npm - @fusionauth/typescript-client - Versions diffs - 1.49.1 → 1.50.0 - Mend

@fusionauth/typescript-client 1.49.1 → 1.50.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md +8 -0
package/build/src/FusionAuthClient.d.ts +3858 -3715
package/build/src/FusionAuthClient.js +766 -627
package/build/src/FusionAuthClient.js.map +1 -1
package/dist/fusionauth-typescript-client.js +767 -628
package/dist/fusionauth-typescript-client.min.js +1 -1
package/dist/fusionauth-typescript-client.min.js.map +1 -1
package/package.json +1 -1

package/build/src/FusionAuthClient.js CHANGED Viewed

@@ -15,7 +15,7 @@
 * language governing permissions and limitations under the License.
 */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.OAuthErrorReason = exports.RefreshTokenExpirationPolicy = exports.Oauth2AuthorizedURLValidationPolicy = exports.SAMLv2DestinationAssertionPolicy = exports.LambdaType = exports.MultiFactorLoginPolicy = exports.WebAuthnWorkflow = exports.UserVerificationRequirement = exports.ResidentKeyRequirement = exports.PublicKeyCredentialType = exports.CoseKeyType = exports.CoseEllipticCurve = exports.CoseAlgorithmIdentifier = exports.AuthenticatorAttachmentPreference = exports.AuthenticatorAttachment = exports.AttestationType = exports.AttestationConveyancePreference = exports.XMLSignatureLocation = exports.SAMLLogoutBehavior = exports.RegistrationType = exports.LoginIdType = exports.ContentStatus = exports.Algorithm = exports.CaptchaMethod = exports.ApplicationMultiFactorTrustPolicy = exports.ConsentStatus = exports.ClientAuthenticationMethod = exports.SystemTrustedProxyConfigurationPolicy = exports.AuthenticationThreats = exports.IdentityProviderLoginMethod = exports.EventType = exports.ChangePasswordReason = exports.CanonicalizationMethod = exports.TOTPAlgorithm = exports.BreachedPasswordStatus = exports.VerificationStrategy = exports.IdentityProviderType = exports.SteamAPIMode = exports.ObjectState = exports.KeyType = exports.KeyAlgorithm = exports.Sort = exports.FamilyRole = exports.ExpiryUnit = exports.EventLogType = exports.EmailSecurityType = exports.UserActionPhase = exports.IPAccessControlEntryAction = exports.IdentityProviderLinkingStrategy = exports.FormDataType = exports.SecureGeneratorType = exports.FormType = exports.BreachAction = exports.ClientAuthenticationPolicy = exports.LambdaEngineType = exports.KeyUse = exports.RateLimitedRequestType = exports.DeviceType = exports.OAuthErrorType = exports.RefreshTokenUsagePolicy = exports.UnverifiedBehavior = exports.TransactionType = exports.LDAPSecurityMethod = exports.MessageType = exports.ProofKeyForCodeExchangePolicy = exports.BreachMatchMode = exports.ConnectorType = exports.FormControl = exports.UserState = exports.FormFieldAdminPolicy = exports.HTTPMethod = exports.TokenType = exports.GrantType = exports.MessengerType = exports.ReactorFeatureStatus = exports.UniqueUsernameStrategy = exports.LogoutBehavior = exports.FusionAuthClient = void 0;
+exports.IdentityProviderLoginMethod = exports.OAuthScopeConsentMode = exports.ClientAuthenticationMethod = exports.OAuthErrorReason = exports.UnknownScopePolicy = exports.WebAuthnWorkflow = exports.Oauth2AuthorizedURLValidationPolicy = exports.LogoutBehavior = exports.OAuthScopeHandlingPolicy = exports.RateLimitedRequestType = exports.CanonicalizationMethod = exports.SecureGeneratorType = exports.VerificationStrategy = exports.UniqueUsernameStrategy = exports.LDAPSecurityMethod = exports.TOTPAlgorithm = exports.EventType = exports.SystemTrustedProxyConfigurationPolicy = exports.IdentityProviderType = exports.MessengerType = exports.ExpiryUnit = exports.EmailSecurityType = exports.ChangePasswordReason = exports.SteamAPIMode = exports.UserVerificationRequirement = exports.TransactionType = exports.FamilyRole = exports.KeyUse = exports.Algorithm = exports.EventLogType = exports.BreachAction = exports.IdentityProviderLinkingStrategy = exports.SAMLLogoutBehavior = exports.Sort = exports.OAuthErrorType = exports.LambdaEngineType = exports.UserActionPhase = exports.UnverifiedBehavior = exports.RefreshTokenExpirationPolicy = exports.RegistrationType = exports.LoginIdType = exports.CoseEllipticCurve = exports.AuthenticatorAttachment = exports.MultiFactorLoginPolicy = exports.ConnectorType = exports.KeyType = exports.AttestationType = exports.FormType = exports.KeyAlgorithm = exports.CaptchaMethod = exports.DeviceType = exports.RefreshTokenUsagePolicy = exports.ClientAuthenticationPolicy = exports.ResidentKeyRequirement = exports.AuthenticationThreats = exports.ObjectState = exports.AttestationConveyancePreference = exports.LambdaType = exports.CoseAlgorithmIdentifier = exports.HTTPMethod = exports.FormFieldAdminPolicy = exports.PublicKeyCredentialType = exports.SAMLv2DestinationAssertionPolicy = exports.CoseKeyType = exports.BreachMatchMode = exports.FormControl = exports.ContentStatus = exports.MessageType = exports.IPAccessControlEntryAction = exports.AuthenticatorAttachmentPreference = exports.XMLSignatureLocation = exports.TokenType = exports.ProofKeyForCodeExchangePolicy = exports.ReactorFeatureStatus = exports.OAuthApplicationRelationship = exports.GrantType = exports.UserState = exports.ApplicationMultiFactorTrustPolicy = exports.ConsentStatus = exports.BreachedPasswordStatus = exports.FormDataType = exports.FusionAuthClient = void 0;
 const DefaultRESTClientBuilder_1 = require("./DefaultRESTClientBuilder");
 const url_1 = require("url");
 class FusionAuthClient {
@@ -235,7 +235,7 @@ class FusionAuthClient {
      * Adds a comment to the user's account.
      *
      * @param {UserCommentRequest} request The request object that contains all the information used to create the user comment.
-     * @returns {Promise<ClientResponse<void>>}
+     * @returns {Promise<ClientResponse<UserCommentResponse>>}
      */
     commentOnUser(request) {
         return this.start()
@@ -594,6 +594,25 @@ class FusionAuthClient {
             .withMethod("POST")
             .go();
     }
+    /**
+     * Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for.
+     * You can optionally specify an Id for the OAuth scope on the URL, if not provided one will be generated.
+     *
+     * @param {UUID} applicationId The Id of the application to create the OAuth scope on.
+     * @param {UUID} scopeId (Optional) The Id of the OAuth scope. If not provided a secure random UUID will be generated.
+     * @param {ApplicationOAuthScopeRequest} request The request object that contains all the information used to create the OAuth OAuth scope.
+     * @returns {Promise<ClientResponse<ApplicationOAuthScopeResponse>>}
+     */
+    createOAuthScope(applicationId, scopeId, request) {
+        return this.start()
+            .withUri('/api/application')
+            .withUriSegment(applicationId)
+            .withUriSegment("scope")
+            .withUriSegment(scopeId)
+            .withJSONBody(request)
+            .withMethod("POST")
+            .go();
+    }
     /**
      * Creates a tenant. You can optionally specify an Id for the tenant, if not provided one will be generated.
      *
@@ -830,7 +849,7 @@ class FusionAuthClient {
      * Hard deletes an application role. This is a dangerous operation and should not be used in most circumstances. This
      * permanently removes the given role from all users that had it.
      *
-     * @param {UUID} applicationId The Id of the application to deactivate.
+     * @param {UUID} applicationId The Id of the application that the role belongs to.
      * @param {UUID} roleId The Id of the role to delete.
      * @returns {Promise<ClientResponse<void>>}
      */
@@ -1073,6 +1092,23 @@ class FusionAuthClient {
             .withMethod("DELETE")
             .go();
     }
+    /**
+     * Hard deletes a custom OAuth scope.
+     * OAuth workflows that are still requesting the deleted OAuth scope may fail depending on the application's unknown scope policy.
+     *
+     * @param {UUID} applicationId The Id of the application that the OAuth scope belongs to.
+     * @param {UUID} scopeId The Id of the OAuth scope to delete.
+     * @returns {Promise<ClientResponse<void>>}
+     */
+    deleteOAuthScope(applicationId, scopeId) {
+        return this.start()
+            .withUri('/api/application')
+            .withUriSegment(applicationId)
+            .withUriSegment("scope")
+            .withUriSegment(scopeId)
+            .withMethod("DELETE")
+            .go();
+    }
     /**
      * Deletes the user registration for the given user and application.
      *
@@ -2030,6 +2066,24 @@ class FusionAuthClient {
             .withMethod("PATCH")
             .go();
     }
+    /**
+     * Updates, via PATCH, the custom OAuth scope with the given Id for the application.
+     *
+     * @param {UUID} applicationId The Id of the application that the OAuth scope belongs to.
+     * @param {UUID} scopeId The Id of the OAuth scope to update.
+     * @param {ApplicationOAuthScopeRequest} request The request that contains just the new OAuth scope information.
+     * @returns {Promise<ClientResponse<ApplicationOAuthScopeResponse>>}
+     */
+    patchOAuthScope(applicationId, scopeId, request) {
+        return this.start()
+            .withUri('/api/application')
+            .withUriSegment(applicationId)
+            .withUriSegment("scope")
+            .withUriSegment(scopeId)
+            .withJSONBody(request)
+            .withMethod("PATCH")
+            .go();
+    }
     /**
      * Updates, via PATCH, the registration for the user with the given Id and the application defined in the request.
      *
@@ -3022,6 +3076,22 @@ class FusionAuthClient {
             .withMethod("GET")
             .go();
     }
+    /**
+     * Retrieves a custom OAuth scope.
+     *
+     * @param {UUID} applicationId The Id of the application that the OAuth scope belongs to.
+     * @param {UUID} scopeId The Id of the OAuth scope to retrieve.
+     * @returns {Promise<ClientResponse<ApplicationOAuthScopeResponse>>}
+     */
+    retrieveOAuthScope(applicationId, scopeId) {
+        return this.start()
+            .withUri('/api/application')
+            .withUriSegment(applicationId)
+            .withUriSegment("scope")
+            .withUriSegment(scopeId)
+            .withMethod("GET")
+            .go();
+    }
     /**
      * Retrieves the Oauth2 configuration for the application for the given Application Id.
      *
@@ -4641,6 +4711,24 @@ class FusionAuthClient {
             .withMethod("PUT")
             .go();
     }
+    /**
+     * Updates the OAuth scope with the given Id for the application.
+     *
+     * @param {UUID} applicationId The Id of the application that the OAuth scope belongs to.
+     * @param {UUID} scopeId The Id of the OAuth scope to update.
+     * @param {ApplicationOAuthScopeRequest} request The request that contains all the new OAuth scope information.
+     * @returns {Promise<ClientResponse<ApplicationOAuthScopeResponse>>}
+     */
+    updateOAuthScope(applicationId, scopeId, request) {
+        return this.start()
+            .withUri('/api/application')
+            .withUriSegment(applicationId)
+            .withUriSegment("scope")
+            .withUriSegment(scopeId)
+            .withJSONBody(request)
+            .withMethod("PUT")
+            .go();
+    }
     /**
      * Updates the registration for the user with the given Id and the application defined in the request.
