@frontegg/rest-api 3.1.29 → 3.1.30

package/ContextHolder/index.d.ts

@@ -1,4 +1,4 @@
-import { ContextOptions, RedirectOptions, RequestSource } from '../interfaces';
+import { SessionContext, ContextOptions, RedirectOptions, RequestSource } from '../interfaces';
 import { IUserProfile } from "../users/interfaces";
 /**
  * Entitlements config from frontegg provider
@@ -16,6 +16,7 @@ export declare class ContextHolder {
     private logout;
     private entitlementsOptions;
     private appName;
+    private sessionContext?;
     private constructor();
     static getInstance(): ContextHolder;
     static setContext(context: ContextOptions): void;
@@ -29,6 +30,10 @@ export declare class ContextHolder {
      * @param entitlementsOptions frontegg options entitlements config
      */
     static setEntitlementsOptions(entitlementsOptions: EntitlementsOptions): void;
+    /**
+     * @param sessionContext frontegg options SessionContext config
+     */
+    static setSessionContext(sessionContext: SessionContext): void;
     /**
      * @param appName for feature flags e.g.
      */
@@ -43,6 +48,10 @@ export declare class ContextHolder {
      * @returns shouldLoadEntitlements. Default to false.
      */
     static shouldLoadEntitlements(): boolean;
+    /**
+   * @returns isSessionPerTenantEnabled. Default to false.
+   */
+    static isSessionPerTenantEnabled(): boolean;
     /**
      * @returns app name value
      */

package/ContextHolder/index.js

@@ -11,6 +11,7 @@ export class ContextHolder {
 
     this.entitlementsOptions = null;
     this.appName = null;
+    this.sessionContext = void 0;
   }
 
   static getInstance() {
@@ -55,6 +56,11 @@ export class ContextHolder {
     ContextHolder.getInstance().entitlementsOptions = entitlementsOptions;
   }
 
+  static setSessionContext(sessionContext) {
+    const instance = ContextHolder.getInstance();
+    instance.sessionContext = sessionContext;
+  }
+
   static setAppName(appName) {
     ContextHolder.getInstance().appName = appName;
   }
@@ -95,6 +101,12 @@ export class ContextHolder {
     return ((_ContextHolder$getIns2 = ContextHolder.getInstance().entitlementsOptions) == null ? void 0 : _ContextHolder$getIns2.enabled) || false;
   }
 
+  static isSessionPerTenantEnabled() {
+    var _ContextHolder$getIns3;
+
+    return ((_ContextHolder$getIns3 = ContextHolder.getInstance().sessionContext) == null ? void 0 : _ContextHolder$getIns3.enableSessionPerTenant) || false;
+  }
+
   static getAppName() {
     return ContextHolder.getInstance().appName;
   }

package/auth/constants.d.ts

@@ -0,0 +1,5 @@
+export declare const FRONTEGG_SEPARATE_TABS_BY_TENANT = "FRONTEGG_SEPARATE_TABS_BY_TENANT";
+/**
+ * use current user tenant v1 feature flag
+ */
+export declare const USE_CURRENT_USER_TENANTS_V1_ENDPOINT_FF = "admin_portal_use_current_user_tenants_v1_endpoint";

package/auth/constants.js

@@ -0,0 +1,2 @@
+export const FRONTEGG_SEPARATE_TABS_BY_TENANT = 'FRONTEGG_SEPARATE_TABS_BY_TENANT';
+export const USE_CURRENT_USER_TENANTS_V1_ENDPOINT_FF = 'admin_portal_use_current_user_tenants_v1_endpoint';

