@fusionauth/typescript-client 1.58.2 → 1.59.0

package/build/src/FusionAuthClient.d.ts

@@ -160,6 +160,13 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<UserCommentResponse>>}
      */
     commentOnUser(request: UserCommentRequest): Promise<ClientResponse<UserCommentResponse>>;
+    /**
+     * Completes verification of an identity using verification codes from the Verify Start API.
+     *
+     * @param {VerifyCompleteRequest} request The identity verify complete request that contains all the information used to verify the identity.
+     * @returns {Promise<ClientResponse<VerifyCompleteResponse>>}
+     */
+    completeVerifyIdentity(request: VerifyCompleteRequest): Promise<ClientResponse<VerifyCompleteResponse>>;
     /**
      * Complete a WebAuthn authentication ceremony by validating the signature against the previously generated challenge without logging the user in
      *
@@ -2001,6 +2008,14 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<UserResponse>>}
      */
     retrieveUserByLoginId(loginId: string): Promise<ClientResponse<UserResponse>>;
+    /**
+     * Retrieves the user for the loginId, using specific loginIdTypes.
+     *
+     * @param {string} loginId The email or username of the user.
+     * @param {Array<String>} loginIdTypes the identity types that FusionAuth will compare the loginId to.
+     * @returns {Promise<ClientResponse<UserResponse>>}
+     */
+    retrieveUserByLoginIdWithLoginIdTypes(loginId: string, loginIdTypes: Array<String>): Promise<ClientResponse<UserResponse>>;
     /**
      * Retrieves the user for the given username.
      *
@@ -2105,6 +2120,18 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<LoginReportResponse>>}
      */
     retrieveUserLoginReportByLoginId(applicationId: UUID, loginId: string, start: number, end: number): Promise<ClientResponse<LoginReportResponse>>;
+    /**
+     * Retrieves the login report between the two instants for a particular user by login Id, using specific loginIdTypes. If you specify an application id, it will only return the
+     * login counts for that application.
+     *
+     * @param {UUID} applicationId (Optional) The application id.
+     * @param {string} loginId The userId id.
+     * @param {number} start The start instant as UTC milliseconds since Epoch.
+     * @param {number} end The end instant as UTC milliseconds since Epoch.
+     * @param {Array<String>} loginIdTypes the identity types that FusionAuth will compare the loginId to.
+     * @returns {Promise<ClientResponse<LoginReportResponse>>}
+     */
+    retrieveUserLoginReportByLoginIdAndLoginIdTypes(applicationId: UUID, loginId: string, start: number, end: number, loginIdTypes: Array<String>): Promise<ClientResponse<LoginReportResponse>>;
     /**
      * Retrieves the last number of login records for a user.
      *
@@ -2488,6 +2515,13 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<void>>}
      */
     sendTwoFactorCodeForLoginUsingMethod(twoFactorId: string, request: TwoFactorSendRequest): Promise<ClientResponse<void>>;
+    /**
+     * Send a verification code using the appropriate transport for the identity type being verified.
+     *
+     * @param {VerifySendRequest} request The identity verify send request that contains all the information used send the code.
+     * @returns {Promise<ClientResponse<void>>}
+     */
+    sendVerifyIdentity(request: VerifySendRequest): Promise<ClientResponse<void>>;
     /**
      * Begins a login request for a 3rd party login that requires user interaction such as HYPR.
      *
@@ -2516,6 +2550,14 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<TwoFactorStartResponse>>}
      */
     startTwoFactorLogin(request: TwoFactorStartRequest): Promise<ClientResponse<TwoFactorStartResponse>>;
+    /**
+     * Start a verification of an identity by generating a code. This code can be sent to the User using the Verify Send API
+     * Verification Code API or using a mechanism outside of FusionAuth. The verification is completed by using the Verify Complete API with this code.
+     *
+     * @param {VerifyStartRequest} request The identity verify start request that contains all the information used to begin the request.