      *
@@ -4953,38 +5041,57 @@ class FusionAuthClient {
 exports.FusionAuthClient = FusionAuthClient;
 exports.default = FusionAuthClient;
 /**
- * @author Matthew Altman
+ * @author Daniel DeGroff
  */
-var LogoutBehavior;
-(function (LogoutBehavior) {
-    LogoutBehavior["RedirectOnly"] = "RedirectOnly";
-    LogoutBehavior["AllApplications"] = "AllApplications";
-})(LogoutBehavior = exports.LogoutBehavior || (exports.LogoutBehavior = {}));
-var UniqueUsernameStrategy;
-(function (UniqueUsernameStrategy) {
-    UniqueUsernameStrategy["Always"] = "Always";
-    UniqueUsernameStrategy["OnCollision"] = "OnCollision";
-})(UniqueUsernameStrategy = exports.UniqueUsernameStrategy || (exports.UniqueUsernameStrategy = {}));
+var FormDataType;
+(function (FormDataType) {
+    FormDataType["bool"] = "bool";
+    FormDataType["consent"] = "consent";
+    FormDataType["date"] = "date";
+    FormDataType["email"] = "email";
+    FormDataType["number"] = "number";
+    FormDataType["string"] = "string";
+})(FormDataType = exports.FormDataType || (exports.FormDataType = {}));
 /**
- * @author Brian Pontarelli
+ * @author Daniel DeGroff
  */
-var ReactorFeatureStatus;
-(function (ReactorFeatureStatus) {
-    ReactorFeatureStatus["ACTIVE"] = "ACTIVE";
-    ReactorFeatureStatus["DISCONNECTED"] = "DISCONNECTED";
-    ReactorFeatureStatus["PENDING"] = "PENDING";
-    ReactorFeatureStatus["DISABLED"] = "DISABLED";
-    ReactorFeatureStatus["UNKNOWN"] = "UNKNOWN";
-})(ReactorFeatureStatus = exports.ReactorFeatureStatus || (exports.ReactorFeatureStatus = {}));
+var BreachedPasswordStatus;
+(function (BreachedPasswordStatus) {
+    BreachedPasswordStatus["None"] = "None";
+    BreachedPasswordStatus["ExactMatch"] = "ExactMatch";
+    BreachedPasswordStatus["SubAddressMatch"] = "SubAddressMatch";
+    BreachedPasswordStatus["PasswordOnly"] = "PasswordOnly";
+    BreachedPasswordStatus["CommonPassword"] = "CommonPassword";
+})(BreachedPasswordStatus = exports.BreachedPasswordStatus || (exports.BreachedPasswordStatus = {}));
 /**
- * @author Brett Guy
+ * Models a consent.
+ *
+ * @author Daniel DeGroff
  */
-var MessengerType;
-(function (MessengerType) {
-    MessengerType["Generic"] = "Generic";
-    MessengerType["Kafka"] = "Kafka";
-    MessengerType["Twilio"] = "Twilio";
-})(MessengerType = exports.MessengerType || (exports.MessengerType = {}));
+var ConsentStatus;
+(function (ConsentStatus) {
+    ConsentStatus["Active"] = "Active";
+    ConsentStatus["Revoked"] = "Revoked";
+})(ConsentStatus = exports.ConsentStatus || (exports.ConsentStatus = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var ApplicationMultiFactorTrustPolicy;
+(function (ApplicationMultiFactorTrustPolicy) {
+    ApplicationMultiFactorTrustPolicy["Any"] = "Any";
+    ApplicationMultiFactorTrustPolicy["This"] = "This";
+    ApplicationMultiFactorTrustPolicy["None"] = "None";
+})(ApplicationMultiFactorTrustPolicy = exports.ApplicationMultiFactorTrustPolicy || (exports.ApplicationMultiFactorTrustPolicy = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var UserState;
+(function (UserState) {
+    UserState["Authenticated"] = "Authenticated";
+    UserState["AuthenticatedNotRegistered"] = "AuthenticatedNotRegistered";
+    UserState["AuthenticatedNotVerified"] = "AuthenticatedNotVerified";
+    UserState["AuthenticatedRegistrationNotVerified"] = "AuthenticatedRegistrationNotVerified";
+})(UserState = exports.UserState || (exports.UserState = {}));
 /**
  * Authorization Grant types as defined by the <a href="https://tools.ietf.org/html/rfc6749">The OAuth 2.0 Authorization
  * Framework - RFC 6749</a>.
@@ -5004,6 +5111,37 @@ var GrantType;
     GrantType["unknown"] = "unknown";
     GrantType["device_code"] = "urn:ietf:params:oauth:grant-type:device_code";
 })(GrantType = exports.GrantType || (exports.GrantType = {}));
+/**
+ * The application's relationship to the authorization server. First-party applications will be granted implicit permission for requested scopes.
+ * Third-party applications will use the {@link OAuthScopeConsentMode} policy.
+ *
+ * @author Spencer Witt
+ */
+var OAuthApplicationRelationship;
+(function (OAuthApplicationRelationship) {
+    OAuthApplicationRelationship["FirstParty"] = "FirstParty";
+    OAuthApplicationRelationship["ThirdParty"] = "ThirdParty";
+})(OAuthApplicationRelationship = exports.OAuthApplicationRelationship || (exports.OAuthApplicationRelationship = {}));
+/**
+ * @author Brian Pontarelli
+ */
+var ReactorFeatureStatus;
+(function (ReactorFeatureStatus) {
+    ReactorFeatureStatus["ACTIVE"] = "ACTIVE";
+    ReactorFeatureStatus["DISCONNECTED"] = "DISCONNECTED";
+    ReactorFeatureStatus["PENDING"] = "PENDING";
+    ReactorFeatureStatus["DISABLED"] = "DISABLED";
+    ReactorFeatureStatus["UNKNOWN"] = "UNKNOWN";
+})(ReactorFeatureStatus = exports.ReactorFeatureStatus || (exports.ReactorFeatureStatus = {}));
+/**
+ * @author Brett Guy
+ */
+var ProofKeyForCodeExchangePolicy;
+(function (ProofKeyForCodeExchangePolicy) {
+    ProofKeyForCodeExchangePolicy["Required"] = "Required";
+    ProofKeyForCodeExchangePolicy["NotRequired"] = "NotRequired";
+    ProofKeyForCodeExchangePolicy["NotRequiredWhenUsingClientAuthentication"] = "NotRequiredWhenUsingClientAuthentication";
+})(ProofKeyForCodeExchangePolicy = exports.ProofKeyForCodeExchangePolicy || (exports.ProofKeyForCodeExchangePolicy = {}));
 /**
  * <ul>
  * <li>Bearer Token type as defined by <a href="https://tools.ietf.org/html/rfc6750">RFC 6750</a>.</li>
@@ -5020,37 +5158,48 @@ var TokenType;
     TokenType["Bearer"] = "Bearer";
     TokenType["MAC"] = "MAC";
 })(TokenType = exports.TokenType || (exports.TokenType = {}));
+var XMLSignatureLocation;
+(function (XMLSignatureLocation) {
+    XMLSignatureLocation["Assertion"] = "Assertion";
+    XMLSignatureLocation["Response"] = "Response";
+})(XMLSignatureLocation = exports.XMLSignatureLocation || (exports.XMLSignatureLocation = {}));
 /**
- * @author Daniel DeGroff
+ * Describes the authenticator attachment modality preference for a WebAuthn workflow. See {@link AuthenticatorAttachment}
+ *
+ * @author Spencer Witt
  */
-var HTTPMethod;
-(function (HTTPMethod) {
-    HTTPMethod["GET"] = "GET";
-    HTTPMethod["POST"] = "POST";
-    HTTPMethod["PUT"] = "PUT";
-    HTTPMethod["DELETE"] = "DELETE";
-    HTTPMethod["HEAD"] = "HEAD";
-    HTTPMethod["OPTIONS"] = "OPTIONS";
-    HTTPMethod["PATCH"] = "PATCH";
-})(HTTPMethod = exports.HTTPMethod || (exports.HTTPMethod = {}));
+var AuthenticatorAttachmentPreference;
+(function (AuthenticatorAttachmentPreference) {
+    AuthenticatorAttachmentPreference["any"] = "any";
+    AuthenticatorAttachmentPreference["platform"] = "platform";
+    AuthenticatorAttachmentPreference["crossPlatform"] = "crossPlatform";
+})(AuthenticatorAttachmentPreference = exports.AuthenticatorAttachmentPreference || (exports.AuthenticatorAttachmentPreference = {}));
 /**
- * @author Daniel DeGroff
+ * @author Brett Guy
  */
-var FormFieldAdminPolicy;
-(function (FormFieldAdminPolicy) {
-    FormFieldAdminPolicy["Edit"] = "Edit";
-    FormFieldAdminPolicy["View"] = "View";
-})(FormFieldAdminPolicy = exports.FormFieldAdminPolicy || (exports.FormFieldAdminPolicy = {}));
+var IPAccessControlEntryAction;
+(function (IPAccessControlEntryAction) {
+    IPAccessControlEntryAction["Allow"] = "Allow";
+    IPAccessControlEntryAction["Block"] = "Block";
+})(IPAccessControlEntryAction = exports.IPAccessControlEntryAction || (exports.IPAccessControlEntryAction = {}));
 /**
- * @author Daniel DeGroff
+ * @author Mikey Sleevi
  */
-var UserState;
-(function (UserState) {
-    UserState["Authenticated"] = "Authenticated";
-    UserState["AuthenticatedNotRegistered"] = "AuthenticatedNotRegistered";
-    UserState["AuthenticatedNotVerified"] = "AuthenticatedNotVerified";
-    UserState["AuthenticatedRegistrationNotVerified"] = "AuthenticatedRegistrationNotVerified";
-})(UserState = exports.UserState || (exports.UserState = {}));
+var MessageType;
+(function (MessageType) {
+    MessageType["SMS"] = "SMS";
+})(MessageType = exports.MessageType || (exports.MessageType = {}));
+/**
+ * Status for content like usernames, profile attributes, etc.
+ *
+ * @author Brian Pontarelli
+ */
+var ContentStatus;
+(function (ContentStatus) {
+    ContentStatus["ACTIVE"] = "ACTIVE";
+    ContentStatus["PENDING"] = "PENDING";
+    ContentStatus["REJECTED"] = "REJECTED";
+})(ContentStatus = exports.ContentStatus || (exports.ContentStatus = {}));
 /**
  * @author Daniel DeGroff
  */
@@ -5064,17 +5213,6 @@ var FormControl;
     FormControl["textarea"] = "textarea";
     FormControl["text"] = "text";
 })(FormControl = exports.FormControl || (exports.FormControl = {}));
-/**
- * The types of connectors. This enum is stored as an ordinal on the <code>identities</code> table, order must be maintained.