package/auth/index.d.ts

@@ -1,7 +1,8 @@
 export * from "./secutiry-poilicy";
 export * from "./enums";
+export { setTabTenantInSessionStorage, getTabTenantFromSessionStorage } from './utils';
 import { ISamlRolesGroup } from "../teams/interfaces";
-import { IAcceptInvitation, IActivateAccount, IAllowedToRememberMfaDevice, ICreateSamlGroup, IDeleteApiToken, IDisableMfa, IEnrollMfaResponse, IForgotPassword, IGetActivateAccountStrategy, IGetActivateAccountStrategyResponse, IGetUserById, IGetUserPasswordConfig, ILogin, ILoginResponse, ILoginViaSocialLogin, ILoginViaSocialLoginResponse, ILoginWithMfa, IOidcPostLogin, IOidcConfiguration, IPostLogin, IPreLogin, IRecoverMFAToken, IResendActivationEmail, IResetPassword, ISamlConfiguration, ISamlVendorConfigResponse, ISignUpResponse, ISignUpUser, ISocialLoginProviderConfiguration, ITenantApiTokensData, IUpdateSamlConfiguration, IUpdateSamlGroup, IUpdateSamlRoles, IUpdateSamlVendorMetadata, IUpdateTenantApiTokensData, IUpdateUserApiTokensData, IUserApiTokensData, IUserIdResponse, IVendorConfig, IVerifyMfa, IVerifyMfaResponse, TestConfig, ISSOPublicConfiguration, IPreLoginWithIdpTypeResponse, IPasswordlessPreLogin, IPasswordlessPostLogin, ICreateSSODomain, IVerifyInviteToken, ISSODomain, ISSOConfigurationDefaultRoles, ISSOConfiguration, IUpdateSSOConfiguration, IOidcPostLoginV2, IExchangeOAuthTokens, IOAuthTokenResponse, ISocialLoginProviderConfigurationV2, ILoginResponseV2, IResetPhoneNumber, IVerifyResetPhoneNumber, IChangePhoneNumber, IVerifyResetPhoneNumberResponse, IResetPhoneNumberResponse, IWebAuthnPreLogin, IWebAuthnPostLogin, IVerifyNewWebAuthnDevice, IWebAuthnPreLoginResponse, ICreateNewDeviceSessionResponse, IAuthStrategiesConfig, ISessionResponse, IChangePhoneNumberWithVerification, IChangePhoneNumberWithVerificationResponse, IVerifyChangePhoneNumber, ISessionConfigurations, IResendInvitationEmail, IPreEnrollMFA, IEnrollMFAAuthenticatorApp, IPreEnrollMFASMS, IEnrollMFASMS, IEnrollMFAWebAuthn, IPreEnrollMFAAuthenticatorAppResponse, IPreEnrollMFAWebAuthnResponse, IVerifyMFAAuthenticatorApp, IPreVerifyMFA, IPreVerifyMFASMSResponse, IVerifyMFASMS, IPreVerifyMFAWebAuthnResponse, IVerifyMFAWebAuthn, IPreEnrollMFASMSResponse, IPreDisableMFASMSResponse, IDisableMFASMS, IDisableMFAWebAuthn, IPreDisableMFAWebAuthnResponse, UserMFADevicesResponse, WithoutMFAToken, IMFAStrategiesResponse, IOAuthLogout, IGetUserAccessTokens, IGetTenantAccessTokens, IDeleteAccessToken, ICreateTenantAccessTokenData, ICreateUserAccessTokenData, IWebAuthnDevices, ICustomSocialLoginProviderConfigurationV1, ILoginResponseV3, IPreVerifyMFAEmailCodeResponse, IVerifyMFAEmailCode, ICreateOrUpdateSSOConfigurationByMetadataUrl, IRefreshToken } from './interfaces';
+import { IAcceptInvitation, IActivateAccount, IAllowedToRememberMfaDevice, ICreateSamlGroup, IDeleteApiToken, IDisableMfa, IEnrollMfaResponse, IForgotPassword, IGetActivateAccountStrategy, IGetActivateAccountStrategyResponse, IGetUserById, IGetUserPasswordConfig, ILogin, ILoginResponse, ILoginViaSocialLogin, ILoginViaSocialLoginResponse, ILoginWithMfa, IOidcPostLogin, IOidcConfiguration, IPostLogin, IPreLogin, IRecoverMFAToken, IResendActivationEmail, IResetPassword, ISamlConfiguration, ISamlVendorConfigResponse, ISignUpResponse, ISignUpUser, ISocialLoginProviderConfiguration, ITenantApiTokensData, IUpdateSamlConfiguration, IUpdateSamlGroup, IUpdateSamlRoles, IUpdateSamlVendorMetadata, IUpdateTenantApiTokensData, IUpdateUserApiTokensData, IUserApiTokensData, IUserIdResponse, IVendorConfig, IVerifyMfa, IVerifyMfaResponse, TestConfig, ISSOPublicConfiguration, IPreLoginWithIdpTypeResponse, IPasswordlessPreLogin, IPasswordlessPostLogin, ICreateSSODomain, IVerifyInviteToken, ISSODomain, ISSOConfigurationDefaultRoles, ISSOConfiguration, IUpdateSSOConfiguration, IOidcPostLoginV2, IExchangeOAuthTokens, IOAuthTokenResponse, ISocialLoginProviderConfigurationV2, ILoginResponseV2, IResetPhoneNumber, IVerifyResetPhoneNumber, IChangePhoneNumber, IVerifyResetPhoneNumberResponse, IResetPhoneNumberResponse, IWebAuthnPreLogin, IWebAuthnPostLogin, IVerifyNewWebAuthnDevice, IWebAuthnPreLoginResponse, ICreateNewDeviceSessionResponse, IAuthStrategiesConfig, ISessionResponse, IChangePhoneNumberWithVerification, IChangePhoneNumberWithVerificationResponse, IVerifyChangePhoneNumber, ISessionConfigurations, IResendInvitationEmail, IPreEnrollMFA, IEnrollMFAAuthenticatorApp, IPreEnrollMFASMS, IEnrollMFASMS, IEnrollMFAWebAuthn, IPreEnrollMFAAuthenticatorAppResponse, IPreEnrollMFAWebAuthnResponse, IVerifyMFAAuthenticatorApp, IPreVerifyMFA, IPreVerifyMFASMSResponse, IVerifyMFASMS, IPreVerifyMFAWebAuthnResponse, IVerifyMFAWebAuthn, IPreEnrollMFASMSResponse, IPreDisableMFASMSResponse, IDisableMFASMS, IDisableMFAWebAuthn, IPreDisableMFAWebAuthnResponse, UserMFADevicesResponse, WithoutMFAToken, IMFAStrategiesResponse, IOAuthLogout, IGetUserAccessTokens, IGetTenantAccessTokens, IDeleteAccessToken, ICreateTenantAccessTokenData, ICreateUserAccessTokenData, IWebAuthnDevices, ICustomSocialLoginProviderConfigurationV1, ILoginResponseV3, IPreVerifyMFAEmailCodeResponse, IVerifyMFAEmailCode, ICreateOrUpdateSSOConfigurationByMetadataUrl } from './interfaces';
 import { IGetUserAuthorizationResponse, IUserProfile } from "../users/interfaces";
 /*****************************************
  * Authentication
@@ -112,17 +113,17 @@ export declare function acceptInvitation(body: IAcceptInvitation): Promise<void>
  * refresh token called as authenticated use, access and refresh tokens resolved by the cookies.
  * the server will return ILoginResponse with new access Token and refresh token and store it in the browser cookies.
  */
-export declare function refreshToken(body?: IRefreshToken): Promise<ILoginResponse>;
+export declare function refreshToken(): Promise<ILoginResponse>;
 /**
  * refresh token called as authenticated use, access and refresh tokens resolved by the cookies.
  * the server will return ILoginResponseV2 with new access Token and refresh token and store it in the browser cookies, as well as the tenants.
  */
-export declare function refreshTokenV2(body?: IRefreshToken): Promise<ILoginResponseV2>;
+export declare function refreshTokenV2(): Promise<ILoginResponseV2>;
 /**
  * refresh token called as authenticated use, access and refresh tokens resolved by the cookies.
  * the server will return ILoginResponseV3 with new access Token and refresh token and store it in the browser cookies, as well as the tenants and the active tenant.
  */
-export declare function refreshTokenV3(body?: IRefreshToken): Promise<ILoginResponseV3>;
+export declare function refreshTokenV3(): Promise<ILoginResponseV3>;
 /**
  * logout from server, invalidate access and refresh token, remove it from cookies.
  */
@@ -680,9 +681,9 @@ export declare function preLoginV2(body: IPreLogin): Promise<IPreLoginWithIdpTyp
  */
 export declare function oidcPostLoginV2(body: IOidcPostLoginV2): Promise<ILoginResponse>;
 export declare function exchangeOAuthTokensV2(body: IExchangeOAuthTokens): Promise<ILoginResponseV3>;
-export declare function silentOAuthRefreshTokenV2(body?: IRefreshToken): Promise<ILoginResponseV3>;
+export declare function silentOAuthRefreshTokenV2(): Promise<ILoginResponseV3>;
 export declare function exchangeOAuthTokens(body: IExchangeOAuthTokens): Promise<ILoginResponse>;
-export declare function silentOAuthRefreshToken(body?: IRefreshToken): Promise<ILoginResponse>;
+export declare function silentOAuthRefreshToken(): Promise<ILoginResponse>;
 /**
  * reset phone should be called in case user want to reset his phone number
  * when using sms authentication strategy. a 6-digits code will be send to the user email.

