@fusionauth/typescript-client 1.33.0 → 1.37.0

package/build/src/FusionAuthClient.d.ts

@@ -78,9 +78,9 @@ export declare class FusionAuthClient {
     /**
      * Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
      * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
-     * your password, you must obtain a Truest Token by completing a Two-Factor Step-Up authentication.
+     * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
      *
-     * An HTTP status code of 412 indicates that a Trust Token is required to make a POST request to this API.
+     * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
      *
      * @param {string} changePasswordId The change password Id used to find the user. This value is generated by FusionAuth once the change password workflow has been initiated.
      * @returns {Promise<ClientResponse<void>>}
@@ -89,9 +89,9 @@ export declare class FusionAuthClient {
     /**
      * Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
      * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
-     * your password, you must obtain a Truest Token by completing a Two-Factor Step-Up authentication.
+     * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
      *
-     * An HTTP status code of 412 indicates that a Trust Token is required to make a POST request to this API.
+     * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
      *
      * @param {string} encodedJWT The encoded JWT (access token).
      * @returns {Promise<ClientResponse<void>>}
@@ -100,9 +100,9 @@ export declare class FusionAuthClient {
     /**
      * Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
      * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
-     * your password, you must obtain a Truest Request Id by completing a Two-Factor Step-Up authentication.
+     * your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication.
      *
-     * An HTTP status code of 412 indicates that a Trust Token is required to make a POST request to this API.
+     * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
      *
      * @param {string} loginId The loginId of the User that you intend to change the password for.
      * @returns {Promise<ClientResponse<void>>}
@@ -888,6 +888,16 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<LoginResponse>>}
      */
     loginPing(userId: UUID, applicationId: UUID, callerIPAddress: string): Promise<ClientResponse<LoginResponse>>;
+    /**
+     * Sends a ping to FusionAuth indicating that the user was automatically logged into an application. When using
+     * FusionAuth's SSO or your own, you should call this if the user is already logged in centrally, but accesses an
+     * application where they no longer have a session. This helps correctly track login counts, times and helps with
+     * reporting.
+     *
+     * @param {LoginPingRequest} request The login request that contains the user credentials used to log them in.
+     * @returns {Promise<ClientResponse<LoginResponse>>}
+     */
+    loginPingWithRequest(request: LoginPingRequest): Promise<ClientResponse<LoginResponse>>;
     /**
      * The Logout API is intended to be used to remove the refresh token and access token cookies if they exist on the
      * client and revoke the refresh token stored. This API does nothing if the request does not contain an access
@@ -1221,7 +1231,7 @@ export declare class FusionAuthClient {
      */
     retrieveAction(actionId: UUID): Promise<ClientResponse<ActionResponse>>;
     /**
-     * Retrieves all of the actions for the user with the given Id. This will return all time based actions that are active,
+     * Retrieves all the actions for the user with the given Id. This will return all time based actions that are active,
      * and inactive as well as non-time based actions.
      *
      * @param {UUID} userId The Id of the user to fetch the actions for.
@@ -1229,14 +1239,14 @@ export declare class FusionAuthClient {
      */
     retrieveActions(userId: UUID): Promise<ClientResponse<ActionResponse>>;
     /**
-     * Retrieves all of the actions for the user with the given Id that are currently preventing the User from logging in.
+     * Retrieves all the actions for the user with the given Id that are currently preventing the User from logging in.
      *
      * @param {UUID} userId The Id of the user to fetch the actions for.
      * @returns {Promise<ClientResponse<ActionResponse>>}
      */
     retrieveActionsPreventingLogin(userId: UUID): Promise<ClientResponse<ActionResponse>>;
     /**
-     * Retrieves all of the actions for the user with the given Id that are currently active.
+     * Retrieves all the actions for the user with the given Id that are currently active.
      * An active action means one that is time based and has not been canceled, and has not ended.
      *
      * @param {UUID} userId The Id of the user to fetch the actions for.
@@ -1251,7 +1261,7 @@ export declare class FusionAuthClient {
      */
     retrieveApplication(applicationId: UUID): Promise<ClientResponse<ApplicationResponse>>;
     /**
-     * Retrieves all of the applications.
+     * Retrieves all the applications.
