@descope/node-sdk 0.0.0-next-a2202e1e-20260708 → 0.0.0-next-629609e5-20260711

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,2 +1,2 @@
1
- "use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),a=require("cross-fetch");function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var r=o(t);var n;null!==(n=globalThis.Headers)&&void 0!==n||(globalThis.Headers=a.Headers);const i="function"==typeof globalThis.fetch?(...e)=>globalThis.fetch(...e):(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),a.fetch(...e)),p=(e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${t}=([^;]*)`));return s?s[1]:null};const m=t=>async(...s)=>{var a,o,r;const n=await t(...s);if(!n.data)return n;let i=n.data,{refreshJwt:m}=i,d=e.__rest(i,["refreshJwt"]);const l=[];var c;return m?l.push(`${"DSR"}=${m}; Domain=${(null==(c=d)?void 0:c.cookieDomain)||""}; Max-Age=${(null==c?void 0:c.cookieMaxAge)||""}; Path=${(null==c?void 0:c.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=n.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(m=p(null===(o=n.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),l.push(null===(r=n.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},n),{data:Object.assign(Object.assign({},n.data),{refreshJwt:m,cookies:l})})};function d(e,t,s){var a,o;const r=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(r)?r:[]}function l(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var c={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",loadUsers:"/v1/mgmt/users/load",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history",import:"/v1/mgmt/user/import",updateRecoveryEmail:"/v1/mgmt/user/update/recovery/email",updateRecoveryPhone:"/v1/mgmt/user/update/recovery/phone",updateName:"/v1/mgmt/user/update/name",getCustomAttributes:"/v1/mgmt/user/customattributes",createCustomAttributes:"/v1/mgmt/user/customattribute/create",deleteCustomAttributes:"/v1/mgmt/user/customattribute/delete",removePasskey:"/v1/mgmt/user/passkey/delete",listPasskeys:"/v1/mgmt/user/passkeys/list",listTrustedDevices:"/v1/mgmt/user/trusteddevices/list",removeTrustedDevices:"/v1/mgmt/user/trusteddevices/remove"},u={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate",delete:"/v1/mgmt/project/delete"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",deactivateBatch:"/v1/mgmt/accesskey/deactivate/batch",activate:"/v1/mgmt/accesskey/activate",activateBatch:"/v1/mgmt/accesskey/activate/batch",delete:"/v1/mgmt/accesskey/delete",deleteBatch:"/v1/mgmt/accesskey/delete/batch",rotate:"/v1/mgmt/accesskey/rotate"},v={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",updateDefaultRoles:"/v1/mgmt/tenant/updateDefaultRoles",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate",revokeSSOConfigurationLink:"/v1/mgmt/tenant/adminlinks/sso/revoke"},f={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",wsfedCreate:"/v1/mgmt/sso/idp/app/wsfed/create",wsfedUpdate:"/v1/mgmt/sso/idp/app/wsfed/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load",secret:"/v1/mgmt/sso/idp/app/secret",rotate:"/v1/mgmt/sso/idp/app/rotate"},h={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate",deleteBatch:"/v1/mgmt/thirdparty/app/delete/batch"},R={delete:"/v1/mgmt/thirdparty/consents/delete",deleteTenant:"/v1/mgmt/thirdparty/consents/delete/tenant",search:"/v1/mgmt/thirdparty/consents/search"},y={create:"/v1/mgmt/outbound/app/create",createByTemplate:"/v1/mgmt/outbound/app/create/bytemplate",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token",deleteUserTokens:"/v1/mgmt/outbound/user/tokens",deleteTokenById:"/v1/mgmt/outbound/token",listAppsWithUserToken:"/v1/mgmt/outbound/apps-with-user-token",uploadUserApiKey:"/v1/mgmt/outbound/app/user/apikey/upload",uploadTenantApiKey:"/v1/mgmt/outbound/app/tenant/apikey/upload",uploadUserToken:"/v1/mgmt/outbound/app/user/oauthtoken/upload",uploadTenantToken:"/v1/mgmt/outbound/app/tenant/oauthtoken/upload",batchUploadUserTokens:"/v1/mgmt/outbound/app/user/oauthtoken/batch/upload",batchUploadTenantTokens:"/v1/mgmt/outbound/app/tenant/oauthtoken/batch/upload"},b={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",redirect:"/v1/mgmt/sso/redirect",recalculateMappings:"/v1/mgmt/sso/recalculate-mappings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},I={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",impersonateStepup:"/v1/mgmt/impersonate/stepup",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},k={settings:"/v1/mgmt/password/settings"},T={create:"/v1/mgmt/permission/create",createBatch:"/v1/mgmt/permission/create/batch",update:"/v1/mgmt/permission/update",updateBatch:"/v1/mgmt/permission/update/batch",delete:"/v1/mgmt/permission/delete",deleteBatch:"/v1/mgmt/permission/delete/batch",loadAll:"/v1/mgmt/permission/all"},A={create:"/v1/mgmt/role/create",createBatch:"/v1/mgmt/role/create/batch",update:"/v1/mgmt/role/update",updateBatch:"/v1/mgmt/role/update/batch",delete:"/v1/mgmt/role/delete",deleteBatch:"/v1/mgmt/role/delete/batch",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},O={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},S={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},j={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},w={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event",createAuditWebhook:"/v2/mgmt/connector/audit/web/set"},P={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},N={schema:"/v1/mgmt/fga/schema",dryRunSchema:"/v1/mgmt/fga/schema/dryrun",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save",mappableSchema:"/v1/mgmt/fga/mappable/schema",mappableResources:"/v1/mgmt/fga/mappable/resources"},U={create:"/v1/mgmt/descoper",update:"/v1/mgmt/descoper",get:"/v1/mgmt/descoper",delete:"/v1/mgmt/descoper",list:"/v1/mgmt/descoper/list"},x={create:"/v1/mgmt/managementkey",update:"/v1/mgmt/managementkey",load:"/v1/mgmt/managementkey",delete:"/v1/mgmt/managementkey/delete",search:"/v1/mgmt/managementkey/search"},C={get:"/v1/mgmt/license"},B={create:"/v1/mgmt/engine/create",update:"/v1/mgmt/engine/update",delete:"/v1/mgmt/engine/delete",load:"/v1/mgmt/engine/load",loadAll:"/v1/mgmt/engines/load",rotate:"/v1/mgmt/engine/rotate"},L={search:"/v1/mgmt/analytics/search"},M={create:"/v1/mgmt/list",update:"/v1/mgmt/list/update",delete:"/v1/mgmt/list/delete",load:"/v1/mgmt/list",loadByName:"/v1/mgmt/list/name",loadAll:"/v1/mgmt/list/all",import:"/v1/mgmt/list/import",addIPs:"/v1/mgmt/list/ip/add",removeIPs:"/v1/mgmt/list/ip/remove",checkIP:"/v1/mgmt/list/ip/check",addTexts:"/v1/mgmt/list/text/add",removeTexts:"/v1/mgmt/list/text/remove",checkText:"/v1/mgmt/list/text/check",clear:"/v1/mgmt/list/clear"},E={create:"/v1/mgmt/jwt/templates/create",update:"/v1/mgmt/jwt/templates/update",delete:"/v1/mgmt/jwt/templates/delete",list:"/v1/mgmt/jwt/templates/list",load:"/v1/mgmt/jwt/templates/load",validate:"/v1/mgmt/jwt/templates/validate",libraryList:"/v1/mgmt/jwt/templates/library/list",libraryLoad:"/v1/mgmt/jwt/templates/library/load",libraryApply:"/v1/mgmt/jwt/templates/library/apply"},D={get:"/v1/mgmt/scopeClaimMapping/get",set:"/v1/mgmt/scopeClaimMapping/set",delete:"/v1/mgmt/scopeClaimMapping/delete"};function q(t){return t.map((t=>{var{loginIdOrUserId:s,loginId:a,roles:o}=t,r=e.__rest(t,["loginIdOrUserId","loginId","roles"]);return Object.assign(Object.assign({},r),{loginId:null!=s?s:a,roleNames:o})}))}const F=e=>{function s(e,t){const s={loginId:e};return void 0!==t.email&&(s.email=t.email),void 0!==t.phone&&(s.phone=t.phone),void 0!==t.displayName&&(s.displayName=t.displayName),void 0!==t.givenName&&(s.givenName=t.givenName),void 0!==t.middleName&&(s.middleName=t.middleName),void 0!==t.familyName&&(s.familyName=t.familyName),void 0!==t.roles&&(s.roleNames=t.roles),void 0!==t.userTenants&&(s.userTenants=t.userTenants),void 0!==t.customAttributes&&(s.customAttributes=t.customAttributes),void 0!==t.picture&&(s.picture=t.picture),void 0!==t.verifiedEmail&&(s.verifiedEmail=t.verifiedEmail),void 0!==t.verifiedPhone&&(s.verifiedPhone=t.verifiedPhone),void 0!==t.ssoAppIds&&(s.ssoAppIds=t.ssoAppIds),void 0!==t.scim&&(s.scim=t.scim),void 0!==t.status&&(s.status=t.status),void 0!==t.additionalIdentifiers&&(s.additionalIdentifiers=t.additionalIdentifiers),s}return{create:function(s,a,o,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof a?{loginId:s,email:a,phone:o,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f}:Object.assign(Object.assign({loginId:s},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return t.transformResponse(e.post(c.create,h),(e=>e.user))},createTestUser:function(s,a,o,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof a?{loginId:s,email:a,phone:o,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f,test:!0}:Object.assign(Object.assign({loginId:s},a),{roleNames:null==a?void 0:a.roles,roles:void 0,test:!0});return t.transformResponse(e.post(c.createTestUser,h),(e=>e.user))},invite:function(s,a,o,r,n,i,p,m,d,l,u,g,v,f,h,R,y,b,I){const k="string"==typeof a?{loginId:s,email:a,phone:o,displayName:r,givenName:f,middleName:h,familyName:R,roleNames:n,userTenants:i,invite:!0,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,inviteUrl:u,sendMail:g,sendSMS:v,additionalLoginIds:y,templateId:b,locale:I}:Object.assign(Object.assign({loginId:s},a),{roleNames:null==a?void 0:a.roles,roles:void 0,invite:!0});return t.transformResponse(e.post(c.create,k),(e=>e.user))},inviteBatch:(s,a,o,r,n,i,p)=>t.transformResponse(e.post(c.createBatch,{users:q(s),invite:!0,inviteUrl:a,sendMail:o,sendSMS:r,templateOptions:n,templateId:i,locale:p}),(e=>e)),createBatch:s=>t.transformResponse(e.post(c.createBatch,{users:q(s)}),(e=>e)),deleteBatch:s=>t.transformResponse(e.post(c.deleteBatch,{userIds:s})),update:function(s,a,o,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof a?{loginId:s,email:a,phone:o,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f}:Object.assign(Object.assign({loginId:s},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return t.transformResponse(e.post(c.update,h),(e=>e.user))},patch:function(a,o){const r=s(a,o);return t.transformResponse(e.patch(c.patch,r),(e=>e.user))},patchBatch:function(a){if(a.find((e=>!e.loginIdOrUserId&&!e.loginId)))return Promise.reject(new Error("patchBatch: each user must have loginIdOrUserId or loginId"));const o={users:a.map((e=>{var t;return s(null!==(t=e.loginIdOrUserId)&&void 0!==t?t:e.loginId,e)}))};return t.transformResponse(e.patch(c.patchBatch,o),(e=>e))},delete:s=>t.transformResponse(e.post(c.delete,{loginId:s})),deleteByUserId:s=>t.transformResponse(e.post(c.delete,{userId:s})),deleteAllTestUsers:()=>t.transformResponse(e.delete(c.deleteAllTestUsers)),load:s=>t.transformResponse(e.get(c.load,{queryParams:{loginId:s}}),(e=>e.user)),loadByUserId:s=>t.transformResponse(e.get(c.load,{queryParams:{userId:s}}),(e=>e.user)),logoutUser:s=>t.transformResponse(e.post(c.logout,{loginId:s})),logoutUserByUserId:s=>t.transformResponse(e.post(c.logout,{userId:s})),loadUsers:(s,a)=>t.transformResponse(e.post(c.loadUsers,{userIds:s,includeInvalidUsers:a}),(e=>e.users)),searchAll:(s,a,o,r,n,i,p,m,d,l)=>t.transformResponse(e.post(c.search,{tenantIds:s,roleNames:a,limit:o,page:r,testUsersOnly:n,withTestUser:i,customAttributes:p,statuses:m,emails:d,phones:l}),(e=>e.users)),searchTestUsers:s=>t.transformResponse(e.post(c.searchTestUsers,Object.assign(Object.assign({},s),{withTestUser:!0,testUsersOnly:!0,roleNames:s.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),search:s=>t.transformResponse(e.post(c.search,Object.assign(Object.assign({},s),{roleNames:s.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),getProviderToken:(s,a,o)=>t.transformResponse(e.get(c.getProviderToken,{queryParams:{loginId:s,provider:a,withRefreshToken:(null==o?void 0:o.withRefreshToken)?"true":"false",forceRefresh:(null==o?void 0:o.forceRefresh)?"true":"false"}}),(e=>e)),activate:s=>t.transformResponse(e.post(c.updateStatus,{loginId:s,status:"enabled"}),(e=>e.user)),deactivate:s=>t.transformResponse(e.post(c.updateStatus,{loginId:s,status:"disabled"}),(e=>e.user)),updateLoginId:(s,a)=>t.transformResponse(e.post(c.updateLoginId,{loginId:s,newLoginId:a}),(e=>e.user)),updateEmail:(s,a,o,r)=>t.transformResponse(e.post(c.updateEmail,{loginId:s,email:a,verified:o,failOnConflict:r}),(e=>e.user)),updatePhone:(s,a,o,r)=>t.transformResponse(e.post(c.updatePhone,{loginId:s,phone:a,verified:o,failOnConflict:r}),(e=>e.user)),updateDisplayName:(s,a,o,r,n)=>t.transformResponse(e.post(c.updateDisplayName,{loginId:s,displayName:a,givenName:o,middleName:r,familyName:n}),(e=>e.user)),updatePicture:(s,a)=>t.transformResponse(e.post(c.updatePicture,{loginId:s,picture:a}),(e=>e.user)),updateCustomAttribute:(s,a,o)=>t.transformResponse(e.post(c.updateCustomAttribute,{loginId:s,attributeKey:a,attributeValue:o}),(e=>e.user)),setRoles:(s,a)=>t.transformResponse(e.post(c.setRole,{loginId:s,roleNames:a}),(e=>e.user)),addRoles:(s,a)=>t.transformResponse(e.post(c.addRole,{loginId:s,roleNames:a}),(e=>e.user)),removeRoles:(s,a)=>t.transformResponse(e.post(c.removeRole,{loginId:s,roleNames:a}),(e=>e.user)),addTenant:(s,a)=>t.transformResponse(e.post(c.addTenant,{loginId:s,tenantId:a}),(e=>e.user)),removeTenant:(s,a)=>t.transformResponse(e.post(c.removeTenant,{loginId:s,tenantId:a}),(e=>e.user)),setTenantRoles:(s,a,o)=>t.transformResponse(e.post(c.setRole,{loginId:s,tenantId:a,roleNames:o}),(e=>e.user)),addTenantRoles:(s,a,o)=>t.transformResponse(e.post(c.addRole,{loginId:s,tenantId:a,roleNames:o}),(e=>e.user)),removeTenantRoles:(s,a,o)=>t.transformResponse(e.post(c.removeRole,{loginId:s,tenantId:a,roleNames:o}),(e=>e.user)),addSSOapps:(s,a)=>t.transformResponse(e.post(c.addSSOApps,{loginId:s,ssoAppIds:a}),(e=>e.user)),setSSOapps:(s,a)=>t.transformResponse(e.post(c.setSSOApps,{loginId:s,ssoAppIds:a}),(e=>e.user)),removeSSOapps:(s,a)=>t.transformResponse(e.post(c.removeSSOApps,{loginId:s,ssoAppIds:a}),(e=>e.user)),generateOTPForTestUser:(s,a,o)=>t.transformResponse(e.post(c.generateOTPForTest,{deliveryMethod:s,loginId:a,loginOptions:o}),(e=>e)),generateMagicLinkForTestUser:(s,a,o,r)=>t.transformResponse(e.post(c.generateMagicLinkForTest,{deliveryMethod:s,loginId:a,URI:o,loginOptions:r}),(e=>e)),generateEnchantedLinkForTestUser:(s,a,o)=>t.transformResponse(e.post(c.generateEnchantedLinkForTest,{loginId:s,URI:a,loginOptions:o}),(e=>e)),generateEmbeddedLink:(s,a,o)=>t.transformResponse(e.post(c.generateEmbeddedLink,{loginId:s,customClaims:a,timeout:o}),(e=>e)),generateSignUpEmbeddedLink:(s,a,o,r,n,i)=>t.transformResponse(e.post(c.generateSignUpEmbeddedLink,{loginId:s,user:a,emailVerified:o,phoneVerified:r,loginOptions:n,timeout:i}),(e=>e)),setTemporaryPassword:(s,a)=>t.transformResponse(e.post(c.setTemporaryPassword,{loginId:s,password:a}),(e=>e)),setActivePassword:(s,a)=>t.transformResponse(e.post(c.setActivePassword,{loginId:s,password:a}),(e=>e)),setPassword:(s,a)=>t.transformResponse(e.post(c.setPassword,{loginId:s,password:a}),(e=>e)),expirePassword:s=>t.transformResponse(e.post(c.expirePassword,{loginId:s}),(e=>e)),removeAllPasskeys:s=>t.transformResponse(e.post(c.removeAllPasskeys,{loginId:s}),(e=>e)),removeTOTPSeed:s=>t.transformResponse(e.post(c.removeTOTPSeed,{loginId:s}),(e=>e)),history:s=>t.transformResponse(e.post(c.history,s),(e=>e)),import:(s,a,o,r)=>t.transformResponse(e.post(c.import,{source:s,users:a,hashes:o,dryrun:null!=r&&r}),(e=>e)),updateRecoveryEmail:(s,a,o)=>t.transformResponse(e.post(c.updateRecoveryEmail,{loginId:s,recoveryEmail:a,verified:o}),(e=>e.user)),updateRecoveryPhone:(s,a,o)=>t.transformResponse(e.post(c.updateRecoveryPhone,{loginId:s,recoveryPhone:a,verified:o}),(e=>e.user)),updateUserNames:(s,a,o,r)=>t.transformResponse(e.post(c.updateName,{loginId:s,givenName:a,middleName:o,familyName:r}),(e=>e.user)),getCustomAttributes:()=>t.transformResponse(e.get(c.getCustomAttributes),(e=>e.data)),createCustomAttributes:s=>t.transformResponse(e.post(c.createCustomAttributes,{attributes:s}),(e=>e.data)),deleteCustomAttributes:s=>t.transformResponse(e.post(c.deleteCustomAttributes,{names:s}),(e=>e.data)),removePasskey:(s,a)=>t.transformResponse(e.post(c.removePasskey,{loginId:s,credentialId:a}),(e=>e)),listPasskeys:s=>t.transformResponse(e.post(c.listPasskeys,{loginId:s}),(e=>e.passkeys)),listTrustedDevices:s=>t.transformResponse(e.post(c.listTrustedDevices,{identifiers:s}),(e=>e.devices)),removeTrustedDevices:(s,a)=>t.transformResponse(e.post(c.removeTrustedDevices,{identifier:s,deviceIds:a}),(e=>e))}},$=e=>({create:(s,a,o,r,n,i,p)=>t.transformResponse(e.post(v.create,{name:s,selfProvisioningDomains:a,customAttributes:o,enforceSSO:r,disabled:n,parent:i,roleInheritance:p})),createWithId:(s,a,o,r,n,i,p,m)=>t.transformResponse(e.post(v.create,{id:s,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:n,disabled:i,parent:p,roleInheritance:m})),update:(s,a,o,r,n,i,p)=>t.transformResponse(e.post(v.update,{id:s,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:n,disabled:i,roleInheritance:p})),updateDefaultRoles:(s,a)=>t.transformResponse(e.post(v.updateDefaultRoles,{id:s,defaultRoles:a})),delete:(s,a)=>t.transformResponse(e.post(v.delete,{id:s,cascade:a})),load:s=>t.transformResponse(e.get(v.load,{queryParams:{id:s}}),(e=>e)),loadAll:()=>t.transformResponse(e.get(v.loadAll,{}),(e=>e.tenants)),searchAll:(s,a,o,r,n)=>t.transformResponse(e.post(v.searchAll,{tenantIds:s,tenantNames:a,tenantSelfProvisioningDomains:o,customAttributes:r,parentTenantId:n}),(e=>e.tenants)),getSettings:s=>t.transformResponse(e.get(v.settings,{queryParams:{id:s}}),(e=>e)),configureSettings:(s,a)=>t.transformResponse(e.post(v.settings,Object.assign(Object.assign({},a),{tenantId:s}),{})),generateSSOConfigurationLink:(s,a,o,r,n,i)=>t.transformResponse(e.post(v.generateSSOConfigurationLink,{tenantId:s,expireTime:a,ssoId:o,email:r,templateId:n,actorId:i},{}),(e=>e)),revokeSSOConfigurationLink:(s,a)=>t.transformResponse(e.post(v.revokeSSOConfigurationLink,Object.assign({tenantId:s},a?{ssoId:a}:{}),{}))}),K=e=>({update:(s,a,o)=>t.transformResponse(e.post(I.update,{jwt:s,customClaims:a,refreshDuration:o})),impersonate:(s,a,o,r,n,i)=>t.transformResponse(e.post(I.impersonate,{impersonatorId:s,loginId:a,validateConsent:o,customClaims:r,selectedTenant:n,refreshDuration:i})),impersonateStepup:(s,a,o,r,n,i)=>t.transformResponse(e.post(I.impersonateStepup,{impersonatorId:s,loginId:a,validateConsent:o,customClaims:r,selectedTenant:n,refreshDuration:i})),stopImpersonation:(s,a,o,r)=>t.transformResponse(e.post(I.stopImpersonation,{jwt:s,customClaims:a,selectedTenant:o,refreshDuration:r})),signIn:(s,a)=>t.transformResponse(e.post(I.signIn,Object.assign({loginId:s},a))),signUp:(s,a,o)=>t.transformResponse(e.post(I.signUp,Object.assign({loginId:s,user:a},o))),signUpOrIn:(s,a,o)=>t.transformResponse(e.post(I.signUpOrIn,Object.assign({loginId:s,user:a},o))),anonymous:(s,a,o)=>t.transformResponse(e.post(I.anonymous,{customClaims:s,selectedTenant:a,refreshDuration:o})),generateClientAssertionJwt:(s,a,o,r,n,i)=>t.transformResponse(e.post(I.clientAssertion,{issuer:s,subject:a,audience:o,expiresIn:r,flattenAudience:n,algorithm:i}))}),W=e=>({create:(s,a)=>t.transformResponse(e.post(T.create,{name:s,description:a})),createBatch:s=>t.transformResponse(e.post(T.createBatch,{permissions:s})),update:(s,a,o)=>t.transformResponse(e.post(T.update,{name:s,newName:a,description:o})),updateWithId:(s,a,o)=>t.transformResponse(e.post(T.update,{id:s,newName:a,description:o})),updateBatch:s=>t.transformResponse(e.post(T.updateBatch,{permissions:s})),delete:s=>t.transformResponse(e.post(T.delete,{name:s})),deleteWithId:s=>t.transformResponse(e.post(T.delete,{id:s})),deleteBatch:(s,a)=>t.transformResponse(e.post(T.deleteBatch,{names:s,ids:a})),loadAll:()=>t.transformResponse(e.get(T.loadAll,{}),(e=>e.permissions))}),J=e=>({create:(s,a,o,r,n)=>t.transformResponse(e.post(A.create,{name:s,description:a,permissionNames:o,tenantId:r,default:n})),createBatch:s=>t.transformResponse(e.post(A.createBatch,{roles:s}),(e=>e.roles)),update:(s,a,o,r,n,i)=>t.transformResponse(e.post(A.update,{name:s,newName:a,description:o,permissionNames:r,tenantId:n,default:i})),updateWithId:(s,a,o,r,n,i)=>t.transformResponse(e.post(A.update,{id:s,newName:a,description:o,permissionNames:r,tenantId:n,default:i})),updateBatch:s=>t.transformResponse(e.post(A.updateBatch,{roles:s}),(e=>e.roles)),delete:(s,a)=>t.transformResponse(e.post(A.delete,{name:s,tenantId:a})),deleteWithId:(s,a)=>t.transformResponse(e.post(A.delete,{id:s,tenantId:a})),deleteBatch:(s,a,o)=>t.transformResponse(e.post(A.deleteBatch,{roleNames:s,tenantId:a,roleIds:o})),loadAll:()=>t.transformResponse(e.get(A.loadAll,{}),(e=>e.roles)),search:s=>t.transformResponse(e.post(A.search,s,{}),(e=>e.roles))}),z=e=>({loadAllGroups:s=>t.transformResponse(e.post(j.loadAllGroups,{tenantId:s})),loadAllGroupsForMember:(s,a,o)=>t.transformResponse(e.post(j.loadAllGroupsForMember,{tenantId:s,loginIds:o,userIds:a})),loadAllGroupMembers:(s,a)=>t.transformResponse(e.post(j.loadAllGroupMembers,{tenantId:s,groupId:a}))});function G(e){var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}const H=e=>({getSettings:s=>t.transformResponse(e.get(b.settings,{queryParams:{tenantId:s}}),(e=>e)),newSettings:(s,a,o)=>t.transformResponse(e.post(b.settingsNew,Object.assign(Object.assign({tenantId:s},a?{ssoId:a}:{}),{displayName:o})),(e=>G(e))),deleteSettings:(s,a)=>t.transformResponse(e.delete(b.settings,{queryParams:Object.assign({tenantId:s},a?