package/auth/index.js

@@ -6,16 +6,16 @@ const _excluded = ["type"],
 import { getTenants } from "../tenants";
 export * from "./secutiry-poilicy";
 export * from "./enums";
+export { setTabTenantInSessionStorage, getTabTenantFromSessionStorage } from './utils';
 import { urls } from "../constants";
 import { ContextHolder } from "../ContextHolder";
 import { Delete, Get, Patch, Post, Put } from "../fetch";
 import { jwtDecode } from "../jwt";
 import { LOAD_AUTHORIZATION_FF } from './interfaces';
-import { getCurrentUserTenantsV3 } from '../users';
 import { loadEntitlements } from '../entitlements';
 import { ADMIN_PORTAL_ENTITLEMENTS_FF } from '../entitlements/interfaces';
 import { FeatureFlags } from "../feature-flags";
-import { executeConditionalPromise } from "./utils";
+import { executeConditionalPromise, getCurrentUserTenantsFunction, getTabTenantFromSessionStorage, setTabTenantInSessionStorage } from "./utils";
 export async function generateLoginResponse(loginResponse) {
   if (!loginResponse.accessToken) {
     return loginResponse;
@@ -76,11 +76,15 @@ export async function generateLoginResponseV3(loginResponse) {
   }
 
   ContextHolder.setAccessToken(accessToken);
-  const [me, currentUserTenants] = await Promise.all([getMeAndEntitlements(), getCurrentUserTenantsV3()]);
+  const [me, currentUserTenants] = await Promise.all([getMeAndEntitlements(), getCurrentUserTenantsFunction()()]);
   const decodedContent = accessToken ? jwtDecode(accessToken) : {};
 
   const user = _extends({}, loginResponse, decodedContent, me);
 
+  if (ContextHolder.isSessionPerTenantEnabled()) {
+    setTabTenantInSessionStorage(user.tenantId);
+  }
+
   ContextHolder.setUser(user);
   return {
     user,
@@ -106,7 +110,7 @@ export async function generateLoginResponseFromOAuthResponse(oauthResponse) {
 }
 export async function generateLoginResponseFromOAuthResponseV2(oauthResponse) {
   ContextHolder.setAccessToken(oauthResponse.id_token);
-  const [me, currentUserTenants] = await Promise.all([getMeAndEntitlements(), getCurrentUserTenantsV3()]);
+  const [me, currentUserTenants] = await Promise.all([getMeAndEntitlements(), getCurrentUserTenantsFunction()()]);
   const decodedContent = oauthResponse.id_token ? jwtDecode(oauthResponse.id_token) : {};
 
   const user = _extends({
@@ -117,6 +121,10 @@ export async function generateLoginResponseFromOAuthResponseV2(oauthResponse) {
     expiresIn: oauthResponse.expires_in || 300
   });
 
+  if (ContextHolder.isSessionPerTenantEnabled()) {
+    setTabTenantInSessionStorage(user.tenantId);
+  }
+
   ContextHolder.setUser(user);
   return {
     user,
@@ -180,16 +188,25 @@ export async function resendInvitationEmail(body) {
 export async function acceptInvitation(body) {
   return Post(`${urls.identity.users.v1}/invitation/accept`, body);
 }
-export async function refreshToken(body = {}) {
-  const data = await Post(`${urls.identity.auth.v1}/user/token/refresh`, body);
+export async function refreshToken() {
+  const tabTenantId = getTabTenantFromSessionStorage();
+  const data = await Post(`${urls.identity.auth.v1}/user/token/refresh`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponse(data);
 }
-export async function refreshTokenV2(body = {}) {
-  const data = await Post(`${urls.identity.auth.v1}/user/token/refresh`, body);
+export async function refreshTokenV2() {
+  const tabTenantId = getTabTenantFromSessionStorage();
+  const data = await Post(`${urls.identity.auth.v1}/user/token/refresh`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponseV2(data);
 }
-export async function refreshTokenV3(body = {}) {
-  const data = await Post(`${urls.identity.auth.v1}/user/token/refresh`, body);
+export async function refreshTokenV3() {
+  const tabTenantId = getTabTenantFromSessionStorage();
+  const data = await Post(`${urls.identity.auth.v1}/user/token/refresh`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponseV3(data);
 }
 export async function logout() {
@@ -636,16 +653,22 @@ export async function exchangeOAuthTokensV2(body) {
   const data = await Post(`${urls.oauth.v1}/token`, body);
   return generateLoginResponseFromOAuthResponseV2(data);
 }
-export async function silentOAuthRefreshTokenV2(body = {}) {
-  const data = await Post(`${urls.oauth.v1}/authorize/silent`, body);
+export async function silentOAuthRefreshTokenV2() {
+  const tabTenantId = getTabTenantFromSessionStorage();
+  const data = await Post(`${urls.oauth.v1}/authorize/silent`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponseFromOAuthResponseV2(data);
 }
 export async function exchangeOAuthTokens(body) {
   const data = await Post(`${urls.oauth.v1}/token`, body);
   return generateLoginResponseFromOAuthResponse(data);
 }
-export async function silentOAuthRefreshToken(body = {}) {
-  const data = await Post(`${urls.oauth.v1}/authorize/silent`, body);
+export async function silentOAuthRefreshToken() {
+  const tabTenantId = getTabTenantFromSessionStorage();
+  const data = await Post(`${urls.oauth.v1}/authorize/silent`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponseFromOAuthResponse(data);
 }
 export async function resetPhoneNumber(body) {
@@ -713,6 +736,12 @@ export async function getMeAndEntitlements() {
   }];
   const promises = actions.map(action => executeConditionalPromise(action));
   const [me, entitlements, authorization] = await Promise.all(promises);
+  const tabTenant = getTabTenantFromSessionStorage();
+
+  if (tabTenant) {
+    me.tenantId = tabTenant;
+  }
+
   return _extends({}, me, authorization != null ? authorization : {}, {
     entitlements
   });

package/auth/interfaces.d.ts

@@ -30,9 +30,6 @@ export declare type ILogin = {
     recaptchaToken?: string;
     invitationToken?: string;
 };
-export declare type IRefreshToken = {
-    tenantId?: string;
-};
 export declare type ILoginResponse = IUserProfile & {
     mfaRequired: boolean;
     accessToken: string;

