@cloudsignal/pwa-sdk 1.1.0 → 1.2.0

package/dist/index.d.mts

@@ -187,6 +187,10 @@ interface BeforeInstallPromptEvent extends Event {
 /**
  * CloudSignal PWA SDK Configuration Types
  */
+/**
+ * Authentication mode for SDK requests
+ */
+type AuthMode$1 = 'hmac' | 'jwt';
 /**
  * Main SDK configuration options
  */
@@ -195,8 +199,22 @@ interface PWAConfig {
     serviceUrl?: string;
     /** Organization ID (UUID) */
     organizationId: string;
-    /** Organization secret key for HMAC authentication */
-    organizationSecret: string;
+    /**
+     * Organization secret key for HMAC authentication (anonymous mode)
+     * Required if userToken is not provided
+     */
+    organizationSecret?: string;
+    /**
+     * JWT token from identity provider for authenticated user mode
+     * Supports: Supabase, Firebase, Auth0, Clerk, custom OIDC
+     * When provided, takes precedence over organizationSecret
+     */
+    userToken?: string;
+    /**
+     * Callback to refresh JWT token when expired (401 response)
+     * Should return a new valid JWT token
+     */
+    onTokenExpired?: () => Promise<string>;
     /** PWA service ID (UUID) */
     serviceId: string;
     /** Enable debug logging */
@@ -503,7 +521,7 @@ interface NotificationAction {
 /**
  * Event types emitted by the SDK
  */
-type PWAEvent = 'install:available' | 'install:accepted' | 'install:dismissed' | 'install:completed' | 'install:error' | 'push:registered' | 'push:unregistered' | 'push:updated' | 'push:error' | 'push:received' | 'push:clicked' | 'permission:granted' | 'permission:denied' | 'permission:prompt' | 'sw:registered' | 'sw:updated' | 'sw:error' | 'sw:activated' | 'config:loaded' | 'config:error' | 'heartbeat:started' | 'heartbeat:stopped' | 'heartbeat:sent' | 'heartbeat:error' | 'heartbeat:intervalChanged' | 'heartbeat:pausedForBattery' | 'heartbeat:resumedFromBattery' | 'network:online' | 'network:offline' | 'state:changed' | 'wakeLock:acquired' | 'wakeLock:released' | 'wakeLock:error' | 'offlineQueue:queued' | 'offlineQueue:processed' | 'offlineQueue:flushed' | 'iosBanner:shown' | 'iosBanner:dismissed' | 'iosBanner:installClicked';
+type PWAEvent = 'install:available' | 'install:accepted' | 'install:dismissed' | 'install:completed' | 'install:error' | 'push:registered' | 'push:unregistered' | 'push:updated' | 'push:error' | 'push:received' | 'push:clicked' | 'permission:granted' | 'permission:denied' | 'permission:prompt' | 'sw:registered' | 'sw:updated' | 'sw:error' | 'sw:activated' | 'config:loaded' | 'config:error' | 'heartbeat:started' | 'heartbeat:stopped' | 'heartbeat:sent' | 'heartbeat:error' | 'heartbeat:intervalChanged' | 'heartbeat:pausedForBattery' | 'heartbeat:resumedFromBattery' | 'network:online' | 'network:offline' | 'state:changed' | 'wakeLock:acquired' | 'wakeLock:released' | 'wakeLock:error' | 'offlineQueue:queued' | 'offlineQueue:processed' | 'offlineQueue:flushed' | 'iosBanner:shown' | 'iosBanner:dismissed' | 'iosBanner:installClicked' | 'auth:tokenUpdated';
 /**
  * Event handler function
  */
@@ -848,6 +866,7 @@ declare class CloudSignalPWA {
     private debug;
     private initialized;
     private serviceConfig;
+    private authContext;
     private deviceDetector;
     private serviceWorkerManager;
     private installationManager;
@@ -915,6 +934,16 @@ declare class CloudSignalPWA {
      * Request notification permission
      */
     requestPermission(): Promise<NotificationPermission>;
+    /**
+     * Get current authentication mode
+     */
+    getAuthMode(): AuthMode$1;
+    /**
+     * Set JWT user token (for upgrading anonymous to authenticated, or token refresh)
+     * After calling this, you should call registerForPush() again to re-register with user context
+     * @param token - JWT token from identity provider