{ssoId:a}:{})})),configureSettings:(s,a,o,r,n,i)=>t.transformResponse(e.post(b.settings,{tenantId:s,idpURL:a,entityId:r,idpCert:o,redirectURL:n,domains:i})),configureMetadata:(s,a,o,r)=>t.transformResponse(e.post(b.metadata,{tenantId:s,idpMetadataURL:a,redirectURL:o,domains:r})),configureMapping:(s,a,o,r)=>t.transformResponse(e.post(b.mapping,{tenantId:s,roleMappings:a,attributeMapping:o,defaultSSORoles:r})),configureOIDCSettings:(s,a,o,r)=>{const n=Object.assign(Object.assign({},a),{userAttrMapping:a.attributeMapping});return delete n.attributeMapping,t.transformResponse(e.post(b.oidc.configure,Object.assign({tenantId:s,settings:n,domains:o},r?{ssoId:r}:{})))},configureSAMLSettings:(s,a,o,r,n)=>t.transformResponse(e.post(b.saml.configure,Object.assign({tenantId:s,settings:a,redirectUrl:o,domains:r},n?{ssoId:n}:{}))),configureSAMLByMetadata:(s,a,o,r,n)=>t.transformResponse(e.post(b.saml.metadata,Object.assign({tenantId:s,settings:a,redirectUrl:o,domains:r},n?{ssoId:n}:{}))),configureSSORedirectURL:(s,a,o,r)=>t.transformResponse(e.post(b.redirect,Object.assign(Object.assign(Object.assign({tenantId:s},void 0!==a?{samlRedirectUrl:a}:{}),void 0!==o?{oauthRedirectUrl:o}:{}),r?{ssoId:r}:{}))),recalculateSSOMappings:(s,a)=>t.transformResponse(e.post(b.recalculateMappings,Object.assign({tenantId:s},a?{ssoId:a}:{}))),loadSettings:(s,a)=>t.transformResponse(e.get(b.settingsv2,{queryParams:Object.assign({tenantId:s},a?{ssoId:a}:{})}),(e=>G(e))),loadAllSettings:s=>t.transformResponse(e.get(b.settingsAllV2,{queryParams:{tenantId:s}}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push(G(e)))),s}(e)))}),V=e=>({create:(s,a,o,r,n,i,p,m,d)=>t.transformResponse(e.post(g.create,{name:s,expireTime:a,roleNames:o,keyTenants:r,userId:n,customClaims:i,description:p,permittedIps:m,customAttributes:d})),load:s=>t.transformResponse(e.get(g.load,{queryParams:{id:s}}),(e=>e.key)),searchAll:(s,a,o,r)=>t.transformResponse(e.post(g.search,{tenantIds:s,boundUserId:a,creatingUser:o,customAttributes:r}),(e=>e.keys)),update:(s,a,o,r,n,i,p,m)=>t.transformResponse(e.post(g.update,{id:s,name:a,description:o,roleNames:r,keyTenants:n,customClaims:i,permittedIps:p,customAttributes:m}),(e=>e.key)),deactivate:s=>t.transformResponse(e.post(g.deactivate,{id:s})),deactivateBatch:s=>t.transformResponse(e.post(g.deactivateBatch,{ids:s})),activate:s=>t.transformResponse(e.post(g.activate,{id:s})),activateBatch:s=>t.transformResponse(e.post(g.activateBatch,{ids:s})),delete:s=>t.transformResponse(e.post(g.delete,{id:s})),deleteBatch:s=>t.transformResponse(e.post(g.deleteBatch,{ids:s})),rotate:s=>t.transformResponse(e.post(g.rotate,{id:s}))}),_=e=>({list:()=>t.transformResponse(e.post(O.list,{})),delete:s=>t.transformResponse(e.post(O.delete,{ids:s})),export:s=>t.transformResponse(e.post(O.export,{flowId:s})),import:(s,a,o)=>t.transformResponse(e.post(O.import,{flowId:s,flow:a,screens:o})),run:(s,a)=>t.transformResponse(e.post(O.run,{flowId:s,options:a}),(e=>null==e?void 0:e.output))}),Q=e=>({export:()=>t.transformResponse(e.post(S.export,{})),import:s=>t.transformResponse(e.post(S.import,{theme:s}))}),X=e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t})),Y=e=>({search:s=>{const a=Object.assign(Object.assign({},s),{externalIds:s.loginIds});return delete a.loginIds,t.transformResponse(e.post(w.search,a),X)},searchAll:s=>{const a=Object.assign(Object.assign({},s),{externalIds:s.loginIds});return delete a.loginIds,t.transformResponse(e.post(w.search,a),(e=>({audits:X(e),total:null==e?void 0:e.total})))},createEvent:s=>{const a=Object.assign({},s);return t.transformResponse(e.post(w.createEvent,a))},createAuditWebhook:s=>t.transformResponse(e.post(w.createAuditWebhook,s))}),Z=(e,s)=>{var a;const o=null!==(a=null==s?void 0:s.fgaCacheTimeoutMs)&&void 0!==a?a:3e4,r=Number.isFinite(o)&&o>0?o:3e4,n=async(t,a)=>{if((null==s?void 0:s.fgaCacheUrl)&&s.managementKey){const e=`${s.fgaCacheUrl}${t}`,o=new AbortController,n=setTimeout((()=>o.abort()),r);try{const t=await i(e,{method:"POST",headers:Object.assign(Object.assign({},s.headers),{"Content-Type":"application/json",Authorization:`Bearer ${s.projectId}:${s.managementKey}`,"x-descope-project-id":s.projectId}),body:JSON.stringify(a),signal:o.signal});if(t.ok){const e=await t.text();return t.text=()=>Promise.resolve(e),t.json=async()=>JSON.parse(e),t.clone=()=>t,t}}catch(e){}finally{clearTimeout(n)}}return e.post(t,a)};return{saveSchema:(s,a)=>t.transformResponse(e.post(P.schemaSave,{schema:s,upgrade:a})),deleteSchema:()=>t.transformResponse(e.post(P.schemaDelete,{})),loadSchema:()=>t.transformResponse(e.post(P.schemaLoad,{}),(e=>e.schema)),saveNamespace:(s,a,o)=>t.transformResponse(e.post(P.nsSave,{namespace:s,oldName:a,schemaName:o})),deleteNamespace:(s,a)=>t.transformResponse(e.post(P.nsDelete,{name:s,schemaName:a})),saveRelationDefinition:(s,a,o,r)=>t.transformResponse(e.post(P.rdSave,{relationDefinition:s,namespace:a,oldName:o,schemaName:r})),deleteRelationDefinition:(s,a,o)=>t.transformResponse(e.post(P.rdDelete,{name:s,namespace:a,schemaName:o})),createRelations:s=>t.transformResponse(e.post(P.reCreate,{relations:s})),deleteRelations:s=>t.transformResponse(e.post(P.reDelete,{relations:s})),deleteRelationsForResources:s=>t.transformResponse(e.post(P.reDeleteResources,{resources:s})),deleteResourceRelationsForResources:s=>t.transformResponse(e.post(P.reDeleteResourceRelationsForResources,{resources:s})),deleteRelationsForIds:s=>t.transformResponse(e.post(P.reDeleteResources,{resources:s})),hasRelations:s=>t.transformResponse(e.post(P.hasRelations,{relationQueries:s}),(e=>e.relationQueries)),whoCanAccess:(e,s,a)=>t.transformResponse(n(P.who,{resource:e,relationDefinition:s,namespace:a}),(e=>e.targets)),resourceRelations:(s,a=!1)=>t.transformResponse(e.post(P.resource,{resource:s,ignoreTargetSetRelations:a}),(e=>e.relations)),resourceRelationsWithTargetSetsFilter:(s,a=!0)=>t.transformResponse(e.post(P.resource,{resource:s,ignoreTargetSetRelations:!a}),(e=>e.relations)),targetsRelations:(s,a=!1)=>t.transformResponse(e.post(P.targets,{targets:s,includeTargetSetRelations:a}),(e=>e.relations)),targetsRelationsWithTargetSetsFilter:(s,a=!1)=>t.transformResponse(e.post(P.targets,{targets:s,includeTargetSetRelations:a}),(e=>e.relations)),whatCanTargetAccess:e=>t.transformResponse(n(P.targetAll,{target:e}),(e=>e.relations)),whatCanTargetAccessWithRelation:(s,a,o)=>t.transformResponse(e.post(P.targetWithRelation,{target:s,relationDefinition:a,namespace:o}),(e=>e.resources.map((e=>({resource:e}))))),getModified:s=>t.transformResponse(e.post(P.getModified,{since:s?s.getTime():0}),(e=>e))}},ee=e=>({createOidcApplication:s=>{var a;return t.transformResponse(e.post(f.oidcCreate,Object.assign(Object.assign({},s),{enabled:null===(a=s.enabled)||void 0===a||a})))},createSamlApplication:s=>{var a;return t.transformResponse(e.post(f.samlCreate,Object.assign(Object.assign({},s),{enabled:null===(a=s.enabled)||void 0===a||a})))},updateOidcApplication:s=>t.transformResponse(e.post(f.oidcUpdate,Object.assign({},s))),updateSamlApplication:s=>t.transformResponse(e.post(f.samlUpdate,Object.assign({},s))),createWsFedApplication:s=>{var a;return t.transformResponse(e.post(f.wsfedCreate,Object.assign(Object.assign({},s),{enabled:null===(a=s.enabled)||void 0===a||a})))},updateWsFedApplication:s=>t.transformResponse(e.post(f.wsfedUpdate,Object.assign({},s))),delete:s=>t.transformResponse(e.post(f.delete,{id:s})),load:s=>t.transformResponse(e.get(f.load,{queryParams:{id:s}}),(e=>e)),loadAll:()=>t.transformResponse(e.get(f.loadAll,{}),(e=>e.apps)),getApplicationSecret:s=>t.transformResponse(e.get(f.secret,{queryParams:{id:s}}),(e=>e)),rotateApplicationSecret:s=>t.transformResponse(e.post(f.rotate,{id:s}),(e=>e))}),te=e=>({getSettings:s=>t.transformResponse(e.get(k.settings,{queryParams:{tenantId:s}}),(e=>e)),configureSettings:(s,a)=>t.transformResponse(e.post(k.settings,Object.assign(Object.assign({},a),{tenantId:s})))}),se=(e,s)=>{var a;const o=null!==(a=null==s?void 0:s.fgaCacheTimeoutMs)&&void 0!==a?a:3e4,r=Number.isFinite(o)&&o>0?o:3e4,n=async(t,a)=>{if((null==s?void 0:s.fgaCacheUrl)&&s.managementKey){const e=`${s.fgaCacheUrl}${t}`,o=new AbortController,n=setTimeout((()=>o.abort()),r);try{const t=await i(e,{method:"POST",headers:Object.assign(Object.assign({},s.headers),{"Content-Type":"application/json",Authorization:`Bearer ${s.projectId}:${s.managementKey}`,"x-descope-project-id":s.projectId}),body:JSON.stringify(a),signal:o.signal});if(t.ok){const e=await t.text();return t.text=()=>Promise.resolve(e),t.json=async()=>JSON.parse(e),t.clone=()=>t,t}}catch(e){}finally{clearTimeout(n)}}return e.post(t,a)};return{saveSchema:e=>t.transformResponse(n(N.schema,e)),loadSchema:()=>t.transformResponse(e.get(N.schema,{}),(e=>e)),dryRunSchema:s=>t.transformResponse(e.post(N.dryRunSchema,s),(e=>e)),deleteSchema:()=>t.transformResponse(e.post(P.schemaDelete,{})),createRelations:e=>t.transformResponse(n(N.relations,{tuples:e})),deleteRelations:e=>t.transformResponse(n(N.deleteRelations,{tuples:e})),check:e=>t.transformResponse(n(N.check,{tuples:e}),(e=>e.tuples)),checkWithContext:(e,s)=>t.transformResponse(n(N.check,Object.assign({tuples:e},s&&Object.keys(s).length>0?{context:s}:{})),(e=>e.tuples)),loadResourcesDetails:s=>t.transformResponse(e.post(N.resourcesLoad,{resourceIdentifiers:s}),(e=>e.resourcesDetails)),saveResourcesDetails:s=>t.transformResponse(e.post(N.resourcesSave,{resourcesDetails:s})),loadMappableSchema:(s,a)=>t.transformResponse(e.get(N.mappableSchema,{queryParams:Object.assign({tenantId:s},(null==a?void 0:a.resourcesLimit)&&a.resourcesLimit>0?{resourcesLimit:a.resourcesLimit.toString()}:{})}),(e=>e)),searchMappableResources:(s,a,o)=>t.transformResponse(e.post(N.mappableResources,Object.assign({tenantId:s,resourcesQueries:a},(null==o?void 0:o.resourcesLimit)&&o.resourcesLimit>0?{resourcesLimit:o.resourcesLimit.toString()}:{})),(e=>e.mappableResources)),deleteAllRelations:()=>t.transformResponse(e.delete(N.relations))}},ae=e=>({createApplication:s=>t.transformResponse(e.post(h.create,Object.assign({},s))),updateApplication:s=>t.transformResponse(e.post(h.update,Object.assign({},s))),patchApplication:s=>t.transformResponse(e.post(h.patch,Object.assign({},s))),deleteApplication:s=>t.transformResponse(e.post(h.delete,{id:s})),deleteApplicationBatch:s=>t.transformResponse(e.post(h.deleteBatch,{ids:s})),loadApplication:s=>t.transformResponse(e.get(h.load,{queryParams:{id:s}}),(e=>e)),loadAllApplications:()=>t.transformResponse(e.get(h.loadAll,{}),(e=>e.apps)),getApplicationSecret:s=>t.transformResponse(e.get(h.secret,{queryParams:{id:s}}),(e=>e)),rotateApplicationSecret:s=>t.transformResponse(e.post(h.rotate,{id:s})),searchConsents:s=>t.transformResponse(e.post(R.search,Object.assign({},s)),(e=>e.consents)),deleteConsents:s=>t.transformResponse(e.post(R.delete,Object.assign({},s))),deleteTenantConsents:s=>t.transformResponse(e.post(R.deleteTenant,Object.assign({},s)))}),oe=e=>({createApplication:s=>t.transformResponse(e.post(y.create,Object.assign({},s)),(e=>e.app)),createApplicationByTemplate:s=>t.transformResponse(e.post(y.createByTemplate,Object.assign({},s)),(e=>e.app)),updateApplication:s=>t.transformResponse(e.post(y.update,{app:s}),(e=>e.app)),deleteApplication:s=>t.transformResponse(e.post(y.delete,{id:s})),loadApplication:s=>t.transformResponse(e.get(`${y.load}/${s}`),(e=>e.app)),loadAllApplications:()=>t.transformResponse(e.get(y.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(s,a,o,r,n)=>t.transformResponse(e.post(y.fetchTokenByScopes,{appId:s,userId:a,scopes:o,options:r,tenantId:n}),(e=>e.token)),fetchToken:(s,a,o,r)=>t.transformResponse(e.post(y.fetchToken,{appId:s,userId:a,tenantId:o,options:r}),(e=>e.token)),fetchTenantTokenByScopes:(s,a,o,r)=>t.transformResponse(e.post(y.fetchTenantTokenByScopes,{appId:s,tenantId:a,scopes:o,options:r}),(e=>e.token)),fetchTenantToken:(s,a,o)=>t.transformResponse(e.post(y.fetchTenantToken,{appId:s,tenantId:a,options:o}),(e=>e.token)),deleteUserTokens:(s,a)=>t.transformResponse(e.delete(y.deleteUserTokens,{queryParams:{appId:s,userId:a}})),deleteTokenById:s=>t.transformResponse(e.delete(y.deleteTokenById,{queryParams:{id:s}})),listAppsWithUserToken:(s,a)=>t.transformResponse(e.get(y.listAppsWithUserToken,{queryParams:Object.assign({userId:s},a?{tenantId:a}:{})}),(e=>e.appIds)),uploadUserApiKey:(s,a,o,r)=>t.transformResponse(e.post(y.uploadUserApiKey,{appId:s,userId:a,apiKey:o,tenantId:r})),uploadTenantApiKey:(s,a,o)=>t.transformResponse(e.post(y.uploadTenantApiKey,{appId:s,tenantId:a,apiKey:o})),uploadUserToken:s=>t.transformResponse(e.post(y.uploadUserToken,Object.assign({},s))),uploadTenantToken:s=>t.transformResponse(e.post(y.uploadTenantToken,Object.assign({},s))),batchUploadUserTokens:s=>t.transformResponse(e.post(y.batchUploadUserTokens,{tokens:s})),batchUploadTenantTokens:s=>t.transformResponse(e.post(y.batchUploadTenantTokens,{tokens:s}))}),re=e=>({create:s=>t.transformResponse(e.put(U.create,{descopers:s}),(e=>({descopers:e.descopers,total:e.total}))),update:(s,a,o)=>t.transformResponse(e.patch(U.update,{id:s,attributes:a,rbac:o}),(e=>e.descoper)),load:s=>t.transformResponse(e.get(U.get,{queryParams:{id:s}}),(e=>e.descoper)),delete:s=>t.transformResponse(e.delete(U.delete,{queryParams:{id:s}})),list:()=>t.transformResponse(e.post(U.list),(e=>({descopers:e.descopers,total:e.total})))}),ne=e=>({create:(s,a,o,r,n)=>t.transformResponse(e.put(x.create,{name:s,description:o,expiresIn:r,permittedIps:n,reBac:a})),update:(s,a,o,r,n)=>t.transformResponse(e.patch(x.update,{id:s,name:a,description:o,permittedIps:n,status:r}),(e=>e.key)),delete:s=>t.transformResponse(e.post(x.delete,{ids:s})),load:s=>t.transformResponse(e.get(x.load,{queryParams:{id:s}}),(e=>e.key)),search:()=>t.transformResponse(e.get(x.search),(e=>e.keys))}),ie=e=>({create:s=>t.transformResponse(e.post(B.create,{name:s}),(e=>e.engine)),update:(s,a)=>t.transformResponse(e.post(B.update,{id:s,name:a}),(e=>e.engine)),delete:s=>t.transformResponse(e.post(B.delete,{id:s})),load:s=>t.transformResponse(e.get(B.load,{queryParams:{id:s}}),(e=>e.engine)),loadAll:()=>t.transformResponse(e.get(B.loadAll,{}),(e=>e.engines)),rotateSecret:s=>t.transformResponse(e.post(B.rotate,{id:s}),(e=>e))}),pe=e=>({create:s=>t.transformResponse(e.post(M.create,s),(e=>e.list)),update:(s,a)=>t.transformResponse(e.post(M.update,Object.assign({id:s},a)),(e=>e.list)),delete:s=>t.transformResponse(e.post(M.delete,{id:s})),load:s=>t.transformResponse(e.get(`${M.load}/${encodeURIComponent(s)}`),(e=>e.list)),loadByName:s=>t.transformResponse(e.get(`${M.loadByName}/${encodeURIComponent(s)}`),(e=>e.list)),loadAll:()=>t.transformResponse(e.get(M.loadAll),(e=>e.lists)),import:s=>t.transformResponse(e.post(M.import,{lists:s})),addIPs:(s,a)=>t.transformResponse(e.post(M.addIPs,{id:s,ips:a})),removeIPs:(s,a)=>t.transformResponse(e.post(M.removeIPs,{id:s,ips:a})),checkIP:(s,a)=>t.transformResponse(e.post(M.checkIP,{id:s,ip:a}),(e=>e.exists)),addTexts:(s,a)=>t.transformResponse(e.post(M.addTexts,{id:s,texts:a})),removeTexts:(s,a)=>t.transformResponse(e.post(M.removeTexts,{id:s,texts:a})),checkText:(s,a)=>t.transformResponse(e.post(M.checkText,{id:s,text:a}),(e=>e.exists)),clear:s=>t.transformResponse(e.post(M.clear,{id:s}))}),me=e=>({create:s=>t.transformResponse(e.post(E.create,{template:s}),(e=>e.template)),update:s=>t.transformResponse(e.post(E.update,{template:s}),(e=>e.template)),delete:s=>t.transformResponse(e.post(E.delete,{id:s})),list:()=>t.transformResponse(e.post(E.list,{}),(e=>e.templates)),load:s=>t.transformResponse(e.post(E.load,{id:s}),(e=>e.template)),validate:(s,a)=>t.transformResponse(e.post(E.validate,{id:s,template:a})),listLibrary:()=>t.transformResponse(e.post(E.libraryList,{}),(e=>e.entries)),loadLibraryEntry:s=>t.transformResponse(e.post(E.libraryLoad,{id:s}),(e=>e.entry)),applyFromLibrary:s=>t.transformResponse(e.post(E.libraryApply,s),(e=>e.template))}),de=e=>({get:()=>t.transformResponse(e.post(D.get,{}),(e=>e.mappings)),set:s=>t.transformResponse(e.post(D.set,{mappings:s})),delete:()=>t.transformResponse(e.post(D.delete,{}))}),le=e=>({search:s=>t.transformResponse(e.post(L.search,s),(e=>e.analytics))});const ce=a=>{var o,n,c,{authManagementKey:g,managementKey:v,publicKey:f,fgaCacheUrl:h}=a,R=e.__rest(a,["authManagementKey","managementKey","publicKey","fgaCacheUrl"]);const y={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(o=null===process||void 0===process?void 0:process.versions)||void 0===o?void 0:o.node)||"","x-descope-sdk-version":"0.0.0-next-a2202e1e-20260708"},b=Object.assign(Object.assign({fetch:i},R),{baseHeaders:Object.assign(Object.assign({},R.baseHeaders),y),hooks:Object.assign(Object.assign({},R.hooks),{beforeRequest:[e=>(g&&(e.token=e.token?`${e.token}:${g}`:g),e)].concat((null===(n=R.hooks)||void 0===n?void 0:n.beforeRequest)||[])})}),I=r.default(b),{projectId:k,logger:T}=R,A={};let O;const S=Object.assign(Object.assign({fetch:i},R),{baseConfig:{baseHeaders:Object.assign(Object.assign({},R.baseHeaders),y)},hooks:Object.assign(Object.assign({},R.hooks),{beforeRequest:[e=>(e.token=v,O&&(e.headers=Object.assign(Object.assign({},e.headers),{"x-descope-license":O})),e)].concat((null===(c=R.hooks)||void 0===c?void 0:c.beforeRequest)||[])})}),j=t.createHttpClient(S),w=(N={fgaCacheUrl:h,managementKey:v,projectId:k,headers:y},{user:F(P=j),project:(U=P,{updateName:e=>t.transformResponse(U.post(u.updateName,{name:e})),updateTags:e=>t.transformResponse(U.post(u.updateTags,{tags:e})),delete:()=>t.transformResponse(U.post(u.delete,{})),clone:(e,s,a)=>t.transformResponse(U.post(u.clone,{name:e,environment:s,tags:a})),listProjects:async()=>t.transformResponse(U.post(u.projectsList,{}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:a})=>({id:e,name:t,environment:s,tags:a}))))),exportSnapshot:()=>t.transformResponse(U.post(u.exportSnapshot,{})),importSnapshot:e=>t.transformResponse(U.post(u.importSnapshot,e)),validateSnapshot:e=>t.transformResponse(U.post(u.validateSnapshot,e)),export:()=>t.transformResponse(U.post(u.exportSnapshot,{}),(e=>e.files)),import:e=>t.transformResponse(U.post(u.importSnapshot,{files:e}))}),accessKey:V(P),tenant:$(P),ssoApplication:ee(P),inboundApplication:ae(P),outboundApplication:oe(P),sso:H(P),jwt:K(P),permission:W(P),password:te(P),role:J(P),group:z(P),flow:_(P),theme:Q(P),audit:Y(P),authz:Z(P,N),fga:se(P,N),descoper:re(P),managementKey:ne(P),engine:ie(P),list:pe(P),jwtTemplate:me(P),scopeClaimMapping:de(P),analytics:le(P)});var P,N,U;v&&(e=>({get:()=>t.transformResponse(e.get(C.get))}))(j).get().then((e=>{var t;e.ok&&(null===(t=e.data)||void 0===t?void 0:t.rateLimitTier)&&(O=e.data.rateLimitTier)})).catch((e=>{var t;null===(t=null==T?void 0:T.warn)||void 0===t||t.call(T,"License handshake failed",e)}));const x=Object.assign(Object.assign({},I),{refresh:async(e,t)=>I.refresh(e,void 0,t),management:w,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(A[e.kid])return A[e.kid];if(Object.assign(A,await(async()=>{if(f)try{const e=JSON.parse(f),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==T||T.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await I.httpClient.get(`v2/keys/${k}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!A[e.kid])throw Error("failed to fetch matching key");return A[e.kid]},async validateJwt(e,t){const a={clockTolerance:5};(null==t?void 0:t.audience)&&(a.audience=t.audience);const o=(await s.jwtVerify(e,x.getKey,a)).payload;if(o){const e=o.iss;if(!function(e,t){if(e===t)return!0;if(!e||!t)return!1;const s=e=>e[e.length-1]===t||e[e.length-2]===t;try{const{pathname:t}=new URL(e);return s(t.split("/").filter((e=>e.length>0)))}catch(t){return s(e.split("/").filter((e=>e.length>0)))}}("string"==typeof e?e:void 0,k))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");o.iss=k}return{jwt:e,token:o}},async validateSession(e,t){if(!e)throw Error("session token is required for validation");try{return await x.validateJwt(e,t)}catch(e){throw null==T||T.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,t){var s,a,o,r,n,i;if(!e)throw Error("refresh token is required to refresh a session");try{await x.validateJwt(e);const m=await x.refresh(e);if(m.ok){const e=p(null===(a=null===(s=m.data)||void 0===s?void 0:s.cookies)||void 0===a?void 0:a.join(";"),"DS")||(null===(o=m.data)||void 0===o?void 0:o.sessionJwt),i=await x.validateJwt(e,t);return i.cookies=(null===(r=m.data)||void 0===r?void 0:r.cookies)||[],(null===(n=m.data)||void 0===n?void 0:n.refreshJwt)&&(i.refreshJwt=m.data.refreshJwt),i}throw Error(null===(i=m.error)||void 0===i?void 0:i.errorMessage)}catch(e){throw null==T||T.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t,s){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await x.validateSession(e,s)}catch(e){null==T||T.log(`session validation failed with error ${e} - trying to refresh it`)}return x.refreshSession(t,s)},async exchangeAccessKey(e,t,s){var a;if(!e)throw Error("access key must not be empty");let o;try{o=await x.accessKey.exchange(e,t)}catch(e){throw null==T||T.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!o.ok)throw null==T||T.error("failed to exchange access key",o.error),Error(`could not exchange access key - ${null===(a=o.error)||void 0===a?void 0:a.errorMessage}`);const{sessionJwt:r}=o.data;if(!r)throw null==T||T.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await x.validateJwt(r,s)}catch(e){throw null==T||T.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>x.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>x.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!l(e,t))return!1;const a=d(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!l(e,t))return[];const a=d(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>x.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>x.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!l(e,t))return!1;const a=d(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!l(e,t))return[];const a=d(e,"roles",t);return s.filter((e=>a.includes(e)))}});return t.wrapWith(x,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","otp.verify.im","notp.waitForSession","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","enchantedLink.waitForSession","oauth.exchangeOneTapIDToken","password.signIn","password.signUp","password.replace","oauth.exchange","saml.exchange","totp.verify","selectTenant","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};ce.RefreshTokenCookieName="DSR",ce.SessionTokenCookieName="DS",ce.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},module.exports=ce;