      *
      * @returns {Promise<ClientResponse<ApplicationResponse>>}
      */
@@ -1271,7 +1281,7 @@ export declare class FusionAuthClient {
      */
     retrieveConnector(connectorId: UUID): Promise<ClientResponse<ConnectorResponse>>;
     /**
-     * Retrieves all of the connectors.
+     * Retrieves all the connectors.
      *
      * @returns {Promise<ClientResponse<ConnectorResponse>>}
      */
@@ -1284,7 +1294,7 @@ export declare class FusionAuthClient {
      */
     retrieveConsent(consentId: UUID): Promise<ClientResponse<ConsentResponse>>;
     /**
-     * Retrieves all of the consent.
+     * Retrieves all the consent.
      *
      * @returns {Promise<ClientResponse<ConsentResponse>>}
      */
@@ -1316,7 +1326,7 @@ export declare class FusionAuthClient {
      */
     retrieveEmailTemplatePreview(request: PreviewRequest): Promise<ClientResponse<PreviewResponse>>;
     /**
-     * Retrieves all of the email templates.
+     * Retrieves all the email templates.
      *
      * @returns {Promise<ClientResponse<EmailTemplateResponse>>}
      */
@@ -1345,7 +1355,7 @@ export declare class FusionAuthClient {
      */
     retrieveEntityType(entityTypeId: UUID): Promise<ClientResponse<EntityTypeResponse>>;
     /**
-     * Retrieves all of the Entity Types.
+     * Retrieves all the Entity Types.
      *
      * @returns {Promise<ClientResponse<EntityTypeResponse>>}
      */
@@ -1358,14 +1368,14 @@ export declare class FusionAuthClient {
      */
     retrieveEventLog(eventLogId: number): Promise<ClientResponse<EventLogResponse>>;
     /**
-     * Retrieves all of the families that a user belongs to.
+     * Retrieves all the families that a user belongs to.
      *
      * @param {UUID} userId The User's id
      * @returns {Promise<ClientResponse<FamilyResponse>>}
      */
     retrieveFamilies(userId: UUID): Promise<ClientResponse<FamilyResponse>>;
     /**
-     * Retrieves all of the members of a family by the unique Family Id.
+     * Retrieves all the members of a family by the unique Family Id.
      *
      * @param {UUID} familyId The unique Id of the Family.
      * @returns {Promise<ClientResponse<FamilyResponse>>}
@@ -1386,13 +1396,13 @@ export declare class FusionAuthClient {
      */
     retrieveFormField(fieldId: UUID): Promise<ClientResponse<FormFieldResponse>>;
     /**
-     * Retrieves all of the forms fields
+     * Retrieves all the forms fields
      *
      * @returns {Promise<ClientResponse<FormFieldResponse>>}
      */
     retrieveFormFields(): Promise<ClientResponse<FormFieldResponse>>;
     /**
-     * Retrieves all of the forms.
+     * Retrieves all the forms.
      *
      * @returns {Promise<ClientResponse<FormResponse>>}
      */
@@ -1405,7 +1415,7 @@ export declare class FusionAuthClient {
      */
     retrieveGroup(groupId: UUID): Promise<ClientResponse<GroupResponse>>;
     /**
-     * Retrieves all of the groups.
+     * Retrieves all the groups.
      *
      * @returns {Promise<ClientResponse<GroupResponse>>}
      */
@@ -1434,13 +1444,13 @@ export declare class FusionAuthClient {
      */
     retrieveIdentityProviderByType(type: IdentityProviderType): Promise<ClientResponse<IdentityProviderResponse>>;
     /**
-     * Retrieves all of the identity providers.
+     * Retrieves all the identity providers.
      *
      * @returns {Promise<ClientResponse<IdentityProviderResponse>>}
      */
     retrieveIdentityProviders(): Promise<ClientResponse<IdentityProviderResponse>>;
     /**
-     * Retrieves all of the actions for the user with the given Id that are currently inactive.
+     * Retrieves all the actions for the user with the given Id that are currently inactive.
      * An inactive action means one that is time based and has been canceled or has expired, or is not time based.
      *
      * @param {UUID} userId The Id of the user to fetch the actions for.
@@ -1448,13 +1458,13 @@ export declare class FusionAuthClient {
      */
     retrieveInactiveActions(userId: UUID): Promise<ClientResponse<ActionResponse>>;
     /**
-     * Retrieves all of the applications that are currently inactive.
+     * Retrieves all the applications that are currently inactive.
