@getpara/core-sdk 2.0.0-alpha.5 → 2.0.0-alpha.50

package/dist/cjs/ParaCore.js

@@ -99,7 +99,7 @@ var import_recovery = require("./shares/recovery.js");
 var import_utils2 = require("./utils/index.js");
 var import_errors = require("./errors.js");
 var constants = __toESM(require("./constants.js"));
-var _authInfo, _partner, _ParaCore_instances, assertPartner_fn, guestWalletIds_get, guestWalletIdsArray_get, toAuthInfo_fn, setAuthInfo_fn, getPartner_fn, createPregenWallet_fn, _isCreateGuestWalletsPending, prepareAuthState_fn, prepareLogin_fn, prepareLoginState_fn, prepareSignUpState_fn;
+var _authInfo, _ParaCore_instances, assertPartner_fn, guestWalletIds_get, guestWalletIdsArray_get, toAuthInfo_fn, setAuthInfo_fn, getPartner_fn, assertIsLinkingAccount_fn, assertIsLinkingAccountOrStart_fn, getOAuthUrl_fn, createPregenWallet_fn, _isCreateGuestWalletsPending, prepareAuthState_fn, prepareLoginState_fn, prepareSignUpState_fn;
 if (typeof global !== "undefined") {
   global.Buffer = global.Buffer || import_buffer.Buffer;
 } else if (typeof window !== "undefined") {
@@ -111,22 +111,17 @@ if (typeof global !== "undefined") {
 }
 const { pki, jsbn } = import_node_forge.default;
 const _ParaCore = class _ParaCore {
-  /**
-   * Constructs a new `ParaCore` instance.
-   * @param env - `Environment` to use.
-   * @param apiKey - API key to use.
-   * @param opts - Additional constructor options; see `ConstructorOpts`.
-   * @returns - A new ParaCore instance.
-   */
-  constructor(env, apiKey, opts) {
+  constructor(envOrApiKey, apiKeyOrOpts, opts) {
     __privateAdd(this, _ParaCore_instances);
     __privateAdd(this, _authInfo);
     this.isNativePasskey = false;
-    __privateAdd(this, _partner);
+    this.isReady = false;
+    this.accountLinkInProgress = void 0;
     this.isAwaitingAccountCreation = false;
     this.isAwaitingLogin = false;
     this.isAwaitingFarcaster = false;
     this.isAwaitingOAuth = false;
+    this.isWorkerInitialized = false;
     /**
      * The IDs of the currently active wallets, for each supported wallet type. Any signer integrations will default to the first viable wallet ID in this dictionary.
      */
@@ -135,6 +130,7 @@ const _ParaCore = class _ParaCore {
      * Wallets associated with the `ParaCore` instance.