1
+ "use strict";var e=require("tslib"),t=require("@descope/core-js-sdk"),s=require("jose"),a=require("cross-fetch");function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var r=o(t);var n;null!==(n=globalThis.Headers)&&void 0!==n||(globalThis.Headers=a.Headers);const i="function"==typeof globalThis.fetch?(...e)=>globalThis.fetch(...e):(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),a.fetch(...e)),p=(e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${t}=([^;]*)`));return s?s[1]:null};const m=t=>async(...s)=>{var a,o,r;const n=await t(...s);if(!n.data)return n;let i=n.data,{refreshJwt:m}=i,d=e.__rest(i,["refreshJwt"]);const l=[];var c;return m?l.push(`${"DSR"}=${m}; Domain=${(null==(c=d)?void 0:c.cookieDomain)||""}; Max-Age=${(null==c?void 0:c.cookieMaxAge)||""}; Path=${(null==c?void 0:c.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=n.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(m=p(null===(o=n.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),l.push(null===(r=n.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},n),{data:Object.assign(Object.assign({},n.data),{refreshJwt:m,cookies:l})})};function d(e,t,s){var a,o;const r=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(r)?r:[]}function l(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var c={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",loadUsers:"/v1/mgmt/users/load",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history",import:"/v1/mgmt/user/import",updateRecoveryEmail:"/v1/mgmt/user/update/recovery/email",updateRecoveryPhone:"/v1/mgmt/user/update/recovery/phone",updateName:"/v1/mgmt/user/update/name",getCustomAttributes:"/v1/mgmt/user/customattributes",createCustomAttributes:"/v1/mgmt/user/customattribute/create",deleteCustomAttributes:"/v1/mgmt/user/customattribute/delete",removePasskey:"/v1/mgmt/user/passkey/delete",listPasskeys:"/v1/mgmt/user/passkeys/list",listTrustedDevices:"/v1/mgmt/user/trusteddevices/list",removeTrustedDevices:"/v1/mgmt/user/trusteddevices/remove"},u={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate",delete:"/v1/mgmt/project/delete"},g={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",deactivateBatch:"/v1/mgmt/accesskey/deactivate/batch",activate:"/v1/mgmt/accesskey/activate",activateBatch:"/v1/mgmt/accesskey/activate/batch",delete:"/v1/mgmt/accesskey/delete",deleteBatch:"/v1/mgmt/accesskey/delete/batch",rotate:"/v1/mgmt/accesskey/rotate"},v={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",updateDefaultRoles:"/v1/mgmt/tenant/updateDefaultRoles",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate",revokeSSOConfigurationLink:"/v1/mgmt/tenant/adminlinks/sso/revoke"},f={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",wsfedCreate:"/v1/mgmt/sso/idp/app/wsfed/create",wsfedUpdate:"/v1/mgmt/sso/idp/app/wsfed/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load",secret:"/v1/mgmt/sso/idp/app/secret",rotate:"/v1/mgmt/sso/idp/app/rotate"},h={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate",deleteBatch:"/v1/mgmt/thirdparty/app/delete/batch"},R={delete:"/v1/mgmt/thirdparty/consents/delete",deleteTenant:"/v1/mgmt/thirdparty/consents/delete/tenant",search:"/v1/mgmt/thirdparty/consents/search"},y={create:"/v1/mgmt/outbound/app/create",createByTemplate:"/v1/mgmt/outbound/app/create/bytemplate",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token",deleteUserTokens:"/v1/mgmt/outbound/user/tokens",deleteTokenById:"/v1/mgmt/outbound/token",listAppsWithUserToken:"/v1/mgmt/outbound/apps-with-user-token",uploadUserApiKey:"/v1/mgmt/outbound/app/user/apikey/upload",uploadTenantApiKey:"/v1/mgmt/outbound/app/tenant/apikey/upload",uploadUserToken:"/v1/mgmt/outbound/app/user/oauthtoken/upload",uploadTenantToken:"/v1/mgmt/outbound/app/tenant/oauthtoken/upload",batchUploadUserTokens:"/v1/mgmt/outbound/app/user/oauthtoken/batch/upload",batchUploadTenantTokens:"/v1/mgmt/outbound/app/tenant/oauthtoken/batch/upload"},b={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",redirect:"/v1/mgmt/sso/redirect",recalculateMappings:"/v1/mgmt/sso/recalculate-mappings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},I={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",impersonateStepup:"/v1/mgmt/impersonate/stepup",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},k={settings:"/v1/mgmt/password/settings"},T={create:"/v1/mgmt/permission/create",createBatch:"/v1/mgmt/permission/create/batch",update:"/v1/mgmt/permission/update",updateBatch:"/v1/mgmt/permission/update/batch",delete:"/v1/mgmt/permission/delete",deleteBatch:"/v1/mgmt/permission/delete/batch",loadAll:"/v1/mgmt/permission/all"},A={create:"/v1/mgmt/role/create",createBatch:"/v1/mgmt/role/create/batch",update:"/v1/mgmt/role/update",updateBatch:"/v1/mgmt/role/update/batch",delete:"/v1/mgmt/role/delete",deleteBatch:"/v1/mgmt/role/delete/batch",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},O={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},S={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},j={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},w={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event",createAuditWebhook:"/v2/mgmt/connector/audit/web/set"},P={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},N={schema:"/v1/mgmt/fga/schema",dryRunSchema:"/v1/mgmt/fga/schema/dryrun",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save",mappableSchema:"/v1/mgmt/fga/mappable/schema",mappableResources:"/v1/mgmt/fga/mappable/resources"},U={create:"/v1/mgmt/descoper",update:"/v1/mgmt/descoper",get:"/v1/mgmt/descoper",delete:"/v1/mgmt/descoper",list:"/v1/mgmt/descoper/list"},x={create:"/v1/mgmt/managementkey",update:"/v1/mgmt/managementkey",load:"/v1/mgmt/managementkey",delete:"/v1/mgmt/managementkey/delete",search:"/v1/mgmt/managementkey/search"},C={get:"/v1/mgmt/license"},B={create:"/v1/mgmt/engine/create",update:"/v1/mgmt/engine/update",delete:"/v1/mgmt/engine/delete",load:"/v1/mgmt/engine/load",loadAll:"/v1/mgmt/engines/load",rotate:"/v1/mgmt/engine/rotate"},L={search:"/v1/mgmt/analytics/search"},M={create:"/v1/mgmt/list",update:"/v1/mgmt/list/update",delete:"/v1/mgmt/list/delete",load:"/v1/mgmt/list",loadByName:"/v1/mgmt/list/name",loadAll:"/v1/mgmt/list/all",import:"/v1/mgmt/list/import",addIPs:"/v1/mgmt/list/ip/add",removeIPs:"/v1/mgmt/list/ip/remove",checkIP:"/v1/mgmt/list/ip/check",addTexts:"/v1/mgmt/list/text/add",removeTexts:"/v1/mgmt/list/text/remove",checkText:"/v1/mgmt/list/text/check",clear:"/v1/mgmt/list/clear"},E={create:"/v1/mgmt/jwt/templates/create",update:"/v1/mgmt/jwt/templates/update",delete:"/v1/mgmt/jwt/templates/delete",list:"/v1/mgmt/jwt/templates/list",load:"/v1/mgmt/jwt/templates/load",validate:"/v1/mgmt/jwt/templates/validate",libraryList:"/v1/mgmt/jwt/templates/library/list",libraryLoad:"/v1/mgmt/jwt/templates/library/load",libraryApply:"/v1/mgmt/jwt/templates/library/apply"},D={get:"/v1/mgmt/scopeClaimMapping/get",set:"/v1/mgmt/scopeClaimMapping/set",delete:"/v1/mgmt/scopeClaimMapping/delete"};function q(t){return t.map((t=>{var{loginIdOrUserId:s,loginId:a,roles:o}=t,r=e.__rest(t,["loginIdOrUserId","loginId","roles"]);return Object.assign(Object.assign({},r),{loginId:null!=s?s:a,roleNames:o})}))}const F=e=>{function s(e,t){const s={loginId:e};return void 0!==t.email&&(s.email=t.email),void 0!==t.phone&&(s.phone=t.phone),void 0!==t.displayName&&(s.displayName=t.displayName),void 0!==t.givenName&&(s.givenName=t.givenName),void 0!==t.middleName&&(s.middleName=t.middleName),void 0!==t.familyName&&(s.familyName=t.familyName),void 0!==t.roles&&(s.roleNames=t.roles),void 0!==t.userTenants&&(s.userTenants=t.userTenants),void 0!==t.customAttributes&&(s.customAttributes=t.customAttributes),void 0!==t.picture&&(s.picture=t.picture),void 0!==t.verifiedEmail&&(s.verifiedEmail=t.verifiedEmail),void 0!==t.verifiedPhone&&(s.verifiedPhone=t.verifiedPhone),void 0!==t.ssoAppIds&&(s.ssoAppIds=t.ssoAppIds),void 0!==t.scim&&(s.scim=t.scim),void 0!==t.status&&(s.status=t.status),void 0!==t.additionalIdentifiers&&(s.additionalIdentifiers=t.additionalIdentifiers),s}return{create:function(s,a,o,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof a?{loginId:s,email:a,phone:o,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f}:Object.assign(Object.assign({loginId:s},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return t.transformResponse(e.post(c.create,h),(e=>e.user))},createTestUser:function(s,a,o,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof a?{loginId:s,email:a,phone:o,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f,test:!0}:Object.assign(Object.assign({loginId:s},a),{roleNames:null==a?void 0:a.roles,roles:void 0,test:!0});return t.transformResponse(e.post(c.createTestUser,h),(e=>e.user))},invite:function(s,a,o,r,n,i,p,m,d,l,u,g,v,f,h,R,y,b,I){const k="string"==typeof a?{loginId:s,email:a,phone:o,displayName:r,givenName:f,middleName:h,familyName:R,roleNames:n,userTenants:i,invite:!0,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,inviteUrl:u,sendMail:g,sendSMS:v,additionalLoginIds:y,templateId:b,locale:I}:Object.assign(Object.assign({loginId:s},a),{roleNames:null==a?void 0:a.roles,roles:void 0,invite:!0});return t.transformResponse(e.post(c.create,k),(e=>e.user))},inviteBatch:(s,a,o,r,n,i,p)=>t.transformResponse(e.post(c.createBatch,{users:q(s),invite:!0,inviteUrl:a,sendMail:o,sendSMS:r,templateOptions:n,templateId:i,locale:p}),(e=>e)),createBatch:s=>t.transformResponse(e.post(c.createBatch,{users:q(s)}),(e=>e)),deleteBatch:s=>t.transformResponse(e.post(c.deleteBatch,{userIds:s})),update:function(s,a,o,r,n,i,p,m,d,l,u,g,v,f){const h="string"==typeof a?{loginId:s,email:a,phone:o,displayName:r,givenName:u,middleName:g,familyName:v,roleNames:n,userTenants:i,customAttributes:p,picture:m,verifiedEmail:d,verifiedPhone:l,additionalLoginIds:f}:Object.assign(Object.assign({loginId:s},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return t.transformResponse(e.post(c.update,h),(e=>e.user))},patch:function(a,o){const r=s(a,o);return t.transformResponse(e.patch(c.patch,r),(e=>e.user))},patchBatch:function(a){if(a.find((e=>!e.loginIdOrUserId&&!e.loginId)))return Promise.reject(new Error("patchBatch: each user must have loginIdOrUserId or loginId"));const o={users:a.map((e=>{var t;return s(null!==(t=e.loginIdOrUserId)&&void 0!==t?t:e.loginId,e)}))};return t.transformResponse(e.patch(c.patchBatch,o),(e=>e))},delete:s=>t.transformResponse(e.post(c.delete,{loginId:s})),deleteByUserId:s=>t.transformResponse(e.post(c.delete,{userId:s})),deleteAllTestUsers:()=>t.transformResponse(e.delete(c.deleteAllTestUsers)),load:s=>t.transformResponse(e.get(c.load,{queryParams:{loginId:s}}),(e=>e.user)),loadByUserId:s=>t.transformResponse(e.get(c.load,{queryParams:{userId:s}}),(e=>e.user)),logoutUser:s=>t.transformResponse(e.post(c.logout,{loginId:s})),logoutUserByUserId:s=>t.transformResponse(e.post(c.logout,{userId:s})),loadUsers:(s,a)=>t.transformResponse(e.post(c.loadUsers,{userIds:s,includeInvalidUsers:a}),(e=>e.users)),searchAll:(s,a,o,r,n,i,p,m,d,l)=>t.transformResponse(e.post(c.search,{tenantIds:s,roleNames:a,limit:o,page:r,testUsersOnly:n,withTestUser:i,customAttributes:p,statuses:m,emails:d,phones:l}),(e=>e.users)),searchTestUsers:s=>t.transformResponse(e.post(c.searchTestUsers,Object.assign(Object.assign({},s),{withTestUser:!0,testUsersOnly:!0,roleNames:s.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),search:s=>t.transformResponse(e.post(c.search,Object.assign(Object.assign({},s),{roleNames:s.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),getProviderToken:(s,a,o)=>t.transformResponse(e.get(c.getProviderToken,{queryParams:{loginId:s,provider:a,withRefreshToken:(null==o?void 0:o.withRefreshToken)?"true":"false",forceRefresh:(null==o?void 0:o.forceRefresh)?"true":"false"}}),(e=>e)),activate:s=>t.transformResponse(e.post(c.updateStatus,{loginId:s,status:"enabled"}),(e=>e.user)),deactivate:s=>t.transformResponse(e.post(c.updateStatus,{loginId:s,status:"disabled"}),(e=>e.user)),updateLoginId:(s,a)=>t.transformResponse(e.post(c.updateLoginId,{loginId:s,newLoginId:a}),(e=>e.user)),updateEmail:(s,a,o,r)=>t.transformResponse(e.post(c.updateEmail,{loginId:s,email:a,verified:o,failOnConflict:r}),(e=>e.user)),updatePhone:(s,a,o,r)=>t.transformResponse(e.post(c.updatePhone,{loginId:s,phone:a,verified:o,failOnConflict:r}),(e=>e.user)),updateDisplayName:(s,a,o,r,n)=>t.transformResponse(e.post(c.updateDisplayName,{loginId:s,displayName:a,givenName:o,middleName:r,familyName:n}),(e=>e.user)),updatePicture:(s,a)=>t.transformResponse(e.post(c.updatePicture,{loginId:s,picture:a}),(e=>e.user)),updateCustomAttribute:(s,a,o)=>t.transformResponse(e.post(c.updateCustomAttribute,{loginId:s,attributeKey:a,attributeValue:o}),(e=>e.user)),setRoles:(s,a)=>t.transformResponse(e.post(c.setRole,{loginId:s,roleNames:a}),(e=>e.user)),addRoles:(s,a)=>t.transformResponse(e.post(c.addRole,{loginId:s,roleNames:a}),(e=>e.user)),removeRoles:(s,a)=>t.transformResponse(e.post(c.removeRole,{loginId:s,roleNames:a}),(e=>e.user)),addTenant:(s,a)=>t.transformResponse(e.post(c.addTenant,{loginId:s,tenantId:a}),(e=>e.user)),removeTenant:(s,a)=>t.transformResponse(e.post(c.removeTenant,{loginId:s,tenantId:a}),(e=>e.user)),setTenantRoles:(s,a,o)=>t.transformResponse(e.post(c.setRole,{loginId:s,tenantId:a,roleNames:o}),(e=>e.user)),addTenantRoles:(s,a,o)=>t.transformResponse(e.post(c.addRole,{loginId:s,tenantId:a,roleNames:o}),(e=>e.user)),removeTenantRoles:(s,a,o)=>t.transformResponse(e.post(c.removeRole,{loginId:s,tenantId:a,roleNames:o}),(e=>e.user)),addSSOapps:(s,a)=>t.transformResponse(e.post(c.addSSOApps,{loginId:s,ssoAppIds:a}),(e=>e.user)),setSSOapps:(s,a)=>t.transformResponse(e.post(c.setSSOApps,{loginId:s,ssoAppIds:a}),(e=>e.user)),removeSSOapps:(s,a)=>t.transformResponse(e.post(c.removeSSOApps,{loginId:s,ssoAppIds:a}),(e=>e.user)),generateOTPForTestUser:(s,a,o)=>t.transformResponse(e.post(c.generateOTPForTest,{deliveryMethod:s,loginId:a,loginOptions:o}),(e=>e)),generateMagicLinkForTestUser:(s,a,o,r)=>t.transformResponse(e.post(c.generateMagicLinkForTest,{deliveryMethod:s,loginId:a,URI:o,loginOptions:r}),(e=>e)),generateEnchantedLinkForTestUser:(s,a,o)=>t.transformResponse(e.post(c.generateEnchantedLinkForTest,{loginId:s,URI:a,loginOptions:o}),(e=>e)),generateEmbeddedLink:(s,a,o)=>t.transformResponse(e.post(c.generateEmbeddedLink,{loginId:s,customClaims:a,timeout:o}),(e=>e)),generateSignUpEmbeddedLink:(s,a,o,r,n,i)=>t.transformResponse(e.post(c.generateSignUpEmbeddedLink,{loginId:s,user:a,emailVerified:o,phoneVerified:r,loginOptions:n,timeout:i}),(e=>e)),setTemporaryPassword:(s,a)=>t.transformResponse(e.post(c.setTemporaryPassword,{loginId:s,password:a}),(e=>e)),setActivePassword:(s,a)=>t.transformResponse(e.post(c.setActivePassword,{loginId:s,password:a}),(e=>e)),setPassword:(s,a)=>t.transformResponse(e.post(c.setPassword,{loginId:s,password:a}),(e=>e)),expirePassword:s=>t.transformResponse(e.post(c.expirePassword,{loginId:s}),(e=>e)),removeAllPasskeys:s=>t.transformResponse(e.post(c.removeAllPasskeys,{loginId:s}),(e=>e)),removeTOTPSeed:s=>t.transformResponse(e.post(c.removeTOTPSeed,{loginId:s}),(e=>e)),history:s=>t.transformResponse(e.post(c.history,s),(e=>e)),import:(s,a,o,r)=>t.transformResponse(e.post(c.import,{source:s,users:a,hashes:o,dryrun:null!=r&&r}),(e=>e)),updateRecoveryEmail:(s,a,o)=>t.transformResponse(e.post(c.updateRecoveryEmail,{loginId:s,recoveryEmail:a,verified:o}),(e=>e.user)),updateRecoveryPhone:(s,a,o)=>t.transformResponse(e.post(c.updateRecoveryPhone,{loginId:s,recoveryPhone:a,verified:o}),(e=>e.user)),updateUserNames:(s,a,o,r)=>t.transformResponse(e.post(c.updateName,{loginId:s,givenName:a,middleName:o,familyName:r}),(e=>e.user)),getCustomAttributes:()=>t.transformResponse(e.get(c.getCustomAttributes),(e=>e.data)),createCustomAttributes:s=>t.transformResponse(e.post(c.createCustomAttributes,{attributes:s}),(e=>e.data)),deleteCustomAttributes:s=>t.transformResponse(e.post(c.deleteCustomAttributes,{names:s}),(e=>e.data)),removePasskey:(s,a)=>t.transformResponse(e.post(c.removePasskey,{loginId:s,credentialId:a}),(e=>e)),listPasskeys:s=>t.transformResponse(e.post(c.listPasskeys,{loginId:s}),(e=>e.passkeys)),listTrustedDevices:s=>t.transformResponse(e.post(c.listTrustedDevices,{identifiers:s}),(e=>e.devices)),removeTrustedDevices:(s,a)=>t.transformResponse(e.post(c.removeTrustedDevices,{identifier:s,deviceIds:a}),(e=>e))}},$=e=>({create:(s,a,o,r,n,i,p)=>t.transformResponse(e.post(v.create,{name:s,selfProvisioningDomains:a,customAttributes:o,enforceSSO:r,disabled:n,parent:i,roleInheritance:p})),createWithId:(s,a,o,r,n,i,p,m)=>t.transformResponse(e.post(v.create,{id:s,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:n,disabled:i,parent:p,roleInheritance:m})),update:(s,a,o,r,n,i,p)=>t.transformResponse(e.post(v.update,{id:s,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:n,disabled:i,roleInheritance:p})),updateDefaultRoles:(s,a)=>t.transformResponse(e.post(v.updateDefaultRoles,{id:s,defaultRoles:a})),delete:(s,a)=>t.transformResponse(e.post(v.delete,{id:s,cascade:a})),load:s=>t.transformResponse(e.get(v.load,{queryParams:{id:s}}),(e=>e)),loadAll:()=>t.transformResponse(e.get(v.loadAll,{}),(e=>e.tenants)),searchAll:(s,a,o,r,n)=>t.transformResponse(e.post(v.searchAll,{tenantIds:s,tenantNames:a,tenantSelfProvisioningDomains:o,customAttributes:r,parentTenantId:n}),(e=>e.tenants)),getSettings:s=>t.transformResponse(e.get(v.settings,{queryParams:{id:s}}),(e=>e)),configureSettings:(s,a)=>t.transformResponse(e.post(v.settings,Object.assign(Object.assign({},a),{tenantId:s}),{})),generateSSOConfigurationLink:(s,a,o,r,n,i)=>t.transformResponse(e.post(v.generateSSOConfigurationLink,{tenantId:s,expireTime:a,ssoId:o,email:r,templateId:n,actorId:i},{}),(e=>e)),revokeSSOConfigurationLink:(s,a)=>t.transformResponse(e.post(v.revokeSSOConfigurationLink,Object.assign({tenantId:s},a?{ssoId:a}:{}),{}))}),K=e=>({update:(s,a,o)=>t.transformResponse(e.post(I.update,{jwt:s,customClaims:a,refreshDuration:o})),impersonate:(s,a,o,r,n,i)=>t.transformResponse(e.post(I.impersonate,{impersonatorId:s,loginId:a,validateConsent:o,customClaims:r,selectedTenant:n,refreshDuration:i})),impersonateStepup:(s,a,o,r,n,i)=>t.transformResponse(e.post(I.impersonateStepup,{impersonatorId:s,loginId:a,validateConsent:o,customClaims:r,selectedTenant:n,refreshDuration:i})),stopImpersonation:(s,a,o,r)=>t.transformResponse(e.post(I.stopImpersonation,{jwt:s,customClaims:a,selectedTenant:o,refreshDuration:r})),signIn:(s,a)=>t.transformResponse(e.post(I.signIn,Object.assign({loginId:s},a))),signUp:(s,a,o)=>t.transformResponse(e.post(I.signUp,Object.assign({loginId:s,user:a},o))),signUpOrIn:(s,a,o)=>t.transformResponse(e.post(I.signUpOrIn,Object.assign({loginId:s,user:a},o))),anonymous:(s,a,o)=>t.transformResponse(e.post(I.anonymous,{customClaims:s,selectedTenant:a,refreshDuration:o})),generateClientAssertionJwt:(s,a,o,r,n,i)=>t.transformResponse(e.post(I.clientAssertion,{issuer:s,subject:a,audience:o,expiresIn:r,flattenAudience:n,algorithm:i}))}),W=e=>({create:(s,a)=>t.transformResponse(e.post(T.create,{name:s,description:a})),createBatch:s=>t.transformResponse(e.post(T.createBatch,{permissions:s})),update:(s,a,o)=>t.transformResponse(e.post(T.update,{name:s,newName:a,description:o})),updateWithId:(s,a,o)=>t.transformResponse(e.post(T.update,{id:s,newName:a,description:o})),updateBatch:s=>t.transformResponse(e.post(T.updateBatch,{permissions:s})),delete:s=>t.transformResponse(e.post(T.delete,{name:s})),deleteWithId:s=>t.transformResponse(e.post(T.delete,{id:s})),deleteBatch:(s,a)=>t.transformResponse(e.post(T.deleteBatch,{names:s,ids:a})),loadAll:()=>t.transformResponse(e.get(T.loadAll,{}),(e=>e.permissions))}),J=e=>({create:(s,a,o,r,n)=>t.transformResponse(e.post(A.create,{name:s,description:a,permissionNames:o,tenantId:r,default:n})),createBatch:s=>t.transformResponse(e.post(A.createBatch,{roles:s}),(e=>e.roles)),update:(s,a,o,r,n,i)=>t.transformResponse(e.post(A.update,{name:s,newName:a,description:o,permissionNames:r,tenantId:n,default:i})),updateWithId:(s,a,o,r,n,i)=>t.transformResponse(e.post(A.update,{id:s,newName:a,description:o,permissionNames:r,tenantId:n,default:i})),updateBatch:s=>t.transformResponse(e.post(A.updateBatch,{roles:s}),(e=>e.roles)),delete:(s,a)=>t.transformResponse(e.post(A.delete,{name:s,tenantId:a})),deleteWithId:(s,a)=>t.transformResponse(e.post(A.delete,{id:s,tenantId:a})),deleteBatch:(s,a,o)=>t.transformResponse(e.post(A.deleteBatch,{roleNames:s,tenantId:a,roleIds:o})),loadAll:()=>t.transformResponse(e.get(A.loadAll,{}),(e=>e.roles)),search:s=>t.transformResponse(e.post(A.search,s,{}),(e=>e.roles))}),z=e=>({loadAllGroups:s=>t.transformResponse(e.post(j.loadAllGroups,{tenantId:s})),loadAllGroupsForMember:(s,a,o)=>t.transformResponse(e.post(j.loadAllGroupsForMember,{tenantId:s,loginIds:o,userIds:a})),loadAllGroupMembers:(s,a)=>t.transformResponse(e.post(j.loadAllGroupMembers,{tenantId:s,groupId:a}))});function G(e){var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}const H=e=>({getSettings:s=>t.transformResponse(e.get(b.settings,{queryParams:{tenantId:s}}),(e=>e)),newSettings:(s,a,o)=>t.transformResponse(e.post(b.settingsNew,Object.assign(Object.assign({tenantId:s},a?