- *
- * @author Trevor Smith
- */
-var ConnectorType;
-(function (ConnectorType) {
-    ConnectorType["FusionAuth"] = "FusionAuth";
-    ConnectorType["Generic"] = "Generic";
-    ConnectorType["LDAP"] = "LDAP";
-})(ConnectorType = exports.ConnectorType || (exports.ConnectorType = {}));
 var BreachMatchMode;
 (function (BreachMatchMode) {
     BreachMatchMode["Low"] = "Low";
@@ -5082,48 +5220,157 @@ var BreachMatchMode;
     BreachMatchMode["High"] = "High";
 })(BreachMatchMode = exports.BreachMatchMode || (exports.BreachMatchMode = {}));
 /**
- * @author Brett Guy
+ * COSE key type
+ *
+ * @author Spencer Witt
  */
-var ProofKeyForCodeExchangePolicy;
-(function (ProofKeyForCodeExchangePolicy) {
-    ProofKeyForCodeExchangePolicy["Required"] = "Required";
-    ProofKeyForCodeExchangePolicy["NotRequired"] = "NotRequired";
-    ProofKeyForCodeExchangePolicy["NotRequiredWhenUsingClientAuthentication"] = "NotRequiredWhenUsingClientAuthentication";
-})(ProofKeyForCodeExchangePolicy = exports.ProofKeyForCodeExchangePolicy || (exports.ProofKeyForCodeExchangePolicy = {}));
+var CoseKeyType;
+(function (CoseKeyType) {
+    CoseKeyType["Reserved"] = "0";
+    CoseKeyType["OKP"] = "1";
+    CoseKeyType["EC2"] = "2";
+    CoseKeyType["RSA"] = "3";
+    CoseKeyType["Symmetric"] = "4";
+})(CoseKeyType = exports.CoseKeyType || (exports.CoseKeyType = {}));
 /**
- * @author Mikey Sleevi
+ * @author Lyle Schemmerling
  */
-var MessageType;
-(function (MessageType) {
-    MessageType["SMS"] = "SMS";
-})(MessageType = exports.MessageType || (exports.MessageType = {}));
-var LDAPSecurityMethod;
-(function (LDAPSecurityMethod) {
-    LDAPSecurityMethod["None"] = "None";
-    LDAPSecurityMethod["LDAPS"] = "LDAPS";
-    LDAPSecurityMethod["StartTLS"] = "StartTLS";
-})(LDAPSecurityMethod = exports.LDAPSecurityMethod || (exports.LDAPSecurityMethod = {}));
-/**
- * The transaction types for Webhooks and other event systems within FusionAuth.
- *
- * @author Brian Pontarelli
+var SAMLv2DestinationAssertionPolicy;
+(function (SAMLv2DestinationAssertionPolicy) {
+    SAMLv2DestinationAssertionPolicy["Enabled"] = "Enabled";
+    SAMLv2DestinationAssertionPolicy["Disabled"] = "Disabled";
+    SAMLv2DestinationAssertionPolicy["AllowAlternates"] = "AllowAlternates";
+})(SAMLv2DestinationAssertionPolicy = exports.SAMLv2DestinationAssertionPolicy || (exports.SAMLv2DestinationAssertionPolicy = {}));
+/**
+ * Defines valid credential types. This is an extension point in the WebAuthn spec. The only defined value at this time is "public-key"
+ *
+ * @author Spencer Witt
  */
-var TransactionType;
-(function (TransactionType) {
-    TransactionType["None"] = "None";
-    TransactionType["Any"] = "Any";
-    TransactionType["SimpleMajority"] = "SimpleMajority";
-    TransactionType["SuperMajority"] = "SuperMajority";
-    TransactionType["AbsoluteMajority"] = "AbsoluteMajority";
-})(TransactionType = exports.TransactionType || (exports.TransactionType = {}));
+var PublicKeyCredentialType;
+(function (PublicKeyCredentialType) {
+    PublicKeyCredentialType["publicKey"] = "public-key";
+})(PublicKeyCredentialType = exports.PublicKeyCredentialType || (exports.PublicKeyCredentialType = {}));
 /**
  * @author Daniel DeGroff
  */
-var UnverifiedBehavior;
-(function (UnverifiedBehavior) {
-    UnverifiedBehavior["Allow"] = "Allow";
-    UnverifiedBehavior["Gated"] = "Gated";
-})(UnverifiedBehavior = exports.UnverifiedBehavior || (exports.UnverifiedBehavior = {}));
+var FormFieldAdminPolicy;
+(function (FormFieldAdminPolicy) {
+    FormFieldAdminPolicy["Edit"] = "Edit";
+    FormFieldAdminPolicy["View"] = "View";
+})(FormFieldAdminPolicy = exports.FormFieldAdminPolicy || (exports.FormFieldAdminPolicy = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var HTTPMethod;
+(function (HTTPMethod) {
+    HTTPMethod["GET"] = "GET";
+    HTTPMethod["POST"] = "POST";
+    HTTPMethod["PUT"] = "PUT";
+    HTTPMethod["DELETE"] = "DELETE";
+    HTTPMethod["HEAD"] = "HEAD";
+    HTTPMethod["OPTIONS"] = "OPTIONS";
+    HTTPMethod["PATCH"] = "PATCH";
+})(HTTPMethod = exports.HTTPMethod || (exports.HTTPMethod = {}));
+/**
+ * A number identifying a cryptographic algorithm. Values should be registered with the <a
+ * href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">IANA COSE Algorithms registry</a>
+ *
+ * @author Spencer Witt
+ */
+var CoseAlgorithmIdentifier;
+(function (CoseAlgorithmIdentifier) {
+    CoseAlgorithmIdentifier["ES256"] = "SHA256withECDSA";
+    CoseAlgorithmIdentifier["ES384"] = "SHA384withECDSA";
+    CoseAlgorithmIdentifier["ES512"] = "SHA512withECDSA";
+    CoseAlgorithmIdentifier["RS256"] = "SHA256withRSA";
+    CoseAlgorithmIdentifier["RS384"] = "SHA384withRSA";
+    CoseAlgorithmIdentifier["RS512"] = "SHA512withRSA";
+    CoseAlgorithmIdentifier["PS256"] = "SHA-256";
+    CoseAlgorithmIdentifier["PS384"] = "SHA-384";
+    CoseAlgorithmIdentifier["PS512"] = "SHA-512";
+})(CoseAlgorithmIdentifier = exports.CoseAlgorithmIdentifier || (exports.CoseAlgorithmIdentifier = {}));
+/**
+ * The types of lambdas that indicate how they are invoked by FusionAuth.
+ *
+ * @author Brian Pontarelli
+ */
+var LambdaType;
+(function (LambdaType) {
+    LambdaType["JWTPopulate"] = "JWTPopulate";
+    LambdaType["OpenIDReconcile"] = "OpenIDReconcile";
+    LambdaType["SAMLv2Reconcile"] = "SAMLv2Reconcile";
+    LambdaType["SAMLv2Populate"] = "SAMLv2Populate";
+    LambdaType["AppleReconcile"] = "AppleReconcile";
+    LambdaType["ExternalJWTReconcile"] = "ExternalJWTReconcile";
+    LambdaType["FacebookReconcile"] = "FacebookReconcile";
+    LambdaType["GoogleReconcile"] = "GoogleReconcile";
+    LambdaType["HYPRReconcile"] = "HYPRReconcile";
+    LambdaType["TwitterReconcile"] = "TwitterReconcile";
+    LambdaType["LDAPConnectorReconcile"] = "LDAPConnectorReconcile";
+    LambdaType["LinkedInReconcile"] = "LinkedInReconcile";
+    LambdaType["EpicGamesReconcile"] = "EpicGamesReconcile";
+    LambdaType["NintendoReconcile"] = "NintendoReconcile";
+    LambdaType["SonyPSNReconcile"] = "SonyPSNReconcile";
+    LambdaType["SteamReconcile"] = "SteamReconcile";
+    LambdaType["TwitchReconcile"] = "TwitchReconcile";
+    LambdaType["XboxReconcile"] = "XboxReconcile";
+    LambdaType["ClientCredentialsJWTPopulate"] = "ClientCredentialsJWTPopulate";
+    LambdaType["SCIMServerGroupRequestConverter"] = "SCIMServerGroupRequestConverter";
+    LambdaType["SCIMServerGroupResponseConverter"] = "SCIMServerGroupResponseConverter";
+    LambdaType["SCIMServerUserRequestConverter"] = "SCIMServerUserRequestConverter";
+    LambdaType["SCIMServerUserResponseConverter"] = "SCIMServerUserResponseConverter";
+    LambdaType["SelfServiceRegistrationValidation"] = "SelfServiceRegistrationValidation";
+    LambdaType["UserInfoPopulate"] = "UserInfoPopulate";
+})(LambdaType = exports.LambdaType || (exports.LambdaType = {}));
+/**
+ * Used to communicate whether and how authenticator attestation should be delivered to the Relying Party
+ *
+ * @author Spencer Witt
+ */
+var AttestationConveyancePreference;
+(function (AttestationConveyancePreference) {
+    AttestationConveyancePreference["none"] = "none";
+    AttestationConveyancePreference["indirect"] = "indirect";
+    AttestationConveyancePreference["direct"] = "direct";
+    AttestationConveyancePreference["enterprise"] = "enterprise";
+})(AttestationConveyancePreference = exports.AttestationConveyancePreference || (exports.AttestationConveyancePreference = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var ObjectState;
+(function (ObjectState) {
+    ObjectState["Active"] = "Active";
+    ObjectState["Inactive"] = "Inactive";
+    ObjectState["PendingDelete"] = "PendingDelete";
+})(ObjectState = exports.ObjectState || (exports.ObjectState = {}));
+/**
+ * @author Brett Pontarelli
+ */
+var AuthenticationThreats;
+(function (AuthenticationThreats) {
+    AuthenticationThreats["ImpossibleTravel"] = "ImpossibleTravel";
+})(AuthenticationThreats = exports.AuthenticationThreats || (exports.AuthenticationThreats = {}));
+/**
+ * Describes the Relying Party's requirements for <a href="https://www.w3.org/TR/webauthn-2/#client-side-discoverable-credential">client-side
+ * discoverable credentials</a> (formerly known as "resident keys")
+ *
+ * @author Spencer Witt
+ */
+var ResidentKeyRequirement;
+(function (ResidentKeyRequirement) {
+    ResidentKeyRequirement["discouraged"] = "discouraged";
+    ResidentKeyRequirement["preferred"] = "preferred";
+    ResidentKeyRequirement["required"] = "required";
+})(ResidentKeyRequirement = exports.ResidentKeyRequirement || (exports.ResidentKeyRequirement = {}));
+/**
+ * @author Brett Guy
+ */
+var ClientAuthenticationPolicy;
+(function (ClientAuthenticationPolicy) {
+    ClientAuthenticationPolicy["Required"] = "Required";
+    ClientAuthenticationPolicy["NotRequired"] = "NotRequired";
+    ClientAuthenticationPolicy["NotRequiredWhenUsingPKCE"] = "NotRequiredWhenUsingPKCE";
+})(ClientAuthenticationPolicy = exports.ClientAuthenticationPolicy || (exports.ClientAuthenticationPolicy = {}));
 /**
  * @author Daniel DeGroff
  */
@@ -5132,6 +5379,163 @@ var RefreshTokenUsagePolicy;
     RefreshTokenUsagePolicy["Reusable"] = "Reusable";
     RefreshTokenUsagePolicy["OneTimeUse"] = "OneTimeUse";
 })(RefreshTokenUsagePolicy = exports.RefreshTokenUsagePolicy || (exports.RefreshTokenUsagePolicy = {}));
+var DeviceType;
+(function (DeviceType) {
+    DeviceType["BROWSER"] = "BROWSER";
+    DeviceType["DESKTOP"] = "DESKTOP";
+    DeviceType["LAPTOP"] = "LAPTOP";
+    DeviceType["MOBILE"] = "MOBILE";
+    DeviceType["OTHER"] = "OTHER";
+    DeviceType["SERVER"] = "SERVER";
+    DeviceType["TABLET"] = "TABLET";
+    DeviceType["TV"] = "TV";
+    DeviceType["UNKNOWN"] = "UNKNOWN";
+})(DeviceType = exports.DeviceType || (exports.DeviceType = {}));
+/**
+ * @author Brett Pontarelli
+ */
+var CaptchaMethod;
+(function (CaptchaMethod) {
+    CaptchaMethod["GoogleRecaptchaV2"] = "GoogleRecaptchaV2";
+    CaptchaMethod["GoogleRecaptchaV3"] = "GoogleRecaptchaV3";
+    CaptchaMethod["HCaptcha"] = "HCaptcha";
+    CaptchaMethod["HCaptchaEnterprise"] = "HCaptchaEnterprise";
+})(CaptchaMethod = exports.CaptchaMethod || (exports.CaptchaMethod = {}));
+var KeyAlgorithm;
+(function (KeyAlgorithm) {
+    KeyAlgorithm["ES256"] = "ES256";
+    KeyAlgorithm["ES384"] = "ES384";
+    KeyAlgorithm["ES512"] = "ES512";
+    KeyAlgorithm["HS256"] = "HS256";
+    KeyAlgorithm["HS384"] = "HS384";
+    KeyAlgorithm["HS512"] = "HS512";
+    KeyAlgorithm["RS256"] = "RS256";
+    KeyAlgorithm["RS384"] = "RS384";
+    KeyAlgorithm["RS512"] = "RS512";
+})(KeyAlgorithm = exports.KeyAlgorithm || (exports.KeyAlgorithm = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var FormType;
+(function (FormType) {
+    FormType["registration"] = "registration";
+    FormType["adminRegistration"] = "adminRegistration";
+    FormType["adminUser"] = "adminUser";
+    FormType["selfServiceUser"] = "selfServiceUser";
+})(FormType = exports.FormType || (exports.FormType = {}));
+/**
+ * Used to indicate what type of attestation was included in the authenticator response for a given WebAuthn credential at the time it was created
+ *
+ * @author Spencer Witt
+ */
+var AttestationType;
+(function (AttestationType) {
+    AttestationType["basic"] = "basic";
+    AttestationType["self"] = "self";
+    AttestationType["attestationCa"] = "attestationCa";
+    AttestationType["anonymizationCa"] = "anonymizationCa";
+    AttestationType["none"] = "none";
+})(AttestationType = exports.AttestationType || (exports.AttestationType = {}));
+var KeyType;
+(function (KeyType) {
+    KeyType["EC"] = "EC";
+    KeyType["RSA"] = "RSA";
+    KeyType["HMAC"] = "HMAC";
+})(KeyType = exports.KeyType || (exports.KeyType = {}));
+/**
+ * The types of connectors. This enum is stored as an ordinal on the <code>identities</code> table, order must be maintained.