+     * @returns {Promise<ClientResponse<VerifyStartResponse>>}
+     */
+    startVerifyIdentity(request: VerifyStartRequest): Promise<ClientResponse<VerifyStartResponse>>;
     /**
      * Start a WebAuthn authentication ceremony by generating a new challenge for the user
      *
@@ -2857,6 +2899,13 @@ export declare class FusionAuthClient {
      * @returns {Promise<ClientResponse<void>>}
      */
     verifyEmailAddressByUserId(request: VerifyEmailRequest): Promise<ClientResponse<void>>;
+    /**
+     * Administratively verify a user identity.
+     *
+     * @param {VerifyRequest} request The identity verify request that contains information to verify the identity.
+     * @returns {Promise<ClientResponse<void>>}
+     */
+    verifyIdentity(request: VerifyRequest): Promise<ClientResponse<void>>;
     /**
      * Confirms an application registration. The Id given is usually from an email sent to the user.
      *
@@ -3041,6 +3090,7 @@ export interface Application {
     name?: string;
     oauthConfiguration?: OAuth2Configuration;
     passwordlessConfiguration?: PasswordlessConfiguration;
+    phoneConfiguration?: ApplicationPhoneConfiguration;
     registrationConfiguration?: RegistrationConfiguration;
     registrationDeletePolicy?: ApplicationRegistrationDeletePolicy;
     roles?: Array<ApplicationRole>;
@@ -3103,6 +3153,7 @@ export interface RegistrationConfiguration extends Enableable {
 }
 export declare enum LoginIdType {
     email = "email",
+    phoneNumber = "phoneNumber",
     username = "username"
 }
 export declare enum RegistrationType {
@@ -3238,6 +3289,25 @@ export interface ApplicationOAuthScopeRequest {
 export interface ApplicationOAuthScopeResponse {
     scope?: ApplicationOAuthScope;
 }
+/**
+ * Hold application phone configuration for template overrides.
+ */
+export interface ApplicationPhoneConfiguration {
+    forgotPasswordTemplateId?: UUID;
+    identityUpdateTemplateId?: UUID;
+    loginIdInUseOnCreateTemplateId?: UUID;
+    loginIdInUseOnUpdateTemplateId?: UUID;
+    loginNewDeviceTemplateId?: UUID;
+    loginSuspiciousTemplateId?: UUID;
+    passwordlessTemplateId?: UUID;
+    passwordResetSuccessTemplateId?: UUID;
+    passwordUpdateTemplateId?: UUID;
+    setPasswordTemplateId?: UUID;
+    twoFactorMethodAddTemplateId?: UUID;
+    twoFactorMethodRemoveTemplateId?: UUID;
+    verificationCompleteTemplateId?: UUID;
+    verificationTemplateId?: UUID;
+}
 /**
  * A Application-level policy for deleting Users.
  *
@@ -3600,6 +3670,10 @@ export interface BaseSearchCriteria {
 export interface BaseUserEvent extends BaseEvent {
     user?: User;
 }
+export interface IdentityInfo {
+    type?: string;
+    value?: string;
+}
 /**
  * @author Daniel DeGroff
  */
@@ -3672,6 +3746,7 @@ export interface ChangePasswordRequest extends BaseEventRequest {
     changePasswordId?: string;
     currentPassword?: string;
     loginId?: string;
+    loginIdTypes?: Array<string>;
     password?: string;
     refreshToken?: string;
     trustChallenge?: string;
@@ -3956,6 +4031,7 @@ export interface DisplayableRawLogin extends RawLogin {
     applicationName?: string;
     location?: Location;
     loginId?: string;
+    loginIdType?: IdentityType;
 }
 /**
  * Interface for all identity providers that can be domain based.
@@ -4498,7 +4574,9 @@ export declare enum EventType {
     UserTwoFactorMethodRemove = "user.two-factor.method.remove",
     UserUpdate = "user.update",
     UserUpdateComplete = "user.update.complete",
-    Test = "test"
+    Test = "test",
+    UserIdentityVerified = "user.identity.verified",
+    UserIdentityUpdate = "user.identity.update"
 }
 /**
  * An expandable API request.