+     */
+    setUserToken(token: string): void;
     /**
      * Get comprehensive device information
      */
@@ -1274,7 +1303,12 @@ declare class InstallationManager {
 interface PushNotificationManagerOptions {
     serviceUrl: string;
     organizationId: string;
-    organizationSecret: string;
+    /** Organization secret for HMAC auth (optional if userToken provided) */
+    organizationSecret?: string;
+    /** JWT token for authenticated user mode (optional if organizationSecret provided) */
+    userToken?: string;
+    /** Callback to refresh JWT when expired */
+    onTokenExpired?: () => Promise<string>;
     serviceId: string;
     debug?: boolean;
     onRegistered?: (registration: Registration) => void;
@@ -1288,7 +1322,6 @@ interface PushNotificationManagerOptions {
 declare class PushNotificationManager {
     private serviceUrl;
     private organizationId;
-    private organizationSecret;
     private serviceId;
     private debug;
     private deviceDetector;
@@ -1296,10 +1329,12 @@ declare class PushNotificationManager {
     private pushSubscription;
     private registrationId;
     private vapidPublicKey;
+    private authContext;
     private onRegistered?;
     private onUnregistered?;
     private onError?;
     private onPermissionDenied?;
+    private onTokenExpired?;
     constructor(options: PushNotificationManagerOptions);
     /**
      * Set service worker registration
@@ -1317,6 +1352,14 @@ declare class PushNotificationManager {
      * Check if registered for push notifications
      */
     isRegistered(): boolean;
+    /**
+     * Get current authentication mode
+     */
+    getAuthMode(): AuthMode$1;
+    /**
+     * Update JWT token (for token refresh or upgrading from HMAC to JWT)
+     */
+    updateToken(token: string): void;
     /**
      * Register for push notifications
      */
@@ -1359,7 +1402,12 @@ declare class PushNotificationManager {
 interface HeartbeatManagerOptions {
     serviceUrl: string;
     organizationId: string;
-    organizationSecret: string;
+    /** Organization secret for HMAC auth (optional if userToken provided) */
+    organizationSecret?: string;
+    /** JWT token for authenticated user mode (optional if organizationSecret provided) */
+    userToken?: string;
+    /** Callback to refresh JWT when expired */
+    onTokenExpired?: () => Promise<string>;
     config?: HeartbeatConfig;
     adaptiveConfig?: AdaptiveHeartbeatConfig;
     debug?: boolean;
@@ -1376,7 +1424,6 @@ interface HeartbeatManagerOptions {
 declare class HeartbeatManager {
     private serviceUrl;
     private organizationId;
-    private organizationSecret;
     private config;
     private adaptiveConfig;
     private debug;
@@ -1388,11 +1435,13 @@ declare class HeartbeatManager {
     private visibilityHandler;
     private connectionChangeHandler;
     private batteryManager;
+    private authContext;
     private onHeartbeatSent?;
     private onHeartbeatError?;
     private onIntervalChanged?;
     private onPausedForBattery?;
     private onResumedFromBattery?;
+    private onTokenExpired?;
     constructor(options: HeartbeatManagerOptions);
     /**
      * Set the registration ID for heartbeat requests
@@ -1410,6 +1459,14 @@ declare class HeartbeatManager {
      * Check if heartbeat is running
      */
     isHeartbeatRunning(): boolean;
+    /**
+     * Get current authentication mode
+     */
+    getAuthMode(): AuthMode$1;
+    /**
+     * Update JWT token (for token refresh or upgrading from HMAC to JWT)
+     */
+    updateToken(token: string): void;
     /**
      * Send a single heartbeat
      */
@@ -1923,6 +1980,89 @@ declare function makeAuthenticatedRequest(organizationId: string, organizationSe
  */
 declare function isValidUUID(value: string | null | undefined): boolean;
 