      *
      * @returns {Promise<ClientResponse<ApplicationResponse>>}
      */
     retrieveInactiveApplications(): Promise<ClientResponse<ApplicationResponse>>;
     /**
-     * Retrieves all of the user actions that are currently inactive.
+     * Retrieves all the user actions that are currently inactive.
      *
      * @returns {Promise<ClientResponse<UserActionResponse>>}
      */
@@ -1499,7 +1509,7 @@ export declare class FusionAuthClient {
      */
     retrieveKey(keyId: UUID): Promise<ClientResponse<KeyResponse>>;
     /**
-     * Retrieves all of the keys.
+     * Retrieves all the keys.
      *
      * @returns {Promise<ClientResponse<KeyResponse>>}
      */
@@ -1512,13 +1522,13 @@ export declare class FusionAuthClient {
      */
     retrieveLambda(lambdaId: UUID): Promise<ClientResponse<LambdaResponse>>;
     /**
-     * Retrieves all of the lambdas.
+     * Retrieves all the lambdas.
      *
      * @returns {Promise<ClientResponse<LambdaResponse>>}
      */
     retrieveLambdas(): Promise<ClientResponse<LambdaResponse>>;
     /**
-     * Retrieves all of the lambdas for the provided type.
+     * Retrieves all the lambdas for the provided type.
      *
      * @param {LambdaType} type The type of the lambda to return.
      * @returns {Promise<ClientResponse<LambdaResponse>>}
@@ -1549,7 +1559,7 @@ export declare class FusionAuthClient {
      */
     retrieveMessageTemplatePreview(request: PreviewMessageTemplateRequest): Promise<ClientResponse<PreviewMessageTemplateResponse>>;
     /**
-     * Retrieves all of the message templates.
+     * Retrieves all the message templates.
      *
      * @returns {Promise<ClientResponse<MessageTemplateResponse>>}
      */
@@ -1562,7 +1572,7 @@ export declare class FusionAuthClient {
      */
     retrieveMessenger(messengerId: UUID): Promise<ClientResponse<MessengerResponse>>;
     /**
-     * Retrieves all of the messengers.
+     * Retrieves all the messengers.
      *
      * @returns {Promise<ClientResponse<MessengerResponse>>}
      */
@@ -1609,7 +1619,7 @@ export declare class FusionAuthClient {
      */
     retrievePasswordValidationRulesWithTenantId(tenantId: UUID): Promise<ClientResponse<PasswordValidationRulesResponse>>;
     /**
-     * Retrieves all of the children for the given parent email address.
+     * Retrieves all the children for the given parent email address.
      *
      * @param {string} parentEmail The email of the parent.
      * @returns {Promise<ClientResponse<PendingResponse>>}
@@ -1636,12 +1646,12 @@ export declare class FusionAuthClient {
      */
     retrieveRecentLogins(offset: number, limit: number): Promise<ClientResponse<RecentLoginResponse>>;
     /**
-     * Retrieves a single refresh token by unique Id. This is not the same thing as the string value of the refresh token, if you have that, you already have what you need..
+     * Retrieves a single refresh token by unique Id. This is not the same thing as the string value of the refresh token. If you have that, you already have what you need.
      *
-     * @param {UUID} userId The Id of the user.
+     * @param {UUID} tokenId The Id of the token.
      * @returns {Promise<ClientResponse<RefreshTokenResponse>>}
      */
-    retrieveRefreshTokenById(userId: UUID): Promise<ClientResponse<RefreshTokenResponse>>;
+    retrieveRefreshTokenById(tokenId: UUID): Promise<ClientResponse<RefreshTokenResponse>>;
     /**
      * Retrieves the refresh tokens that belong to the user with the given Id.
      *
@@ -1688,7 +1698,7 @@ export declare class FusionAuthClient {
      */
     retrieveTenant(tenantId: UUID): Promise<ClientResponse<TenantResponse>>;
     /**
-     * Retrieves all of the tenants.
+     * Retrieves all the tenants.
      *
      * @returns {Promise<ClientResponse<TenantResponse>>}
      */
@@ -1701,7 +1711,7 @@ export declare class FusionAuthClient {
      */
     retrieveTheme(themeId: UUID): Promise<ClientResponse<ThemeResponse>>;
     /**
-     * Retrieves all of the themes.
+     * Retrieves all the themes.