+ *
+ * @author Trevor Smith
+ */
+var ConnectorType;
+(function (ConnectorType) {
+    ConnectorType["FusionAuth"] = "FusionAuth";
+    ConnectorType["Generic"] = "Generic";
+    ConnectorType["LDAP"] = "LDAP";
+})(ConnectorType = exports.ConnectorType || (exports.ConnectorType = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var MultiFactorLoginPolicy;
+(function (MultiFactorLoginPolicy) {
+    MultiFactorLoginPolicy["Disabled"] = "Disabled";
+    MultiFactorLoginPolicy["Enabled"] = "Enabled";
+    MultiFactorLoginPolicy["Required"] = "Required";
+})(MultiFactorLoginPolicy = exports.MultiFactorLoginPolicy || (exports.MultiFactorLoginPolicy = {}));
+/**
+ * Describes the <a href="https://www.w3.org/TR/webauthn-2/#authenticator-attachment-modality">authenticator attachment modality</a>.
+ *
+ * @author Spencer Witt
+ */
+var AuthenticatorAttachment;
+(function (AuthenticatorAttachment) {
+    AuthenticatorAttachment["platform"] = "platform";
+    AuthenticatorAttachment["crossPlatform"] = "crossPlatform";
+})(AuthenticatorAttachment = exports.AuthenticatorAttachment || (exports.AuthenticatorAttachment = {}));
+/**
+ * COSE Elliptic Curve identifier to determine which elliptic curve to use with a given key
+ *
+ * @author Spencer Witt
+ */
+var CoseEllipticCurve;
+(function (CoseEllipticCurve) {
+    CoseEllipticCurve["Reserved"] = "Reserved";
+    CoseEllipticCurve["P256"] = "P256";
+    CoseEllipticCurve["P384"] = "P384";
+    CoseEllipticCurve["P521"] = "P521";
+    CoseEllipticCurve["X25519"] = "X25519";
+    CoseEllipticCurve["X448"] = "X448";
+    CoseEllipticCurve["Ed25519"] = "Ed25519";
+    CoseEllipticCurve["Ed448"] = "Ed448";
+    CoseEllipticCurve["Secp256k1"] = "Secp256k1";
+})(CoseEllipticCurve = exports.CoseEllipticCurve || (exports.CoseEllipticCurve = {}));
+var LoginIdType;
+(function (LoginIdType) {
+    LoginIdType["email"] = "email";
+    LoginIdType["username"] = "username";
+})(LoginIdType = exports.LoginIdType || (exports.LoginIdType = {}));
+var RegistrationType;
+(function (RegistrationType) {
+    RegistrationType["basic"] = "basic";
+    RegistrationType["advanced"] = "advanced";
+})(RegistrationType = exports.RegistrationType || (exports.RegistrationType = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var RefreshTokenExpirationPolicy;
+(function (RefreshTokenExpirationPolicy) {
+    RefreshTokenExpirationPolicy["Fixed"] = "Fixed";
+    RefreshTokenExpirationPolicy["SlidingWindow"] = "SlidingWindow";
+    RefreshTokenExpirationPolicy["SlidingWindowWithMaximumLifetime"] = "SlidingWindowWithMaximumLifetime";
+})(RefreshTokenExpirationPolicy = exports.RefreshTokenExpirationPolicy || (exports.RefreshTokenExpirationPolicy = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var UnverifiedBehavior;
+(function (UnverifiedBehavior) {
+    UnverifiedBehavior["Allow"] = "Allow";
+    UnverifiedBehavior["Gated"] = "Gated";
+})(UnverifiedBehavior = exports.UnverifiedBehavior || (exports.UnverifiedBehavior = {}));
+/**
+ * The phases of a time-based user action.
+ *
+ * @author Brian Pontarelli
+ */
+var UserActionPhase;
+(function (UserActionPhase) {
+    UserActionPhase["start"] = "start";
+    UserActionPhase["modify"] = "modify";
+    UserActionPhase["cancel"] = "cancel";
+    UserActionPhase["end"] = "end";
+})(UserActionPhase = exports.UserActionPhase || (exports.UserActionPhase = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var LambdaEngineType;
+(function (LambdaEngineType) {
+    LambdaEngineType["GraalJS"] = "GraalJS";
+    LambdaEngineType["Nashorn"] = "Nashorn";
+})(LambdaEngineType = exports.LambdaEngineType || (exports.LambdaEngineType = {}));
 var OAuthErrorType;
 (function (OAuthErrorType) {
     OAuthErrorType["invalid_request"] = "invalid_request";
@@ -5143,6 +5547,7 @@ var OAuthErrorType;
     OAuthErrorType["server_error"] = "server_error";
     OAuthErrorType["unsupported_grant_type"] = "unsupported_grant_type";
     OAuthErrorType["unsupported_response_type"] = "unsupported_response_type";
+    OAuthErrorType["access_denied"] = "access_denied";
     OAuthErrorType["change_password_required"] = "change_password_required";
     OAuthErrorType["not_licensed"] = "not_licensed";
     OAuthErrorType["two_factor_required"] = "two_factor_required";
@@ -5150,97 +5555,19 @@ var OAuthErrorType;
     OAuthErrorType["expired_token"] = "expired_token";
     OAuthErrorType["unsupported_token_type"] = "unsupported_token_type";
 })(OAuthErrorType = exports.OAuthErrorType || (exports.OAuthErrorType = {}));
-var DeviceType;
-(function (DeviceType) {
-    DeviceType["BROWSER"] = "BROWSER";
-    DeviceType["DESKTOP"] = "DESKTOP";
-    DeviceType["LAPTOP"] = "LAPTOP";
-    DeviceType["MOBILE"] = "MOBILE";
-    DeviceType["OTHER"] = "OTHER";
-    DeviceType["SERVER"] = "SERVER";
-    DeviceType["TABLET"] = "TABLET";
-    DeviceType["TV"] = "TV";
-    DeviceType["UNKNOWN"] = "UNKNOWN";
-})(DeviceType = exports.DeviceType || (exports.DeviceType = {}));
-/**
- * @author Daniel DeGroff
- */
-var RateLimitedRequestType;
-(function (RateLimitedRequestType) {
-    RateLimitedRequestType["FailedLogin"] = "FailedLogin";
-    RateLimitedRequestType["ForgotPassword"] = "ForgotPassword";
-    RateLimitedRequestType["SendEmailVerification"] = "SendEmailVerification";
-    RateLimitedRequestType["SendPasswordless"] = "SendPasswordless";
-    RateLimitedRequestType["SendRegistrationVerification"] = "SendRegistrationVerification";
-    RateLimitedRequestType["SendTwoFactor"] = "SendTwoFactor";
-})(RateLimitedRequestType = exports.RateLimitedRequestType || (exports.RateLimitedRequestType = {}));
-/**
- * The use type of a key.
