@fusionauth/typescript-client 1.57.0 → 1.58.0

package/build/src/FusionAuthClient.js

@@ -1,6 +1,6 @@
 "use strict";
 /*
-* Copyright (c) 2019-2023, FusionAuth, All Rights Reserved
+* Copyright (c) 2019-2025, FusionAuth, All Rights Reserved
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -15,7 +15,7 @@
 * language governing permissions and limitations under the License.
 */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Algorithm = exports.ClientAuthenticationMethod = exports.OAuthApplicationRelationship = exports.UnknownScopePolicy = exports.EventType = exports.CaptchaMethod = exports.SteamAPIMode = exports.AuthenticationThreats = exports.TOTPAlgorithm = exports.VerificationStrategy = exports.IdentityProviderType = exports.ObjectState = exports.OAuthScopeConsentMode = exports.KeyType = exports.KeyAlgorithm = exports.CoseEllipticCurve = exports.PublicKeyCredentialType = exports.AuthenticatorAttachmentPreference = exports.Sort = exports.XMLSignatureLocation = exports.SAMLLogoutBehavior = exports.RegistrationType = exports.LoginIdType = exports.SystemTrustedProxyConfigurationPolicy = exports.LambdaType = exports.UserActionPhase = exports.IPAccessControlEntryAction = exports.MultiFactorLoginPolicy = exports.IdentityProviderLinkingStrategy = exports.FormDataType = exports.SecureGeneratorType = exports.ExpiryUnit = exports.CanonicalizationMethod = exports.FormType = exports.ClientAuthenticationPolicy = exports.UserVerificationRequirement = exports.LambdaEngineType = exports.RateLimitedRequestType = exports.ApplicationMultiFactorTrustPolicy = exports.DeviceType = exports.OAuthErrorType = exports.OAuthErrorReason = exports.SAMLv2DestinationAssertionPolicy = exports.RefreshTokenUsagePolicy = exports.IdentityProviderLoginMethod = exports.AuthenticatorAttachment = exports.Oauth2AuthorizedURLValidationPolicy = exports.LDAPSecurityMethod = exports.ChangePasswordReason = exports.ResidentKeyRequirement = exports.MessageType = exports.ProofKeyForCodeExchangePolicy = exports.ConnectorType = exports.ThemeType = exports.CoseKeyType = exports.TransactionType = exports.EventLogType = exports.WebhookAttemptResult = exports.OAuthScopeHandlingPolicy = exports.FormControl = exports.BreachedPasswordStatus = exports.KeyUse = exports.RefreshTokenExpirationPolicy = exports.UserState = exports.HTTPMethod = exports.ConsentStatus = exports.WebAuthnWorkflow = exports.WebhookEventResult = exports.AttestationConveyancePreference = exports.FormFieldAdminPolicy = exports.BreachMatchMode = exports.BreachAction = exports.MessengerType = exports.UnverifiedBehavior = exports.ReactorFeatureStatus = exports.CoseAlgorithmIdentifier = exports.FamilyRole = exports.LogoutBehavior = exports.ContentStatus = exports.TokenType = exports.UniqueUsernameStrategy = exports.EmailSecurityType = exports.AttestationType = exports.GrantType = exports.FusionAuthClient = void 0;
+exports.WebhookEventResult = exports.WebhookAttemptResult = exports.WebAuthnWorkflow = exports.VerificationStrategy = exports.UserVerificationRequirement = exports.UserState = exports.UserActionPhase = exports.UnverifiedBehavior = exports.UnknownScopePolicy = exports.TransactionType = exports.TokenType = exports.ThemeType = exports.UniqueUsernameStrategy = exports.SystemTrustedProxyConfigurationPolicy = exports.SteamAPIMode = exports.Sort = exports.SecureGeneratorType = exports.SAMLv2DestinationAssertionPolicy = exports.ResidentKeyRequirement = exports.RefreshTokenUsagePolicy = exports.RefreshTokenExpirationPolicy = exports.ReactorFeatureStatus = exports.RateLimitedRequestType = exports.PublicKeyCredentialType = exports.ProofKeyForCodeExchangePolicy = exports.BreachMatchMode = exports.BreachAction = exports.ObjectState = exports.Oauth2AuthorizedURLValidationPolicy = exports.OAuthScopeHandlingPolicy = exports.OAuthScopeConsentMode = exports.OAuthErrorType = exports.OAuthErrorReason = exports.OAuthApplicationRelationship = exports.MultiFactorLoginPolicy = exports.MessengerType = exports.MessageType = exports.LogoutBehavior = exports.LambdaType = exports.LambdaEngineType = exports.LDAPSecurityMethod = exports.KeyUse = exports.KeyType = exports.KeyAlgorithm = exports.IdentityProviderType = exports.ClientAuthenticationMethod = exports.IdentityProviderLoginMethod = exports.IdentityProviderLinkingStrategy = exports.IPAccessControlEntryAction = exports.HTTPMethod = exports.GrantType = exports.FormType = exports.FormFieldAdminPolicy = exports.FormDataType = exports.FormControl = exports.FamilyRole = exports.ExpiryUnit = exports.EventType = exports.EventLogType = exports.EmailSecurityType = exports.DeviceType = exports.CoseKeyType = exports.CoseEllipticCurve = exports.CoseAlgorithmIdentifier = exports.ContentStatus = exports.ConsentStatus = exports.ConnectorType = exports.ClientAuthenticationPolicy = exports.ChangePasswordReason = exports.CaptchaMethod = exports.CanonicalizationMethod = exports.BreachedPasswordStatus = exports.TOTPAlgorithm = exports.AuthenticatorAttachmentPreference = exports.AuthenticatorAttachment = exports.AuthenticationThreats = exports.AttestationType = exports.AttestationConveyancePreference = exports.ApplicationMultiFactorTrustPolicy = exports.XMLSignatureLocation = exports.SAMLLogoutBehavior = exports.RegistrationType = exports.LoginIdType = exports.Algorithm = exports.FusionAuthClient = void 0;
 const DefaultRESTClientBuilder_1 = require("./DefaultRESTClientBuilder");
 const url_1 = require("url");
 class FusionAuthClient {
@@ -143,6 +143,24 @@ class FusionAuthClient {
             .withMethod("POST")
             .go();
     }
+    /**
+     * Changes a user's password using their access token (JWT) instead of the changePasswordId
+     * A common use case for this method will be if you want to allow the user to change their own password.
+     *
+     * Remember to send refreshToken in the request body if you want to get a new refresh token when login using the returned oneTimePassword.
+     *
+     * @param {string} encodedJWT The encoded JWT (access token).
+     * @param {ChangePasswordRequest} request The change password request that contains all the information used to change the password.
+     * @returns {Promise<ClientResponse<ChangePasswordResponse>>}
+     */
+    changePasswordByJWT(encodedJWT, request) {
+        return this.startAnonymous()
+            .withUri('/api/user/change-password')
+            .withAuthorization('Bearer ' + encodedJWT)
+            .withJSONBody(request)
+            .withMethod("POST")
+            .go();
+    }
     /**
      * Changes a user's password using their identity (loginId and password). Using a loginId instead of the changePasswordId
      * bypasses the email verification and allows a password to be changed directly without first calling the #forgotPassword
@@ -784,7 +802,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Deactivates the users with the given ids.
+     * Deactivates the users with the given Ids.
      *
      * @param {Array<string>} userIds The ids of the users to deactivate.
      * @returns {Promise<ClientResponse<UserDeleteResponse>>}
@@ -801,7 +819,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Deactivates the users with the given ids.
+     * Deactivates the users with the given Ids.
      *
      * @param {Array<string>} userIds The ids of the users to deactivate.
      * @returns {Promise<ClientResponse<UserDeleteResponse>>}
@@ -1276,8 +1294,8 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Deletes the users with the given ids, or users matching the provided JSON query or queryString.
-     * The order of preference is ids, query and then queryString, it is recommended to only provide one of the three for the request.
+     * Deletes the users with the given Ids, or users matching the provided JSON query or queryString.
+     * The order of preference is Ids, query and then queryString, it is recommended to only provide one of the three for the request.
      *
      * This method can be used to deactivate or permanently delete (hard-delete) users based upon the hardDelete boolean in the request body.
      * Using the dryRun parameter you may also request the result of the action without actually deleting or deactivating any users.
@@ -1295,8 +1313,8 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Deletes the users with the given ids, or users matching the provided JSON query or queryString.
-     * The order of preference is ids, query and then queryString, it is recommended to only provide one of the three for the request.
+     * Deletes the users with the given Ids, or users matching the provided JSON query or queryString.
+     * The order of preference is Ids, query and then queryString, it is recommended to only provide one of the three for the request.
      *
      * This method can be used to deactivate or permanently delete (hard-delete) users based upon the hardDelete boolean in the request body.
      * Using the dryRun parameter you may also request the result of the action without actually deleting or deactivating any users.
@@ -1845,7 +1863,7 @@ class FusionAuthClient {
      * Modifies a temporal user action by changing the expiration of the action and optionally adding a comment to the
      * action.
      *
-     * @param {UUID} actionId The Id of the action to modify. This is technically the user action log id.
+     * @param {UUID} actionId The Id of the action to modify. This is technically the user action log Id.
      * @param {ActionRequest} request The request that contains all the information about the modification.
      * @returns {Promise<ClientResponse<ActionResponse>>}
      */
@@ -1871,10 +1889,10 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Updates an authentication API key by given id
+     * Updates an API key with the given Id.
      *
-     * @param {UUID} keyId The Id of the authentication key. If not provided a secure random api key will be generated.
-     * @param {APIKeyRequest} request The request object that contains all the information needed to create the APIKey.
+     * @param {UUID} keyId The Id of the API key. If not provided a secure random api key will be generated.
+     * @param {APIKeyRequest} request The request object that contains all the information needed to create the API key.
      * @returns {Promise<ClientResponse<APIKeyResponse>>}
      */
     patchAPIKey(keyId, request) {
@@ -1882,7 +1900,7 @@ class FusionAuthClient {
             .withUri('/api/api-key')
             .withUriSegment(keyId)
             .withJSONBody(request)
-            .withMethod("POST")
+            .withMethod("PATCH")
             .go();
     }
     /**
@@ -2426,7 +2444,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Removes a user from the family with the given id.
+     * Removes a user from the family with the given Id.
      *
      * @param {UUID} familyId The Id of the family to remove the user from.
      * @param {UUID} userId The Id of the user to remove from the family.
@@ -2485,7 +2503,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves an authentication API key for the given id
+     * Retrieves an authentication API key for the given Id.
      *
      * @param {UUID} keyId The Id of the API key to retrieve.
      * @returns {Promise<ClientResponse<APIKeyResponse>>}
@@ -2556,7 +2574,7 @@ class FusionAuthClient {
     /**
      * Retrieves the application for the given Id or all the applications if the Id is null.
      *
-     * @param {UUID} applicationId (Optional) The application id.
+     * @param {UUID} applicationId (Optional) The application Id.
      * @returns {Promise<ClientResponse<ApplicationResponse>>}
      */
     retrieveApplication(applicationId) {
@@ -2639,10 +2657,10 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the daily active user report between the two instants. If you specify an application id, it will only
+     * Retrieves the daily active user report between the two instants. If you specify an application Id, it will only
      * return the daily active counts for that application.
      *
-     * @param {UUID} applicationId (Optional) The application id.
+     * @param {UUID} applicationId (Optional) The application Id.
      * @param {number} start The start instant as UTC milliseconds since Epoch.
      * @param {number} end The end instant as UTC milliseconds since Epoch.
      * @returns {Promise<ClientResponse<DailyActiveUserReportResponse>>}
@@ -2657,7 +2675,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the email template for the given Id. If you don't specify the id, this will return all the email templates.
+     * Retrieves the email template for the given Id. If you don't specify the Id, this will return all the email templates.
      *
      * @param {UUID} emailTemplateId (Optional) The Id of the email template.
      * @returns {Promise<ClientResponse<EmailTemplateResponse>>}
@@ -3073,10 +3091,10 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the login report between the two instants. If you specify an application id, it will only return the
+     * Retrieves the login report between the two instants. If you specify an application Id, it will only return the
      * login counts for that application.
      *
-     * @param {UUID} applicationId (Optional) The application id.
+     * @param {UUID} applicationId (Optional) The application Id.
      * @param {number} start The start instant as UTC milliseconds since Epoch.
      * @param {number} end The end instant as UTC milliseconds since Epoch.
      * @returns {Promise<ClientResponse<LoginReportResponse>>}
@@ -3091,7 +3109,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the message template for the given Id. If you don't specify the id, this will return all the message templates.
+     * Retrieves the message template for the given Id. If you don't specify the Id, this will return all the message templates.
      *
      * @param {UUID} messageTemplateId (Optional) The Id of the message template.
      * @returns {Promise<ClientResponse<MessageTemplateResponse>>}
@@ -3152,10 +3170,10 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the monthly active user report between the two instants. If you specify an application id, it will only
+     * Retrieves the monthly active user report between the two instants. If you specify an application Id, it will only
      * return the monthly active counts for that application.
      *
-     * @param {UUID} applicationId (Optional) The application id.
+     * @param {UUID} applicationId (Optional) The application Id.
      * @param {number} start The start instant as UTC milliseconds since Epoch.
      * @param {number} end The end instant as UTC milliseconds since Epoch.
      * @returns {Promise<ClientResponse<MonthlyActiveUserReportResponse>>}
@@ -3331,7 +3349,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the user registration for the user with the given Id and the given application id.
+     * Retrieves the user registration for the user with the given Id and the given application Id.
      *
      * @param {UUID} userId The Id of the user.
      * @param {UUID} applicationId The Id of the application.
@@ -3346,10 +3364,10 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the registration report between the two instants. If you specify an application id, it will only return
+     * Retrieves the registration report between the two instants. If you specify an application Id, it will only return
      * the registration counts for that application.
      *
-     * @param {UUID} applicationId (Optional) The application id.
+     * @param {UUID} applicationId (Optional) The application Id.