{ssoId:a}:{}),{displayName:o})),(e=>G(e))),deleteSettings:(s,a)=>t.transformResponse(e.delete(b.settings,{queryParams:Object.assign({tenantId:s},a?{ssoId:a}:{})})),configureSettings:(s,a,o,r,n,i)=>t.transformResponse(e.post(b.settings,{tenantId:s,idpURL:a,entityId:r,idpCert:o,redirectURL:n,domains:i})),configureMetadata:(s,a,o,r)=>t.transformResponse(e.post(b.metadata,{tenantId:s,idpMetadataURL:a,redirectURL:o,domains:r})),configureMapping:(s,a,o,r)=>t.transformResponse(e.post(b.mapping,{tenantId:s,roleMappings:a,attributeMapping:o,defaultSSORoles:r})),configureOIDCSettings:(s,a,o,r)=>{const n=Object.assign(Object.assign({},a),{userAttrMapping:a.attributeMapping});return delete n.attributeMapping,t.transformResponse(e.post(b.oidc.configure,Object.assign({tenantId:s,settings:n,domains:o},r?{ssoId:r}:{})))},configureSAMLSettings:(s,a,o,r,n)=>t.transformResponse(e.post(b.saml.configure,Object.assign({tenantId:s,settings:a,redirectUrl:o,domains:r},n?{ssoId:n}:{}))),configureSAMLByMetadata:(s,a,o,r,n)=>t.transformResponse(e.post(b.saml.metadata,Object.assign({tenantId:s,settings:a,redirectUrl:o,domains:r},n?{ssoId:n}:{}))),configureSSORedirectURL:(s,a,o,r)=>t.transformResponse(e.post(b.redirect,Object.assign(Object.assign(Object.assign({tenantId:s},void 0!==a?{samlRedirectUrl:a}:{}),void 0!==o?{oauthRedirectUrl:o}:{}),r?{ssoId:r}:{}))),recalculateSSOMappings:(s,a)=>t.transformResponse(e.post(b.recalculateMappings,Object.assign({tenantId:s},a?{ssoId:a}:{}))),loadSettings:(s,a)=>t.transformResponse(e.get(b.settingsv2,{queryParams:Object.assign({tenantId:s},a?{ssoId:a}:{})}),(e=>G(e))),loadAllSettings:s=>t.transformResponse(e.get(b.settingsAllV2,{queryParams:{tenantId:s}}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push(G(e)))),s}(e)))}),V=e=>({create:(s,a,o,r,n,i,p,m,d)=>t.transformResponse(e.post(g.create,{name:s,expireTime:a,roleNames:o,keyTenants:r,userId:n,customClaims:i,description:p,permittedIps:m,customAttributes:d})),load:s=>t.transformResponse(e.get(g.load,{queryParams:{id:s}}),(e=>e.key)),searchAll:(s,a,o,r)=>t.transformResponse(e.post(g.search,{tenantIds:s,boundUserId:a,creatingUser:o,customAttributes:r}),(e=>e.keys)),update:(s,a,o,r,n,i,p,m)=>t.transformResponse(e.post(g.update,{id:s,name:a,description:o,roleNames:r,keyTenants:n,customClaims:i,permittedIps:p,customAttributes:m}),(e=>e.key)),deactivate:s=>t.transformResponse(e.post(g.deactivate,{id:s})),deactivateBatch:s=>t.transformResponse(e.post(g.deactivateBatch,{ids:s})),activate:s=>t.transformResponse(e.post(g.activate,{id:s})),activateBatch:s=>t.transformResponse(e.post(g.activateBatch,{ids:s})),delete:s=>t.transformResponse(e.post(g.delete,{id:s})),deleteBatch:s=>t.transformResponse(e.post(g.deleteBatch,{ids:s})),rotate:s=>t.transformResponse(e.post(g.rotate,{id:s}))}),_=e=>({list:()=>t.transformResponse(e.post(O.list,{})),delete:s=>t.transformResponse(e.post(O.delete,{ids:s})),export:s=>t.transformResponse(e.post(O.export,{flowId:s})),import:(s,a,o)=>t.transformResponse(e.post(O.import,{flowId:s,flow:a,screens:o})),run:(s,a)=>t.transformResponse(e.post(O.run,{flowId:s,options:a}),(e=>null==e?void 0:e.output))}),Q=e=>({export:()=>t.transformResponse(e.post(S.export,{})),import:s=>t.transformResponse(e.post(S.import,{theme:s}))}),X=e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t})),Y=e=>({search:s=>{const a=Object.assign(Object.assign({},s),{externalIds:s.loginIds});return delete a.loginIds,t.transformResponse(e.post(w.search,a),X)},searchAll:s=>{const a=Object.assign(Object.assign({},s),{externalIds:s.loginIds});return delete a.loginIds,t.transformResponse(e.post(w.search,a),(e=>({audits:X(e),total:null==e?void 0:e.total})))},createEvent:s=>{const a=Object.assign({},s);return t.transformResponse(e.post(w.createEvent,a))},createAuditWebhook:s=>t.transformResponse(e.post(w.createAuditWebhook,s))}),Z=(e,s)=>{var a;const o=null!==(a=null==s?void 0:s.fgaCacheTimeoutMs)&&void 0!==a?a:3e4,r=Number.isFinite(o)&&o>0?o:3e4,n=async(t,a)=>{if((null==s?void 0:s.fgaCacheUrl)&&s.managementKey){const e=`${s.fgaCacheUrl}${t}`,o=new AbortController,n=setTimeout((()=>o.abort()),r);try{const t=await i(e,{method:"POST",headers:Object.assign(Object.assign({},s.headers),{"Content-Type":"application/json",Authorization:`Bearer ${s.projectId}:${s.managementKey}`,"x-descope-project-id":s.projectId}),body:JSON.stringify(a),signal:o.signal});if(t.ok){const e=await t.text();return t.text=()=>Promise.resolve(e),t.json=async()=>JSON.parse(e),t.clone=()=>t,t}}catch(e){}finally{clearTimeout(n)}}return e.post(t,a)};return{saveSchema:(s,a)=>t.transformResponse(e.post(P.schemaSave,{schema:s,upgrade:a})),deleteSchema:()=>t.transformResponse(e.post(P.schemaDelete,{})),loadSchema:()=>t.transformResponse(e.post(P.schemaLoad,{}),(e=>e.schema)),saveNamespace:(s,a,o)=>t.transformResponse(e.post(P.nsSave,{namespace:s,oldName:a,schemaName:o})),deleteNamespace:(s,a)=>t.transformResponse(e.post(P.nsDelete,{name:s,schemaName:a})),saveRelationDefinition:(s,a,o,r)=>t.transformResponse(e.post(P.rdSave,{relationDefinition:s,namespace:a,oldName:o,schemaName:r})),deleteRelationDefinition:(s,a,o)=>t.transformResponse(e.post(P.rdDelete,{name:s,namespace:a,schemaName:o})),createRelations:s=>t.transformResponse(e.post(P.reCreate,{relations:s})),deleteRelations:s=>t.transformResponse(e.post(P.reDelete,{relations:s})),deleteRelationsForResources:s=>t.transformResponse(e.post(P.reDeleteResources,{resources:s})),deleteResourceRelationsForResources:s=>t.transformResponse(e.post(P.reDeleteResourceRelationsForResources,{resources:s})),deleteRelationsForIds:s=>t.transformResponse(e.post(P.reDeleteResources,{resources:s})),hasRelations:s=>t.transformResponse(e.post(P.hasRelations,{relationQueries:s}),(e=>e.relationQueries)),whoCanAccess:(e,s,a)=>t.transformResponse(n(P.who,{resource:e,relationDefinition:s,namespace:a}),(e=>e.targets)),resourceRelations:(s,a=!1)=>t.transformResponse(e.post(P.resource,{resource:s,ignoreTargetSetRelations:a}),(e=>e.relations)),resourceRelationsWithTargetSetsFilter:(s,a=!0)=>t.transformResponse(e.post(P.resource,{resource:s,ignoreTargetSetRelations:!a}),(e=>e.relations)),targetsRelations:(s,a=!1)=>t.transformResponse(e.post(P.targets,{targets:s,includeTargetSetRelations:a}),(e=>e.relations)),targetsRelationsWithTargetSetsFilter:(s,a=!1)=>t.transformResponse(e.post(P.targets,{targets:s,includeTargetSetRelations:a}),(e=>e.relations)),whatCanTargetAccess:e=>t.transformResponse(n(P.targetAll,{target:e}),(e=>e.relations)),whatCanTargetAccessWithRelation:(s,a,o)=>t.transformResponse(e.post(P.targetWithRelation,{target:s,relationDefinition:a,namespace:o}),(e=>e.resources.map((e=>({resource:e}))))),getModified:s=>t.transformResponse(e.post(P.getModified,{since:s?s.getTime():0}),(e=>e))}},ee=e=>({createOidcApplication:s=>{var a;return t.transformResponse(e.post(f.oidcCreate,Object.assign(Object.assign({},s),{enabled:null===(a=s.enabled)||void 0===a||a})))},createSamlApplication:s=>{var a;return t.transformResponse(e.post(f.samlCreate,Object.assign(Object.assign({},s),{enabled:null===(a=s.enabled)||void 0===a||a})))},updateOidcApplication:s=>t.transformResponse(e.post(f.oidcUpdate,Object.assign({},s))),updateSamlApplication:s=>t.transformResponse(e.post(f.samlUpdate,Object.assign({},s))),createWsFedApplication:s=>{var a;return t.transformResponse(e.post(f.wsfedCreate,Object.assign(Object.assign({},s),{enabled:null===(a=s.enabled)||void 0===a||a})))},updateWsFedApplication:s=>t.transformResponse(e.post(f.wsfedUpdate,Object.assign({},s))),delete:s=>t.transformResponse(e.post(f.delete,{id:s})),load:s=>t.transformResponse(e.get(f.load,{queryParams:{id:s}}),(e=>e)),loadAll:()=>t.transformResponse(e.get(f.loadAll,{}),(e=>e.apps)),getApplicationSecret:s=>t.transformResponse(e.get(f.secret,{queryParams:{id:s}}),(e=>e)),rotateApplicationSecret:s=>t.transformResponse(e.post(f.rotate,{id:s}),(e=>e))}),te=e=>({getSettings:s=>t.transformResponse(e.get(k.settings,{queryParams:{tenantId:s}}),(e=>e)),configureSettings:(s,a)=>t.transformResponse(e.post(k.settings,Object.assign(Object.assign({},a),{tenantId:s})))}),se=(e,s)=>{var a;const o=null!==(a=null==s?void 0:s.fgaCacheTimeoutMs)&&void 0!==a?a:3e4,r=Number.isFinite(o)&&o>0?o:3e4,n=async(t,a)=>{if((null==s?void 0:s.fgaCacheUrl)&&s.managementKey){const e=`${s.fgaCacheUrl}${t}`,o=new AbortController,n=setTimeout((()=>o.abort()),r);try{const t=await i(e,{method:"POST",headers:Object.assign(Object.assign({},s.headers),{"Content-Type":"application/json",Authorization:`Bearer ${s.projectId}:${s.managementKey}`,"x-descope-project-id":s.projectId}),body:JSON.stringify(a),signal:o.signal});if(t.ok){const e=await t.text();return t.text=()=>Promise.resolve(e),t.json=async()=>JSON.parse(e),t.clone=()=>t,t}}catch(e){}finally{clearTimeout(n)}}return e.post(t,a)};return{saveSchema:e=>t.transformResponse(n(N.schema,e)),loadSchema:()=>t.transformResponse(e.get(N.schema,{}),(e=>e)),dryRunSchema:s=>t.transformResponse(e.post(N.dryRunSchema,s),(e=>e)),deleteSchema:()=>t.transformResponse(e.post(P.schemaDelete,{})),createRelations:e=>t.transformResponse(n(N.relations,{tuples:e})),deleteRelations:e=>t.transformResponse(n(N.deleteRelations,{tuples:e})),check:e=>t.transformResponse(n(N.check,{tuples:e}),(e=>e.tuples)),checkWithContext:(e,s)=>t.transformResponse(n(N.check,Object.assign({tuples:e},s&&Object.keys(s).length>0?{context:s}:{})),(e=>e.tuples)),loadResourcesDetails:s=>t.transformResponse(e.post(N.resourcesLoad,{resourceIdentifiers:s}),(e=>e.resourcesDetails)),saveResourcesDetails:s=>t.transformResponse(e.post(N.resourcesSave,{resourcesDetails:s})),loadMappableSchema:(s,a)=>t.transformResponse(e.get(N.mappableSchema,{queryParams:Object.assign({tenantId:s},(null==a?void 0:a.resourcesLimit)&&a.resourcesLimit>0?{resourcesLimit:a.resourcesLimit.toString()}:{})}),(e=>e)),searchMappableResources:(s,a,o)=>t.transformResponse(e.post(N.mappableResources,Object.assign({tenantId:s,resourcesQueries:a},(null==o?void 0:o.resourcesLimit)&&o.resourcesLimit>0?{resourcesLimit:o.resourcesLimit.toString()}:{})),(e=>e.mappableResources)),deleteAllRelations:()=>t.transformResponse(e.delete(N.relations))}},ae=e=>({createApplication:s=>t.transformResponse(e.post(h.create,Object.assign({},s))),updateApplication:s=>t.transformResponse(e.post(h.update,Object.assign({},s))),patchApplication:s=>t.transformResponse(e.post(h.patch,Object.assign({},s))),deleteApplication:s=>t.transformResponse(e.post(h.delete,{id:s})),deleteApplicationBatch:s=>t.transformResponse(e.post(h.deleteBatch,{ids:s})),loadApplication:s=>t.transformResponse(e.get(h.load,{queryParams:{id:s}}),(e=>e)),loadAllApplications:()=>t.transformResponse(e.get(h.loadAll,{}),(e=>e.apps)),getApplicationSecret:s=>t.transformResponse(e.get(h.secret,{queryParams:{id:s}}),(e=>e)),rotateApplicationSecret:s=>t.transformResponse(e.post(h.rotate,{id:s})),searchConsents:s=>t.transformResponse(e.post(R.search,Object.assign({},s)),(e=>e.consents)),deleteConsents:s=>t.transformResponse(e.post(R.delete,Object.assign({},s))),deleteTenantConsents:s=>t.transformResponse(e.post(R.deleteTenant,Object.assign({},s)))}),oe=e=>({createApplication:s=>t.transformResponse(e.post(y.create,Object.assign({},s)),(e=>e.app)),createApplicationByTemplate:s=>t.transformResponse(e.post(y.createByTemplate,Object.assign({},s)),(e=>e.app)),updateApplication:s=>t.transformResponse(e.post(y.update,{app:s}),(e=>e.app)),deleteApplication:s=>t.transformResponse(e.post(y.delete,{id:s})),loadApplication:s=>t.transformResponse(e.get(`${y.load}/${s}`),(e=>e.app)),loadAllApplications:()=>t.transformResponse(e.get(y.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(s,a,o,r,n)=>t.transformResponse(e.post(y.fetchTokenByScopes,{appId:s,userId:a,scopes:o,options:r,tenantId:n}),(e=>e.token)),fetchToken:(s,a,o,r)=>t.transformResponse(e.post(y.fetchToken,{appId:s,userId:a,tenantId:o,options:r}),(e=>e.token)),fetchTenantTokenByScopes:(s,a,o,r)=>t.transformResponse(e.post(y.fetchTenantTokenByScopes,{appId:s,tenantId:a,scopes:o,options:r}),(e=>e.token)),fetchTenantToken:(s,a,o)=>t.transformResponse(e.post(y.fetchTenantToken,{appId:s,tenantId:a,options:o}),(e=>e.token)),deleteUserTokens:(s,a)=>t.transformResponse(e.delete(y.deleteUserTokens,{queryParams:{appId:s,userId:a}})),deleteTokenById:s=>t.transformResponse(e.delete(y.deleteTokenById,{queryParams:{id:s}})),listAppsWithUserToken:(s,a)=>t.transformResponse(e.get(y.listAppsWithUserToken,{queryParams:Object.assign({userId:s},a?{tenantId:a}:{})}),(e=>e.appIds)),uploadUserApiKey:(s,a,o,r)=>t.transformResponse(e.post(y.uploadUserApiKey,{appId:s,userId:a,apiKey:o,tenantId:r})),uploadTenantApiKey:(s,a,o)=>t.transformResponse(e.post(y.uploadTenantApiKey,{appId:s,tenantId:a,apiKey:o})),uploadUserToken:s=>t.transformResponse(e.post(y.uploadUserToken,Object.assign({},s))),uploadTenantToken:s=>t.transformResponse(e.post(y.uploadTenantToken,Object.assign({},s))),batchUploadUserTokens:s=>t.transformResponse(e.post(y.batchUploadUserTokens,{tokens:s})),batchUploadTenantTokens:s=>t.transformResponse(e.post(y.batchUploadTenantTokens,{tokens:s}))}),re=e=>({create:s=>t.transformResponse(e.put(U.create,{descopers:s}),(e=>({descopers:e.descopers,total:e.total}))),update:(s,a,o)=>t.transformResponse(e.patch(U.update,{id:s,attributes:a,rbac:o}),(e=>e.descoper)),load:s=>t.transformResponse(e.get(U.get,{queryParams:{id:s}}),(e=>e.descoper)),delete:s=>t.transformResponse(e.delete(U.delete,{queryParams:{id:s}})),list:()=>t.transformResponse(e.post(U.list),(e=>({descopers:e.descopers,total:e.total})))}),ne=e=>({create:(s,a,o,r,n)=>t.transformResponse(e.put(x.create,{name:s,description:o,expiresIn:r,permittedIps:n,reBac:a})),update:(s,a,o,r,n)=>t.transformResponse(e.patch(x.update,{id:s,name:a,description:o,permittedIps:n,status:r}),(e=>e.key)),delete:s=>t.transformResponse(e.post(x.delete,{ids:s})),load:s=>t.transformResponse(e.get(x.load,{queryParams:{id:s}}),(e=>e.key)),search:()=>t.transformResponse(e.get(x.search),(e=>e.keys))}),ie=e=>({create:s=>t.transformResponse(e.post(B.create,{name:s}),(e=>e.engine)),update:(s,a)=>t.transformResponse(e.post(B.update,{id:s,name:a}),(e=>e.engine)),delete:s=>t.transformResponse(e.post(B.delete,{id:s})),load:s=>t.transformResponse(e.get(B.load,{queryParams:{id:s}}),(e=>e.engine)),loadAll:()=>t.transformResponse(e.get(B.loadAll,{}),(e=>e.engines)),rotateSecret:s=>t.transformResponse(e.post(B.rotate,{id:s}),(e=>e))}),pe=e=>({create:s=>t.transformResponse(e.post(M.create,s),(e=>e.list)),update:(s,a)=>t.transformResponse(e.post(M.update,Object.assign({id:s},a)),(e=>e.list)),delete:s=>t.transformResponse(e.post(M.delete,{id:s})),load:s=>t.transformResponse(e.get(`${M.load}/${encodeURIComponent(s)}`),(e=>e.list)),loadByName:s=>t.transformResponse(e.get(`${M.loadByName}/${encodeURIComponent(s)}`),(e=>e.list)),loadAll:()=>t.transformResponse(e.get(M.loadAll),(e=>e.lists)),import:s=>t.transformResponse(e.post(M.import,{lists:s})),addIPs:(s,a)=>t.transformResponse(e.post(M.addIPs,{id:s,ips:a})),removeIPs:(s,a)=>t.transformResponse(e.post(M.removeIPs,{id:s,ips:a})),checkIP:(s,a)=>t.transformResponse(e.post(M.checkIP,{id:s,ip:a}),(e=>e.exists)),addTexts:(s,a)=>t.transformResponse(e.post(M.addTexts,{id:s,texts:a})),removeTexts:(s,a)=>t.transformResponse(e.post(M.removeTexts,{id:s,texts:a})),checkText:(s,a)=>t.transformResponse(e.post(M.checkText,{id:s,text:a}),(e=>e.exists)),clear:s=>t.transformResponse(e.post(M.clear,{id:s}))}),me=e=>({create:s=>t.transformResponse(e.post(E.create,{template:s}),(e=>e.template)),update:s=>t.transformResponse(e.post(E.update,{template:s}),(e=>e.template)),delete:s=>t.transformResponse(e.post(E.delete,{id:s})),list:()=>t.transformResponse(e.post(E.list,{}),(e=>e.templates)),load:s=>t.transformResponse(e.post(E.load,{id:s}),(e=>e.template)),validate:(s,a)=>t.transformResponse(e.post(E.validate,{id:s,template:a})),listLibrary:()=>t.transformResponse(e.post(E.libraryList,{}),(e=>e.entries)),loadLibraryEntry:s=>t.transformResponse(e.post(E.libraryLoad,{id:s}),(e=>e.entry)),applyFromLibrary:s=>t.transformResponse(e.post(E.libraryApply,s),(e=>e.template))}),de=e=>({get:()=>t.transformResponse(e.post(D.get,{}),(e=>e.mappings)),set:s=>t.transformResponse(e.post(D.set,{mappings:s})),delete:()=>t.transformResponse(e.post(D.delete,{}))}),le=e=>({search:s=>t.transformResponse(e.post(L.search,s),(e=>e.analytics))});const ce=a=>{var o,n,c,{authManagementKey:g,managementKey:v,publicKey:f,fgaCacheUrl:h}=a,R=e.__rest(a,["authManagementKey","managementKey","publicKey","fgaCacheUrl"]);const y={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(o=null===process||void 0===process?void 0:process.versions)||void 0===o?void 0:o.node)||"","x-descope-sdk-version":"0.0.0-next-629609e5-20260711"},b=Object.assign(Object.assign({fetch:i},R),{baseHeaders:Object.assign(Object.assign({},R.baseHeaders),y),hooks:Object.assign(Object.assign({},R.hooks),{beforeRequest:[e=>(g&&(e.token=e.token?`${e.token}:${g}`:g),e)].concat((null===(n=R.hooks)||void 0===n?void 0:n.beforeRequest)||[])})}),I=r.default(b),{projectId:k,logger:T}=R,A={};let O;const S=Object.assign(Object.assign({fetch:i},R),{baseConfig:{baseHeaders:Object.assign(Object.assign({},R.baseHeaders),y)},hooks:Object.assign(Object.assign({},R.hooks),{beforeRequest:[e=>(e.token=v,O&&(e.headers=Object.assign(Object.assign({},e.headers),{"x-descope-license":O})),e)].concat((null===(c=R.hooks)||void 0===c?void 0:c.beforeRequest)||[])})}),j=t.createHttpClient(S),w=(N={fgaCacheUrl:h,managementKey:v,projectId:k,headers:y},{user:F(P=j),project:(U=P,{updateName:e=>t.transformResponse(U.post(u.updateName,{name:e})),updateTags:e=>t.transformResponse(U.post(u.updateTags,{tags:e})),delete:()=>t.transformResponse(U.post(u.delete,{})),clone:(e,s,a)=>t.transformResponse(U.post(u.clone,{name:e,environment:s,tags:a})),listProjects:async()=>t.transformResponse(U.post(u.projectsList,{}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:a})=>({id:e,name:t,environment:s,tags:a}))))),exportSnapshot:()=>t.transformResponse(U.post(u.exportSnapshot,{})),importSnapshot:e=>t.transformResponse(U.post(u.importSnapshot,e)),validateSnapshot:e=>t.transformResponse(U.post(u.validateSnapshot,e)),export:()=>t.transformResponse(U.post(u.exportSnapshot,{}),(e=>e.files)),import:e=>t.transformResponse(U.post(u.importSnapshot,{files:e}))}),accessKey:V(P),tenant:$(P),ssoApplication:ee(P),inboundApplication:ae(P),outboundApplication:oe(P),sso:H(P),jwt:K(P),permission:W(P),password:te(P),role:J(P),group:z(P),flow:_(P),theme:Q(P),audit:Y(P),authz:Z(P,N),fga:se(P,N),descoper:re(P),managementKey:ne(P),engine:ie(P),list:pe(P),jwtTemplate:me(P),scopeClaimMapping:de(P),analytics:le(P)});var P,N,U;v&&(e=>({get:()=>t.transformResponse(e.get(C.get))}))(j).get().then((e=>{var t;e.ok&&(null===(t=e.data)||void 0===t?void 0:t.rateLimitTier)&&(O=e.data.rateLimitTier)})).catch((e=>{var t;null===(t=null==T?void 0:T.warn)||void 0===t||t.call(T,"License handshake failed",e)}));const x=Object.assign(Object.assign({},I),{refresh:async(e,t)=>I.refresh(e,void 0,t),management:w,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(A[e.kid])return A[e.kid];if(Object.assign(A,await(async()=>{if(f)try{const e=JSON.parse(f),t=await s.importJWK(e);return{[e.kid]:t}}catch(e){throw null==T||T.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await I.httpClient.get(`v2/keys/${k}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await s.importJWK(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!A[e.kid])throw Error("failed to fetch matching key");return A[e.kid]},async validateJwt(e,t){const a={clockTolerance:5};(null==t?void 0:t.audience)&&(a.audience=t.audience);const o=(await s.jwtVerify(e,x.getKey,a)).payload;if(o){const e=o.iss;if(!function(e,t){if(e===t)return!0;if(!e||!t)return!1;const s=e=>e[e.length-1]===t||e[e.length-2]===t;try{const{pathname:t}=new URL(e);return s(t.split("/").filter((e=>e.length>0)))}catch(t){return s(e.split("/").filter((e=>e.length>0)))}}("string"==typeof e?e:void 0,k))throw new s.errors.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");o.iss=k}return{jwt:e,token:o}},async validateSession(e,t){if(!e)throw Error("session token is required for validation");try{return await x.validateJwt(e,t)}catch(e){throw null==T||T.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,t){var s,a,o,r,n,i;if(!e)throw Error("refresh token is required to refresh a session");try{await x.validateJwt(e);const m=await x.refresh(e);if(m.ok){const e=p(null===(a=null===(s=m.data)||void 0===s?void 0:s.cookies)||void 0===a?void 0:a.join(";"),"DS")||(null===(o=m.data)||void 0===o?void 0:o.sessionJwt),i=await x.validateJwt(e,t);return i.cookies=(null===(r=m.data)||void 0===r?void 0:r.cookies)||[],(null===(n=m.data)||void 0===n?void 0:n.refreshJwt)&&(i.refreshJwt=m.data.refreshJwt),i}throw Error(null===(i=m.error)||void 0===i?void 0:i.errorMessage)}catch(e){throw null==T||T.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t,s){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await x.validateSession(e,s)}catch(e){null==T||T.log(`session validation failed with error ${e} - trying to refresh it`)}return x.refreshSession(t,s)},async exchangeAccessKey(e,t,s){var a;if(!e)throw Error("access key must not be empty");let o;try{o=await x.accessKey.exchange(e,t)}catch(e){throw null==T||T.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!o.ok)throw null==T||T.error("failed to exchange access key",o.error),Error(`could not exchange access key - ${null===(a=o.error)||void 0===a?void 0:a.errorMessage}`);const{sessionJwt:r}=o.data;if(!r)throw null==T||T.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await x.validateJwt(r,s)}catch(e){throw null==T||T.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>x.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>x.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!l(e,t))return!1;const a=d(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!l(e,t))return[];const a=d(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>x.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>x.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!l(e,t))return!1;const a=d(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!l(e,t))return[];const a=d(e,"roles",t);return s.filter((e=>a.includes(e)))}});return t.wrapWith(x,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","otp.verify.im","notp.waitForSession","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","enchantedLink.waitForSession","oauth.exchangeOneTapIDToken","password.signIn","password.signUp","password.replace","oauth.exchange","saml.exchange","totp.verify","selectTenant","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],m)};ce.RefreshTokenCookieName="DSR",ce.SessionTokenCookieName="DS",ce.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"},module.exports=ce;
