /**
+     * Analytics Engine action_executions adapter configuration (optional).
+     * Stores Auth0-shaped action execution records in a dedicated AE dataset
+     * so logs and the executions they reference can both live in AE.
+     */
+    analyticsEngineActionExecutions?: AnalyticsEngineActionExecutionsAdapterConfig;
+    /**
+     * Cloudflare Workers Rate Limiter bindings, keyed by logical scope.
+     * Each binding's `limit` and `period` are baked in at deploy time; this
+     * adapter can't override them per tenant. Bindings are optional — any
+     * unconfigured scope is treated as permissive.
+     */
+    rateLimitBindings?: CloudflareRateLimitBindings;
 }
+
 /**
  * Cloudflare Workers for Platforms dispatch namespace binding type.
  * This is the type of `env.DISPATCHER` when configured in wrangler.toml:
@@ -1428,40 +345,40 @@ export interface CloudflareConfig {
  * namespace = "authhero-hooks"
  * ```
  */
-export interface DispatchNamespace {
-	get(name: string, options?: Record<string, unknown>, init?: {
-		limits?: {
-			cpuMs?: number;
-			subrequests?: number;
-		};
-	}): {
-		fetch(request: Request | string, init?: RequestInit): Promise<Response>;
-	};
-}
-export interface DispatchNamespaceCodeExecutorConfig {
-	/** Cloudflare account ID */
-	accountId: string;
-	/** API token with Workers Scripts write permission */
-	apiToken: string;
-	/** Dispatch namespace name (e.g., "authhero-hooks") */
-	dispatchNamespace: string;
-	/**
-	 * Dispatch namespace binding from the worker environment.
-	 * When running inside a Cloudflare Worker, pass `env.DISPATCHER`.
-	 * Enables low-latency same-origin invocation.
-	 */
-	dispatcher?: DispatchNamespace;
-	/**
-	 * Fallback URL for invoking user workers when no dispatcher binding is available.
-	 * The executor appends `/{scriptName}` to this URL.
-	 * Only used when `dispatcher` is not provided.
-	 */
-	dispatchUrl?: string;
-	/**
-	 * Cloudflare Workers compatibility date used when deploying scripts.
-	 * Defaults to "2024-11-20" if not provided.
-	 */
-	compatibilityDate?: string;
+interface DispatchNamespace {
+    get(name: string, options?: Record<string, unknown>, init?: {
+        limits?: {
+            cpuMs?: number;
+            subrequests?: number;
+        };
+    }): {
+        fetch(request: Request | string, init?: RequestInit): Promise<Response>;
+    };
+}
+interface DispatchNamespaceCodeExecutorConfig {
+    /** Cloudflare account ID */
+    accountId: string;
+    /** API token with Workers Scripts write permission */
+    apiToken: string;
+    /** Dispatch namespace name (e.g., "authhero-hooks") */
+    dispatchNamespace: string;
+    /**
+     * Dispatch namespace binding from the worker environment.
+     * When running inside a Cloudflare Worker, pass `env.DISPATCHER`.
+     * Enables low-latency same-origin invocation.
+     */
+    dispatcher?: DispatchNamespace;
+    /**
+     * Fallback URL for invoking user workers when no dispatcher binding is available.
+     * The executor appends `/{scriptName}` to this URL.
+     * Only used when `dispatcher` is not provided.
+     */
+    dispatchUrl?: string;
+    /**
+     * Cloudflare Workers compatibility date used when deploying scripts.
+     * Defaults to "2024-11-20" if not provided.
+     */
+    compatibilityDate?: string;
 }
 /**
  * Code executor that uses Cloudflare Workers for Platforms dispatch namespaces.