package/auth/utils.d.ts

@@ -1,5 +1,9 @@
+import { GetCurrentUserTenantsResponse } from '../users/interfaces';
 export interface ConditionalAction<T = any> {
     action: () => Promise<T>;
     shouldLoad: boolean;
 }
 export declare function executeConditionalPromise({ shouldLoad, action }: ConditionalAction): Promise<any>;
+export declare function setTabTenantInSessionStorage(tenantId: string): void;
+export declare function getTabTenantFromSessionStorage(): string | null;
+export declare function getCurrentUserTenantsFunction(): () => Promise<GetCurrentUserTenantsResponse>;

package/auth/utils.js

@@ -1,3 +1,8 @@
+import { ContextHolder } from '../ContextHolder';
+import { USE_CURRENT_USER_TENANTS_V1_ENDPOINT_FF } from './constants';
+import { FeatureFlags } from '../feature-flags';
+import { getCurrentUserTenantsV1, getCurrentUserTenantsV3 } from '../users';
+import { FRONTEGG_SEPARATE_TABS_BY_TENANT } from './constants';
 ;
 export async function executeConditionalPromise({
   shouldLoad,
@@ -5,4 +10,27 @@ export async function executeConditionalPromise({
 }) {
   if (!shouldLoad) return;
   return await action();
+}
+export function setTabTenantInSessionStorage(tenantId) {
+  if (!tenantId) {
+    return;
+  }
+
+  sessionStorage.setItem(FRONTEGG_SEPARATE_TABS_BY_TENANT, tenantId);
+}
+export function getTabTenantFromSessionStorage() {
+  if (ContextHolder.isSessionPerTenantEnabled()) {
+    return null;
+  }
+
+  return sessionStorage.getItem(FRONTEGG_SEPARATE_TABS_BY_TENANT);
+}
+export function getCurrentUserTenantsFunction() {
+  const [useCurrentUserTenantsV1] = FeatureFlags.getFeatureFlags([USE_CURRENT_USER_TENANTS_V1_ENDPOINT_FF], ContextHolder.getAppName() || '');
+
+  if (ContextHolder.isSessionPerTenantEnabled()) {
+    return getCurrentUserTenantsV1;
+  }
+
+  return useCurrentUserTenantsV1 ? getCurrentUserTenantsV1 : getCurrentUserTenantsV3;
 }

package/constants.d.ts

@@ -20,6 +20,7 @@ export declare const urls: {
             };
             tenants: {
                 me: {
+                    v1: string;
                     v3: string;
                 };
             };

package/constants.js

@@ -20,6 +20,7 @@ export const urls = {
       },
       tenants: {
         me: {
+          v1: '/identity/resources/users/v1/me/tenants',
           v3: '/identity/resources/users/v3/me/tenants'
         }
       },

package/index.js

@@ -1,4 +1,4 @@
-/** @license Frontegg v3.1.29
+/** @license Frontegg v3.1.30
  *
  * This source code is licensed under the MIT license found in the
  * LICENSE file in the root directory of this source tree.

package/interfaces.d.ts

@@ -54,6 +54,9 @@ export interface MetadataHeaders {
     framework?: FronteggFrameworks;
     fronteggSdkVersion?: string;
 }
+export interface SessionContext {
+    enableSessionPerTenant?: boolean;
+}
 export interface ContextOptions {
     baseUrl: string | ((url: string) => string);
     clientId?: string;

package/node/ContextHolder/index.js

@@ -18,6 +18,7 @@ class ContextHolder {
 
     this.entitlementsOptions = null;
     this.appName = null;
+    this.sessionContext = void 0;
   }
 
   static getInstance() {
@@ -62,6 +63,11 @@ class ContextHolder {
     ContextHolder.getInstance().entitlementsOptions = entitlementsOptions;
   }
 
+  static setSessionContext(sessionContext) {
+    const instance = ContextHolder.getInstance();
+    instance.sessionContext = sessionContext;
+  }
+
   static setAppName(appName) {
     ContextHolder.getInstance().appName = appName;
   }
@@ -102,6 +108,12 @@ class ContextHolder {
     return ((_ContextHolder$getIns2 = ContextHolder.getInstance().entitlementsOptions) == null ? void 0 : _ContextHolder$getIns2.enabled) || false;
   }
 