2
2
  //# sourceMappingURL=index.cjs.js.map
package/dist/index.d.ts CHANGED
@@ -336,6 +336,8 @@ declare type Role = {
336
336
  createdTime: number;
337
337
  tenantId?: string;
338
338
  default?: boolean;
339
+ private?: boolean;
340
+ id?: string;
339
341
  };
340
342
  /** Search roles based on the parameters */
341
343
  declare type RoleSearchOptions = {
package/dist/index.esm.js CHANGED
@@ -1,2 +1,2 @@
1
- import{__rest as e}from"tslib";import t,{transformResponse as s,createHttpClient as a,wrapWith as o}from"@descope/core-js-sdk";import{jwtVerify as r,errors as i,importJWK as n}from"jose";import{Headers as d,fetch as l}from"cross-fetch";var p;null!==(p=globalThis.Headers)&&void 0!==p||(globalThis.Headers=d);const m="function"==typeof globalThis.fetch?(...e)=>globalThis.fetch(...e):(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),c=(e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${t}=([^;]*)`));return s?s[1]:null};const u=t=>async(...s)=>{var a,o,r;const i=await t(...s);if(!i.data)return i;let n=i.data,{refreshJwt:d}=n,l=e(n,["refreshJwt"]);const p=[];var m;return d?p.push(`${"DSR"}=${d}; Domain=${(null==(m=l)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=i.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(d=c(null===(o=i.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(r=i.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},i),{data:Object.assign(Object.assign({},i.data),{refreshJwt:d,cookies:p})})};function g(e,t,s){var a,o;const r=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(r)?r:[]}function v(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var h={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",loadUsers:"/v1/mgmt/users/load",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history",import:"/v1/mgmt/user/import",updateRecoveryEmail:"/v1/mgmt/user/update/recovery/email",updateRecoveryPhone:"/v1/mgmt/user/update/recovery/phone",updateName:"/v1/mgmt/user/update/name",getCustomAttributes:"/v1/mgmt/user/customattributes",createCustomAttributes:"/v1/mgmt/user/customattribute/create",deleteCustomAttributes:"/v1/mgmt/user/customattribute/delete",removePasskey:"/v1/mgmt/user/passkey/delete",listPasskeys:"/v1/mgmt/user/passkeys/list",listTrustedDevices:"/v1/mgmt/user/trusteddevices/list",removeTrustedDevices:"/v1/mgmt/user/trusteddevices/remove"},y={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate",delete:"/v1/mgmt/project/delete"},b={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",deactivateBatch:"/v1/mgmt/accesskey/deactivate/batch",activate:"/v1/mgmt/accesskey/activate",activateBatch:"/v1/mgmt/accesskey/activate/batch",delete:"/v1/mgmt/accesskey/delete",deleteBatch:"/v1/mgmt/accesskey/delete/batch",rotate:"/v1/mgmt/accesskey/rotate"},f={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",updateDefaultRoles:"/v1/mgmt/tenant/updateDefaultRoles",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate",revokeSSOConfigurationLink:"/v1/mgmt/tenant/adminlinks/sso/revoke"},I={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",wsfedCreate:"/v1/mgmt/sso/idp/app/wsfed/create",wsfedUpdate:"/v1/mgmt/sso/idp/app/wsfed/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load",secret:"/v1/mgmt/sso/idp/app/secret",rotate:"/v1/mgmt/sso/idp/app/rotate"},k={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate",deleteBatch:"/v1/mgmt/thirdparty/app/delete/batch"},T={delete:"/v1/mgmt/thirdparty/consents/delete",deleteTenant:"/v1/mgmt/thirdparty/consents/delete/tenant",search:"/v1/mgmt/thirdparty/consents/search"},A={create:"/v1/mgmt/outbound/app/create",createByTemplate:"/v1/mgmt/outbound/app/create/bytemplate",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token",deleteUserTokens:"/v1/mgmt/outbound/user/tokens",deleteTokenById:"/v1/mgmt/outbound/token",listAppsWithUserToken:"/v1/mgmt/outbound/apps-with-user-token",uploadUserApiKey:"/v1/mgmt/outbound/app/user/apikey/upload",uploadTenantApiKey:"/v1/mgmt/outbound/app/tenant/apikey/upload",uploadUserToken:"/v1/mgmt/outbound/app/user/oauthtoken/upload",uploadTenantToken:"/v1/mgmt/outbound/app/tenant/oauthtoken/upload",batchUploadUserTokens:"/v1/mgmt/outbound/app/user/oauthtoken/batch/upload",batchUploadTenantTokens:"/v1/mgmt/outbound/app/tenant/oauthtoken/batch/upload"},O={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",redirect:"/v1/mgmt/sso/redirect",recalculateMappings:"/v1/mgmt/sso/recalculate-mappings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},S={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",impersonateStepup:"/v1/mgmt/impersonate/stepup",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},j={settings:"/v1/mgmt/password/settings"},w={create:"/v1/mgmt/permission/create",createBatch:"/v1/mgmt/permission/create/batch",update:"/v1/mgmt/permission/update",updateBatch:"/v1/mgmt/permission/update/batch",delete:"/v1/mgmt/permission/delete",deleteBatch:"/v1/mgmt/permission/delete/batch",loadAll:"/v1/mgmt/permission/all"},R={create:"/v1/mgmt/role/create",createBatch:"/v1/mgmt/role/create/batch",update:"/v1/mgmt/role/update",updateBatch:"/v1/mgmt/role/update/batch",delete:"/v1/mgmt/role/delete",deleteBatch:"/v1/mgmt/role/delete/batch",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},P={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},N={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},U={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},x={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event",createAuditWebhook:"/v2/mgmt/connector/audit/web/set"},C={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},B={schema:"/v1/mgmt/fga/schema",dryRunSchema:"/v1/mgmt/fga/schema/dryrun",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save",mappableSchema:"/v1/mgmt/fga/mappable/schema",mappableResources:"/v1/mgmt/fga/mappable/resources"},L={create:"/v1/mgmt/descoper",update:"/v1/mgmt/descoper",get:"/v1/mgmt/descoper",delete:"/v1/mgmt/descoper",list:"/v1/mgmt/descoper/list"},M={create:"/v1/mgmt/managementkey",update:"/v1/mgmt/managementkey",load:"/v1/mgmt/managementkey",delete:"/v1/mgmt/managementkey/delete",search:"/v1/mgmt/managementkey/search"},E={get:"/v1/mgmt/license"},D={create:"/v1/mgmt/engine/create",update:"/v1/mgmt/engine/update",delete:"/v1/mgmt/engine/delete",load:"/v1/mgmt/engine/load",loadAll:"/v1/mgmt/engines/load",rotate:"/v1/mgmt/engine/rotate"},F={search:"/v1/mgmt/analytics/search"},q={create:"/v1/mgmt/list",update:"/v1/mgmt/list/update",delete:"/v1/mgmt/list/delete",load:"/v1/mgmt/list",loadByName:"/v1/mgmt/list/name",loadAll:"/v1/mgmt/list/all",import:"/v1/mgmt/list/import",addIPs:"/v1/mgmt/list/ip/add",removeIPs:"/v1/mgmt/list/ip/remove",checkIP:"/v1/mgmt/list/ip/check",addTexts:"/v1/mgmt/list/text/add",removeTexts:"/v1/mgmt/list/text/remove",checkText:"/v1/mgmt/list/text/check",clear:"/v1/mgmt/list/clear"},$={create:"/v1/mgmt/jwt/templates/create",update:"/v1/mgmt/jwt/templates/update",delete:"/v1/mgmt/jwt/templates/delete",list:"/v1/mgmt/jwt/templates/list",load:"/v1/mgmt/jwt/templates/load",validate:"/v1/mgmt/jwt/templates/validate",libraryList:"/v1/mgmt/jwt/templates/library/list",libraryLoad:"/v1/mgmt/jwt/templates/library/load",libraryApply:"/v1/mgmt/jwt/templates/library/apply"},K={get:"/v1/mgmt/scopeClaimMapping/get",set:"/v1/mgmt/scopeClaimMapping/set",delete:"/v1/mgmt/scopeClaimMapping/delete"};function W(t){return t.map((t=>{var{loginIdOrUserId:s,loginId:a,roles:o}=t,r=e(t,["loginIdOrUserId","loginId","roles"]);return Object.assign(Object.assign({},r),{loginId:null!=s?s:a,roleNames:o})}))}const z=e=>{function t(e,t){const s={loginId:e};return void 0!==t.email&&(s.email=t.email),void 0!==t.phone&&(s.phone=t.phone),void 0!==t.displayName&&(s.displayName=t.displayName),void 0!==t.givenName&&(s.givenName=t.givenName),void 0!==t.middleName&&(s.middleName=t.middleName),void 0!==t.familyName&&(s.familyName=t.familyName),void 0!==t.roles&&(s.roleNames=t.roles),void 0!==t.userTenants&&(s.userTenants=t.userTenants),void 0!==t.customAttributes&&(s.customAttributes=t.customAttributes),void 0!==t.picture&&(s.picture=t.picture),void 0!==t.verifiedEmail&&(s.verifiedEmail=t.verifiedEmail),void 0!==t.verifiedPhone&&(s.verifiedPhone=t.verifiedPhone),void 0!==t.ssoAppIds&&(s.ssoAppIds=t.ssoAppIds),void 0!==t.scim&&(s.scim=t.scim),void 0!==t.status&&(s.status=t.status),void 0!==t.additionalIdentifiers&&(s.additionalIdentifiers=t.additionalIdentifiers),s}return{create:function(t,a,o,r,i,n,d,l,p,m,c,u,g,v){const y="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:i,userTenants:n,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.post(h.create,y),(e=>e.user))},createTestUser:function(t,a,o,r,i,n,d,l,p,m,c,u,g,v){const y="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:i,userTenants:n,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v,test:!0}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0,test:!0});return s(e.post(h.createTestUser,y),(e=>e.user))},invite:function(t,a,o,r,i,n,d,l,p,m,c,u,g,v,y,b,f,I,k){const T="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:v,middleName:y,familyName:b,roleNames:i,userTenants:n,invite:!0,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,inviteUrl:c,sendMail:u,sendSMS:g,additionalLoginIds:f,templateId:I,locale:k}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0,invite:!0});return s(e.post(h.create,T),(e=>e.user))},inviteBatch:(t,a,o,r,i,n,d)=>s(e.post(h.createBatch,{users:W(t),invite:!0,inviteUrl:a,sendMail:o,sendSMS:r,templateOptions:i,templateId:n,locale:d}),(e=>e)),createBatch:t=>s(e.post(h.createBatch,{users:W(t)}),(e=>e)),deleteBatch:t=>s(e.post(h.deleteBatch,{userIds:t})),update:function(t,a,o,r,i,n,d,l,p,m,c,u,g,v){const y="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:i,userTenants:n,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.post(h.update,y),(e=>e.user))},patch:function(a,o){const r=t(a,o);return s(e.patch(h.patch,r),(e=>e.user))},patchBatch:function(a){if(a.find((e=>!e.loginIdOrUserId&&!e.loginId)))return Promise.reject(new Error("patchBatch: each user must have loginIdOrUserId or loginId"));const o={users:a.map((e=>{var s;return t(null!==(s=e.loginIdOrUserId)&&void 0!==s?s:e.loginId,e)}))};return s(e.patch(h.patchBatch,o),(e=>e))},delete:t=>s(e.post(h.delete,{loginId:t})),deleteByUserId:t=>s(e.post(h.delete,{userId:t})),deleteAllTestUsers:()=>s(e.delete(h.deleteAllTestUsers)),load:t=>s(e.get(h.load,{queryParams:{loginId:t}}),(e=>e.user)),loadByUserId:t=>s(e.get(h.load,{queryParams:{userId:t}}),(e=>e.user)),logoutUser:t=>s(e.post(h.logout,{loginId:t})),logoutUserByUserId:t=>s(e.post(h.logout,{userId:t})),loadUsers:(t,a)=>s(e.post(h.loadUsers,{userIds:t,includeInvalidUsers:a}),(e=>e.users)),searchAll:(t,a,o,r,i,n,d,l,p,m)=>s(e.post(h.search,{tenantIds:t,roleNames:a,limit:o,page:r,testUsersOnly:i,withTestUser:n,customAttributes:d,statuses:l,emails:p,phones:m}),(e=>e.users)),searchTestUsers:t=>s(e.post(h.searchTestUsers,Object.assign(Object.assign({},t),{withTestUser:!0,testUsersOnly:!0,roleNames:t.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),search:t=>s(e.post(h.search,Object.assign(Object.assign({},t),{roleNames:t.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),getProviderToken:(t,a,o)=>s(e.get(h.getProviderToken,{queryParams:{loginId:t,provider:a,withRefreshToken:(null==o?void 0:o.withRefreshToken)?"true":"false",forceRefresh:(null==o?void 0:o.forceRefresh)?"true":"false"}}),(e=>e)),activate:t=>s(e.post(h.updateStatus,{loginId:t,status:"enabled"}),(e=>e.user)),deactivate:t=>s(e.post(h.updateStatus,{loginId:t,status:"disabled"}),(e=>e.user)),updateLoginId:(t,a)=>s(e.post(h.updateLoginId,{loginId:t,newLoginId:a}),(e=>e.user)),updateEmail:(t,a,o,r)=>s(e.post(h.updateEmail,{loginId:t,email:a,verified:o,failOnConflict:r}),(e=>e.user)),updatePhone:(t,a,o,r)=>s(e.post(h.updatePhone,{loginId:t,phone:a,verified:o,failOnConflict:r}),(e=>e.user)),updateDisplayName:(t,a,o,r,i)=>s(e.post(h.updateDisplayName,{loginId:t,displayName:a,givenName:o,middleName:r,familyName:i}),(e=>e.user)),updatePicture:(t,a)=>s(e.post(h.updatePicture,{loginId:t,picture:a}),(e=>e.user)),updateCustomAttribute:(t,a,o)=>s(e.post(h.updateCustomAttribute,{loginId:t,attributeKey:a,attributeValue:o}),(e=>e.user)),setRoles:(t,a)=>s(e.post(h.setRole,{loginId:t,roleNames:a}),(e=>e.user)),addRoles:(t,a)=>s(e.post(h.addRole,{loginId:t,roleNames:a}),(e=>e.user)),removeRoles:(t,a)=>s(e.post(h.removeRole,{loginId:t,roleNames:a}),(e=>e.user)),addTenant:(t,a)=>s(e.post(h.addTenant,{loginId:t,tenantId:a}),(e=>e.user)),removeTenant:(t,a)=>s(e.post(h.removeTenant,{loginId:t,tenantId:a}),(e=>e.user)),setTenantRoles:(t,a,o)=>s(e.post(h.setRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),addTenantRoles:(t,a,o)=>s(e.post(h.addRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),removeTenantRoles:(t,a,o)=>s(e.post(h.removeRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),addSSOapps:(t,a)=>s(e.post(h.addSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),setSSOapps:(t,a)=>s(e.post(h.setSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),removeSSOapps:(t,a)=>s(e.post(h.removeSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),generateOTPForTestUser:(t,a,o)=>s(e.post(h.generateOTPForTest,{deliveryMethod:t,loginId:a,loginOptions:o}),(e=>e)),generateMagicLinkForTestUser:(t,a,o,r)=>s(e.post(h.generateMagicLinkForTest,{deliveryMethod:t,loginId:a,URI:o,loginOptions:r}),(e=>e)),generateEnchantedLinkForTestUser:(t,a,o)=>s(e.post(h.generateEnchantedLinkForTest,{loginId:t,URI:a,loginOptions:o}),(e=>e)),generateEmbeddedLink:(t,a,o)=>s(e.post(h.generateEmbeddedLink,{loginId:t,customClaims:a,timeout:o}),(e=>e)),generateSignUpEmbeddedLink:(t,a,o,r,i,n)=>s(e.post(h.generateSignUpEmbeddedLink,{loginId:t,user:a,emailVerified:o,phoneVerified:r,loginOptions:i,timeout:n}),(e=>e)),setTemporaryPassword:(t,a)=>s(e.post(h.setTemporaryPassword,{loginId:t,password:a}),(e=>e)),setActivePassword:(t,a)=>s(e.post(h.setActivePassword,{loginId:t,password:a}),(e=>e)),setPassword:(t,a)=>s(e.post(h.setPassword,{loginId:t,password:a}),(e=>e)),expirePassword:t=>s(e.post(h.expirePassword,{loginId:t}),(e=>e)),removeAllPasskeys:t=>s(e.post(h.removeAllPasskeys,{loginId:t}),(e=>e)),removeTOTPSeed:t=>s(e.post(h.removeTOTPSeed,{loginId:t}),(e=>e)),history:t=>s(e.post(h.history,t),(e=>e)),import:(t,a,o,r)=>s(e.post(h.import,{source:t,users:a,hashes:o,dryrun:null!=r&&r}),(e=>e)),updateRecoveryEmail:(t,a,o)=>s(e.post(h.updateRecoveryEmail,{loginId:t,recoveryEmail:a,verified:o}),(e=>e.user)),updateRecoveryPhone:(t,a,o)=>s(e.post(h.updateRecoveryPhone,{loginId:t,recoveryPhone:a,verified:o}),(e=>e.user)),updateUserNames:(t,a,o,r)=>s(e.post(h.updateName,{loginId:t,givenName:a,middleName:o,familyName:r}),(e=>e.user)),getCustomAttributes:()=>s(e.get(h.getCustomAttributes),(e=>e.data)),createCustomAttributes:t=>s(e.post(h.createCustomAttributes,{attributes:t}),(e=>e.data)),deleteCustomAttributes:t=>s(e.post(h.deleteCustomAttributes,{names:t}),(e=>e.data)),removePasskey:(t,a)=>s(e.post(h.removePasskey,{loginId:t,credentialId:a}),(e=>e)),listPasskeys:t=>s(e.post(h.listPasskeys,{loginId:t}),(e=>e.passkeys)),listTrustedDevices:t=>s(e.post(h.listTrustedDevices,{identifiers:t}),(e=>e.devices)),removeTrustedDevices:(t,a)=>s(e.post(h.removeTrustedDevices,{identifier:t,deviceIds:a}),(e=>e))}},J=e=>({create:(t,a,o,r,i,n,d)=>s(e.post(f.create,{name:t,selfProvisioningDomains:a,customAttributes:o,enforceSSO:r,disabled:i,parent:n,roleInheritance:d})),createWithId:(t,a,o,r,i,n,d,l)=>s(e.post(f.create,{id:t,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:i,disabled:n,parent:d,roleInheritance:l})),update:(t,a,o,r,i,n,d)=>s(e.post(f.update,{id:t,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:i,disabled:n,roleInheritance:d})),updateDefaultRoles:(t,a)=>s(e.post(f.updateDefaultRoles,{id:t,defaultRoles:a})),delete:(t,a)=>s(e.post(f.delete,{id:t,cascade:a})),load:t=>s(e.get(f.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s(e.get(f.loadAll,{}),(e=>e.tenants)),searchAll:(t,a,o,r,i)=>s(e.post(f.searchAll,{tenantIds:t,tenantNames:a,tenantSelfProvisioningDomains:o,customAttributes:r,parentTenantId:i}),(e=>e.tenants)),getSettings:t=>s(e.get(f.settings,{queryParams:{id:t}}),(e=>e)),configureSettings:(t,a)=>s(e.post(f.settings,Object.assign(Object.assign({},a),{tenantId:t}),{})),generateSSOConfigurationLink:(t,a,o,r,i,n)=>s(e.post(f.generateSSOConfigurationLink,{tenantId:t,expireTime:a,ssoId:o,email:r,templateId:i,actorId:n},{}),(e=>e)),revokeSSOConfigurationLink:(t,a)=>s(e.post(f.revokeSSOConfigurationLink,Object.assign({tenantId:t},a?{ssoId:a}:{}),{}))}),G=e=>({update:(t,a,o)=>s(e.post(S.update,{jwt:t,customClaims:a,refreshDuration:o})),impersonate:(t,a,o,r,i,n)=>s(e.post(S.impersonate,{impersonatorId:t,loginId:a,validateConsent:o,customClaims:r,selectedTenant:i,refreshDuration:n})),impersonateStepup:(t,a,o,r,i,n)=>s(e.post(S.impersonateStepup,{impersonatorId:t,loginId:a,validateConsent:o,customClaims:r,selectedTenant:i,refreshDuration:n})),stopImpersonation:(t,a,o,r)=>s(e.post(S.stopImpersonation,{jwt:t,customClaims:a,selectedTenant:o,refreshDuration:r})),signIn:(t,a)=>s(e.post(S.signIn,Object.assign({loginId:t},a))),signUp:(t,a,o)=>s(e.post(S.signUp,Object.assign({loginId:t,user:a},o))),signUpOrIn:(t,a,o)=>s(e.post(S.signUpOrIn,Object.assign({loginId:t,user:a},o))),anonymous:(t,a,o)=>s(e.post(S.anonymous,{customClaims:t,selectedTenant:a,refreshDuration:o})),generateClientAssertionJwt:(t,a,o,r,i,n)=>s(e.post(S.clientAssertion,{issuer:t,subject:a,audience:o,expiresIn:r,flattenAudience:i,algorithm:n}))}),H=e=>({create:(t,a)=>s(e.post(w.create,{name:t,description:a})),createBatch:t=>s(e.post(w.createBatch,{permissions:t})),update:(t,a,o)=>s(e.post(w.update,{name:t,newName:a,description:o})),updateWithId:(t,a,o)=>s(e.post(w.update,{id:t,newName:a,description:o})),updateBatch:t=>s(e.post(w.updateBatch,{permissions:t})),delete:t=>s(e.post(w.delete,{name:t})),deleteWithId:t=>s(e.post(w.delete,{id:t})),deleteBatch:(t,a)=>s(e.post(w.deleteBatch,{names:t,ids:a})),loadAll:()=>s(e.get(w.loadAll,{}),(e=>e.permissions))}),V=e=>({create:(t,a,o,r,i)=>s(e.post(R.create,{name:t,description:a,permissionNames:o,tenantId:r,default:i})),createBatch:t=>s(e.post(R.createBatch,{roles:t}),(e=>e.roles)),update:(t,a,o,r,i,n)=>s(e.post(R.update,{name:t,newName:a,description:o,permissionNames:r,tenantId:i,default:n})),updateWithId:(t,a,o,r,i,n)=>s(e.post(R.update,{id:t,newName:a,description:o,permissionNames:r,tenantId:i,default:n})),updateBatch:t=>s(e.post(R.updateBatch,{roles:t}),(e=>e.roles)),delete:(t,a)=>s(e.post(R.delete,{name:t,tenantId:a})),deleteWithId:(t,a)=>s(e.post(R.delete,{id:t,tenantId:a})),deleteBatch:(t,a,o)=>s(e.post(R.deleteBatch,{roleNames:t,tenantId:a,roleIds:o})),loadAll:()=>s(e.get(R.loadAll,{}),(e=>e.roles)),search:t=>s(e.post(R.search,t,{}),(e=>e.roles))}),Q=e=>({loadAllGroups:t=>s(e.post(U.loadAllGroups,{tenantId:t})),loadAllGroupsForMember:(t,a,o)=>s(e.post(U.loadAllGroupsForMember,{tenantId:t,loginIds:o,userIds:a})),loadAllGroupMembers:(t,a)=>s(e.post(U.loadAllGroupMembers,{tenantId:t,groupId:a}))});function _(e){var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}const X=e=>({getSettings:t=>s(e.get(O.settings,{queryParams:{tenantId:t}}),(e=>e)),newSettings:(t,a,o)=>s(e.post(O.settingsNew,Object.assign(Object.assign({tenantId:t},a?{ssoId:a}:{}),{displayName:o})),(e=>_(e))),deleteSettings:(t,a)=>s(e.delete(O.settings,{queryParams:Object.assign({tenantId:t},a?