@authhero/widget 0.7.1 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (33) hide show
  1. package/README.md +118 -66
  2. package/dist/authhero-widget/authhero-widget.esm.js +1 -1
  3. package/dist/authhero-widget/index.esm.js +1 -1
  4. package/dist/authhero-widget/{p-29e844e0.entry.js → p-188ffffd.entry.js} +1 -1
  5. package/dist/authhero-widget/p-6e32b31d.entry.js +1 -0
  6. package/dist/authhero-widget/p-BzFenraS.js +2 -0
  7. package/dist/cjs/authhero-node.cjs.entry.js +1 -1
  8. package/dist/cjs/authhero-widget.cjs.entry.js +312 -33
  9. package/dist/cjs/authhero-widget.cjs.js +3 -3
  10. package/dist/cjs/{index-CFDpaA1R.js → index-xXst3JOw.js} +132 -1830
  11. package/dist/cjs/index.cjs.js +1 -1
  12. package/dist/cjs/loader.cjs.js +2 -2
  13. package/dist/collection/collection-manifest.json +1 -1
  14. package/dist/collection/components/authhero-widget/authhero-widget.js +470 -34
  15. package/dist/components/authhero-node.js +1 -1
  16. package/dist/components/authhero-widget.js +1 -1
  17. package/dist/components/index.js +1 -1
  18. package/dist/components/p-7EkYyes4.js +1 -0
  19. package/dist/components/{p-uGYnrdy5.js → p-DnNvVt9e.js} +1 -1
  20. package/dist/esm/authhero-node.entry.js +1 -1
  21. package/dist/esm/authhero-widget.entry.js +312 -33
  22. package/dist/esm/authhero-widget.js +4 -4
  23. package/dist/esm/{index-DKg5ozw7.js → index-BzFenraS.js} +132 -1830
  24. package/dist/esm/index.js +1 -1
  25. package/dist/esm/loader.js +3 -3
  26. package/dist/types/components/authhero-widget/authhero-widget.d.ts +96 -4
  27. package/dist/types/components.d.ts +66 -4
  28. package/hydrate/index.js +4114 -3849
  29. package/hydrate/index.mjs +4114 -3849
  30. package/package.json +2 -2
  31. package/dist/authhero-widget/p-553c2cbe.entry.js +0 -1
  32. package/dist/authhero-widget/p-DKg5ozw7.js +0 -2
  33. package/dist/components/p-JzMtjMQb.js +0 -1
package/dist/esm/index.js CHANGED
@@ -8109,7 +8109,7 @@ function requireAdapterInterfaces () {
8109
8109
  if (hasRequiredAdapterInterfaces) return adapterInterfaces;
8110
8110
  hasRequiredAdapterInterfaces = 1;
8111
8111
  (function (exports) {
8112
- Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require$$0,s=e.z.object({created_at:e.z.string(),updated_at:e.z.string()}),ut=e.z.enum(["AUTH0","EMAIL","REDIRECT"]),ht=e.z.enum(["CREATE_USER","GET_USER","UPDATE_USER","SEND_REQUEST","SEND_EMAIL"]),St=e.z.enum(["VERIFY_EMAIL"]),D=e.z.object({require_mx_record:e.z.boolean().optional(),block_aliases:e.z.boolean().optional(),block_free_emails:e.z.boolean().optional(),block_disposable_emails:e.z.boolean().optional(),blocklist:e.z.array(e.z.string()).optional(),allowlist:e.z.array(e.z.string()).optional()}),L=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("AUTH0"),action:e.z.literal("UPDATE_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({connection_id:e.z.string().optional(),user_id:e.z.string(),changes:e.z.record(e.z.string(),e.z.any())})}),w=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("EMAIL"),action:e.z.literal("VERIFY_EMAIL"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({email:e.z.string(),rules:D.optional()})}),j=e.z.enum(["change-email","account","custom"]),k=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("REDIRECT"),action:e.z.literal("REDIRECT_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({target:j.openapi({description:"The predefined target to redirect to, or 'custom' for a custom URL"}),custom_url:e.z.string().optional().openapi({description:"Custom URL to redirect to when target is 'custom'"})})}),U=e.z.union([L,w,k]),F=e.z.object({name:e.z.string().min(1).max(150).openapi({description:"The name of the flow"}),actions:e.z.array(U).optional().default([]).openapi({description:"The list of actions to execute in sequence"})}),bt=F.extend({...s.shape,id:e.z.string().openapi({description:"Unique identifier for the flow",example:"af_12tMpdJ3iek7svMyZkSh5M"})}),ft=e.z.object({page:e.z.string().min(0).optional().default("0").transform(t=>parseInt(t,10)).openapi({description:"The page number where 0 is the first page"}),per_page:e.z.string().min(1).optional().default("10").transform(t=>parseInt(t,10)).openapi({description:"The number of items per page"}),include_totals:e.z.string().optional().default("false").transform(t=>t==="true").openapi({description:"If the total number of items should be included in the response"}),sort:e.z.string().regex(/^.+:(-1|1)$/).optional().openapi({description:"A property that should have the format 'string:-1' or 'string:1'"}),q:e.z.string().optional().openapi({description:"A lucene query string used to filter the results"})}),Et=e.z.object({start:e.z.number(),limit:e.z.number(),length:e.z.number(),total:e.z.number().optional()}),v=e.z.object({email:e.z.string().optional(),email_verified:e.z.boolean().optional(),name:e.z.string().optional(),username:e.z.string().optional(),given_name:e.z.string().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),family_name:e.z.string().optional()}).catchall(e.z.any()),x=e.z.object({connection:e.z.string(),user_id:e.z.string(),provider:e.z.string(),isSocial:e.z.boolean(),access_token:e.z.string().optional(),access_token_secret:e.z.string().optional(),refresh_token:e.z.string().optional(),profileData:v.optional()}),S=e.z.object({email:e.z.string().optional().transform(t=>t&&t.toLowerCase()),username:e.z.string().optional(),phone_number:e.z.string().optional(),given_name:e.z.string().optional(),family_name:e.z.string().optional(),nickname:e.z.string().optional(),name:e.z.string().optional(),picture:e.z.string().optional(),locale:e.z.string().optional(),linked_to:e.z.string().optional(),profileData:e.z.string().optional(),user_id:e.z.string().optional(),app_metadata:e.z.any().default({}).optional(),user_metadata:e.z.any().default({}).optional()}),P=S.extend({email_verified:e.z.boolean().default(false),verify_email:e.z.boolean().optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string().optional(),provider:e.z.string().optional(),connection:e.z.string(),is_social:e.z.boolean().optional()}),M=e.z.object({...P.shape,...s.shape,user_id:e.z.string(),provider:e.z.string(),is_social:e.z.boolean(),email:e.z.string().optional(),login_count:e.z.number().default(0),identities:e.z.array(x).optional()}),At=M,It=S.extend({login_count:e.z.number(),multifactor:e.z.array(e.z.string()).optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string()}).catchall(e.z.any()),Ct="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict";let yt=(t=21)=>{let a="",c=crypto.getRandomValues(new Uint8Array(t|=0));for(;t--;)a+=Ct[c[t]&63];return a};const H=e.z.object({client_id:e.z.string().openapi({description:"ID of this client."}),name:e.z.string().min(1).openapi({description:"Name of this client (min length: 1 character, does not allow < or >)."}),description:e.z.string().max(140).optional().openapi({description:"Free text description of this client (max length: 140 characters)."}),global:e.z.boolean().default(false).openapi({description:"Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false)."}),client_secret:e.z.string().default(()=>yt()).optional().openapi({description:"Client secret (which you must not make public)."}),app_type:e.z.enum(["native","spa","regular_web","non_interactive","resource_server","express_configuration","rms","box","cloudbees","concur","dropbox","mscrm","echosign","egnyte","newrelic","office365","salesforce","sentry","sharepoint","slack","springcm","zendesk","zoom","sso_integration","oag"]).default("regular_web").optional().openapi({description:"The type of application this client represents"}),logo_uri:e.z.string().url().optional().openapi({description:"URL of the logo to display for this client. Recommended size is 150x150 pixels."}),is_first_party:e.z.boolean().default(false).openapi({description:"Whether this client a first party client (true) or not (false)."}),oidc_conformant:e.z.boolean().default(true).openapi({description:"Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false)."}),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),client_aliases:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of audiences/realms for SAML protocol. Used by the wsfed addon."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed."}),connections:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of connection IDs enabled for this client. The order determines the display order on the login page."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),session_transfer:e.z.record(e.z.any()).default({}).optional().openapi({description:"Native to Web SSO Configuration"}),oidc_logout:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration for OIDC backchannel logout"}),grant_types:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, urn:openid:params:grant-type:ciba, and urn:ietf:params:oauth:grant-type:device_code."}),jwt_configuration:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration related to JWTs for the client."}),signing_keys:e.z.array(e.z.record(e.z.any())).default([]).optional().openapi({description:"Signing certificates associated with this client."}),encryption_key:e.z.record(e.z.any()).default({}).optional().openapi({description:"Encryption used for WsFed responses with this client."}),sso:e.z.boolean().default(false).openapi({description:"Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false)."}),sso_disabled:e.z.boolean().default(true).openapi({description:"Whether Single Sign On is disabled (true) or enabled (true). Defaults to true."}),cross_origin_authentication:e.z.boolean().default(false).openapi({description:"Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."}),cross_origin_loc:e.z.string().url().optional().openapi({description:"URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page."}),custom_login_page_on:e.z.boolean().default(false).openapi({description:"Whether a custom login page is to be used (true) or the default provided login page (false)."}),custom_login_page:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page."}),custom_login_page_preview:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page. (Used on Previews)"}),form_template:e.z.string().optional().openapi({description:"HTML form template to be used for WS-Federation."}),addons:e.z.record(e.z.any()).default({}).optional().openapi({description:"Addons enabled for this client and their associated configurations."}),token_endpoint_auth_method:e.z.enum(["none","client_secret_post","client_secret_basic"]).default("client_secret_basic").optional().openapi({description:"Defines the requested authentication method for the token endpoint. Can be none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), or client_secret_basic (client uses HTTP Basic)."}),client_metadata:e.z.record(e.z.string().max(255)).default({}).optional().openapi({description:'Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/()<>@ [Tab][Space]'}),mobile:e.z.record(e.z.any()).default({}).optional().openapi({description:"Additional configuration for native mobile apps."}),initiate_login_uri:e.z.string().url().optional().openapi({description:"Initiate login uri, must be https"}),native_social_login:e.z.record(e.z.any()).default({}).optional(),refresh_token:e.z.record(e.z.any()).default({}).optional().openapi({description:"Refresh token configuration"}),default_organization:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines the default Organization ID and flows"}),organization_usage:e.z.enum(["deny","allow","require"]).default("deny").optional().openapi({description:"Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require."}),organization_require_behavior:e.z.enum(["no_prompt","pre_login_prompt","post_login_prompt"]).default("no_prompt").optional().openapi({description:"Defines how to proceed during an authentication transaction when client.organization_usage: 'require'. Can be no_prompt (default), pre_login_prompt or post_login_prompt. post_login_prompt requires oidc_conformant: true."}),client_authentication_methods:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines client authentication methods."}),require_pushed_authorization_requests:e.z.boolean().default(false).openapi({description:"Makes the use of Pushed Authorization Requests mandatory for this client"}),require_proof_of_possession:e.z.boolean().default(false).openapi({description:"Makes the use of Proof-of-Possession mandatory for this client"}),signed_request_object:e.z.record(e.z.any()).default({}).optional().openapi({description:"JWT-secured Authorization Requests (JAR) settings."}),compliance_level:e.z.enum(["none","fapi1_adv_pkj_par","fapi1_adv_mtls_par","fapi2_sp_pkj_mtls","fapi2_sp_mtls_mtls"]).optional().openapi({description:"Defines the compliance level for this client, which may restrict it's capabilities"}),par_request_expiry:e.z.number().optional().openapi({description:"Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"}),token_quota:e.z.record(e.z.any()).default({}).optional()}),G=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),...H.shape}),B=e.z.object({client_id:e.z.string().min(1).openapi({description:"ID of the client."}),audience:e.z.string().min(1).openapi({description:"The audience (API identifier) of this client grant."}),scope:e.z.array(e.z.string()).optional().openapi({description:"Scopes allowed for this client grant."}),organization_usage:e.z.enum(["deny","allow","require"]).optional().openapi({description:"Defines whether organizations can be used with client credentials exchanges for this grant."}),allow_any_organization:e.z.boolean().optional().openapi({description:"If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations."}),is_system:e.z.boolean().optional().openapi({description:"If enabled, this grant is a special grant created by Auth0. It cannot be modified or deleted directly."}),subject_type:e.z.enum(["client","user"]).optional().openapi({description:"The type of application access the client grant allows. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."}),authorization_details_types:e.z.array(e.z.string()).optional().openapi({description:"Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."})}),K=e.z.object({id:e.z.string().openapi({description:"ID of the client grant."}),...B.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),Tt=e.z.array(K),l=e.z.object({x:e.z.number(),y:e.z.number()});var b=(t=>(t.RICH_TEXT="RICH_TEXT",t.NEXT_BUTTON="NEXT_BUTTON",t.BACK_BUTTON="BACK_BUTTON",t.SUBMIT_BUTTON="SUBMIT_BUTTON",t.DIVIDER="DIVIDER",t.TEXT="TEXT",t.EMAIL="EMAIL",t.PASSWORD="PASSWORD",t.NUMBER="NUMBER",t.PHONE="PHONE",t.DATE="DATE",t.CHECKBOX="CHECKBOX",t.RADIO="RADIO",t.SELECT="SELECT",t.HIDDEN="HIDDEN",t.LEGAL="LEGAL",t))(b||{}),f=(t=>(t.BLOCK="BLOCK",t.FIELD="FIELD",t))(f||{});const g=e.z.object({id:e.z.string(),category:e.z.nativeEnum(f),type:e.z.nativeEnum(b)}),W=g.extend({category:e.z.literal("BLOCK"),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}).passthrough()}),V=g.extend({category:e.z.literal("BLOCK"),type:e.z.union([e.z.literal("NEXT_BUTTON"),e.z.literal("BACK_BUTTON"),e.z.literal("SUBMIT_BUTTON")]),config:e.z.object({text:e.z.string()}).passthrough()}),X=g.extend({category:e.z.literal("FIELD"),type:e.z.literal("LEGAL"),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({text:e.z.string()}).passthrough()}),q=g.extend({category:e.z.literal("FIELD"),type:e.z.union([e.z.literal("TEXT"),e.z.literal("EMAIL"),e.z.literal("PASSWORD"),e.z.literal("NUMBER"),e.z.literal("PHONE"),e.z.literal("DATE"),e.z.literal("CHECKBOX"),e.z.literal("RADIO"),e.z.literal("SELECT"),e.z.literal("HIDDEN")]),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({label:e.z.string().optional(),placeholder:e.z.string().optional()}).passthrough()}),Y=e.z.object({id:e.z.string(),category:e.z.string(),type:e.z.string()}).passthrough(),Q=e.z.union([W,V,X,q,Y]);var J=(t=>(t.STEP="STEP",t.FLOW="FLOW",t.CONDITION="CONDITION",t.ACTION="ACTION",t))(J||{});const Z=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:l,alias:e.z.string().optional(),config:e.z.object({components:e.z.array(Q),next_node:e.z.string()}).passthrough()}),$=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:l,alias:e.z.string().optional(),config:e.z.object({flow_id:e.z.string(),next_node:e.z.string()})}),ee=e.z.object({id:e.z.string(),type:e.z.literal("ACTION"),coordinates:l,alias:e.z.string().optional(),config:e.z.object({action_type:e.z.enum(["REDIRECT"]).openapi({description:"The type of action to perform"}),target:e.z.enum(["change-email","account","custom"]).openapi({description:"The predefined target to redirect to"}),custom_url:e.z.string().optional().openapi({description:"Custom URL when target is 'custom'"}),next_node:e.z.string().openapi({description:"The next node to navigate to after action (for non-redirect