      *
      * @returns {Promise<ClientResponse<ThemeResponse>>}
      */
@@ -1720,6 +1730,18 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<TwoFactorRecoveryCodeResponse>>}
      */
     retrieveTwoFactorRecoveryCodes(userId: UUID): Promise<ClientResponse<TwoFactorRecoveryCodeResponse>>;
+    /**
+     * Retrieve a user's two-factor status.
+     *
+     * This can be used to see if a user will need to complete a two-factor challenge to complete a login,
+     * and optionally identify the state of the two-factor trust across various applications.
+     *
+     * @param {UUID} userId The user Id to retrieve the Two-Factor status.
+     * @param {UUID} applicationId The optional applicationId to verify.
+     * @param {string} twoFactorTrustId The optional two-factor trust Id to verify.
+     * @returns {Promise<ClientResponse<TwoFactorStatusResponse>>}
+     */
+    retrieveTwoFactorStatus(userId: UUID, applicationId: UUID, twoFactorTrustId: string): Promise<ClientResponse<TwoFactorStatusResponse>>;
     /**
      * Retrieves the user for the given Id.
      *
@@ -1750,7 +1772,7 @@ export declare class FusionAuthClient {
      */
     retrieveUserActionReasons(): Promise<ClientResponse<UserActionReasonResponse>>;
     /**
-     * Retrieves all of the user actions.
+     * Retrieves all the user actions.
      *
      * @returns {Promise<ClientResponse<UserActionResponse>>}
      */
@@ -1793,7 +1815,7 @@ export declare class FusionAuthClient {
      */
     retrieveUserByVerificationId(verificationId: string): Promise<ClientResponse<UserResponse>>;
     /**
-     * Retrieves all of the comments for the user with the given Id.
+     * Retrieves all the comments for the user with the given Id.
      *
      * @param {UUID} userId The Id of the user.
      * @returns {Promise<ClientResponse<UserCommentResponse>>}
@@ -1807,7 +1829,7 @@ export declare class FusionAuthClient {
      */
     retrieveUserConsent(userConsentId: UUID): Promise<ClientResponse<UserConsentResponse>>;
     /**
-     * Retrieves all of the consents for a User.
+     * Retrieves all the consents for a User.
      *
      * @param {UUID} userId The User's Id
      * @returns {Promise<ClientResponse<UserConsentResponse>>}
@@ -2019,6 +2041,13 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<EventLogSearchResponse>>}
      */
     searchEventLogs(request: EventLogSearchRequest): Promise<ClientResponse<EventLogSearchResponse>>;
+    /**
+     * Searches group members with the specified criteria and pagination.
+     *
+     * @param {GroupMemberSearchRequest} request The search criteria and pagination information.
+     * @returns {Promise<ClientResponse<GroupMemberSearchResponse>>}
+     */
+    searchGroupMembers(request: GroupMemberSearchRequest): Promise<ClientResponse<GroupMemberSearchResponse>>;
     /**
      * Searches the IP Access Control Lists with the specified criteria and pagination.
      *
@@ -2256,6 +2285,13 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<GroupResponse>>}
      */
     updateGroup(groupId: UUID, request: GroupRequest): Promise<ClientResponse<GroupResponse>>;
+    /**
+     * Creates a member in a group.
+     *
+     * @param {MemberRequest} request The request object that contains all the information used to create the group member(s).
+     * @returns {Promise<ClientResponse<MemberResponse>>}
+     */
+    updateGroupMembers(request: MemberRequest): Promise<ClientResponse<MemberResponse>>;
     /**
      * Updates the IP Access Control List with the given Id.
      *
@@ -2445,6 +2481,15 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<void>>}
      */
     verifyEmailAddress(request: VerifyEmailRequest): Promise<ClientResponse<void>>;
+    /**
+     * Administratively verify a user's email address. Use this method to bypass email verification for the user.
+     *
+     * The request body will contain the userId to be verified. An API key is required when sending the userId in the request body.
+     *
+     * @param {VerifyEmailRequest} request The request that contains the userId to verify.
+     * @returns {Promise<ClientResponse<void>>}
+     */
+    verifyEmailAddressByUserId(request: VerifyEmailRequest): Promise<ClientResponse<void>>;
     /**
      * Confirms an application registration. The Id given is usually from an email sent to the user.
