@dfns/sdk 0.7.12-rc.1 → 0.7.12

package/dfnsError.d.ts

@@ -1,8 +1,8 @@
 export declare class DfnsError extends Error {
     httpStatus: number;
-    context?: unknown;
+    context?: unknown | undefined;
     name: string;
-    constructor(httpStatus: number, message: string, context?: unknown);
+    constructor(httpStatus: number, message: string, context?: unknown | undefined);
     toString(): string;
 }
 export declare class PolicyPendingError extends DfnsError {

package/generated/auth/client.d.ts

@@ -69,8 +69,6 @@ export declare class AuthClient {
     sendLoginCode(request: T.SendLoginCodeRequest): Promise<T.SendLoginCodeResponse>;
     sendRecoveryCode(request: T.SendRecoveryCodeRequest): Promise<T.SendRecoveryCodeResponse>;
     socialLogin(request: T.SocialLoginRequest): Promise<T.SocialLoginResponse>;
-    sSOLogin(request: T.SSOLoginRequest): Promise<T.SSOLoginResponse>;
     updatePersonalAccessToken(request: T.UpdatePersonalAccessTokenRequest): Promise<T.UpdatePersonalAccessTokenResponse>;
     updateServiceAccount(request: T.UpdateServiceAccountRequest): Promise<T.UpdateServiceAccountResponse>;
-    updateUser(request: T.UpdateUserRequest): Promise<T.UpdateUserResponse>;
 }

package/generated/auth/client.js

@@ -610,18 +610,6 @@ class AuthClient {
         });
         return response.json();
     }
-    async sSOLogin(request) {
-        const path = (0, url_1.buildPathAndQuery)('/auth/login/sso', {
-            path: request ?? {},
-            query: {},
-        });
-        const response = await (0, fetch_1.simpleFetch)(path, {
-            method: 'POST',
-            body: request.body,
-            apiOptions: this.apiOptions,
-        });
-        return response.json();
-    }
     async updatePersonalAccessToken(request) {
         const path = (0, url_1.buildPathAndQuery)('/auth/pats/:tokenId', {
             path: request ?? {},
@@ -646,17 +634,5 @@ class AuthClient {
         });
         return response.json();
     }
-    async updateUser(request) {
-        const path = (0, url_1.buildPathAndQuery)('/auth/users/:userId', {
-            path: request ?? {},
-            query: {},
-        });
-        const response = await (0, userActionFetch_1.userActionFetch)(path, {
-            method: 'PUT',
-            body: request.body,
-            apiOptions: this.apiOptions,
-        });
-        return response.json();
-    }
 }
 exports.AuthClient = AuthClient;

package/generated/auth/delegatedClient.d.ts

@@ -81,11 +81,8 @@ export declare class DelegatedAuthClient {
     sendLoginCode(request: T.SendLoginCodeRequest): Promise<T.SendLoginCodeResponse>;
     sendRecoveryCode(request: T.SendRecoveryCodeRequest): Promise<T.SendRecoveryCodeResponse>;
     socialLogin(request: T.SocialLoginRequest): Promise<T.SocialLoginResponse>;
-    sSOLogin(request: T.SSOLoginRequest): Promise<T.SSOLoginResponse>;
     updatePersonalAccessTokenInit(request: T.UpdatePersonalAccessTokenRequest): Promise<UserActionChallengeResponse>;
     updatePersonalAccessTokenComplete(request: T.UpdatePersonalAccessTokenRequest, signedChallenge: SignUserActionChallengeRequest): Promise<T.UpdatePersonalAccessTokenResponse>;
     updateServiceAccountInit(request: T.UpdateServiceAccountRequest): Promise<UserActionChallengeResponse>;
     updateServiceAccountComplete(request: T.UpdateServiceAccountRequest, signedChallenge: SignUserActionChallengeRequest): Promise<T.UpdateServiceAccountResponse>;
-    updateUserInit(request: T.UpdateUserRequest): Promise<UserActionChallengeResponse>;
-    updateUserComplete(request: T.UpdateUserRequest, signedChallenge: SignUserActionChallengeRequest): Promise<T.UpdateUserResponse>;
 }