actions)"})}).passthrough()}),te=e.z.object({id:e.z.string(),type:e.z.string(),coordinates:l}).passthrough(),oe=e.z.union([Z,$,ee,te]),ne=e.z.object({next_node:e.z.string(),coordinates:l}).passthrough(),ie=e.z.object({resume_flow:e.z.boolean().optional(),coordinates:l}).passthrough(),ae=e.z.object({id:e.z.string(),name:e.z.string(),languages:e.z.object({primary:e.z.string()}).passthrough(),nodes:e.z.array(oe),start:ne,ending:ie,created_at:e.z.string(),updated_at:e.z.string(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).passthrough()}).passthrough(),Ot=ae.omit({id:true,created_at:true,updated_at:true});var E=(t=>(t.TOKEN="token",t.TOKEN_ID_TOKEN="token id_token",t.CODE="code",t))(E||{}),A=(t=>(t.QUERY="query",t.FRAGMENT="fragment",t.FORM_POST="form_post",t.WEB_MESSAGE="web_message",t.SAML_POST="saml_post",t))(A||{}),I=(t=>(t.S256="S256",t.Plain="plain",t))(I||{});const re=e.z.object({client_id:e.z.string(),act_as:e.z.string().optional(),response_type:e.z.nativeEnum(E).optional(),response_mode:e.z.nativeEnum(A).optional(),redirect_uri:e.z.string().optional(),audience:e.z.string().optional(),organization:e.z.string().optional(),state:e.z.string().optional(),nonce:e.z.string().optional(),scope:e.z.string().optional(),prompt:e.z.string().optional(),code_challenge_method:e.z.nativeEnum(I).optional(),code_challenge:e.z.string().optional(),username:e.z.string().optional(),ui_locales:e.z.string().optional(),vendor_id:e.z.string().optional()}),Nt=e.z.object({colors:e.z.object({primary:e.z.string(),page_background:e.z.object({type:e.z.string().optional(),start:e.z.string().optional(),end:e.z.string().optional(),angle_deg:e.z.number().optional()}).optional()}).optional(),logo_url:e.z.string().optional(),favicon_url:e.z.string().optional(),powered_by_logo_url:e.z.string().optional(),font:e.z.object({url:e.z.string()}).optional()}),se=e.z.object({kid:e.z.string().optional(),team_id:e.z.string().optional(),realms:e.z.string().optional(),authentication_method:e.z.string().optional(),client_id:e.z.string().optional(),client_secret:e.z.string().optional(),app_secret:e.z.string().optional(),scope:e.z.string().optional(),authorization_endpoint:e.z.string().optional(),token_endpoint:e.z.string().optional(),userinfo_endpoint:e.z.string().optional(),jwks_uri:e.z.string().optional(),discovery_url:e.z.string().optional(),issuer:e.z.string().optional(),provider:e.z.string().optional(),from:e.z.string().optional(),twilio_sid:e.z.string().optional(),twilio_token:e.z.string().optional(),icon_url:e.z.string().optional()}),le=e.z.object({id:e.z.string().optional(),name:e.z.string(),display_name:e.z.string().optional(),strategy:e.z.string(),options:se.default({}),enabled_clients:e.z.array(e.z.string()).default([]).optional(),response_type:e.z.custom().optional(),response_mode:e.z.custom().optional(),is_domain_connection:e.z.boolean().optional(),show_as_button:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional(),is_system:e.z.boolean().optional()}),ce=e.z.object({id:e.z.string(),created_at:e.z.string().transform(t=>t===null?"":t),updated_at:e.z.string().transform(t=>t===null?"":t)}).extend(le.shape),pe=e.z.object({id:e.z.string().optional(),audience:e.z.string(),friendly_name:e.z.string(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sender_email:e.z.string().email(),sender_name:e.z.string(),session_lifetime:e.z.number().optional(),idle_session_lifetime:e.z.number().optional(),ephemeral_session_lifetime:e.z.number().optional(),idle_ephemeral_session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),allowed_logout_urls:e.z.array(e.z.string()).optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_changing_enable_sso:e.z.boolean().optional(),allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),change_pwd_flow_v1:e.z.boolean().optional(),custom_domains_provisioning:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),disable_impersonation:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),enable_sso:e.z.boolean().optional(),enforce_client_authentication_on_passwordless_start:e.z.boolean().optional(),genai_trial:e.z.boolean().optional(),improved_signup_bot_detection_in_classic:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional(),no_disclose_enterprise_connections:e.z.boolean().optional(),remove_alg_from_jwks:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),trust_azure_adfs_email_verified_connection_property:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),inherit_global_permissions_in_organizations:e.z.boolean().optional()}).optional(),sandbox_version:e.z.string().optional(),legacy_sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),device_flow:e.z.object({charset:e.z.enum(["base20","digits"]).optional(),mask:e.z.string().max(20).optional()}).optional(),default_token_quota:e.z.object({clients:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional(),organizations:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),oidc_logout:e.z.object({rp_logout_end_session_endpoint_discovery:e.z.boolean().optional()}).optional(),allow_organization_name_in_authentication_api:e.z.boolean().optional(),customize_mfa_in_postlogin_action:e.z.boolean().optional(),acr_values_supported:e.z.array(e.z.string()).optional(),mtls:e.z.object({enable_endpoint_aliases:e.z.boolean().optional()}).optional(),pushed_authorization_requests_supported:e.z.boolean().optional(),authorization_response_iss_parameter_supported:e.z.boolean().optional()}),_e=e.z.object({created_at:e.z.string().nullable().transform(t=>t??""),updated_at:e.z.string().nullable().transform(t=>t??""),...pe.shape,id:e.z.string()}),Rt=e.z.object({...G.shape,tenant:_e,connections:e.z.array(ce)}),de=e.z.enum(["password_reset","email_verification","otp","authorization_code","oauth2_state","ticket"]),ze=e.z.object({code_id:e.z.string().openapi({description:"The code that will be used in for instance an email verification flow"}),login_id:e.z.string().openapi({description:"The id of the login session that the code is connected to"}),connection_id:e.z.string().optional().openapi({description:"The connection that the code is connected to"}),code_type:de,code_verifier:e.z.string().optional().openapi({description:"The code verifier used in PKCE in outbound flows"}),code_challenge:e.z.string().optional().openapi({description:"The code challenge used in PKCE in outbound flows"}),code_challenge_method:e.z.enum(["plain","S256"]).optional().openapi({description:"The code challenge method used in PKCE in outbound flows"}),redirect_uri:e.z.string().optional().openapi({description:"The redirect URI associated with the code"}),nonce:e.z.string().optional().openapi({description:"The nonce value used for security in OIDC flows"}),state:e.z.string().optional().openapi({description:"The state parameter used for CSRF protection in OAuth flows"}),expires_at:e.z.string(),used_at:e.z.string().optional(),user_id:e.z.string().optional()}),Dt=e.z.object({...ze.shape,created_at:e.z.string()}),ge=e.z.object({domain:e.z.string(),custom_domain_id:e.z.string().optional(),type:e.z.enum(["auth0_managed_certs","self_managed_certs"]),verification_method:e.z.enum(["txt"]).optional(),tls_policy:e.z.enum(["recommended"]).optional(),custom_client_ip_header:e.z.enum(["true-client-ip","cf-connecting-ip","x-forwarded-for","x-azure-clientip","null"]).optional(),domain_metadata:e.z.record(e.z.string().max(255)).optional()}),me=e.z.object({name:e.z.literal("txt"),record:e.z.string(),domain:e.z.string()}),ue=e.z.object({...ge.shape,custom_domain_id:e.z.string(),primary:e.z.boolean(),status:e.z.enum(["disabled","pending","pending_verification","ready"]),origin_domain_name:e.z.string().optional(),verification:e.z.object({methods:e.z.array(me)}).optional(),tls_policy:e.z.string().optional()}),Lt=ue.extend({tenant_id:e.z.string()}),C=e.z.object({id:e.z.string(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(true)}),i=C.extend({category:e.z.literal("BLOCK").optional()}),wt=i.extend({type:e.z.literal("DIVIDER"),config:e.z.object({}).optional()}),jt=i.extend({type:e.z.literal("HTML"),config:e.z.object({content:e.z.string().optional()}).optional()}),kt=i.extend({type:e.z.literal("IMAGE"),config:e.z.object({src:e.z.string().optional(),alt:e.z.string().optional(),width:e.z.number().optional(),height:e.z.number().optional()}).optional()}),Ut=i.extend({type:e.z.literal("JUMP_BUTTON"),config:e.z.object({text:e.z.string().optional(),target_step:e.z.string().optional()})}),Ft=i.extend({type:e.z.literal("RESEND_BUTTON"),config:e.z.object({text:e.z.string().optional(),resend_action:e.z.string().optional()})}),vt=i.extend({type:e.z.literal("NEXT_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),xt=i.extend({type:e.z.literal("PREVIOUS_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),Pt=i.extend({type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string().optional()}).optional()}),y=C.extend({category:e.z.literal("WIDGET").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Mt=y.extend({type:e.z.literal("AUTH0_VERIFIABLE_CREDENTIALS"),config:e.z.object({credential_type:e.z.string().optional()})}),Ht=y.extend({type:e.z.literal("GMAPS_ADDRESS"),config:e.z.object({api_key:e.z.string().optional()})}),Gt=y.extend({type:e.z.literal("RECAPTCHA"),config:e.z.object({site_key:e.z.string().optional()})}),o=C.extend({category:e.z.literal("FIELD").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Bt=o.extend({type:e.z.literal("BOOLEAN"),config:e.z.object({default_value:e.z.boolean().optional()}).optional()}),Kt=o.extend({type:e.z.literal("CARDS"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string(),description:e.z.string().optional(),image:e.z.string().optional()})).optional(),multi_select:e.z.boolean().optional()}).optional()}),Wt=o.extend({type:e.z.literal("CHOICE"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),display:e.z.enum(["radio","checkbox"]).optional()}).optional()}),Vt=o.extend({type:e.z.literal("CUSTOM"),config:e.z.object({component:e.z.string().optional(),props:e.z.record(e.z.any()).optional()})}),Xt=o.extend({type:e.z.literal("DATE"),config:e.z.object({format:e.z.string().optional(),min:e.z.string().optional(),max:e.z.string().optional()}).optional()}),qt=o.extend({type:e.z.literal("DROPDOWN"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),placeholder:e.z.string().optional(),searchable:e.z.boolean().optional()}).optional()}),Yt=o.extend({type:e.z.literal("EMAIL"),config:e.z.object({placeholder:e.z.string().optional()}).optional()}),Qt=o.extend({type:e.z.literal("FILE"),config:e.z.object({accept:e.z.string().optional(),max_size:e.z.number().optional(),multiple:e.z.boolean().optional()}).optional()}),Jt=o.extend({type:e.z.literal("LEGAL"),config:e.z.object({text:e.z.string(),html:e.z.boolean().optional()}).optional()}),Zt=o.extend({type:e.z.literal("NUMBER"),config:e.z.object({placeholder:e.z.string().optional(),min:e.z.number().optional(),max:e.z.number().optional(),step:e.z.number().optional()}).optional()}),$t=o.extend({type:e.z.literal("PASSWORD"),config:e.z.object({placeholder:e.z.string().optional(),min_length:e.z.number().optional(),show_toggle:e.z.boolean().optional(),forgot_password_link:e.z.string().optional()}).optional()}),eo=o.extend({type:e.z.literal("PAYMENT"),config:e.z.object({provider:e.z.string().optional(),currency:e.z.string().optional()}).optional()}),to=o.extend({type:e.z.literal("SOCIAL"),config:e.z.object({providers:e.z.array(e.z.string()).optional()}).optional()}),oo=o.extend({type:e.z.literal("TEL"),config:e.z.object({placeholder:e.z.string().optional(),default_country:e.z.string().optional()}).optional()}),no=o.extend({type:e.z.literal("TEXT"),config:e.z.object({placeholder:e.z.string().optional(),multiline:e.z.boolean().optional(),max_length:e.z.number().optional()}).optional()}),io=o.extend({type:e.z.literal("URL"),config:e.z.object({placeholder:e.z.string().optional()}).optional()}),he=e.z.discriminatedUnion("type",[wt,jt,kt,Ut,Ft,vt,xt,Pt]),Se=e.z.discriminatedUnion("type",[Mt,Ht,Gt]),be=e.z.discriminatedUnion("type",[Bt,Kt,Wt,Vt,Xt,qt,Yt,Qt,Jt,Zt,$t,eo,to,oo,no,io]),T=e.z.union([he,Se,be]),ao=e.z.object({id:e.z.string(),type:e.z.literal("submit"),label:e.z.string(),className:e.z.string().optional(),disabled:e.z.boolean().optional().default(false),order:e.z.number().optional(),visible:e.z.boolean().optional().default(true),customizations:e.z.record(e.z.string(),e.z.any()).optional()}),_=e.z.object({x:e.z.number(),y:e.z.number()}),ro=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:_,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({flow_id:e.z.string().max(30),next_node:e.z.string().optional()})}),so=e.z.object({id:e.z.string(),type:e.z.literal("ROUTER"),coordinates:_,alias:e.z.string().min(1).max(150),config:e.z.object({rules:e.z.array(e.z.object({id:e.z.string(),alias:e.z.string().min(1).max(150).optional(),condition:e.z.any(),next_node:e.z.string()})),fallback:e.z.string()})}),lo=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:_,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({components:e.z.array(T),next_node:e.z.string().optional()})}),fe=e.z.discriminatedUnion("type",[ro,so,lo]),Ee=e.z.object({name:e.z.string().openapi({description:"The name of the form"}),messages:e.z.object({errors:e.z.record(e.z.string(),e.z.any()).optional(),custom:e.z.record(e.z.string(),e.z.any()).optional()}).optional(),languages:e.z.object({primary:e.z.string().optional(),default:e.z.string().optional()}).optional(),translations:e.z.record(e.z.string(),e.z.any()).optional(),nodes:e.z.array(fe).optional(),start:e.z.object({hidden_fields:e.z.array(e.z.object({key:e.z.string(),value:e.z.string()})).optional(),next_node:e.z.string().optional(),coordinates:_.optional()}).optional(),ending:e.z.object({redirection:e.z.object({delay:e.z.number().optional(),target:e.z.string().optional()}).optional(),after_submit:e.z.object({flow_id:e.z.string().optional()}).optional(),coordinates:_.optional(),resume_flow:e.z.boolean().optional()}).optional(),style:e.z.object({css:e.z.string().optional()}).optional()}).openapi({description:"Schema for flow-based forms (matches Auth0 Forms structure)"}),co=e.z.object({...s.shape,...Ee.shape,id:e.z.string()}),Ae=e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])}),Ie=e.z.object({id:e.z.string().optional(),text:e.z.string(),href:e.z.string(),linkText:e.z.string().optional()}),po=e.z.object({action:e.z.string(),method:e.z.enum(["POST","GET"]),title:e.z.string().optional(),description:e.z.string().optional(),components:e.z.array(T),messages:e.z.array(Ae).optional(),links:e.z.array(Ie).optional()});function _o(t){return t.category==="BLOCK"}function zo(t){return t.category==="WIDGET"}function go(t){return t.category==="FIELD"}const Ce=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),ye=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),m={enabled:e.z.boolean().default(false),synchronous:e.z.boolean().default(false),priority:e.z.number().optional(),hook_id:e.z.string().optional()},mo=e.z.object({...m,trigger_id:Ce,url:e.z.string()}),uo=e.z.object({...m,trigger_id:ye,form_id:e.z.string()}),ho=e.z.union([mo,uo]),So=e.z.object({...m,trigger_id:Ce,...s.shape,hook_id:e.z.string(),url:e.z.string()}),bo=e.z.object({...m,trigger_id:ye,...s.shape,hook_id:e.z.string(),form_id:e.z.string()}),fo=e.z.union([So,bo]),Te=e.z.object({name:e.z.string().optional()}),Oe=e.z.object({email:e.z.string().optional()}),Ne=e.z.object({organization_id:e.z.string().max(50),inviter:Te,invitee:Oe,invitation_url:e.z.string().url(),client_id:e.z.string(),connection_id:e.z.string().optional(),app_metadata:e.z.record(e.z.any()).default({}).optional(),user_metadata:e.z.record(e.z.any()).default({}).optional(),ttl_sec:e.z.number().int().max(2592e3).default(604800).optional(),roles:e.z.array(e.z.string()).default([]).optional(),send_invitation_email:e.z.boolean().default(true).optional()}),Eo=e.z.object({id:e.z.string(),organization_id:e.z.string().max(50),created_at:e.z.string().datetime(),expires_at:e.z.string().datetime(),ticket_id:e.z.string().optional()}).extend(Ne.shape),Re=e.z.object({alg:e.z.enum(["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512"]),e:e.z.string(),kid:e.z.string(),kty:e.z.enum(["RSA","EC","oct"]),n:e.z.string(),x5t:e.z.string().optional(),x5c:e.z.array(e.z.string()).optional(),use:e.z.enum(["sig","enc"]).optional()}),Ao=e.z.object({keys:e.z.array(Re)}),Io=e.z.object({issuer:e.z.string(),authorization_endpoint:e.z.string(),token_endpoint:e.z.string(),device_authorization_endpoint:e.z.string(),userinfo_endpoint:e.z.string(),mfa_challenge_endpoint:e.z.string(),jwks_uri:e.z.string(),registration_endpoint:e.z.string(),revocation_endpoint:e.z.string(),scopes_supported:e.z.array(e.z.string()),response_types_supported:e.z.array(e.z.string()),code_challenge_methods_supported:e.z.array(e.z.string()),response_modes_supported:e.z.array(e.z.string()),subject_types_supported:e.z.array(e.z.string()),id_token_signing_alg_values_supported:e.z.array(e.z.string()),token_endpoint_auth_methods_supported:e.z.array(e.z.string()),claims_supported:e.z.array(e.z.string()),request_uri_parameter_supported:e.z.boolean(),request_parameter_supported:e.z.boolean(),token_endpoint_auth_signing_alg_values_supported:e.z.array(e.z.string())});var