- *
- * @author Daniel DeGroff
- */
-var KeyUse;
-(function (KeyUse) {
-    KeyUse["SignOnly"] = "SignOnly";
-    KeyUse["SignAndVerify"] = "SignAndVerify";
-    KeyUse["VerifyOnly"] = "VerifyOnly";
-})(KeyUse = exports.KeyUse || (exports.KeyUse = {}));
-/**
- * @author Daniel DeGroff
- */
-var LambdaEngineType;
-(function (LambdaEngineType) {
-    LambdaEngineType["GraalJS"] = "GraalJS";
-    LambdaEngineType["Nashorn"] = "Nashorn";
-})(LambdaEngineType = exports.LambdaEngineType || (exports.LambdaEngineType = {}));
-/**
- * @author Brett Guy
- */
-var ClientAuthenticationPolicy;
-(function (ClientAuthenticationPolicy) {
-    ClientAuthenticationPolicy["Required"] = "Required";
-    ClientAuthenticationPolicy["NotRequired"] = "NotRequired";
-    ClientAuthenticationPolicy["NotRequiredWhenUsingPKCE"] = "NotRequiredWhenUsingPKCE";
-})(ClientAuthenticationPolicy = exports.ClientAuthenticationPolicy || (exports.ClientAuthenticationPolicy = {}));
-var BreachAction;
-(function (BreachAction) {
-    BreachAction["Off"] = "Off";
-    BreachAction["RecordOnly"] = "RecordOnly";
-    BreachAction["NotifyUser"] = "NotifyUser";
-    BreachAction["RequireChange"] = "RequireChange";
-})(BreachAction = exports.BreachAction || (exports.BreachAction = {}));
-/**
- * @author Daniel DeGroff
- */
-var FormType;
-(function (FormType) {
-    FormType["registration"] = "registration";
-    FormType["adminRegistration"] = "adminRegistration";
-    FormType["adminUser"] = "adminUser";
-    FormType["selfServiceUser"] = "selfServiceUser";
-})(FormType = exports.FormType || (exports.FormType = {}));
-/**
- * @author Daniel DeGroff
- */
-var SecureGeneratorType;
-(function (SecureGeneratorType) {
-    SecureGeneratorType["randomDigits"] = "randomDigits";
-    SecureGeneratorType["randomBytes"] = "randomBytes";
-    SecureGeneratorType["randomAlpha"] = "randomAlpha";
-    SecureGeneratorType["randomAlphaNumeric"] = "randomAlphaNumeric";
-})(SecureGeneratorType = exports.SecureGeneratorType || (exports.SecureGeneratorType = {}));
 /**
  * @author Daniel DeGroff
  */
-var FormDataType;
-(function (FormDataType) {
-    FormDataType["bool"] = "bool";
-    FormDataType["consent"] = "consent";
-    FormDataType["date"] = "date";
-    FormDataType["email"] = "email";
-    FormDataType["number"] = "number";
-    FormDataType["string"] = "string";
-})(FormDataType = exports.FormDataType || (exports.FormDataType = {}));
+var Sort;
+(function (Sort) {
+    Sort["asc"] = "asc";
+    Sort["desc"] = "desc";
+})(Sort = exports.Sort || (exports.Sort = {}));
+var SAMLLogoutBehavior;
+(function (SAMLLogoutBehavior) {
+    SAMLLogoutBehavior["AllParticipants"] = "AllParticipants";
+    SAMLLogoutBehavior["OnlyOriginator"] = "OnlyOriginator";
+})(SAMLLogoutBehavior = exports.SAMLLogoutBehavior || (exports.SAMLLogoutBehavior = {}));
 /**
  * The IdP behavior when no user link has been made yet.
  *
@@ -5257,32 +5584,13 @@ var IdentityProviderLinkingStrategy;
     IdentityProviderLinkingStrategy["LinkByUsernameForExistingUser"] = "LinkByUsernameForExistingUser";
     IdentityProviderLinkingStrategy["Unsupported"] = "Unsupported";
 })(IdentityProviderLinkingStrategy = exports.IdentityProviderLinkingStrategy || (exports.IdentityProviderLinkingStrategy = {}));
-/**
- * @author Brett Guy
- */
-var IPAccessControlEntryAction;
-(function (IPAccessControlEntryAction) {
-    IPAccessControlEntryAction["Allow"] = "Allow";
-    IPAccessControlEntryAction["Block"] = "Block";
-})(IPAccessControlEntryAction = exports.IPAccessControlEntryAction || (exports.IPAccessControlEntryAction = {}));
-/**
- * The phases of a time-based user action.
- *
- * @author Brian Pontarelli
- */
-var UserActionPhase;
-(function (UserActionPhase) {
-    UserActionPhase["start"] = "start";
-    UserActionPhase["modify"] = "modify";
-    UserActionPhase["cancel"] = "cancel";
-    UserActionPhase["end"] = "end";
-})(UserActionPhase = exports.UserActionPhase || (exports.UserActionPhase = {}));
-var EmailSecurityType;
-(function (EmailSecurityType) {
-    EmailSecurityType["NONE"] = "NONE";
-    EmailSecurityType["SSL"] = "SSL";
-    EmailSecurityType["TLS"] = "TLS";
-})(EmailSecurityType = exports.EmailSecurityType || (exports.EmailSecurityType = {}));
+var BreachAction;
+(function (BreachAction) {
+    BreachAction["Off"] = "Off";
+    BreachAction["RecordOnly"] = "RecordOnly";
+    BreachAction["NotifyUser"] = "NotifyUser";
+    BreachAction["RequireChange"] = "RequireChange";
+})(BreachAction = exports.BreachAction || (exports.BreachAction = {}));
 /**
  * Event Log Type
  *
@@ -5295,17 +5603,37 @@ var EventLogType;
     EventLogType["Error"] = "Error";
 })(EventLogType = exports.EventLogType || (exports.EventLogType = {}));
 /**
- * @author Brian Pontarelli
+ * Available JSON Web Algorithms (JWA) as described in RFC 7518 available for this JWT implementation.
+ *
+ * @author Daniel DeGroff
  */
-var ExpiryUnit;
-(function (ExpiryUnit) {
-    ExpiryUnit["MINUTES"] = "MINUTES";
-    ExpiryUnit["HOURS"] = "HOURS";
-    ExpiryUnit["DAYS"] = "DAYS";
-    ExpiryUnit["WEEKS"] = "WEEKS";
-    ExpiryUnit["MONTHS"] = "MONTHS";
-    ExpiryUnit["YEARS"] = "YEARS";
-})(ExpiryUnit = exports.ExpiryUnit || (exports.ExpiryUnit = {}));
+var Algorithm;
+(function (Algorithm) {
+    Algorithm["ES256"] = "ES256";
+    Algorithm["ES384"] = "ES384";
+    Algorithm["ES512"] = "ES512";
+    Algorithm["HS256"] = "HS256";
+    Algorithm["HS384"] = "HS384";
+    Algorithm["HS512"] = "HS512";
+    Algorithm["PS256"] = "PS256";
+    Algorithm["PS384"] = "PS384";
+    Algorithm["PS512"] = "PS512";
+    Algorithm["RS256"] = "RS256";
+    Algorithm["RS384"] = "RS384";
+    Algorithm["RS512"] = "RS512";
+    Algorithm["none"] = "none";
+})(Algorithm = exports.Algorithm || (exports.Algorithm = {}));
+/**
+ * The use type of a key.
+ *
+ * @author Daniel DeGroff
+ */
+var KeyUse;
+(function (KeyUse) {
+    KeyUse["SignOnly"] = "SignOnly";
+    KeyUse["SignAndVerify"] = "SignAndVerify";
+    KeyUse["VerifyOnly"] = "VerifyOnly";
+})(KeyUse = exports.KeyUse || (exports.KeyUse = {}));
 var FamilyRole;
 (function (FamilyRole) {
     FamilyRole["Child"] = "Child";
@@ -5313,50 +5641,77 @@ var FamilyRole;
     FamilyRole["Adult"] = "Adult";
 })(FamilyRole = exports.FamilyRole || (exports.FamilyRole = {}));
 /**
- * @author Daniel DeGroff
+ * The transaction types for Webhooks and other event systems within FusionAuth.
+ *
+ * @author Brian Pontarelli
  */
-var Sort;
-(function (Sort) {
-    Sort["asc"] = "asc";
-    Sort["desc"] = "desc";
-})(Sort = exports.Sort || (exports.Sort = {}));
-var KeyAlgorithm;
-(function (KeyAlgorithm) {
-    KeyAlgorithm["ES256"] = "ES256";
-    KeyAlgorithm["ES384"] = "ES384";
-    KeyAlgorithm["ES512"] = "ES512";
-    KeyAlgorithm["HS256"] = "HS256";
-    KeyAlgorithm["HS384"] = "HS384";
-    KeyAlgorithm["HS512"] = "HS512";
-    KeyAlgorithm["RS256"] = "RS256";
-    KeyAlgorithm["RS384"] = "RS384";
-    KeyAlgorithm["RS512"] = "RS512";
-})(KeyAlgorithm = exports.KeyAlgorithm || (exports.KeyAlgorithm = {}));
-var KeyType;
-(function (KeyType) {
-    KeyType["EC"] = "EC";
-    KeyType["RSA"] = "RSA";
-    KeyType["HMAC"] = "HMAC";
-})(KeyType = exports.KeyType || (exports.KeyType = {}));
+var TransactionType;
+(function (TransactionType) {
+    TransactionType["None"] = "None";
+    TransactionType["Any"] = "Any";
+    TransactionType["SimpleMajority"] = "SimpleMajority";
+    TransactionType["SuperMajority"] = "SuperMajority";
+    TransactionType["AbsoluteMajority"] = "AbsoluteMajority";
+})(TransactionType = exports.TransactionType || (exports.TransactionType = {}));
+/**
+ * Used to express whether the Relying Party requires <a href="https://www.w3.org/TR/webauthn-2/#user-verification">user verification</a> for the
+ * current operation.
+ *
+ * @author Spencer Witt
+ */
+var UserVerificationRequirement;
+(function (UserVerificationRequirement) {
+    UserVerificationRequirement["required"] = "required";
+    UserVerificationRequirement["preferred"] = "preferred";
+    UserVerificationRequirement["discouraged"] = "discouraged";
+})(UserVerificationRequirement = exports.UserVerificationRequirement || (exports.UserVerificationRequirement = {}));
 /**
+ * Steam API modes.
+ *
  * @author Daniel DeGroff
  */
-var ObjectState;
-(function (ObjectState) {
-    ObjectState["Active"] = "Active";
-    ObjectState["Inactive"] = "Inactive";
-    ObjectState["PendingDelete"] = "PendingDelete";
-})(ObjectState = exports.ObjectState || (exports.ObjectState = {}));
+var SteamAPIMode;
+(function (SteamAPIMode) {
+    SteamAPIMode["Public"] = "Public";
+    SteamAPIMode["Partner"] = "Partner";
+})(SteamAPIMode = exports.SteamAPIMode || (exports.SteamAPIMode = {}));
+/**
+ * @author Trevor Smith
+ */
+var ChangePasswordReason;
+(function (ChangePasswordReason) {
+    ChangePasswordReason["Administrative"] = "Administrative";
+    ChangePasswordReason["Breached"] = "Breached";
+    ChangePasswordReason["Expired"] = "Expired";
+    ChangePasswordReason["Validation"] = "Validation";
+})(ChangePasswordReason = exports.ChangePasswordReason || (exports.ChangePasswordReason = {}));
+var EmailSecurityType;
+(function (EmailSecurityType) {
+    EmailSecurityType["NONE"] = "NONE";
+    EmailSecurityType["SSL"] = "SSL";
+    EmailSecurityType["TLS"] = "TLS";
+})(EmailSecurityType = exports.EmailSecurityType || (exports.EmailSecurityType = {}));
 /**
- * Steam API modes.