+/**
+ * JWT Authentication Utilities
+ * Implements CloudSignal's JWT-based authentication for user-linked registrations
+ */
+/**
+ * Auth mode type
+ */
+type AuthMode = 'hmac' | 'jwt';
+/**
+ * JWT auth configuration
+ */
+interface JWTAuthConfig {
+    /** JWT token from identity provider (Supabase, Firebase, Auth0, etc.) */
+    token: string;
+    /** Organization ID (still needed for provider config lookup) */
+    organizationId: string;
+    /** Callback to refresh token when expired */
+    onTokenExpired?: () => Promise<string>;
+}
+/**
+ * Generate authentication headers for JWT-based requests
+ *
+ * @param token - JWT token from identity provider
+ * @param organizationId - Organization UUID
+ * @returns Headers object with Bearer token and org ID
+ */
+declare function generateJWTHeaders(token: string, organizationId: string): Record<string, string>;
+/**
+ * Make an authenticated request using JWT
+ * Handles token refresh on 401 errors
+ *
+ * @param config - JWT auth configuration
+ * @param method - HTTP method
+ * @param url - Request URL
+ * @param body - Request body (optional)
+ * @returns Fetch Response
+ */
+declare function makeJWTAuthenticatedRequest(config: JWTAuthConfig, method: string, url: string, body?: Record<string, any>): Promise<Response>;
+/**
+ * Auth context that can be passed to managers
+ */
+interface AuthContext {
+    mode: AuthMode;
+    organizationId: string;
+    organizationSecret?: string;
+    userToken?: string;
+    onTokenExpired?: () => Promise<string>;
+}
+/**
+ * Create auth context from config
+ * Determines auth mode based on provided credentials
+ *
+ * @param config - Configuration object
+ * @returns Auth context with detected mode
+ */
+declare function createAuthContext(config: {
+    organizationId: string;
+    organizationSecret?: string;
+    userToken?: string;
+    onTokenExpired?: () => Promise<string>;
+}): AuthContext;
+/**
+ * Make authenticated request using auth context
+ * Automatically selects HMAC or JWT based on context mode
+ *
+ * @param authContext - Auth context
+ * @param method - HTTP method
+ * @param url - Request URL
+ * @param body - Request body (optional)
+ * @param onTokenExpired - Token refresh callback (overrides context for this call)
+ * @returns Fetch Response
+ */
+declare function makeAuthenticatedRequestWithContext(authContext: AuthContext, method: string, url: string, body?: Record<string, any>, onTokenExpired?: () => Promise<string>): Promise<Response>;
+/**
+ * Update token in auth context (for JWT mode)
+ * Returns a new context with updated token
+ *
+ * @param authContext - Current auth context
+ * @param newToken - New JWT token
+ * @returns Updated auth context
+ */
+declare function updateAuthToken(authContext: AuthContext, newToken: string): AuthContext;
+
 /**
  * Browser Fingerprinting Utilities
  * Generate unique device identifiers for registration deduplication
@@ -2040,10 +2180,11 @@ declare class IndexedDBStorage {
  * Progressive Web App features with push notifications, installation management, and device tracking
  *
  * v1.1.0: Added WakeLock, OfflineQueue, iOS Install Banner, Network-aware Heartbeat, Notification Analytics
+ * v1.2.0: Added JWT auth support for user-linked registrations
  *
  * @packageDocumentation
  */
 
-declare const VERSION = "1.1.0";
+declare const VERSION = "1.2.0";
 