      *
@@ -2488,6 +2533,7 @@ export interface AccessToken {
     expires_in?: number;
     id_token?: string;
     refresh_token?: string;
+    refresh_token_id?: UUID;
     scope?: string;
     token_type?: TokenType;
     userId?: UUID;
@@ -2534,6 +2580,9 @@ export declare enum Algorithm {
     HS256 = "HS256",
     HS384 = "HS384",
     HS512 = "HS512",
+    PS256 = "PS256",
+    PS384 = "PS384",
+    PS512 = "PS512",
     RS256 = "RS256",
     RS384 = "RS384",
     RS512 = "RS512",
@@ -2608,6 +2657,7 @@ export interface Application {
     cleanSpeakConfiguration?: CleanSpeakConfiguration;
     data?: Record<string, any>;
     emailConfiguration?: ApplicationEmailConfiguration;
+    externalIdentifierConfiguration?: ApplicationExternalIdentifierConfiguration;
     formConfiguration?: ApplicationFormConfiguration;
     id?: UUID;
     insertInstant?: number;
@@ -2654,11 +2704,10 @@ export interface ApplicationEmailConfiguration {
     twoFactorMethodRemoveEmailTemplateId?: UUID;
 }
 /**
- * Events that are bound to applications.
- *
- * @author Brian Pontarelli
+ * @author Daniel DeGroff
  */
-export interface ApplicationEvent {
+export interface ApplicationExternalIdentifierConfiguration {
+    twoFactorTrustIdTimeToLiveInSeconds?: number;
 }
 /**
  * @author Daniel DeGroff
@@ -2672,7 +2721,17 @@ export interface ApplicationFormConfiguration {
  */
 export interface ApplicationMultiFactorConfiguration {
     email?: MultiFactorEmailTemplate;
+    loginPolicy?: MultiFactorLoginPolicy;
     sms?: MultiFactorSMSTemplate;
+    trustPolicy?: ApplicationMultiFactorTrustPolicy;
+}
+/**
+ * @author Daniel DeGroff
+ */
+export declare enum ApplicationMultiFactorTrustPolicy {
+    Any = "Any",
+    This = "This",
+    None = "None"
 }
 /**
  * A Application-level policy for deleting Users.
@@ -2690,7 +2749,6 @@ export interface ApplicationRegistrationDeletePolicy {
 export interface ApplicationRequest extends BaseEventRequest {
     application?: Application;
     role?: ApplicationRole;
-    webhookIds?: Array<UUID>;
 }
 /**
  * The Application API response.
@@ -2848,6 +2906,7 @@ export interface BaseElasticSearchCriteria extends BaseSearchCriteria {
  * @author Brian Pontarelli
  */
 export interface BaseEvent {
+    applicationIds?: Array<UUID>;
     createInstant?: number;
     id?: UUID;
     info?: EventInfo;
@@ -3233,6 +3292,7 @@ export interface EmailAddress {
  */
 export interface EmailConfiguration {
     additionalHeaders?: Array<EmailHeader>;
+    debug?: boolean;
     defaultFromEmail?: string;
     defaultFromName?: string;
     emailUpdateEmailTemplateId?: UUID;
@@ -3521,7 +3581,7 @@ export interface EntityTypeSearchRequest {
     search?: EntityTypeSearchCriteria;
 }
 /**
- * Search request for entity types.
+ * Search response for entity types.
  *
  * @author Brian Pontarelli
  */
@@ -3685,10 +3745,12 @@ export declare enum EventType {
     UserDeactivate = "user.deactivate",
     UserDelete = "user.delete",
     UserDeleteComplete = "user.delete.complete",
-    UserLoginIdDuplicateOnCreate = "user.loginId.duplicate.create",
-    UserLoginIdDuplicateOnUpdate = "user.loginId.duplicate.update",
     UserEmailUpdate = "user.email.update",
     UserEmailVerified = "user.email.verified",
+    UserIdentityProviderLink = "user.identity-provider.link",
+    UserIdentityProviderUnlink = "user.identity-provider.unlink",
+    UserLoginIdDuplicateOnCreate = "user.loginId.duplicate.create",
+    UserLoginIdDuplicateOnUpdate = "user.loginId.duplicate.update",
     UserLoginFailed = "user.login.failed",
     UserLoginNewDevice = "user.login.new-device",
     UserLoginSuccess = "user.login.success",
@@ -4108,8 +4170,35 @@ export interface GroupMember {
     groupId?: UUID;
     id?: UUID;
     insertInstant?: number;
+    user?: User;
     userId?: UUID;
 }
+/**
+ * Search criteria for Group Members
+ *
+ * @author Daniel DeGroff
+ */
+export interface GroupMemberSearchCriteria extends BaseSearchCriteria {
+    groupId?: UUID;
+    userId?: UUID;
+}
+/**
+ * Search request for Group Members.