+  static isSessionPerTenantEnabled() {
+    var _ContextHolder$getIns3;
+
+    return ((_ContextHolder$getIns3 = ContextHolder.getInstance().sessionContext) == null ? void 0 : _ContextHolder$getIns3.enableSessionPerTenant) || false;
+  }
+
   static getAppName() {
     return ContextHolder.getInstance().appName;
   }

package/node/auth/constants.js

@@ -0,0 +1,10 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.USE_CURRENT_USER_TENANTS_V1_ENDPOINT_FF = exports.FRONTEGG_SEPARATE_TABS_BY_TENANT = void 0;
+const FRONTEGG_SEPARATE_TABS_BY_TENANT = 'FRONTEGG_SEPARATE_TABS_BY_TENANT';
+exports.FRONTEGG_SEPARATE_TABS_BY_TENANT = FRONTEGG_SEPARATE_TABS_BY_TENANT;
+const USE_CURRENT_USER_TENANTS_V1_ENDPOINT_FF = 'admin_portal_use_current_user_tenants_v1_endpoint';
+exports.USE_CURRENT_USER_TENANTS_V1_ENDPOINT_FF = USE_CURRENT_USER_TENANTS_V1_ENDPOINT_FF;

package/node/auth/index.js

@@ -153,7 +153,9 @@ var _exportNames = {
   getMFAStrategiesConfig: true,
   getUserAuthorization: true,
   getMeV2: true,
-  getMeAndEntitlements: true
+  getMeAndEntitlements: true,
+  setTabTenantInSessionStorage: true,
+  getTabTenantFromSessionStorage: true
 };
 exports.OAuthLogout = OAuthLogout;
 exports.acceptInvitation = acceptInvitation;
@@ -226,6 +228,12 @@ exports.getSessionConfigurations = getSessionConfigurations;
 exports.getSocialLoginProviders = getSocialLoginProviders;
 exports.getSocialLoginProvidersV2 = getSocialLoginProvidersV2;
 exports.getSocialLoginProvidersV2ForAuthenticatedUser = getSocialLoginProvidersV2ForAuthenticatedUser;
+Object.defineProperty(exports, "getTabTenantFromSessionStorage", {
+  enumerable: true,
+  get: function () {
+    return _utils.getTabTenantFromSessionStorage;
+  }
+});
 exports.getTenantAccessTokensData = getTenantAccessTokensData;
 exports.getTenantApiTokensData = getTenantApiTokensData;
 exports.getUserAccessTokensData = getUserAccessTokensData;
@@ -272,6 +280,12 @@ exports.resetPassword = resetPassword;
 exports.resetPhoneNumber = resetPhoneNumber;
 exports.revokeSessionsForUser = revokeSessionsForUser;
 exports.setSSODefaultRoles = setSSODefaultRoles;
+Object.defineProperty(exports, "setTabTenantInSessionStorage", {
+  enumerable: true,
+  get: function () {
+    return _utils.setTabTenantInSessionStorage;
+  }
+});
 exports.signUpUser = signUpUser;
 exports.silentOAuthRefreshToken = silentOAuthRefreshToken;
 exports.silentOAuthRefreshTokenV2 = silentOAuthRefreshTokenV2;
@@ -338,6 +352,8 @@ Object.keys(_enums).forEach(function (key) {
   });
 });
 
+var _utils = require("./utils");
+
 var _constants = require("../constants");
 
 var _ContextHolder = require("../ContextHolder");
@@ -348,16 +364,12 @@ var _jwt = require("../jwt");
 
 var _interfaces = require("./interfaces");
 
-var _users = require("../users");
-
 var _entitlements = require("../entitlements");
 
 var _interfaces2 = require("../entitlements/interfaces");
 
 var _featureFlags = require("../feature-flags");
 
-var _utils = require("./utils");
-
 const _excluded = ["type"],
       _excluded2 = ["type"],
       _excluded3 = ["type"];
@@ -428,10 +440,14 @@ async function generateLoginResponseV3(loginResponse) {
 
   _ContextHolder.ContextHolder.setAccessToken(accessToken);
 
-  const [me, currentUserTenants] = await Promise.all([getMeAndEntitlements(), (0, _users.getCurrentUserTenantsV3)()]);
+  const [me, currentUserTenants] = await Promise.all([getMeAndEntitlements(), (0, _utils.getCurrentUserTenantsFunction)()()]);
   const decodedContent = accessToken ? (0, _jwt.jwtDecode)(accessToken) : {};
   const user = (0, _extends2.default)({}, loginResponse, decodedContent, me);
 
+  if (_ContextHolder.ContextHolder.isSessionPerTenantEnabled()) {
+    (0, _utils.setTabTenantInSessionStorage)(user.tenantId);
+  }
+
   _ContextHolder.ContextHolder.setUser(user);
 
   return {
@@ -462,7 +478,7 @@ async function generateLoginResponseFromOAuthResponse(oauthResponse) {
 async function generateLoginResponseFromOAuthResponseV2(oauthResponse) {
   _ContextHolder.ContextHolder.setAccessToken(oauthResponse.id_token);
 
-  const [me, currentUserTenants] = await Promise.all([getMeAndEntitlements(), (0, _users.getCurrentUserTenantsV3)()]);
+  const [me, currentUserTenants] = await Promise.all([getMeAndEntitlements(), (0, _utils.getCurrentUserTenantsFunction)()()]);
   const decodedContent = oauthResponse.id_token ? (0, _jwt.jwtDecode)(oauthResponse.id_token) : {};
   const user = (0, _extends2.default)({
     mfaRequired: false,
@@ -472,6 +488,10 @@ async function generateLoginResponseFromOAuthResponseV2(oauthResponse) {
     expiresIn: oauthResponse.expires_in || 300
   });
 