      */
     this.externalWallets = {};
+    this.onRampPopup = void 0;
     this.localStorageGetItem = (key) => {
       return this.platformUtils.localStorage.get(key);
     };
@@ -162,10 +158,17 @@ const _ParaCore = class _ParaCore {
      */
     this.clearStorage = (type = "all") => __async(this, null, function* () {
       const isAll = type === "all";
-      (isAll || type === "local") && this.platformUtils.localStorage.clear(constants.PREFIX);
-      (isAll || type === "session") && this.platformUtils.sessionStorage.clear(constants.PREFIX);
+      if (isAll || type === "local") {
+        this.platformUtils.localStorage.clear(constants.PREFIX);
+        this.platformUtils.localStorage.clear(constants.PARA_PREFIX);
+      }
+      if (isAll || type === "session") {
+        this.platformUtils.sessionStorage.clear(constants.PREFIX);
+        this.platformUtils.sessionStorage.clear(constants.PARA_PREFIX);
+      }
       if ((isAll || type === "secure") && this.platformUtils.secureStorage) {
         this.platformUtils.secureStorage.clear(constants.PREFIX);
+        this.platformUtils.secureStorage.clear(constants.PARA_PREFIX);
       }
     });
     this.trackError = (methodName, err) => __async(this, null, function* () {
@@ -286,6 +289,16 @@ const _ParaCore = class _ParaCore {
       const _externalWallets = JSON.parse(stringExternalWallets || "{}");
       this.setExternalWallets(_externalWallets);
     };
+    this.initializeWorker = () => __async(this, null, function* () {
+      if (!this.isWorkerInitialized && !this.ctx.disableWebSockets && !this.ctx.disableWorkers) {
+        try {
+          this.isWorkerInitialized = true;
+          yield this.platformUtils.initializeWorker(this.ctx);
+        } catch (e) {
+          this.devLog("error initializing worker:", e);
+        }
+      }
+    });
     /**
      * Creates several new wallets with the desired types. If no types are provided, this method
      * will create one for each of the non-optional types specified in the instance's `supportedWalletTypes`
@@ -302,8 +315,29 @@ const _ParaCore = class _ParaCore {
     }) {
       return (yield this.ctx.client.getWalletBalance({ walletId, rpcUrl })).balance;
     });
-    if (!apiKey) {
-      throw new Error("A Para API key is required.");
+    let env, apiKey;
+    const actualArgs = Array.from(arguments).filter((arg) => arg !== void 0);
+    const actualArgumentCount = actualArgs.length;
+    if (actualArgumentCount === 1) {
+      if (Object.values(import_types.Environment).includes(envOrApiKey)) {
+        throw new Error("A Para API key is required.");
+      }
+      env = _ParaCore.resolveEnvironment(void 0, actualArgs[0]);
+      apiKey = actualArgs[0];
+      opts = void 0;
+    } else if (actualArgumentCount === 2) {
+      if (typeof apiKeyOrOpts === "object" && apiKeyOrOpts !== null) {
+        env = _ParaCore.resolveEnvironment(void 0, envOrApiKey);
+        apiKey = envOrApiKey;
+        opts = apiKeyOrOpts;
+      } else {
+        env = _ParaCore.resolveEnvironment(envOrApiKey, apiKeyOrOpts);
+        apiKey = apiKeyOrOpts;
+        opts = void 0;
+      }
+    } else {
+      env = _ParaCore.resolveEnvironment(envOrApiKey, apiKeyOrOpts);
+      apiKey = apiKeyOrOpts;
     }
     if (!opts) opts = {};
     let isE2E = false;
@@ -326,6 +360,7 @@ const _ParaCore = class _ParaCore {
     this.portalTheme = opts.portalTheme;
     this.platformUtils = this.getPlatformUtils();
     this.disableProviderModal = this.platformUtils.disableProviderModal;
+    this.fetchPregenWalletsOverride = opts.fetchPregenWalletsOverride;
     if (opts.useStorageOverrides) {
       this.localStorageGetItem = opts.localStorageGetItemOverride;
       this.localStorageSetItem = opts.localStorageSetItemOverride;
@@ -417,6 +452,8 @@ const _ParaCore = class _ParaCore {
   get externalWalletConnectionType() {