      * @param {number} start The start instant as UTC milliseconds since Epoch.
      * @param {number} end The end instant as UTC milliseconds since Epoch.
      * @returns {Promise<ClientResponse<RegistrationReportResponse>>}
@@ -3526,7 +3544,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the user action for the given Id. If you pass in null for the id, this will return all the user
+     * Retrieves the user action for the given Id. If you pass in null for the Id, this will return all the user
      * actions.
      *
      * @param {UUID} userActionId (Optional) The Id of the user action.
@@ -3540,7 +3558,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the user action reason for the given Id. If you pass in null for the id, this will return all the user
+     * Retrieves the user action reason for the given Id. If you pass in null for the Id, this will return all the user
      * action reasons.
      *
      * @param {UUID} userActionReasonId (Optional) The Id of the user action reason.
@@ -3647,8 +3665,8 @@ class FusionAuthClient {
      *
      * This API is useful if you want to build your own login workflow to complete a device grant.
      *
-     * @param {string} client_id The client id.
-     * @param {string} client_secret The client id.
+     * @param {string} client_id The client Id.
+     * @param {string} client_secret The client Id.
      * @param {string} user_code The end-user verification code.
      * @returns {Promise<ClientResponse<void>>}
      */
@@ -3767,11 +3785,11 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the login report between the two instants for a particular user by Id. If you specify an application id, it will only return the
+     * Retrieves the login report between the two instants for a particular user by Id. If you specify an application Id, it will only return the
      * login counts for that application.
      *
-     * @param {UUID} applicationId (Optional) The application id.
-     * @param {UUID} userId The userId id.
+     * @param {UUID} applicationId (Optional) The application Id.
+     * @param {UUID} userId The userId Id.
      * @param {number} start The start instant as UTC milliseconds since Epoch.
      * @param {number} end The end instant as UTC milliseconds since Epoch.
      * @returns {Promise<ClientResponse<LoginReportResponse>>}
@@ -3787,11 +3805,11 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the login report between the two instants for a particular user by login Id. If you specify an application id, it will only return the
+     * Retrieves the login report between the two instants for a particular user by login Id. If you specify an application Id, it will only return the
      * login counts for that application.
      *
-     * @param {UUID} applicationId (Optional) The application id.
-     * @param {string} loginId The userId id.
+     * @param {UUID} applicationId (Optional) The application Id.
+     * @param {string} loginId The userId Id.
      * @param {number} start The start instant as UTC milliseconds since Epoch.
      * @param {number} end The end instant as UTC milliseconds since Epoch.
      * @returns {Promise<ClientResponse<LoginReportResponse>>}
@@ -3874,7 +3892,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the webhook for the given Id. If you pass in null for the id, this will return all the webhooks.
+     * Retrieves the webhook for the given Id. If you pass in null for the Id, this will return all the webhooks.
      *
      * @param {UUID} webhookId (Optional) The Id of the webhook.
      * @returns {Promise<ClientResponse<WebhookResponse>>}
@@ -4123,7 +4141,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the entities for the given ids. If any Id is invalid, it is ignored.
+     * Retrieves the entities for the given Ids. If any Id is invalid, it is ignored.
      *
      * @param {Array<string>} ids The entity ids to search for.
      * @returns {Promise<ClientResponse<EntitySearchResponse>>}
@@ -4305,7 +4323,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the users for the given ids. If any Id is invalid, it is ignored.
+     * Retrieves the users for the given Ids. If any Id is invalid, it is ignored.
      *
      * @param {Array<string>} ids The user ids to search for.
      * @returns {Promise<ClientResponse<SearchResponse>>}
@@ -4320,9 +4338,9 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Retrieves the users for the given ids. If any Id is invalid, it is ignored.
+     * Retrieves the users for the given Ids. If any Id is invalid, it is ignored.
      *
-     * @param {Array<string>} ids The user ids to search for.
+     * @param {Array<string>} ids The user Ids to search for.
      * @returns {Promise<ClientResponse<SearchResponse>>}
      */
     searchUsersByIds(ids) {
@@ -4389,7 +4407,7 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Send an email using an email template id. You can optionally provide <code>requestData</code> to access key value
+     * Send an email using an email template Id. You can optionally provide <code>requestData</code> to access key value
      * pairs in the email template.
      *
      * @param {UUID} emailTemplateId The Id for the template.
@@ -4575,16 +4593,16 @@ class FusionAuthClient {
             .go();
     }
     /**
-     * Updates an API key by given id
+     * Updates an API key with the given Id.
      *
-     * @param {UUID} apiKeyId The Id of the API key to update.
-     * @param {APIKeyRequest} request The request object that contains all the information used to create the API Key.
+     * @param {UUID} keyId The Id of the API key to update.
+     * @param {APIKeyRequest} request The request that contains all the new API key information.
      * @returns {Promise<ClientResponse<APIKeyResponse>>}
      */
-    updateAPIKey(apiKeyId, request) {
+    updateAPIKey(keyId, request) {
         return this.start()
             .withUri('/api/api-key')
-            .withUriSegment(apiKeyId)
+            .withUriSegment(keyId)
             .withJSONBody(request)
             .withMethod("PUT")
             .go();
@@ -5063,7 +5081,7 @@ class FusionAuthClient {
      * If you build your own activation form you should validate the user provided code prior to beginning the Authorization grant.
      *
      * @param {string} user_code The end-user verification code.
-     * @param {string} client_id The client id.
+     * @param {string} client_id The client Id.
      * @returns {Promise<ClientResponse<void>>}
      */
     validateDevice(user_code, client_id) {
@@ -5221,24 +5239,67 @@ class FusionAuthClient {
 exports.FusionAuthClient = FusionAuthClient;
 exports.default = FusionAuthClient;
 /**
- * Authorization Grant types as defined by the <a href="https://tools.ietf.org/html/rfc6749">The OAuth 2.0 Authorization
- * Framework - RFC 6749</a>.
- * <p>
- * Specific names as defined by <a href="https://tools.ietf.org/html/rfc7591#section-4.1">
- * OAuth 2.0 Dynamic Client Registration Protocol - RFC 7591 Section 4.1</a>
+ * Available JSON Web Algorithms (JWA) as described in RFC 7518 available for this JWT implementation.
  *
  * @author Daniel DeGroff
  */
-var GrantType;
-(function (GrantType) {
-    GrantType["authorization_code"] = "authorization_code";
-    GrantType["implicit"] = "implicit";
-    GrantType["password"] = "password";
-    GrantType["client_credentials"] = "client_credentials";
-    GrantType["refresh_token"] = "refresh_token";
-    GrantType["unknown"] = "unknown";
-    GrantType["device_code"] = "urn:ietf:params:oauth:grant-type:device_code";
-})(GrantType = exports.GrantType || (exports.GrantType = {}));
+var Algorithm;
+(function (Algorithm) {
+    Algorithm["ES256"] = "ES256";
+    Algorithm["ES384"] = "ES384";
+    Algorithm["ES512"] = "ES512";
+    Algorithm["HS256"] = "HS256";
+    Algorithm["HS384"] = "HS384";
+    Algorithm["HS512"] = "HS512";
+    Algorithm["PS256"] = "PS256";
+    Algorithm["PS384"] = "PS384";
+    Algorithm["PS512"] = "PS512";
+    Algorithm["RS256"] = "RS256";
+    Algorithm["RS384"] = "RS384";
+    Algorithm["RS512"] = "RS512";
+    Algorithm["none"] = "none";
+})(Algorithm = exports.Algorithm || (exports.Algorithm = {}));
+var LoginIdType;
+(function (LoginIdType) {
+    LoginIdType["email"] = "email";
+    LoginIdType["username"] = "username";
+})(LoginIdType = exports.LoginIdType || (exports.LoginIdType = {}));
+var RegistrationType;
+(function (RegistrationType) {
+    RegistrationType["basic"] = "basic";
+    RegistrationType["advanced"] = "advanced";
+})(RegistrationType = exports.RegistrationType || (exports.RegistrationType = {}));
+var SAMLLogoutBehavior;
+(function (SAMLLogoutBehavior) {
+    SAMLLogoutBehavior["AllParticipants"] = "AllParticipants";
+    SAMLLogoutBehavior["OnlyOriginator"] = "OnlyOriginator";
+})(SAMLLogoutBehavior = exports.SAMLLogoutBehavior || (exports.SAMLLogoutBehavior = {}));
+var XMLSignatureLocation;
+(function (XMLSignatureLocation) {
+    XMLSignatureLocation["Assertion"] = "Assertion";
+    XMLSignatureLocation["Response"] = "Response";
+})(XMLSignatureLocation = exports.XMLSignatureLocation || (exports.XMLSignatureLocation = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var ApplicationMultiFactorTrustPolicy;
+(function (ApplicationMultiFactorTrustPolicy) {
+    ApplicationMultiFactorTrustPolicy["Any"] = "Any";
+    ApplicationMultiFactorTrustPolicy["This"] = "This";
+    ApplicationMultiFactorTrustPolicy["None"] = "None";
+})(ApplicationMultiFactorTrustPolicy = exports.ApplicationMultiFactorTrustPolicy || (exports.ApplicationMultiFactorTrustPolicy = {}));
+/**
+ * Used to communicate whether and how authenticator attestation should be delivered to the Relying Party
+ *
+ * @author Spencer Witt
+ */
+var AttestationConveyancePreference;
+(function (AttestationConveyancePreference) {
+    AttestationConveyancePreference["none"] = "none";
+    AttestationConveyancePreference["indirect"] = "indirect";
+    AttestationConveyancePreference["direct"] = "direct";
+    AttestationConveyancePreference["enterprise"] = "enterprise";
+})(AttestationConveyancePreference = exports.AttestationConveyancePreference || (exports.AttestationConveyancePreference = {}));
 /**
  * Used to indicate what type of attestation was included in the authenticator response for a given WebAuthn credential at the time it was created
  *
@@ -5252,33 +5313,113 @@ var AttestationType;
     AttestationType["anonymizationCa"] = "anonymizationCa";
     AttestationType["none"] = "none";
 })(AttestationType = exports.AttestationType || (exports.AttestationType = {}));
-var EmailSecurityType;
-(function (EmailSecurityType) {
-    EmailSecurityType["NONE"] = "NONE";
-    EmailSecurityType["SSL"] = "SSL";
-    EmailSecurityType["TLS"] = "TLS";
-})(EmailSecurityType = exports.EmailSecurityType || (exports.EmailSecurityType = {}));
-var UniqueUsernameStrategy;
-(function (UniqueUsernameStrategy) {
-    UniqueUsernameStrategy["Always"] = "Always";
-    UniqueUsernameStrategy["OnCollision"] = "OnCollision";
-})(UniqueUsernameStrategy = exports.UniqueUsernameStrategy || (exports.UniqueUsernameStrategy = {}));
 /**
- * <ul>
- * <li>Bearer Token type as defined by <a href="https://tools.ietf.org/html/rfc6750">RFC 6750</a>.</li>
- * <li>MAC Token type as referenced by <a href="https://tools.ietf.org/html/rfc6749">RFC 6749</a> and
- * <a href="https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-05">
- * Draft RFC on OAuth 2.0 Message Authentication Code (MAC) Tokens</a>
- * </li>
- * </ul>
+ * @author Brett Pontarelli
+ */
+var AuthenticationThreats;
+(function (AuthenticationThreats) {
+    AuthenticationThreats["ImpossibleTravel"] = "ImpossibleTravel";
+})(AuthenticationThreats = exports.AuthenticationThreats || (exports.AuthenticationThreats = {}));
+/**
+ * Describes the <a href="https://www.w3.org/TR/webauthn-2/#authenticator-attachment-modality">authenticator attachment modality</a>.
+ *
+ * @author Spencer Witt
+ */
+var AuthenticatorAttachment;
+(function (AuthenticatorAttachment) {
+    AuthenticatorAttachment["platform"] = "platform";
+    AuthenticatorAttachment["crossPlatform"] = "crossPlatform";
+})(AuthenticatorAttachment = exports.AuthenticatorAttachment || (exports.AuthenticatorAttachment = {}));
+/**
+ * Describes the authenticator attachment modality preference for a WebAuthn workflow. See {@link AuthenticatorAttachment}
  *
+ * @author Spencer Witt
+ */
+var AuthenticatorAttachmentPreference;
+(function (AuthenticatorAttachmentPreference) {
+    AuthenticatorAttachmentPreference["any"] = "any";
+    AuthenticatorAttachmentPreference["platform"] = "platform";
+    AuthenticatorAttachmentPreference["crossPlatform"] = "crossPlatform";
+})(AuthenticatorAttachmentPreference = exports.AuthenticatorAttachmentPreference || (exports.AuthenticatorAttachmentPreference = {}));
+var TOTPAlgorithm;
+(function (TOTPAlgorithm) {
+    TOTPAlgorithm["HmacSHA1"] = "HmacSHA1";
+    TOTPAlgorithm["HmacSHA256"] = "HmacSHA256";
+    TOTPAlgorithm["HmacSHA512"] = "HmacSHA512";
+})(TOTPAlgorithm = exports.TOTPAlgorithm || (exports.TOTPAlgorithm = {}));
+/**
  * @author Daniel DeGroff
  */
-var TokenType;
-(function (TokenType) {
-    TokenType["Bearer"] = "Bearer";
-    TokenType["MAC"] = "MAC";
-})(TokenType = exports.TokenType || (exports.TokenType = {}));
+var BreachedPasswordStatus;
+(function (BreachedPasswordStatus) {
+    BreachedPasswordStatus["None"] = "None";
+    BreachedPasswordStatus["ExactMatch"] = "ExactMatch";
+    BreachedPasswordStatus["SubAddressMatch"] = "SubAddressMatch";
+    BreachedPasswordStatus["PasswordOnly"] = "PasswordOnly";
+    BreachedPasswordStatus["CommonPassword"] = "CommonPassword";
+})(BreachedPasswordStatus = exports.BreachedPasswordStatus || (exports.BreachedPasswordStatus = {}));
+/**
+ * XML canonicalization method enumeration. This is used for the IdP and SP side of FusionAuth SAML.