package/generated/auth/delegatedClient.js

@@ -878,18 +878,6 @@ class DelegatedAuthClient {
         });
         return response.json();
     }
-    async sSOLogin(request) {
-        const path = (0, url_1.buildPathAndQuery)('/auth/login/sso', {
-            path: request ?? {},
-            query: {},
-        });
-        const response = await (0, fetch_1.simpleFetch)(path, {
-            method: 'POST',
-            body: request.body,
-            apiOptions: this.apiOptions,
-        });
-        return response.json();
-    }
     async updatePersonalAccessTokenInit(request) {
         const path = (0, url_1.buildPathAndQuery)('/auth/pats/:tokenId', {
             path: request ?? {},
@@ -944,32 +932,5 @@ class DelegatedAuthClient {
         });
         return response.json();
     }
-    async updateUserInit(request) {
-        const path = (0, url_1.buildPathAndQuery)('/auth/users/:userId', {
-            path: request ?? {},
-            query: {},
-        });
-        const challenge = await baseAuthApi_1.BaseAuthApi.createUserActionChallenge({
-            userActionHttpMethod: 'PUT',
-            userActionHttpPath: path,
-            userActionPayload: JSON.stringify(request.body),
-            userActionServerKind: 'Api',
-        }, this.apiOptions);
-        return challenge;
-    }
-    async updateUserComplete(request, signedChallenge) {
-        const path = (0, url_1.buildPathAndQuery)('/auth/users/:userId', {
-            path: request ?? {},
-            query: {},
-        });
-        const { userAction } = await baseAuthApi_1.BaseAuthApi.signUserActionChallenge(signedChallenge, this.apiOptions);
-        const response = await (0, fetch_1.simpleFetch)(path, {
-            method: 'PUT',
-            body: request.body,
-            headers: { 'x-dfns-useraction': userAction },
-            apiOptions: this.apiOptions,
-        });
-        return response.json();
-    }
 }
 exports.DelegatedAuthClient = DelegatedAuthClient;