O=(t=>(t.PENDING="pending",t.AUTHENTICATED="authenticated",t.AWAITING_EMAIL_VERIFICATION="awaiting_email_verification",t.AWAITING_HOOK="awaiting_hook",t.AWAITING_CONTINUATION="awaiting_continuation",t.COMPLETED="completed",t.FAILED="failed",t.EXPIRED="expired",t))(O||{});const De=e.z.nativeEnum(O),Le=e.z.object({csrf_token:e.z.string(),auth0Client:e.z.string().optional(),authParams:re,expires_at:e.z.string(),deleted_at:e.z.string().optional(),ip:e.z.string().optional(),useragent:e.z.string().optional(),session_id:e.z.string().optional(),authorization_url:e.z.string().optional(),state:De.optional().default("pending"),state_data:e.z.string().optional(),failure_reason:e.z.string().optional(),user_id:e.z.string().optional()}).openapi({description:"This represents a login sesion"}),Co=e.z.object({...Le.shape,id:e.z.string().openapi({description:"This is is used as the state in the universal login"}),created_at:e.z.string(),updated_at:e.z.string()}),we={ACLS_SUMMARY:"acls_summary",ACTIONS_EXECUTION_FAILED:"actions_execution_failed",API_LIMIT:"api_limit",API_LIMIT_WARNING:"api_limit_warning",APPI:"appi",CIBA_EXCHANGE_FAILED:"ciba_exchange_failed",CIBA_EXCHANGE_SUCCEEDED:"ciba_exchange_succeeded",CIBA_START_FAILED:"ciba_start_failed",CIBA_START_SUCCEEDED:"ciba_start_succeeded",CODE_LINK_SENT:"cls",CODE_SENT:"cs",DEPRECATION_NOTICE:"depnote",FAILED_LOGIN:"f",FAILED_BY_CONNECTOR:"fc",FAILED_CHANGE_EMAIL:"fce",FAILED_BY_CORS:"fco",FAILED_CROSS_ORIGIN_AUTHENTICATION:"fcoa",FAILED_CHANGE_PASSWORD:"fcp",FAILED_POST_CHANGE_PASSWORD_HOOK:"fcph",FAILED_CHANGE_PHONE_NUMBER:"fcpn",FAILED_CHANGE_PASSWORD_REQUEST:"fcpr",FAILED_CONNECTOR_PROVISIONING:"fcpro",FAILED_CHANGE_USERNAME:"fcu",FAILED_DELEGATION:"fd",FAILED_DEVICE_ACTIVATION:"fdeac",FAILED_DEVICE_AUTHORIZATION_REQUEST:"fdeaz",USER_CANCELED_DEVICE_CONFIRMATION:"fdecc",FAILED_USER_DELETION:"fdu",FAILED_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"feacft",FAILED_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"feccft",FAILED_EXCHANGE_CUSTOM_TOKEN:"fecte",FAILED_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"fede",FAILED_FEDERATED_LOGOUT:"federated_logout_failed",FAILED_EXCHANGE_NATIVE_SOCIAL_LOGIN:"fens",FAILED_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"feoobft",FAILED_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"feotpft",FAILED_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"fepft",FAILED_EXCHANGE_PASSWORDLESS_OTP_FOR_ACCESS_TOKEN:"fepotpft",FAILED_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"fercft",FAILED_EXCHANGE_ROTATING_REFRESH_TOKEN:"ferrt",FAILED_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"fertft",FAILED_HOOK:"fh",FAILED_IMPERSONATION:"fimp",FAILED_INVITE_ACCEPT:"fi",FAILED_LOGOUT:"flo",FLOWS_EXECUTION_COMPLETED:"flows_execution_completed",FLOWS_EXECUTION_FAILED:"flows_execution_failed",FAILED_SENDING_NOTIFICATION:"fn",FORMS_SUBMISSION_FAILED:"forms_submission_failed",FORMS_SUBMISSION_SUCCEEDED:"forms_submission_succeeded",FAILED_LOGIN_INCORRECT_PASSWORD:"fp",FAILED_PUSHED_AUTHORIZATION_REQUEST:"fpar",FAILED_POST_USER_REGISTRATION_HOOK:"fpurh",FAILED_SIGNUP:"fs",FAILED_SILENT_AUTH:"fsa",FAILED_LOGIN_INVALID_EMAIL_USERNAME:"fu",FAILED_USERS_IMPORT:"fui",FAILED_VERIFICATION_EMAIL:"fv",FAILED_VERIFICATION_EMAIL_REQUEST:"fvr",EMAIL_VERIFICATION_CONFIRMED:"gd_auth_email_verification",EMAIL_VERIFICATION_FAILED:"gd_auth_fail_email_verification",MFA_AUTH_FAILED:"gd_auth_failed",MFA_AUTH_REJECTED:"gd_auth_rejected",MFA_AUTH_SUCCESS:"gd_auth_succeed",MFA_ENROLLMENT_COMPLETE:"gd_enrollment_complete",TOO_MANY_MFA_FAILURES:"gd_otp_rate_limit_exceed",MFA_RECOVERY_FAILED:"gd_recovery_failed",MFA_RECOVERY_RATE_LIMIT_EXCEED:"gd_recovery_rate_limit_exceed",MFA_RECOVERY_SUCCESS:"gd_recovery_succeed",MFA_EMAIL_SENT:"gd_send_email",EMAIL_VERIFICATION_SENT:"gd_send_email_verification",EMAIL_VERIFICATION_SEND_FAILURE:"gd_send_email_verification_failure",PUSH_NOTIFICATION_SENT:"gd_send_pn",ERROR_SENDING_MFA_PUSH_NOTIFICATION:"gd_send_pn_failure",MFA_SMS_SENT:"gd_send_sms",ERROR_SENDING_MFA_SMS:"gd_send_sms_failure",MFA_VOICE_CALL_SUCCESS:"gd_send_voice",MFA_VOICE_CALL_FAILED:"gd_send_voice_failure",SECOND_FACTOR_STARTED:"gd_start_auth",MFA_ENROLL_STARTED:"gd_start_enroll",MFA_ENROLLMENT_FAILED:"gd_start_enroll_failed",GUARDIAN_TENANT_UPDATE:"gd_tenant_update",UNENROLL_DEVICE_ACCOUNT:"gd_unenroll",UPDATE_DEVICE_ACCOUNT:"gd_update_device_account",WEBAUTHN_CHALLENGE_FAILED:"gd_webauthn_challenge_failed",WEBAUTHN_ENROLLMENT_FAILED:"gd_webauthn_enrollment_failed",FAILED_KMS_API_OPERATION:"kms_key_management_failure",SUCCESS_KMS_API_OPERATION:"kms_key_management_success",KMS_KEY_STATE_CHANGED:"kms_key_state_changed",TOO_MANY_CALLS_TO_DELEGATION:"limit_delegation",BLOCKED_IP_ADDRESS:"limit_mu",BLOCKED_ACCOUNT_IP:"limit_sul",BLOCKED_ACCOUNT_EMAIL:"limit_wc",MFA_REQUIRED:"mfar",MANAGEMENT_API_READ_OPERATION:"mgmt_api_read",FAILED_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_failed",SUCCESSFUL_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_succeeded",FAILED_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_failed",SUCCESSFUL_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_succeeded",ORGANIZATION_MEMBER_ADDED:"organization_member_added",PASSKEY_CHALLENGE_FAILED:"passkey_challenge_failed",PASSKEY_CHALLENGE_STARTED:"passkey_challenge_started",PRE_LOGIN_ASSESSMENT:"pla",BREACHED_PASSWORD:"pwd_leak",BREACHED_PASSWORD_ON_RESET:"reset_pwd_leak",SUCCESS_RESOURCE_CLEANUP:"resource_cleanup",RICH_CONSENTS_ACCESS_ERROR:"rich_consents_access_error",SUCCESS_LOGIN:"s",SUCCESS_API_OPERATION:"sapi",SUCCESS_CHANGE_EMAIL:"sce",SUCCESS_CROSS_ORIGIN_AUTHENTICATION:"scoa",SUCCESS_CHANGE_PASSWORD:"scp",SUCCESS_CHANGE_PHONE_NUMBER:"scpn",SUCCESS_CHANGE_PASSWORD_REQUEST:"scpr",SUCCESS_CHANGE_USERNAME:"scu",SUCCESS_CREDENTIAL_VALIDATION:"scv",SUCCESS_DELEGATION:"sd",SUCCESS_USER_DELETION:"sdu",SUCCESS_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"seacft",SUCCESS_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"seccft",SUCCESS_EXCHANGE_CUSTOM_TOKEN:"secte",SUCCESS_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"sede",SUCCESS_EXCHANGE_NATIVE_SOCIAL_LOGIN:"sens",SUCCESS_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"seoobft",SUCCESS_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"seotpft",SUCCESS_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"sepft",SUCCESS_EXCHANGE_PASSKEY_OOB_FOR_ACCESS_TOKEN:"sepkoobft",SUCCESS_EXCHANGE_PASSKEY_OTP_FOR_ACCESS_TOKEN:"sepkotpft",SUCCESS_EXCHANGE_PASSKEY_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sepkrcft",SUCCESS_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sercft",SUCCESS_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"sertft",SUCCESS_IMPERSONATION:"simp",SUCCESSFULLY_ACCEPTED_USER_INVITE:"si",BREACHED_PASSWORD_ON_SIGNUP:"signup_pwd_leak",SUCCESS_LOGOUT:"slo",SUCCESS_REVOCATION:"srrt",SUCCESS_SIGNUP:"ss",FAILED_SS_SSO_OPERATION:"ss_sso_failure",INFORMATION_FROM_SS_SSO_OPERATION:"ss_sso_info",SUCCESS_SS_SSO_OPERATION:"ss_sso_success",SUCCESS_SILENT_AUTH:"ssa",SUCCESSFUL_SCIM_OPERATION:"sscim",SUCCESSFULLY_IMPORTED_USERS:"sui",SUCCESS_VERIFICATION_EMAIL:"sv",SUCCESS_VERIFICATION_EMAIL_REQUEST:"svr",MAX_AMOUNT_OF_AUTHENTICATORS:"too_many_records",USER_LOGIN_BLOCK_RELEASED:"ublkdu",FAILED_UNIVERSAL_LOGOUT:"universal_logout_failed",SUCCESSFUL_UNIVERSAL_LOGOUT:"universal_logout_succeeded",WARNING_DURING_LOGIN:"w",WARNING_SENDING_NOTIFICATION:"wn",WARNING_USER_MANAGEMENT:"wum"},yo=e.z.string().refine(t=>Object.values(we).includes(t),{message:"Invalid log type"}),je=e.z.object({name:e.z.string(),version:e.z.string(),env:e.z.object({node:e.z.string().optional()}).optional()}),ke=e.z.object({country_code:e.z.string().length(2),city_name:e.z.string(),latitude:e.z.string(),longitude:e.z.string(),time_zone:e.z.string(),continent_code:e.z.string()}),Ue=e.z.object({type:yo,date:e.z.string(),description:e.z.string().optional(),ip:e.z.string().optional(),user_agent:e.z.string().optional(),details:e.z.any().optional(),isMobile:e.z.boolean(),user_id:e.z.string().optional(),user_name:e.z.string().optional(),connection:e.z.string().optional(),connection_id:e.z.string().optional(),client_id:e.z.string().optional(),client_name:e.z.string().optional(),audience:e.z.string().optional(),scope:e.z.string().optional(),strategy:e.z.string().optional(),strategy_type:e.z.string().optional(),hostname:e.z.string().optional(),auth0_client:je.optional(),log_id:e.z.string().optional(),location_info:ke.optional()}),To=e.z.object({...Ue.shape,log_id:e.z.string()}),Fe=e.z.object({id:e.z.string().optional(),user_id:e.z.string(),password:e.z.string(),algorithm:e.z.enum(["bcrypt","argon2id"]).default("argon2id"),is_current:e.z.boolean().default(true)}),Oo=Fe.extend({id:e.z.string(),created_at:e.z.string(),updated_at:e.z.string()}),ve=e.z.object({initial_user_agent:e.z.string().describe("First user agent of the device from which this user logged in"),initial_ip:e.z.string().describe("First IP address associated with this session"),initial_asn:e.z.string().describe("First autonomous system number associated with this session"),last_user_agent:e.z.string().describe("Last user agent of the device from which this user logged in"),last_ip:e.z.string().describe("Last IP address from which this user logged in"),last_asn:e.z.string().describe("Last autonomous system number from which this user logged in")}),xe=e.z.object({id:e.z.string(),revoked_at:e.z.string().optional(),used_at:e.z.string().optional(),user_id:e.z.string().describe("The user ID associated with the session"),expires_at:e.z.string().optional(),login_session_id:e.z.string(),idle_expires_at:e.z.string().optional(),device:ve.describe("Metadata related to the device used in the session"),clients:e.z.array(e.z.string()).describe("List of client details for the session")}),No=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),authenticated_at:e.z.string(),last_interaction_at:e.z.string(),...xe.shape}),Ro=e.z.object({kid:e.z.string().openapi({description:"The key id of the signing key"}),cert:e.z.string().openapi({description:"The public certificate of the signing key"}),fingerprint:e.z.string().openapi({description:"The cert fingerprint"}),thumbprint:e.z.string().openapi({description:"The cert thumbprint"}),pkcs7:e.z.string().optional().openapi({description:"The private key in pkcs7 format"}),current:e.z.boolean().optional().openapi({description:"True if the key is the current key"}),next:e.z.boolean().optional().openapi({description:"True if the key is the next key"}),previous:e.z.boolean().optional().openapi({description:"True if the key is the previous key"}),current_since:e.z.string().optional().openapi({description:"The date and time when the key became the current key"}),current_until:e.z.string().optional().openapi({description:"The date and time when the current key was rotated"}),revoked:e.z.boolean().optional().openapi({description:"True if the key is revoked"}),revoked_at:e.z.string().optional().openapi({description:"The date and time when the key was revoked"}),connection:e.z.string().optional().openapi({description:"The connection identifier associated with the key"}),type:e.z.enum(["jwt_signing","saml_encryption"]).openapi({description:"The type of the signing key"})});var Pe=(t=>(t.RefreshToken="refresh_token",t.AuthorizationCode="authorization_code",t.ClientCredential="client_credentials",t.Passwordless="passwordless",t.Password="password",t.OTP="http://auth0.com/oauth/grant-type/passwordless/otp",t))(Pe||{});const Do=e.z.object({access_token:e.z.string(),id_token:e.z.string().optional(),scope:e.z.string().optional(),state:e.z.string().optional(),refresh_token:e.z.string().optional(),token_type:e.z.string(),expires_in:e.z.number()});e.z.object({code:e.z.string(),state:e.z.string().optional()});const Me=e.z.object({button_border_radius:e.z.number(),button_border_weight:e.z.number(),buttons_style:e.z.enum(["pill","rounded","sharp"]),input_border_radius:e.z.number(),input_border_weight:e.z.number(),inputs_style:e.z.enum(["pill","rounded","sharp"]),show_widget_shadow:e.z.boolean(),widget_border_weight:e.z.number(),widget_corner_radius:e.z.number()}),He=e.z.object({base_focus_color:e.z.string(),base_hover_color:e.z.string(),body_text:e.z.string(),captcha_widget_theme:e.z.enum(["auto","dark","light"]),error:e.z.string(),header:e.z.string(),icons:e.z.string(),input_background:e.z.string(),input_border:e.z.string(),input_filled_text:e.z.string(),input_labels_placeholders:e.z.string(),links_focused_components:e.z.string(),primary_button:e.z.string(),primary_button_label:e.z.string(),secondary_button_border:e.z.string(),secondary_button_label:e.z.string(),success:e.z.string(),widget_background:e.z.string(),widget_border:e.z.string()}),r=e.z.object({bold:e.z.boolean(),size:e.z.number()}),Ge=e.z.object({body_text:r,buttons_text:r,font_url:e.z.string(),input_labels:r,links:r,links_style:e.z.enum(["normal","underlined"]),reference_text_size:e.z.number(),subtitle:r,title:r}),Be=e.z.object({background_color:e.z.string(),background_image_url:e.z.string(),page_layout:e.z.enum(["center","left","right"])}),Ke=e.z.object({header_text_alignment:e.z.enum(["center","left","right"]),logo_height:e.z.number(),logo_position:e.z.enum(["center","left","none","right"]),logo_url:e.z.string(),social_buttons_layout:e.z.enum(["bottom","top"])}),We=e.z.object({borders:Me,colors:He,displayName:e.z.string(),fonts:Ge,page_background:Be,widget:Ke}),Lo=We.extend({themeId:e.z.string()}),wo=e.z.object({universal_login_experience:e.z.enum(["new","classic"]).default("new"),identifier_first:e.z.boolean().default(true),password_first:e.z.boolean().default(false),webauthn_platform_first_factor:e.z.boolean()}),jo=e.z.object({name:e.z.string(),enabled:e.z.boolean().optional().default(true),default_from_address:e.z.string().optional(),credentials:e.z.union([e.z.object({accessKeyId:e.z.string(),secretAccessKey:e.z.string(),region:e.z.string()}),e.z.object({smtp_host:e.z.array(e.z.string()),smtp_port:e.z.number(),smtp_user:e.z.string(),smtp_pass:e.z.string()}),e.z.object({api_key:e.z.string(),domain:e.z.string().optional()}),e.z.object({connectionString:e.z.string()}),e.z.object({tenantId:e.z.string(),clientId:e.z.string(),clientSecret:e.z.string()})]),settings:e.z.object({}).optional()}),Ve=e.z.object({id:e.z.string(),session_id:e.z.string(),user_id:e.z.string(),client_id:e.z.string(),expires_at:e.z.string().optional(),idle_expires_at:e.z.string().optional(),last_exchanged_at:e.z.string().optional(),device:ve,resource_servers:e.z.array(e.z.object({audience:e.z.string(),scopes:e.z.string()})),rotating:e.z.boolean()}),ko=e.z.object({created_at:e.z.string(),...Ve.shape}),Uo=e.z.object({to:e.z.string(),message:e.z.string()}),Fo=e.z.object({name:e.z.string(),options:e.z.object({})}),Xe=e.z.object({value:e.z.string(),description:e.z.string().optional()}),qe=e.z.object({token_dialect:e.z.enum(["access_token","access_token_authz"]).optional(),enforce_policies:e.z.boolean().optional(),allow_skipping_userinfo:e.z.boolean().optional(),skip_userinfo:e.z.boolean().optional(),persist_client_authorization:e.z.boolean().optional(),enable_introspection_endpoint:e.z.boolean().optional(),mtls:e.z.object({bound_access_tokens:e.z.boolean().optional()}).optional()}),Ye=e.z.object({id:e.z.string().optional(),name:e.z.string(),identifier:e.z.string(),scopes:e.z.array(Xe).optional(),signing_alg:e.z.string().optional(),signing_secret:e.z.string().optional(),token_lifetime:e.z.number().optional(),token_lifetime_for_web:e.z.number().optional(),skip_consent_for_verifiable_first_party_clients:e.z.boolean().optional(),allow_offline_access:e.z.boolean().optional(),verificationKey:e.z.string().optional(),options:qe.optional(),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional()}),Qe=e.z.object({...Ye.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),vo=e.z.array(Qe),Je=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string()}),Ze=e.z.object({...Je.shape,created_at:e.z.string()}),xo=e.z.array(Ze),$e=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string(),organization_id:e.z.string().optional()}),et=e.z.object({...$e.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),Po=e.z.array(et),tt=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional(),organization_id:e.z.string().optional()}),Mo=e.z.array(tt),ot=e.z.object({user_id:e.z.string(),role_id:e.z.string(),organization_id:e.z.string().optional()}),nt=e.z.object({...ot.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),Ho=e.z.array(nt),it=e.z.object({id:e.z.string().optional().openapi({description:"The unique identifier of the role. If not provided, one will be generated."}),name:e.z.string().min(1).max(50).openapi({description:"The name of the role. Cannot include '<' or '>'"}),description:e.z.string().max(255).optional().openapi({description:"The description of the role"}),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional().openapi({description:"Metadata associated with the role. Can be used to control sync behavior in multi-tenancy scenarios."