-export { type AdaptiveHeartbeatConfig, type BatteryInfo, type BeforeInstallPromptEvent, CloudSignalPWA, type ConfigLoadedEvent, DeviceDetector, type DeviceInfo, type DisplayMode, type EventHandler, type HeartbeatConfig, type HeartbeatEvent, HeartbeatManager, type IOSBannerLanguage, type IOSBannerStrings, IOSInstallBanner, type IOSInstallBannerConfig$1 as IOSInstallBannerConfig, type IOSInstallBannerOptions$1 as IOSInstallBannerOptions, IOS_BANNER_TRANSLATIONS, IndexedDBStorage, type InitializeResult, type InstallAvailableEvent, type InstallResult, type InstallResultEvent, InstallationManager, type InstallationState, type LoggerFunction, NOTIFICATION_PROMPT_TRANSLATIONS, type NetworkConnectionInfo, type NetworkEvent, type NetworkInfo, type NotificationAction, type NotificationAnalyticsConfig, type NotificationAnalyticsEvent, type NotificationPayload, NotificationPermissionPrompt, type NotificationPermissionState, type NotificationPreferences, type IOSBannerLanguage as NotificationPromptLanguage, type NotificationPromptStrings, type OfflineQueueConfig$1 as OfflineQueueConfig, OfflineQueueManager, type OfflineQueueStats, type PWACapabilities, type PWAConfig, type PWAEvent, type PWAServiceConfig, type PWASupportLevel, type PermissionEvent, type PlatformInfo, type PushClickedEvent, PushNotificationManager, type PushReceivedEvent, type PushRegisteredEvent, type PushSubscriptionData, type QueueProcessResult, type QueuedRequest, type RegisterOptions, type Registration, type RegistrationStatus, type RegistrationStatusResponse, type ScreenInfo, type ServiceWorkerConfig, type ServiceWorkerEvent, ServiceWorkerManager, VERSION, type WakeLockConfig$1 as WakeLockConfig, WakeLockManager, type WakeLockState, CloudSignalPWA as default, detectBrowserLanguage, deviceDetector, generateAuthHeaders, generateBrowserFingerprint, generateHMACSignature, generateTrackingId, getRegistrationId, getStorageItem, isValidUUID, makeAuthenticatedRequest, removeRegistrationId, removeStorageItem, setRegistrationId, setStorageItem };
+export { type AdaptiveHeartbeatConfig, type AuthContext, type AuthMode$1 as AuthMode, type BatteryInfo, type BeforeInstallPromptEvent, CloudSignalPWA, type ConfigLoadedEvent, DeviceDetector, type DeviceInfo, type DisplayMode, type EventHandler, type HeartbeatConfig, type HeartbeatEvent, HeartbeatManager, type IOSBannerLanguage, type IOSBannerStrings, IOSInstallBanner, type IOSInstallBannerConfig$1 as IOSInstallBannerConfig, type IOSInstallBannerOptions$1 as IOSInstallBannerOptions, IOS_BANNER_TRANSLATIONS, IndexedDBStorage, type InitializeResult, type InstallAvailableEvent, type InstallResult, type InstallResultEvent, InstallationManager, type InstallationState, type LoggerFunction, NOTIFICATION_PROMPT_TRANSLATIONS, type NetworkConnectionInfo, type NetworkEvent, type NetworkInfo, type NotificationAction, type NotificationAnalyticsConfig, type NotificationAnalyticsEvent, type NotificationPayload, NotificationPermissionPrompt, type NotificationPermissionState, type NotificationPreferences, type IOSBannerLanguage as NotificationPromptLanguage, type NotificationPromptStrings, type OfflineQueueConfig$1 as OfflineQueueConfig, OfflineQueueManager, type OfflineQueueStats, type PWACapabilities, type PWAConfig, type PWAEvent, type PWAServiceConfig, type PWASupportLevel, type PermissionEvent, type PlatformInfo, type PushClickedEvent, PushNotificationManager, type PushReceivedEvent, type PushRegisteredEvent, type PushSubscriptionData, type QueueProcessResult, type QueuedRequest, type RegisterOptions, type Registration, type RegistrationStatus, type RegistrationStatusResponse, type ScreenInfo, type ServiceWorkerConfig, type ServiceWorkerEvent, ServiceWorkerManager, VERSION, type WakeLockConfig$1 as WakeLockConfig, WakeLockManager, type WakeLockState, createAuthContext, CloudSignalPWA as default, detectBrowserLanguage, deviceDetector, generateAuthHeaders, generateBrowserFingerprint, generateHMACSignature, generateJWTHeaders, generateTrackingId, getRegistrationId, getStorageItem, isValidUUID, makeAuthenticatedRequest, makeAuthenticatedRequestWithContext, makeJWTAuthenticatedRequest, removeRegistrationId, removeStorageItem, setRegistrationId, setStorageItem, updateAuthToken };