@@ -1487,32 +404,32 @@ export interface DispatchNamespaceCodeExecutorConfig {
  * const { app } = init({ dataAdapter, codeExecutor });
  * ```
  */
-export declare class DispatchNamespaceCodeExecutor implements CodeExecutor {
-	private config;
-	constructor(config: DispatchNamespaceCodeExecutorConfig);
-	execute(params: {
-		code: string;
-		hookCodeId?: string;
-		triggerId: string;
-		event: Record<string, unknown>;
-		/** Wall-clock timeout (ms). Used for HTTP-based fallback invocation. */
-		timeoutMs?: number;
-		/**
-		 * CPU-time limit (ms) passed to the Cloudflare dispatcher binding.
-		 * Unlike timeoutMs (wall-clock), this caps only actual CPU cycles;
-		 * I/O wait does not count against it. Defaults to 5 000 ms.
-		 */
-		cpuLimitMs?: number;
-	}): Promise<CodeExecutionResult>;
-	/**
-	 * Deploy user code as a worker to the dispatch namespace.
-	 * Wraps the code in a worker template and uploads via Cloudflare API.
-	 */
-	deploy(hookCodeId: string, code: string): Promise<void>;
-	/**
-	 * Remove a user worker from the dispatch namespace.
-	 */
-	remove(hookCodeId: string): Promise<void>;
+declare class DispatchNamespaceCodeExecutor implements CodeExecutor {
+    private config;
+    constructor(config: DispatchNamespaceCodeExecutorConfig);
+    execute(params: {
+        code: string;
+        hookCodeId?: string;
+        triggerId: string;
+        event: Record<string, unknown>;
+        /** Wall-clock timeout (ms). Used for HTTP-based fallback invocation. */
+        timeoutMs?: number;
+        /**
+         * CPU-time limit (ms) passed to the Cloudflare dispatcher binding.
+         * Unlike timeoutMs (wall-clock), this caps only actual CPU cycles;
+         * I/O wait does not count against it. Defaults to 5 000 ms.
+         */
+        cpuLimitMs?: number;
+    }): Promise<CodeExecutionResult>;
+    /**
+     * Deploy user code as a worker to the dispatch namespace.
+     * Wraps the code in a worker template and uploads via Cloudflare API.
+     */
+    deploy(hookCodeId: string, code: string): Promise<void>;
+    /**
+     * Remove a user worker from the dispatch namespace.
+     */
+    remove(hookCodeId: string): Promise<void>;
 }
 /**
  * @deprecated Renamed to `DispatchNamespaceCodeExecutor` to disambiguate from
@@ -1520,9 +437,10 @@ export declare class DispatchNamespaceCodeExecutor implements CodeExecutor {
  * Loader binding instead of Workers for Platforms). This alias will be removed
  * in the next major.
  */
-export declare const CloudflareCodeExecutor: typeof DispatchNamespaceCodeExecutor;
+declare const CloudflareCodeExecutor: typeof DispatchNamespaceCodeExecutor;
 /** @deprecated Use `DispatchNamespaceCodeExecutorConfig`. */
-export type CloudflareCodeExecutorConfig = DispatchNamespaceCodeExecutorConfig;
+type CloudflareCodeExecutorConfig = DispatchNamespaceCodeExecutorConfig;
+
 /**
  * Generates a Cloudflare Worker script that wraps user-authored code.
  *
@@ -1532,30 +450,31 @@ export type CloudflareCodeExecutorConfig = DispatchNamespaceCodeExecutorConfig;
  * 3. Runs the user's exported function (e.g., exports.onExecutePostLogin)
  * 4. Returns { success, apiCalls, error, durationMs } as JSON
  */
-export declare function generateWorkerScript(userCode: string): string;
+declare function generateWorkerScript(userCode: string): string;
+
 /**
  * Worker Loader binding type (Cloudflare Dynamic Workers).