})}),at=it.extend({id:e.z.string().openapi({description:"The unique identifier of the role"}),created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),Go=e.z.array(at),rt=e.z.object({logo_url:e.z.string().optional().openapi({description:"URL of the organization's logo"}),colors:e.z.object({primary:e.z.string().optional().openapi({description:"Primary color in hex format (e.g., #FF0000)"}),page_background:e.z.string().optional().openapi({description:"Page background color in hex format (e.g., #FFFFFF)"})}).optional()}).optional(),st=e.z.object({connection_id:e.z.string().openapi({description:"ID of the connection"}),assign_membership_on_login:e.z.boolean().default(false).openapi({description:"Whether to assign membership to the organization on login"}),show_as_button:e.z.boolean().default(true).openapi({description:"Whether to show this connection as a button in the login screen"}),is_signup_enabled:e.z.boolean().default(true).openapi({description:"Whether signup is enabled for this connection"})}),lt=e.z.object({client_credentials:e.z.object({enforce:e.z.boolean().default(false).openapi({description:"Whether to enforce token quota limits"}),per_day:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per day (0 = unlimited)"}),per_hour:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per hour (0 = unlimited)"})}).optional()}).optional(),ct=e.z.object({id:e.z.string().optional(),name:e.z.string().min(1).regex(/^[a-z0-9_-]+$/,{message:"Organization name must be lowercase and can only contain letters, numbers, hyphens, and underscores"}).openapi({description:"The name of the organization. Must be lowercase and can only contain letters, numbers, hyphens, and underscores."}),display_name:e.z.string().optional().openapi({description:"The display name of the organization"}),branding:rt,metadata:e.z.record(e.z.any()).default({}).optional().openapi({description:"Custom metadata for the organization"}),enabled_connections:e.z.array(st).default([]).optional().openapi({description:"List of enabled connections for the organization"}),token_quota:lt}),Bo=e.z.object({...ct.shape,...s.shape,id:e.z.string(),name:e.z.string().min(1).openapi({description:"The name of the organization"})}),pt=e.z.object({user_id:e.z.string().openapi({description:"ID of the user"}),organization_id:e.z.string().openapi({description:"ID of the organization"})}),Ko=e.z.object({...pt.shape,...s.shape,id:e.z.string()}),Wo=e.z.object({idle_session_lifetime:e.z.number().optional(),session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),enable_client_connections:e.z.boolean().optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional()}).optional(),friendly_name:e.z.string().optional(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional()}),Vo=e.z.object({date:e.z.string().openapi({description:"Date these events occurred in ISO 8601 format",example:"2025-12-19"}),logins:e.z.number().openapi({description:"Number of logins on this date",example:150}),signups:e.z.number().openapi({description:"Number of signups on this date",example:25}),leaked_passwords:e.z.number().openapi({description:"Number of breached-password detections on this date (subscription required)",example:0}),updated_at:e.z.string().openapi({description:"Date and time this stats entry was last updated in ISO 8601 format",example:"2025-12-19T10:30:00.000Z"}),created_at:e.z.string().openapi({description:"Approximate date and time the first event occurred in ISO 8601 format",example:"2025-12-19T00:00:00.000Z"})}),Xo=e.z.number().openapi({description:"Number of active users in the last 30 days",example:1234});function qo(t){const[a,c]=t.split("|");if(!a||!c)throw new Error(`Invalid user_id: ${t}`);return {connection:a,id:c}}function Yo(t){const{primary:a,secondaries:c,syncMethods:_t=["create","update","remove","delete","set"]}=t,dt={get(d,n){if(typeof n=="symbol")return d[n];const z=d[n];return typeof z!="function"?z:_t.includes(n)?async(...u)=>{const zt=await z.apply(d,u),h=[];for(const p of c){const N=p.adapter[n];if(typeof N!="function")continue;const gt=(async()=>{try{await N.apply(p.adapter,u);}catch(R){try{p.onError?p.onError(R,n,u):console.error(`Passthrough adapter: secondary write failed for ${n}:`,R);}catch(mt){console.error(`Passthrough adapter: onError handler threw for ${n}:`,mt);}}})();p.blocking&&h.push(gt);}return h.length>0&&await Promise.all(h),zt}:z.bind(d)}};return new Proxy(a,dt)}function Qo(t){return t}exports.Auth0ActionEnum=ht;exports.Auth0Client=je;exports.AuthorizationResponseMode=A;exports.AuthorizationResponseType=E;exports.CodeChallengeMethod=I;exports.ComponentCategory=f;exports.ComponentType=b;exports.EmailActionEnum=St;exports.FlowActionTypeEnum=ut;exports.GrantType=Pe;exports.LocationInfo=ke;exports.LogTypes=we;exports.LoginSessionState=O;exports.NodeType=J;exports.RedirectTargetEnum=j;exports.actionNodeSchema=ee;exports.activeUsersResponseSchema=Xo;exports.auth0FlowInsertSchema=Ot;exports.auth0FlowSchema=ae;exports.auth0QuerySchema=ft;exports.auth0UpdateUserActionSchema=L;exports.auth0UserResponseSchema=At;exports.authParamsSchema=re;exports.baseUserSchema=S;exports.blockComponentSchema=he;exports.bordersSchema=Me;exports.brandingSchema=Nt;exports.buttonComponentSchema=V;exports.clientGrantInsertSchema=B;exports.clientGrantListSchema=Tt;exports.clientGrantSchema=K;exports.clientInsertSchema=H;exports.clientSchema=G;exports.codeInsertSchema=ze;exports.codeSchema=Dt;exports.codeTypeSchema=de;exports.colorsSchema=He;exports.componentMessageSchema=Ae;exports.componentSchema=Q;exports.connectionInsertSchema=le;exports.connectionOptionsSchema=se;exports.connectionSchema=ce;exports.coordinatesSchema=l;exports.createPassthroughAdapter=Yo;exports.createWriteOnlyAdapter=Qo;exports.customDomainInsertSchema=ge;exports.customDomainSchema=ue;exports.customDomainWithTenantIdSchema=Lt;exports.dailyStatsSchema=Vo;exports.emailProviderSchema=jo;exports.emailVerificationRulesSchema=D;exports.emailVerifyActionSchema=w;exports.endingSchema=ie;exports.fieldComponentSchema=be;exports.flowActionStepSchema=U;exports.flowInsertSchema=F;exports.flowSchema=bt;exports.flowsFieldComponentSchema=q;exports.flowsFlowNodeSchema=$;exports.flowsStepNodeSchema=Z;exports.fontDetailsSchema=r;exports.fontsSchema=Ge;exports.formControlSchema=ao;exports.formInsertSchema=Ee;exports.formNodeComponentDefinition=T;exports.formNodeSchema=fe;exports.formSchema=co;exports.genericComponentSchema=Y;exports.genericNodeSchema=te;exports.hookInsertSchema=ho;exports.hookSchema=fo;exports.identitySchema=x;exports.inviteInsertSchema=Ne;exports.inviteSchema=Eo;exports.inviteeSchema=Oe;exports.inviterSchema=Te;exports.isBlockComponent=_o;exports.isFieldComponent=go;exports.isWidgetComponent=zo;exports.jwksKeySchema=Ao;exports.jwksSchema=Re;exports.legacyClientSchema=Rt;exports.legalComponentSchema=X;exports.logInsertSchema=Ue;exports.logSchema=To;exports.loginSessionInsertSchema=Le;exports.loginSessionSchema=Co;exports.loginSessionStateSchema=De;exports.nodeSchema=oe;exports.openIDConfigurationSchema=Io;exports.organizationBrandingSchema=rt;exports.organizationEnabledConnectionSchema=st;exports.organizationInsertSchema=ct;exports.organizationSchema=Bo;exports.organizationTokenQuotaSchema=lt;exports.pageBackgroundSchema=Be;exports.parseUserId=qo;exports.passwordInsertSchema=Fe;exports.passwordSchema=Oo;exports.profileDataSchema=v;exports.promptSettingSchema=wo;exports.redirectActionSchema=k;exports.refreshTokenInsertSchema=Ve;exports.refreshTokenSchema=ko;exports.resourceServerInsertSchema=Ye;exports.resourceServerListSchema=vo;exports.resourceServerOptionsSchema=qe;exports.resourceServerSchema=Qe;exports.resourceServerScopeSchema=Xe;exports.richTextComponentSchema=W;exports.roleInsertSchema=it;exports.roleListSchema=Go;exports.rolePermissionInsertSchema=Je;exports.rolePermissionListSchema=xo;exports.rolePermissionSchema=Ze;exports.roleSchema=at;exports.screenLinkSchema=Ie;exports.sessionInsertSchema=xe;exports.sessionSchema=No;exports.signingKeySchema=Ro;exports.smsProviderSchema=Fo;exports.smsSendParamsSchema=Uo;exports.startSchema=ne;exports.tenantInsertSchema=pe;exports.tenantSchema=_e;exports.tenantSettingsSchema=Wo;exports.themeInsertSchema=We;exports.themeSchema=Lo;exports.tokenResponseSchema=Do;exports.totalsSchema=Et;exports.uiScreenSchema=po;exports.userInsertSchema=P;exports.userOrganizationInsertSchema=pt;exports.userOrganizationSchema=Ko;exports.userPermissionInsertSchema=$e;exports.userPermissionListSchema=Po;exports.userPermissionSchema=et;exports.userPermissionWithDetailsListSchema=Mo;exports.userPermissionWithDetailsSchema=tt;exports.userResponseSchema=It;exports.userRoleInsertSchema=ot;exports.userRoleListSchema=Ho;exports.userRoleSchema=nt;exports.userSchema=M;exports.verificationMethodsSchema=me;exports.widgetComponentSchema=Se;exports.widgetSchema=Ke;
8112
+ Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const e=require$$0,s=e.z.object({created_at:e.z.string(),updated_at:e.z.string()}),ht=e.z.enum(["AUTH0","EMAIL","REDIRECT"]),St=e.z.enum(["CREATE_USER","GET_USER","UPDATE_USER","SEND_REQUEST","SEND_EMAIL"]),bt=e.z.enum(["VERIFY_EMAIL"]),D=e.z.object({require_mx_record:e.z.boolean().optional(),block_aliases:e.z.boolean().optional(),block_free_emails:e.z.boolean().optional(),block_disposable_emails:e.z.boolean().optional(),blocklist:e.z.array(e.z.string()).optional(),allowlist:e.z.array(e.z.string()).optional()}),L=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("AUTH0"),action:e.z.literal("UPDATE_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({connection_id:e.z.string().optional(),user_id:e.z.string(),changes:e.z.record(e.z.string(),e.z.any())})}),w=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("EMAIL"),action:e.z.literal("VERIFY_EMAIL"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({email:e.z.string(),rules:D.optional()})}),j=e.z.enum(["change-email","account","custom"]),k=e.z.object({id:e.z.string(),alias:e.z.string().max(100).optional(),type:e.z.literal("REDIRECT"),action:e.z.literal("REDIRECT_USER"),allow_failure:e.z.boolean().optional(),mask_output:e.z.boolean().optional(),params:e.z.object({target:j.openapi({description:"The predefined target to redirect to, or 'custom' for a custom URL"}),custom_url:e.z.string().optional().openapi({description:"Custom URL to redirect to when target is 'custom'"})})}),U=e.z.union([L,w,k]),F=e.z.object({name:e.z.string().min(1).max(150).openapi({description:"The name of the flow"}),actions:e.z.array(U).optional().default([]).openapi({description:"The list of actions to execute in sequence"})}),ft=F.extend({...s.shape,id:e.z.string().openapi({description:"Unique identifier for the flow",example:"af_12tMpdJ3iek7svMyZkSh5M"})}),Et=e.z.object({page:e.z.string().min(0).optional().default("0").transform(t=>parseInt(t,10)).openapi({description:"The page number where 0 is the first page"}),per_page:e.z.string().min(1).optional().default("10").transform(t=>parseInt(t,10)).openapi({description:"The number of items per page"}),include_totals:e.z.string().optional().default("false").transform(t=>t==="true").openapi({description:"If the total number of items should be included in the response"}),sort:e.z.string().regex(/^.+:(-1|1)$/).optional().openapi({description:"A property that should have the format 'string:-1' or 'string:1'"}),q:e.z.string().optional().openapi({description:"A lucene query string used to filter the results"})}),At=e.z.object({start:e.z.number(),limit:e.z.number(),length:e.z.number(),total:e.z.number().optional()}),v=e.z.object({email:e.z.string().optional(),email_verified:e.z.boolean().optional(),name:e.z.string().optional(),username:e.z.string().optional(),given_name:e.z.string().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),family_name:e.z.string().optional()}).catchall(e.z.any()),x=e.z.object({connection:e.z.string(),user_id:e.z.string(),provider:e.z.string(),isSocial:e.z.boolean(),access_token:e.z.string().optional(),access_token_secret:e.z.string().optional(),refresh_token:e.z.string().optional(),profileData:v.optional()}),P=e.z.object({formatted:e.z.string().optional(),street_address:e.z.string().optional(),locality:e.z.string().optional(),region:e.z.string().optional(),postal_code:e.z.string().optional(),country:e.z.string().optional()}).optional(),S=e.z.object({email:e.z.string().optional().transform(t=>t&&t.toLowerCase()),username:e.z.string().optional(),phone_number:e.z.string().optional(),phone_verified:e.z.boolean().optional(),given_name:e.z.string().optional(),family_name:e.z.string().optional(),nickname:e.z.string().optional(),name:e.z.string().optional(),picture:e.z.string().optional(),locale:e.z.string().optional(),linked_to:e.z.string().optional(),profileData:e.z.string().optional(),user_id:e.z.string().optional(),app_metadata:e.z.any().default({}).optional(),user_metadata:e.z.any().default({}).optional(),middle_name:e.z.string().optional(),preferred_username:e.z.string().optional(),profile:e.z.string().optional(),website:e.z.string().optional(),gender:e.z.string().optional(),birthdate:e.z.string().optional(),zoneinfo:e.z.string().optional(),address:P}),M=S.extend({email_verified:e.z.boolean().default(false),verify_email:e.z.boolean().optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string().optional(),provider:e.z.string().optional(),connection:e.z.string(),is_social:e.z.boolean().optional()}),H=e.z.object({...M.shape,...s.shape,user_id:e.z.string(),provider:e.z.string(),is_social:e.z.boolean(),email:e.z.string().optional(),login_count:e.z.number().default(0),identities:e.z.array(x).optional()}),It=H,Ct=S.extend({login_count:e.z.number(),multifactor:e.z.array(e.z.string()).optional(),last_ip:e.z.string().optional(),last_login:e.z.string().optional(),user_id:e.z.string()}).catchall(e.z.any()),yt="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict";let Tt=(t=21)=>{let a="",c=crypto.getRandomValues(new Uint8Array(t|=0));for(;t--;)a+=yt[c[t]&63];return a};const G=e.z.object({client_id:e.z.string().openapi({description:"ID of this client."}),name:e.z.string().min(1).openapi({description:"Name of this client (min length: 1 character, does not allow < or >)."}),description:e.z.string().max(140).optional().openapi({description:"Free text description of this client (max length: 140 characters)."}),global:e.z.boolean().default(false).openapi({description:"Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false)."}),client_secret:e.z.string().default(()=>Tt()).optional().openapi({description:"Client secret (which you must not make public)."}),app_type:e.z.enum(["native","spa","regular_web","non_interactive","resource_server","express_configuration","rms","box","cloudbees","concur","dropbox","mscrm","echosign","egnyte","newrelic","office365","salesforce","sentry","sharepoint","slack","springcm","zendesk","zoom","sso_integration","oag"]).default("regular_web").optional().openapi({description:"The type of application this client represents"}),logo_uri:e.z.string().url().optional().openapi({description:"URL of the logo to display for this client. Recommended size is 150x150 pixels."}),is_first_party:e.z.boolean().default(false).openapi({description:"Whether this client a first party client (true) or not (false)."}),oidc_conformant:e.z.boolean().default(true).openapi({description:"Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false)."}),auth0_conformant:e.z.boolean().default(true).openapi({description:"Whether this client follows Auth0-compatible behavior (true) or strict OIDC behavior (false). When true, profile/email claims are included in the ID token when scopes are requested. When false, these claims are only available from the userinfo endpoint (strict OIDC 5.4 compliance)."}),callbacks:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication."}),allowed_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs."}),web_origins:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode."}),client_aliases:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of audiences/realms for SAML protocol. Used by the wsfed addon."}),allowed_clients:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed."}),connections:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of connection IDs enabled for this client. The order determines the display order on the login page."}),allowed_logout_urls:e.z.array(e.z.string()).default([]).optional().openapi({description:"Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains."}),session_transfer:e.z.record(e.z.any()).default({}).optional().openapi({description:"Native to Web SSO Configuration"}),oidc_logout:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration for OIDC backchannel logout"}),grant_types:e.z.array(e.z.string()).default([]).optional().openapi({description:"List of grant types supported for this application. Can include authorization_code, implicit, refresh_token, client_credentials, password, http://auth0.com/oauth/grant-type/password-realm, http://auth0.com/oauth/grant-type/mfa-oob, http://auth0.com/oauth/grant-type/mfa-otp, http://auth0.com/oauth/grant-type/mfa-recovery-code, urn:openid:params:grant-type:ciba, and urn:ietf:params:oauth:grant-type:device_code."