@@ -4543,8 +4621,12 @@ export interface ExternalIdentifierConfiguration {
     loginIntentTimeToLiveInSeconds?: number;
     oneTimePasswordTimeToLiveInSeconds?: number;
     passwordlessLoginGenerator?: SecureGeneratorConfiguration;
+    passwordlessLoginOneTimeCodeGenerator?: SecureGeneratorConfiguration;
     passwordlessLoginTimeToLiveInSeconds?: number;
     pendingAccountLinkTimeToLiveInSeconds?: number;
+    phoneVerificationIdGenerator?: SecureGeneratorConfiguration;
+    phoneVerificationIdTimeToLiveInSeconds?: number;
+    phoneVerificationOneTimeCodeGenerator?: SecureGeneratorConfiguration;
     registrationVerificationIdGenerator?: SecureGeneratorConfiguration;
     registrationVerificationIdTimeToLiveInSeconds?: number;
     registrationVerificationOneTimeCodeGenerator?: SecureGeneratorConfiguration;
@@ -4702,7 +4784,9 @@ export interface ForgotPasswordRequest extends BaseEventRequest {
     changePasswordId?: string;
     email?: string;
     loginId?: string;
+    loginIdTypes?: Array<string>;
     sendForgotPasswordEmail?: boolean;
+    sendForgotPasswordMessage?: boolean;
     state?: Record<string, any>;
     username?: string;
 }
@@ -4747,6 +4831,7 @@ export declare enum FormDataType {
     date = "date",
     email = "email",
     number = "number",
+    phoneNumber = "phoneNumber",
     string = "string"
 }
 /**
@@ -5343,6 +5428,7 @@ export interface IdentityProviderStartLoginRequest extends BaseLoginRequest {
     data?: Record<string, string>;
     identityProviderId?: UUID;
     loginId?: string;
+    loginIdTypes?: Array<string>;
     state?: Record<string, any>;
 }
 /**
@@ -5379,6 +5465,28 @@ export declare enum IdentityProviderType {
     Twitter = "Twitter",
     Xbox = "Xbox"
 }
+/**
+ * Model identity types provided by FusionAuth.
+ */
+export interface IdentityType {
+    name?: string;
+}
+/**
+ * Models the reason that {@link UserIdentity#verified} was set to true or false.
+ *
+ * @author Brady Wied
+ */
+export declare enum IdentityVerifiedReason {
+    Skipped = "Skipped",
+    Trusted = "Trusted",
+    Unverifiable = "Unverifiable",
+    Implicit = "Implicit",
+    Pending = "Pending",
+    Completed = "Completed",
+    Disabled = "Disabled",
+    Administrative = "Administrative",
+    Import = "Import"
+}
 /**
  * Import request.
  *
@@ -5960,6 +6068,7 @@ export interface LoginReportResponse {
  */
 export interface LoginRequest extends BaseLoginRequest {
     loginId?: string;
+    loginIdTypes?: Array<string>;
     oneTimePassword?: string;
     password?: string;
     twoFactorTrustId?: string;
@@ -5973,6 +6082,7 @@ export interface LoginResponse {
     changePasswordReason?: ChangePasswordReason;
     configurableMethods?: Array<string>;
     emailVerificationId?: string;
+    identityVerificationId?: string;
     methods?: Array<TwoFactorMethod>;
     pendingIdPLinkId?: string;
     refreshToken?: string;
@@ -6245,6 +6355,7 @@ export declare enum OAuthErrorReason {
     refresh_token_not_found = "refresh_token_not_found",
     refresh_token_type_not_supported = "refresh_token_type_not_supported",
     invalid_client_id = "invalid_client_id",
+    invalid_expires_in = "invalid_expires_in",
     invalid_user_credentials = "invalid_user_credentials",
     invalid_grant_type = "invalid_grant_type",
     invalid_origin = "invalid_origin",
@@ -6467,6 +6578,7 @@ export interface PasswordlessIdentityProvider {
  */
 export interface PasswordlessLoginRequest extends BaseLoginRequest {
     code?: string;
+    oneTimeCode?: string;
     twoFactorTrustId?: string;
 }
 /**
@@ -6484,6 +6596,8 @@ export interface PasswordlessSendRequest {
 export interface PasswordlessStartRequest {
     applicationId?: UUID;
     loginId?: string;
+    loginIdTypes?: Array<string>;
+    loginStrategy?: PasswordlessStrategy;
     state?: Record<string, any>;
 }
 /**
@@ -6491,6 +6605,14 @@ export interface PasswordlessStartRequest {
  */
 export interface PasswordlessStartResponse {
     code?: string;
+    oneTimeCode?: string;
+}
+/**
+ * @author Daniel DeGroff
+ */
+export declare enum PasswordlessStrategy {
+    ClickableLink = "ClickableLink",
+    FormField = "FormField"
 }
 /**
  * @author Daniel DeGroff
@@ -6513,6 +6635,15 @@ export interface PendingIdPLink {
 export interface PendingResponse {
     users?: Array<User>;
 }
+/**
+ * Configuration for unverified phone number identities.