     if (this.isExternalWalletAuth) {
       return "AUTHENTICATED";
+    } else if (this.isExternalWalletWithVerification) {
+      return "VERIFICATION";
     } else if (!!Object.keys(this.externalWallets).length) {
       return "CONNECTION_ONLY";
     }
@@ -439,16 +476,28 @@ const _ParaCore = class _ParaCore {
     return (0, import_user_management_client.isTelegram)((_a = this.authInfo) == null ? void 0 : _a.auth);
   }
   get isExternalWalletAuth() {
-    var _a;
-    return (0, import_user_management_client.isExternalWallet)((_a = __privateGet(this, _authInfo)) == null ? void 0 : _a.auth);
+    var _a, _b, _c;
+    return (0, import_user_management_client.isExternalWallet)((_a = __privateGet(this, _authInfo)) == null ? void 0 : _a.auth) && !!((_c = (_b = __privateGet(this, _authInfo)) == null ? void 0 : _b.externalWallet) == null ? void 0 : _c.withFullParaAuth);
+  }
+  get isExternalWalletWithVerification() {
+    var _a, _b, _c;
+    return (0, import_user_management_client.isExternalWallet)((_a = __privateGet(this, _authInfo)) == null ? void 0 : _a.auth) && !!((_c = (_b = __privateGet(this, _authInfo)) == null ? void 0 : _b.externalWallet) == null ? void 0 : _c.withVerification);
   }
   get partnerId() {
     var _a;
-    return (_a = __privateGet(this, _partner)) == null ? void 0 : _a.id;
+    return (_a = this.partner) == null ? void 0 : _a.id;
+  }
+  get partnerName() {
+    var _a;
+    return (_a = this.partner) == null ? void 0 : _a.displayName;
+  }
+  get partnerLogo() {
+    var _a;
+    return (_a = this.partner) == null ? void 0 : _a.logoUrl;
   }
   get currentWalletIdsArray() {
     var _a, _b;
-    return ((_b = (_a = __privateGet(this, _partner)) == null ? void 0 : _a.supportedWalletTypes) != null ? _b : Object.keys(this.currentWalletIds).map((type) => ({ type }))).reduce(
+    return ((_b = (_a = this.partner) == null ? void 0 : _a.supportedWalletTypes) != null ? _b : Object.keys(this.currentWalletIds).map((type) => ({ type }))).reduce(
       (acc, { type }) => {
         var _a2;
         return [
@@ -488,19 +537,23 @@ const _ParaCore = class _ParaCore {
   }
   get isNoWalletConfig() {
     var _a;
-    return !!((_a = __privateGet(this, _partner)) == null ? void 0 : _a.supportedWalletTypes) && __privateGet(this, _partner).supportedWalletTypes.length === 0;
+    return !!((_a = this.partner) == null ? void 0 : _a.supportedWalletTypes) && this.partner.supportedWalletTypes.length === 0;
   }
   get supportedWalletTypes() {
     var _a, _b;
-    return (_b = (_a = __privateGet(this, _partner)) == null ? void 0 : _a.supportedWalletTypes) != null ? _b : [];
+    return (_b = (_a = this.partner) == null ? void 0 : _a.supportedWalletTypes) != null ? _b : [];
   }
   get cosmosPrefix() {
     var _a;
-    return (_a = __privateGet(this, _partner)) == null ? void 0 : _a.cosmosPrefix;
+    return (_a = this.partner) == null ? void 0 : _a.cosmosPrefix;
+  }
+  get supportedAccountLinks() {
+    var _a, _b;
+    return (_b = (_a = this.partner) == null ? void 0 : _a.supportedAccountLinks) != null ? _b : [...import_user_management_client.LINKED_ACCOUNT_TYPES];
   }
   get isWalletTypeEnabled() {
     var _a;
-    return (((_a = __privateGet(this, _partner)) == null ? void 0 : _a.supportedWalletTypes) || []).reduce((acc, { type }) => {
+    return (((_a = this.partner) == null ? void 0 : _a.supportedWalletTypes) || []).reduce((acc, { type }) => {
       return __spreadProps(__spreadValues({}, acc), { [type]: true });
     }, {});
   }
@@ -549,7 +602,7 @@ const _ParaCore = class _ParaCore {
   }
   isWalletSupported(wallet) {
     var _a, _b;
-    return !((_a = __privateGet(this, _partner)) == null ? void 0 : _a.supportedWalletTypes) || (0, import_utils2.isWalletSupported)((_b = __privateGet(this, _partner).supportedWalletTypes.map(({ type }) => type)) != null ? _b : [], wallet);