package/generated/auth/types.d.ts

@@ -87,7 +87,6 @@ export type ActivateUserResponse = {
     isActive: boolean;
     isServiceAccount: boolean;
     isRegistered: boolean;
-    isSSORequired: boolean;
     permissionAssignments: {
         permissionName: string;
         permissionId: string;
@@ -176,7 +175,6 @@ export type ArchiveUserResponse = {
     isActive: boolean;
     isServiceAccount: boolean;
     isRegistered: boolean;
-    isSSORequired: boolean;
     permissionAssignments: {
         permissionName: string;
         permissionId: string;
@@ -214,27 +212,27 @@ export type CreateCredentialBody = {
     credentialName: string;
     challengeIdentifier: string;
 } | {
-    credentialKind: "Password";
+    credentialKind: "RecoveryKey";
     credentialInfo: {
-        password: string;
+        credId: string;
+        clientData: string;
+        attestationData: string;
     };
+    encryptedPrivateKey?: string | undefined;
     credentialName: string;
     challengeIdentifier: string;
 } | {
-    credentialKind: "Totp";
+    credentialKind: "Password";
     credentialInfo: {
-        otpCode: string;
+        password: string;
     };
     credentialName: string;
     challengeIdentifier: string;
 } | {
-    credentialKind: "RecoveryKey";
+    credentialKind: "Totp";
     credentialInfo: {
-        credId: string;
-        clientData: string;
-        attestationData: string;
+        otpCode: string;
     };
-    encryptedPrivateKey?: string | undefined;
     credentialName: string;
     challengeIdentifier: string;
 };
@@ -256,35 +254,6 @@ export type CreateCredentialChallengeBody = {
     kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
 };
 export type CreateCredentialChallengeResponse = {
-    kind: "Password";
-    user: {
-        id: string;
-        displayName: string;
-        name: string;
-    };
-    challengeIdentifier: string;
-    rp?: {
-        id: string;
-        name: string;
-    } | undefined;
-    /** @deprecated use challengeIdentifier instead */
-    temporaryAuthenticationToken: string;
-} | {
-    kind: "Totp";
-    user: {
-        id: string;
-        displayName: string;
-        name: string;
-    };
-    challengeIdentifier: string;
-    rp?: {
-        id: string;
-        name: string;
-    } | undefined;
-    otpUrl: string;
-    /** @deprecated use challengeIdentifier instead */
-    temporaryAuthenticationToken: string;
-} | {
     kind: "Fido2";
     user: {
         id: string;
@@ -374,15 +343,7 @@ export type CreateCredentialChallengeResponse = {
     }[];
     /** @deprecated use challengeIdentifier instead */
     temporaryAuthenticationToken: string;
-};
-export type CreateCredentialChallengeRequest = {
-    body: CreateCredentialChallengeBody;
-};
-export type CreateCredentialChallengeWithCodeBody = {
-    credentialKind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
-    code: string;
-};
-export type CreateCredentialChallengeWithCodeResponse = {
+} | {
     kind: "Password";
     user: {
         id: string;
@@ -411,7 +372,15 @@ export type CreateCredentialChallengeWithCodeResponse = {
     otpUrl: string;
     /** @deprecated use challengeIdentifier instead */
     temporaryAuthenticationToken: string;
-} | {
+};
+export type CreateCredentialChallengeRequest = {
+    body: CreateCredentialChallengeBody;
+};
+export type CreateCredentialChallengeWithCodeBody = {
+    credentialKind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
+    code: string;
+};
+export type CreateCredentialChallengeWithCodeResponse = {
     kind: "Fido2";
     user: {
         id: string;
@@ -501,6 +470,35 @@ export type CreateCredentialChallengeWithCodeResponse = {
     }[];
     /** @deprecated use challengeIdentifier instead */
     temporaryAuthenticationToken: string;
+} | {
+    kind: "Password";
+    user: {
+        id: string;
+        displayName: string;
+        name: string;
+    };
+    challengeIdentifier: string;
+    rp?: {
+        id: string;
+        name: string;
+    } | undefined;
+    /** @deprecated use challengeIdentifier instead */
+    temporaryAuthenticationToken: string;
+} | {
+    kind: "Totp";
+    user: {
+        id: string;
+        displayName: string;
+        name: string;
+    };
+    challengeIdentifier: string;
+    rp?: {
+        id: string;
+        name: string;
+    } | undefined;
+    otpUrl: string;
+    /** @deprecated use challengeIdentifier instead */
+    temporaryAuthenticationToken: string;
 };
 export type CreateCredentialChallengeWithCodeRequest = {
     body: CreateCredentialChallengeWithCodeBody;
@@ -545,27 +543,27 @@ export type CreateCredentialWithCodeBody = {
     credentialName: string;
     challengeIdentifier: string;
 } | {
-    credentialKind: "Password";
+    credentialKind: "RecoveryKey";
     credentialInfo: {
-        password: string;
+        credId: string;
+        clientData: string;
+        attestationData: string;
     };
+    encryptedPrivateKey?: string | undefined;
     credentialName: string;
     challengeIdentifier: string;
 } | {
-    credentialKind: "Totp";
+    credentialKind: "Password";
     credentialInfo: {
-        otpCode: string;
+        password: string;
     };
     credentialName: string;
     challengeIdentifier: string;
 } | {
-    credentialKind: "RecoveryKey";
+    credentialKind: "Totp";
     credentialInfo: {
-        credId: string;
-        clientData: string;
-        attestationData: string;
+        otpCode: string;
     };
-    encryptedPrivateKey?: string | undefined;
     credentialName: string;
     challengeIdentifier: string;
 };
@@ -915,12 +913,14 @@ export type CreateSocialRegistrationChallengeRequest = {
     body: CreateSocialRegistrationChallengeBody;
 };
 export type CreateUserBody = {
+    /** The email address of the new user. */
     email: string;
+    /** The kind of user being created.