+ *
+ * @author Spencer Witt
+ */
+export interface PhoneUnverifiedOptions {
+    allowPhoneNumberChangeWhenGated?: boolean;
+    behavior?: UnverifiedBehavior;
+}
 /**
  * @author Michael Sleevi
  */
@@ -6654,17 +6785,6 @@ export interface RateLimitedRequestConfiguration extends Enableable {
     limit?: number;
     timePeriodInSeconds?: number;
 }
-/**
- * @author Daniel DeGroff
- */
-export declare enum RateLimitedRequestType {
-    FailedLogin = "FailedLogin",
-    ForgotPassword = "ForgotPassword",
-    SendEmailVerification = "SendEmailVerification",
-    SendPasswordless = "SendPasswordless",
-    SendRegistrationVerification = "SendRegistrationVerification",
-    SendTwoFactor = "SendTwoFactor"
-}
 /**
  * Raw login information for each time a user logs into an application.
  *
@@ -6753,6 +6873,7 @@ export interface RecentLoginResponse {
  */
 export interface RefreshRequest extends BaseEventRequest {
     refreshToken?: string;
+    timeToLiveInSeconds?: number;
     token?: string;
 }
 /**
@@ -6874,6 +6995,7 @@ export interface RegistrationRequest extends BaseEventRequest {
     generateAuthenticationToken?: boolean;
     registration?: UserRegistration;
     sendSetPasswordEmail?: boolean;
+    sendSetPasswordIdentityType?: SendSetPasswordIdentityType;
     skipRegistrationVerification?: boolean;
     skipVerification?: boolean;
     user?: User;
@@ -7107,6 +7229,7 @@ export interface SecureIdentity {
     encryptionScheme?: string;
     factor?: number;
     id?: UUID;
+    identities?: Array<UserIdentity>;
     lastLoginInstant?: number;
     password?: string;
     passwordChangeReason?: ChangePasswordReason;
@@ -7148,6 +7271,15 @@ export interface EmailTemplateErrors {
     parseErrors?: Record<string, string>;
     renderErrors?: Record<string, string>;
 }
+/**
+ * Used to indicate which identity type a password "request" might go to. It could be
+ * used for send set passwords or send password resets.
+ */
+export declare enum SendSetPasswordIdentityType {
+    email = "email",
+    phone = "phone",
+    doNotSend = "doNotSend"
+}
 /**
  * Theme object for values used in the css variables for simple themes.
  *
@@ -7369,6 +7501,7 @@ export interface Tenant {
     oauthConfiguration?: TenantOAuth2Configuration;
     passwordEncryptionConfiguration?: PasswordEncryptionConfiguration;
     passwordValidationRules?: PasswordValidationRules;
+    phoneConfiguration?: TenantPhoneConfiguration;
     rateLimitConfiguration?: TenantRateLimitConfiguration;
     registrationConfiguration?: TenantRegistrationConfiguration;
     scimServerConfiguration?: TenantSCIMServerConfiguration;
@@ -7450,6 +7583,32 @@ export interface MultiFactorSMSMethod extends Enableable {
     messengerId?: UUID;
     templateId?: UUID;
 }
+/**
+ * Hold tenant phone configuration for passwordless and verification cases.