+ *
+ * @author Brian Pontarelli
+ */
+var CanonicalizationMethod;
+(function (CanonicalizationMethod) {
+    CanonicalizationMethod["exclusive"] = "exclusive";
+    CanonicalizationMethod["exclusive_with_comments"] = "exclusive_with_comments";
+    CanonicalizationMethod["inclusive"] = "inclusive";
+    CanonicalizationMethod["inclusive_with_comments"] = "inclusive_with_comments";
+})(CanonicalizationMethod = exports.CanonicalizationMethod || (exports.CanonicalizationMethod = {}));
+/**
+ * @author Brett Pontarelli
+ */
+var CaptchaMethod;
+(function (CaptchaMethod) {
+    CaptchaMethod["GoogleRecaptchaV2"] = "GoogleRecaptchaV2";
+    CaptchaMethod["GoogleRecaptchaV3"] = "GoogleRecaptchaV3";
+    CaptchaMethod["HCaptcha"] = "HCaptcha";
+    CaptchaMethod["HCaptchaEnterprise"] = "HCaptchaEnterprise";
+})(CaptchaMethod = exports.CaptchaMethod || (exports.CaptchaMethod = {}));
+/**
+ * @author Trevor Smith
+ */
+var ChangePasswordReason;
+(function (ChangePasswordReason) {
+    ChangePasswordReason["Administrative"] = "Administrative";
+    ChangePasswordReason["Breached"] = "Breached";
+    ChangePasswordReason["Expired"] = "Expired";
+    ChangePasswordReason["Validation"] = "Validation";
+})(ChangePasswordReason = exports.ChangePasswordReason || (exports.ChangePasswordReason = {}));
+/**
+ * @author Brett Guy
+ */
+var ClientAuthenticationPolicy;
+(function (ClientAuthenticationPolicy) {
+    ClientAuthenticationPolicy["Required"] = "Required";
+    ClientAuthenticationPolicy["NotRequired"] = "NotRequired";
+    ClientAuthenticationPolicy["NotRequiredWhenUsingPKCE"] = "NotRequiredWhenUsingPKCE";
+})(ClientAuthenticationPolicy = exports.ClientAuthenticationPolicy || (exports.ClientAuthenticationPolicy = {}));
+/**
+ * The types of connectors. This enum is stored as an ordinal on the <code>identities</code> table, order must be maintained.
+ *
+ * @author Trevor Smith
+ */
+var ConnectorType;
+(function (ConnectorType) {
+    ConnectorType["FusionAuth"] = "FusionAuth";
+    ConnectorType["Generic"] = "Generic";
+    ConnectorType["LDAP"] = "LDAP";
+})(ConnectorType = exports.ConnectorType || (exports.ConnectorType = {}));
+/**
+ * Models a consent.
+ *
+ * @author Daniel DeGroff
+ */
+var ConsentStatus;
+(function (ConsentStatus) {
+    ConsentStatus["Active"] = "Active";
+    ConsentStatus["Revoked"] = "Revoked";
+})(ConsentStatus = exports.ConsentStatus || (exports.ConsentStatus = {}));
 /**
  * Status for content like usernames, profile attributes, etc.
  *
@@ -5290,20 +5431,6 @@ var ContentStatus;
     ContentStatus["PENDING"] = "PENDING";
     ContentStatus["REJECTED"] = "REJECTED";
 })(ContentStatus = exports.ContentStatus || (exports.ContentStatus = {}));
-/**
- * @author Matthew Altman
- */
-var LogoutBehavior;
-(function (LogoutBehavior) {
-    LogoutBehavior["RedirectOnly"] = "RedirectOnly";
-    LogoutBehavior["AllApplications"] = "AllApplications";
-})(LogoutBehavior = exports.LogoutBehavior || (exports.LogoutBehavior = {}));
-var FamilyRole;
-(function (FamilyRole) {
-    FamilyRole["Child"] = "Child";
-    FamilyRole["Teen"] = "Teen";
-    FamilyRole["Adult"] = "Adult";
-})(FamilyRole = exports.FamilyRole || (exports.FamilyRole = {}));
 /**
  * A number identifying a cryptographic algorithm. Values should be registered with the <a
  * href="https://www.iana.org/assignments/cose/cose.xhtml#algorithms">IANA COSE Algorithms registry</a>
@@ -5323,46 +5450,168 @@ var CoseAlgorithmIdentifier;
     CoseAlgorithmIdentifier["PS512"] = "SHA-512";
 })(CoseAlgorithmIdentifier = exports.CoseAlgorithmIdentifier || (exports.CoseAlgorithmIdentifier = {}));
 /**
- * @author Brian Pontarelli
+ * COSE Elliptic Curve identifier to determine which elliptic curve to use with a given key
+ *
+ * @author Spencer Witt
  */
-var ReactorFeatureStatus;
-(function (ReactorFeatureStatus) {
-    ReactorFeatureStatus["ACTIVE"] = "ACTIVE";
-    ReactorFeatureStatus["DISCONNECTED"] = "DISCONNECTED";
-    ReactorFeatureStatus["PENDING"] = "PENDING";
-    ReactorFeatureStatus["DISABLED"] = "DISABLED";
-    ReactorFeatureStatus["UNKNOWN"] = "UNKNOWN";
-})(ReactorFeatureStatus = exports.ReactorFeatureStatus || (exports.ReactorFeatureStatus = {}));
+var CoseEllipticCurve;
+(function (CoseEllipticCurve) {
+    CoseEllipticCurve["Reserved"] = "Reserved";
+    CoseEllipticCurve["P256"] = "P256";
+    CoseEllipticCurve["P384"] = "P384";
+    CoseEllipticCurve["P521"] = "P521";
+    CoseEllipticCurve["X25519"] = "X25519";
+    CoseEllipticCurve["X448"] = "X448";
+    CoseEllipticCurve["Ed25519"] = "Ed25519";
+    CoseEllipticCurve["Ed448"] = "Ed448";
+    CoseEllipticCurve["Secp256k1"] = "Secp256k1";
+})(CoseEllipticCurve = exports.CoseEllipticCurve || (exports.CoseEllipticCurve = {}));
 /**
+ * COSE key type
+ *
+ * @author Spencer Witt
+ */
+var CoseKeyType;
+(function (CoseKeyType) {
+    CoseKeyType["Reserved"] = "0";
+    CoseKeyType["OKP"] = "1";
+    CoseKeyType["EC2"] = "2";
+    CoseKeyType["RSA"] = "3";
+    CoseKeyType["Symmetric"] = "4";
+})(CoseKeyType = exports.CoseKeyType || (exports.CoseKeyType = {}));
+var DeviceType;
+(function (DeviceType) {
+    DeviceType["BROWSER"] = "BROWSER";
+    DeviceType["DESKTOP"] = "DESKTOP";
+    DeviceType["LAPTOP"] = "LAPTOP";
+    DeviceType["MOBILE"] = "MOBILE";
+    DeviceType["OTHER"] = "OTHER";
+    DeviceType["SERVER"] = "SERVER";
+    DeviceType["TABLET"] = "TABLET";
+    DeviceType["TV"] = "TV";
+    DeviceType["UNKNOWN"] = "UNKNOWN";
+})(DeviceType = exports.DeviceType || (exports.DeviceType = {}));
+var EmailSecurityType;
+(function (EmailSecurityType) {
+    EmailSecurityType["NONE"] = "NONE";
+    EmailSecurityType["SSL"] = "SSL";
+    EmailSecurityType["TLS"] = "TLS";
+})(EmailSecurityType = exports.EmailSecurityType || (exports.EmailSecurityType = {}));
+/**
+ * Event Log Type
+ *
  * @author Daniel DeGroff
  */
-var UnverifiedBehavior;
-(function (UnverifiedBehavior) {
-    UnverifiedBehavior["Allow"] = "Allow";
-    UnverifiedBehavior["Gated"] = "Gated";
-})(UnverifiedBehavior = exports.UnverifiedBehavior || (exports.UnverifiedBehavior = {}));
+var EventLogType;
+(function (EventLogType) {
+    EventLogType["Information"] = "Information";
+    EventLogType["Debug"] = "Debug";
+    EventLogType["Error"] = "Error";
+})(EventLogType = exports.EventLogType || (exports.EventLogType = {}));
 /**
- * @author Brett Guy
+ * Models the event types that FusionAuth produces.
+ *
+ * @author Brian Pontarelli
  */
-var MessengerType;
-(function (MessengerType) {
-    MessengerType["Generic"] = "Generic";
-    MessengerType["Kafka"] = "Kafka";
-    MessengerType["Twilio"] = "Twilio";
-})(MessengerType = exports.MessengerType || (exports.MessengerType = {}));
-var BreachAction;
-(function (BreachAction) {
-    BreachAction["Off"] = "Off";
-    BreachAction["RecordOnly"] = "RecordOnly";
-    BreachAction["NotifyUser"] = "NotifyUser";
-    BreachAction["RequireChange"] = "RequireChange";
-})(BreachAction = exports.BreachAction || (exports.BreachAction = {}));
-var BreachMatchMode;
-(function (BreachMatchMode) {
-    BreachMatchMode["Low"] = "Low";
-    BreachMatchMode["Medium"] = "Medium";
-    BreachMatchMode["High"] = "High";
-})(BreachMatchMode = exports.BreachMatchMode || (exports.BreachMatchMode = {}));
+var EventType;
+(function (EventType) {
+    EventType["JWTPublicKeyUpdate"] = "jwt.public-key.update";
+    EventType["JWTRefreshTokenRevoke"] = "jwt.refresh-token.revoke";
+    EventType["JWTRefresh"] = "jwt.refresh";
+    EventType["AuditLogCreate"] = "audit-log.create";
+    EventType["EventLogCreate"] = "event-log.create";
+    EventType["KickstartSuccess"] = "kickstart.success";
+    EventType["GroupCreate"] = "group.create";
+    EventType["GroupCreateComplete"] = "group.create.complete";
+    EventType["GroupDelete"] = "group.delete";
+    EventType["GroupDeleteComplete"] = "group.delete.complete";
+    EventType["GroupMemberAdd"] = "group.member.add";
+    EventType["GroupMemberAddComplete"] = "group.member.add.complete";
+    EventType["GroupMemberRemove"] = "group.member.remove";
+    EventType["GroupMemberRemoveComplete"] = "group.member.remove.complete";
+    EventType["GroupMemberUpdate"] = "group.member.update";
+    EventType["GroupMemberUpdateComplete"] = "group.member.update.complete";
+    EventType["GroupUpdate"] = "group.update";
+    EventType["GroupUpdateComplete"] = "group.update.complete";
+    EventType["UserAction"] = "user.action";
+    EventType["UserBulkCreate"] = "user.bulk.create";
+    EventType["UserCreate"] = "user.create";
+    EventType["UserCreateComplete"] = "user.create.complete";
+    EventType["UserDeactivate"] = "user.deactivate";
+    EventType["UserDelete"] = "user.delete";
+    EventType["UserDeleteComplete"] = "user.delete.complete";
+    EventType["UserEmailUpdate"] = "user.email.update";
+    EventType["UserEmailVerified"] = "user.email.verified";
+    EventType["UserIdentityProviderLink"] = "user.identity-provider.link";
+    EventType["UserIdentityProviderUnlink"] = "user.identity-provider.unlink";
+    EventType["UserLoginIdDuplicateOnCreate"] = "user.loginId.duplicate.create";
+    EventType["UserLoginIdDuplicateOnUpdate"] = "user.loginId.duplicate.update";
+    EventType["UserLoginFailed"] = "user.login.failed";
+    EventType["UserLoginNewDevice"] = "user.login.new-device";
+    EventType["UserLoginSuccess"] = "user.login.success";
+    EventType["UserLoginSuspicious"] = "user.login.suspicious";
+    EventType["UserPasswordBreach"] = "user.password.breach";
+    EventType["UserPasswordResetSend"] = "user.password.reset.send";
+    EventType["UserPasswordResetStart"] = "user.password.reset.start";
+    EventType["UserPasswordResetSuccess"] = "user.password.reset.success";
+    EventType["UserPasswordUpdate"] = "user.password.update";
+    EventType["UserReactivate"] = "user.reactivate";
+    EventType["UserRegistrationCreate"] = "user.registration.create";
+    EventType["UserRegistrationCreateComplete"] = "user.registration.create.complete";
+    EventType["UserRegistrationDelete"] = "user.registration.delete";
+    EventType["UserRegistrationDeleteComplete"] = "user.registration.delete.complete";
+    EventType["UserRegistrationUpdate"] = "user.registration.update";
+    EventType["UserRegistrationUpdateComplete"] = "user.registration.update.complete";
+    EventType["UserRegistrationVerified"] = "user.registration.verified";
+    EventType["UserTwoFactorMethodAdd"] = "user.two-factor.method.add";
+    EventType["UserTwoFactorMethodRemove"] = "user.two-factor.method.remove";
+    EventType["UserUpdate"] = "user.update";
+    EventType["UserUpdateComplete"] = "user.update.complete";
+    EventType["Test"] = "test";
+})(EventType = exports.EventType || (exports.EventType = {}));
+/**
+ * @author Brian Pontarelli
+ */
+var ExpiryUnit;
+(function (ExpiryUnit) {
+    ExpiryUnit["MINUTES"] = "MINUTES";
+    ExpiryUnit["HOURS"] = "HOURS";
+    ExpiryUnit["DAYS"] = "DAYS";
+    ExpiryUnit["WEEKS"] = "WEEKS";
+    ExpiryUnit["MONTHS"] = "MONTHS";
+    ExpiryUnit["YEARS"] = "YEARS";
+})(ExpiryUnit = exports.ExpiryUnit || (exports.ExpiryUnit = {}));
+var FamilyRole;
+(function (FamilyRole) {
+    FamilyRole["Child"] = "Child";
+    FamilyRole["Teen"] = "Teen";
+    FamilyRole["Adult"] = "Adult";
+})(FamilyRole = exports.FamilyRole || (exports.FamilyRole = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var FormControl;
+(function (FormControl) {
+    FormControl["checkbox"] = "checkbox";
+    FormControl["number"] = "number";
+    FormControl["password"] = "password";
+    FormControl["radio"] = "radio";
+    FormControl["select"] = "select";
+    FormControl["textarea"] = "textarea";
+    FormControl["text"] = "text";
+})(FormControl = exports.FormControl || (exports.FormControl = {}));
+/**
+ * @author Daniel DeGroff
+ */
+var FormDataType;
+(function (FormDataType) {
+    FormDataType["bool"] = "bool";
+    FormDataType["consent"] = "consent";
+    FormDataType["date"] = "date";
+    FormDataType["email"] = "email";
+    FormDataType["number"] = "number";
+    FormDataType["string"] = "string";
+})(FormDataType = exports.FormDataType || (exports.FormDataType = {}));
 /**
  * @author Daniel DeGroff
  */
@@ -5372,51 +5621,34 @@ var FormFieldAdminPolicy;
     FormFieldAdminPolicy["View"] = "View";
 })(FormFieldAdminPolicy = exports.FormFieldAdminPolicy || (exports.FormFieldAdminPolicy = {}));
 /**
- * Used to communicate whether and how authenticator attestation should be delivered to the Relying Party
- *
- * @author Spencer Witt
- */
-var AttestationConveyancePreference;
-(function (AttestationConveyancePreference) {
-    AttestationConveyancePreference["none"] = "none";
-    AttestationConveyancePreference["indirect"] = "indirect";
-    AttestationConveyancePreference["direct"] = "direct";
-    AttestationConveyancePreference["enterprise"] = "enterprise";
-})(AttestationConveyancePreference = exports.AttestationConveyancePreference || (exports.AttestationConveyancePreference = {}));
-/**
- * The possible result states of a webhook event. This tracks the success of the overall webhook transaction according to the {@link TransactionType}
- * and configured webhooks.