+ *
+ * @author Daniel DeGroff
+ */
+export interface GroupMemberSearchRequest {
+    search?: GroupMemberSearchCriteria;
+}
+/**
+ * Search response for Group Members
+ *
+ * @author Daniel DeGroff
+ */
+export interface GroupMemberSearchResponse {
+    members?: Array<GroupMember>;
+    total?: number;
+}
 /**
  * Group API request object.
  *
@@ -4202,6 +4291,7 @@ export interface IdentityProviderLink {
  */
 export declare enum IdentityProviderLinkingStrategy {
     CreatePendingLink = "CreatePendingLink",
+    Disabled = "Disabled",
     LinkAnonymously = "LinkAnonymously",
     LinkByEmail = "LinkByEmail",
     LinkByEmailForExistingUser = "LinkByEmailForExistingUser",
@@ -4212,7 +4302,7 @@ export declare enum IdentityProviderLinkingStrategy {
 /**
  * @author Daniel DeGroff
  */
-export interface IdentityProviderLinkRequest {
+export interface IdentityProviderLinkRequest extends BaseEventRequest {
     displayName?: string;
     identityProviderId?: UUID;
     identityProviderUserId?: string;
@@ -4511,7 +4601,6 @@ export interface JWTConfiguration extends Enableable {
  * @author Brian Pontarelli
  */
 export interface JWTPublicKeyUpdateEvent extends BaseEvent {
-    applicationIds?: Array<UUID>;
 }
 /**
  * Models the JWT Refresh Event. This event will be fired when a JWT is "refreshed" (generated) using a Refresh Token.
@@ -4528,12 +4617,14 @@ export interface JWTRefreshEvent extends BaseEvent {
 /**
  * API response for refreshing a JWT with a Refresh Token.
  * <p>
- * Using a different response object from RefreshTokenResponse because the retrieve response will return an object for refreshToken, and this is a string.
+ * Using a different response object from RefreshTokenResponse because the retrieve response will return an object for refreshToken, and this is a
+ * string.
  *
  * @author Daniel DeGroff
  */
 export interface JWTRefreshResponse {
     refreshToken?: string;
+    refreshTokenId?: UUID;
     token?: string;
 }
 /**
@@ -4545,6 +4636,7 @@ export interface JWTRefreshResponse {
 export interface JWTRefreshTokenRevokeEvent extends BaseEvent {
     applicationId?: UUID;
     applicationTimeToLiveInSeconds?: Record<UUID, number>;
+    refreshToken?: RefreshToken;
     user?: User;
     userId?: UUID;
 }
@@ -4650,9 +4742,15 @@ export declare enum KeyUse {
 export interface KickstartSuccessEvent extends BaseEvent {
     instanceId?: UUID;
 }
-export interface Lambda extends Enableable {
+/**
+ * A JavaScript lambda function that is executed during certain events inside FusionAuth.
+ *
+ * @author Brian Pontarelli
+ */
+export interface Lambda {
     body?: string;
     debug?: boolean;
+    engineType?: LambdaEngineType;
     id?: UUID;
     insertInstant?: number;
     lastUpdateInstant?: number;
@@ -4670,6 +4768,13 @@ export interface LambdaConfiguration {
 export interface LambdaConfiguration {
     reconcileId?: UUID;
 }
+/**
+ * @author Daniel DeGroff
+ */
+export declare enum LambdaEngineType {
+    GraalJS = "GraalJS",
+    Nashorn = "Nashorn"
+}
 /**
  * Lambda API request object.
  *
@@ -4711,7 +4816,11 @@ export declare enum LambdaType {
     SteamReconcile = "SteamReconcile",
     TwitchReconcile = "TwitchReconcile",
     XboxReconcile = "XboxReconcile",
-    ClientCredentialsJWTPopulate = "ClientCredentialsJWTPopulate"
+    ClientCredentialsJWTPopulate = "ClientCredentialsJWTPopulate",
+    SCIMServerGroupRequestConverter = "SCIMServerGroupRequestConverter",
+    SCIMServerGroupResponseConverter = "SCIMServerGroupResponseConverter",
+    SCIMServerUserRequestConverter = "SCIMServerUserRequestConverter",
+    SCIMServerUserResponseConverter = "SCIMServerUserResponseConverter"
 }
 /**
  * Models an LDAP connector.