+          In this endpoint it can only be "`CustomerEmployee`" (creating an "`EndUser`" is done through the [Delegated Registration](https://docs.dfns.co/api-reference/auth/registration-flows#delegated-users-registration-flow) endpoint) */
     kind: "CustomerEmployee" | "DfnsStaff";
     publicKey?: string | undefined;
+    /** Value that can be used to correlate the entity with an external system. */
     externalId?: string | undefined;
-    /** If set to true, the user will have to authenticate via SSO */
-    isSSORequired?: boolean;
 };
 export type CreateUserResponse = {
     username: string;
@@ -933,7 +933,6 @@ export type CreateUserResponse = {
     isActive: boolean;
     isServiceAccount: boolean;
     isRegistered: boolean;
-    isSSORequired: boolean;
     permissionAssignments: {
         permissionName: string;
         permissionId: string;
@@ -985,7 +984,9 @@ export type CreateUserActionChallengeRequest = {
     body: CreateUserActionChallengeBody;
 };
 export type CreateUserActionSignatureBody = {
+    /** Temporary authentication token returned by the [Create User Action Signature Challenge](https://docs.dfns.co/api-reference/auth/create-user-action-challenge) */
     challengeIdentifier: string;
+    /** First factor credential used to sign the user action */
     firstFactor: {
         kind: "Fido2";
         credentialAssertion: {
@@ -1016,6 +1017,7 @@ export type CreateUserActionSignatureBody = {
             algorithm?: string | undefined;
         };
     };
+    /** Second factor credential used to authenticate a user */
     secondFactor?: ({
         kind: "Fido2";
         credentialAssertion: {
@@ -1142,7 +1144,6 @@ export type DeactivateUserResponse = {
     isActive: boolean;
     isServiceAccount: boolean;
     isRegistered: boolean;
-    isSSORequired: boolean;
     permissionAssignments: {
         permissionName: string;
         permissionId: string;
@@ -1300,7 +1301,6 @@ export type GetUserResponse = {
     isActive: boolean;
     isServiceAccount: boolean;
     isRegistered: boolean;
-    isSSORequired: boolean;
     permissionAssignments: {
         permissionName: string;
         permissionId: string;
@@ -1446,7 +1446,6 @@ export type ListUsersResponse = {
         isActive: boolean;
         isServiceAccount: boolean;
         isRegistered: boolean;
-        isSSORequired: boolean;
         permissionAssignments: {
             permissionName: string;
             permissionId: string;
@@ -1460,7 +1459,9 @@ export type ListUsersRequest = {
     query?: ListUsersQuery;
 };
 export type LoginBody = {
+    /** Temporary authentication token returned by the [Create User Action Signature Challenge](https://docs.dfns.co/api-reference/auth/create-user-action-challenge) */
     challengeIdentifier: string;
+    /** First factor credential used to sign the user action */
     firstFactor: {
         kind: "Fido2";
         credentialAssertion: {
@@ -1491,6 +1492,7 @@ export type LoginBody = {
             algorithm?: string | undefined;
         };
     };
+    /** Second factor credential used to authenticate a user */
     secondFactor?: ({
         kind: "Fido2";
         credentialAssertion: {
@@ -1524,8 +1526,6 @@ export type LoginBody = {
 };
 export type LoginResponse = {
     token: string;
-} | {
-    ssoRedirectUrl: string;
 };
 export type LoginRequest = {
     body: LoginBody;
@@ -1614,6 +1614,7 @@ export type RecoverBody = {
             encryptedPrivateKey: string;
             credentialName?: string | undefined;
         }) | undefined;
+        /** Register a recovery key. See [Account Recovery](https://docs.dfns.co/api-reference/auth/account-recovery) for more details. */
         recoveryCredential?: {
             credentialKind: "RecoveryKey";
             credentialInfo: {
@@ -1706,6 +1707,7 @@ export type RegisterBody = {
         encryptedPrivateKey: string;
         credentialName?: string | undefined;
     }) | undefined;
+    /** Register a recovery key. See [Account Recovery](https://docs.dfns.co/api-reference/auth/account-recovery) for more details. */
     recoveryCredential?: {
         credentialKind: "RecoveryKey";
         credentialInfo: {
@@ -1797,6 +1799,7 @@ export type RegisterEndUserBody = {
         encryptedPrivateKey: string;
         credentialName?: string | undefined;
     }) | undefined;
+    /** Register a recovery key. See [Account Recovery](https://docs.dfns.co/api-reference/auth/account-recovery) for more details. */
     recoveryCredential?: {
         credentialKind: "RecoveryKey";
         credentialInfo: {
@@ -1891,19 +1894,6 @@ export type SocialLoginResponse = {
 export type SocialLoginRequest = {
     body: SocialLoginBody;
 };
-export type SSOLoginBody = {
-    orgId: string;
-    /** Authorization code obtained from the IdP */
-    code: string;
-    /** Redirect URI used in the initial authorization request */
-    redirectUri: string;
-};
-export type SSOLoginResponse = {
-    token: string;
-};
-export type SSOLoginRequest = {
-    body: SSOLoginBody;
-};
 export type UpdatePersonalAccessTokenBody = {
     name?: string | undefined;
     externalId?: string | undefined;
@@ -1982,31 +1972,3 @@ export type UpdateServiceAccountResponse = {
 export type UpdateServiceAccountRequest = UpdateServiceAccountParams & {
     body: UpdateServiceAccountBody;
 };
-export type UpdateUserBody = {
-    isSSORequired: boolean;
-};
-export type UpdateUserParams = {
-    userId: string;
-};
-export type UpdateUserResponse = {
-    username: string;
-    name: string;
-    userId: string;
-    kind: "CustomerEmployee" | "DfnsStaff" | "EndUser";
-    credentialUuid: string;
-    orgId: string;
-    permissions?: string[] | undefined;
-    isActive: boolean;
-    isServiceAccount: boolean;
-    isRegistered: boolean;
-    isSSORequired: boolean;
-    permissionAssignments: {
-        permissionName: string;
-        permissionId: string;
-        assignmentId: string;
-        operations?: string[] | undefined;
-    }[];
-};
-export type UpdateUserRequest = UpdateUserParams & {
-    body: UpdateUserBody;
-};