{ssoId:a}:{})})),configureSettings:(t,a,o,r,i,n)=>s(e.post(O.settings,{tenantId:t,idpURL:a,entityId:r,idpCert:o,redirectURL:i,domains:n})),configureMetadata:(t,a,o,r)=>s(e.post(O.metadata,{tenantId:t,idpMetadataURL:a,redirectURL:o,domains:r})),configureMapping:(t,a,o,r)=>s(e.post(O.mapping,{tenantId:t,roleMappings:a,attributeMapping:o,defaultSSORoles:r})),configureOIDCSettings:(t,a,o,r)=>{const i=Object.assign(Object.assign({},a),{userAttrMapping:a.attributeMapping});return delete i.attributeMapping,s(e.post(O.oidc.configure,Object.assign({tenantId:t,settings:i,domains:o},r?{ssoId:r}:{})))},configureSAMLSettings:(t,a,o,r,i)=>s(e.post(O.saml.configure,Object.assign({tenantId:t,settings:a,redirectUrl:o,domains:r},i?{ssoId:i}:{}))),configureSAMLByMetadata:(t,a,o,r,i)=>s(e.post(O.saml.metadata,Object.assign({tenantId:t,settings:a,redirectUrl:o,domains:r},i?{ssoId:i}:{}))),configureSSORedirectURL:(t,a,o,r)=>s(e.post(O.redirect,Object.assign(Object.assign(Object.assign({tenantId:t},void 0!==a?{samlRedirectUrl:a}:{}),void 0!==o?{oauthRedirectUrl:o}:{}),r?{ssoId:r}:{}))),recalculateSSOMappings:(t,a)=>s(e.post(O.recalculateMappings,Object.assign({tenantId:t},a?{ssoId:a}:{}))),loadSettings:(t,a)=>s(e.get(O.settingsv2,{queryParams:Object.assign({tenantId:t},a?{ssoId:a}:{})}),(e=>_(e))),loadAllSettings:t=>s(e.get(O.settingsAllV2,{queryParams:{tenantId:t}}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push(_(e)))),s}(e)))}),Y=e=>({create:(t,a,o,r,i,n,d,l,p)=>s(e.post(b.create,{name:t,expireTime:a,roleNames:o,keyTenants:r,userId:i,customClaims:n,description:d,permittedIps:l,customAttributes:p})),load:t=>s(e.get(b.load,{queryParams:{id:t}}),(e=>e.key)),searchAll:(t,a,o,r)=>s(e.post(b.search,{tenantIds:t,boundUserId:a,creatingUser:o,customAttributes:r}),(e=>e.keys)),update:(t,a,o,r,i,n,d,l)=>s(e.post(b.update,{id:t,name:a,description:o,roleNames:r,keyTenants:i,customClaims:n,permittedIps:d,customAttributes:l}),(e=>e.key)),deactivate:t=>s(e.post(b.deactivate,{id:t})),deactivateBatch:t=>s(e.post(b.deactivateBatch,{ids:t})),activate:t=>s(e.post(b.activate,{id:t})),activateBatch:t=>s(e.post(b.activateBatch,{ids:t})),delete:t=>s(e.post(b.delete,{id:t})),deleteBatch:t=>s(e.post(b.deleteBatch,{ids:t})),rotate:t=>s(e.post(b.rotate,{id:t}))}),Z=e=>({list:()=>s(e.post(P.list,{})),delete:t=>s(e.post(P.delete,{ids:t})),export:t=>s(e.post(P.export,{flowId:t})),import:(t,a,o)=>s(e.post(P.import,{flowId:t,flow:a,screens:o})),run:(t,a)=>s(e.post(P.run,{flowId:t,options:a}),(e=>null==e?void 0:e.output))}),ee=e=>({export:()=>s(e.post(N.export,{})),import:t=>s(e.post(N.import,{theme:t}))}),te=e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t})),se=e=>({search:t=>{const a=Object.assign(Object.assign({},t),{externalIds:t.loginIds});return delete a.loginIds,s(e.post(x.search,a),te)},searchAll:t=>{const a=Object.assign(Object.assign({},t),{externalIds:t.loginIds});return delete a.loginIds,s(e.post(x.search,a),(e=>({audits:te(e),total:null==e?void 0:e.total})))},createEvent:t=>{const a=Object.assign({},t);return s(e.post(x.createEvent,a))},createAuditWebhook:t=>s(e.post(x.createAuditWebhook,t))}),ae=(e,t)=>{var a;const o=null!==(a=null==t?void 0:t.fgaCacheTimeoutMs)&&void 0!==a?a:3e4,r=Number.isFinite(o)&&o>0?o:3e4,i=async(s,a)=>{if((null==t?void 0:t.fgaCacheUrl)&&t.managementKey){const e=`${t.fgaCacheUrl}${s}`,o=new AbortController,i=setTimeout((()=>o.abort()),r);try{const s=await m(e,{method:"POST",headers:Object.assign(Object.assign({},t.headers),{"Content-Type":"application/json",Authorization:`Bearer ${t.projectId}:${t.managementKey}`,"x-descope-project-id":t.projectId}),body:JSON.stringify(a),signal:o.signal});if(s.ok){const e=await s.text();return s.text=()=>Promise.resolve(e),s.json=async()=>JSON.parse(e),s.clone=()=>s,s}}catch(e){}finally{clearTimeout(i)}}return e.post(s,a)};return{saveSchema:(t,a)=>s(e.post(C.schemaSave,{schema:t,upgrade:a})),deleteSchema:()=>s(e.post(C.schemaDelete,{})),loadSchema:()=>s(e.post(C.schemaLoad,{}),(e=>e.schema)),saveNamespace:(t,a,o)=>s(e.post(C.nsSave,{namespace:t,oldName:a,schemaName:o})),deleteNamespace:(t,a)=>s(e.post(C.nsDelete,{name:t,schemaName:a})),saveRelationDefinition:(t,a,o,r)=>s(e.post(C.rdSave,{relationDefinition:t,namespace:a,oldName:o,schemaName:r})),deleteRelationDefinition:(t,a,o)=>s(e.post(C.rdDelete,{name:t,namespace:a,schemaName:o})),createRelations:t=>s(e.post(C.reCreate,{relations:t})),deleteRelations:t=>s(e.post(C.reDelete,{relations:t})),deleteRelationsForResources:t=>s(e.post(C.reDeleteResources,{resources:t})),deleteResourceRelationsForResources:t=>s(e.post(C.reDeleteResourceRelationsForResources,{resources:t})),deleteRelationsForIds:t=>s(e.post(C.reDeleteResources,{resources:t})),hasRelations:t=>s(e.post(C.hasRelations,{relationQueries:t}),(e=>e.relationQueries)),whoCanAccess:(e,t,a)=>s(i(C.who,{resource:e,relationDefinition:t,namespace:a}),(e=>e.targets)),resourceRelations:(t,a=!1)=>s(e.post(C.resource,{resource:t,ignoreTargetSetRelations:a}),(e=>e.relations)),resourceRelationsWithTargetSetsFilter:(t,a=!0)=>s(e.post(C.resource,{resource:t,ignoreTargetSetRelations:!a}),(e=>e.relations)),targetsRelations:(t,a=!1)=>s(e.post(C.targets,{targets:t,includeTargetSetRelations:a}),(e=>e.relations)),targetsRelationsWithTargetSetsFilter:(t,a=!1)=>s(e.post(C.targets,{targets:t,includeTargetSetRelations:a}),(e=>e.relations)),whatCanTargetAccess:e=>s(i(C.targetAll,{target:e}),(e=>e.relations)),whatCanTargetAccessWithRelation:(t,a,o)=>s(e.post(C.targetWithRelation,{target:t,relationDefinition:a,namespace:o}),(e=>e.resources.map((e=>({resource:e}))))),getModified:t=>s(e.post(C.getModified,{since:t?t.getTime():0}),(e=>e))}},oe=e=>({createOidcApplication:t=>{var a;return s(e.post(I.oidcCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},createSamlApplication:t=>{var a;return s(e.post(I.samlCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},updateOidcApplication:t=>s(e.post(I.oidcUpdate,Object.assign({},t))),updateSamlApplication:t=>s(e.post(I.samlUpdate,Object.assign({},t))),createWsFedApplication:t=>{var a;return s(e.post(I.wsfedCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},updateWsFedApplication:t=>s(e.post(I.wsfedUpdate,Object.assign({},t))),delete:t=>s(e.post(I.delete,{id:t})),load:t=>s(e.get(I.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s(e.get(I.loadAll,{}),(e=>e.apps)),getApplicationSecret:t=>s(e.get(I.secret,{queryParams:{id:t}}),(e=>e)),rotateApplicationSecret:t=>s(e.post(I.rotate,{id:t}),(e=>e))}),re=e=>({getSettings:t=>s(e.get(j.settings,{queryParams:{tenantId:t}}),(e=>e)),configureSettings:(t,a)=>s(e.post(j.settings,Object.assign(Object.assign({},a),{tenantId:t})))}),ie=(e,t)=>{var a;const o=null!==(a=null==t?void 0:t.fgaCacheTimeoutMs)&&void 0!==a?a:3e4,r=Number.isFinite(o)&&o>0?o:3e4,i=async(s,a)=>{if((null==t?void 0:t.fgaCacheUrl)&&t.managementKey){const e=`${t.fgaCacheUrl}${s}`,o=new AbortController,i=setTimeout((()=>o.abort()),r);try{const s=await m(e,{method:"POST",headers:Object.assign(Object.assign({},t.headers),{"Content-Type":"application/json",Authorization:`Bearer ${t.projectId}:${t.managementKey}`,"x-descope-project-id":t.projectId}),body:JSON.stringify(a),signal:o.signal});if(s.ok){const e=await s.text();return s.text=()=>Promise.resolve(e),s.json=async()=>JSON.parse(e),s.clone=()=>s,s}}catch(e){}finally{clearTimeout(i)}}return e.post(s,a)};return{saveSchema:e=>s(i(B.schema,e)),loadSchema:()=>s(e.get(B.schema,{}),(e=>e)),dryRunSchema:t=>s(e.post(B.dryRunSchema,t),(e=>e)),deleteSchema:()=>s(e.post(C.schemaDelete,{})),createRelations:e=>s(i(B.relations,{tuples:e})),deleteRelations:e=>s(i(B.deleteRelations,{tuples:e})),check:e=>s(i(B.check,{tuples:e}),(e=>e.tuples)),checkWithContext:(e,t)=>s(i(B.check,Object.assign({tuples:e},t&&Object.keys(t).length>0?{context:t}:{})),(e=>e.tuples)),loadResourcesDetails:t=>s(e.post(B.resourcesLoad,{resourceIdentifiers:t}),(e=>e.resourcesDetails)),saveResourcesDetails:t=>s(e.post(B.resourcesSave,{resourcesDetails:t})),loadMappableSchema:(t,a)=>s(e.get(B.mappableSchema,{queryParams:Object.assign({tenantId:t},(null==a?void 0:a.resourcesLimit)&&a.resourcesLimit>0?{resourcesLimit:a.resourcesLimit.toString()}:{})}),(e=>e)),searchMappableResources:(t,a,o)=>s(e.post(B.mappableResources,Object.assign({tenantId:t,resourcesQueries:a},(null==o?void 0:o.resourcesLimit)&&o.resourcesLimit>0?{resourcesLimit:o.resourcesLimit.toString()}:{})),(e=>e.mappableResources)),deleteAllRelations:()=>s(e.delete(B.relations))}},ne=e=>({createApplication:t=>s(e.post(k.create,Object.assign({},t))),updateApplication:t=>s(e.post(k.update,Object.assign({},t))),patchApplication:t=>s(e.post(k.patch,Object.assign({},t))),deleteApplication:t=>s(e.post(k.delete,{id:t})),deleteApplicationBatch:t=>s(e.post(k.deleteBatch,{ids:t})),loadApplication:t=>s(e.get(k.load,{queryParams:{id:t}}),(e=>e)),loadAllApplications:()=>s(e.get(k.loadAll,{}),(e=>e.apps)),getApplicationSecret:t=>s(e.get(k.secret,{queryParams:{id:t}}),(e=>e)),rotateApplicationSecret:t=>s(e.post(k.rotate,{id:t})),searchConsents:t=>s(e.post(T.search,Object.assign({},t)),(e=>e.consents)),deleteConsents:t=>s(e.post(T.delete,Object.assign({},t))),deleteTenantConsents:t=>s(e.post(T.deleteTenant,Object.assign({},t)))}),de=e=>({createApplication:t=>s(e.post(A.create,Object.assign({},t)),(e=>e.app)),createApplicationByTemplate:t=>s(e.post(A.createByTemplate,Object.assign({},t)),(e=>e.app)),updateApplication:t=>s(e.post(A.update,{app:t}),(e=>e.app)),deleteApplication:t=>s(e.post(A.delete,{id:t})),loadApplication:t=>s(e.get(`${A.load}/${t}`),(e=>e.app)),loadAllApplications:()=>s(e.get(A.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(t,a,o,r,i)=>s(e.post(A.fetchTokenByScopes,{appId:t,userId:a,scopes:o,options:r,tenantId:i}),(e=>e.token)),fetchToken:(t,a,o,r)=>s(e.post(A.fetchToken,{appId:t,userId:a,tenantId:o,options:r}),(e=>e.token)),fetchTenantTokenByScopes:(t,a,o,r)=>s(e.post(A.fetchTenantTokenByScopes,{appId:t,tenantId:a,scopes:o,options:r}),(e=>e.token)),fetchTenantToken:(t,a,o)=>s(e.post(A.fetchTenantToken,{appId:t,tenantId:a,options:o}),(e=>e.token)),deleteUserTokens:(t,a)=>s(e.delete(A.deleteUserTokens,{queryParams:{appId:t,userId:a}})),deleteTokenById:t=>s(e.delete(A.deleteTokenById,{queryParams:{id:t}})),listAppsWithUserToken:(t,a)=>s(e.get(A.listAppsWithUserToken,{queryParams:Object.assign({userId:t},a?{tenantId:a}:{})}),(e=>e.appIds)),uploadUserApiKey:(t,a,o,r)=>s(e.post(A.uploadUserApiKey,{appId:t,userId:a,apiKey:o,tenantId:r})),uploadTenantApiKey:(t,a,o)=>s(e.post(A.uploadTenantApiKey,{appId:t,tenantId:a,apiKey:o})),uploadUserToken:t=>s(e.post(A.uploadUserToken,Object.assign({},t))),uploadTenantToken:t=>s(e.post(A.uploadTenantToken,Object.assign({},t))),batchUploadUserTokens:t=>s(e.post(A.batchUploadUserTokens,{tokens:t})),batchUploadTenantTokens:t=>s(e.post(A.batchUploadTenantTokens,{tokens:t}))}),le=e=>({create:t=>s(e.put(L.create,{descopers:t}),(e=>({descopers:e.descopers,total:e.total}))),update:(t,a,o)=>s(e.patch(L.update,{id:t,attributes:a,rbac:o}),(e=>e.descoper)),load:t=>s(e.get(L.get,{queryParams:{id:t}}),(e=>e.descoper)),delete:t=>s(e.delete(L.delete,{queryParams:{id:t}})),list:()=>s(e.post(L.list),(e=>({descopers:e.descopers,total:e.total})))}),pe=e=>({create:(t,a,o,r,i)=>s(e.put(M.create,{name:t,description:o,expiresIn:r,permittedIps:i,reBac:a})),update:(t,a,o,r,i)=>s(e.patch(M.update,{id:t,name:a,description:o,permittedIps:i,status:r}),(e=>e.key)),delete:t=>s(e.post(M.delete,{ids:t})),load:t=>s(e.get(M.load,{queryParams:{id:t}}),(e=>e.key)),search:()=>s(e.get(M.search),(e=>e.keys))}),me=e=>({create:t=>s(e.post(D.create,{name:t}),(e=>e.engine)),update:(t,a)=>s(e.post(D.update,{id:t,name:a}),(e=>e.engine)),delete:t=>s(e.post(D.delete,{id:t})),load:t=>s(e.get(D.load,{queryParams:{id:t}}),(e=>e.engine)),loadAll:()=>s(e.get(D.loadAll,{}),(e=>e.engines)),rotateSecret:t=>s(e.post(D.rotate,{id:t}),(e=>e))}),ce=e=>({create:t=>s(e.post(q.create,t),(e=>e.list)),update:(t,a)=>s(e.post(q.update,Object.assign({id:t},a)),(e=>e.list)),delete:t=>s(e.post(q.delete,{id:t})),load:t=>s(e.get(`${q.load}/${encodeURIComponent(t)}`),(e=>e.list)),loadByName:t=>s(e.get(`${q.loadByName}/${encodeURIComponent(t)}`),(e=>e.list)),loadAll:()=>s(e.get(q.loadAll),(e=>e.lists)),import:t=>s(e.post(q.import,{lists:t})),addIPs:(t,a)=>s(e.post(q.addIPs,{id:t,ips:a})),removeIPs:(t,a)=>s(e.post(q.removeIPs,{id:t,ips:a})),checkIP:(t,a)=>s(e.post(q.checkIP,{id:t,ip:a}),(e=>e.exists)),addTexts:(t,a)=>s(e.post(q.addTexts,{id:t,texts:a})),removeTexts:(t,a)=>s(e.post(q.removeTexts,{id:t,texts:a})),checkText:(t,a)=>s(e.post(q.checkText,{id:t,text:a}),(e=>e.exists)),clear:t=>s(e.post(q.clear,{id:t}))}),ue=e=>({create:t=>s(e.post($.create,{template:t}),(e=>e.template)),update:t=>s(e.post($.update,{template:t}),(e=>e.template)),delete:t=>s(e.post($.delete,{id:t})),list:()=>s(e.post($.list,{}),(e=>e.templates)),load:t=>s(e.post($.load,{id:t}),(e=>e.template)),validate:(t,a)=>s(e.post($.validate,{id:t,template:a})),listLibrary:()=>s(e.post($.libraryList,{}),(e=>e.entries)),loadLibraryEntry:t=>s(e.post($.libraryLoad,{id:t}),(e=>e.entry)),applyFromLibrary:t=>s(e.post($.libraryApply,t),(e=>e.template))}),ge=e=>({get:()=>s(e.post(K.get,{}),(e=>e.mappings)),set:t=>s(e.post(K.set,{mappings:t})),delete:()=>s(e.post(K.delete,{}))}),ve=e=>({search:t=>s(e.post(F.search,t),(e=>e.analytics))});const he=d=>{var l,p,h,{authManagementKey:b,managementKey:f,publicKey:I,fgaCacheUrl:k}=d,T=e(d,["authManagementKey","managementKey","publicKey","fgaCacheUrl"]);const A={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(l=null===process||void 0===process?void 0:process.versions)||void 0===l?void 0:l.node)||"","x-descope-sdk-version":"0.0.0-next-a2202e1e-20260708"},O=Object.assign(Object.assign({fetch:m},T),{baseHeaders:Object.assign(Object.assign({},T.baseHeaders),A),hooks:Object.assign(Object.assign({},T.hooks),{beforeRequest:[e=>(b&&(e.token=e.token?`${e.token}:${b}`:b),e)].concat((null===(p=T.hooks)||void 0===p?void 0:p.beforeRequest)||[])})}),S=t(O),{projectId:j,logger:w}=T,R={};let P;const N=Object.assign(Object.assign({fetch:m},T),{baseConfig:{baseHeaders:Object.assign(Object.assign({},T.baseHeaders),A)},hooks:Object.assign(Object.assign({},T.hooks),{beforeRequest:[e=>(e.token=f,P&&(e.headers=Object.assign(Object.assign({},e.headers),{"x-descope-license":P})),e)].concat((null===(h=T.hooks)||void 0===h?void 0:h.beforeRequest)||[])})}),U=a(N),x=(B={fgaCacheUrl:k,managementKey:f,projectId:j,headers:A},{user:z(C=U),project:(L=C,{updateName:e=>s(L.post(y.updateName,{name:e})),updateTags:e=>s(L.post(y.updateTags,{tags:e})),delete:()=>s(L.post(y.delete,{})),clone:(e,t,a)=>s(L.post(y.clone,{name:e,environment:t,tags:a})),listProjects:async()=>s(L.post(y.projectsList,{}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:a})=>({id:e,name:t,environment:s,tags:a}))))),exportSnapshot:()=>s(L.post(y.exportSnapshot,{})),importSnapshot:e=>s(L.post(y.importSnapshot,e)),validateSnapshot:e=>s(L.post(y.validateSnapshot,e)),export:()=>s(L.post(y.exportSnapshot,{}),(e=>e.files)),import:e=>s(L.post(y.importSnapshot,{files:e}))}),accessKey:Y(C),tenant:J(C),ssoApplication:oe(C),inboundApplication:ne(C),outboundApplication:de(C),sso:X(C),jwt:G(C),permission:H(C),password:re(C),role:V(C),group:Q(C),flow:Z(C),theme:ee(C),audit:se(C),authz:ae(C,B),fga:ie(C,B),descoper:le(C),managementKey:pe(C),engine:me(C),list:ce(C),jwtTemplate:ue(C),scopeClaimMapping:ge(C),analytics:ve(C)});var C,B,L;f&&(e=>({get:()=>s(e.get(E.get))}))(U).get().then((e=>{var t;e.ok&&(null===(t=e.data)||void 0===t?void 0:t.rateLimitTier)&&(P=e.data.rateLimitTier)})).catch((e=>{var t;null===(t=null==w?void 0:w.warn)||void 0===t||t.call(w,"License handshake failed",e)}));const M=Object.assign(Object.assign({},S),{refresh:async(e,t)=>S.refresh(e,void 0,t),management:x,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(R[e.kid])return R[e.kid];if(Object.assign(R,await(async()=>{if(I)try{const e=JSON.parse(I),t=await n(e);return{[e.kid]:t}}catch(e){throw null==w||w.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await S.httpClient.get(`v2/keys/${j}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await n(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!R[e.kid])throw Error("failed to fetch matching key");return R[e.kid]},async validateJwt(e,t){const s={clockTolerance:5};(null==t?void 0:t.audience)&&(s.audience=t.audience);const a=(await r(e,M.getKey,s)).payload;if(a){const e=a.iss;if(!function(e,t){if(e===t)return!0;if(!e||!t)return!1;const s=e=>e[e.length-1]===t||e[e.length-2]===t;try{const{pathname:t}=new URL(e);return s(t.split("/").filter((e=>e.length>0)))}catch(t){return s(e.split("/").filter((e=>e.length>0)))}}("string"==typeof e?e:void 0,j))throw new i.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");a.iss=j}return{jwt:e,token:a}},async validateSession(e,t){if(!e)throw Error("session token is required for validation");try{return await M.validateJwt(e,t)}catch(e){throw null==w||w.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,t){var s,a,o,r,i,n;if(!e)throw Error("refresh token is required to refresh a session");try{await M.validateJwt(e);const d=await M.refresh(e);if(d.ok){const e=c(null===(a=null===(s=d.data)||void 0===s?void 0:s.cookies)||void 0===a?void 0:a.join(";"),"DS")||(null===(o=d.data)||void 0===o?void 0:o.sessionJwt),n=await M.validateJwt(e,t);return n.cookies=(null===(r=d.data)||void 0===r?void 0:r.cookies)||[],(null===(i=d.data)||void 0===i?void 0:i.refreshJwt)&&(n.refreshJwt=d.data.refreshJwt),n}throw Error(null===(n=d.error)||void 0===n?void 0:n.errorMessage)}catch(e){throw null==w||w.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t,s){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await M.validateSession(e,s)}catch(e){null==w||w.log(`session validation failed with error ${e} - trying to refresh it`)}return M.refreshSession(t,s)},async exchangeAccessKey(e,t,s){var a;if(!e)throw Error("access key must not be empty");let o;try{o=await M.accessKey.exchange(e,t)}catch(e){throw null==w||w.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!o.ok)throw null==w||w.error("failed to exchange access key",o.error),Error(`could not exchange access key - ${null===(a=o.error)||void 0===a?void 0:a.errorMessage}`);const{sessionJwt:r}=o.data;if(!r)throw null==w||w.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await M.validateJwt(r,s)}catch(e){throw null==w||w.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>M.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>M.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!v(e,t))return!1;const a=g(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!v(e,t))return[];const a=g(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>M.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>M.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!v(e,t))return!1;const a=g(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!v(e,t))return[];const a=g(e,"roles",t);return s.filter((e=>a.includes(e)))}});return o(M,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","otp.verify.im","notp.waitForSession","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","enchantedLink.waitForSession","oauth.exchangeOneTapIDToken","password.signIn","password.signUp","password.replace","oauth.exchange","saml.exchange","totp.verify","selectTenant","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],u)};he.RefreshTokenCookieName="DSR",he.SessionTokenCookieName="DS",he.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"};export{he as default};
1