}),jwt_configuration:e.z.record(e.z.any()).default({}).optional().openapi({description:"Configuration related to JWTs for the client."}),signing_keys:e.z.array(e.z.record(e.z.any())).default([]).optional().openapi({description:"Signing certificates associated with this client."}),encryption_key:e.z.record(e.z.any()).default({}).optional().openapi({description:"Encryption used for WsFed responses with this client."}),sso:e.z.boolean().default(false).openapi({description:"Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false)."}),sso_disabled:e.z.boolean().default(true).openapi({description:"Whether Single Sign On is disabled (true) or enabled (true). Defaults to true."}),cross_origin_authentication:e.z.boolean().default(false).openapi({description:"Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."}),cross_origin_loc:e.z.string().url().optional().openapi({description:"URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page."}),custom_login_page_on:e.z.boolean().default(false).openapi({description:"Whether a custom login page is to be used (true) or the default provided login page (false)."}),custom_login_page:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page."}),custom_login_page_preview:e.z.string().optional().openapi({description:"The content (HTML, CSS, JS) of the custom login page. (Used on Previews)"}),form_template:e.z.string().optional().openapi({description:"HTML form template to be used for WS-Federation."}),addons:e.z.record(e.z.any()).default({}).optional().openapi({description:"Addons enabled for this client and their associated configurations."}),token_endpoint_auth_method:e.z.enum(["none","client_secret_post","client_secret_basic"]).default("client_secret_basic").optional().openapi({description:"Defines the requested authentication method for the token endpoint. Can be none (public client without a client secret), client_secret_post (client uses HTTP POST parameters), or client_secret_basic (client uses HTTP Basic)."}),client_metadata:e.z.record(e.z.string().max(255)).default({}).optional().openapi({description:'Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?"/()<>@ [Tab][Space]'}),mobile:e.z.record(e.z.any()).default({}).optional().openapi({description:"Additional configuration for native mobile apps."}),initiate_login_uri:e.z.string().url().optional().openapi({description:"Initiate login uri, must be https"}),native_social_login:e.z.record(e.z.any()).default({}).optional(),refresh_token:e.z.record(e.z.any()).default({}).optional().openapi({description:"Refresh token configuration"}),default_organization:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines the default Organization ID and flows"}),organization_usage:e.z.enum(["deny","allow","require"]).default("deny").optional().openapi({description:"Defines how to proceed during an authentication transaction with regards an organization. Can be deny (default), allow or require."}),organization_require_behavior:e.z.enum(["no_prompt","pre_login_prompt","post_login_prompt"]).default("no_prompt").optional().openapi({description:"Defines how to proceed during an authentication transaction when client.organization_usage: 'require'. Can be no_prompt (default), pre_login_prompt or post_login_prompt. post_login_prompt requires oidc_conformant: true."}),client_authentication_methods:e.z.record(e.z.any()).default({}).optional().openapi({description:"Defines client authentication methods."}),require_pushed_authorization_requests:e.z.boolean().default(false).openapi({description:"Makes the use of Pushed Authorization Requests mandatory for this client"}),require_proof_of_possession:e.z.boolean().default(false).openapi({description:"Makes the use of Proof-of-Possession mandatory for this client"}),signed_request_object:e.z.record(e.z.any()).default({}).optional().openapi({description:"JWT-secured Authorization Requests (JAR) settings."}),compliance_level:e.z.enum(["none","fapi1_adv_pkj_par","fapi1_adv_mtls_par","fapi2_sp_pkj_mtls","fapi2_sp_mtls_mtls"]).optional().openapi({description:"Defines the compliance level for this client, which may restrict it's capabilities"}),par_request_expiry:e.z.number().optional().openapi({description:"Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"}),token_quota:e.z.record(e.z.any()).default({}).optional()}),B=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),...G.shape}),W=e.z.object({client_id:e.z.string().min(1).openapi({description:"ID of the client."}),audience:e.z.string().min(1).openapi({description:"The audience (API identifier) of this client grant."}),scope:e.z.array(e.z.string()).optional().openapi({description:"Scopes allowed for this client grant."}),organization_usage:e.z.enum(["deny","allow","require"]).optional().openapi({description:"Defines whether organizations can be used with client credentials exchanges for this grant."}),allow_any_organization:e.z.boolean().optional().openapi({description:"If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations."}),is_system:e.z.boolean().optional().openapi({description:"If enabled, this grant is a special grant created by Auth0. It cannot be modified or deleted directly."}),subject_type:e.z.enum(["client","user"]).optional().openapi({description:"The type of application access the client grant allows. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."}),authorization_details_types:e.z.array(e.z.string()).optional().openapi({description:"Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta's Master Subscription Agreement."})}),K=e.z.object({id:e.z.string().openapi({description:"ID of the client grant."}),...W.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),Ot=e.z.array(K),l=e.z.object({x:e.z.number(),y:e.z.number()});var b=(t=>(t.RICH_TEXT="RICH_TEXT",t.NEXT_BUTTON="NEXT_BUTTON",t.BACK_BUTTON="BACK_BUTTON",t.SUBMIT_BUTTON="SUBMIT_BUTTON",t.DIVIDER="DIVIDER",t.TEXT="TEXT",t.EMAIL="EMAIL",t.PASSWORD="PASSWORD",t.NUMBER="NUMBER",t.PHONE="PHONE",t.DATE="DATE",t.CHECKBOX="CHECKBOX",t.RADIO="RADIO",t.SELECT="SELECT",t.HIDDEN="HIDDEN",t.LEGAL="LEGAL",t))(b||{}),f=(t=>(t.BLOCK="BLOCK",t.FIELD="FIELD",t))(f||{});const g=e.z.object({id:e.z.string(),category:e.z.nativeEnum(f),type:e.z.nativeEnum(b)}),V=g.extend({category:e.z.literal("BLOCK"),type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string()}).passthrough()}),X=g.extend({category:e.z.literal("BLOCK"),type:e.z.union([e.z.literal("NEXT_BUTTON"),e.z.literal("BACK_BUTTON"),e.z.literal("SUBMIT_BUTTON")]),config:e.z.object({text:e.z.string()}).passthrough()}),q=g.extend({category:e.z.literal("FIELD"),type:e.z.literal("LEGAL"),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({text:e.z.string()}).passthrough()}),Y=g.extend({category:e.z.literal("FIELD"),type:e.z.union([e.z.literal("TEXT"),e.z.literal("EMAIL"),e.z.literal("PASSWORD"),e.z.literal("NUMBER"),e.z.literal("PHONE"),e.z.literal("DATE"),e.z.literal("CHECKBOX"),e.z.literal("RADIO"),e.z.literal("SELECT"),e.z.literal("HIDDEN")]),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional(),config:e.z.object({label:e.z.string().optional(),placeholder:e.z.string().optional()}).passthrough()}),Q=e.z.object({id:e.z.string(),category:e.z.string(),type:e.z.string()}).passthrough(),J=e.z.union([V,X,q,Y,Q]);var Z=(t=>(t.STEP="STEP",t.FLOW="FLOW",t.CONDITION="CONDITION",t.ACTION="ACTION",t))(Z||{});const $=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:l,alias:e.z.string().optional(),config:e.z.object({components:e.z.array(J),next_node:e.z.string()}).passthrough()}),ee=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:l,alias:e.z.string().optional(),config:e.z.object({flow_id:e.z.string(),next_node:e.z.string()})}),te=e.z.object({id:e.z.string(),type:e.z.literal("ACTION"),coordinates:l,alias:e.z.string().optional(),config:e.z.object({action_type:e.z.enum(["REDIRECT"]).openapi({description:"The type of action to perform"}),target:e.z.enum(["change-email","account","custom"]).openapi({description:"The predefined target to redirect to"}),custom_url:e.z.string().optional().openapi({description:"Custom URL when target is 'custom'"}),next_node:e.z.string().openapi({description:"The next node to navigate to after action (for non-redirect actions)"})}).passthrough()}),oe=e.z.object({id:e.z.string(),type:e.z.string(),coordinates:l}).passthrough(),ne=e.z.union([$,ee,te,oe]),ie=e.z.object({next_node:e.z.string(),coordinates:l}).passthrough(),ae=e.z.object({resume_flow:e.z.boolean().optional(),coordinates:l}).passthrough(),re=e.z.object({id:e.z.string(),name:e.z.string(),languages:e.z.object({primary:e.z.string()}).passthrough(),nodes:e.z.array(ne),start:ie,ending:ae,created_at:e.z.string(),updated_at:e.z.string(),links:e.z.object({sdkSrc:e.z.string().optional(),sdk_src:e.z.string().optional()}).passthrough()}).passthrough(),Nt=re.omit({id:true,created_at:true,updated_at:true});var E=(t=>(t.TOKEN="token",t.ID_TOKEN="id_token",t.TOKEN_ID_TOKEN="token id_token",t.CODE="code",t))(E||{}),A=(t=>(t.QUERY="query",t.FRAGMENT="fragment",t.FORM_POST="form_post",t.WEB_MESSAGE="web_message",t.SAML_POST="saml_post",t))(A||{}),I=(t=>(t.S256="S256",t.Plain="plain",t))(I||{});const se=e.z.object({client_id:e.z.string(),act_as:e.z.string().optional(),response_type:e.z.nativeEnum(E).optional(),response_mode:e.z.nativeEnum(A).optional(),redirect_uri:e.z.string().optional(),audience:e.z.string().optional(),organization:e.z.string().optional(),state:e.z.string().optional(),nonce:e.z.string().optional(),scope:e.z.string().optional(),prompt:e.z.string().optional(),code_challenge_method:e.z.nativeEnum(I).optional(),code_challenge:e.z.string().optional(),username:e.z.string().optional(),ui_locales:e.z.string().optional(),max_age:e.z.number().optional(),acr_values:e.z.string().optional(),vendor_id:e.z.string().optional()}),Rt=e.z.object({colors:e.z.object({primary:e.z.string(),page_background:e.z.object({type:e.z.string().optional(),start:e.z.string().optional(),end:e.z.string().optional(),angle_deg:e.z.number().optional()}).optional()}).optional(),logo_url:e.z.string().optional(),favicon_url:e.z.string().optional(),powered_by_logo_url:e.z.string().optional(),font:e.z.object({url:e.z.string()}).optional()}),le=e.z.object({kid:e.z.string().optional(),team_id:e.z.string().optional(),realms:e.z.string().optional(),authentication_method:e.z.string().optional(),client_id:e.z.string().optional(),client_secret:e.z.string().optional(),app_secret:e.z.string().optional(),scope:e.z.string().optional(),authorization_endpoint:e.z.string().optional(),token_endpoint:e.z.string().optional(),userinfo_endpoint:e.z.string().optional(),jwks_uri:e.z.string().optional(),discovery_url:e.z.string().optional(),issuer:e.z.string().optional(),provider:e.z.string().optional(),from:e.z.string().optional(),twilio_sid:e.z.string().optional(),twilio_token:e.z.string().optional(),icon_url:e.z.string().optional()}),ce=e.z.object({id:e.z.string().optional(),name:e.z.string(),display_name:e.z.string().optional(),strategy:e.z.string(),options:le.default({}),enabled_clients:e.z.array(e.z.string()).default([]).optional(),response_type:e.z.custom().optional(),response_mode:e.z.custom().optional(),is_domain_connection:e.z.boolean().optional(),show_as_button:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional(),is_system:e.z.boolean().optional()}),pe=e.z.object({id:e.z.string(),created_at:e.z.string().transform(t=>t===null?"":t),updated_at:e.z.string().transform(t=>t===null?"":t)}).extend(ce.shape),_e=e.z.object({id:e.z.string().optional(),audience:e.z.string(),friendly_name:e.z.string(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sender_email:e.z.string().email(),sender_name:e.z.string(),session_lifetime:e.z.number().optional(),idle_session_lifetime:e.z.number().optional(),ephemeral_session_lifetime:e.z.number().optional(),idle_ephemeral_session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),allowed_logout_urls:e.z.array(e.z.string()).optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_changing_enable_sso:e.z.boolean().optional(),allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),change_pwd_flow_v1:e.z.boolean().optional(),custom_domains_provisioning:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),disable_impersonation:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),enable_sso:e.z.boolean().optional(),enforce_client_authentication_on_passwordless_start:e.z.boolean().optional(),genai_trial:e.z.boolean().optional(),improved_signup_bot_detection_in_classic:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional(),no_disclose_enterprise_connections:e.z.boolean().optional(),remove_alg_from_jwks:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),trust_azure_adfs_email_verified_connection_property:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),inherit_global_permissions_in_organizations:e.z.boolean().optional()}).optional(),sandbox_version:e.z.string().optional(),legacy_sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean().optional(),html:e.z.string().optional()}).optional(),device_flow:e.z.object({charset:e.z.enum(["base20","digits"]).optional(),mask:e.z.string().max(20).optional()}).optional(),default_token_quota:e.z.object({clients:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional(),organizations:e.z.object({client_credentials:e.z.record(e.z.any()).optional()}).optional()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional(),oidc_logout:e.z.object({rp_logout_end_session_endpoint_discovery:e.z.boolean().optional()}).optional(),allow_organization_name_in_authentication_api:e.z.boolean().optional(),customize_mfa_in_postlogin_action:e.z.boolean().optional(),acr_values_supported:e.z.array(e.z.string()).optional(),mtls:e.z.object({enable_endpoint_aliases:e.z.boolean().optional()}).optional(),pushed_authorization_requests_supported:e.z.boolean().optional(),authorization_response_iss_parameter_supported:e.z.boolean().optional()}),de=e.z.object({created_at:e.z.string().nullable().transform(t=>t??""),updated_at:e.z.string().nullable().transform(t=>t??""),..._e.shape,id:e.z.string()}),Dt=e.z.object({...B.shape,tenant:de,connections:e.z.array(pe)}),ze=e.z.enum(["password_reset","email_verification","otp","authorization_code","oauth2_state","ticket"]),ge=e.z.object({code_id:e.z.string().openapi({description:"The code that will be used in for instance an email verification flow"}),login_id:e.z.string().openapi({description:"The id of the login session that the code is connected to"}),connection_id:e.z.string().optional().openapi({description:"The connection that the code is connected to"}),code_type:ze,code_verifier:e.z.string().optional().openapi({description:"The code verifier used in PKCE in outbound flows"}),code_challenge:e.z.string().optional().openapi({description:"The code challenge used in PKCE in outbound flows"}),code_challenge_method:e.z.enum(["plain","S256"]).optional().openapi({description:"The code challenge method used in PKCE in outbound flows"}),redirect_uri:e.z.string().optional().openapi({description:"The redirect URI associated with the code"}),nonce:e.z.string().optional().openapi({description:"The nonce value used for security in OIDC flows"}),state:e.z.string().optional().openapi({description:"The state parameter used for CSRF protection in OAuth flows"}),expires_at:e.z.string(),used_at:e.z.string().optional(),user_id:e.z.string().optional()}),Lt=e.z.object({...ge.shape,created_at:e.z.string()}),me=e.z.object({domain:e.z.string(),custom_domain_id:e.z.string().optional(),type:e.z.enum(["auth0_managed_certs","self_managed_certs"]),verification_method:e.z.enum(["txt"]).optional(),tls_policy:e.z.enum(["recommended"]).optional(),custom_client_ip_header:e.z.enum(["true-client-ip","cf-connecting-ip","x-forwarded-for","x-azure-clientip","null"]).optional(),domain_metadata:e.z.record(e.z.string().max(255)).optional()}),ue=e.z.object({name:e.z.literal("txt"),record:e.z.string(),domain:e.z.string()}),he=e.z.object({...me.shape,custom_domain_id:e.z.string(),primary:e.z.boolean(),status:e.z.enum(["disabled","pending","pending_verification","ready"]),origin_domain_name:e.z.string().optional(),verification:e.z.object({methods:e.z.array(ue)}).optional(),tls_policy:e.z.string().optional()}),wt=he.extend({tenant_id:e.z.string()}),C=e.z.object({id:e.z.string(),order:e.z.number().optional(),visible:e.z.boolean().optional().default(true)}),i=C.extend({category:e.z.literal("BLOCK").optional()}),jt=i.extend({type:e.z.literal("DIVIDER"),config:e.z.object({}).optional()}),kt=i.extend({type:e.z.literal("HTML"),config:e.z.object({content:e.z.string().optional()}).optional()}),Ut=i.extend({type:e.z.literal("IMAGE"),config:e.z.object({src:e.z.string().optional(),alt:e.z.string().optional(),width:e.z.number().optional(),height:e.z.number().optional()}).optional()}),Ft=i.extend({type:e.z.literal("JUMP_BUTTON"),config:e.z.object({text:e.z.string().optional(),target_step:e.z.string().optional()})}),vt=i.extend({type:e.z.literal("RESEND_BUTTON"),config:e.z.object({text:e.z.string().optional(),resend_action:e.z.string().optional()})}),xt=i.extend({type:e.z.literal("NEXT_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),Pt=i.extend({type:e.z.literal("PREVIOUS_BUTTON"),config:e.z.object({text:e.z.string().optional()})}),Mt=i.extend({type:e.z.literal("RICH_TEXT"),config:e.z.object({content:e.z.string().optional()}).optional()}),y=C.extend({category:e.z.literal("WIDGET").