- *
- * @author Spencer Witt
- */
-var WebhookEventResult;
-(function (WebhookEventResult) {
-    WebhookEventResult["Failed"] = "Failed";
-    WebhookEventResult["Running"] = "Running";
-    WebhookEventResult["Succeeded"] = "Succeeded";
-})(WebhookEventResult = exports.WebhookEventResult || (exports.WebhookEventResult = {}));
-/**
- * Identifies the WebAuthn workflow. This will affect the parameters used for credential creation
- * and request based on the Tenant configuration.
- *
- * @author Spencer Witt
+ * @author Daniel DeGroff
  */
-var WebAuthnWorkflow;
-(function (WebAuthnWorkflow) {
-    WebAuthnWorkflow["bootstrap"] = "bootstrap";
-    WebAuthnWorkflow["general"] = "general";
-    WebAuthnWorkflow["reauthentication"] = "reauthentication";
-})(WebAuthnWorkflow = exports.WebAuthnWorkflow || (exports.WebAuthnWorkflow = {}));
+var FormType;
+(function (FormType) {
+    FormType["registration"] = "registration";
+    FormType["adminRegistration"] = "adminRegistration";
+    FormType["adminUser"] = "adminUser";
+    FormType["selfServiceUser"] = "selfServiceUser";
+})(FormType = exports.FormType || (exports.FormType = {}));
 /**
- * Models a consent.
+ * Authorization Grant types as defined by the <a href="https://tools.ietf.org/html/rfc6749">The OAuth 2.0 Authorization
+ * Framework - RFC 6749</a>.
+ * <p>
+ * Specific names as defined by <a href="https://tools.ietf.org/html/rfc7591#section-4.1">
+ * OAuth 2.0 Dynamic Client Registration Protocol - RFC 7591 Section 4.1</a>
  *
  * @author Daniel DeGroff
  */
-var ConsentStatus;
-(function (ConsentStatus) {
-    ConsentStatus["Active"] = "Active";
-    ConsentStatus["Revoked"] = "Revoked";
-})(ConsentStatus = exports.ConsentStatus || (exports.ConsentStatus = {}));
+var GrantType;
+(function (GrantType) {
+    GrantType["authorization_code"] = "authorization_code";
+    GrantType["implicit"] = "implicit";
+    GrantType["password"] = "password";
+    GrantType["client_credentials"] = "client_credentials";
+    GrantType["refresh_token"] = "refresh_token";
+    GrantType["unknown"] = "unknown";
+    GrantType["device_code"] = "urn:ietf:params:oauth:grant-type:device_code";
+})(GrantType = exports.GrantType || (exports.GrantType = {}));
 /**
  * @author Daniel DeGroff
  */
@@ -5431,143 +5663,151 @@ var HTTPMethod;
     HTTPMethod["PATCH"] = "PATCH";
 })(HTTPMethod = exports.HTTPMethod || (exports.HTTPMethod = {}));
 /**
- * @author Daniel DeGroff
- */
-var UserState;
-(function (UserState) {
-    UserState["Authenticated"] = "Authenticated";
-    UserState["AuthenticatedNotRegistered"] = "AuthenticatedNotRegistered";
-    UserState["AuthenticatedNotVerified"] = "AuthenticatedNotVerified";
-    UserState["AuthenticatedRegistrationNotVerified"] = "AuthenticatedRegistrationNotVerified";
-})(UserState = exports.UserState || (exports.UserState = {}));
-/**
- * @author Daniel DeGroff
+ * @author Brett Guy
  */
-var RefreshTokenExpirationPolicy;
-(function (RefreshTokenExpirationPolicy) {
-    RefreshTokenExpirationPolicy["Fixed"] = "Fixed";
-    RefreshTokenExpirationPolicy["SlidingWindow"] = "SlidingWindow";
-    RefreshTokenExpirationPolicy["SlidingWindowWithMaximumLifetime"] = "SlidingWindowWithMaximumLifetime";
-})(RefreshTokenExpirationPolicy = exports.RefreshTokenExpirationPolicy || (exports.RefreshTokenExpirationPolicy = {}));
+var IPAccessControlEntryAction;
+(function (IPAccessControlEntryAction) {
+    IPAccessControlEntryAction["Allow"] = "Allow";
+    IPAccessControlEntryAction["Block"] = "Block";
+})(IPAccessControlEntryAction = exports.IPAccessControlEntryAction || (exports.IPAccessControlEntryAction = {}));
 /**
- * The use type of a key.
+ * The IdP behavior when no user link has been made yet.
  *
  * @author Daniel DeGroff
  */
-var KeyUse;
-(function (KeyUse) {
-    KeyUse["SignOnly"] = "SignOnly";
-    KeyUse["SignAndVerify"] = "SignAndVerify";
-    KeyUse["VerifyOnly"] = "VerifyOnly";
-})(KeyUse = exports.KeyUse || (exports.KeyUse = {}));
+var IdentityProviderLinkingStrategy;
+(function (IdentityProviderLinkingStrategy) {
+    IdentityProviderLinkingStrategy["CreatePendingLink"] = "CreatePendingLink";
+    IdentityProviderLinkingStrategy["Disabled"] = "Disabled";
+    IdentityProviderLinkingStrategy["LinkAnonymously"] = "LinkAnonymously";
+    IdentityProviderLinkingStrategy["LinkByEmail"] = "LinkByEmail";
+    IdentityProviderLinkingStrategy["LinkByEmailForExistingUser"] = "LinkByEmailForExistingUser";
+    IdentityProviderLinkingStrategy["LinkByUsername"] = "LinkByUsername";
+    IdentityProviderLinkingStrategy["LinkByUsernameForExistingUser"] = "LinkByUsernameForExistingUser";
+    IdentityProviderLinkingStrategy["Unsupported"] = "Unsupported";
+})(IdentityProviderLinkingStrategy = exports.IdentityProviderLinkingStrategy || (exports.IdentityProviderLinkingStrategy = {}));
 /**
- * @author Daniel DeGroff
+ * @author Brett Pontarelli
  */
-var BreachedPasswordStatus;
-(function (BreachedPasswordStatus) {
-    BreachedPasswordStatus["None"] = "None";
-    BreachedPasswordStatus["ExactMatch"] = "ExactMatch";
-    BreachedPasswordStatus["SubAddressMatch"] = "SubAddressMatch";
-    BreachedPasswordStatus["PasswordOnly"] = "PasswordOnly";
-    BreachedPasswordStatus["CommonPassword"] = "CommonPassword";
-})(BreachedPasswordStatus = exports.BreachedPasswordStatus || (exports.BreachedPasswordStatus = {}));
+var IdentityProviderLoginMethod;
+(function (IdentityProviderLoginMethod) {
+    IdentityProviderLoginMethod["UsePopup"] = "UsePopup";
+    IdentityProviderLoginMethod["UseRedirect"] = "UseRedirect";
+    IdentityProviderLoginMethod["UseVendorJavaScript"] = "UseVendorJavaScript";
+})(IdentityProviderLoginMethod = exports.IdentityProviderLoginMethod || (exports.IdentityProviderLoginMethod = {}));
+var ClientAuthenticationMethod;
+(function (ClientAuthenticationMethod) {
+    ClientAuthenticationMethod["none"] = "none";
+    ClientAuthenticationMethod["client_secret_basic"] = "client_secret_basic";
+    ClientAuthenticationMethod["client_secret_post"] = "client_secret_post";
+})(ClientAuthenticationMethod = exports.ClientAuthenticationMethod || (exports.ClientAuthenticationMethod = {}));
 /**
  * @author Daniel DeGroff
  */
-var FormControl;
-(function (FormControl) {
-    FormControl["checkbox"] = "checkbox";
-    FormControl["number"] = "number";
-    FormControl["password"] = "password";
-    FormControl["radio"] = "radio";
-    FormControl["select"] = "select";
-    FormControl["textarea"] = "textarea";
-    FormControl["text"] = "text";
-})(FormControl = exports.FormControl || (exports.FormControl = {}));
-/**
- * Controls the policy for whether OAuth workflows will more strictly adhere to the OAuth and OIDC specification
- * or run in backwards compatibility mode.
- *
- * @author David Charles
- */
-var OAuthScopeHandlingPolicy;
-(function (OAuthScopeHandlingPolicy) {
-    OAuthScopeHandlingPolicy["Compatibility"] = "Compatibility";
-    OAuthScopeHandlingPolicy["Strict"] = "Strict";
-})(OAuthScopeHandlingPolicy = exports.OAuthScopeHandlingPolicy || (exports.OAuthScopeHandlingPolicy = {}));
+var IdentityProviderType;
+(function (IdentityProviderType) {
+    IdentityProviderType["Apple"] = "Apple";
+    IdentityProviderType["EpicGames"] = "EpicGames";
+    IdentityProviderType["ExternalJWT"] = "ExternalJWT";
+    IdentityProviderType["Facebook"] = "Facebook";
+    IdentityProviderType["Google"] = "Google";
+    IdentityProviderType["HYPR"] = "HYPR";
+    IdentityProviderType["LinkedIn"] = "LinkedIn";
+    IdentityProviderType["Nintendo"] = "Nintendo";
+    IdentityProviderType["OpenIDConnect"] = "OpenIDConnect";
+    IdentityProviderType["SAMLv2"] = "SAMLv2";
+    IdentityProviderType["SAMLv2IdPInitiated"] = "SAMLv2IdPInitiated";
+    IdentityProviderType["SonyPSN"] = "SonyPSN";
+    IdentityProviderType["Steam"] = "Steam";
+    IdentityProviderType["Twitch"] = "Twitch";
+    IdentityProviderType["Twitter"] = "Twitter";
+    IdentityProviderType["Xbox"] = "Xbox";
+})(IdentityProviderType = exports.IdentityProviderType || (exports.IdentityProviderType = {}));
+var KeyAlgorithm;
+(function (KeyAlgorithm) {
+    KeyAlgorithm["ES256"] = "ES256";
+    KeyAlgorithm["ES384"] = "ES384";
+    KeyAlgorithm["ES512"] = "ES512";
+    KeyAlgorithm["HS256"] = "HS256";
+    KeyAlgorithm["HS384"] = "HS384";
+    KeyAlgorithm["HS512"] = "HS512";
+    KeyAlgorithm["RS256"] = "RS256";
+    KeyAlgorithm["RS384"] = "RS384";
+    KeyAlgorithm["RS512"] = "RS512";
+})(KeyAlgorithm = exports.KeyAlgorithm || (exports.KeyAlgorithm = {}));
+var KeyType;
+(function (KeyType) {
+    KeyType["EC"] = "EC";
+    KeyType["RSA"] = "RSA";
+    KeyType["HMAC"] = "HMAC";
+})(KeyType = exports.KeyType || (exports.KeyType = {}));
 /**
- * The possible states of an individual webhook attempt to a single endpoint.
+ * The use type of a key.
  *
- * @author Spencer Witt
+ * @author Daniel DeGroff
  */
-var WebhookAttemptResult;
-(function (WebhookAttemptResult) {
-    WebhookAttemptResult["Success"] = "Success";
-    WebhookAttemptResult["Failure"] = "Failure";
-    WebhookAttemptResult["Unknown"] = "Unknown";
-})(WebhookAttemptResult = exports.WebhookAttemptResult || (exports.WebhookAttemptResult = {}));
+var KeyUse;
+(function (KeyUse) {
+    KeyUse["SignOnly"] = "SignOnly";
+    KeyUse["SignAndVerify"] = "SignAndVerify";
+    KeyUse["VerifyOnly"] = "VerifyOnly";
+})(KeyUse = exports.KeyUse || (exports.KeyUse = {}));
+var LDAPSecurityMethod;
+(function (LDAPSecurityMethod) {
+    LDAPSecurityMethod["None"] = "None";
+    LDAPSecurityMethod["LDAPS"] = "LDAPS";
+    LDAPSecurityMethod["StartTLS"] = "StartTLS";
+})(LDAPSecurityMethod = exports.LDAPSecurityMethod || (exports.LDAPSecurityMethod = {}));
 /**
- * Event Log Type
- *
  * @author Daniel DeGroff
  */
-var EventLogType;
-(function (EventLogType) {
-    EventLogType["Information"] = "Information";
-    EventLogType["Debug"] = "Debug";
-    EventLogType["Error"] = "Error";
-})(EventLogType = exports.EventLogType || (exports.EventLogType = {}));
+var LambdaEngineType;
+(function (LambdaEngineType) {
+    LambdaEngineType["GraalJS"] = "GraalJS";
+    LambdaEngineType["Nashorn"] = "Nashorn";
+})(LambdaEngineType = exports.LambdaEngineType || (exports.LambdaEngineType = {}));
 /**
- * The transaction types for Webhooks and other event systems within FusionAuth.