+ *
+ * @author Brady Wied
+ */
+export interface TenantPhoneConfiguration {
+    forgotPasswordTemplateId?: UUID;
+    identityUpdateTemplateId?: UUID;
+    implicitPhoneVerificationAllowed?: boolean;
+    loginIdInUseOnCreateTemplateId?: UUID;
+    loginIdInUseOnUpdateTemplateId?: UUID;
+    loginNewDeviceTemplateId?: UUID;
+    loginSuspiciousTemplateId?: UUID;
+    messengerId?: UUID;
+    passwordlessTemplateId?: UUID;
+    passwordResetSuccessTemplateId?: UUID;
+    passwordUpdateTemplateId?: UUID;
+    setPasswordTemplateId?: UUID;
+    twoFactorMethodAddTemplateId?: UUID;
+    twoFactorMethodRemoveTemplateId?: UUID;
+    unverified?: PhoneUnverifiedOptions;
+    verificationCompleteTemplateId?: UUID;
+    verificationStrategy?: VerificationStrategy;
+    verificationTemplateId?: UUID;
+    verifyPhoneNumber?: boolean;
+}
 /**
  * @author Daniel DeGroff
  */
@@ -7458,6 +7617,8 @@ export interface TenantRateLimitConfiguration {
     forgotPassword?: RateLimitedRequestConfiguration;
     sendEmailVerification?: RateLimitedRequestConfiguration;
     sendPasswordless?: RateLimitedRequestConfiguration;
+    sendPasswordlessPhone?: RateLimitedRequestConfiguration;
+    sendPhoneVerification?: RateLimitedRequestConfiguration;
     sendRegistrationVerification?: RateLimitedRequestConfiguration;
     sendTwoFactor?: RateLimitedRequestConfiguration;
 }
@@ -7640,6 +7801,10 @@ export interface Templates {
     passwordComplete?: string;
     passwordForgot?: string;
     passwordSent?: string;
+    phoneComplete?: string;
+    phoneSent?: string;
+    phoneVerificationRequired?: string;
+    phoneVerify?: string;
     registrationComplete?: string;
     registrationSend?: string;
     registrationSent?: string;
@@ -7878,6 +8043,7 @@ export interface TwoFactorStartRequest {
     applicationId?: UUID;
     code?: string;
     loginId?: string;
+    loginIdTypes?: Array<string>;
     state?: Record<string, any>;
     trustChallenge?: string;
     userId?: UUID;
@@ -7934,7 +8100,7 @@ export interface UsageDataConfiguration extends Enableable {
     numberOfDaysToRetain?: number;
 }
 /**
- * The global view of a User. This object contains all global information about the user including birthdate, registration information
+ * The public, global view of a User. This object contains all global information about the user including birthdate, registration information
  * preferred languages, global attributes, etc.
  *
  * @author Seth Musselman
@@ -7956,6 +8122,7 @@ export interface User extends SecureIdentity {
     middleName?: string;
     mobilePhone?: string;
     parentEmail?: string;
+    phoneNumber?: string;
     preferredLanguages?: Array<string>;
     registrations?: Array<UserRegistration>;
     tenantId?: UUID;
@@ -8290,6 +8457,22 @@ export interface UserEmailUpdateEvent extends BaseUserEvent {
  */
 export interface UserEmailVerifiedEvent extends BaseUserEvent {
 }
+/**
+ * @author Daniel DeGroff
+ */
+export interface UserIdentity {
+    displayValue?: string;
+    insertInstant?: number;
+    lastLoginInstant?: number;
+    lastUpdateInstant?: number;
+    moderationStatus?: ContentStatus;
+    primary?: boolean;
+    type?: IdentityType;
+    value?: string;
+    verified?: boolean;
+    verifiedInstant?: number;
+    verifiedReason?: IdentityVerifiedReason;
+}
 /**
  * Models the User Identity Provider Link Event.