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Ht=y.extend({type:e.z.literal("AUTH0_VERIFIABLE_CREDENTIALS"),config:e.z.object({credential_type:e.z.string().optional()})}),Gt=y.extend({type:e.z.literal("GMAPS_ADDRESS"),config:e.z.object({api_key:e.z.string().optional()})}),Bt=y.extend({type:e.z.literal("RECAPTCHA"),config:e.z.object({site_key:e.z.string().optional()})}),o=C.extend({category:e.z.literal("FIELD").optional(),label:e.z.string().min(1).optional(),hint:e.z.string().min(1).max(500).optional(),required:e.z.boolean().optional(),sensitive:e.z.boolean().optional()}),Wt=o.extend({type:e.z.literal("BOOLEAN"),config:e.z.object({default_value:e.z.boolean().optional()}).optional()}),Kt=o.extend({type:e.z.literal("CARDS"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string(),description:e.z.string().optional(),image:e.z.string().optional()})).optional(),multi_select:e.z.boolean().optional()}).optional()}),Vt=o.extend({type:e.z.literal("CHOICE"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),display:e.z.enum(["radio","checkbox"]).optional()}).optional()}),Xt=o.extend({type:e.z.literal("CUSTOM"),config:e.z.object({component:e.z.string().optional(),props:e.z.record(e.z.any()).optional()})}),qt=o.extend({type:e.z.literal("DATE"),config:e.z.object({format:e.z.string().optional(),min:e.z.string().optional(),max:e.z.string().optional()}).optional()}),Yt=o.extend({type:e.z.literal("DROPDOWN"),config:e.z.object({options:e.z.array(e.z.object({value:e.z.string(),label:e.z.string()})).optional(),placeholder:e.z.string().optional(),searchable:e.z.boolean().optional()}).optional()}),Qt=o.extend({type:e.z.literal("EMAIL"),config:e.z.object({placeholder:e.z.string().optional()}).optional()}),Jt=o.extend({type:e.z.literal("FILE"),config:e.z.object({accept:e.z.string().optional(),max_size:e.z.number().optional(),multiple:e.z.boolean().optional()}).optional()}),Zt=o.extend({type:e.z.literal("LEGAL"),config:e.z.object({text:e.z.string(),html:e.z.boolean().optional()}).optional()}),$t=o.extend({type:e.z.literal("NUMBER"),config:e.z.object({placeholder:e.z.string().optional(),min:e.z.number().optional(),max:e.z.number().optional(),step:e.z.number().optional()}).optional()}),eo=o.extend({type:e.z.literal("PASSWORD"),config:e.z.object({placeholder:e.z.string().optional(),min_length:e.z.number().optional(),show_toggle:e.z.boolean().optional(),forgot_password_link:e.z.string().optional()}).optional()}),to=o.extend({type:e.z.literal("PAYMENT"),config:e.z.object({provider:e.z.string().optional(),currency:e.z.string().optional()}).optional()}),oo=o.extend({type:e.z.literal("SOCIAL"),config:e.z.object({providers:e.z.array(e.z.string()).optional()}).optional()}),no=o.extend({type:e.z.literal("TEL"),config:e.z.object({placeholder:e.z.string().optional(),default_country:e.z.string().optional()}).optional()}),io=o.extend({type:e.z.literal("TEXT"),config:e.z.object({placeholder:e.z.string().optional(),multiline:e.z.boolean().optional(),max_length:e.z.number().optional()}).optional()}),ao=o.extend({type:e.z.literal("URL"),config:e.z.object({placeholder:e.z.string().optional()}).optional()}),Se=e.z.discriminatedUnion("type",[jt,kt,Ut,Ft,vt,xt,Pt,Mt]),be=e.z.discriminatedUnion("type",[Ht,Gt,Bt]),fe=e.z.discriminatedUnion("type",[Wt,Kt,Vt,Xt,qt,Yt,Qt,Jt,Zt,$t,eo,to,oo,no,io,ao]),T=e.z.union([Se,be,fe]),ro=e.z.object({id:e.z.string(),type:e.z.literal("submit"),label:e.z.string(),className:e.z.string().optional(),disabled:e.z.boolean().optional().default(false),order:e.z.number().optional(),visible:e.z.boolean().optional().default(true),customizations:e.z.record(e.z.string(),e.z.any()).optional()}),_=e.z.object({x:e.z.number(),y:e.z.number()}),so=e.z.object({id:e.z.string(),type:e.z.literal("FLOW"),coordinates:_,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({flow_id:e.z.string().max(30),next_node:e.z.string().optional()})}),lo=e.z.object({id:e.z.string(),type:e.z.literal("ROUTER"),coordinates:_,alias:e.z.string().min(1).max(150),config:e.z.object({rules:e.z.array(e.z.object({id:e.z.string(),alias:e.z.string().min(1).max(150).optional(),condition:e.z.any(),next_node:e.z.string()})),fallback:e.z.string()})}),co=e.z.object({id:e.z.string(),type:e.z.literal("STEP"),coordinates:_,alias:e.z.string().min(1).max(150).optional(),config:e.z.object({components:e.z.array(T),next_node:e.z.string().optional()})}),Ee=e.z.discriminatedUnion("type",[so,lo,co]),Ae=e.z.object({name:e.z.string().openapi({description:"The name of the form"}),messages:e.z.object({errors:e.z.record(e.z.string(),e.z.any()).optional(),custom:e.z.record(e.z.string(),e.z.any()).optional()}).optional(),languages:e.z.object({primary:e.z.string().optional(),default:e.z.string().optional()}).optional(),translations:e.z.record(e.z.string(),e.z.any()).optional(),nodes:e.z.array(Ee).optional(),start:e.z.object({hidden_fields:e.z.array(e.z.object({key:e.z.string(),value:e.z.string()})).optional(),next_node:e.z.string().optional(),coordinates:_.optional()}).optional(),ending:e.z.object({redirection:e.z.object({delay:e.z.number().optional(),target:e.z.string().optional()}).optional(),after_submit:e.z.object({flow_id:e.z.string().optional()}).optional(),coordinates:_.optional(),resume_flow:e.z.boolean().optional()}).optional(),style:e.z.object({css:e.z.string().optional()}).optional()}).openapi({description:"Schema for flow-based forms (matches Auth0 Forms structure)"}),po=e.z.object({...s.shape,...Ae.shape,id:e.z.string()}),Ie=e.z.object({id:e.z.number().optional(),text:e.z.string(),type:e.z.enum(["info","error","success","warning"])}),Ce=e.z.object({id:e.z.string().optional(),text:e.z.string(),href:e.z.string(),linkText:e.z.string().optional()}),_o=e.z.object({action:e.z.string(),method:e.z.enum(["POST","GET"]),title:e.z.string().optional(),description:e.z.string().optional(),components:e.z.array(T),messages:e.z.array(Ie).optional(),links:e.z.array(Ce).optional()});function zo(t){return t.category==="BLOCK"}function go(t){return t.category==="WIDGET"}function mo(t){return t.category==="FIELD"}const ye=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),Te=e.z.enum(["pre-user-registration","post-user-registration","post-user-login","validate-registration-username","pre-user-deletion","post-user-deletion"]),m={enabled:e.z.boolean().default(false),synchronous:e.z.boolean().default(false),priority:e.z.number().optional(),hook_id:e.z.string().optional()},uo=e.z.object({...m,trigger_id:ye,url:e.z.string()}),ho=e.z.object({...m,trigger_id:Te,form_id:e.z.string()}),So=e.z.union([uo,ho]),bo=e.z.object({...m,trigger_id:ye,...s.shape,hook_id:e.z.string(),url:e.z.string()}),fo=e.z.object({...m,trigger_id:Te,...s.shape,hook_id:e.z.string(),form_id:e.z.string()}),Eo=e.z.union([bo,fo]),Oe=e.z.object({name:e.z.string().optional()}),Ne=e.z.object({email:e.z.string().optional()}),Re=e.z.object({organization_id:e.z.string().max(50),inviter:Oe,invitee:Ne,invitation_url:e.z.string().url(),client_id:e.z.string(),connection_id:e.z.string().optional(),app_metadata:e.z.record(e.z.any()).default({}).optional(),user_metadata:e.z.record(e.z.any()).default({}).optional(),ttl_sec:e.z.number().int().max(2592e3).default(604800).optional(),roles:e.z.array(e.z.string()).default([]).optional(),send_invitation_email:e.z.boolean().default(true).optional()}),Ao=e.z.object({id:e.z.string(),organization_id:e.z.string().max(50),created_at:e.z.string().datetime(),expires_at:e.z.string().datetime(),ticket_id:e.z.string().optional()}).extend(Re.shape),De=e.z.object({alg:e.z.enum(["RS256","RS384","RS512","ES256","ES384","ES512","HS256","HS384","HS512"]),e:e.z.string(),kid:e.z.string(),kty:e.z.enum(["RSA","EC","oct"]),n:e.z.string(),x5t:e.z.string().optional(),x5c:e.z.array(e.z.string()).optional(),use:e.z.enum(["sig","enc"]).optional()}),Io=e.z.object({keys:e.z.array(De)}),Co=e.z.object({issuer:e.z.string(),authorization_endpoint:e.z.string(),token_endpoint:e.z.string(),device_authorization_endpoint:e.z.string(),userinfo_endpoint:e.z.string(),mfa_challenge_endpoint:e.z.string(),jwks_uri:e.z.string(),registration_endpoint:e.z.string(),revocation_endpoint:e.z.string(),scopes_supported:e.z.array(e.z.string()),response_types_supported:e.z.array(e.z.string()),code_challenge_methods_supported:e.z.array(e.z.string()),response_modes_supported:e.z.array(e.z.string()),subject_types_supported:e.z.array(e.z.string()),id_token_signing_alg_values_supported:e.z.array(e.z.string()),token_endpoint_auth_methods_supported:e.z.array(e.z.string()),claims_supported:e.z.array(e.z.string()),request_uri_parameter_supported:e.z.boolean(),request_parameter_supported:e.z.boolean(),token_endpoint_auth_signing_alg_values_supported:e.z.array(e.z.string())});var O=(t=>(t.PENDING="pending",t.AUTHENTICATED="authenticated",t.AWAITING_EMAIL_VERIFICATION="awaiting_email_verification",t.AWAITING_HOOK="awaiting_hook",t.AWAITING_CONTINUATION="awaiting_continuation",t.COMPLETED="completed",t.FAILED="failed",t.EXPIRED="expired",t))(O||{});const Le=e.z.nativeEnum(O),we=e.z.object({csrf_token:e.z.string(),auth0Client:e.z.string().optional(),authParams:se,expires_at:e.z.string(),deleted_at:e.z.string().optional(),ip:e.z.string().optional(),useragent:e.z.string().optional(),session_id:e.z.string().optional(),authorization_url:e.z.string().optional(),state:Le.optional().default("pending"),state_data:e.z.string().optional(),failure_reason:e.z.string().optional(),user_id:e.z.string().optional()}).openapi({description:"This represents a login sesion"}),yo=e.z.object({...we.shape,id:e.z.string().openapi({description:"This is is used as the state in the universal login"}),created_at:e.z.string(),updated_at:e.z.string()}),je={ACLS_SUMMARY:"acls_summary",ACTIONS_EXECUTION_FAILED:"actions_execution_failed",API_LIMIT:"api_limit",API_LIMIT_WARNING:"api_limit_warning",APPI:"appi",CIBA_EXCHANGE_FAILED:"ciba_exchange_failed",CIBA_EXCHANGE_SUCCEEDED:"ciba_exchange_succeeded",CIBA_START_FAILED:"ciba_start_failed",CIBA_START_SUCCEEDED:"ciba_start_succeeded",CODE_LINK_SENT:"cls",CODE_SENT:"cs",DEPRECATION_NOTICE:"depnote",FAILED_LOGIN:"f",FAILED_BY_CONNECTOR:"fc",FAILED_CHANGE_EMAIL:"fce",FAILED_BY_CORS:"fco",FAILED_CROSS_ORIGIN_AUTHENTICATION:"fcoa",FAILED_CHANGE_PASSWORD:"fcp",FAILED_POST_CHANGE_PASSWORD_HOOK:"fcph",FAILED_CHANGE_PHONE_NUMBER:"fcpn",FAILED_CHANGE_PASSWORD_REQUEST:"fcpr",FAILED_CONNECTOR_PROVISIONING:"fcpro",FAILED_CHANGE_USERNAME:"fcu",FAILED_DELEGATION:"fd",FAILED_DEVICE_ACTIVATION:"fdeac",FAILED_DEVICE_AUTHORIZATION_REQUEST:"fdeaz",USER_CANCELED_DEVICE_CONFIRMATION:"fdecc",FAILED_USER_DELETION:"fdu",FAILED_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"feacft",FAILED_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"feccft",FAILED_EXCHANGE_CUSTOM_TOKEN:"fecte",FAILED_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"fede",FAILED_FEDERATED_LOGOUT:"federated_logout_failed",FAILED_EXCHANGE_NATIVE_SOCIAL_LOGIN:"fens",FAILED_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"feoobft",FAILED_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"feotpft",FAILED_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"fepft",FAILED_EXCHANGE_PASSWORDLESS_OTP_FOR_ACCESS_TOKEN:"fepotpft",FAILED_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"fercft",FAILED_EXCHANGE_ROTATING_REFRESH_TOKEN:"ferrt",FAILED_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"fertft",FAILED_HOOK:"fh",FAILED_IMPERSONATION:"fimp",FAILED_INVITE_ACCEPT:"fi",FAILED_LOGOUT:"flo",FLOWS_EXECUTION_COMPLETED:"flows_execution_completed",FLOWS_EXECUTION_FAILED:"flows_execution_failed",FAILED_SENDING_NOTIFICATION:"fn",FORMS_SUBMISSION_FAILED:"forms_submission_failed",FORMS_SUBMISSION_SUCCEEDED:"forms_submission_succeeded",FAILED_LOGIN_INCORRECT_PASSWORD:"fp",FAILED_PUSHED_AUTHORIZATION_REQUEST:"fpar",FAILED_POST_USER_REGISTRATION_HOOK:"fpurh",FAILED_SIGNUP:"fs",FAILED_SILENT_AUTH:"fsa",FAILED_LOGIN_INVALID_EMAIL_USERNAME:"fu",FAILED_USERS_IMPORT:"fui",FAILED_VERIFICATION_EMAIL:"fv",FAILED_VERIFICATION_EMAIL_REQUEST:"fvr",EMAIL_VERIFICATION_CONFIRMED:"gd_auth_email_verification",EMAIL_VERIFICATION_FAILED:"gd_auth_fail_email_verification",MFA_AUTH_FAILED:"gd_auth_failed",MFA_AUTH_REJECTED:"gd_auth_rejected",MFA_AUTH_SUCCESS:"gd_auth_succeed",MFA_ENROLLMENT_COMPLETE:"gd_enrollment_complete",TOO_MANY_MFA_FAILURES:"gd_otp_rate_limit_exceed",MFA_RECOVERY_FAILED:"gd_recovery_failed",MFA_RECOVERY_RATE_LIMIT_EXCEED:"gd_recovery_rate_limit_exceed",MFA_RECOVERY_SUCCESS:"gd_recovery_succeed",MFA_EMAIL_SENT:"gd_send_email",EMAIL_VERIFICATION_SENT:"gd_send_email_verification",EMAIL_VERIFICATION_SEND_FAILURE:"gd_send_email_verification_failure",PUSH_NOTIFICATION_SENT:"gd_send_pn",ERROR_SENDING_MFA_PUSH_NOTIFICATION:"gd_send_pn_failure",MFA_SMS_SENT:"gd_send_sms",ERROR_SENDING_MFA_SMS:"gd_send_sms_failure",MFA_VOICE_CALL_SUCCESS:"gd_send_voice",MFA_VOICE_CALL_FAILED:"gd_send_voice_failure",SECOND_FACTOR_STARTED:"gd_start_auth",MFA_ENROLL_STARTED:"gd_start_enroll",MFA_ENROLLMENT_FAILED:"gd_start_enroll_failed",GUARDIAN_TENANT_UPDATE:"gd_tenant_update",UNENROLL_DEVICE_ACCOUNT:"gd_unenroll",UPDATE_DEVICE_ACCOUNT:"gd_update_device_account",WEBAUTHN_CHALLENGE_FAILED:"gd_webauthn_challenge_failed",WEBAUTHN_ENROLLMENT_FAILED:"gd_webauthn_enrollment_failed",FAILED_KMS_API_OPERATION:"kms_key_management_failure",SUCCESS_KMS_API_OPERATION:"kms_key_management_success",KMS_KEY_STATE_CHANGED:"kms_key_state_changed",TOO_MANY_CALLS_TO_DELEGATION:"limit_delegation",BLOCKED_IP_ADDRESS:"limit_mu",BLOCKED_ACCOUNT_IP:"limit_sul",BLOCKED_ACCOUNT_EMAIL:"limit_wc",MFA_REQUIRED:"mfar",MANAGEMENT_API_READ_OPERATION:"mgmt_api_read",FAILED_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_failed",SUCCESSFUL_AUTHENTICATION_METHOD_OPERATION_MY_ACCOUNT:"my_account_authentication_method_succeeded",FAILED_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_failed",SUCCESSFUL_OIDC_BACKCHANNEL_LOGOUT:"oidc_backchannel_logout_succeeded",ORGANIZATION_MEMBER_ADDED:"organization_member_added",PASSKEY_CHALLENGE_FAILED:"passkey_challenge_failed",PASSKEY_CHALLENGE_STARTED:"passkey_challenge_started",PRE_LOGIN_ASSESSMENT:"pla",BREACHED_PASSWORD:"pwd_leak",BREACHED_PASSWORD_ON_RESET:"reset_pwd_leak",SUCCESS_RESOURCE_CLEANUP:"resource_cleanup",RICH_CONSENTS_ACCESS_ERROR:"rich_consents_access_error",SUCCESS_LOGIN:"s",SUCCESS_API_OPERATION:"sapi",SUCCESS_CHANGE_EMAIL:"sce",SUCCESS_CROSS_ORIGIN_AUTHENTICATION:"scoa",SUCCESS_CHANGE_PASSWORD:"scp",SUCCESS_CHANGE_PHONE_NUMBER:"scpn",SUCCESS_CHANGE_PASSWORD_REQUEST:"scpr",SUCCESS_CHANGE_USERNAME:"scu",SUCCESS_CREDENTIAL_VALIDATION:"scv",SUCCESS_DELEGATION:"sd",SUCCESS_USER_DELETION:"sdu",SUCCESS_EXCHANGE_AUTHORIZATION_CODE_FOR_ACCESS_TOKEN:"seacft",SUCCESS_EXCHANGE_ACCESS_TOKEN_FOR_CLIENT_CREDENTIALS:"seccft",SUCCESS_EXCHANGE_CUSTOM_TOKEN:"secte",SUCCESS_EXCHANGE_DEVICE_CODE_FOR_ACCESS_TOKEN:"sede",SUCCESS_EXCHANGE_NATIVE_SOCIAL_LOGIN:"sens",SUCCESS_EXCHANGE_PASSWORD_OOB_FOR_ACCESS_TOKEN:"seoobft",SUCCESS_EXCHANGE_PASSWORD_OTP_FOR_ACCESS_TOKEN:"seotpft",SUCCESS_EXCHANGE_PASSWORD_FOR_ACCESS_TOKEN:"sepft",SUCCESS_EXCHANGE_PASSKEY_OOB_FOR_ACCESS_TOKEN:"sepkoobft",SUCCESS_EXCHANGE_PASSKEY_OTP_FOR_ACCESS_TOKEN:"sepkotpft",SUCCESS_EXCHANGE_PASSKEY_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sepkrcft",SUCCESS_EXCHANGE_PASSWORD_MFA_RECOVERY_FOR_ACCESS_TOKEN:"sercft",SUCCESS_EXCHANGE_REFRESH_TOKEN_FOR_ACCESS_TOKEN:"sertft",SUCCESS_IMPERSONATION:"simp",SUCCESSFULLY_ACCEPTED_USER_INVITE:"si",BREACHED_PASSWORD_ON_SIGNUP:"signup_pwd_leak",SUCCESS_LOGOUT:"slo",SUCCESS_REVOCATION:"srrt",SUCCESS_SIGNUP:"ss",FAILED_SS_SSO_OPERATION:"ss_sso_failure",INFORMATION_FROM_SS_SSO_OPERATION:"ss_sso_info",SUCCESS_SS_SSO_OPERATION:"ss_sso_success",SUCCESS_SILENT_AUTH:"ssa",SUCCESSFUL_SCIM_OPERATION:"sscim",SUCCESSFULLY_IMPORTED_USERS:"sui",SUCCESS_VERIFICATION_EMAIL:"sv",SUCCESS_VERIFICATION_EMAIL_REQUEST:"svr",MAX_AMOUNT_OF_AUTHENTICATORS:"too_many_records",USER_LOGIN_BLOCK_RELEASED:"ublkdu",FAILED_UNIVERSAL_LOGOUT:"universal_logout_failed",SUCCESSFUL_UNIVERSAL_LOGOUT:"universal_logout_succeeded",WARNING_DURING_LOGIN:"w",WARNING_SENDING_NOTIFICATION:"wn",WARNING_USER_MANAGEMENT:"wum"},To=e.z.string().refine(t=>Object.values(je).includes(t),{message:"Invalid log type"}),ke=e.z.object({name:e.z.string(),version:e.z.string(),env:e.z.object({node:e.z.string().optional()}).optional()}),Ue=e.z.object({country_code:e.z.string().length(2),city_name:e.z.string(),latitude:e.z.string(),longitude:e.z.string(),time_zone:e.z.string(),continent_code:e.z.string()}),Fe=e.z.object({type:To,date:e.z.string(),description:e.z.string().optional(),ip:e.z.string().optional(),user_agent:e.z.string().optional(),details:e.z.any().optional(),isMobile:e.z.boolean(),user_id:e.z.string().optional(),user_name:e.z.string().optional(),connection:e.z.string().optional(),connection_id:e.z.string().optional(),client_id:e.z.string().optional(),client_name:e.z.string().optional(),audience:e.z.string().optional(),scope:e.z.string().optional(),strategy:e.z.string().optional(),strategy_type:e.z.string().optional(),hostname:e.z.string().optional(),auth0_client:ke.optional(),log_id:e.z.string().optional(),location_info:Ue.optional()}),Oo=e.z.object({...Fe.shape,log_id:e.z.string()}),ve=e.z.object({id:e.z.string().optional(),user_id:e.z.string(),password:e.z.string(),algorithm:e.z.enum(["bcrypt","argon2id"]).default("argon2id"),is_current:e.z.boolean().default(true)}),No=ve.extend({id:e.z.string(),created_at:e.z.string(),updated_at:e.z.string()}),xe=e.z.object({initial_user_agent:e.z.string().describe("First