+ * The types of lambdas that indicate how they are invoked by FusionAuth.
  *
  * @author Brian Pontarelli
  */
-var TransactionType;
-(function (TransactionType) {
-    TransactionType["None"] = "None";
-    TransactionType["Any"] = "Any";
-    TransactionType["SimpleMajority"] = "SimpleMajority";
-    TransactionType["SuperMajority"] = "SuperMajority";
-    TransactionType["AbsoluteMajority"] = "AbsoluteMajority";
-})(TransactionType = exports.TransactionType || (exports.TransactionType = {}));
-/**
- * COSE key type
- *
- * @author Spencer Witt
- */
-var CoseKeyType;
-(function (CoseKeyType) {
-    CoseKeyType["Reserved"] = "0";
-    CoseKeyType["OKP"] = "1";
-    CoseKeyType["EC2"] = "2";
-    CoseKeyType["RSA"] = "3";
-    CoseKeyType["Symmetric"] = "4";
-})(CoseKeyType = exports.CoseKeyType || (exports.CoseKeyType = {}));
-var ThemeType;
-(function (ThemeType) {
-    ThemeType["advanced"] = "advanced";
-    ThemeType["simple"] = "simple";
-})(ThemeType = exports.ThemeType || (exports.ThemeType = {}));
-/**
- * The types of connectors. This enum is stored as an ordinal on the <code>identities</code> table, order must be maintained.
- *
- * @author Trevor Smith
- */
-var ConnectorType;
-(function (ConnectorType) {
-    ConnectorType["FusionAuth"] = "FusionAuth";
-    ConnectorType["Generic"] = "Generic";
-    ConnectorType["LDAP"] = "LDAP";
-})(ConnectorType = exports.ConnectorType || (exports.ConnectorType = {}));
+var LambdaType;
+(function (LambdaType) {
+    LambdaType["JWTPopulate"] = "JWTPopulate";
+    LambdaType["OpenIDReconcile"] = "OpenIDReconcile";
+    LambdaType["SAMLv2Reconcile"] = "SAMLv2Reconcile";
+    LambdaType["SAMLv2Populate"] = "SAMLv2Populate";
+    LambdaType["AppleReconcile"] = "AppleReconcile";
+    LambdaType["ExternalJWTReconcile"] = "ExternalJWTReconcile";
+    LambdaType["FacebookReconcile"] = "FacebookReconcile";
+    LambdaType["GoogleReconcile"] = "GoogleReconcile";
+    LambdaType["HYPRReconcile"] = "HYPRReconcile";
+    LambdaType["TwitterReconcile"] = "TwitterReconcile";
+    LambdaType["LDAPConnectorReconcile"] = "LDAPConnectorReconcile";
+    LambdaType["LinkedInReconcile"] = "LinkedInReconcile";
+    LambdaType["EpicGamesReconcile"] = "EpicGamesReconcile";
+    LambdaType["NintendoReconcile"] = "NintendoReconcile";
+    LambdaType["SonyPSNReconcile"] = "SonyPSNReconcile";
+    LambdaType["SteamReconcile"] = "SteamReconcile";
+    LambdaType["TwitchReconcile"] = "TwitchReconcile";
+    LambdaType["XboxReconcile"] = "XboxReconcile";
+    LambdaType["ClientCredentialsJWTPopulate"] = "ClientCredentialsJWTPopulate";
+    LambdaType["SCIMServerGroupRequestConverter"] = "SCIMServerGroupRequestConverter";
+    LambdaType["SCIMServerGroupResponseConverter"] = "SCIMServerGroupResponseConverter";
+    LambdaType["SCIMServerUserRequestConverter"] = "SCIMServerUserRequestConverter";
+    LambdaType["SCIMServerUserResponseConverter"] = "SCIMServerUserResponseConverter";
+    LambdaType["SelfServiceRegistrationValidation"] = "SelfServiceRegistrationValidation";
+    LambdaType["UserInfoPopulate"] = "UserInfoPopulate";
+    LambdaType["LoginValidation"] = "LoginValidation";
+})(LambdaType = exports.LambdaType || (exports.LambdaType = {}));
 /**
- * @author Brett Guy
+ * @author Matthew Altman
  */
-var ProofKeyForCodeExchangePolicy;
-(function (ProofKeyForCodeExchangePolicy) {
-    ProofKeyForCodeExchangePolicy["Required"] = "Required";
-    ProofKeyForCodeExchangePolicy["NotRequired"] = "NotRequired";
-    ProofKeyForCodeExchangePolicy["NotRequiredWhenUsingClientAuthentication"] = "NotRequiredWhenUsingClientAuthentication";
-})(ProofKeyForCodeExchangePolicy = exports.ProofKeyForCodeExchangePolicy || (exports.ProofKeyForCodeExchangePolicy = {}));
+var LogoutBehavior;
+(function (LogoutBehavior) {
+    LogoutBehavior["RedirectOnly"] = "RedirectOnly";
+    LogoutBehavior["AllApplications"] = "AllApplications";
+})(LogoutBehavior = exports.LogoutBehavior || (exports.LogoutBehavior = {}));
 /**
  * @author Mikey Sleevi
  */
@@ -5576,77 +5816,34 @@ var MessageType;
     MessageType["SMS"] = "SMS";
 })(MessageType = exports.MessageType || (exports.MessageType = {}));
 /**
- * Describes the Relying Party's requirements for <a href="https://www.w3.org/TR/webauthn-2/#client-side-discoverable-credential">client-side
- * discoverable credentials</a> (formerly known as "resident keys")
- *
- * @author Spencer Witt
- */
-var ResidentKeyRequirement;
-(function (ResidentKeyRequirement) {
-    ResidentKeyRequirement["discouraged"] = "discouraged";
-    ResidentKeyRequirement["preferred"] = "preferred";
-    ResidentKeyRequirement["required"] = "required";
-})(ResidentKeyRequirement = exports.ResidentKeyRequirement || (exports.ResidentKeyRequirement = {}));
-/**
- * @author Trevor Smith
+ * @author Brett Guy
  */
-var ChangePasswordReason;
-(function (ChangePasswordReason) {
-    ChangePasswordReason["Administrative"] = "Administrative";
-    ChangePasswordReason["Breached"] = "Breached";
-    ChangePasswordReason["Expired"] = "Expired";
-    ChangePasswordReason["Validation"] = "Validation";
-})(ChangePasswordReason = exports.ChangePasswordReason || (exports.ChangePasswordReason = {}));
-var LDAPSecurityMethod;
-(function (LDAPSecurityMethod) {
-    LDAPSecurityMethod["None"] = "None";
-    LDAPSecurityMethod["LDAPS"] = "LDAPS";
-    LDAPSecurityMethod["StartTLS"] = "StartTLS";
-})(LDAPSecurityMethod = exports.LDAPSecurityMethod || (exports.LDAPSecurityMethod = {}));
+var MessengerType;
+(function (MessengerType) {
+    MessengerType["Generic"] = "Generic";
+    MessengerType["Kafka"] = "Kafka";
+    MessengerType["Twilio"] = "Twilio";
+})(MessengerType = exports.MessengerType || (exports.MessengerType = {}));
 /**
- * @author Johnathon Wood
+ * @author Daniel DeGroff
  */
-var Oauth2AuthorizedURLValidationPolicy;
-(function (Oauth2AuthorizedURLValidationPolicy) {
-    Oauth2AuthorizedURLValidationPolicy["AllowWildcards"] = "AllowWildcards";
-    Oauth2AuthorizedURLValidationPolicy["ExactMatch"] = "ExactMatch";
-})(Oauth2AuthorizedURLValidationPolicy = exports.Oauth2AuthorizedURLValidationPolicy || (exports.Oauth2AuthorizedURLValidationPolicy = {}));
+var MultiFactorLoginPolicy;
+(function (MultiFactorLoginPolicy) {
+    MultiFactorLoginPolicy["Disabled"] = "Disabled";
+    MultiFactorLoginPolicy["Enabled"] = "Enabled";
+    MultiFactorLoginPolicy["Required"] = "Required";
+})(MultiFactorLoginPolicy = exports.MultiFactorLoginPolicy || (exports.MultiFactorLoginPolicy = {}));
 /**
- * Describes the <a href="https://www.w3.org/TR/webauthn-2/#authenticator-attachment-modality">authenticator attachment modality</a>.
+ * The application's relationship to the authorization server. First-party applications will be granted implicit permission for requested scopes.
+ * Third-party applications will use the {@link OAuthScopeConsentMode} policy.
  *
  * @author Spencer Witt
  */
-var AuthenticatorAttachment;
-(function (AuthenticatorAttachment) {
-    AuthenticatorAttachment["platform"] = "platform";
-    AuthenticatorAttachment["crossPlatform"] = "crossPlatform";
-})(AuthenticatorAttachment = exports.AuthenticatorAttachment || (exports.AuthenticatorAttachment = {}));
-/**
- * @author Brett Pontarelli
- */
-var IdentityProviderLoginMethod;
-(function (IdentityProviderLoginMethod) {
-    IdentityProviderLoginMethod["UsePopup"] = "UsePopup";
-    IdentityProviderLoginMethod["UseRedirect"] = "UseRedirect";
-    IdentityProviderLoginMethod["UseVendorJavaScript"] = "UseVendorJavaScript";
-})(IdentityProviderLoginMethod = exports.IdentityProviderLoginMethod || (exports.IdentityProviderLoginMethod = {}));
-/**
- * @author Daniel DeGroff
- */
-var RefreshTokenUsagePolicy;
-(function (RefreshTokenUsagePolicy) {
-    RefreshTokenUsagePolicy["Reusable"] = "Reusable";
-    RefreshTokenUsagePolicy["OneTimeUse"] = "OneTimeUse";
-})(RefreshTokenUsagePolicy = exports.RefreshTokenUsagePolicy || (exports.RefreshTokenUsagePolicy = {}));
-/**
- * @author Lyle Schemmerling
- */
-var SAMLv2DestinationAssertionPolicy;
-(function (SAMLv2DestinationAssertionPolicy) {
-    SAMLv2DestinationAssertionPolicy["Enabled"] = "Enabled";
-    SAMLv2DestinationAssertionPolicy["Disabled"] = "Disabled";
-    SAMLv2DestinationAssertionPolicy["AllowAlternates"] = "AllowAlternates";
-})(SAMLv2DestinationAssertionPolicy = exports.SAMLv2DestinationAssertionPolicy || (exports.SAMLv2DestinationAssertionPolicy = {}));
+var OAuthApplicationRelationship;
+(function (OAuthApplicationRelationship) {
+    OAuthApplicationRelationship["FirstParty"] = "FirstParty";
+    OAuthApplicationRelationship["ThirdParty"] = "ThirdParty";
+})(OAuthApplicationRelationship = exports.OAuthApplicationRelationship || (exports.OAuthApplicationRelationship = {}));
 var OAuthErrorReason;
 (function (OAuthErrorReason) {
     OAuthErrorReason["auth_code_not_found"] = "auth_code_not_found";
@@ -5677,6 +5874,7 @@ var OAuthErrorReason;
     OAuthErrorReason["invalid_target_entity_scope"] = "invalid_target_entity_scope";
     OAuthErrorReason["invalid_entity_permission_scope"] = "invalid_entity_permission_scope";
     OAuthErrorReason["invalid_user_id"] = "invalid_user_id";
+    OAuthErrorReason["invalid_tenant_id"] = "invalid_tenant_id";
     OAuthErrorReason["grant_type_disabled"] = "grant_type_disabled";
     OAuthErrorReason["missing_client_id"] = "missing_client_id";
     OAuthErrorReason["missing_client_secret"] = "missing_client_secret";
@@ -5692,6 +5890,7 @@ var OAuthErrorReason;
     OAuthErrorReason["missing_user_code"] = "missing_user_code";
     OAuthErrorReason["missing_user_id"] = "missing_user_id";
     OAuthErrorReason["missing_verification_uri"] = "missing_verification_uri";
+    OAuthErrorReason["missing_tenant_id"] = "missing_tenant_id";
     OAuthErrorReason["login_prevented"] = "login_prevented";
     OAuthErrorReason["not_licensed"] = "not_licensed";
     OAuthErrorReason["user_code_expired"] = "user_code_expired";
@@ -5710,270 +5909,88 @@ var OAuthErrorReason;
     OAuthErrorReason["missing_required_scope"] = "missing_required_scope";
     OAuthErrorReason["unknown_scope"] = "unknown_scope";
     OAuthErrorReason["consent_canceled"] = "consent_canceled";
-})(OAuthErrorReason = exports.OAuthErrorReason || (exports.OAuthErrorReason = {}));
-var OAuthErrorType;
-(function (OAuthErrorType) {
-    OAuthErrorType["invalid_request"] = "invalid_request";
-    OAuthErrorType["invalid_client"] = "invalid_client";
-    OAuthErrorType["invalid_grant"] = "invalid_grant";
-    OAuthErrorType["invalid_token"] = "invalid_token";
-    OAuthErrorType["unauthorized_client"] = "unauthorized_client";
-    OAuthErrorType["invalid_scope"] = "invalid_scope";
-    OAuthErrorType["server_error"] = "server_error";
-    OAuthErrorType["unsupported_grant_type"] = "unsupported_grant_type";
-    OAuthErrorType["unsupported_response_type"] = "unsupported_response_type";
-    OAuthErrorType["access_denied"] = "access_denied";
-    OAuthErrorType["change_password_required"] = "change_password_required";
-    OAuthErrorType["not_licensed"] = "not_licensed";
-    OAuthErrorType["two_factor_required"] = "two_factor_required";
-    OAuthErrorType["authorization_pending"] = "authorization_pending";
-    OAuthErrorType["expired_token"] = "expired_token";
-    OAuthErrorType["unsupported_token_type"] = "unsupported_token_type";
-})(OAuthErrorType = exports.OAuthErrorType || (exports.OAuthErrorType = {}));
-var DeviceType;
-(function (DeviceType) {
-    DeviceType["BROWSER"] = "BROWSER";
-    DeviceType["DESKTOP"] = "DESKTOP";
-    DeviceType["LAPTOP"] = "LAPTOP";
-    DeviceType["MOBILE"] = "MOBILE";
-    DeviceType["OTHER"] = "OTHER";
-    DeviceType["SERVER"] = "SERVER";
-    DeviceType["TABLET"] = "TABLET";
-    DeviceType["TV"] = "TV";
-    DeviceType["UNKNOWN"] = "UNKNOWN";
-})(DeviceType = exports.DeviceType || (exports.DeviceType = {}));
-/**
- * @author Daniel DeGroff
- */
-var ApplicationMultiFactorTrustPolicy;
-(function (ApplicationMultiFactorTrustPolicy) {
-    ApplicationMultiFactorTrustPolicy["Any"] = "Any";
-    ApplicationMultiFactorTrustPolicy["This"] = "This";
-    ApplicationMultiFactorTrustPolicy["None"] = "None";
-})(ApplicationMultiFactorTrustPolicy = exports.ApplicationMultiFactorTrustPolicy || (exports.ApplicationMultiFactorTrustPolicy = {}));
-/**
- * @author Daniel DeGroff
- */
-var RateLimitedRequestType;
-(function (RateLimitedRequestType) {
-    RateLimitedRequestType["FailedLogin"] = "FailedLogin";
-    RateLimitedRequestType["ForgotPassword"] = "ForgotPassword";
-    RateLimitedRequestType["SendEmailVerification"] = "SendEmailVerification";
-    RateLimitedRequestType["SendPasswordless"] = "SendPasswordless";
-    RateLimitedRequestType["SendRegistrationVerification"] = "SendRegistrationVerification";
-    RateLimitedRequestType["SendTwoFactor"] = "SendTwoFactor";
-})(RateLimitedRequestType = exports.RateLimitedRequestType || (exports.RateLimitedRequestType = {}));
-/**
- * @author Daniel DeGroff
- */
-var LambdaEngineType;
-(function (LambdaEngineType) {
-    LambdaEngineType["GraalJS"] = "GraalJS";
-    LambdaEngineType["Nashorn"] = "Nashorn";
-})(LambdaEngineType = exports.LambdaEngineType || (exports.LambdaEngineType = {}));
-/**
- * Used to express whether the Relying Party requires <a href="https://www.w3.org/TR/webauthn-2/#user-verification">user verification</a> for the
- * current operation.