@@ -4799,6 +4908,14 @@ export declare enum LoginIdType {
     email = "email",
     username = "username"
 }
+/**
+ * Login Ping API request object.
+ *
+ * @author Daniel DeGroff
+ */
+export interface LoginPingRequest extends BaseLoginRequest {
+    userId?: UUID;
+}
 /**
  * The summary of the action that is preventing login to be returned on the login response.
  *
@@ -4881,6 +4998,7 @@ export interface LoginResponse {
     methods?: Array<TwoFactorMethod>;
     pendingIdPLinkId?: string;
     refreshToken?: string;
+    refreshTokenId?: UUID;
     registrationVerificationId?: string;
     state?: Record<string, any>;
     threatsDetected?: Array<AuthenticationThreats>;
@@ -5049,6 +5167,13 @@ export interface MultiFactorEmailMethod extends Enableable {
 export interface MultiFactorEmailTemplate {
     templateId?: UUID;
 }
+/**
+ * @author Daniel DeGroff
+ */
+export declare enum MultiFactorLoginPolicy {
+    Disabled = "Disabled",
+    Enabled = "Enabled"
+}
 export interface MultiFactorSMSMethod extends Enableable {
     messengerId?: UUID;
     templateId?: UUID;
@@ -5063,7 +5188,10 @@ export interface NintendoApplicationConfiguration extends BaseIdentityProviderAp
     buttonText?: string;
     client_id?: string;
     client_secret?: string;
+    emailClaim?: string;
     scope?: string;
+    uniqueIdClaim?: string;
+    usernameClaim?: string;
 }
 /**
  * Nintendo gaming login provider.
@@ -5074,7 +5202,10 @@ export interface NintendoIdentityProvider extends BaseIdentityProvider<NintendoA
     buttonText?: string;
     client_id?: string;
     client_secret?: string;
+    emailClaim?: string;
     scope?: string;
+    uniqueIdClaim?: string;
+    usernameClaim?: string;
 }
 /**
  * A marker interface indicating this event cannot be made transactional.
@@ -5120,6 +5251,7 @@ export interface OAuthError {
     error_reason?: OAuthErrorReason;
     error_uri?: string;
     two_factor_id?: string;
+    two_factor_methods?: Array<TwoFactorMethod>;
 }
 export declare enum OAuthErrorReason {
     auth_code_not_found = "auth_code_not_found",
@@ -5462,13 +5594,18 @@ export interface ReactorResponse {
  */
 export interface ReactorStatus {
     advancedIdentityProviders?: ReactorFeatureStatus;
+    advancedLambdas?: ReactorFeatureStatus;
     advancedMultiFactorAuthentication?: ReactorFeatureStatus;
     advancedRegistration?: ReactorFeatureStatus;
+    applicationMultiFactorAuthentication?: ReactorFeatureStatus;
     applicationThemes?: ReactorFeatureStatus;
     breachedPasswordDetection?: ReactorFeatureStatus;
     connectors?: ReactorFeatureStatus;
     entityManagement?: ReactorFeatureStatus;
+    expiration?: string;
+    licenseAttributes?: Record<string, string>;
     licensed?: boolean;
+    scimServer?: ReactorFeatureStatus;
     threatDetection?: ReactorFeatureStatus;
 }
 /**
@@ -5997,6 +6134,7 @@ export interface Tenant {
     insertInstant?: number;
     issuer?: string;
     jwtConfiguration?: JWTConfiguration;
+    lambdaConfiguration?: TenantLambdaConfiguration;
     lastUpdateInstant?: number;
     loginConfiguration?: TenantLoginConfiguration;
     logoutURL?: string;
@@ -6009,6 +6147,7 @@ export interface Tenant {
     passwordValidationRules?: PasswordValidationRules;
     rateLimitConfiguration?: TenantRateLimitConfiguration;
     registrationConfiguration?: TenantRegistrationConfiguration;
+    scimServerConfiguration?: TenantSCIMServerConfiguration;
     ssoConfiguration?: TenantSSOConfiguration;
     state?: ObjectState;
     themeId?: UUID;