+    return !((_a = this.partner) == null ? void 0 : _a.supportedWalletTypes) || (0, import_utils2.isWalletSupported)((_b = this.partner.supportedWalletTypes.map(({ type }) => type)) != null ? _b : [], wallet);
   }
   isWalletOwned(wallet) {
     return this.isWalletSupported(wallet) && !(wallet == null ? void 0 : wallet.pregenIdentifier) && !(wallet == null ? void 0 : wallet.pregenIdentifierType) && !!this.userId && (wallet == null ? void 0 : wallet.userId) === this.userId;
@@ -575,12 +628,12 @@ const _ParaCore = class _ParaCore {
     } else {
       const wallet = this.wallets[walletId];
       const [isUnclaimed, isOwned] = [this.isPregenWalletUnclaimed(wallet), this.isWalletOwned(wallet)];
-      if (forbidPregen && isUnclaimed) {
+      if (forbidPregen && isUnclaimed && wallet.pregenIdentifierType !== "GUEST_ID") {
         error = `pre-generated wallet with id ${wallet == null ? void 0 : wallet.id} cannot be selected`;
       } else if (!isOwned && !isUnclaimed) {
         error = `wallet with id ${wallet == null ? void 0 : wallet.id} is not owned by the current user`;
       } else if (!this.isWalletSupported(wallet)) {
-        error = `wallet with id ${wallet.id} and type ${wallet.type} is not supported, supported types are: ${(((_b = __privateGet(this, _partner)) == null ? void 0 : _b.supportedWalletTypes) || []).map(({ type }) => type).join(", ")}`;
+        error = `wallet with id ${wallet.id} and type ${wallet.type} is not supported, supported types are: ${(((_b = this.partner) == null ? void 0 : _b.supportedWalletTypes) || []).map(({ type }) => type).join(", ")}`;
       } else if (types && (!(0, import_utils2.getEquivalentTypes)(types).includes(wallet == null ? void 0 : wallet.type) || isOwned && !types.some((type) => {
         var _a2, _b2;
         return (_b2 = (_a2 = this.currentWalletIds) == null ? void 0 : _a2[type]) == null ? void 0 : _b2.includes(walletId);
@@ -611,7 +664,7 @@ const _ParaCore = class _ParaCore {
     if (this.externalWallets[walletId]) {
       const wallet2 = this.externalWallets[walletId];
       return options.truncate ? (0, import_utils2.truncateAddress)(wallet2.address, wallet2.type, {
-        prefix: (_a = __privateGet(this, _partner)) == null ? void 0 : _a.cosmosPrefix,
+        prefix: (_a = this.partner) == null ? void 0 : _a.cosmosPrefix,
         targetLength: options.targetLength
       }) : wallet2.address;
     }
@@ -623,7 +676,7 @@ const _ParaCore = class _ParaCore {
     let prefix;
     switch (wallet.type) {
       case "COSMOS":
-        prefix = (_d = (_c = options.cosmosPrefix) != null ? _c : (_b = __privateGet(this, _partner)) == null ? void 0 : _b.cosmosPrefix) != null ? _d : "cosmos";
+        prefix = (_d = (_c = options.cosmosPrefix) != null ? _c : (_b = this.partner) == null ? void 0 : _b.cosmosPrefix) != null ? _d : "cosmos";
         str = (0, import_utils2.getCosmosAddress)(wallet.publicKey, prefix);
         break;
       default:
@@ -658,8 +711,8 @@ const _ParaCore = class _ParaCore {
     return __async(this, arguments, function* (type, opts = {}) {
       var _a, _b, _c, _d, _e, _f, _g, _h, _i, _j, _k, _l, _m;
       const [isCreate, isLogin, isOnRamp] = [
-        ["createAuth", "createPassword"].includes(type),
-        ["loginAuth", "loginPassword"].includes(type),
+        ["createAuth", "createPassword", "createPIN"].includes(type),
+        ["loginAuth", "loginPassword", "loginPIN"].includes(type),
         type === "onRamp"
       ];
       if (isCreate || isLogin) {
@@ -673,13 +726,17 @@ const _ParaCore = class _ParaCore {
       if (!this.loginEncryptionKeyPair) {
         yield this.setLoginEncryptionKeyPair();
       }
-      const base = type === "onRamp" ? (0, import_utils2.getPortalBaseURL)(this.ctx) : yield this.getPortalURL();
+      const base = type === "onRamp" || type === "telegramLogin" ? (0, import_utils2.getPortalBaseURL)(this.ctx, type === "telegramLogin") : yield this.getPortalURL();