- *
- * @author Spencer Witt
- */
-var UserVerificationRequirement;
-(function (UserVerificationRequirement) {
-    UserVerificationRequirement["required"] = "required";
-    UserVerificationRequirement["preferred"] = "preferred";
-    UserVerificationRequirement["discouraged"] = "discouraged";
-})(UserVerificationRequirement = exports.UserVerificationRequirement || (exports.UserVerificationRequirement = {}));
-/**
- * @author Brett Guy
- */
-var ClientAuthenticationPolicy;
-(function (ClientAuthenticationPolicy) {
-    ClientAuthenticationPolicy["Required"] = "Required";
-    ClientAuthenticationPolicy["NotRequired"] = "NotRequired";
-    ClientAuthenticationPolicy["NotRequiredWhenUsingPKCE"] = "NotRequiredWhenUsingPKCE";
-})(ClientAuthenticationPolicy = exports.ClientAuthenticationPolicy || (exports.ClientAuthenticationPolicy = {}));
-/**
- * @author Daniel DeGroff
- */
-var FormType;
-(function (FormType) {
-    FormType["registration"] = "registration";
-    FormType["adminRegistration"] = "adminRegistration";
-    FormType["adminUser"] = "adminUser";
-    FormType["selfServiceUser"] = "selfServiceUser";
-})(FormType = exports.FormType || (exports.FormType = {}));
-/**
- * XML canonicalization method enumeration. This is used for the IdP and SP side of FusionAuth SAML.
- *
- * @author Brian Pontarelli
- */
-var CanonicalizationMethod;
-(function (CanonicalizationMethod) {
-    CanonicalizationMethod["exclusive"] = "exclusive";
-    CanonicalizationMethod["exclusive_with_comments"] = "exclusive_with_comments";
-    CanonicalizationMethod["inclusive"] = "inclusive";
-    CanonicalizationMethod["inclusive_with_comments"] = "inclusive_with_comments";
-})(CanonicalizationMethod = exports.CanonicalizationMethod || (exports.CanonicalizationMethod = {}));
-/**
- * @author Brian Pontarelli
- */
-var ExpiryUnit;
-(function (ExpiryUnit) {
-    ExpiryUnit["MINUTES"] = "MINUTES";
-    ExpiryUnit["HOURS"] = "HOURS";
-    ExpiryUnit["DAYS"] = "DAYS";
-    ExpiryUnit["WEEKS"] = "WEEKS";
-    ExpiryUnit["MONTHS"] = "MONTHS";
-    ExpiryUnit["YEARS"] = "YEARS";
-})(ExpiryUnit = exports.ExpiryUnit || (exports.ExpiryUnit = {}));
-/**
- * @author Daniel DeGroff
- */
-var SecureGeneratorType;
-(function (SecureGeneratorType) {
-    SecureGeneratorType["randomDigits"] = "randomDigits";
-    SecureGeneratorType["randomBytes"] = "randomBytes";
-    SecureGeneratorType["randomAlpha"] = "randomAlpha";
-    SecureGeneratorType["randomAlphaNumeric"] = "randomAlphaNumeric";
-})(SecureGeneratorType = exports.SecureGeneratorType || (exports.SecureGeneratorType = {}));
-/**
- * @author Daniel DeGroff
- */
-var FormDataType;
-(function (FormDataType) {
-    FormDataType["bool"] = "bool";
-    FormDataType["consent"] = "consent";
-    FormDataType["date"] = "date";
-    FormDataType["email"] = "email";
-    FormDataType["number"] = "number";
-    FormDataType["string"] = "string";
-})(FormDataType = exports.FormDataType || (exports.FormDataType = {}));
-/**
- * The IdP behavior when no user link has been made yet.
- *
- * @author Daniel DeGroff
- */
-var IdentityProviderLinkingStrategy;
-(function (IdentityProviderLinkingStrategy) {
-    IdentityProviderLinkingStrategy["CreatePendingLink"] = "CreatePendingLink";
-    IdentityProviderLinkingStrategy["Disabled"] = "Disabled";
-    IdentityProviderLinkingStrategy["LinkAnonymously"] = "LinkAnonymously";
-    IdentityProviderLinkingStrategy["LinkByEmail"] = "LinkByEmail";
-    IdentityProviderLinkingStrategy["LinkByEmailForExistingUser"] = "LinkByEmailForExistingUser";
-    IdentityProviderLinkingStrategy["LinkByUsername"] = "LinkByUsername";
-    IdentityProviderLinkingStrategy["LinkByUsernameForExistingUser"] = "LinkByUsernameForExistingUser";
-    IdentityProviderLinkingStrategy["Unsupported"] = "Unsupported";
-})(IdentityProviderLinkingStrategy = exports.IdentityProviderLinkingStrategy || (exports.IdentityProviderLinkingStrategy = {}));
-/**
- * @author Daniel DeGroff
- */
-var MultiFactorLoginPolicy;
-(function (MultiFactorLoginPolicy) {
-    MultiFactorLoginPolicy["Disabled"] = "Disabled";
-    MultiFactorLoginPolicy["Enabled"] = "Enabled";
-    MultiFactorLoginPolicy["Required"] = "Required";
-})(MultiFactorLoginPolicy = exports.MultiFactorLoginPolicy || (exports.MultiFactorLoginPolicy = {}));
-/**
- * @author Brett Guy
- */
-var IPAccessControlEntryAction;
-(function (IPAccessControlEntryAction) {
-    IPAccessControlEntryAction["Allow"] = "Allow";
-    IPAccessControlEntryAction["Block"] = "Block";
-})(IPAccessControlEntryAction = exports.IPAccessControlEntryAction || (exports.IPAccessControlEntryAction = {}));
+})(OAuthErrorReason = exports.OAuthErrorReason || (exports.OAuthErrorReason = {}));
+var OAuthErrorType;
+(function (OAuthErrorType) {
+    OAuthErrorType["invalid_request"] = "invalid_request";
+    OAuthErrorType["invalid_client"] = "invalid_client";
+    OAuthErrorType["invalid_grant"] = "invalid_grant";
+    OAuthErrorType["invalid_token"] = "invalid_token";
+    OAuthErrorType["unauthorized_client"] = "unauthorized_client";
+    OAuthErrorType["invalid_scope"] = "invalid_scope";
+    OAuthErrorType["server_error"] = "server_error";
+    OAuthErrorType["unsupported_grant_type"] = "unsupported_grant_type";
+    OAuthErrorType["unsupported_response_type"] = "unsupported_response_type";
+    OAuthErrorType["access_denied"] = "access_denied";
+    OAuthErrorType["change_password_required"] = "change_password_required";
+    OAuthErrorType["not_licensed"] = "not_licensed";
+    OAuthErrorType["two_factor_required"] = "two_factor_required";
+    OAuthErrorType["authorization_pending"] = "authorization_pending";
+    OAuthErrorType["expired_token"] = "expired_token";
+    OAuthErrorType["unsupported_token_type"] = "unsupported_token_type";
+})(OAuthErrorType = exports.OAuthErrorType || (exports.OAuthErrorType = {}));
 /**
- * The phases of a time-based user action.
+ * Controls the policy for requesting user permission to grant access to requested scopes during an OAuth workflow
+ * for a third-party application.
  *
- * @author Brian Pontarelli
+ * @author Spencer Witt
  */
-var UserActionPhase;
-(function (UserActionPhase) {
-    UserActionPhase["start"] = "start";
-    UserActionPhase["modify"] = "modify";
-    UserActionPhase["cancel"] = "cancel";
-    UserActionPhase["end"] = "end";
-})(UserActionPhase = exports.UserActionPhase || (exports.UserActionPhase = {}));
+var OAuthScopeConsentMode;
+(function (OAuthScopeConsentMode) {
+    OAuthScopeConsentMode["AlwaysPrompt"] = "AlwaysPrompt";
+    OAuthScopeConsentMode["RememberDecision"] = "RememberDecision";
+    OAuthScopeConsentMode["NeverPrompt"] = "NeverPrompt";
+})(OAuthScopeConsentMode = exports.OAuthScopeConsentMode || (exports.OAuthScopeConsentMode = {}));
 /**
- * The types of lambdas that indicate how they are invoked by FusionAuth.
+ * Controls the policy for whether OAuth workflows will more strictly adhere to the OAuth and OIDC specification
+ * or run in backwards compatibility mode.