user agent of the device from which this user logged in"),initial_ip:e.z.string().describe("First IP address associated with this session"),initial_asn:e.z.string().describe("First autonomous system number associated with this session"),last_user_agent:e.z.string().describe("Last user agent of the device from which this user logged in"),last_ip:e.z.string().describe("Last IP address from which this user logged in"),last_asn:e.z.string().describe("Last autonomous system number from which this user logged in")}),Pe=e.z.object({id:e.z.string(),revoked_at:e.z.string().optional(),used_at:e.z.string().optional(),user_id:e.z.string().describe("The user ID associated with the session"),expires_at:e.z.string().optional(),login_session_id:e.z.string(),idle_expires_at:e.z.string().optional(),device:xe.describe("Metadata related to the device used in the session"),clients:e.z.array(e.z.string()).describe("List of client details for the session")}),Ro=e.z.object({created_at:e.z.string(),updated_at:e.z.string(),authenticated_at:e.z.string(),last_interaction_at:e.z.string(),...Pe.shape}),Do=e.z.object({kid:e.z.string().openapi({description:"The key id of the signing key"}),cert:e.z.string().openapi({description:"The public certificate of the signing key"}),fingerprint:e.z.string().openapi({description:"The cert fingerprint"}),thumbprint:e.z.string().openapi({description:"The cert thumbprint"}),pkcs7:e.z.string().optional().openapi({description:"The private key in pkcs7 format"}),current:e.z.boolean().optional().openapi({description:"True if the key is the current key"}),next:e.z.boolean().optional().openapi({description:"True if the key is the next key"}),previous:e.z.boolean().optional().openapi({description:"True if the key is the previous key"}),current_since:e.z.string().optional().openapi({description:"The date and time when the key became the current key"}),current_until:e.z.string().optional().openapi({description:"The date and time when the current key was rotated"}),revoked:e.z.boolean().optional().openapi({description:"True if the key is revoked"}),revoked_at:e.z.string().optional().openapi({description:"The date and time when the key was revoked"}),connection:e.z.string().optional().openapi({description:"The connection identifier associated with the key"}),type:e.z.enum(["jwt_signing","saml_encryption"]).openapi({description:"The type of the signing key"})});var Me=(t=>(t.RefreshToken="refresh_token",t.AuthorizationCode="authorization_code",t.ClientCredential="client_credentials",t.Passwordless="passwordless",t.Password="password",t.OTP="http://auth0.com/oauth/grant-type/passwordless/otp",t))(Me||{});const Lo=e.z.object({access_token:e.z.string(),id_token:e.z.string().optional(),scope:e.z.string().optional(),state:e.z.string().optional(),refresh_token:e.z.string().optional(),token_type:e.z.string(),expires_in:e.z.number()});e.z.object({code:e.z.string(),state:e.z.string().optional()});const He=e.z.object({button_border_radius:e.z.number(),button_border_weight:e.z.number(),buttons_style:e.z.enum(["pill","rounded","sharp"]),input_border_radius:e.z.number(),input_border_weight:e.z.number(),inputs_style:e.z.enum(["pill","rounded","sharp"]),show_widget_shadow:e.z.boolean(),widget_border_weight:e.z.number(),widget_corner_radius:e.z.number()}),Ge=e.z.object({base_focus_color:e.z.string(),base_hover_color:e.z.string(),body_text:e.z.string(),captcha_widget_theme:e.z.enum(["auto","dark","light"]),error:e.z.string(),header:e.z.string(),icons:e.z.string(),input_background:e.z.string(),input_border:e.z.string(),input_filled_text:e.z.string(),input_labels_placeholders:e.z.string(),links_focused_components:e.z.string(),primary_button:e.z.string(),primary_button_label:e.z.string(),secondary_button_border:e.z.string(),secondary_button_label:e.z.string(),success:e.z.string(),widget_background:e.z.string(),widget_border:e.z.string()}),r=e.z.object({bold:e.z.boolean(),size:e.z.number()}),Be=e.z.object({body_text:r,buttons_text:r,font_url:e.z.string(),input_labels:r,links:r,links_style:e.z.enum(["normal","underlined"]),reference_text_size:e.z.number(),subtitle:r,title:r}),We=e.z.object({background_color:e.z.string(),background_image_url:e.z.string(),page_layout:e.z.enum(["center","left","right"])}),Ke=e.z.object({header_text_alignment:e.z.enum(["center","left","right"]),logo_height:e.z.number(),logo_position:e.z.enum(["center","left","none","right"]),logo_url:e.z.string(),social_buttons_layout:e.z.enum(["bottom","top"])}),Ve=e.z.object({borders:He,colors:Ge,displayName:e.z.string(),fonts:Be,page_background:We,widget:Ke}),wo=Ve.extend({themeId:e.z.string()}),jo=e.z.object({universal_login_experience:e.z.enum(["new","classic"]).default("new"),identifier_first:e.z.boolean().default(true),password_first:e.z.boolean().default(false),webauthn_platform_first_factor:e.z.boolean()}),ko=e.z.object({name:e.z.string(),enabled:e.z.boolean().optional().default(true),default_from_address:e.z.string().optional(),credentials:e.z.union([e.z.object({accessKeyId:e.z.string(),secretAccessKey:e.z.string(),region:e.z.string()}),e.z.object({smtp_host:e.z.array(e.z.string()),smtp_port:e.z.number(),smtp_user:e.z.string(),smtp_pass:e.z.string()}),e.z.object({api_key:e.z.string(),domain:e.z.string().optional()}),e.z.object({connectionString:e.z.string()}),e.z.object({tenantId:e.z.string(),clientId:e.z.string(),clientSecret:e.z.string()})]),settings:e.z.object({}).optional()}),Xe=e.z.object({id:e.z.string(),session_id:e.z.string(),user_id:e.z.string(),client_id:e.z.string(),expires_at:e.z.string().optional(),idle_expires_at:e.z.string().optional(),last_exchanged_at:e.z.string().optional(),device:xe,resource_servers:e.z.array(e.z.object({audience:e.z.string(),scopes:e.z.string()})),rotating:e.z.boolean()}),Uo=e.z.object({created_at:e.z.string(),...Xe.shape}),Fo=e.z.object({to:e.z.string(),message:e.z.string()}),vo=e.z.object({name:e.z.string(),options:e.z.object({})}),qe=e.z.object({value:e.z.string(),description:e.z.string().optional()}),Ye=e.z.object({token_dialect:e.z.enum(["access_token","access_token_authz"]).optional(),enforce_policies:e.z.boolean().optional(),allow_skipping_userinfo:e.z.boolean().optional(),skip_userinfo:e.z.boolean().optional(),persist_client_authorization:e.z.boolean().optional(),enable_introspection_endpoint:e.z.boolean().optional(),mtls:e.z.object({bound_access_tokens:e.z.boolean().optional()}).optional()}),Qe=e.z.object({id:e.z.string().optional(),name:e.z.string(),identifier:e.z.string(),scopes:e.z.array(qe).optional(),signing_alg:e.z.string().optional(),signing_secret:e.z.string().optional(),token_lifetime:e.z.number().optional(),token_lifetime_for_web:e.z.number().optional(),skip_consent_for_verifiable_first_party_clients:e.z.boolean().optional(),allow_offline_access:e.z.boolean().optional(),verificationKey:e.z.string().optional(),options:Ye.optional(),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional()}),Je=e.z.object({...Qe.shape,created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),xo=e.z.array(Je),Ze=e.z.object({role_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string()}),$e=e.z.object({...Ze.shape,created_at:e.z.string()}),Po=e.z.array($e),et=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),permission_name:e.z.string(),organization_id:e.z.string().optional()}),tt=e.z.object({...et.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),Mo=e.z.array(tt),ot=e.z.object({user_id:e.z.string(),resource_server_identifier:e.z.string(),resource_server_name:e.z.string(),permission_name:e.z.string(),description:e.z.string().nullable().optional(),created_at:e.z.string().optional(),organization_id:e.z.string().optional()}),Ho=e.z.array(ot),nt=e.z.object({user_id:e.z.string(),role_id:e.z.string(),organization_id:e.z.string().optional()}),it=e.z.object({...nt.shape,tenant_id:e.z.string(),created_at:e.z.string().optional()}),Go=e.z.array(it),at=e.z.object({id:e.z.string().optional().openapi({description:"The unique identifier of the role. If not provided, one will be generated."}),name:e.z.string().min(1).max(50).openapi({description:"The name of the role. Cannot include '<' or '>'"}),description:e.z.string().max(255).optional().openapi({description:"The description of the role"}),is_system:e.z.boolean().optional(),metadata:e.z.record(e.z.any()).optional().openapi({description:"Metadata associated with the role. Can be used to control sync behavior in multi-tenancy scenarios."})}),rt=at.extend({id:e.z.string().openapi({description:"The unique identifier of the role"}),created_at:e.z.string().optional(),updated_at:e.z.string().optional()}),Bo=e.z.array(rt),st=e.z.object({logo_url:e.z.string().optional().openapi({description:"URL of the organization's logo"}),colors:e.z.object({primary:e.z.string().optional().openapi({description:"Primary color in hex format (e.g., #FF0000)"}),page_background:e.z.string().optional().openapi({description:"Page background color in hex format (e.g., #FFFFFF)"})}).optional()}).optional(),lt=e.z.object({connection_id:e.z.string().openapi({description:"ID of the connection"}),assign_membership_on_login:e.z.boolean().default(false).openapi({description:"Whether to assign membership to the organization on login"}),show_as_button:e.z.boolean().default(true).openapi({description:"Whether to show this connection as a button in the login screen"}),is_signup_enabled:e.z.boolean().default(true).openapi({description:"Whether signup is enabled for this connection"})}),ct=e.z.object({client_credentials:e.z.object({enforce:e.z.boolean().default(false).openapi({description:"Whether to enforce token quota limits"}),per_day:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per day (0 = unlimited)"}),per_hour:e.z.number().min(0).default(0).openapi({description:"Maximum tokens per hour (0 = unlimited)"})}).optional()}).optional(),pt=e.z.object({id:e.z.string().optional(),name:e.z.string().min(1).regex(/^[a-z0-9_-]+$/,{message:"Organization name must be lowercase and can only contain letters, numbers, hyphens, and underscores"}).openapi({description:"The name of the organization. Must be lowercase and can only contain letters, numbers, hyphens, and underscores."}),display_name:e.z.string().optional().openapi({description:"The display name of the organization"}),branding:st,metadata:e.z.record(e.z.any()).default({}).optional().openapi({description:"Custom metadata for the organization"}),enabled_connections:e.z.array(lt).default([]).optional().openapi({description:"List of enabled connections for the organization"}),token_quota:ct}),Wo=e.z.object({...pt.shape,...s.shape,id:e.z.string(),name:e.z.string().min(1).openapi({description:"The name of the organization"})}),_t=e.z.object({user_id:e.z.string().openapi({description:"ID of the user"}),organization_id:e.z.string().openapi({description:"ID of the organization"})}),Ko=e.z.object({..._t.shape,...s.shape,id:e.z.string()}),Vo=e.z.object({idle_session_lifetime:e.z.number().optional(),session_lifetime:e.z.number().optional(),session_cookie:e.z.object({mode:e.z.enum(["persistent","non-persistent"]).optional()}).optional(),enable_client_connections:e.z.boolean().optional(),default_redirection_uri:e.z.string().optional(),enabled_locales:e.z.array(e.z.string()).optional(),default_directory:e.z.string().optional(),error_page:e.z.object({html:e.z.string().optional(),show_log_link:e.z.boolean().optional(),url:e.z.string().optional()}).optional(),flags:e.z.object({allow_legacy_delegation_grant_types:e.z.boolean().optional(),allow_legacy_ro_grant_types:e.z.boolean().optional(),allow_legacy_tokeninfo_endpoint:e.z.boolean().optional(),disable_clickjack_protection_headers:e.z.boolean().optional(),enable_apis_section:e.z.boolean().optional(),enable_client_connections:e.z.boolean().optional(),enable_custom_domain_in_emails:e.z.boolean().optional(),enable_dynamic_client_registration:e.z.boolean().optional(),enable_idtoken_api2:e.z.boolean().optional(),enable_legacy_logs_search_v2:e.z.boolean().optional(),enable_legacy_profile:e.z.boolean().optional(),enable_pipeline2:e.z.boolean().optional(),enable_public_signup_user_exists_error:e.z.boolean().optional(),use_scope_descriptions_for_consent:e.z.boolean().optional(),disable_management_api_sms_obfuscation:e.z.boolean().optional(),enable_adfs_waad_email_verification:e.z.boolean().optional(),revoke_refresh_token_grant:e.z.boolean().optional(),dashboard_log_streams_next:e.z.boolean().optional(),dashboard_insights_view:e.z.boolean().optional(),disable_fields_map_fix:e.z.boolean().optional(),mfa_show_factor_list_on_enrollment:e.z.boolean().optional()}).optional(),friendly_name:e.z.string().optional(),picture_url:e.z.string().optional(),support_email:e.z.string().optional(),support_url:e.z.string().optional(),sandbox_version:e.z.string().optional(),sandbox_versions_available:e.z.array(e.z.string()).optional(),change_password:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),guardian_mfa_page:e.z.object({enabled:e.z.boolean(),html:e.z.string()}).optional(),default_audience:e.z.string().optional(),default_organization:e.z.string().optional(),sessions:e.z.object({oidc_logout_prompt_enabled:e.z.boolean().optional()}).optional()}),Xo=e.z.object({date:e.z.string().openapi({description:"Date these events occurred in ISO 8601 format",example:"2025-12-19"}),logins:e.z.number().openapi({description:"Number of logins on this date",example:150}),signups:e.z.number().openapi({description:"Number of signups on this date",example:25}),leaked_passwords:e.z.number().openapi({description:"Number of breached-password detections on this date (subscription required)",example:0}),updated_at:e.z.string().openapi({description:"Date and time this stats entry was last updated in ISO 8601 format",example:"2025-12-19T10:30:00.000Z"}),created_at:e.z.string().openapi({description:"Approximate date and time the first event occurred in ISO 8601 format",example:"2025-12-19T00:00:00.000Z"})}),qo=e.z.number().openapi({description:"Number of active users in the last 30 days",example:1234});function Yo(t){const[a,c]=t.split("|");if(!a||!c)throw new Error(`Invalid user_id: ${t}`);return {connection:a,id:c}}function Qo(t){const{primary:a,secondaries:c,syncMethods:dt=["create","update","remove","delete","set"]}=t,zt={get(d,n){if(typeof n=="symbol")return d[n];const z=d[n];return typeof z!="function"?z:dt.includes(n)?async(...u)=>{const gt=await z.apply(d,u),h=[];for(const p of c){const N=p.adapter[n];if(typeof N!