  * Configure in wrangler.toml:
  *   [[worker_loaders]]
  *   binding = "LOADER"
  */
-export interface WorkerLoader {
-	load(code: WorkerCode): WorkerStub;
-	get(id: string, callback: () => Promise<WorkerCode>): WorkerStub;
+interface WorkerLoader {
+    load(code: WorkerCode): WorkerStub;
+    get(id: string, callback: () => Promise<WorkerCode>): WorkerStub;
 }
-export interface WorkerCode {
-	compatibilityDate: string;
-	mainModule: string;
-	modules: Record<string, string>;
+interface WorkerCode {
+    compatibilityDate: string;
+    mainModule: string;
+    modules: Record<string, string>;
 }
-export interface WorkerStub {
-	getEntrypoint(): {
-		fetch(request: Request): Promise<Response>;
-	};
+interface WorkerStub {
+    getEntrypoint(): {
+        fetch(request: Request): Promise<Response>;
+    };
 }
-export interface WorkerLoaderCodeExecutorOptions {
-	loader: WorkerLoader;
-	compatibilityDate?: string;
+interface WorkerLoaderCodeExecutorOptions {
+    loader: WorkerLoader;
+    compatibilityDate?: string;
 }
 /**
  * Cloudflare Dynamic Workers code executor (Worker Loader binding).
@@ -1575,32 +494,30 @@ export interface WorkerLoaderCodeExecutorOptions {
  * Platforms dispatch namespaces and requires user code to be pre-deployed
  * as individual worker scripts via the Cloudflare API.
  */
-export declare class WorkerLoaderCodeExecutor implements CodeExecutor {
-	private loader;
-	private compatibilityDate;
-	constructor(options: WorkerLoaderCodeExecutorOptions);
-	execute(params: {
-		code: string;
-		hookCodeId?: string;
-		triggerId: string;
-		event: Record<string, unknown>;
-		timeoutMs?: number;
-		cpuLimitMs?: number;
-	}): Promise<CodeExecutionResult>;
+declare class WorkerLoaderCodeExecutor implements CodeExecutor {
+    private loader;
+    private compatibilityDate;
+    constructor(options: WorkerLoaderCodeExecutorOptions);
+    execute(params: {
+        code: string;
+        hookCodeId?: string;
+        triggerId: string;
+        event: Record<string, unknown>;
+        timeoutMs?: number;
+        cpuLimitMs?: number;
+    }): Promise<CodeExecutionResult>;
 }
-export interface CloudflareAdapters {
-	customDomains: CustomDomainsAdapter;
-	cache: CacheAdapter;
-	logs?: LogsDataAdapter;
-	analytics?: AnalyticsAdapter;
-	geo?: GeoAdapter;
-	rateLimit?: RateLimitAdapter;
-	actionExecutions?: ActionExecutionsAdapter;
+
+interface CloudflareAdapters {
+    customDomains: CustomDomainsAdapter;
+    cache: CacheAdapter;
+    logs?: LogsDataAdapter;
+    analytics?: AnalyticsAdapter;
+    geo?: GeoAdapter;
+    rateLimit?: RateLimitAdapter;
+    actionExecutions?: ActionExecutionsAdapter;
 }
 declare function createAdapters(config: CloudflareConfig): CloudflareAdapters;
 
-export {
-	createAdapters as default,
-};
-
-export {};
+export { CloudflareCodeExecutor, DispatchNamespaceCodeExecutor, WorkerLoaderCodeExecutor, createAnalyticsEngineActionExecutionsAdapter, createAnalyticsEngineAnalyticsAdapter, createAnalyticsEngineLogsAdapter, createAnalyticsEngineStatsAdapter, createCloudflareRateLimitAdapter, createR2SQLLogsAdapter, createR2SQLStatsAdapter, createAdapters as default, generateWorkerScript };
+export type { AnalyticsEngineActionExecutionsAdapterConfig, AnalyticsEngineDataset, AnalyticsEngineLogsAdapterConfig, CloudflareAdapters, CloudflareCodeExecutorConfig, CloudflareConfig, CloudflareRateLimitBinding, CloudflareRateLimitBindings, DispatchNamespace, DispatchNamespaceCodeExecutorConfig, R2SQLLogsAdapterConfig };