+  if (_ContextHolder.ContextHolder.isSessionPerTenantEnabled()) {
+    (0, _utils.setTabTenantInSessionStorage)(user.tenantId);
+  }
+
   _ContextHolder.ContextHolder.setUser(user);
 
   return {
@@ -551,18 +571,27 @@ async function acceptInvitation(body) {
   return (0, _fetch.Post)(`${_constants.urls.identity.users.v1}/invitation/accept`, body);
 }
 
-async function refreshToken(body = {}) {
-  const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/token/refresh`, body);
+async function refreshToken() {
+  const tabTenantId = (0, _utils.getTabTenantFromSessionStorage)();
+  const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/token/refresh`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponse(data);
 }
 
-async function refreshTokenV2(body = {}) {
-  const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/token/refresh`, body);
+async function refreshTokenV2() {
+  const tabTenantId = (0, _utils.getTabTenantFromSessionStorage)();
+  const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/token/refresh`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponseV2(data);
 }
 
-async function refreshTokenV3(body = {}) {
-  const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/token/refresh`, body);
+async function refreshTokenV3() {
+  const tabTenantId = (0, _utils.getTabTenantFromSessionStorage)();
+  const data = await (0, _fetch.Post)(`${_constants.urls.identity.auth.v1}/user/token/refresh`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponseV3(data);
 }
 
@@ -1112,8 +1141,11 @@ async function exchangeOAuthTokensV2(body) {
   return generateLoginResponseFromOAuthResponseV2(data);
 }
 
-async function silentOAuthRefreshTokenV2(body = {}) {
-  const data = await (0, _fetch.Post)(`${_constants.urls.oauth.v1}/authorize/silent`, body);
+async function silentOAuthRefreshTokenV2() {
+  const tabTenantId = (0, _utils.getTabTenantFromSessionStorage)();
+  const data = await (0, _fetch.Post)(`${_constants.urls.oauth.v1}/authorize/silent`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponseFromOAuthResponseV2(data);
 }
 
@@ -1122,8 +1154,11 @@ async function exchangeOAuthTokens(body) {
   return generateLoginResponseFromOAuthResponse(data);
 }
 
-async function silentOAuthRefreshToken(body = {}) {
-  const data = await (0, _fetch.Post)(`${_constants.urls.oauth.v1}/authorize/silent`, body);
+async function silentOAuthRefreshToken() {
+  const tabTenantId = (0, _utils.getTabTenantFromSessionStorage)();
+  const data = await (0, _fetch.Post)(`${_constants.urls.oauth.v1}/authorize/silent`, {
+    tenantId: tabTenantId
+  });
   return generateLoginResponseFromOAuthResponse(data);
 }
 
@@ -1209,6 +1244,12 @@ async function getMeAndEntitlements() {
   }];
   const promises = actions.map(action => (0, _utils.executeConditionalPromise)(action));
   const [me, entitlements, authorization] = await Promise.all(promises);
+  const tabTenant = (0, _utils.getTabTenantFromSessionStorage)();
+
+  if (tabTenant) {
+    me.tenantId = tabTenant;
+  }
+
   return (0, _extends2.default)({}, me, authorization != null ? authorization : {}, {
     entitlements
   });

package/node/auth/utils.js

@@ -4,6 +4,18 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.executeConditionalPromise = executeConditionalPromise;
+exports.getCurrentUserTenantsFunction = getCurrentUserTenantsFunction;
+exports.getTabTenantFromSessionStorage = getTabTenantFromSessionStorage;
+exports.setTabTenantInSessionStorage = setTabTenantInSessionStorage;
+
+var _ContextHolder = require("../ContextHolder");
+
+var _constants = require("./constants");
+
+var _featureFlags = require("../feature-flags");
+
+var _users = require("../users");
+
 ;
 
 async function executeConditionalPromise({
@@ -12,4 +24,30 @@ async function executeConditionalPromise({
 }) {
   if (!shouldLoad) return;
   return await action();
+}
+
+function setTabTenantInSessionStorage(tenantId) {
+  if (!tenantId) {
+    return;
+  }
+
+  sessionStorage.setItem(_constants.FRONTEGG_SEPARATE_TABS_BY_TENANT, tenantId);
+}
+
+function getTabTenantFromSessionStorage() {
+  if (_ContextHolder.ContextHolder.isSessionPerTenantEnabled()) {
+    return null;
+  }
+
+  return sessionStorage.getItem(_constants.FRONTEGG_SEPARATE_TABS_BY_TENANT);
+}
+
+function getCurrentUserTenantsFunction() {
+  const [useCurrentUserTenantsV1] = _featureFlags.FeatureFlags.getFeatureFlags([_constants.USE_CURRENT_USER_TENANTS_V1_ENDPOINT_FF], _ContextHolder.ContextHolder.getAppName() || '');
+
+  if (_ContextHolder.ContextHolder.isSessionPerTenantEnabled()) {
+    return _users.getCurrentUserTenantsV1;
+  }
+
+  return useCurrentUserTenantsV1 ? _users.getCurrentUserTenantsV1 : _users.getCurrentUserTenantsV3;
 }