- *
- * @author Daniel DeGroff
+ * @author Brian Pontarelli
  */
-var SteamAPIMode;
-(function (SteamAPIMode) {
-    SteamAPIMode["Public"] = "Public";
-    SteamAPIMode["Partner"] = "Partner";
-})(SteamAPIMode = exports.SteamAPIMode || (exports.SteamAPIMode = {}));
+var ExpiryUnit;
+(function (ExpiryUnit) {
+    ExpiryUnit["MINUTES"] = "MINUTES";
+    ExpiryUnit["HOURS"] = "HOURS";
+    ExpiryUnit["DAYS"] = "DAYS";
+    ExpiryUnit["WEEKS"] = "WEEKS";
+    ExpiryUnit["MONTHS"] = "MONTHS";
+    ExpiryUnit["YEARS"] = "YEARS";
+})(ExpiryUnit = exports.ExpiryUnit || (exports.ExpiryUnit = {}));
+/**
+ * @author Brett Guy
+ */
+var MessengerType;
+(function (MessengerType) {
+    MessengerType["Generic"] = "Generic";
+    MessengerType["Kafka"] = "Kafka";
+    MessengerType["Twilio"] = "Twilio";
+})(MessengerType = exports.MessengerType || (exports.MessengerType = {}));
 /**
  * @author Daniel DeGroff
  */
@@ -5382,50 +5737,11 @@ var IdentityProviderType;
 /**
  * @author Daniel DeGroff
  */
-var VerificationStrategy;
-(function (VerificationStrategy) {
-    VerificationStrategy["ClickableLink"] = "ClickableLink";
-    VerificationStrategy["FormField"] = "FormField";
-})(VerificationStrategy = exports.VerificationStrategy || (exports.VerificationStrategy = {}));
-/**
- * @author Daniel DeGroff
- */
-var BreachedPasswordStatus;
-(function (BreachedPasswordStatus) {
-    BreachedPasswordStatus["None"] = "None";
-    BreachedPasswordStatus["ExactMatch"] = "ExactMatch";
-    BreachedPasswordStatus["SubAddressMatch"] = "SubAddressMatch";
-    BreachedPasswordStatus["PasswordOnly"] = "PasswordOnly";
-    BreachedPasswordStatus["CommonPassword"] = "CommonPassword";
-})(BreachedPasswordStatus = exports.BreachedPasswordStatus || (exports.BreachedPasswordStatus = {}));
-var TOTPAlgorithm;
-(function (TOTPAlgorithm) {
-    TOTPAlgorithm["HmacSHA1"] = "HmacSHA1";
-    TOTPAlgorithm["HmacSHA256"] = "HmacSHA256";
-    TOTPAlgorithm["HmacSHA512"] = "HmacSHA512";
-})(TOTPAlgorithm = exports.TOTPAlgorithm || (exports.TOTPAlgorithm = {}));
-/**
- * XML canonicalization method enumeration. This is used for the IdP and SP side of FusionAuth SAML.
- *
- * @author Brian Pontarelli
- */
-var CanonicalizationMethod;
-(function (CanonicalizationMethod) {
-    CanonicalizationMethod["exclusive"] = "exclusive";
-    CanonicalizationMethod["exclusive_with_comments"] = "exclusive_with_comments";
-    CanonicalizationMethod["inclusive"] = "inclusive";
-    CanonicalizationMethod["inclusive_with_comments"] = "inclusive_with_comments";
-})(CanonicalizationMethod = exports.CanonicalizationMethod || (exports.CanonicalizationMethod = {}));
-/**
- * @author Trevor Smith
- */
-var ChangePasswordReason;
-(function (ChangePasswordReason) {
-    ChangePasswordReason["Administrative"] = "Administrative";
-    ChangePasswordReason["Breached"] = "Breached";
-    ChangePasswordReason["Expired"] = "Expired";
-    ChangePasswordReason["Validation"] = "Validation";
-})(ChangePasswordReason = exports.ChangePasswordReason || (exports.ChangePasswordReason = {}));
+var SystemTrustedProxyConfigurationPolicy;
+(function (SystemTrustedProxyConfigurationPolicy) {
+    SystemTrustedProxyConfigurationPolicy["All"] = "All";
+    SystemTrustedProxyConfigurationPolicy["OnlyConfigured"] = "OnlyConfigured";
+})(SystemTrustedProxyConfigurationPolicy = exports.SystemTrustedProxyConfigurationPolicy || (exports.SystemTrustedProxyConfigurationPolicy = {}));
 /**
  * Models the event types that FusionAuth produces.
  *
@@ -5453,278 +5769,126 @@ var EventType;
     EventType["GroupUpdateComplete"] = "group.update.complete";
     EventType["UserAction"] = "user.action";
     EventType["UserBulkCreate"] = "user.bulk.create";
-    EventType["UserCreate"] = "user.create";
-    EventType["UserCreateComplete"] = "user.create.complete";
-    EventType["UserDeactivate"] = "user.deactivate";
-    EventType["UserDelete"] = "user.delete";
-    EventType["UserDeleteComplete"] = "user.delete.complete";
-    EventType["UserEmailUpdate"] = "user.email.update";
-    EventType["UserEmailVerified"] = "user.email.verified";
-    EventType["UserIdentityProviderLink"] = "user.identity-provider.link";
-    EventType["UserIdentityProviderUnlink"] = "user.identity-provider.unlink";
-    EventType["UserLoginIdDuplicateOnCreate"] = "user.loginId.duplicate.create";
-    EventType["UserLoginIdDuplicateOnUpdate"] = "user.loginId.duplicate.update";
-    EventType["UserLoginFailed"] = "user.login.failed";
-    EventType["UserLoginNewDevice"] = "user.login.new-device";
-    EventType["UserLoginSuccess"] = "user.login.success";
-    EventType["UserLoginSuspicious"] = "user.login.suspicious";
-    EventType["UserPasswordBreach"] = "user.password.breach";
-    EventType["UserPasswordResetSend"] = "user.password.reset.send";
-    EventType["UserPasswordResetStart"] = "user.password.reset.start";
-    EventType["UserPasswordResetSuccess"] = "user.password.reset.success";
-    EventType["UserPasswordUpdate"] = "user.password.update";
-    EventType["UserReactivate"] = "user.reactivate";
-    EventType["UserRegistrationCreate"] = "user.registration.create";
-    EventType["UserRegistrationCreateComplete"] = "user.registration.create.complete";
-    EventType["UserRegistrationDelete"] = "user.registration.delete";
-    EventType["UserRegistrationDeleteComplete"] = "user.registration.delete.complete";
-    EventType["UserRegistrationUpdate"] = "user.registration.update";
-    EventType["UserRegistrationUpdateComplete"] = "user.registration.update.complete";
-    EventType["UserRegistrationVerified"] = "user.registration.verified";
-    EventType["UserTwoFactorMethodAdd"] = "user.two-factor.method.add";
-    EventType["UserTwoFactorMethodRemove"] = "user.two-factor.method.remove";
-    EventType["UserUpdate"] = "user.update";
-    EventType["UserUpdateComplete"] = "user.update.complete";
-    EventType["Test"] = "test";
-})(EventType = exports.EventType || (exports.EventType = {}));
-/**
- * @author Brett Pontarelli
- */
-var IdentityProviderLoginMethod;
-(function (IdentityProviderLoginMethod) {
-    IdentityProviderLoginMethod["UsePopup"] = "UsePopup";
-    IdentityProviderLoginMethod["UseRedirect"] = "UseRedirect";
-    IdentityProviderLoginMethod["UseVendorJavaScript"] = "UseVendorJavaScript";
-})(IdentityProviderLoginMethod = exports.IdentityProviderLoginMethod || (exports.IdentityProviderLoginMethod = {}));
-/**
- * @author Brett Pontarelli
- */
-var AuthenticationThreats;
-(function (AuthenticationThreats) {
-    AuthenticationThreats["ImpossibleTravel"] = "ImpossibleTravel";
-})(AuthenticationThreats = exports.AuthenticationThreats || (exports.AuthenticationThreats = {}));
-/**
- * @author Daniel DeGroff
- */
-var SystemTrustedProxyConfigurationPolicy;
-(function (SystemTrustedProxyConfigurationPolicy) {
-    SystemTrustedProxyConfigurationPolicy["All"] = "All";
-    SystemTrustedProxyConfigurationPolicy["OnlyConfigured"] = "OnlyConfigured";
-})(SystemTrustedProxyConfigurationPolicy = exports.SystemTrustedProxyConfigurationPolicy || (exports.SystemTrustedProxyConfigurationPolicy = {}));
-var ClientAuthenticationMethod;
-(function (ClientAuthenticationMethod) {
-    ClientAuthenticationMethod["none"] = "none";
-    ClientAuthenticationMethod["client_secret_basic"] = "client_secret_basic";
-    ClientAuthenticationMethod["client_secret_post"] = "client_secret_post";
-})(ClientAuthenticationMethod = exports.ClientAuthenticationMethod || (exports.ClientAuthenticationMethod = {}));
-/**
- * Models a consent.
- *
- * @author Daniel DeGroff
- */
-var ConsentStatus;
-(function (ConsentStatus) {
-    ConsentStatus["Active"] = "Active";
-    ConsentStatus["Revoked"] = "Revoked";
-})(ConsentStatus = exports.ConsentStatus || (exports.ConsentStatus = {}));
-/**
- * @author Daniel DeGroff
- */
-var ApplicationMultiFactorTrustPolicy;
-(function (ApplicationMultiFactorTrustPolicy) {
-    ApplicationMultiFactorTrustPolicy["Any"] = "Any";
-    ApplicationMultiFactorTrustPolicy["This"] = "This";
-    ApplicationMultiFactorTrustPolicy["None"] = "None";
-})(ApplicationMultiFactorTrustPolicy = exports.ApplicationMultiFactorTrustPolicy || (exports.ApplicationMultiFactorTrustPolicy = {}));
-/**
- * @author Brett Pontarelli
- */
-var CaptchaMethod;
-(function (CaptchaMethod) {
-    CaptchaMethod["GoogleRecaptchaV2"] = "GoogleRecaptchaV2";
-    CaptchaMethod["GoogleRecaptchaV3"] = "GoogleRecaptchaV3";
-    CaptchaMethod["HCaptcha"] = "HCaptcha";
-    CaptchaMethod["HCaptchaEnterprise"] = "HCaptchaEnterprise";
-})(CaptchaMethod = exports.CaptchaMethod || (exports.CaptchaMethod = {}));
-/**
- * Available JSON Web Algorithms (JWA) as described in RFC 7518 available for this JWT implementation.
- *
- * @author Daniel DeGroff
- */
-var Algorithm;
-(function (Algorithm) {
-    Algorithm["ES256"] = "ES256";
-    Algorithm["ES384"] = "ES384";
-    Algorithm["ES512"] = "ES512";
-    Algorithm["HS256"] = "HS256";
-    Algorithm["HS384"] = "HS384";
-    Algorithm["HS512"] = "HS512";
-    Algorithm["PS256"] = "PS256";
-    Algorithm["PS384"] = "PS384";
-    Algorithm["PS512"] = "PS512";
-    Algorithm["RS256"] = "RS256";
-    Algorithm["RS384"] = "RS384";
-    Algorithm["RS512"] = "RS512";
-    Algorithm["none"] = "none";
-})(Algorithm = exports.Algorithm || (exports.Algorithm = {}));
-/**
- * Status for content like usernames, profile attributes, etc.