       let path;
       switch (type) {
         case "createPassword": {
           path = `/web/users/${this.userId}/passwords/${opts.pathId}`;
           break;
         }
+        case "createPIN": {
+          path = `/web/users/${this.userId}/pin/${opts.pathId}`;
+          break;
+        }
         case "createAuth": {
           path = `/web/users/${this.userId}/biometrics/${opts.pathId}`;
           break;
@@ -692,26 +749,43 @@ const _ParaCore = class _ParaCore {
           path = "/web/biometrics/login";
           break;
         }
+        case "loginPIN": {
+          path = "/web/pin/login";
+          break;
+        }
         case "txReview": {
           path = `/web/users/${this.userId}/transaction-review/${opts.pathId}`;
           break;
         }
         case "onRamp": {
-          path = `/web/users/${this.userId}/on-ramp-transaction/${opts.pathId}`;
+          path = `/web/users/${this.userId}/on-ramp-transaction/v2/${opts.pathId}`;
+          break;
+        }
+        case "telegramLogin": {
+          path = `/auth/telegram`;
           break;
         }
         default: {
           throw new Error(`invalid URL type ${type}`);
         }
       }
-      const partner = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
+      let partner = void 0;
+      try {
+        partner = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
+      } catch (e) {
+        if (this.isPartnerOptional) {
+          partner = void 0;
+        } else {
+          throw e;
+        }
+      }
       const thisDevice = (_a = opts.thisDevice) != null ? _a : {
         encryptionKey: (0, import_utils.getPublicKeyHex)(this.loginEncryptionKeyPair),
         sessionId
       };
-      const params = __spreadValues(__spreadValues(__spreadValues(__spreadValues({
+      const params = __spreadValues(__spreadValues(__spreadValues(__spreadValues(__spreadValues({
         apiKey: this.ctx.apiKey,
-        partnerId: partner.id,
+        partnerId: partner == null ? void 0 : partner.id,
         portalFont: ((_b = opts.portalTheme) == null ? void 0 : _b.font) || (partner == null ? void 0 : partner.font) || ((_c = this.portalTheme) == null ? void 0 : _c.font),
         portalBorderRadius: ((_d = opts.portalTheme) == null ? void 0 : _d.borderRadius) || ((_e = this.portalTheme) == null ? void 0 : _e.borderRadius),
         portalThemeMode: ((_f = opts.portalTheme) == null ? void 0 : _f.mode) || (partner == null ? void 0 : partner.themeMode) || ((_g = this.portalTheme) == null ? void 0 : _g.mode),
@@ -722,7 +796,12 @@ const _ParaCore = class _ParaCore {
         portalTextColor: this.portalTextColor,
         portalPrimaryButtonTextColor: this.portalPrimaryButtonTextColor,
         isForNewDevice: opts.isForNewDevice ? opts.isForNewDevice.toString() : void 0
-      }, isCreate || isLogin ? { authInfo: JSON.stringify(this.authInfo) } : {}), isOnRamp ? { sessionId } : {}), isLogin ? __spreadProps(__spreadValues({
+      }, isCreate || isLogin ? __spreadProps(__spreadValues({
+        authInfo: JSON.stringify(this.authInfo)
+      }, (0, import_user_management_client.isPhone)(this.authInfo.auth) ? (0, import_utils2.splitPhoneNumber)(this.authInfo.auth.phone) : this.authInfo.auth), {
+        pfpUrl: this.authInfo.pfpUrl,
+        displayName: this.authInfo.displayName
+      }) : {}), isOnRamp ? { origin: typeof window !== "undefined" ? window.location.origin : void 0, email: this.email } : {}), isLogin ? __spreadProps(__spreadValues({
         sessionId: thisDevice.sessionId,
         encryptionKey: thisDevice.encryptionKey
       }, opts.newDevice ? {
@@ -730,7 +809,7 @@ const _ParaCore = class _ParaCore {
         newDeviceEncryptionKey: opts.newDevice.encryptionKey
       } : {}), {
         pregenIds: JSON.stringify(this.pregenIds)
-      }) : {}), opts.params || {});