package/node/constants.js

@@ -26,6 +26,7 @@ const urls = {
       },
       tenants: {
         me: {
+          v1: '/identity/resources/users/v1/me/tenants',
           v3: '/identity/resources/users/v3/me/tenants'
         }
       },

package/node/index.js

@@ -1,4 +1,4 @@
-/** @license Frontegg v3.1.29
+/** @license Frontegg v3.1.30
  *
  * This source code is licensed under the MIT license found in the
  * LICENSE file in the root directory of this source tree.

package/node/tenants/index.js

@@ -21,7 +21,15 @@ var _fetch = require("../fetch");
 
 var _constants = require("../constants");
 
+var _utils = require("../auth/utils");
+
+var _ContextHolder = require("../ContextHolder");
+
 async function switchTenant(body) {
+  if (_ContextHolder.ContextHolder.isSessionPerTenantEnabled()) {
+    (0, _utils.setTabTenantInSessionStorage)(body.tenantId);
+  }
+
   return (0, _fetch.Put)(`${_constants.urls.identity.users.v1}/tenant`, body);
 }
 

package/node/users/index.js

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.GetUserJwt = GetUserJwt;
+exports.getCurrentUserTenantsV1 = getCurrentUserTenantsV1;
 exports.getCurrentUserTenantsV3 = getCurrentUserTenantsV3;
 exports.getUsersGroups = getUsersGroups;
 exports.getUsersRoles = getUsersRoles;
@@ -58,6 +59,12 @@ async function getCurrentUserTenantsV3(options) {
   });
 }
 
+async function getCurrentUserTenantsV1(options) {
+  return (0, _fetch.Get)(_constants.urls.identity.users.tenants.me.v1, undefined, {
+    headers: (0, _fetch.extractHeadersFromOptions)(options)
+  });
+}
+
 async function sendResetBreachedPasswordEmails() {
   return (0, _fetch.Post)(_constants.urls.identity.users.passwords.resetBreachedPasswords.v1);
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@frontegg/rest-api",
-  "version": "3.1.29",
+  "version": "3.1.30",
   "main": "./node/index.js",
   "license": "MIT",
   "dependencies": {

package/tenants/index.js

@@ -1,7 +1,13 @@
 import _extends from "@babel/runtime/helpers/esm/extends";
 import { extractHeadersFromOptions, Get, Post, Put } from "../fetch";
 import { urls } from "../constants";
+import { setTabTenantInSessionStorage } from '../auth/utils';
+import { ContextHolder } from '../ContextHolder';
 export async function switchTenant(body) {
+  if (ContextHolder.isSessionPerTenantEnabled()) {
+    setTabTenantInSessionStorage(body.tenantId);
+  }
+
   return Put(`${urls.identity.users.v1}/tenant`, body);
 }
 export async function getTenants() {

package/users/index.d.ts

@@ -5,6 +5,13 @@ export declare function getUsersV2(queryParams: ISearchUserQueryParamsV2, option
 export declare function getUsersV3(queryParams: ISearchUserQueryParamsV3, options?: UserJwtOptions): Promise<FronteggPaginationWrapper<IUsersV3Data>>;
 export declare function getUsersRoles(queryParams: GetUsersRolesParams, options?: UserJwtOptions): Promise<GetUserRolesResponse[]>;
 export declare function getUsersGroups(queryParams: GetUserGroupsParams, options?: UserJwtOptions): Promise<GetUserGroupsResponse[]>;
+/**
+ * get user tenant and user tenants by user active tenant
+ */
 export declare function getCurrentUserTenantsV3(options?: UserJwtOptions): Promise<GetCurrentUserTenantsResponse>;
+/**
+ * get user tenant and user tenants by context tenant
+ */
+export declare function getCurrentUserTenantsV1(options?: UserJwtOptions): Promise<GetCurrentUserTenantsResponse>;
 export declare function sendResetBreachedPasswordEmails(): Promise<void>;
 export declare function updateUserProfileV2(body: Partial<IUpdateUserDto>): Promise<IUserProfile>;

package/users/index.js

@@ -33,6 +33,11 @@ export async function getCurrentUserTenantsV3(options) {
     headers: extractHeadersFromOptions(options)
   });
 }
+export async function getCurrentUserTenantsV1(options) {
+  return Get(urls.identity.users.tenants.me.v1, undefined, {
+    headers: extractHeadersFromOptions(options)
+  });
+}
 export async function sendResetBreachedPasswordEmails() {
   return Post(urls.identity.users.passwords.resetBreachedPasswords.v1);
 }