- *
- * @author Brian Pontarelli
- */
-var ContentStatus;
-(function (ContentStatus) {
-    ContentStatus["ACTIVE"] = "ACTIVE";
-    ContentStatus["PENDING"] = "PENDING";
-    ContentStatus["REJECTED"] = "REJECTED";
-})(ContentStatus = exports.ContentStatus || (exports.ContentStatus = {}));
-var LoginIdType;
-(function (LoginIdType) {
-    LoginIdType["email"] = "email";
-    LoginIdType["username"] = "username";
-})(LoginIdType = exports.LoginIdType || (exports.LoginIdType = {}));
-var RegistrationType;
-(function (RegistrationType) {
-    RegistrationType["basic"] = "basic";
-    RegistrationType["advanced"] = "advanced";
-})(RegistrationType = exports.RegistrationType || (exports.RegistrationType = {}));
-var SAMLLogoutBehavior;
-(function (SAMLLogoutBehavior) {
-    SAMLLogoutBehavior["AllParticipants"] = "AllParticipants";
-    SAMLLogoutBehavior["OnlyOriginator"] = "OnlyOriginator";
-})(SAMLLogoutBehavior = exports.SAMLLogoutBehavior || (exports.SAMLLogoutBehavior = {}));
-var XMLSignatureLocation;
-(function (XMLSignatureLocation) {
-    XMLSignatureLocation["Assertion"] = "Assertion";
-    XMLSignatureLocation["Response"] = "Response";
-})(XMLSignatureLocation = exports.XMLSignatureLocation || (exports.XMLSignatureLocation = {}));
-/**
- * Used to communicate whether and how authenticator attestation should be delivered to the Relying Party
- *
- * @author Spencer Witt
- */
-var AttestationConveyancePreference;
-(function (AttestationConveyancePreference) {
-    AttestationConveyancePreference["none"] = "none";
-    AttestationConveyancePreference["indirect"] = "indirect";
-    AttestationConveyancePreference["direct"] = "direct";
-    AttestationConveyancePreference["enterprise"] = "enterprise";
-})(AttestationConveyancePreference = exports.AttestationConveyancePreference || (exports.AttestationConveyancePreference = {}));
-/**
- * Used to indicate what type of attestation was included in the authenticator response for a given WebAuthn credential at the time it was created
- *
- * @author Spencer Witt
- */
-var AttestationType;
-(function (AttestationType) {
-    AttestationType["basic"] = "basic";
-    AttestationType["self"] = "self";
-    AttestationType["attestationCa"] = "attestationCa";
-    AttestationType["anonymizationCa"] = "anonymizationCa";
-    AttestationType["none"] = "none";
-})(AttestationType = exports.AttestationType || (exports.AttestationType = {}));
-/**
- * Describes the <a href="https://www.w3.org/TR/webauthn-2/#authenticator-attachment-modality">authenticator attachment modality</a>.
- *
- * @author Spencer Witt
- */
-var AuthenticatorAttachment;
-(function (AuthenticatorAttachment) {
-    AuthenticatorAttachment["platform"] = "platform";
-    AuthenticatorAttachment["crossPlatform"] = "crossPlatform";
-})(AuthenticatorAttachment = exports.AuthenticatorAttachment || (exports.AuthenticatorAttachment = {}));
+    EventType["UserCreate"] = "user.create";
+    EventType["UserCreateComplete"] = "user.create.complete";
+    EventType["UserDeactivate"] = "user.deactivate";
+    EventType["UserDelete"] = "user.delete";
+    EventType["UserDeleteComplete"] = "user.delete.complete";
+    EventType["UserEmailUpdate"] = "user.email.update";
+    EventType["UserEmailVerified"] = "user.email.verified";
+    EventType["UserIdentityProviderLink"] = "user.identity-provider.link";
+    EventType["UserIdentityProviderUnlink"] = "user.identity-provider.unlink";
+    EventType["UserLoginIdDuplicateOnCreate"] = "user.loginId.duplicate.create";
+    EventType["UserLoginIdDuplicateOnUpdate"] = "user.loginId.duplicate.update";
+    EventType["UserLoginFailed"] = "user.login.failed";
+    EventType["UserLoginNewDevice"] = "user.login.new-device";
+    EventType["UserLoginSuccess"] = "user.login.success";
+    EventType["UserLoginSuspicious"] = "user.login.suspicious";
+    EventType["UserPasswordBreach"] = "user.password.breach";
+    EventType["UserPasswordResetSend"] = "user.password.reset.send";
+    EventType["UserPasswordResetStart"] = "user.password.reset.start";
+    EventType["UserPasswordResetSuccess"] = "user.password.reset.success";
+    EventType["UserPasswordUpdate"] = "user.password.update";
+    EventType["UserReactivate"] = "user.reactivate";
+    EventType["UserRegistrationCreate"] = "user.registration.create";
+    EventType["UserRegistrationCreateComplete"] = "user.registration.create.complete";
+    EventType["UserRegistrationDelete"] = "user.registration.delete";
+    EventType["UserRegistrationDeleteComplete"] = "user.registration.delete.complete";
+    EventType["UserRegistrationUpdate"] = "user.registration.update";
+    EventType["UserRegistrationUpdateComplete"] = "user.registration.update.complete";
+    EventType["UserRegistrationVerified"] = "user.registration.verified";
+    EventType["UserTwoFactorMethodAdd"] = "user.two-factor.method.add";
+    EventType["UserTwoFactorMethodRemove"] = "user.two-factor.method.remove";
+    EventType["UserUpdate"] = "user.update";
+    EventType["UserUpdateComplete"] = "user.update.complete";
+    EventType["Test"] = "test";
+})(EventType = exports.EventType || (exports.EventType = {}));
+var TOTPAlgorithm;
+(function (TOTPAlgorithm) {
+    TOTPAlgorithm["HmacSHA1"] = "HmacSHA1";
+    TOTPAlgorithm["HmacSHA256"] = "HmacSHA256";
+    TOTPAlgorithm["HmacSHA512"] = "HmacSHA512";
+})(TOTPAlgorithm = exports.TOTPAlgorithm || (exports.TOTPAlgorithm = {}));
+var LDAPSecurityMethod;
+(function (LDAPSecurityMethod) {
+    LDAPSecurityMethod["None"] = "None";
+    LDAPSecurityMethod["LDAPS"] = "LDAPS";
+    LDAPSecurityMethod["StartTLS"] = "StartTLS";
+})(LDAPSecurityMethod = exports.LDAPSecurityMethod || (exports.LDAPSecurityMethod = {}));
+var UniqueUsernameStrategy;
+(function (UniqueUsernameStrategy) {
+    UniqueUsernameStrategy["Always"] = "Always";
+    UniqueUsernameStrategy["OnCollision"] = "OnCollision";
+})(UniqueUsernameStrategy = exports.UniqueUsernameStrategy || (exports.UniqueUsernameStrategy = {}));
 /**
- * Describes the authenticator attachment modality preference for a WebAuthn workflow. See {@link AuthenticatorAttachment}
- *
- * @author Spencer Witt
+ * @author Daniel DeGroff
  */
-var AuthenticatorAttachmentPreference;
-(function (AuthenticatorAttachmentPreference) {
-    AuthenticatorAttachmentPreference["any"] = "any";
-    AuthenticatorAttachmentPreference["platform"] = "platform";
-    AuthenticatorAttachmentPreference["crossPlatform"] = "crossPlatform";
-})(AuthenticatorAttachmentPreference = exports.AuthenticatorAttachmentPreference || (exports.AuthenticatorAttachmentPreference = {}));
+var VerificationStrategy;
+(function (VerificationStrategy) {
+    VerificationStrategy["ClickableLink"] = "ClickableLink";
+    VerificationStrategy["FormField"] = "FormField";
+})(VerificationStrategy = exports.VerificationStrategy || (exports.VerificationStrategy = {}));
 /**
- * A number identifying a cryptographic algorithm. Values should be registered with the <a
- * href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">IANA COSE Algorithms registry</a>
- *
- * @author Spencer Witt
+ * @author Daniel DeGroff
  */
-var CoseAlgorithmIdentifier;
-(function (CoseAlgorithmIdentifier) {
-    CoseAlgorithmIdentifier["ES256"] = "SHA256withECDSA";
-    CoseAlgorithmIdentifier["ES384"] = "SHA384withECDSA";
-    CoseAlgorithmIdentifier["ES512"] = "SHA512withECDSA";
-    CoseAlgorithmIdentifier["RS256"] = "SHA256withRSA";
-    CoseAlgorithmIdentifier["RS384"] = "SHA384withRSA";
-    CoseAlgorithmIdentifier["RS512"] = "SHA512withRSA";
-    CoseAlgorithmIdentifier["PS256"] = "SHA-256";
-    CoseAlgorithmIdentifier["PS384"] = "SHA-384";
-    CoseAlgorithmIdentifier["PS512"] = "SHA-512";
-})(CoseAlgorithmIdentifier = exports.CoseAlgorithmIdentifier || (exports.CoseAlgorithmIdentifier = {}));
+var SecureGeneratorType;
+(function (SecureGeneratorType) {
+    SecureGeneratorType["randomDigits"] = "randomDigits";
+    SecureGeneratorType["randomBytes"] = "randomBytes";
+    SecureGeneratorType["randomAlpha"] = "randomAlpha";
+    SecureGeneratorType["randomAlphaNumeric"] = "randomAlphaNumeric";
+})(SecureGeneratorType = exports.SecureGeneratorType || (exports.SecureGeneratorType = {}));
 /**
- * COSE Elliptic Curve identifier to determine which elliptic curve to use with a given key
+ * XML canonicalization method enumeration. This is used for the IdP and SP side of FusionAuth SAML.
  *
- * @author Spencer Witt
+ * @author Brian Pontarelli
  */
-var CoseEllipticCurve;
-(function (CoseEllipticCurve) {
-    CoseEllipticCurve["Reserved"] = "Reserved";
-    CoseEllipticCurve["P256"] = "P256";
-    CoseEllipticCurve["P384"] = "P384";
-    CoseEllipticCurve["P521"] = "P521";
-    CoseEllipticCurve["X25519"] = "X25519";
-    CoseEllipticCurve["X448"] = "X448";
-    CoseEllipticCurve["Ed25519"] = "Ed25519";
-    CoseEllipticCurve["Ed448"] = "Ed448";
-    CoseEllipticCurve["Secp256k1"] = "Secp256k1";
-})(CoseEllipticCurve = exports.CoseEllipticCurve || (exports.CoseEllipticCurve = {}));
+var CanonicalizationMethod;
+(function (CanonicalizationMethod) {
+    CanonicalizationMethod["exclusive"] = "exclusive";
+    CanonicalizationMethod["exclusive_with_comments"] = "exclusive_with_comments";
+    CanonicalizationMethod["inclusive"] = "inclusive";
+    CanonicalizationMethod["inclusive_with_comments"] = "inclusive_with_comments";
+})(CanonicalizationMethod = exports.CanonicalizationMethod || (exports.CanonicalizationMethod = {}));
 /**
- * COSE key type
- *
- * @author Spencer Witt
+ * @author Daniel DeGroff
  */
-var CoseKeyType;
-(function (CoseKeyType) {
-    CoseKeyType["Reserved"] = "0";
-    CoseKeyType["OKP"] = "1";
-    CoseKeyType["EC2"] = "2";
-    CoseKeyType["RSA"] = "3";
-    CoseKeyType["Symmetric"] = "4";
-})(CoseKeyType = exports.CoseKeyType || (exports.CoseKeyType = {}));
+var RateLimitedRequestType;
+(function (RateLimitedRequestType) {
+    RateLimitedRequestType["FailedLogin"] = "FailedLogin";
+    RateLimitedRequestType["ForgotPassword"] = "ForgotPassword";
+    RateLimitedRequestType["SendEmailVerification"] = "SendEmailVerification";
+    RateLimitedRequestType["SendPasswordless"] = "SendPasswordless";
+    RateLimitedRequestType["SendRegistrationVerification"] = "SendRegistrationVerification";
+    RateLimitedRequestType["SendTwoFactor"] = "SendTwoFactor";
+})(RateLimitedRequestType = exports.RateLimitedRequestType || (exports.RateLimitedRequestType = {}));
 /**
- * Defines valid credential types. This is an extension point in the WebAuthn spec. The only defined value at this time is "public-key"
+ * Controls the policy for whether OAuth workflows will more strictly adhere to the OAuth and OIDC specification
+ * or run in backwards compatibility mode.