+      }) : {}), type === "telegramLogin" ? { isEmbed: "true" } : {}), opts.params || {});
       const url = (0, import_utils2.constructUrl)({ base, path, params });
       if (opts.shorten) {
         return (0, import_utils2.shortenUrl)(this.ctx, url);
@@ -738,12 +817,62 @@ const _ParaCore = class _ParaCore {
       return url;
     });
   }
+  static resolveEnvironment(env, apiKey) {
+    var _a;
+    if (!apiKey) {
+      throw new Error("A Para API key is required.");
+    }
+    if (apiKey.includes("_")) {
+      const validEnvironmentPrefixes = Object.values(import_types.Environment);
+      const envPrefix = (_a = apiKey.split("_")[0]) == null ? void 0 : _a.toUpperCase();
+      const hasValidPrefix = validEnvironmentPrefixes.some((envValue) => envValue === envPrefix);
+      if (!hasValidPrefix) {
+        throw new Error(`Invalid API key environment prefix.`);
+      }
+      return envPrefix;
+    }
+    if (!env) {
+      throw new Error("Environment parameter is required.");
+    }
+    return env;
+  }
   touchSession(regenerate = false) {
     return __async(this, null, function* () {
-      var _a, _b, _c;
+      var _a, _b, _c, _d;
+      if (!this.isWorkerInitialized) {
+        this.initializeWorker();
+      }
+      if (!this.isReady) {
+        yield this.ready();
+      }
       const session = yield this.ctx.client.touchSession(regenerate);
-      if (!__privateGet(this, _partner) || ((_a = __privateGet(this, _partner)) == null ? void 0 : _a.id) !== session.partnerId || !(0, import_utils2.supportedWalletTypesEq)(((_b = __privateGet(this, _partner)) == null ? void 0 : _b.supportedWalletTypes) || [], session.supportedWalletTypes) || (((_c = __privateGet(this, _partner)) == null ? void 0 : _c.cosmosPrefix) || "cosmos") !== session.cosmosPrefix) {
-        yield __privateMethod(this, _ParaCore_instances, getPartner_fn).call(this, session.partnerId);
+      if (!this.partner || ((_a = this.partner) == null ? void 0 : _a.id) !== session.partnerId || !(0, import_utils2.supportedWalletTypesEq)(((_b = this.partner) == null ? void 0 : _b.supportedWalletTypes) || [], session.supportedWalletTypes) || (((_c = this.partner) == null ? void 0 : _c.cosmosPrefix) || "cosmos") !== session.cosmosPrefix) {
+        if (!session.partnerId) {
+          console.error(`
+\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501
+\u{1F6A8} PARA SDK CONFIGURATION ERROR \u{1F6A8}
+
+INVALID API KEY FOR CONFIGURED ENVIRONMENT
+
+Your API key does not match the configured environment. This usually means:
+
+1. You're using a production API key with a development environment
+2. You're using a development API key with a production environment  
+3. Your API key is invalid or has been regenerated
+
+SOLUTION:
+\u2022 Verify your API key at: https://developer.getpara.com
+\u2022 If your API key doesn't contain an environment prefix, ensure your API key is the correct key for your target environment
+
+Current Environment: ${this.ctx.env}
+API Key Prefix: ${((_d = this.ctx.apiKey) == null ? void 0 : _d.split("_")[0].toUpperCase()) || "None"}
+
+Need help? Visit: https://docs.getpara.com or contact support
+\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501
+        `);
+        } else {
+          yield __privateMethod(this, _ParaCore_instances, getPartner_fn).call(this, session.partnerId);
+        }
       }
       return session;
     });
@@ -842,8 +971,8 @@ const _ParaCore = class _ParaCore {
       return __privateGet(this, _authInfo);
     });
   }
-  assertUserId() {
-    if (!this.userId) {
+  assertUserId({ allowGuestMode = false } = {}) {
+    if (!this.userId || !allowGuestMode && this.isGuestMode) {
       throw new Error("no userId is set");
     }
     return this.userId;
@@ -899,19 +1028,75 @@ const _ParaCore = class _ParaCore {
    * @param externalAddress - External wallet address to set.