+ import{__rest as e}from"tslib";import t,{transformResponse as s,createHttpClient as a,wrapWith as o}from"@descope/core-js-sdk";import{jwtVerify as r,errors as i,importJWK as n}from"jose";import{Headers as d,fetch as l}from"cross-fetch";var p;null!==(p=globalThis.Headers)&&void 0!==p||(globalThis.Headers=d);const m="function"==typeof globalThis.fetch?(...e)=>globalThis.fetch(...e):(...e)=>(e.forEach((e=>{var t,s;e&&"object"==typeof e&&(null!==(t=(s=e).highWaterMark)&&void 0!==t||(s.highWaterMark=31457280))})),l(...e)),c=(e,t)=>{const s=null==e?void 0:e.match(RegExp(`(?:^|[;,]\\s*)${t}=([^;]*)`));return s?s[1]:null};const u=t=>async(...s)=>{var a,o,r;const i=await t(...s);if(!i.data)return i;let n=i.data,{refreshJwt:d}=n,l=e(n,["refreshJwt"]);const p=[];var m;return d?p.push(`${"DSR"}=${d}; Domain=${(null==(m=l)?void 0:m.cookieDomain)||""}; Max-Age=${(null==m?void 0:m.cookieMaxAge)||""}; Path=${(null==m?void 0:m.cookiePath)||"/"}; HttpOnly; SameSite=Strict`):(null===(a=i.response)||void 0===a?void 0:a.headers.get("set-cookie"))&&(d=c(null===(o=i.response)||void 0===o?void 0:o.headers.get("set-cookie"),"DSR"),p.push(null===(r=i.response)||void 0===r?void 0:r.headers.get("set-cookie"))),Object.assign(Object.assign({},i),{data:Object.assign(Object.assign({},i.data),{refreshJwt:d,cookies:p})})};function g(e,t,s){var a,o;const r=s?null===(o=null===(a=e.token.tenants)||void 0===a?void 0:a[s])||void 0===o?void 0:o[t]:e.token[t];return Array.isArray(r)?r:[]}function v(e,t){var s;return!!(null===(s=e.token.tenants)||void 0===s?void 0:s[t])}var h={create:"/v1/mgmt/user/create",createTestUser:"/v1/mgmt/user/create/test",createBatch:"/v1/mgmt/user/create/batch",update:"/v1/mgmt/user/update",patch:"/v1/mgmt/user/patch",patchBatch:"/v1/mgmt/user/patch/batch",delete:"/v1/mgmt/user/delete",deleteBatch:"/v1/mgmt/user/delete/batch",deleteAllTestUsers:"/v1/mgmt/user/test/delete/all",load:"/v1/mgmt/user",logout:"/v1/mgmt/user/logout",loadUsers:"/v1/mgmt/users/load",search:"/v2/mgmt/user/search",searchTestUsers:"/v2/mgmt/user/search/test",getProviderToken:"/v1/mgmt/user/provider/token",updateStatus:"/v1/mgmt/user/update/status",updateLoginId:"/v1/mgmt/user/update/loginid",updateEmail:"/v1/mgmt/user/update/email",updatePhone:"/v1/mgmt/user/update/phone",updateDisplayName:"/v1/mgmt/user/update/name",updatePicture:"/v1/mgmt/user/update/picture",updateCustomAttribute:"/v1/mgmt/user/update/customAttribute",setRole:"/v1/mgmt/user/update/role/set",addRole:"/v2/mgmt/user/update/role/add",removeRole:"/v1/mgmt/user/update/role/remove",setSSOApps:"/v1/mgmt/user/update/ssoapp/set",addSSOApps:"/v1/mgmt/user/update/ssoapp/add",removeSSOApps:"/v1/mgmt/user/update/ssoapp/remove",addTenant:"/v1/mgmt/user/update/tenant/add",removeTenant:"/v1/mgmt/user/update/tenant/remove",setPassword:"/v1/mgmt/user/password/set",setTemporaryPassword:"/v1/mgmt/user/password/set/temporary",setActivePassword:"/v1/mgmt/user/password/set/active",expirePassword:"/v1/mgmt/user/password/expire",removeAllPasskeys:"/v1/mgmt/user/passkeys/delete",removeTOTPSeed:"/v1/mgmt/user/totp/delete",generateOTPForTest:"/v1/mgmt/tests/generate/otp",generateMagicLinkForTest:"/v1/mgmt/tests/generate/magiclink",generateEnchantedLinkForTest:"/v1/mgmt/tests/generate/enchantedlink",generateEmbeddedLink:"/v1/mgmt/user/signin/embeddedlink",generateSignUpEmbeddedLink:"/v1/mgmt/user/signup/embeddedlink",history:"/v1/mgmt/user/history",import:"/v1/mgmt/user/import",updateRecoveryEmail:"/v1/mgmt/user/update/recovery/email",updateRecoveryPhone:"/v1/mgmt/user/update/recovery/phone",updateName:"/v1/mgmt/user/update/name",getCustomAttributes:"/v1/mgmt/user/customattributes",createCustomAttributes:"/v1/mgmt/user/customattribute/create",deleteCustomAttributes:"/v1/mgmt/user/customattribute/delete",removePasskey:"/v1/mgmt/user/passkey/delete",listPasskeys:"/v1/mgmt/user/passkeys/list",listTrustedDevices:"/v1/mgmt/user/trusteddevices/list",removeTrustedDevices:"/v1/mgmt/user/trusteddevices/remove"},y={updateName:"/v1/mgmt/project/update/name",updateTags:"/v1/mgmt/project/update/tags",clone:"/v1/mgmt/project/clone",projectsList:"/v1/mgmt/projects/list",exportSnapshot:"/v1/mgmt/project/snapshot/export",importSnapshot:"/v1/mgmt/project/snapshot/import",validateSnapshot:"/v1/mgmt/project/snapshot/validate",delete:"/v1/mgmt/project/delete"},b={create:"/v1/mgmt/accesskey/create",load:"/v1/mgmt/accesskey",search:"/v1/mgmt/accesskey/search",update:"/v1/mgmt/accesskey/update",deactivate:"/v1/mgmt/accesskey/deactivate",deactivateBatch:"/v1/mgmt/accesskey/deactivate/batch",activate:"/v1/mgmt/accesskey/activate",activateBatch:"/v1/mgmt/accesskey/activate/batch",delete:"/v1/mgmt/accesskey/delete",deleteBatch:"/v1/mgmt/accesskey/delete/batch",rotate:"/v1/mgmt/accesskey/rotate"},f={create:"/v1/mgmt/tenant/create",update:"/v1/mgmt/tenant/update",delete:"/v1/mgmt/tenant/delete",load:"/v1/mgmt/tenant",settings:"/v1/mgmt/tenant/settings",loadAll:"/v1/mgmt/tenant/all",searchAll:"/v1/mgmt/tenant/search",updateDefaultRoles:"/v1/mgmt/tenant/updateDefaultRoles",generateSSOConfigurationLink:"/v2/mgmt/tenant/adminlinks/sso/generate",revokeSSOConfigurationLink:"/v1/mgmt/tenant/adminlinks/sso/revoke"},I={oidcCreate:"/v1/mgmt/sso/idp/app/oidc/create",samlCreate:"/v1/mgmt/sso/idp/app/saml/create",oidcUpdate:"/v1/mgmt/sso/idp/app/oidc/update",samlUpdate:"/v1/mgmt/sso/idp/app/saml/update",wsfedCreate:"/v1/mgmt/sso/idp/app/wsfed/create",wsfedUpdate:"/v1/mgmt/sso/idp/app/wsfed/update",delete:"/v1/mgmt/sso/idp/app/delete",load:"/v1/mgmt/sso/idp/app/load",loadAll:"/v1/mgmt/sso/idp/apps/load",secret:"/v1/mgmt/sso/idp/app/secret",rotate:"/v1/mgmt/sso/idp/app/rotate"},k={create:"/v1/mgmt/thirdparty/app/create",update:"/v1/mgmt/thirdparty/app/update",patch:"/v1/mgmt/thirdparty/app/patch",delete:"/v1/mgmt/thirdparty/app/delete",load:"/v1/mgmt/thirdparty/app/load",loadAll:"/v1/mgmt/thirdparty/apps/load",secret:"/v1/mgmt/thirdparty/app/secret",rotate:"/v1/mgmt/thirdparty/app/rotate",deleteBatch:"/v1/mgmt/thirdparty/app/delete/batch"},T={delete:"/v1/mgmt/thirdparty/consents/delete",deleteTenant:"/v1/mgmt/thirdparty/consents/delete/tenant",search:"/v1/mgmt/thirdparty/consents/search"},A={create:"/v1/mgmt/outbound/app/create",createByTemplate:"/v1/mgmt/outbound/app/create/bytemplate",update:"/v1/mgmt/outbound/app/update",delete:"/v1/mgmt/outbound/app/delete",load:"/v1/mgmt/outbound/app",loadAll:"/v1/mgmt/outbound/apps",fetchToken:"/v1/mgmt/outbound/app/user/token/latest",fetchTokenByScopes:"/v1/mgmt/outbound/app/user/token",fetchTenantToken:"/v1/mgmt/outbound/app/tenant/token/latest",fetchTenantTokenByScopes:"/v1/mgmt/outbound/app/tenant/token",deleteUserTokens:"/v1/mgmt/outbound/user/tokens",deleteTokenById:"/v1/mgmt/outbound/token",listAppsWithUserToken:"/v1/mgmt/outbound/apps-with-user-token",uploadUserApiKey:"/v1/mgmt/outbound/app/user/apikey/upload",uploadTenantApiKey:"/v1/mgmt/outbound/app/tenant/apikey/upload",uploadUserToken:"/v1/mgmt/outbound/app/user/oauthtoken/upload",uploadTenantToken:"/v1/mgmt/outbound/app/tenant/oauthtoken/upload",batchUploadUserTokens:"/v1/mgmt/outbound/app/user/oauthtoken/batch/upload",batchUploadTenantTokens:"/v1/mgmt/outbound/app/tenant/oauthtoken/batch/upload"},O={settings:"/v1/mgmt/sso/settings",settingsNew:"/v1/mgmt/sso/settings/new",metadata:"/v1/mgmt/sso/metadata",mapping:"/v1/mgmt/sso/mapping",settingsv2:"/v2/mgmt/sso/settings",settingsAllV2:"/v2/mgmt/sso/settings/all",redirect:"/v1/mgmt/sso/redirect",recalculateMappings:"/v1/mgmt/sso/recalculate-mappings",oidc:{configure:"/v1/mgmt/sso/oidc"},saml:{configure:"/v1/mgmt/sso/saml",metadata:"/v1/mgmt/sso/saml/metadata"}},S={update:"/v1/mgmt/jwt/update",impersonate:"/v1/mgmt/impersonate",impersonateStepup:"/v1/mgmt/impersonate/stepup",stopImpersonation:"/v1/mgmt/stop/impersonation",signIn:"/v1/mgmt/auth/signin",signUp:"/v1/mgmt/auth/signup",signUpOrIn:"/v1/mgmt/auth/signup-in",anonymous:"/v1/mgmt/auth/anonymous",clientAssertion:"/v1/mgmt/token/clientassertion"},j={settings:"/v1/mgmt/password/settings"},w={create:"/v1/mgmt/permission/create",createBatch:"/v1/mgmt/permission/create/batch",update:"/v1/mgmt/permission/update",updateBatch:"/v1/mgmt/permission/update/batch",delete:"/v1/mgmt/permission/delete",deleteBatch:"/v1/mgmt/permission/delete/batch",loadAll:"/v1/mgmt/permission/all"},R={create:"/v1/mgmt/role/create",createBatch:"/v1/mgmt/role/create/batch",update:"/v1/mgmt/role/update",updateBatch:"/v1/mgmt/role/update/batch",delete:"/v1/mgmt/role/delete",deleteBatch:"/v1/mgmt/role/delete/batch",loadAll:"/v1/mgmt/role/all",search:"/v1/mgmt/role/search"},P={list:"/v1/mgmt/flow/list",delete:"/v1/mgmt/flow/delete",export:"/v1/mgmt/flow/export",import:"/v1/mgmt/flow/import",run:"/v1/mgmt/flow/run"},N={export:"/v1/mgmt/theme/export",import:"/v1/mgmt/theme/import"},U={loadAllGroups:"/v1/mgmt/group/all",loadAllGroupsForMember:"/v1/mgmt/group/member/all",loadAllGroupMembers:"/v1/mgmt/group/members"},x={search:"/v1/mgmt/audit/search",createEvent:"/v1/mgmt/audit/event",createAuditWebhook:"/v2/mgmt/connector/audit/web/set"},C={schemaSave:"/v1/mgmt/authz/schema/save",schemaDelete:"/v1/mgmt/authz/schema/delete",schemaLoad:"/v1/mgmt/authz/schema/load",nsSave:"/v1/mgmt/authz/ns/save",nsDelete:"/v1/mgmt/authz/ns/delete",rdSave:"/v1/mgmt/authz/rd/save",rdDelete:"/v1/mgmt/authz/rd/delete",reCreate:"/v1/mgmt/authz/re/create",reDelete:"/v1/mgmt/authz/re/delete",reDeleteResources:"/v1/mgmt/authz/re/deleteresources",reDeleteResourceRelationsForResources:"/v1/mgmt/authz/re/deleteresourcesrelations",hasRelations:"/v1/mgmt/authz/re/has",who:"/v1/mgmt/authz/re/who",resource:"/v1/mgmt/authz/re/resource",targets:"/v1/mgmt/authz/re/targets",targetAll:"/v1/mgmt/authz/re/targetall",targetWithRelation:"/v1/mgmt/authz/re/targetwithrelation",getModified:"/v1/mgmt/authz/getmodified"},B={schema:"/v1/mgmt/fga/schema",dryRunSchema:"/v1/mgmt/fga/schema/dryrun",relations:"/v1/mgmt/fga/relations",deleteRelations:"/v1/mgmt/fga/relations/delete",check:"/v1/mgmt/fga/check",resourcesLoad:"/v1/mgmt/fga/resources/load",resourcesSave:"/v1/mgmt/fga/resources/save",mappableSchema:"/v1/mgmt/fga/mappable/schema",mappableResources:"/v1/mgmt/fga/mappable/resources"},L={create:"/v1/mgmt/descoper",update:"/v1/mgmt/descoper",get:"/v1/mgmt/descoper",delete:"/v1/mgmt/descoper",list:"/v1/mgmt/descoper/list"},M={create:"/v1/mgmt/managementkey",update:"/v1/mgmt/managementkey",load:"/v1/mgmt/managementkey",delete:"/v1/mgmt/managementkey/delete",search:"/v1/mgmt/managementkey/search"},E={get:"/v1/mgmt/license"},D={create:"/v1/mgmt/engine/create",update:"/v1/mgmt/engine/update",delete:"/v1/mgmt/engine/delete",load:"/v1/mgmt/engine/load",loadAll:"/v1/mgmt/engines/load",rotate:"/v1/mgmt/engine/rotate"},F={search:"/v1/mgmt/analytics/search"},q={create:"/v1/mgmt/list",update:"/v1/mgmt/list/update",delete:"/v1/mgmt/list/delete",load:"/v1/mgmt/list",loadByName:"/v1/mgmt/list/name",loadAll:"/v1/mgmt/list/all",import:"/v1/mgmt/list/import",addIPs:"/v1/mgmt/list/ip/add",removeIPs:"/v1/mgmt/list/ip/remove",checkIP:"/v1/mgmt/list/ip/check",addTexts:"/v1/mgmt/list/text/add",removeTexts:"/v1/mgmt/list/text/remove",checkText:"/v1/mgmt/list/text/check",clear:"/v1/mgmt/list/clear"},$={create:"/v1/mgmt/jwt/templates/create",update:"/v1/mgmt/jwt/templates/update",delete:"/v1/mgmt/jwt/templates/delete",list:"/v1/mgmt/jwt/templates/list",load:"/v1/mgmt/jwt/templates/load",validate:"/v1/mgmt/jwt/templates/validate",libraryList:"/v1/mgmt/jwt/templates/library/list",libraryLoad:"/v1/mgmt/jwt/templates/library/load",libraryApply:"/v1/mgmt/jwt/templates/library/apply"},K={get:"/v1/mgmt/scopeClaimMapping/get",set:"/v1/mgmt/scopeClaimMapping/set",delete:"/v1/mgmt/scopeClaimMapping/delete"};function W(t){return t.map((t=>{var{loginIdOrUserId:s,loginId:a,roles:o}=t,r=e(t,["loginIdOrUserId","loginId","roles"]);return Object.assign(Object.assign({},r),{loginId:null!=s?s:a,roleNames:o})}))}const z=e=>{function t(e,t){const s={loginId:e};return void 0!==t.email&&(s.email=t.email),void 0!==t.phone&&(s.phone=t.phone),void 0!==t.displayName&&(s.displayName=t.displayName),void 0!==t.givenName&&(s.givenName=t.givenName),void 0!==t.middleName&&(s.middleName=t.middleName),void 0!==t.familyName&&(s.familyName=t.familyName),void 0!==t.roles&&(s.roleNames=t.roles),void 0!==t.userTenants&&(s.userTenants=t.userTenants),void 0!==t.customAttributes&&(s.customAttributes=t.customAttributes),void 0!==t.picture&&(s.picture=t.picture),void 0!==t.verifiedEmail&&(s.verifiedEmail=t.verifiedEmail),void 0!==t.verifiedPhone&&(s.verifiedPhone=t.verifiedPhone),void 0!==t.ssoAppIds&&(s.ssoAppIds=t.ssoAppIds),void 0!==t.scim&&(s.scim=t.scim),void 0!==t.status&&(s.status=t.status),void 0!==t.additionalIdentifiers&&(s.additionalIdentifiers=t.additionalIdentifiers),s}return{create:function(t,a,o,r,i,n,d,l,p,m,c,u,g,v){const y="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:i,userTenants:n,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.post(h.create,y),(e=>e.user))},createTestUser:function(t,a,o,r,i,n,d,l,p,m,c,u,g,v){const y="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:i,userTenants:n,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v,test:!0}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0,test:!0});return s(e.post(h.createTestUser,y),(e=>e.user))},invite:function(t,a,o,r,i,n,d,l,p,m,c,u,g,v,y,b,f,I,k){const T="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:v,middleName:y,familyName:b,roleNames:i,userTenants:n,invite:!0,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,inviteUrl:c,sendMail:u,sendSMS:g,additionalLoginIds:f,templateId:I,locale:k}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0,invite:!0});return s(e.post(h.create,T),(e=>e.user))},inviteBatch:(t,a,o,r,i,n,d)=>s(e.post(h.createBatch,{users:W(t),invite:!0,inviteUrl:a,sendMail:o,sendSMS:r,templateOptions:i,templateId:n,locale:d}),(e=>e)),createBatch:t=>s(e.post(h.createBatch,{users:W(t)}),(e=>e)),deleteBatch:t=>s(e.post(h.deleteBatch,{userIds:t})),update:function(t,a,o,r,i,n,d,l,p,m,c,u,g,v){const y="string"==typeof a?{loginId:t,email:a,phone:o,displayName:r,givenName:c,middleName:u,familyName:g,roleNames:i,userTenants:n,customAttributes:d,picture:l,verifiedEmail:p,verifiedPhone:m,additionalLoginIds:v}:Object.assign(Object.assign({loginId:t},a),{roleNames:null==a?void 0:a.roles,roles:void 0});return s(e.post(h.update,y),(e=>e.user))},patch:function(a,o){const r=t(a,o);return s(e.patch(h.patch,r),(e=>e.user))},patchBatch:function(a){if(a.find((e=>!e.loginIdOrUserId&&!e.loginId)))return Promise.reject(new Error("patchBatch: each user must have loginIdOrUserId or loginId"));const o={users:a.map((e=>{var s;return t(null!==(s=e.loginIdOrUserId)&&void 0!==s?s:e.loginId,e)}))};return s(e.patch(h.patchBatch,o),(e=>e))},delete:t=>s(e.post(h.delete,{loginId:t})),deleteByUserId:t=>s(e.post(h.delete,{userId:t})),deleteAllTestUsers:()=>s(e.delete(h.deleteAllTestUsers)),load:t=>s(e.get(h.load,{queryParams:{loginId:t}}),(e=>e.user)),loadByUserId:t=>s(e.get(h.load,{queryParams:{userId:t}}),(e=>e.user)),logoutUser:t=>s(e.post(h.logout,{loginId:t})),logoutUserByUserId:t=>s(e.post(h.logout,{userId:t})),loadUsers:(t,a)=>s(e.post(h.loadUsers,{userIds:t,includeInvalidUsers:a}),(e=>e.users)),searchAll:(t,a,o,r,i,n,d,l,p,m)=>s(e.post(h.search,{tenantIds:t,roleNames:a,limit:o,page:r,testUsersOnly:i,withTestUser:n,customAttributes:d,statuses:l,emails:p,phones:m}),(e=>e.users)),searchTestUsers:t=>s(e.post(h.searchTestUsers,Object.assign(Object.assign({},t),{withTestUser:!0,testUsersOnly:!0,roleNames:t.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),search:t=>s(e.post(h.search,Object.assign(Object.assign({},t),{roleNames:t.roles,roles:void 0})),(e=>({users:e.users,total:e.total}))),getProviderToken:(t,a,o)=>s(e.get(h.getProviderToken,{queryParams:{loginId:t,provider:a,withRefreshToken:(null==o?void 0:o.withRefreshToken)?"true":"false",forceRefresh:(null==o?void 0:o.forceRefresh)?"true":"false"}}),(e=>e)),activate:t=>s(e.post(h.updateStatus,{loginId:t,status:"enabled"}),(e=>e.user)),deactivate:t=>s(e.post(h.updateStatus,{loginId:t,status:"disabled"}),(e=>e.user)),updateLoginId:(t,a)=>s(e.post(h.updateLoginId,{loginId:t,newLoginId:a}),(e=>e.user)),updateEmail:(t,a,o,r)=>s(e.post(h.updateEmail,{loginId:t,email:a,verified:o,failOnConflict:r}),(e=>e.user)),updatePhone:(t,a,o,r)=>s(e.post(h.updatePhone,{loginId:t,phone:a,verified:o,failOnConflict:r}),(e=>e.user)),updateDisplayName:(t,a,o,r,i)=>s(e.post(h.updateDisplayName,{loginId:t,displayName:a,givenName:o,middleName:r,familyName:i}),(e=>e.user)),updatePicture:(t,a)=>s(e.post(h.updatePicture,{loginId:t,picture:a}),(e=>e.user)),updateCustomAttribute:(t,a,o)=>s(e.post(h.updateCustomAttribute,{loginId:t,attributeKey:a,attributeValue:o}),(e=>e.user)),setRoles:(t,a)=>s(e.post(h.setRole,{loginId:t,roleNames:a}),(e=>e.user)),addRoles:(t,a)=>s(e.post(h.addRole,{loginId:t,roleNames:a}),(e=>e.user)),removeRoles:(t,a)=>s(e.post(h.removeRole,{loginId:t,roleNames:a}),(e=>e.user)),addTenant:(t,a)=>s(e.post(h.addTenant,{loginId:t,tenantId:a}),(e=>e.user)),removeTenant:(t,a)=>s(e.post(h.removeTenant,{loginId:t,tenantId:a}),(e=>e.user)),setTenantRoles:(t,a,o)=>s(e.post(h.setRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),addTenantRoles:(t,a,o)=>s(e.post(h.addRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),removeTenantRoles:(t,a,o)=>s(e.post(h.removeRole,{loginId:t,tenantId:a,roleNames:o}),(e=>e.user)),addSSOapps:(t,a)=>s(e.post(h.addSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),setSSOapps:(t,a)=>s(e.post(h.setSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),removeSSOapps:(t,a)=>s(e.post(h.removeSSOApps,{loginId:t,ssoAppIds:a}),(e=>e.user)),generateOTPForTestUser:(t,a,o)=>s(e.post(h.generateOTPForTest,{deliveryMethod:t,loginId:a,loginOptions:o}),(e=>e)),generateMagicLinkForTestUser:(t,a,o,r)=>s(e.post(h.generateMagicLinkForTest,{deliveryMethod:t,loginId:a,URI:o,loginOptions:r}),(e=>e)),generateEnchantedLinkForTestUser:(t,a,o)=>s(e.post(h.generateEnchantedLinkForTest,{loginId:t,URI:a,loginOptions:o}),(e=>e)),generateEmbeddedLink:(t,a,o)=>s(e.post(h.generateEmbeddedLink,{loginId:t,customClaims:a,timeout:o}),(e=>e)),generateSignUpEmbeddedLink:(t,a,o,r,i,n)=>s(e.post(h.generateSignUpEmbeddedLink,{loginId:t,user:a,emailVerified:o,phoneVerified:r,loginOptions:i,timeout:n}),(e=>e)),setTemporaryPassword:(t,a)=>s(e.post(h.setTemporaryPassword,{loginId:t,password:a}),(e=>e)),setActivePassword:(t,a)=>s(e.post(h.setActivePassword,{loginId:t,password:a}),(e=>e)),setPassword:(t,a)=>s(e.post(h.setPassword,{loginId:t,password:a}),(e=>e)),expirePassword:t=>s(e.post(h.expirePassword,{loginId:t}),(e=>e)),removeAllPasskeys:t=>s(e.post(h.removeAllPasskeys,{loginId:t}),(e=>e)),removeTOTPSeed:t=>s(e.post(h.removeTOTPSeed,{loginId:t}),(e=>e)),history:t=>s(e.post(h.history,t),(e=>e)),import:(t,a,o,r)=>s(e.post(h.import,{source:t,users:a,hashes:o,dryrun:null!=r&&r}),(e=>e)),updateRecoveryEmail:(t,a,o)=>s(e.post(h.updateRecoveryEmail,{loginId:t,recoveryEmail:a,verified:o}),(e=>e.user)),updateRecoveryPhone:(t,a,o)=>s(e.post(h.updateRecoveryPhone,{loginId:t,recoveryPhone:a,verified:o}),(e=>e.user)),updateUserNames:(t,a,o,r)=>s(e.post(h.updateName,{loginId:t,givenName:a,middleName:o,familyName:r}),(e=>e.user)),getCustomAttributes:()=>s(e.get(h.getCustomAttributes),(e=>e.data)),createCustomAttributes:t=>s(e.post(h.createCustomAttributes,{attributes:t}),(e=>e.data)),deleteCustomAttributes:t=>s(e.post(h.deleteCustomAttributes,{names:t}),(e=>e.data)),removePasskey:(t,a)=>s(e.post(h.removePasskey,{loginId:t,credentialId:a}),(e=>e)),listPasskeys:t=>s(e.post(h.listPasskeys,{loginId:t}),(e=>e.passkeys)),listTrustedDevices:t=>s(e.post(h.listTrustedDevices,{identifiers:t}),(e=>e.devices)),removeTrustedDevices:(t,a)=>s(e.post(h.removeTrustedDevices,{identifier:t,deviceIds:a}),(e=>e))}},J=e=>({create:(t,a,o,r,i,n,d)=>s(e.post(f.create,{name:t,selfProvisioningDomains:a,customAttributes:o,enforceSSO:r,disabled:i,parent:n,roleInheritance:d})),createWithId:(t,a,o,r,i,n,d,l)=>s(e.post(f.create,{id:t,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:i,disabled:n,parent:d,roleInheritance:l})),update:(t,a,o,r,i,n,d)=>s(e.post(f.update,{id:t,name:a,selfProvisioningDomains:o,customAttributes:r,enforceSSO:i,disabled:n,roleInheritance:d})),updateDefaultRoles:(t,a)=>s(e.post(f.updateDefaultRoles,{id:t,defaultRoles:a})),delete:(t,a)=>s(e.post(f.delete,{id:t,cascade:a})),load:t=>s(e.get(f.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s(e.get(f.loadAll,{}),(e=>e.tenants)),searchAll:(t,a,o,r,i)=>s(e.post(f.searchAll,{tenantIds:t,tenantNames:a,tenantSelfProvisioningDomains:o,customAttributes:r,parentTenantId:i}),(e=>e.tenants)),getSettings:t=>s(e.get(f.settings,{queryParams:{id:t}}),(e=>e)),configureSettings:(t,a)=>s(e.post(f.settings,Object.assign(Object.assign({},a),{tenantId:t}),{})),generateSSOConfigurationLink:(t,a,o,r,i,n)=>s(e.post(f.generateSSOConfigurationLink,{tenantId:t,expireTime:a,ssoId:o,email:r,templateId:i,actorId:n},{}),(e=>e)),revokeSSOConfigurationLink:(t,a)=>s(e.post(f.revokeSSOConfigurationLink,Object.assign({tenantId:t},a?{ssoId:a}:{}),{}))}),G=e=>({update:(t,a,o)=>s(e.post(S.update,{jwt:t,customClaims:a,refreshDuration:o})),impersonate:(t,a,o,r,i,n)=>s(e.post(S.impersonate,{impersonatorId:t,loginId:a,validateConsent:o,customClaims:r,selectedTenant:i,refreshDuration:n})),impersonateStepup:(t,a,o,r,i,n)=>s(e.post(S.impersonateStepup,{impersonatorId:t,loginId:a,validateConsent:o,customClaims:r,selectedTenant:i,refreshDuration:n})),stopImpersonation:(t,a,o,r)=>s(e.post(S.stopImpersonation,{jwt:t,customClaims:a,selectedTenant:o,refreshDuration:r})),signIn:(t,a)=>s(e.post(S.signIn,Object.assign({loginId:t},a))),signUp:(t,a,o)=>s(e.post(S.signUp,Object.assign({loginId:t,user:a},o))),signUpOrIn:(t,a,o)=>s(e.post(S.signUpOrIn,Object.assign({loginId:t,user:a},o))),anonymous:(t,a,o)=>s(e.post(S.anonymous,{customClaims:t,selectedTenant:a,refreshDuration:o})),generateClientAssertionJwt:(t,a,o,r,i,n)=>s(e.post(S.clientAssertion,{issuer:t,subject:a,audience:o,expiresIn:r,flattenAudience:i,algorithm:n}))}),H=e=>({create:(t,a)=>s(e.post(w.create,{name:t,description:a})),createBatch:t=>s(e.post(w.createBatch,{permissions:t})),update:(t,a,o)=>s(e.post(w.update,{name:t,newName:a,description:o})),updateWithId:(t,a,o)=>s(e.post(w.update,{id:t,newName:a,description:o})),updateBatch:t=>s(e.post(w.updateBatch,{permissions:t})),delete:t=>s(e.post(w.delete,{name:t})),deleteWithId:t=>s(e.post(w.delete,{id:t})),deleteBatch:(t,a)=>s(e.post(w.deleteBatch,{names:t,ids:a})),loadAll:()=>s(e.get(w.loadAll,{}),(e=>e.permissions))}),V=e=>({create:(t,a,o,r,i)=>s(e.post(R.create,{name:t,description:a,permissionNames:o,tenantId:r,default:i})),createBatch:t=>s(e.post(R.createBatch,{roles:t}),(e=>e.roles)),update:(t,a,o,r,i,n)=>s(e.post(R.update,{name:t,newName:a,description:o,permissionNames:r,tenantId:i,default:n})),updateWithId:(t,a,o,r,i,n)=>s(e.post(R.update,{id:t,newName:a,description:o,permissionNames:r,tenantId:i,default:n})),updateBatch:t=>s(e.post(R.updateBatch,{roles:t}),(e=>e.roles)),delete:(t,a)=>s(e.post(R.delete,{name:t,tenantId:a})),deleteWithId:(t,a)=>s(e.post(R.delete,{id:t,tenantId:a})),deleteBatch:(t,a,o)=>s(e.post(R.deleteBatch,{roleNames:t,tenantId:a,roleIds:o})),loadAll:()=>s(e.get(R.loadAll,{}),(e=>e.roles)),search:t=>s(e.post(R.search,t,{}),(e=>e.roles))}),Q=e=>({loadAllGroups:t=>s(e.post(U.loadAllGroups,{tenantId:t})),loadAllGroupsForMember:(t,a,o)=>s(e.post(U.loadAllGroupsForMember,{tenantId:t,loginIds:o,userIds:a})),loadAllGroupMembers:(t,a)=>s(e.post(U.loadAllGroupMembers,{tenantId:t,groupId:a}))});function _(e){var t,s;const a=e;return a.oidc&&(a.oidc=Object.assign(Object.assign({},a.oidc),{attributeMapping:a.oidc.userAttrMapping}),delete a.oidc.userAttrMapping),(null===(t=a.saml)||void 0===t?void 0:t.groupsMapping)&&(a.saml.groupsMapping=null===(s=a.saml)||void 0===s?void 0:s.groupsMapping.map((e=>{const t=e;return t.roleName=t.role.name,delete t.role,t}))),a}const X=e=>({getSettings:t=>s(e.get(O.settings,{queryParams:{tenantId:t}}),(e=>e)),newSettings:(t,a,o)=>s(e.post(O.settingsNew,Object.assign(Object.assign({tenantId:t},a?