  *
- * @author Brian Pontarelli
+ * @author David Charles
  */
-var LambdaType;
-(function (LambdaType) {
-    LambdaType["JWTPopulate"] = "JWTPopulate";
-    LambdaType["OpenIDReconcile"] = "OpenIDReconcile";
-    LambdaType["SAMLv2Reconcile"] = "SAMLv2Reconcile";
-    LambdaType["SAMLv2Populate"] = "SAMLv2Populate";
-    LambdaType["AppleReconcile"] = "AppleReconcile";
-    LambdaType["ExternalJWTReconcile"] = "ExternalJWTReconcile";
-    LambdaType["FacebookReconcile"] = "FacebookReconcile";
-    LambdaType["GoogleReconcile"] = "GoogleReconcile";
-    LambdaType["HYPRReconcile"] = "HYPRReconcile";
-    LambdaType["TwitterReconcile"] = "TwitterReconcile";
-    LambdaType["LDAPConnectorReconcile"] = "LDAPConnectorReconcile";
-    LambdaType["LinkedInReconcile"] = "LinkedInReconcile";
-    LambdaType["EpicGamesReconcile"] = "EpicGamesReconcile";
-    LambdaType["NintendoReconcile"] = "NintendoReconcile";
-    LambdaType["SonyPSNReconcile"] = "SonyPSNReconcile";
-    LambdaType["SteamReconcile"] = "SteamReconcile";
-    LambdaType["TwitchReconcile"] = "TwitchReconcile";
-    LambdaType["XboxReconcile"] = "XboxReconcile";
-    LambdaType["ClientCredentialsJWTPopulate"] = "ClientCredentialsJWTPopulate";
-    LambdaType["SCIMServerGroupRequestConverter"] = "SCIMServerGroupRequestConverter";
-    LambdaType["SCIMServerGroupResponseConverter"] = "SCIMServerGroupResponseConverter";
-    LambdaType["SCIMServerUserRequestConverter"] = "SCIMServerUserRequestConverter";
-    LambdaType["SCIMServerUserResponseConverter"] = "SCIMServerUserResponseConverter";
-    LambdaType["SelfServiceRegistrationValidation"] = "SelfServiceRegistrationValidation";
-    LambdaType["UserInfoPopulate"] = "UserInfoPopulate";
-    LambdaType["LoginValidation"] = "LoginValidation";
-})(LambdaType = exports.LambdaType || (exports.LambdaType = {}));
+var OAuthScopeHandlingPolicy;
+(function (OAuthScopeHandlingPolicy) {
+    OAuthScopeHandlingPolicy["Compatibility"] = "Compatibility";
+    OAuthScopeHandlingPolicy["Strict"] = "Strict";
+})(OAuthScopeHandlingPolicy = exports.OAuthScopeHandlingPolicy || (exports.OAuthScopeHandlingPolicy = {}));
 /**
- * @author Daniel DeGroff
+ * @author Johnathon Wood
  */
-var SystemTrustedProxyConfigurationPolicy;
-(function (SystemTrustedProxyConfigurationPolicy) {
-    SystemTrustedProxyConfigurationPolicy["All"] = "All";
-    SystemTrustedProxyConfigurationPolicy["OnlyConfigured"] = "OnlyConfigured";
-})(SystemTrustedProxyConfigurationPolicy = exports.SystemTrustedProxyConfigurationPolicy || (exports.SystemTrustedProxyConfigurationPolicy = {}));
-var LoginIdType;
-(function (LoginIdType) {
-    LoginIdType["email"] = "email";
-    LoginIdType["username"] = "username";
-})(LoginIdType = exports.LoginIdType || (exports.LoginIdType = {}));
-var RegistrationType;
-(function (RegistrationType) {
-    RegistrationType["basic"] = "basic";
-    RegistrationType["advanced"] = "advanced";
-})(RegistrationType = exports.RegistrationType || (exports.RegistrationType = {}));
-var SAMLLogoutBehavior;
-(function (SAMLLogoutBehavior) {
-    SAMLLogoutBehavior["AllParticipants"] = "AllParticipants";
-    SAMLLogoutBehavior["OnlyOriginator"] = "OnlyOriginator";
-})(SAMLLogoutBehavior = exports.SAMLLogoutBehavior || (exports.SAMLLogoutBehavior = {}));
-var XMLSignatureLocation;
-(function (XMLSignatureLocation) {
-    XMLSignatureLocation["Assertion"] = "Assertion";
-    XMLSignatureLocation["Response"] = "Response";
-})(XMLSignatureLocation = exports.XMLSignatureLocation || (exports.XMLSignatureLocation = {}));
+var Oauth2AuthorizedURLValidationPolicy;
+(function (Oauth2AuthorizedURLValidationPolicy) {
+    Oauth2AuthorizedURLValidationPolicy["AllowWildcards"] = "AllowWildcards";
+    Oauth2AuthorizedURLValidationPolicy["ExactMatch"] = "ExactMatch";
+})(Oauth2AuthorizedURLValidationPolicy = exports.Oauth2AuthorizedURLValidationPolicy || (exports.Oauth2AuthorizedURLValidationPolicy = {}));
 /**
  * @author Daniel DeGroff
  */
-var Sort;
-(function (Sort) {
-    Sort["asc"] = "asc";
-    Sort["desc"] = "desc";
-})(Sort = exports.Sort || (exports.Sort = {}));
+var ObjectState;
+(function (ObjectState) {
+    ObjectState["Active"] = "Active";
+    ObjectState["Inactive"] = "Inactive";
+    ObjectState["PendingDelete"] = "PendingDelete";
+})(ObjectState = exports.ObjectState || (exports.ObjectState = {}));
+var BreachAction;
+(function (BreachAction) {
+    BreachAction["Off"] = "Off";
+    BreachAction["RecordOnly"] = "RecordOnly";
+    BreachAction["NotifyUser"] = "NotifyUser";
+    BreachAction["RequireChange"] = "RequireChange";
+})(BreachAction = exports.BreachAction || (exports.BreachAction = {}));
+var BreachMatchMode;
+(function (BreachMatchMode) {
+    BreachMatchMode["Low"] = "Low";
+    BreachMatchMode["Medium"] = "Medium";
+    BreachMatchMode["High"] = "High";
+})(BreachMatchMode = exports.BreachMatchMode || (exports.BreachMatchMode = {}));
 /**
- * Describes the authenticator attachment modality preference for a WebAuthn workflow. See {@link AuthenticatorAttachment}
- *
- * @author Spencer Witt
+ * @author Brett Guy
  */
-var AuthenticatorAttachmentPreference;
-(function (AuthenticatorAttachmentPreference) {
-    AuthenticatorAttachmentPreference["any"] = "any";
-    AuthenticatorAttachmentPreference["platform"] = "platform";
-    AuthenticatorAttachmentPreference["crossPlatform"] = "crossPlatform";
-})(AuthenticatorAttachmentPreference = exports.AuthenticatorAttachmentPreference || (exports.AuthenticatorAttachmentPreference = {}));
+var ProofKeyForCodeExchangePolicy;
+(function (ProofKeyForCodeExchangePolicy) {
+    ProofKeyForCodeExchangePolicy["Required"] = "Required";
+    ProofKeyForCodeExchangePolicy["NotRequired"] = "NotRequired";
+    ProofKeyForCodeExchangePolicy["NotRequiredWhenUsingClientAuthentication"] = "NotRequiredWhenUsingClientAuthentication";
+})(ProofKeyForCodeExchangePolicy = exports.ProofKeyForCodeExchangePolicy || (exports.ProofKeyForCodeExchangePolicy = {}));
 /**
  * Defines valid credential types. This is an extension point in the WebAuthn spec. The only defined value at this time is "public-key"
  *
@@ -5984,104 +6001,84 @@ var PublicKeyCredentialType;
     PublicKeyCredentialType["publicKey"] = "public-key";
 })(PublicKeyCredentialType = exports.PublicKeyCredentialType || (exports.PublicKeyCredentialType = {}));
 /**
- * COSE Elliptic Curve identifier to determine which elliptic curve to use with a given key
- *
- * @author Spencer Witt
+ * @author Daniel DeGroff
  */
-var CoseEllipticCurve;
-(function (CoseEllipticCurve) {
-    CoseEllipticCurve["Reserved"] = "Reserved";
-    CoseEllipticCurve["P256"] = "P256";
-    CoseEllipticCurve["P384"] = "P384";
-    CoseEllipticCurve["P521"] = "P521";
-    CoseEllipticCurve["X25519"] = "X25519";
-    CoseEllipticCurve["X448"] = "X448";
-    CoseEllipticCurve["Ed25519"] = "Ed25519";
-    CoseEllipticCurve["Ed448"] = "Ed448";
-    CoseEllipticCurve["Secp256k1"] = "Secp256k1";
-})(CoseEllipticCurve = exports.CoseEllipticCurve || (exports.CoseEllipticCurve = {}));
-var KeyAlgorithm;
-(function (KeyAlgorithm) {
-    KeyAlgorithm["ES256"] = "ES256";
-    KeyAlgorithm["ES384"] = "ES384";
-    KeyAlgorithm["ES512"] = "ES512";
-    KeyAlgorithm["HS256"] = "HS256";
-    KeyAlgorithm["HS384"] = "HS384";
-    KeyAlgorithm["HS512"] = "HS512";
-    KeyAlgorithm["RS256"] = "RS256";
-    KeyAlgorithm["RS384"] = "RS384";
-    KeyAlgorithm["RS512"] = "RS512";
-})(KeyAlgorithm = exports.KeyAlgorithm || (exports.KeyAlgorithm = {}));
-var KeyType;
-(function (KeyType) {
-    KeyType["EC"] = "EC";
-    KeyType["RSA"] = "RSA";
-    KeyType["HMAC"] = "HMAC";
-})(KeyType = exports.KeyType || (exports.KeyType = {}));
+var RateLimitedRequestType;
+(function (RateLimitedRequestType) {
+    RateLimitedRequestType["FailedLogin"] = "FailedLogin";
+    RateLimitedRequestType["ForgotPassword"] = "ForgotPassword";
+    RateLimitedRequestType["SendEmailVerification"] = "SendEmailVerification";
+    RateLimitedRequestType["SendPasswordless"] = "SendPasswordless";
+    RateLimitedRequestType["SendRegistrationVerification"] = "SendRegistrationVerification";
+    RateLimitedRequestType["SendTwoFactor"] = "SendTwoFactor";
+})(RateLimitedRequestType = exports.RateLimitedRequestType || (exports.RateLimitedRequestType = {}));
 /**
- * Controls the policy for requesting user permission to grant access to requested scopes during an OAuth workflow
- * for a third-party application.
- *
- * @author Spencer Witt
+ * @author Brian Pontarelli
  */
-var OAuthScopeConsentMode;
-(function (OAuthScopeConsentMode) {
-    OAuthScopeConsentMode["AlwaysPrompt"] = "AlwaysPrompt";
-    OAuthScopeConsentMode["RememberDecision"] = "RememberDecision";
-    OAuthScopeConsentMode["NeverPrompt"] = "NeverPrompt";
-})(OAuthScopeConsentMode = exports.OAuthScopeConsentMode || (exports.OAuthScopeConsentMode = {}));
+var ReactorFeatureStatus;
+(function (ReactorFeatureStatus) {
+    ReactorFeatureStatus["ACTIVE"] = "ACTIVE";
+    ReactorFeatureStatus["DISCONNECTED"] = "DISCONNECTED";
+    ReactorFeatureStatus["PENDING"] = "PENDING";
+    ReactorFeatureStatus["DISABLED"] = "DISABLED";
+    ReactorFeatureStatus["UNKNOWN"] = "UNKNOWN";
+})(ReactorFeatureStatus = exports.ReactorFeatureStatus || (exports.ReactorFeatureStatus = {}));
 /**
  * @author Daniel DeGroff
  */
-var ObjectState;
-(function (ObjectState) {
-    ObjectState["Active"] = "Active";
-    ObjectState["Inactive"] = "Inactive";
-    ObjectState["PendingDelete"] = "PendingDelete";
-})(ObjectState = exports.ObjectState || (exports.ObjectState = {}));
+var RefreshTokenExpirationPolicy;
+(function (RefreshTokenExpirationPolicy) {
+    RefreshTokenExpirationPolicy["Fixed"] = "Fixed";
+    RefreshTokenExpirationPolicy["SlidingWindow"] = "SlidingWindow";
+    RefreshTokenExpirationPolicy["SlidingWindowWithMaximumLifetime"] = "SlidingWindowWithMaximumLifetime";
+})(RefreshTokenExpirationPolicy = exports.RefreshTokenExpirationPolicy || (exports.RefreshTokenExpirationPolicy = {}));
 /**
  * @author Daniel DeGroff
  */
-var IdentityProviderType;
-(function (IdentityProviderType) {
-    IdentityProviderType["Apple"] = "Apple";
-    IdentityProviderType["EpicGames"] = "EpicGames";
-    IdentityProviderType["ExternalJWT"] = "ExternalJWT";
-    IdentityProviderType["Facebook"] = "Facebook";
-    IdentityProviderType["Google"] = "Google";
-    IdentityProviderType["HYPR"] = "HYPR";
-    IdentityProviderType["LinkedIn"] = "LinkedIn";
-    IdentityProviderType["Nintendo"] = "Nintendo";
-    IdentityProviderType["OpenIDConnect"] = "OpenIDConnect";
-    IdentityProviderType["SAMLv2"] = "SAMLv2";
-    IdentityProviderType["SAMLv2IdPInitiated"] = "SAMLv2IdPInitiated";
-    IdentityProviderType["SonyPSN"] = "SonyPSN";
-    IdentityProviderType["Steam"] = "Steam";
-    IdentityProviderType["Twitch"] = "Twitch";
-    IdentityProviderType["Twitter"] = "Twitter";
-    IdentityProviderType["Xbox"] = "Xbox";
-})(IdentityProviderType = exports.IdentityProviderType || (exports.IdentityProviderType = {}));
+var RefreshTokenUsagePolicy;
+(function (RefreshTokenUsagePolicy) {
+    RefreshTokenUsagePolicy["Reusable"] = "Reusable";
+    RefreshTokenUsagePolicy["OneTimeUse"] = "OneTimeUse";
+})(RefreshTokenUsagePolicy = exports.RefreshTokenUsagePolicy || (exports.RefreshTokenUsagePolicy = {}));
+/**
+ * Describes the Relying Party's requirements for <a href="https://www.w3.org/TR/webauthn-2/#client-side-discoverable-credential">client-side
+ * discoverable credentials</a> (formerly known as "resident keys")
+ *
+ * @author Spencer Witt
+ */
+var ResidentKeyRequirement;
+(function (ResidentKeyRequirement) {
+    ResidentKeyRequirement["discouraged"] = "discouraged";
+    ResidentKeyRequirement["preferred"] = "preferred";
+    ResidentKeyRequirement["required"] = "required";
+})(ResidentKeyRequirement = exports.ResidentKeyRequirement || (exports.ResidentKeyRequirement = {}));
+/**
+ * @author Lyle Schemmerling
+ */
+var SAMLv2DestinationAssertionPolicy;
+(function (SAMLv2DestinationAssertionPolicy) {
+    SAMLv2DestinationAssertionPolicy["Enabled"] = "Enabled";
+    SAMLv2DestinationAssertionPolicy["Disabled"] = "Disabled";
+    SAMLv2DestinationAssertionPolicy["AllowAlternates"] = "AllowAlternates";
+})(SAMLv2DestinationAssertionPolicy = exports.SAMLv2DestinationAssertionPolicy || (exports.SAMLv2DestinationAssertionPolicy = {}));
 /**
  * @author Daniel DeGroff
  */
-var VerificationStrategy;
-(function (VerificationStrategy) {
-    VerificationStrategy["ClickableLink"] = "ClickableLink";
-    VerificationStrategy["FormField"] = "FormField";
-})(VerificationStrategy = exports.VerificationStrategy || (exports.VerificationStrategy = {}));
-var TOTPAlgorithm;
-(function (TOTPAlgorithm) {
-    TOTPAlgorithm["HmacSHA1"] = "HmacSHA1";
-    TOTPAlgorithm["HmacSHA256"] = "HmacSHA256";
-    TOTPAlgorithm["HmacSHA512"] = "HmacSHA512";
-})(TOTPAlgorithm = exports.TOTPAlgorithm || (exports.TOTPAlgorithm = {}));
+var SecureGeneratorType;
+(function (SecureGeneratorType) {
+    SecureGeneratorType["randomDigits"] = "randomDigits";
+    SecureGeneratorType["randomBytes"] = "randomBytes";
+    SecureGeneratorType["randomAlpha"] = "randomAlpha";
+    SecureGeneratorType["randomAlphaNumeric"] = "randomAlphaNumeric";
+})(SecureGeneratorType = exports.SecureGeneratorType || (exports.SecureGeneratorType = {}));
 /**
- * @author Brett Pontarelli
+ * @author Daniel DeGroff
  */
-var AuthenticationThreats;
-(function (AuthenticationThreats) {
-    AuthenticationThreats["ImpossibleTravel"] = "ImpossibleTravel";
-})(AuthenticationThreats = exports.AuthenticationThreats || (exports.AuthenticationThreats = {}));
+var Sort;
+(function (Sort) {
+    Sort["asc"] = "asc";
+    Sort["desc"] = "desc";
+})(Sort = exports.Sort || (exports.Sort = {}));
 /**
  * Steam API modes.