package/dist/index.d.ts

@@ -187,6 +187,10 @@ interface BeforeInstallPromptEvent extends Event {
 /**
  * CloudSignal PWA SDK Configuration Types
  */
+/**
+ * Authentication mode for SDK requests
+ */
+type AuthMode$1 = 'hmac' | 'jwt';
 /**
  * Main SDK configuration options
  */
@@ -195,8 +199,22 @@ interface PWAConfig {
     serviceUrl?: string;
     /** Organization ID (UUID) */
     organizationId: string;
-    /** Organization secret key for HMAC authentication */
-    organizationSecret: string;
+    /**
+     * Organization secret key for HMAC authentication (anonymous mode)
+     * Required if userToken is not provided
+     */
+    organizationSecret?: string;
+    /**
+     * JWT token from identity provider for authenticated user mode
+     * Supports: Supabase, Firebase, Auth0, Clerk, custom OIDC
+     * When provided, takes precedence over organizationSecret
+     */
+    userToken?: string;
+    /**
+     * Callback to refresh JWT token when expired (401 response)
+     * Should return a new valid JWT token
+     */
+    onTokenExpired?: () => Promise<string>;
     /** PWA service ID (UUID) */
     serviceId: string;
     /** Enable debug logging */
@@ -503,7 +521,7 @@ interface NotificationAction {
 /**
  * Event types emitted by the SDK
  */
-type PWAEvent = 'install:available' | 'install:accepted' | 'install:dismissed' | 'install:completed' | 'install:error' | 'push:registered' | 'push:unregistered' | 'push:updated' | 'push:error' | 'push:received' | 'push:clicked' | 'permission:granted' | 'permission:denied' | 'permission:prompt' | 'sw:registered' | 'sw:updated' | 'sw:error' | 'sw:activated' | 'config:loaded' | 'config:error' | 'heartbeat:started' | 'heartbeat:stopped' | 'heartbeat:sent' | 'heartbeat:error' | 'heartbeat:intervalChanged' | 'heartbeat:pausedForBattery' | 'heartbeat:resumedFromBattery' | 'network:online' | 'network:offline' | 'state:changed' | 'wakeLock:acquired' | 'wakeLock:released' | 'wakeLock:error' | 'offlineQueue:queued' | 'offlineQueue:processed' | 'offlineQueue:flushed' | 'iosBanner:shown' | 'iosBanner:dismissed' | 'iosBanner:installClicked';
+type PWAEvent = 'install:available' | 'install:accepted' | 'install:dismissed' | 'install:completed' | 'install:error' | 'push:registered' | 'push:unregistered' | 'push:updated' | 'push:error' | 'push:received' | 'push:clicked' | 'permission:granted' | 'permission:denied' | 'permission:prompt' | 'sw:registered' | 'sw:updated' | 'sw:error' | 'sw:activated' | 'config:loaded' | 'config:error' | 'heartbeat:started' | 'heartbeat:stopped' | 'heartbeat:sent' | 'heartbeat:error' | 'heartbeat:intervalChanged' | 'heartbeat:pausedForBattery' | 'heartbeat:resumedFromBattery' | 'network:online' | 'network:offline' | 'state:changed' | 'wakeLock:acquired' | 'wakeLock:released' | 'wakeLock:error' | 'offlineQueue:queued' | 'offlineQueue:processed' | 'offlineQueue:flushed' | 'iosBanner:shown' | 'iosBanner:dismissed' | 'iosBanner:installClicked' | 'auth:tokenUpdated';
 /**
  * Event handler function
  */
@@ -848,6 +866,7 @@ declare class CloudSignalPWA {
     private debug;
     private initialized;
     private serviceConfig;
+    private authContext;
     private deviceDetector;
     private serviceWorkerManager;
     private installationManager;
@@ -915,6 +934,16 @@ declare class CloudSignalPWA {
      * Request notification permission
      */
     requestPermission(): Promise<NotificationPermission>;
+    /**
+     * Get current authentication mode
+     */
+    getAuthMode(): AuthMode$1;
+    /**
+     * Set JWT user token (for upgrading anonymous to authenticated, or token refresh)
+     * After calling this, you should call registerForPush() again to re-register with user context
+     * @param token - JWT token from identity provider
+     */