{ssoId:a}:{}),{displayName:o})),(e=>_(e))),deleteSettings:(t,a)=>s(e.delete(O.settings,{queryParams:Object.assign({tenantId:t},a?{ssoId:a}:{})})),configureSettings:(t,a,o,r,i,n)=>s(e.post(O.settings,{tenantId:t,idpURL:a,entityId:r,idpCert:o,redirectURL:i,domains:n})),configureMetadata:(t,a,o,r)=>s(e.post(O.metadata,{tenantId:t,idpMetadataURL:a,redirectURL:o,domains:r})),configureMapping:(t,a,o,r)=>s(e.post(O.mapping,{tenantId:t,roleMappings:a,attributeMapping:o,defaultSSORoles:r})),configureOIDCSettings:(t,a,o,r)=>{const i=Object.assign(Object.assign({},a),{userAttrMapping:a.attributeMapping});return delete i.attributeMapping,s(e.post(O.oidc.configure,Object.assign({tenantId:t,settings:i,domains:o},r?{ssoId:r}:{})))},configureSAMLSettings:(t,a,o,r,i)=>s(e.post(O.saml.configure,Object.assign({tenantId:t,settings:a,redirectUrl:o,domains:r},i?{ssoId:i}:{}))),configureSAMLByMetadata:(t,a,o,r,i)=>s(e.post(O.saml.metadata,Object.assign({tenantId:t,settings:a,redirectUrl:o,domains:r},i?{ssoId:i}:{}))),configureSSORedirectURL:(t,a,o,r)=>s(e.post(O.redirect,Object.assign(Object.assign(Object.assign({tenantId:t},void 0!==a?{samlRedirectUrl:a}:{}),void 0!==o?{oauthRedirectUrl:o}:{}),r?{ssoId:r}:{}))),recalculateSSOMappings:(t,a)=>s(e.post(O.recalculateMappings,Object.assign({tenantId:t},a?{ssoId:a}:{}))),loadSettings:(t,a)=>s(e.get(O.settingsv2,{queryParams:Object.assign({tenantId:t},a?{ssoId:a}:{})}),(e=>_(e))),loadAllSettings:t=>s(e.get(O.settingsAllV2,{queryParams:{tenantId:t}}),(e=>function(e){const t=e.SSOSettings,s=[];return t.forEach((e=>s.push(_(e)))),s}(e)))}),Y=e=>({create:(t,a,o,r,i,n,d,l,p)=>s(e.post(b.create,{name:t,expireTime:a,roleNames:o,keyTenants:r,userId:i,customClaims:n,description:d,permittedIps:l,customAttributes:p})),load:t=>s(e.get(b.load,{queryParams:{id:t}}),(e=>e.key)),searchAll:(t,a,o,r)=>s(e.post(b.search,{tenantIds:t,boundUserId:a,creatingUser:o,customAttributes:r}),(e=>e.keys)),update:(t,a,o,r,i,n,d,l)=>s(e.post(b.update,{id:t,name:a,description:o,roleNames:r,keyTenants:i,customClaims:n,permittedIps:d,customAttributes:l}),(e=>e.key)),deactivate:t=>s(e.post(b.deactivate,{id:t})),deactivateBatch:t=>s(e.post(b.deactivateBatch,{ids:t})),activate:t=>s(e.post(b.activate,{id:t})),activateBatch:t=>s(e.post(b.activateBatch,{ids:t})),delete:t=>s(e.post(b.delete,{id:t})),deleteBatch:t=>s(e.post(b.deleteBatch,{ids:t})),rotate:t=>s(e.post(b.rotate,{id:t}))}),Z=e=>({list:()=>s(e.post(P.list,{})),delete:t=>s(e.post(P.delete,{ids:t})),export:t=>s(e.post(P.export,{flowId:t})),import:(t,a,o)=>s(e.post(P.import,{flowId:t,flow:a,screens:o})),run:(t,a)=>s(e.post(P.run,{flowId:t,options:a}),(e=>null==e?void 0:e.output))}),ee=e=>({export:()=>s(e.post(N.export,{})),import:t=>s(e.post(N.import,{theme:t}))}),te=e=>null==e?void 0:e.audits.map((e=>{const t=Object.assign(Object.assign({},e),{occurred:parseFloat(e.occurred),loginIds:e.externalIds});return delete t.externalIds,t})),se=e=>({search:t=>{const a=Object.assign(Object.assign({},t),{externalIds:t.loginIds});return delete a.loginIds,s(e.post(x.search,a),te)},searchAll:t=>{const a=Object.assign(Object.assign({},t),{externalIds:t.loginIds});return delete a.loginIds,s(e.post(x.search,a),(e=>({audits:te(e),total:null==e?void 0:e.total})))},createEvent:t=>{const a=Object.assign({},t);return s(e.post(x.createEvent,a))},createAuditWebhook:t=>s(e.post(x.createAuditWebhook,t))}),ae=(e,t)=>{var a;const o=null!==(a=null==t?void 0:t.fgaCacheTimeoutMs)&&void 0!==a?a:3e4,r=Number.isFinite(o)&&o>0?o:3e4,i=async(s,a)=>{if((null==t?void 0:t.fgaCacheUrl)&&t.managementKey){const e=`${t.fgaCacheUrl}${s}`,o=new AbortController,i=setTimeout((()=>o.abort()),r);try{const s=await m(e,{method:"POST",headers:Object.assign(Object.assign({},t.headers),{"Content-Type":"application/json",Authorization:`Bearer ${t.projectId}:${t.managementKey}`,"x-descope-project-id":t.projectId}),body:JSON.stringify(a),signal:o.signal});if(s.ok){const e=await s.text();return s.text=()=>Promise.resolve(e),s.json=async()=>JSON.parse(e),s.clone=()=>s,s}}catch(e){}finally{clearTimeout(i)}}return e.post(s,a)};return{saveSchema:(t,a)=>s(e.post(C.schemaSave,{schema:t,upgrade:a})),deleteSchema:()=>s(e.post(C.schemaDelete,{})),loadSchema:()=>s(e.post(C.schemaLoad,{}),(e=>e.schema)),saveNamespace:(t,a,o)=>s(e.post(C.nsSave,{namespace:t,oldName:a,schemaName:o})),deleteNamespace:(t,a)=>s(e.post(C.nsDelete,{name:t,schemaName:a})),saveRelationDefinition:(t,a,o,r)=>s(e.post(C.rdSave,{relationDefinition:t,namespace:a,oldName:o,schemaName:r})),deleteRelationDefinition:(t,a,o)=>s(e.post(C.rdDelete,{name:t,namespace:a,schemaName:o})),createRelations:t=>s(e.post(C.reCreate,{relations:t})),deleteRelations:t=>s(e.post(C.reDelete,{relations:t})),deleteRelationsForResources:t=>s(e.post(C.reDeleteResources,{resources:t})),deleteResourceRelationsForResources:t=>s(e.post(C.reDeleteResourceRelationsForResources,{resources:t})),deleteRelationsForIds:t=>s(e.post(C.reDeleteResources,{resources:t})),hasRelations:t=>s(e.post(C.hasRelations,{relationQueries:t}),(e=>e.relationQueries)),whoCanAccess:(e,t,a)=>s(i(C.who,{resource:e,relationDefinition:t,namespace:a}),(e=>e.targets)),resourceRelations:(t,a=!1)=>s(e.post(C.resource,{resource:t,ignoreTargetSetRelations:a}),(e=>e.relations)),resourceRelationsWithTargetSetsFilter:(t,a=!0)=>s(e.post(C.resource,{resource:t,ignoreTargetSetRelations:!a}),(e=>e.relations)),targetsRelations:(t,a=!1)=>s(e.post(C.targets,{targets:t,includeTargetSetRelations:a}),(e=>e.relations)),targetsRelationsWithTargetSetsFilter:(t,a=!1)=>s(e.post(C.targets,{targets:t,includeTargetSetRelations:a}),(e=>e.relations)),whatCanTargetAccess:e=>s(i(C.targetAll,{target:e}),(e=>e.relations)),whatCanTargetAccessWithRelation:(t,a,o)=>s(e.post(C.targetWithRelation,{target:t,relationDefinition:a,namespace:o}),(e=>e.resources.map((e=>({resource:e}))))),getModified:t=>s(e.post(C.getModified,{since:t?t.getTime():0}),(e=>e))}},oe=e=>({createOidcApplication:t=>{var a;return s(e.post(I.oidcCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},createSamlApplication:t=>{var a;return s(e.post(I.samlCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},updateOidcApplication:t=>s(e.post(I.oidcUpdate,Object.assign({},t))),updateSamlApplication:t=>s(e.post(I.samlUpdate,Object.assign({},t))),createWsFedApplication:t=>{var a;return s(e.post(I.wsfedCreate,Object.assign(Object.assign({},t),{enabled:null===(a=t.enabled)||void 0===a||a})))},updateWsFedApplication:t=>s(e.post(I.wsfedUpdate,Object.assign({},t))),delete:t=>s(e.post(I.delete,{id:t})),load:t=>s(e.get(I.load,{queryParams:{id:t}}),(e=>e)),loadAll:()=>s(e.get(I.loadAll,{}),(e=>e.apps)),getApplicationSecret:t=>s(e.get(I.secret,{queryParams:{id:t}}),(e=>e)),rotateApplicationSecret:t=>s(e.post(I.rotate,{id:t}),(e=>e))}),re=e=>({getSettings:t=>s(e.get(j.settings,{queryParams:{tenantId:t}}),(e=>e)),configureSettings:(t,a)=>s(e.post(j.settings,Object.assign(Object.assign({},a),{tenantId:t})))}),ie=(e,t)=>{var a;const o=null!==(a=null==t?void 0:t.fgaCacheTimeoutMs)&&void 0!==a?a:3e4,r=Number.isFinite(o)&&o>0?o:3e4,i=async(s,a)=>{if((null==t?void 0:t.fgaCacheUrl)&&t.managementKey){const e=`${t.fgaCacheUrl}${s}`,o=new AbortController,i=setTimeout((()=>o.abort()),r);try{const s=await m(e,{method:"POST",headers:Object.assign(Object.assign({},t.headers),{"Content-Type":"application/json",Authorization:`Bearer ${t.projectId}:${t.managementKey}`,"x-descope-project-id":t.projectId}),body:JSON.stringify(a),signal:o.signal});if(s.ok){const e=await s.text();return s.text=()=>Promise.resolve(e),s.json=async()=>JSON.parse(e),s.clone=()=>s,s}}catch(e){}finally{clearTimeout(i)}}return e.post(s,a)};return{saveSchema:e=>s(i(B.schema,e)),loadSchema:()=>s(e.get(B.schema,{}),(e=>e)),dryRunSchema:t=>s(e.post(B.dryRunSchema,t),(e=>e)),deleteSchema:()=>s(e.post(C.schemaDelete,{})),createRelations:e=>s(i(B.relations,{tuples:e})),deleteRelations:e=>s(i(B.deleteRelations,{tuples:e})),check:e=>s(i(B.check,{tuples:e}),(e=>e.tuples)),checkWithContext:(e,t)=>s(i(B.check,Object.assign({tuples:e},t&&Object.keys(t).length>0?{context:t}:{})),(e=>e.tuples)),loadResourcesDetails:t=>s(e.post(B.resourcesLoad,{resourceIdentifiers:t}),(e=>e.resourcesDetails)),saveResourcesDetails:t=>s(e.post(B.resourcesSave,{resourcesDetails:t})),loadMappableSchema:(t,a)=>s(e.get(B.mappableSchema,{queryParams:Object.assign({tenantId:t},(null==a?void 0:a.resourcesLimit)&&a.resourcesLimit>0?{resourcesLimit:a.resourcesLimit.toString()}:{})}),(e=>e)),searchMappableResources:(t,a,o)=>s(e.post(B.mappableResources,Object.assign({tenantId:t,resourcesQueries:a},(null==o?void 0:o.resourcesLimit)&&o.resourcesLimit>0?{resourcesLimit:o.resourcesLimit.toString()}:{})),(e=>e.mappableResources)),deleteAllRelations:()=>s(e.delete(B.relations))}},ne=e=>({createApplication:t=>s(e.post(k.create,Object.assign({},t))),updateApplication:t=>s(e.post(k.update,Object.assign({},t))),patchApplication:t=>s(e.post(k.patch,Object.assign({},t))),deleteApplication:t=>s(e.post(k.delete,{id:t})),deleteApplicationBatch:t=>s(e.post(k.deleteBatch,{ids:t})),loadApplication:t=>s(e.get(k.load,{queryParams:{id:t}}),(e=>e)),loadAllApplications:()=>s(e.get(k.loadAll,{}),(e=>e.apps)),getApplicationSecret:t=>s(e.get(k.secret,{queryParams:{id:t}}),(e=>e)),rotateApplicationSecret:t=>s(e.post(k.rotate,{id:t})),searchConsents:t=>s(e.post(T.search,Object.assign({},t)),(e=>e.consents)),deleteConsents:t=>s(e.post(T.delete,Object.assign({},t))),deleteTenantConsents:t=>s(e.post(T.deleteTenant,Object.assign({},t)))}),de=e=>({createApplication:t=>s(e.post(A.create,Object.assign({},t)),(e=>e.app)),createApplicationByTemplate:t=>s(e.post(A.createByTemplate,Object.assign({},t)),(e=>e.app)),updateApplication:t=>s(e.post(A.update,{app:t}),(e=>e.app)),deleteApplication:t=>s(e.post(A.delete,{id:t})),loadApplication:t=>s(e.get(`${A.load}/${t}`),(e=>e.app)),loadAllApplications:()=>s(e.get(A.loadAll,{}),(e=>e.apps)),fetchTokenByScopes:(t,a,o,r,i)=>s(e.post(A.fetchTokenByScopes,{appId:t,userId:a,scopes:o,options:r,tenantId:i}),(e=>e.token)),fetchToken:(t,a,o,r)=>s(e.post(A.fetchToken,{appId:t,userId:a,tenantId:o,options:r}),(e=>e.token)),fetchTenantTokenByScopes:(t,a,o,r)=>s(e.post(A.fetchTenantTokenByScopes,{appId:t,tenantId:a,scopes:o,options:r}),(e=>e.token)),fetchTenantToken:(t,a,o)=>s(e.post(A.fetchTenantToken,{appId:t,tenantId:a,options:o}),(e=>e.token)),deleteUserTokens:(t,a)=>s(e.delete(A.deleteUserTokens,{queryParams:{appId:t,userId:a}})),deleteTokenById:t=>s(e.delete(A.deleteTokenById,{queryParams:{id:t}})),listAppsWithUserToken:(t,a)=>s(e.get(A.listAppsWithUserToken,{queryParams:Object.assign({userId:t},a?{tenantId:a}:{})}),(e=>e.appIds)),uploadUserApiKey:(t,a,o,r)=>s(e.post(A.uploadUserApiKey,{appId:t,userId:a,apiKey:o,tenantId:r})),uploadTenantApiKey:(t,a,o)=>s(e.post(A.uploadTenantApiKey,{appId:t,tenantId:a,apiKey:o})),uploadUserToken:t=>s(e.post(A.uploadUserToken,Object.assign({},t))),uploadTenantToken:t=>s(e.post(A.uploadTenantToken,Object.assign({},t))),batchUploadUserTokens:t=>s(e.post(A.batchUploadUserTokens,{tokens:t})),batchUploadTenantTokens:t=>s(e.post(A.batchUploadTenantTokens,{tokens:t}))}),le=e=>({create:t=>s(e.put(L.create,{descopers:t}),(e=>({descopers:e.descopers,total:e.total}))),update:(t,a,o)=>s(e.patch(L.update,{id:t,attributes:a,rbac:o}),(e=>e.descoper)),load:t=>s(e.get(L.get,{queryParams:{id:t}}),(e=>e.descoper)),delete:t=>s(e.delete(L.delete,{queryParams:{id:t}})),list:()=>s(e.post(L.list),(e=>({descopers:e.descopers,total:e.total})))}),pe=e=>({create:(t,a,o,r,i)=>s(e.put(M.create,{name:t,description:o,expiresIn:r,permittedIps:i,reBac:a})),update:(t,a,o,r,i)=>s(e.patch(M.update,{id:t,name:a,description:o,permittedIps:i,status:r}),(e=>e.key)),delete:t=>s(e.post(M.delete,{ids:t})),load:t=>s(e.get(M.load,{queryParams:{id:t}}),(e=>e.key)),search:()=>s(e.get(M.search),(e=>e.keys))}),me=e=>({create:t=>s(e.post(D.create,{name:t}),(e=>e.engine)),update:(t,a)=>s(e.post(D.update,{id:t,name:a}),(e=>e.engine)),delete:t=>s(e.post(D.delete,{id:t})),load:t=>s(e.get(D.load,{queryParams:{id:t}}),(e=>e.engine)),loadAll:()=>s(e.get(D.loadAll,{}),(e=>e.engines)),rotateSecret:t=>s(e.post(D.rotate,{id:t}),(e=>e))}),ce=e=>({create:t=>s(e.post(q.create,t),(e=>e.list)),update:(t,a)=>s(e.post(q.update,Object.assign({id:t},a)),(e=>e.list)),delete:t=>s(e.post(q.delete,{id:t})),load:t=>s(e.get(`${q.load}/${encodeURIComponent(t)}`),(e=>e.list)),loadByName:t=>s(e.get(`${q.loadByName}/${encodeURIComponent(t)}`),(e=>e.list)),loadAll:()=>s(e.get(q.loadAll),(e=>e.lists)),import:t=>s(e.post(q.import,{lists:t})),addIPs:(t,a)=>s(e.post(q.addIPs,{id:t,ips:a})),removeIPs:(t,a)=>s(e.post(q.removeIPs,{id:t,ips:a})),checkIP:(t,a)=>s(e.post(q.checkIP,{id:t,ip:a}),(e=>e.exists)),addTexts:(t,a)=>s(e.post(q.addTexts,{id:t,texts:a})),removeTexts:(t,a)=>s(e.post(q.removeTexts,{id:t,texts:a})),checkText:(t,a)=>s(e.post(q.checkText,{id:t,text:a}),(e=>e.exists)),clear:t=>s(e.post(q.clear,{id:t}))}),ue=e=>({create:t=>s(e.post($.create,{template:t}),(e=>e.template)),update:t=>s(e.post($.update,{template:t}),(e=>e.template)),delete:t=>s(e.post($.delete,{id:t})),list:()=>s(e.post($.list,{}),(e=>e.templates)),load:t=>s(e.post($.load,{id:t}),(e=>e.template)),validate:(t,a)=>s(e.post($.validate,{id:t,template:a})),listLibrary:()=>s(e.post($.libraryList,{}),(e=>e.entries)),loadLibraryEntry:t=>s(e.post($.libraryLoad,{id:t}),(e=>e.entry)),applyFromLibrary:t=>s(e.post($.libraryApply,t),(e=>e.template))}),ge=e=>({get:()=>s(e.post(K.get,{}),(e=>e.mappings)),set:t=>s(e.post(K.set,{mappings:t})),delete:()=>s(e.post(K.delete,{}))}),ve=e=>({search:t=>s(e.post(F.search,t),(e=>e.analytics))});const he=d=>{var l,p,h,{authManagementKey:b,managementKey:f,publicKey:I,fgaCacheUrl:k}=d,T=e(d,["authManagementKey","managementKey","publicKey","fgaCacheUrl"]);const A={"x-descope-sdk-name":"nodejs","x-descope-sdk-node-version":(null===(l=null===process||void 0===process?void 0:process.versions)||void 0===l?void 0:l.node)||"","x-descope-sdk-version":"0.0.0-next-629609e5-20260711"},O=Object.assign(Object.assign({fetch:m},T),{baseHeaders:Object.assign(Object.assign({},T.baseHeaders),A),hooks:Object.assign(Object.assign({},T.hooks),{beforeRequest:[e=>(b&&(e.token=e.token?`${e.token}:${b}`:b),e)].concat((null===(p=T.hooks)||void 0===p?void 0:p.beforeRequest)||[])})}),S=t(O),{projectId:j,logger:w}=T,R={};let P;const N=Object.assign(Object.assign({fetch:m},T),{baseConfig:{baseHeaders:Object.assign(Object.assign({},T.baseHeaders),A)},hooks:Object.assign(Object.assign({},T.hooks),{beforeRequest:[e=>(e.token=f,P&&(e.headers=Object.assign(Object.assign({},e.headers),{"x-descope-license":P})),e)].concat((null===(h=T.hooks)||void 0===h?void 0:h.beforeRequest)||[])})}),U=a(N),x=(B={fgaCacheUrl:k,managementKey:f,projectId:j,headers:A},{user:z(C=U),project:(L=C,{updateName:e=>s(L.post(y.updateName,{name:e})),updateTags:e=>s(L.post(y.updateTags,{tags:e})),delete:()=>s(L.post(y.delete,{})),clone:(e,t,a)=>s(L.post(y.clone,{name:e,environment:t,tags:a})),listProjects:async()=>s(L.post(y.projectsList,{}),(e=>e.projects.map((({id:e,name:t,environment:s,tags:a})=>({id:e,name:t,environment:s,tags:a}))))),exportSnapshot:()=>s(L.post(y.exportSnapshot,{})),importSnapshot:e=>s(L.post(y.importSnapshot,e)),validateSnapshot:e=>s(L.post(y.validateSnapshot,e)),export:()=>s(L.post(y.exportSnapshot,{}),(e=>e.files)),import:e=>s(L.post(y.importSnapshot,{files:e}))}),accessKey:Y(C),tenant:J(C),ssoApplication:oe(C),inboundApplication:ne(C),outboundApplication:de(C),sso:X(C),jwt:G(C),permission:H(C),password:re(C),role:V(C),group:Q(C),flow:Z(C),theme:ee(C),audit:se(C),authz:ae(C,B),fga:ie(C,B),descoper:le(C),managementKey:pe(C),engine:me(C),list:ce(C),jwtTemplate:ue(C),scopeClaimMapping:ge(C),analytics:ve(C)});var C,B,L;f&&(e=>({get:()=>s(e.get(E.get))}))(U).get().then((e=>{var t;e.ok&&(null===(t=e.data)||void 0===t?void 0:t.rateLimitTier)&&(P=e.data.rateLimitTier)})).catch((e=>{var t;null===(t=null==w?void 0:w.warn)||void 0===t||t.call(w,"License handshake failed",e)}));const M=Object.assign(Object.assign({},S),{refresh:async(e,t)=>S.refresh(e,void 0,t),management:x,async getKey(e){if(!(null==e?void 0:e.kid))throw Error("header.kid must not be empty");if(R[e.kid])return R[e.kid];if(Object.assign(R,await(async()=>{if(I)try{const e=JSON.parse(I),t=await n(e);return{[e.kid]:t}}catch(e){throw null==w||w.error("Failed to parse the provided public key",e),new Error(`Failed to parse public key. Error: ${e}`)}const e=(await S.httpClient.get(`v2/keys/${j}`).then((e=>e.json()))).keys;return Array.isArray(e)?(await Promise.all(e.map((async e=>[e.kid,await n(e)])))).reduce(((e,[t,s])=>t?Object.assign(Object.assign({},e),{[t.toString()]:s}):e),{}):{}})()),!R[e.kid])throw Error("failed to fetch matching key");return R[e.kid]},async validateJwt(e,t){const s={clockTolerance:5};(null==t?void 0:t.audience)&&(s.audience=t.audience);const a=(await r(e,M.getKey,s)).payload;if(a){const e=a.iss;if(!function(e,t){if(e===t)return!0;if(!e||!t)return!1;const s=e=>e[e.length-1]===t||e[e.length-2]===t;try{const{pathname:t}=new URL(e);return s(t.split("/").filter((e=>e.length>0)))}catch(t){return s(e.split("/").filter((e=>e.length>0)))}}("string"==typeof e?e:void 0,j))throw new i.JWTClaimValidationFailed('unexpected "iss" claim value',"iss","check_failed");a.iss=j}return{jwt:e,token:a}},async validateSession(e,t){if(!e)throw Error("session token is required for validation");try{return await M.validateJwt(e,t)}catch(e){throw null==w||w.error("session validation failed",e),Error(`session validation failed. Error: ${e}`)}},async refreshSession(e,t){var s,a,o,r,i,n;if(!e)throw Error("refresh token is required to refresh a session");try{await M.validateJwt(e);const d=await M.refresh(e);if(d.ok){const e=c(null===(a=null===(s=d.data)||void 0===s?void 0:s.cookies)||void 0===a?void 0:a.join(";"),"DS")||(null===(o=d.data)||void 0===o?void 0:o.sessionJwt),n=await M.validateJwt(e,t);return n.cookies=(null===(r=d.data)||void 0===r?void 0:r.cookies)||[],(null===(i=d.data)||void 0===i?void 0:i.refreshJwt)&&(n.refreshJwt=d.data.refreshJwt),n}throw Error(null===(n=d.error)||void 0===n?void 0:n.errorMessage)}catch(e){throw null==w||w.error("refresh token validation failed",e),Error(`refresh token validation failed, Error: ${e}`)}},async validateAndRefreshSession(e,t,s){if(!e&&!t)throw Error("both session and refresh tokens are empty");try{return await M.validateSession(e,s)}catch(e){null==w||w.log(`session validation failed with error ${e} - trying to refresh it`)}return M.refreshSession(t,s)},async exchangeAccessKey(e,t,s){var a;if(!e)throw Error("access key must not be empty");let o;try{o=await M.accessKey.exchange(e,t)}catch(e){throw null==w||w.error("failed to exchange access key",e),Error(`could not exchange access key - Failed to exchange. Error: ${e}`)}if(!o.ok)throw null==w||w.error("failed to exchange access key",o.error),Error(`could not exchange access key - ${null===(a=o.error)||void 0===a?void 0:a.errorMessage}`);const{sessionJwt:r}=o.data;if(!r)throw null==w||w.error("failed to parse exchange access key response"),Error("could not exchange access key");try{return await M.validateJwt(r,s)}catch(e){throw null==w||w.error("failed to parse jwt from access key",e),Error(`could not exchange access key - failed to validate jwt. Error: ${e}`)}},validatePermissions:(e,t)=>M.validateTenantPermissions(e,"",t),getMatchedPermissions:(e,t)=>M.getMatchedTenantPermissions(e,"",t),validateTenantPermissions(e,t,s){if(t&&!v(e,t))return!1;const a=g(e,"permissions",t);return s.every((e=>a.includes(e)))},getMatchedTenantPermissions(e,t,s){if(t&&!v(e,t))return[];const a=g(e,"permissions",t);return s.filter((e=>a.includes(e)))},validateRoles:(e,t)=>M.validateTenantRoles(e,"",t),getMatchedRoles:(e,t)=>M.getMatchedTenantRoles(e,"",t),validateTenantRoles(e,t,s){if(t&&!v(e,t))return!1;const a=g(e,"roles",t);return s.every((e=>a.includes(e)))},getMatchedTenantRoles(e,t,s){if(t&&!v(e,t))return[];const a=g(e,"roles",t);return s.filter((e=>a.includes(e)))}});return o(M,["otp.verify.email","otp.verify.sms","otp.verify.voice","otp.verify.whatsapp","otp.verify.im","notp.waitForSession","magicLink.verify","enchantedLink.signUp","enchantedLink.signIn","enchantedLink.waitForSession","oauth.exchangeOneTapIDToken","password.signIn","password.signUp","password.replace","oauth.exchange","saml.exchange","totp.verify","selectTenant","webauthn.signIn.finish","webauthn.signUp.finish","refresh"],u)};he.RefreshTokenCookieName="DSR",he.SessionTokenCookieName="DS",he.DescopeErrors={badRequest:"E011001",missingArguments:"E011002",invalidRequest:"E011003",invalidArguments:"E011004",wrongOTPCode:"E061102",tooManyOTPAttempts:"E061103",enchantedLinkPending:"E062503",userNotFound:"E062108"};export{he as default};
2
2
  //# sourceMappingURL=index.esm.js.map
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@descope/node-sdk",
3
- "version": "0.0.0-next-a2202e1e-20260708",
3
+ "version": "0.0.0-next-629609e5-20260711",
4
4
  "description": "Node.js library used to integrate with Descope",
5
5
  "typings": "./dist/index.d.ts",
6
6
  "main": "dist/cjs/index.cjs.js",