@@ -6049,6 +6188,17 @@ export interface TenantDeleteRequest extends BaseEventRequest {
 export interface TenantFormConfiguration {
     adminUserFormId?: UUID;
 }
+/**
+ * @author Rob Davis
+ */
+export interface TenantLambdaConfiguration {
+    scimEnterpriseUserRequestConverterId?: UUID;
+    scimEnterpriseUserResponseConverterId?: UUID;
+    scimGroupRequestConverterId?: UUID;
+    scimGroupResponseConverterId?: UUID;
+    scimUserRequestConverterId?: UUID;
+    scimUserResponseConverterId?: UUID;
+}
 /**
  * @author Daniel DeGroff
  */
@@ -6061,6 +6211,7 @@ export interface TenantLoginConfiguration {
 export interface TenantMultiFactorConfiguration {
     authenticator?: MultiFactorAuthenticatorMethod;
     email?: MultiFactorEmailMethod;
+    loginPolicy?: MultiFactorLoginPolicy;
     sms?: MultiFactorSMSMethod;
 }
 export interface TenantOAuth2Configuration {
@@ -6089,6 +6240,7 @@ export interface TenantRegistrationConfiguration {
 export interface TenantRequest extends BaseEventRequest {
     sourceTenantId?: UUID;
     tenant?: Tenant;
+    webhookIds?: Array<UUID>;
 }
 /**
  * @author Daniel DeGroff
@@ -6097,6 +6249,14 @@ export interface TenantResponse {
     tenant?: Tenant;
     tenants?: Array<Tenant>;
 }
+/**
+ * @author Rob Davis
+ */
+export interface TenantSCIMServerConfiguration extends Enableable {
+    clientEntityTypeId?: UUID;
+    schemas?: Record<string, any>;
+    serverEntityTypeId?: UUID;
+}
 /**
  * @author Brett Pontarelli
  */
@@ -6357,6 +6517,18 @@ export interface TwoFactorStartResponse {
     methods?: Array<TwoFactorMethod>;
     twoFactorId?: string;
 }
+/**
+ * @author Daniel DeGroff
+ */
+export interface TwoFactorStatusResponse {
+    trusts?: Array<TwoFactorTrust>;
+    twoFactorTrustId?: string;
+}
+export interface TwoFactorTrust {
+    applicationId?: UUID;
+    expiration?: number;
+    startInstant?: number;
+}
 export interface UIConfiguration {
     headerColor?: string;
     logoURL?: string;
@@ -6442,7 +6614,6 @@ export interface UserActionEvent extends BaseEvent {
     actioneeUserId?: UUID;
     actionerUserId?: UUID;
     actionId?: UUID;
-    applicationIds?: Array<UUID>;
     comment?: string;
     email?: Email;
     emailedUser?: boolean;
@@ -6713,6 +6884,24 @@ export interface UserEmailUpdateEvent extends BaseEvent {
 export interface UserEmailVerifiedEvent extends BaseEvent {
     user?: User;
 }
+/**
+ * Models the User Identity Provider Link Event.
+ *
+ * @author Rob Davis
+ */
+export interface UserIdentityProviderLinkEvent extends BaseEvent {
+    identityProviderLink?: IdentityProviderLink;
+    user?: User;
+}
+/**
+ * Models the User Identity Provider Unlink Event.
+ *
+ * @author Rob Davis
+ */
+export interface UserIdentityProviderUnlinkEvent extends BaseEvent {
+    identityProviderLink?: IdentityProviderLink;
+    user?: User;
+}
 /**
  * @author Daniel DeGroff
  */
@@ -7028,6 +7217,7 @@ export declare enum VerificationStrategy {
  */
 export interface VerifyEmailRequest extends BaseEventRequest {
     oneTimeCode?: string;
+    userId?: UUID;
     verificationId?: string;
 }
 /**
@@ -7063,7 +7253,6 @@ export interface VersionResponse {
  * @author Brian Pontarelli
  */
 export interface Webhook {
-    applicationIds?: Array<UUID>;
     connectTimeout?: number;
     data?: Record<string, any>;
     description?: string;
@@ -7077,6 +7266,7 @@ export interface Webhook {
     lastUpdateInstant?: number;
     readTimeout?: number;
     sslCertificate?: string;
+    tenantIds?: Array<UUID>;
     url?: string;
 }
 /**