+    setUserToken(token: string): void;
     /**
      * Get comprehensive device information
      */
@@ -1274,7 +1303,12 @@ declare class InstallationManager {
 interface PushNotificationManagerOptions {
     serviceUrl: string;
     organizationId: string;
-    organizationSecret: string;
+    /** Organization secret for HMAC auth (optional if userToken provided) */
+    organizationSecret?: string;
+    /** JWT token for authenticated user mode (optional if organizationSecret provided) */
+    userToken?: string;
+    /** Callback to refresh JWT when expired */
+    onTokenExpired?: () => Promise<string>;
     serviceId: string;
     debug?: boolean;
     onRegistered?: (registration: Registration) => void;
@@ -1288,7 +1322,6 @@ interface PushNotificationManagerOptions {
 declare class PushNotificationManager {
     private serviceUrl;
     private organizationId;
-    private organizationSecret;
     private serviceId;
     private debug;
     private deviceDetector;
@@ -1296,10 +1329,12 @@ declare class PushNotificationManager {
     private pushSubscription;
     private registrationId;
     private vapidPublicKey;
+    private authContext;
     private onRegistered?;
     private onUnregistered?;
     private onError?;
     private onPermissionDenied?;
+    private onTokenExpired?;
     constructor(options: PushNotificationManagerOptions);
     /**
      * Set service worker registration
@@ -1317,6 +1352,14 @@ declare class PushNotificationManager {
      * Check if registered for push notifications
      */
     isRegistered(): boolean;
+    /**
+     * Get current authentication mode
+     */
+    getAuthMode(): AuthMode$1;
+    /**
+     * Update JWT token (for token refresh or upgrading from HMAC to JWT)
+     */
+    updateToken(token: string): void;
     /**
      * Register for push notifications
      */
@@ -1359,7 +1402,12 @@ declare class PushNotificationManager {
 interface HeartbeatManagerOptions {
     serviceUrl: string;
     organizationId: string;
-    organizationSecret: string;
+    /** Organization secret for HMAC auth (optional if userToken provided) */
+    organizationSecret?: string;
+    /** JWT token for authenticated user mode (optional if organizationSecret provided) */
+    userToken?: string;
+    /** Callback to refresh JWT when expired */
+    onTokenExpired?: () => Promise<string>;
     config?: HeartbeatConfig;
     adaptiveConfig?: AdaptiveHeartbeatConfig;
     debug?: boolean;
@@ -1376,7 +1424,6 @@ interface HeartbeatManagerOptions {
 declare class HeartbeatManager {
     private serviceUrl;
     private organizationId;
-    private organizationSecret;
     private config;
     private adaptiveConfig;
     private debug;
@@ -1388,11 +1435,13 @@ declare class HeartbeatManager {
     private visibilityHandler;
     private connectionChangeHandler;
     private batteryManager;
+    private authContext;
     private onHeartbeatSent?;
     private onHeartbeatError?;
     private onIntervalChanged?;
     private onPausedForBattery?;
     private onResumedFromBattery?;
+    private onTokenExpired?;
     constructor(options: HeartbeatManagerOptions);
     /**
      * Set the registration ID for heartbeat requests
@@ -1410,6 +1459,14 @@ declare class HeartbeatManager {
      * Check if heartbeat is running
      */
     isHeartbeatRunning(): boolean;
+    /**
+     * Get current authentication mode
+     */
+    getAuthMode(): AuthMode$1;
+    /**
+     * Update JWT token (for token refresh or upgrading from HMAC to JWT)
+     */
+    updateToken(token: string): void;
     /**
      * Send a single heartbeat
      */
@@ -1923,6 +1980,89 @@ declare function makeAuthenticatedRequest(organizationId: string, organizationSe
  */
 declare function isValidUUID(value: string | null | undefined): boolean;
 