  *
@@ -6093,76 +6090,52 @@ var SteamAPIMode;
     SteamAPIMode["Partner"] = "Partner";
 })(SteamAPIMode = exports.SteamAPIMode || (exports.SteamAPIMode = {}));
 /**
- * @author Brett Pontarelli
+ * @author Daniel DeGroff
  */
-var CaptchaMethod;
-(function (CaptchaMethod) {
-    CaptchaMethod["GoogleRecaptchaV2"] = "GoogleRecaptchaV2";
-    CaptchaMethod["GoogleRecaptchaV3"] = "GoogleRecaptchaV3";
-    CaptchaMethod["HCaptcha"] = "HCaptcha";
-    CaptchaMethod["HCaptchaEnterprise"] = "HCaptchaEnterprise";
-})(CaptchaMethod = exports.CaptchaMethod || (exports.CaptchaMethod = {}));
+var SystemTrustedProxyConfigurationPolicy;
+(function (SystemTrustedProxyConfigurationPolicy) {
+    SystemTrustedProxyConfigurationPolicy["All"] = "All";
+    SystemTrustedProxyConfigurationPolicy["OnlyConfigured"] = "OnlyConfigured";
+})(SystemTrustedProxyConfigurationPolicy = exports.SystemTrustedProxyConfigurationPolicy || (exports.SystemTrustedProxyConfigurationPolicy = {}));
+var UniqueUsernameStrategy;
+(function (UniqueUsernameStrategy) {
+    UniqueUsernameStrategy["Always"] = "Always";
+    UniqueUsernameStrategy["OnCollision"] = "OnCollision";
+})(UniqueUsernameStrategy = exports.UniqueUsernameStrategy || (exports.UniqueUsernameStrategy = {}));
+var ThemeType;
+(function (ThemeType) {
+    ThemeType["advanced"] = "advanced";
+    ThemeType["simple"] = "simple";
+})(ThemeType = exports.ThemeType || (exports.ThemeType = {}));
 /**
- * Models the event types that FusionAuth produces.
+ * <ul>
+ * <li>Bearer Token type as defined by <a href="https://tools.ietf.org/html/rfc6750">RFC 6750</a>.</li>
+ * <li>MAC Token type as referenced by <a href="https://tools.ietf.org/html/rfc6749">RFC 6749</a> and
+ * <a href="https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-05">
+ * Draft RFC on OAuth 2.0 Message Authentication Code (MAC) Tokens</a>
+ * </li>
+ * </ul>
+ *
+ * @author Daniel DeGroff
+ */
+var TokenType;
+(function (TokenType) {
+    TokenType["Bearer"] = "Bearer";
+    TokenType["MAC"] = "MAC";
+})(TokenType = exports.TokenType || (exports.TokenType = {}));
+/**
+ * The transaction types for Webhooks and other event systems within FusionAuth.
  *
  * @author Brian Pontarelli
  */
-var EventType;
-(function (EventType) {
-    EventType["JWTPublicKeyUpdate"] = "jwt.public-key.update";
-    EventType["JWTRefreshTokenRevoke"] = "jwt.refresh-token.revoke";
-    EventType["JWTRefresh"] = "jwt.refresh";
-    EventType["AuditLogCreate"] = "audit-log.create";
-    EventType["EventLogCreate"] = "event-log.create";
-    EventType["KickstartSuccess"] = "kickstart.success";
-    EventType["GroupCreate"] = "group.create";
-    EventType["GroupCreateComplete"] = "group.create.complete";
-    EventType["GroupDelete"] = "group.delete";
-    EventType["GroupDeleteComplete"] = "group.delete.complete";
-    EventType["GroupMemberAdd"] = "group.member.add";
-    EventType["GroupMemberAddComplete"] = "group.member.add.complete";
-    EventType["GroupMemberRemove"] = "group.member.remove";
-    EventType["GroupMemberRemoveComplete"] = "group.member.remove.complete";
-    EventType["GroupMemberUpdate"] = "group.member.update";
-    EventType["GroupMemberUpdateComplete"] = "group.member.update.complete";
-    EventType["GroupUpdate"] = "group.update";
-    EventType["GroupUpdateComplete"] = "group.update.complete";
-    EventType["UserAction"] = "user.action";
-    EventType["UserBulkCreate"] = "user.bulk.create";
-    EventType["UserCreate"] = "user.create";
-    EventType["UserCreateComplete"] = "user.create.complete";
-    EventType["UserDeactivate"] = "user.deactivate";
-    EventType["UserDelete"] = "user.delete";
-    EventType["UserDeleteComplete"] = "user.delete.complete";
-    EventType["UserEmailUpdate"] = "user.email.update";
-    EventType["UserEmailVerified"] = "user.email.verified";
-    EventType["UserIdentityProviderLink"] = "user.identity-provider.link";
-    EventType["UserIdentityProviderUnlink"] = "user.identity-provider.unlink";
-    EventType["UserLoginIdDuplicateOnCreate"] = "user.loginId.duplicate.create";
-    EventType["UserLoginIdDuplicateOnUpdate"] = "user.loginId.duplicate.update";
-    EventType["UserLoginFailed"] = "user.login.failed";
-    EventType["UserLoginNewDevice"] = "user.login.new-device";
-    EventType["UserLoginSuccess"] = "user.login.success";
-    EventType["UserLoginSuspicious"] = "user.login.suspicious";
-    EventType["UserPasswordBreach"] = "user.password.breach";
-    EventType["UserPasswordResetSend"] = "user.password.reset.send";
-    EventType["UserPasswordResetStart"] = "user.password.reset.start";
-    EventType["UserPasswordResetSuccess"] = "user.password.reset.success";
-    EventType["UserPasswordUpdate"] = "user.password.update";
-    EventType["UserReactivate"] = "user.reactivate";
-    EventType["UserRegistrationCreate"] = "user.registration.create";
-    EventType["UserRegistrationCreateComplete"] = "user.registration.create.complete";
-    EventType["UserRegistrationDelete"] = "user.registration.delete";
-    EventType["UserRegistrationDeleteComplete"] = "user.registration.delete.complete";
-    EventType["UserRegistrationUpdate"] = "user.registration.update";
-    EventType["UserRegistrationUpdateComplete"] = "user.registration.update.complete";
-    EventType["UserRegistrationVerified"] = "user.registration.verified";
-    EventType["UserTwoFactorMethodAdd"] = "user.two-factor.method.add";
-    EventType["UserTwoFactorMethodRemove"] = "user.two-factor.method.remove";
-    EventType["UserUpdate"] = "user.update";
-    EventType["UserUpdateComplete"] = "user.update.complete";
-    EventType["Test"] = "test";
-})(EventType = exports.EventType || (exports.EventType = {}));
+var TransactionType;
+(function (TransactionType) {
+    TransactionType["None"] = "None";
+    TransactionType["Any"] = "Any";
+    TransactionType["SimpleMajority"] = "SimpleMajority";
+    TransactionType["SuperMajority"] = "SuperMajority";
+    TransactionType["AbsoluteMajority"] = "AbsoluteMajority";
+})(TransactionType = exports.TransactionType || (exports.TransactionType = {}));
 /**
  * Policy for handling unknown OAuth scopes in the request
  *
@@ -6175,41 +6148,88 @@ var UnknownScopePolicy;
     UnknownScopePolicy["Reject"] = "Reject";
 })(UnknownScopePolicy = exports.UnknownScopePolicy || (exports.UnknownScopePolicy = {}));
 /**
- * The application's relationship to the authorization server. First-party applications will be granted implicit permission for requested scopes.
- * Third-party applications will use the {@link OAuthScopeConsentMode} policy.
+ * @author Daniel DeGroff
+ */
+var UnverifiedBehavior;
+(function (UnverifiedBehavior) {
+    UnverifiedBehavior["Allow"] = "Allow";
+    UnverifiedBehavior["Gated"] = "Gated";
+})(UnverifiedBehavior = exports.UnverifiedBehavior || (exports.UnverifiedBehavior = {}));
+/**
+ * The phases of a time-based user action.
  *
- * @author Spencer Witt
+ * @author Brian Pontarelli
  */
-var OAuthApplicationRelationship;
-(function (OAuthApplicationRelationship) {
-    OAuthApplicationRelationship["FirstParty"] = "FirstParty";
-    OAuthApplicationRelationship["ThirdParty"] = "ThirdParty";
-})(OAuthApplicationRelationship = exports.OAuthApplicationRelationship || (exports.OAuthApplicationRelationship = {}));
-var ClientAuthenticationMethod;
-(function (ClientAuthenticationMethod) {
-    ClientAuthenticationMethod["none"] = "none";
-    ClientAuthenticationMethod["client_secret_basic"] = "client_secret_basic";
-    ClientAuthenticationMethod["client_secret_post"] = "client_secret_post";
-})(ClientAuthenticationMethod = exports.ClientAuthenticationMethod || (exports.ClientAuthenticationMethod = {}));
+var UserActionPhase;
+(function (UserActionPhase) {
+    UserActionPhase["start"] = "start";
+    UserActionPhase["modify"] = "modify";
+    UserActionPhase["cancel"] = "cancel";
+    UserActionPhase["end"] = "end";
+})(UserActionPhase = exports.UserActionPhase || (exports.UserActionPhase = {}));
 /**
- * Available JSON Web Algorithms (JWA) as described in RFC 7518 available for this JWT implementation.
+ * @author Daniel DeGroff
+ */
+var UserState;
+(function (UserState) {
+    UserState["Authenticated"] = "Authenticated";
+    UserState["AuthenticatedNotRegistered"] = "AuthenticatedNotRegistered";
+    UserState["AuthenticatedNotVerified"] = "AuthenticatedNotVerified";
+    UserState["AuthenticatedRegistrationNotVerified"] = "AuthenticatedRegistrationNotVerified";
+})(UserState = exports.UserState || (exports.UserState = {}));
+/**
+ * Used to express whether the Relying Party requires <a href="https://www.w3.org/TR/webauthn-2/#user-verification">user verification</a> for the
+ * current operation.
  *
+ * @author Spencer Witt
+ */
+var UserVerificationRequirement;
+(function (UserVerificationRequirement) {
+    UserVerificationRequirement["required"] = "required";
+    UserVerificationRequirement["preferred"] = "preferred";
+    UserVerificationRequirement["discouraged"] = "discouraged";
+})(UserVerificationRequirement = exports.UserVerificationRequirement || (exports.UserVerificationRequirement = {}));
+/**
  * @author Daniel DeGroff
  */
-var Algorithm;
-(function (Algorithm) {
-    Algorithm["ES256"] = "ES256";
-    Algorithm["ES384"] = "ES384";
-    Algorithm["ES512"] = "ES512";
-    Algorithm["HS256"] = "HS256";
-    Algorithm["HS384"] = "HS384";
-    Algorithm["HS512"] = "HS512";
-    Algorithm["PS256"] = "PS256";
-    Algorithm["PS384"] = "PS384";
-    Algorithm["PS512"] = "PS512";
-    Algorithm["RS256"] = "RS256";
-    Algorithm["RS384"] = "RS384";
-    Algorithm["RS512"] = "RS512";
-    Algorithm["none"] = "none";
-})(Algorithm = exports.Algorithm || (exports.Algorithm = {}));
+var VerificationStrategy;
+(function (VerificationStrategy) {
+    VerificationStrategy["ClickableLink"] = "ClickableLink";
+    VerificationStrategy["FormField"] = "FormField";
+})(VerificationStrategy = exports.VerificationStrategy || (exports.VerificationStrategy = {}));
+/**
+ * Identifies the WebAuthn workflow. This will affect the parameters used for credential creation
+ * and request based on the Tenant configuration.
+ *
+ * @author Spencer Witt
+ */
+var WebAuthnWorkflow;
+(function (WebAuthnWorkflow) {
+    WebAuthnWorkflow["bootstrap"] = "bootstrap";
+    WebAuthnWorkflow["general"] = "general";
+    WebAuthnWorkflow["reauthentication"] = "reauthentication";
+})(WebAuthnWorkflow = exports.WebAuthnWorkflow || (exports.WebAuthnWorkflow = {}));
+/**
+ * The possible states of an individual webhook attempt to a single endpoint.
+ *
+ * @author Spencer Witt
+ */
+var WebhookAttemptResult;
+(function (WebhookAttemptResult) {
+    WebhookAttemptResult["Success"] = "Success";
+    WebhookAttemptResult["Failure"] = "Failure";
+    WebhookAttemptResult["Unknown"] = "Unknown";
+})(WebhookAttemptResult = exports.WebhookAttemptResult || (exports.WebhookAttemptResult = {}));
+/**
+ * The possible result states of a webhook event. This tracks the success of the overall webhook transaction according to the {@link TransactionType}
+ * and configured webhooks.
+ *
+ * @author Spencer Witt
+ */
+var WebhookEventResult;
+(function (WebhookEventResult) {
+    WebhookEventResult["Failed"] = "Failed";
+    WebhookEventResult["Running"] = "Running";
+    WebhookEventResult["Succeeded"] = "Succeeded";
+})(WebhookEventResult = exports.WebhookEventResult || (exports.WebhookEventResult = {}));
 //# sourceMappingURL=FusionAuthClient.js.map