  *
@@ -8306,6 +8489,25 @@ export interface UserIdentityProviderLinkEvent extends BaseUserEvent {
 export interface UserIdentityProviderUnlinkEvent extends BaseUserEvent {
     identityProviderLink?: IdentityProviderLink;
 }
+/**
+ * Models the user identity update event
+ *
+ * @author Brent Halsey
+ */
+export interface UserIdentityUpdateEvent extends BaseUserEvent {
+    loginIdType?: string;
+    newLoginId?: string;
+    previousLoginId?: string;
+}
+/**
+ * Models the user identity verified event
+ *
+ * @author Brady Wied
+ */
+export interface UserIdentityVerifiedEvent extends BaseUserEvent {
+    loginId?: string;
+    loginIdType?: string;
+}
 /**
  * Models the User Login Failed Event.
  *
@@ -8333,12 +8535,14 @@ export interface UserLoginFailedReason {
 export interface UserLoginFailedReasonCode {
 }
 /**
- * Models an event where a user is being created with an "in-use" login Id (email or username).
+ * Models an event where a user is being created with an "in-use" login Id (email, username, or other identities).
  *
  * @author Daniel DeGroff
  */
 export interface UserLoginIdDuplicateOnCreateEvent extends BaseUserEvent {
     duplicateEmail?: string;
+    duplicateIdentities?: Array<IdentityInfo>;
+    duplicatePhoneNumber?: string;
     duplicateUsername?: string;
     existing?: User;
 }
@@ -8524,8 +8728,10 @@ export interface UserRequest extends BaseEventRequest {
     currentPassword?: string;
     disableDomainBlock?: boolean;
     sendSetPasswordEmail?: boolean;
+    sendSetPasswordIdentityType?: SendSetPasswordIdentityType;
     skipVerification?: boolean;
     user?: User;
+    verificationIds?: Array<string>;
 }
 /**
  * User API response object.
@@ -8540,6 +8746,13 @@ export interface UserResponse {
     token?: string;
     tokenExpirationInstant?: number;
     user?: User;
+    verificationIds?: Array<VerificationId>;
+}
+export interface VerificationId {
+    id?: string;
+    oneTimeCode?: string;
+    type?: IdentityType;
+    value?: string;
 }
 /**
  * This class is the user query. It provides a build pattern as well as public fields for use on forms and in actions.
@@ -8625,6 +8838,19 @@ export declare enum VerificationStrategy {
     ClickableLink = "ClickableLink",
     FormField = "FormField"
 }
+/**
+ * Verify Complete API request object.
+ */
+export interface VerifyCompleteRequest extends BaseEventRequest {
+    oneTimeCode?: string;
+    verificationId?: string;
+}
+/**
+ * Verify Complete API response object.
+ */
+export interface VerifyCompleteResponse {
+    state?: Record<string, any>;
+}
 /**
  * @author Daniel DeGroff
  */
@@ -8654,6 +8880,36 @@ export interface VerifyRegistrationResponse {
     oneTimeCode?: string;
     verificationId?: string;
 }
+/**
+ * Identity verify request. Used to administratively verify an identity.
+ */
+export interface VerifyRequest extends BaseEventRequest {
+    loginId?: string;
+    loginIdType?: string;
+}
+/**
+ * Verify Send API request object.
+ */
+export interface VerifySendRequest {
+    verificationId?: string;
+}
+/**
+ * @author Brady Wied
+ */
+export interface VerifyStartRequest {
+    applicationId?: UUID;
+    loginId?: string;
+    loginIdType?: string;
+    state?: Record<string, any>;
+    verificationStrategy?: VerificationStrategy;
+}
+/**
+ * @author Brady Wied
+ */
+export interface VerifyStartResponse {
+    oneTimeCode?: string;
+    verificationId?: string;
+}
 /**
  * @author Daniel DeGroff
  */
@@ -8831,6 +9087,7 @@ export interface WebAuthnStartRequest {
     applicationId?: UUID;
     credentialId?: UUID;
     loginId?: string;
+    loginIdTypes?: Array<string>;
     state?: Record<string, any>;
     userId?: UUID;
     workflow?: WebAuthnWorkflow;