+/**
+ * JWT Authentication Utilities
+ * Implements CloudSignal's JWT-based authentication for user-linked registrations
+ */
+/**
+ * Auth mode type
+ */
+type AuthMode = 'hmac' | 'jwt';
+/**
+ * JWT auth configuration
+ */
+interface JWTAuthConfig {
+    /** JWT token from identity provider (Supabase, Firebase, Auth0, etc.) */
+    token: string;
+    /** Organization ID (still needed for provider config lookup) */
+    organizationId: string;
+    /** Callback to refresh token when expired */
+    onTokenExpired?: () => Promise<string>;
+}
+/**
+ * Generate authentication headers for JWT-based requests
+ *
+ * @param token - JWT token from identity provider
+ * @param organizationId - Organization UUID
+ * @returns Headers object with Bearer token and org ID
+ */
+declare function generateJWTHeaders(token: string, organizationId: string): Record<string, string>;
+/**
+ * Make an authenticated request using JWT
+ * Handles token refresh on 401 errors
+ *
+ * @param config - JWT auth configuration
+ * @param method - HTTP method
+ * @param url - Request URL
+ * @param body - Request body (optional)
+ * @returns Fetch Response
+ */
+declare function makeJWTAuthenticatedRequest(config: JWTAuthConfig, method: string, url: string, body?: Record<string, any>): Promise<Response>;
+/**
+ * Auth context that can be passed to managers
+ */
+interface AuthContext {
+    mode: AuthMode;
+    organizationId: string;
+    organizationSecret?: string;
+    userToken?: string;
+    onTokenExpired?: () => Promise<string>;
+}
+/**
+ * Create auth context from config
+ * Determines auth mode based on provided credentials
+ *
+ * @param config - Configuration object
+ * @returns Auth context with detected mode
+ */
+declare function createAuthContext(config: {
+    organizationId: string;
+    organizationSecret?: string;
+    userToken?: string;
+    onTokenExpired?: () => Promise<string>;
+}): AuthContext;
+/**
+ * Make authenticated request using auth context
+ * Automatically selects HMAC or JWT based on context mode
+ *
+ * @param authContext - Auth context
+ * @param method - HTTP method
+ * @param url - Request URL
+ * @param body - Request body (optional)
+ * @param onTokenExpired - Token refresh callback (overrides context for this call)
+ * @returns Fetch Response
+ */
+declare function makeAuthenticatedRequestWithContext(authContext: AuthContext, method: string, url: string, body?: Record<string, any>, onTokenExpired?: () => Promise<string>): Promise<Response>;
+/**
+ * Update token in auth context (for JWT mode)
+ * Returns a new context with updated token
+ *
+ * @param authContext - Current auth context
+ * @param newToken - New JWT token
+ * @returns Updated auth context
+ */
+declare function updateAuthToken(authContext: AuthContext, newToken: string): AuthContext;
+
 /**
  * Browser Fingerprinting Utilities
  * Generate unique device identifiers for registration deduplication
@@ -2040,10 +2180,11 @@ declare class IndexedDBStorage {
  * Progressive Web App features with push notifications, installation management, and device tracking
  *
  * v1.1.0: Added WakeLock, OfflineQueue, iOS Install Banner, Network-aware Heartbeat, Notification Analytics
+ * v1.2.0: Added JWT auth support for user-linked registrations
  *
  * @packageDocumentation
  */
 
-declare const VERSION = "1.1.0";
+declare const VERSION = "1.2.0";
 