="function")continue;const mt=(async()=>{try{await N.apply(p.adapter,u);}catch(R){try{p.onError?p.onError(R,n,u):console.error(`Passthrough adapter: secondary write failed for ${n}:`,R);}catch(ut){console.error(`Passthrough adapter: onError handler threw for ${n}:`,ut);}}})();p.blocking&&h.push(mt);}return h.length>0&&await Promise.all(h),gt}:z.bind(d)}};return new Proxy(a,zt)}function Jo(t){return t}exports.Auth0ActionEnum=St;exports.Auth0Client=ke;exports.AuthorizationResponseMode=A;exports.AuthorizationResponseType=E;exports.CodeChallengeMethod=I;exports.ComponentCategory=f;exports.ComponentType=b;exports.EmailActionEnum=bt;exports.FlowActionTypeEnum=ht;exports.GrantType=Me;exports.LocationInfo=Ue;exports.LogTypes=je;exports.LoginSessionState=O;exports.NodeType=Z;exports.RedirectTargetEnum=j;exports.actionNodeSchema=te;exports.activeUsersResponseSchema=qo;exports.addressSchema=P;exports.auth0FlowInsertSchema=Nt;exports.auth0FlowSchema=re;exports.auth0QuerySchema=Et;exports.auth0UpdateUserActionSchema=L;exports.auth0UserResponseSchema=It;exports.authParamsSchema=se;exports.baseUserSchema=S;exports.blockComponentSchema=Se;exports.bordersSchema=He;exports.brandingSchema=Rt;exports.buttonComponentSchema=X;exports.clientGrantInsertSchema=W;exports.clientGrantListSchema=Ot;exports.clientGrantSchema=K;exports.clientInsertSchema=G;exports.clientSchema=B;exports.codeInsertSchema=ge;exports.codeSchema=Lt;exports.codeTypeSchema=ze;exports.colorsSchema=Ge;exports.componentMessageSchema=Ie;exports.componentSchema=J;exports.connectionInsertSchema=ce;exports.connectionOptionsSchema=le;exports.connectionSchema=pe;exports.coordinatesSchema=l;exports.createPassthroughAdapter=Qo;exports.createWriteOnlyAdapter=Jo;exports.customDomainInsertSchema=me;exports.customDomainSchema=he;exports.customDomainWithTenantIdSchema=wt;exports.dailyStatsSchema=Xo;exports.emailProviderSchema=ko;exports.emailVerificationRulesSchema=D;exports.emailVerifyActionSchema=w;exports.endingSchema=ae;exports.fieldComponentSchema=fe;exports.flowActionStepSchema=U;exports.flowInsertSchema=F;exports.flowSchema=ft;exports.flowsFieldComponentSchema=Y;exports.flowsFlowNodeSchema=ee;exports.flowsStepNodeSchema=$;exports.fontDetailsSchema=r;exports.fontsSchema=Be;exports.formControlSchema=ro;exports.formInsertSchema=Ae;exports.formNodeComponentDefinition=T;exports.formNodeSchema=Ee;exports.formSchema=po;exports.genericComponentSchema=Q;exports.genericNodeSchema=oe;exports.hookInsertSchema=So;exports.hookSchema=Eo;exports.identitySchema=x;exports.inviteInsertSchema=Re;exports.inviteSchema=Ao;exports.inviteeSchema=Ne;exports.inviterSchema=Oe;exports.isBlockComponent=zo;exports.isFieldComponent=mo;exports.isWidgetComponent=go;exports.jwksKeySchema=Io;exports.jwksSchema=De;exports.legacyClientSchema=Dt;exports.legalComponentSchema=q;exports.logInsertSchema=Fe;exports.logSchema=Oo;exports.loginSessionInsertSchema=we;exports.loginSessionSchema=yo;exports.loginSessionStateSchema=Le;exports.nodeSchema=ne;exports.openIDConfigurationSchema=Co;exports.organizationBrandingSchema=st;exports.organizationEnabledConnectionSchema=lt;exports.organizationInsertSchema=pt;exports.organizationSchema=Wo;exports.organizationTokenQuotaSchema=ct;exports.pageBackgroundSchema=We;exports.parseUserId=Yo;exports.passwordInsertSchema=ve;exports.passwordSchema=No;exports.profileDataSchema=v;exports.promptSettingSchema=jo;exports.redirectActionSchema=k;exports.refreshTokenInsertSchema=Xe;exports.refreshTokenSchema=Uo;exports.resourceServerInsertSchema=Qe;exports.resourceServerListSchema=xo;exports.resourceServerOptionsSchema=Ye;exports.resourceServerSchema=Je;exports.resourceServerScopeSchema=qe;exports.richTextComponentSchema=V;exports.roleInsertSchema=at;exports.roleListSchema=Bo;exports.rolePermissionInsertSchema=Ze;exports.rolePermissionListSchema=Po;exports.rolePermissionSchema=$e;exports.roleSchema=rt;exports.screenLinkSchema=Ce;exports.sessionInsertSchema=Pe;exports.sessionSchema=Ro;exports.signingKeySchema=Do;exports.smsProviderSchema=vo;exports.smsSendParamsSchema=Fo;exports.startSchema=ie;exports.tenantInsertSchema=_e;exports.tenantSchema=de;exports.tenantSettingsSchema=Vo;exports.themeInsertSchema=Ve;exports.themeSchema=wo;exports.tokenResponseSchema=Lo;exports.totalsSchema=At;exports.uiScreenSchema=_o;exports.userInsertSchema=M;exports.userOrganizationInsertSchema=_t;exports.userOrganizationSchema=Ko;exports.userPermissionInsertSchema=et;exports.userPermissionListSchema=Mo;exports.userPermissionSchema=tt;exports.userPermissionWithDetailsListSchema=Ho;exports.userPermissionWithDetailsSchema=ot;exports.userResponseSchema=Ct;exports.userRoleInsertSchema=nt;exports.userRoleListSchema=Go;exports.userRoleSchema=it;exports.userSchema=H;exports.verificationMethodsSchema=ue;exports.widgetComponentSchema=be;exports.widgetSchema=Ke;
8113
8113
  } (adapterInterfaces));
8114
8114
  return adapterInterfaces;
8115
8115
  }
package/dist/esm/loader.js CHANGED
@@ -1,11 +1,11 @@
1
- import { b as bootstrapLazy } from './index-DKg5ozw7.js';
2
- export { s as setNonce } from './index-DKg5ozw7.js';
1
+ import { b as bootstrapLazy } from './index-BzFenraS.js';
2
+ export { s as setNonce } from './index-BzFenraS.js';
3
3
  import { g as globalScripts } from './app-globals-DQuL1Twl.js';
4
4
 
5
5
  const defineCustomElements = async (win, options) => {
6
6
  if (typeof window === 'undefined') return undefined;
7
7
  await globalScripts();
8
- return bootstrapLazy([["authhero-node",[[513,"authhero-node",{"component":[16],"value":[1],"disabled":[4],"passwordVisible":[32]}]]],["authhero-widget",[[513,"authhero-widget",{"screen":[1],"apiUrl":[1,"api-url"],"branding":[1],"theme":[1],"loading":[1028],"autoSubmit":[4,"auto-submit"],"_screen":[32],"_branding":[32],"_theme":[32],"formData":[32]},null,{"screen":[{"watchScreen":0}],"branding":[{"watchBranding":0}],"theme":[{"watchTheme":0}]}]]]], options);
8
+ return bootstrapLazy([["authhero-node",[[513,"authhero-node",{"component":[16],"value":[1],"disabled":[4],"passwordVisible":[32]}]]],["authhero-widget",[[513,"authhero-widget",{"screen":[1],"apiUrl":[1,"api-url"],"baseUrl":[1,"base-url"],"state":[1025],"screenId":[1025,"screen-id"],"authParams":[1,"auth-params"],"statePersistence":[1,"state-persistence"],"storageKey":[1,"storage-key"],"branding":[1],"theme":[1],"loading":[1028],"autoSubmit":[4,"auto-submit"],"autoNavigate":[4,"auto-navigate"],"_screen":[32],"_authParams":[32],"_branding":[32],"_theme":[32],"formData":[32]},null,{"screen":[{"watchScreen":0}],"branding":[{"watchBranding":0}],"theme":[{"watchTheme":0}],"authParams":[{"watchAuthParams":0}]}]]]], options);
9
9
  };
10
10
 
11
11
  export { defineCustomElements };
package/dist/types/components/authhero-widget/authhero-widget.d.ts CHANGED
@@ -1,6 +1,6 @@
1
- import { EventEmitter } from '../../stencil-public-runtime';
2
- import type { UiScreen } from '../../types/components';
3
- import type { WidgetBranding, WidgetTheme } from '../../utils/branding';
1
+ import { EventEmitter } from "../../stencil-public-runtime";
2
+ import type { UiScreen } from "../../types/components";
3
+ import type { WidgetBranding, WidgetTheme } from "../../utils/branding";
4
4
  /**
5
5
  * Submit event detail - emitted when a form is submitted
6
6
  */
@@ -57,6 +57,22 @@ export interface ErrorEventDetail {
57
57
  /** Error code */
58
58
  code?: string;
59
59
  }
60
+ /**
61
+ * Auth params needed for social login and OAuth flows
62
+ */
63
+ export interface AuthParams {
64
+ client_id: string;
65
+ redirect_uri?: string;
66
+ scope?: string;
67
+ audience?: string;
68
+ nonce?: string;
69
+ response_type?: string;
70
+ state?: string;
71
+ }
72
+ /**
73
+ * State persistence mode - where to track state and screen
74
+ */
75
+ export type StatePersistence = "url" | "session" | "memory";
60
76
  export declare class AuthheroWidget {
61
77
  el: HTMLElement;
62
78
  /**
@@ -68,8 +84,43 @@ export declare class AuthheroWidget {
68
84
  /**
69
85
  * API endpoint to fetch the initial screen from.
70
86
  * If provided, the widget will fetch the screen on load.
87
+ * Can include {screenId} placeholder which will be replaced with the current screen.
88
+ * Example: "/u2/screen/{screenId}" or "https://auth.example.com/u2/screen/{screenId}"
71
89
  */
72
90
  apiUrl?: string;
91
+ /**
92
+ * Base URL for all API calls. Used when widget is embedded on a different domain.
93
+ * If not provided, relative URLs are used.
94
+ * Example: "https://auth.example.com"
95
+ */
96
+ baseUrl?: string;
97
+ /**
98
+ * Login session state token. Required for social login and maintaining session.
99
+ */
100
+ state?: string;
101
+ /**
102
+ * Current screen ID. Used with apiUrl to fetch screen configuration.
103
+ * When statePersistence is 'url', this is synced with the URL.
104
+ */
105
+ screenId?: string;
106
+ /**
107
+ * OAuth/OIDC parameters for social login redirects.
108
+ * Can be passed as a JSON string or object.
109
+ */
110
+ authParams?: AuthParams | string;
111
+ /**
112
+ * Where to persist state and screen ID.
113
+ * - 'url': Updates URL path/query (default for standalone pages)
114
+ * - 'session': Uses sessionStorage (for embedded widgets)
115
+ * - 'memory': No persistence, state only in memory
116
+ * @default 'memory'
117
+ */
118
+ statePersistence: StatePersistence;
119
+ /**
120
+ * Storage key prefix for session/local storage persistence.
121
+ * @default 'authhero_widget'
122
+ */
123
+ storageKey: string;
73
124
  /**
74
125
  * Branding configuration from AuthHero API.
75
126
  * Controls logo, primary color, and page background.
@@ -94,10 +145,21 @@ export declare class AuthheroWidget {
94
145
  * @default false
95
146
  */
96
147
  autoSubmit: boolean;
148
+ /**
149
+ * Whether the widget should handle navigation automatically.
150
+ * When true, social login buttons redirect, links navigate, etc.
151
+ * When false, only events are emitted.
152
+ * @default false (same as autoSubmit when not specified)
153
+ */
154
+ autoNavigate?: boolean;
97
155
  /**
98
156
  * Internal parsed screen state.
99
157
  */
100
158
  _screen?: UiScreen;
159
+ /**
160
+ * Internal parsed auth params state.
161
+ */
162
+ _authParams?: AuthParams;
101
163
  /**
102
164
  * Internal parsed branding state.
103
165
  */
@@ -146,15 +208,45 @@ export declare class AuthheroWidget {
146
208
  watchScreen(newValue: UiScreen | string | undefined): void;
147
209
  watchBranding(newValue: WidgetBranding | string | undefined): void;
148
210
  watchTheme(newValue: WidgetTheme | string | undefined): void;
211
+ watchAuthParams(newValue: AuthParams | string | undefined): void;
149
212
  /**
150
213
  * Apply branding and theme as CSS custom properties
151
214
  */
152
215
  private applyThemeStyles;
216
+ /**
217
+ * Get the effective autoNavigate value (defaults to autoSubmit if not set)
218
+ */
219
+ private get shouldAutoNavigate();
220
+ /**
221
+ * Build the full URL for API calls
222
+ */
223
+ private buildUrl;
224
+ /**
225
+ * Load state from URL or storage based on statePersistence setting
226
+ */
227
+ private loadPersistedState;
228
+ /**
229
+ * Save state to URL or storage based on statePersistence setting
230
+ */
231
+ private persistState;
153
232
  componentWillLoad(): Promise<void>;
154
- private fetchScreen;
233
+ /**
234
+ * Fetch screen configuration from the API
235
+ * @param screenIdOverride Optional screen ID to fetch (overrides this.screenId)
236
+ * @param nodeId Optional node ID for flow navigation
237
+ */
238
+ fetchScreen(screenIdOverride?: string, nodeId?: string): Promise<void>;
155
239
  private handleInputChange;
156
240
  private handleSubmit;
157
241
  private handleButtonClick;
242
+ /**
243
+ * Handle social login redirect
244
+ */
245
+ private handleSocialLogin;
246
+ /**
247
+ * Handle resend button click (e.g., resend OTP code)
248
+ */
249
+ private handleResend;
158
250
  private handleLinkClick;
159
251
  /**
160
252
  * Get error messages from the screen-level messages array.
package/dist/types/components.d.ts CHANGED
@@ -6,11 +6,11 @@
6
6
  */
7
7
  import { HTMLStencilElement, JSXBase } from "./stencil-public-runtime";
8
8
  import { FormComponent, RuntimeComponent, UiScreen } from "./types/components";
9
+ import { AuthParams, ButtonClickEventDetail, CompleteEventDetail, ErrorEventDetail, LinkClickEventDetail, NavigateEventDetail, StatePersistence, SubmitEventDetail } from "./components/authhero-widget/authhero-widget";
9
10
  import { WidgetBranding, WidgetTheme } from "./utils/branding";
10
- import { ButtonClickEventDetail, CompleteEventDetail, ErrorEventDetail, LinkClickEventDetail, NavigateEventDetail, SubmitEventDetail } from "./components/authhero-widget/authhero-widget";
11
11
  export { FormComponent, RuntimeComponent, UiScreen } from "./types/components";
12
+ export { AuthParams, ButtonClickEventDetail, CompleteEventDetail, ErrorEventDetail, LinkClickEventDetail, NavigateEventDetail, StatePersistence, SubmitEventDetail } from "./components/authhero-widget/authhero-widget";
12
13
  export { WidgetBranding, WidgetTheme } from "./utils/branding";
13
- export { ButtonClickEventDetail, CompleteEventDetail, ErrorEventDetail, LinkClickEventDetail, NavigateEventDetail, SubmitEventDetail } from "./components/authhero-widget/authhero-widget";
14
14
  export namespace Components {
15
15
  interface AuthheroNode {
16
16
  /**
@@ -29,14 +29,27 @@ export namespace Components {
29
29
  }
30
30
  interface AuthheroWidget {
31
31
  /**
32
- * API endpoint to fetch the initial screen from. If provided, the widget will fetch the screen on load.
32
+ * API endpoint to fetch the initial screen from. If provided, the widget will fetch the screen on load. Can include {screenId} placeholder which will be replaced with the current screen. Example: "/u2/screen/{screenId}" or "https://auth.example.com/u2/screen/{screenId}"
33
33
  */
34
34
  "apiUrl"?: string;
35
+ /**
36
+ * OAuth/OIDC parameters for social login redirects. Can be passed as a JSON string or object.
37
+ */
38
+ "authParams"?: AuthParams | string;
39
+ /**
40
+ * Whether the widget should handle navigation automatically. When true, social login buttons redirect, links navigate, etc. When false, only events are emitted.
41
+ * @default false (same as autoSubmit when not specified)
42
+ */
43
+ "autoNavigate"?: boolean;
35
44
  /**
36
45
  * Whether the widget should automatically submit forms to the action URL. When false (default), the widget only emits events and the consuming application handles all HTTP requests. When true, the widget handles form submission and screen updates.
37
46
  * @default false
38
47
  */
39
48
  "autoSubmit": boolean;
49
+ /**
50
+ * Base URL for all API calls. Used when widget is embedded on a different domain. If not provided, relative URLs are used. Example: "https://auth.example.com"
51
+ */
52
+ "baseUrl"?: string;
40
53
  /**
41
54
  * Branding configuration from AuthHero API. Controls logo, primary color, and page background. Can be passed as a JSON string or object.
42
55
  */
@@ -50,6 +63,24 @@ export namespace Components {
50
63
  * The UI screen configuration from the server. Can be passed as a JSON string or object. Follows Auth0 Forms component schema.
51
64
  */
52
65
  "screen"?: UiScreen | string;
66
+ /**
67
+ * Current screen ID. Used with apiUrl to fetch screen configuration. When statePersistence is 'url', this is synced with the URL.
68
+ */
69
+ "screenId"?: string;
70
+ /**
71
+ * Login session state token. Required for social login and maintaining session.
72
+ */
73
+ "state"?: string;
74
+ /**
75
+ * Where to persist state and screen ID. - 'url': Updates URL path/query (default for standalone pages) - 'session': Uses sessionStorage (for embedded widgets) - 'memory': No persistence, state only in memory
76
+ * @default 'memory'
77
+ */
78
+ "statePersistence": StatePersistence;
79
+ /**
80
+ * Storage key prefix for session/local storage persistence.
81
+ * @default 'authhero_widget'
82
+ */
83
+ "storageKey": string;
53
84
  /**
54
85
  * Theme configuration from AuthHero API. Controls colors, borders, fonts, and layout. Can be passed as a JSON string or object.
55
86
  */
@@ -145,14 +176,27 @@ declare namespace LocalJSX {
145
176
  }
146
177
  interface AuthheroWidget {
147
178
  /**
148
- * API endpoint to fetch the initial screen from. If provided, the widget will fetch the screen on load.
179
+ * API endpoint to fetch the initial screen from. If provided, the widget will fetch the screen on load. Can include {screenId} placeholder which will be replaced with the current screen. Example: "/u2/screen/{screenId}" or "https://auth.example.com/u2/screen/{screenId}"
149
180
  */
150
181
  "apiUrl"?: string;
182
+ /**
183
+ * OAuth/OIDC parameters for social login redirects. Can be passed as a JSON string or object.
184
+ */
185
+ "authParams"?: AuthParams | string;
186
+ /**
187
+ * Whether the widget should handle navigation automatically. When true, social login buttons redirect, links navigate, etc. When false, only events are emitted.
188
+ * @default false (same as autoSubmit when not specified)
189
+ */
190
+ "autoNavigate"?: boolean;
151
191
  /**
152
192
  * Whether the widget should automatically submit forms to the action URL. When false (default), the widget only emits events and the consuming application handles all HTTP requests. When true, the widget handles form submission and screen updates.
153
193
  * @default false
154
194
  */
155
195
  "autoSubmit"?: boolean;
196
+ /**
197
+ * Base URL for all API calls. Used when widget is embedded on a different domain. If not provided, relative URLs are used. Example: "https://auth.example.com"
198
+ */
199
+ "baseUrl"?: string;
156
200
  /**
157
201
  * Branding configuration from AuthHero API. Controls logo, primary color, and page background. Can be passed as a JSON string or object.
158
202
  */
@@ -194,6 +238,24 @@ declare namespace LocalJSX {
194
238
  * The UI screen configuration from the server. Can be passed as a JSON string or object. Follows Auth0 Forms component schema.
195
239
  */
196
240
  "screen"?: UiScreen | string;
241
+ /**
242
+ * Current screen ID. Used with apiUrl to fetch screen configuration. When statePersistence is 'url', this is synced with the URL.
243
+ */
244
+ "screenId"?: string;
245
+ /**
246
+ * Login session state token. Required for social login and maintaining session.
247
+ */
248
+ "state"?: string;
249
+ /**
250
+ * Where to persist state and screen ID. - 'url': Updates URL path/query (default for standalone pages) - 'session': Uses sessionStorage (for embedded widgets) - 'memory': No persistence, state only in memory
251
+ * @default 'memory'
252
+ */
253
+ "statePersistence"?: StatePersistence;
254
+ /**
255
+ * Storage key prefix for session/local storage persistence.
256
+ * @default 'authhero_widget'
257
+ */
258
+ "storageKey"?: string;
197
259
  /**
198
260
  * Theme configuration from AuthHero API. Controls colors, borders, fonts, and layout. Can be passed as a JSON string or object.
199
261
  */