  *
- * @author Spencer Witt
+ * @author David Charles
  */
-var PublicKeyCredentialType;
-(function (PublicKeyCredentialType) {
-    PublicKeyCredentialType["publicKey"] = "public-key";
-})(PublicKeyCredentialType = exports.PublicKeyCredentialType || (exports.PublicKeyCredentialType = {}));
+var OAuthScopeHandlingPolicy;
+(function (OAuthScopeHandlingPolicy) {
+    OAuthScopeHandlingPolicy["Compatibility"] = "Compatibility";
+    OAuthScopeHandlingPolicy["Strict"] = "Strict";
+})(OAuthScopeHandlingPolicy = exports.OAuthScopeHandlingPolicy || (exports.OAuthScopeHandlingPolicy = {}));
 /**
- * Describes the Relying Party's requirements for <a href="https://www.w3.org/TR/webauthn-2/#client-side-discoverable-credential">client-side
- * discoverable credentials</a> (formerly known as "resident keys")
- *
- * @author Spencer Witt
+ * @author Matthew Altman
  */
-var ResidentKeyRequirement;
-(function (ResidentKeyRequirement) {
-    ResidentKeyRequirement["discouraged"] = "discouraged";
-    ResidentKeyRequirement["preferred"] = "preferred";
-    ResidentKeyRequirement["required"] = "required";
-})(ResidentKeyRequirement = exports.ResidentKeyRequirement || (exports.ResidentKeyRequirement = {}));
+var LogoutBehavior;
+(function (LogoutBehavior) {
+    LogoutBehavior["RedirectOnly"] = "RedirectOnly";
+    LogoutBehavior["AllApplications"] = "AllApplications";
+})(LogoutBehavior = exports.LogoutBehavior || (exports.LogoutBehavior = {}));
 /**
- * Used to express whether the Relying Party requires <a href="https://www.w3.org/TR/webauthn-2/#user-verification">user verification</a> for the
- * current operation.
- *
- * @author Spencer Witt
+ * @author Johnathon Wood
  */
-var UserVerificationRequirement;
-(function (UserVerificationRequirement) {
-    UserVerificationRequirement["required"] = "required";
-    UserVerificationRequirement["preferred"] = "preferred";
-    UserVerificationRequirement["discouraged"] = "discouraged";
-})(UserVerificationRequirement = exports.UserVerificationRequirement || (exports.UserVerificationRequirement = {}));
+var Oauth2AuthorizedURLValidationPolicy;
+(function (Oauth2AuthorizedURLValidationPolicy) {
+    Oauth2AuthorizedURLValidationPolicy["AllowWildcards"] = "AllowWildcards";
+    Oauth2AuthorizedURLValidationPolicy["ExactMatch"] = "ExactMatch";
+})(Oauth2AuthorizedURLValidationPolicy = exports.Oauth2AuthorizedURLValidationPolicy || (exports.Oauth2AuthorizedURLValidationPolicy = {}));
 /**
  * Identifies the WebAuthn workflow. This will affect the parameters used for credential creation
  * and request based on the Tenant configuration.
@@ -5738,72 +5902,16 @@ var WebAuthnWorkflow;
     WebAuthnWorkflow["reauthentication"] = "reauthentication";
 })(WebAuthnWorkflow = exports.WebAuthnWorkflow || (exports.WebAuthnWorkflow = {}));
 /**
- * @author Daniel DeGroff
- */
-var MultiFactorLoginPolicy;
-(function (MultiFactorLoginPolicy) {
-    MultiFactorLoginPolicy["Disabled"] = "Disabled";
-    MultiFactorLoginPolicy["Enabled"] = "Enabled";
-    MultiFactorLoginPolicy["Required"] = "Required";
-})(MultiFactorLoginPolicy = exports.MultiFactorLoginPolicy || (exports.MultiFactorLoginPolicy = {}));
-/**
- * The types of lambdas that indicate how they are invoked by FusionAuth.
+ * Policy for handling unknown OAuth scopes in the request
  *
- * @author Brian Pontarelli
- */
-var LambdaType;
-(function (LambdaType) {
-    LambdaType["JWTPopulate"] = "JWTPopulate";
-    LambdaType["OpenIDReconcile"] = "OpenIDReconcile";
-    LambdaType["SAMLv2Reconcile"] = "SAMLv2Reconcile";
-    LambdaType["SAMLv2Populate"] = "SAMLv2Populate";
-    LambdaType["AppleReconcile"] = "AppleReconcile";
-    LambdaType["ExternalJWTReconcile"] = "ExternalJWTReconcile";
-    LambdaType["FacebookReconcile"] = "FacebookReconcile";
-    LambdaType["GoogleReconcile"] = "GoogleReconcile";
-    LambdaType["HYPRReconcile"] = "HYPRReconcile";
-    LambdaType["TwitterReconcile"] = "TwitterReconcile";
-    LambdaType["LDAPConnectorReconcile"] = "LDAPConnectorReconcile";
-    LambdaType["LinkedInReconcile"] = "LinkedInReconcile";
-    LambdaType["EpicGamesReconcile"] = "EpicGamesReconcile";
-    LambdaType["NintendoReconcile"] = "NintendoReconcile";
-    LambdaType["SonyPSNReconcile"] = "SonyPSNReconcile";
-    LambdaType["SteamReconcile"] = "SteamReconcile";
-    LambdaType["TwitchReconcile"] = "TwitchReconcile";
-    LambdaType["XboxReconcile"] = "XboxReconcile";
-    LambdaType["ClientCredentialsJWTPopulate"] = "ClientCredentialsJWTPopulate";
-    LambdaType["SCIMServerGroupRequestConverter"] = "SCIMServerGroupRequestConverter";
-    LambdaType["SCIMServerGroupResponseConverter"] = "SCIMServerGroupResponseConverter";
-    LambdaType["SCIMServerUserRequestConverter"] = "SCIMServerUserRequestConverter";
-    LambdaType["SCIMServerUserResponseConverter"] = "SCIMServerUserResponseConverter";
-    LambdaType["SelfServiceRegistrationValidation"] = "SelfServiceRegistrationValidation";
-})(LambdaType = exports.LambdaType || (exports.LambdaType = {}));
-/**
- * @author Lyle Schemmerling
- */
-var SAMLv2DestinationAssertionPolicy;
-(function (SAMLv2DestinationAssertionPolicy) {
-    SAMLv2DestinationAssertionPolicy["Enabled"] = "Enabled";
-    SAMLv2DestinationAssertionPolicy["Disabled"] = "Disabled";
-    SAMLv2DestinationAssertionPolicy["AllowAlternates"] = "AllowAlternates";
-})(SAMLv2DestinationAssertionPolicy = exports.SAMLv2DestinationAssertionPolicy || (exports.SAMLv2DestinationAssertionPolicy = {}));
-/**
- * @author Johnathon Wood
- */
-var Oauth2AuthorizedURLValidationPolicy;
-(function (Oauth2AuthorizedURLValidationPolicy) {
-    Oauth2AuthorizedURLValidationPolicy["AllowWildcards"] = "AllowWildcards";
-    Oauth2AuthorizedURLValidationPolicy["ExactMatch"] = "ExactMatch";
-})(Oauth2AuthorizedURLValidationPolicy = exports.Oauth2AuthorizedURLValidationPolicy || (exports.Oauth2AuthorizedURLValidationPolicy = {}));
-/**
- * @author Daniel DeGroff
+ * @author Spencer Witt
  */
-var RefreshTokenExpirationPolicy;
-(function (RefreshTokenExpirationPolicy) {
-    RefreshTokenExpirationPolicy["Fixed"] = "Fixed";
-    RefreshTokenExpirationPolicy["SlidingWindow"] = "SlidingWindow";
-    RefreshTokenExpirationPolicy["SlidingWindowWithMaximumLifetime"] = "SlidingWindowWithMaximumLifetime";
-})(RefreshTokenExpirationPolicy = exports.RefreshTokenExpirationPolicy || (exports.RefreshTokenExpirationPolicy = {}));
+var UnknownScopePolicy;
+(function (UnknownScopePolicy) {
+    UnknownScopePolicy["Allow"] = "Allow";
+    UnknownScopePolicy["Remove"] = "Remove";
+    UnknownScopePolicy["Reject"] = "Reject";
+})(UnknownScopePolicy = exports.UnknownScopePolicy || (exports.UnknownScopePolicy = {}));
 var OAuthErrorReason;
 (function (OAuthErrorReason) {
     OAuthErrorReason["auth_code_not_found"] = "auth_code_not_found";
@@ -5812,6 +5920,7 @@ var OAuthErrorReason;
     OAuthErrorReason["access_token_unavailable_for_processing"] = "access_token_unavailable_for_processing";
     OAuthErrorReason["access_token_failed_processing"] = "access_token_failed_processing";
     OAuthErrorReason["access_token_invalid"] = "access_token_invalid";
+    OAuthErrorReason["access_token_required"] = "access_token_required";
     OAuthErrorReason["refresh_token_not_found"] = "refresh_token_not_found";
     OAuthErrorReason["refresh_token_type_not_supported"] = "refresh_token_type_not_supported";
     OAuthErrorReason["invalid_client_id"] = "invalid_client_id";
@@ -5863,5 +5972,35 @@ var OAuthErrorReason;
     OAuthErrorReason["change_password_expired"] = "change_password_expired";
     OAuthErrorReason["change_password_validation"] = "change_password_validation";
     OAuthErrorReason["unknown"] = "unknown";
+    OAuthErrorReason["missing_required_scope"] = "missing_required_scope";
+    OAuthErrorReason["unknown_scope"] = "unknown_scope";
+    OAuthErrorReason["consent_canceled"] = "consent_canceled";
 })(OAuthErrorReason = exports.OAuthErrorReason || (exports.OAuthErrorReason = {}));
+var ClientAuthenticationMethod;
+(function (ClientAuthenticationMethod) {
+    ClientAuthenticationMethod["none"] = "none";
+    ClientAuthenticationMethod["client_secret_basic"] = "client_secret_basic";
+    ClientAuthenticationMethod["client_secret_post"] = "client_secret_post";
+})(ClientAuthenticationMethod = exports.ClientAuthenticationMethod || (exports.ClientAuthenticationMethod = {}));
+/**
+ * Controls the policy for requesting user permission to grant access to requested scopes during an OAuth workflow
+ * for a third-party application.
+ *
+ * @author Spencer Witt
+ */
+var OAuthScopeConsentMode;
+(function (OAuthScopeConsentMode) {
+    OAuthScopeConsentMode["AlwaysPrompt"] = "AlwaysPrompt";
+    OAuthScopeConsentMode["RememberDecision"] = "RememberDecision";
+    OAuthScopeConsentMode["NeverPrompt"] = "NeverPrompt";
+})(OAuthScopeConsentMode = exports.OAuthScopeConsentMode || (exports.OAuthScopeConsentMode = {}));
+/**
+ * @author Brett Pontarelli
+ */
+var IdentityProviderLoginMethod;
+(function (IdentityProviderLoginMethod) {
+    IdentityProviderLoginMethod["UsePopup"] = "UsePopup";
+    IdentityProviderLoginMethod["UseRedirect"] = "UseRedirect";
+    IdentityProviderLoginMethod["UseVendorJavaScript"] = "UseVendorJavaScript";
+})(IdentityProviderLoginMethod = exports.IdentityProviderLoginMethod || (exports.IdentityProviderLoginMethod = {}));
 //# sourceMappingURL=FusionAuthClient.js.map