-export { type AdaptiveHeartbeatConfig, type BatteryInfo, type BeforeInstallPromptEvent, CloudSignalPWA, type ConfigLoadedEvent, DeviceDetector, type DeviceInfo, type DisplayMode, type EventHandler, type HeartbeatConfig, type HeartbeatEvent, HeartbeatManager, type IOSBannerLanguage, type IOSBannerStrings, IOSInstallBanner, type IOSInstallBannerConfig$1 as IOSInstallBannerConfig, type IOSInstallBannerOptions$1 as IOSInstallBannerOptions, IOS_BANNER_TRANSLATIONS, IndexedDBStorage, type InitializeResult, type InstallAvailableEvent, type InstallResult, type InstallResultEvent, InstallationManager, type InstallationState, type LoggerFunction, NOTIFICATION_PROMPT_TRANSLATIONS, type NetworkConnectionInfo, type NetworkEvent, type NetworkInfo, type NotificationAction, type NotificationAnalyticsConfig, type NotificationAnalyticsEvent, type NotificationPayload, NotificationPermissionPrompt, type NotificationPermissionState, type NotificationPreferences, type IOSBannerLanguage as NotificationPromptLanguage, type NotificationPromptStrings, type OfflineQueueConfig$1 as OfflineQueueConfig, OfflineQueueManager, type OfflineQueueStats, type PWACapabilities, type PWAConfig, type PWAEvent, type PWAServiceConfig, type PWASupportLevel, type PermissionEvent, type PlatformInfo, type PushClickedEvent, PushNotificationManager, type PushReceivedEvent, type PushRegisteredEvent, type PushSubscriptionData, type QueueProcessResult, type QueuedRequest, type RegisterOptions, type Registration, type RegistrationStatus, type RegistrationStatusResponse, type ScreenInfo, type ServiceWorkerConfig, type ServiceWorkerEvent, ServiceWorkerManager, VERSION, type WakeLockConfig$1 as WakeLockConfig, WakeLockManager, type WakeLockState, CloudSignalPWA as default, detectBrowserLanguage, deviceDetector, generateAuthHeaders, generateBrowserFingerprint, generateHMACSignature, generateTrackingId, getRegistrationId, getStorageItem, isValidUUID, makeAuthenticatedRequest, removeRegistrationId, removeStorageItem, setRegistrationId, setStorageItem };
+export { type AdaptiveHeartbeatConfig, type AuthContext, type AuthMode$1 as AuthMode, type BatteryInfo, type BeforeInstallPromptEvent, CloudSignalPWA, type ConfigLoadedEvent, DeviceDetector, type DeviceInfo, type DisplayMode, type EventHandler, type HeartbeatConfig, type HeartbeatEvent, HeartbeatManager, type IOSBannerLanguage, type IOSBannerStrings, IOSInstallBanner, type IOSInstallBannerConfig$1 as IOSInstallBannerConfig, type IOSInstallBannerOptions$1 as IOSInstallBannerOptions, IOS_BANNER_TRANSLATIONS, IndexedDBStorage, type InitializeResult, type InstallAvailableEvent, type InstallResult, type InstallResultEvent, InstallationManager, type InstallationState, type LoggerFunction, NOTIFICATION_PROMPT_TRANSLATIONS, type NetworkConnectionInfo, type NetworkEvent, type NetworkInfo, type NotificationAction, type NotificationAnalyticsConfig, type NotificationAnalyticsEvent, type NotificationPayload, NotificationPermissionPrompt, type NotificationPermissionState, type NotificationPreferences, type IOSBannerLanguage as NotificationPromptLanguage, type NotificationPromptStrings, type OfflineQueueConfig$1 as OfflineQueueConfig, OfflineQueueManager, type OfflineQueueStats, type PWACapabilities, type PWAConfig, type PWAEvent, type PWAServiceConfig, type PWASupportLevel, type PermissionEvent, type PlatformInfo, type PushClickedEvent, PushNotificationManager, type PushReceivedEvent, type PushRegisteredEvent, type PushSubscriptionData, type QueueProcessResult, type QueuedRequest, type RegisterOptions, type Registration, type RegistrationStatus, type RegistrationStatusResponse, type ScreenInfo, type ServiceWorkerConfig, type ServiceWorkerEvent, ServiceWorkerManager, VERSION, type WakeLockConfig$1 as WakeLockConfig, WakeLockManager, type WakeLockState, createAuthContext, CloudSignalPWA as default, detectBrowserLanguage, deviceDetector, generateAuthHeaders, generateBrowserFingerprint, generateHMACSignature, generateJWTHeaders, generateTrackingId, getRegistrationId, getStorageItem, isValidUUID, makeAuthenticatedRequest, makeAuthenticatedRequestWithContext, makeJWTAuthenticatedRequest, removeRegistrationId, removeStorageItem, setRegistrationId, setStorageItem, updateAuthToken };