    * @param externalType - Type of external wallet to set.
    */
-  setExternalWallet(_0) {
-    return __async(this, arguments, function* ({ address, type, provider, addressBech32, withFullParaAuth }) {
-      this.externalWallets = {
-        [address]: {
-          id: address,
-          address: addressBech32 != null ? addressBech32 : address,
+  setExternalWallet(externalWallet) {
+    return __async(this, null, function* () {
+      const { id: partnerId, supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
+      this.externalWallets = (Array.isArray(externalWallet) ? externalWallet : [externalWallet]).reduce(
+        (acc, {
+          partnerId: wPartnerId,
+          address,
           type,
-          name: provider,
-          isExternal: true,
-          isExternalWithParaAuth: withFullParaAuth,
-          signer: ""
+          provider,
+          providerId,
+          addressBech32,
+          withFullParaAuth,
+          isConnectionOnly,
+          withVerification
+        }) => {
+          if (partnerId === wPartnerId && supportedWalletTypes.some(({ type: supportedType }) => supportedType === type)) {
+            return __spreadProps(__spreadValues({}, acc), {
+              [address]: {
+                id: address,
+                partnerId,
+                address: addressBech32 != null ? addressBech32 : address,
+                type,
+                name: provider,
+                isExternal: true,
+                isExternalWithParaAuth: withFullParaAuth,
+                externalProviderId: providerId,
+                signer: "",
+                isExternalConnectionOnly: isConnectionOnly,
+                isExternalWithVerification: withVerification
+              }
+            });
+          }
+          return acc;
+        },
+        {}
+      ), this.setExternalWallets(this.externalWallets);
+      (0, import_utils2.dispatchEvent)(import_types.ParaEvent.EXTERNAL_WALLET_CHANGE_EVENT, null);
+    });
+  }
+  addExternalWallets(externalWallets) {
+    return __async(this, null, function* () {
+      const { id: partnerId, supportedWalletTypes } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
+      this.externalWallets = __spreadValues(__spreadValues({}, Object.entries(this.externalWallets).reduce((acc, [address, wallet]) => {
+        if (partnerId === wallet.partnerId && supportedWalletTypes.some(({ type }) => type === wallet.type)) {
+          return __spreadProps(__spreadValues({}, acc), {
+            [address]: wallet
+          });
         }
-      };
+        return acc;
+      }, {})), externalWallets.reduce(
+        (acc, { address, type, provider, providerId, addressBech32, withFullParaAuth, isConnectionOnly, withVerification }) => {
+          return __spreadProps(__spreadValues({}, acc), {
+            [address]: {
+              id: address,
+              partnerId,
+              address: addressBech32 != null ? addressBech32 : address,
+              type,
+              name: provider,
+              isExternal: true,
+              isExternalWithParaAuth: withFullParaAuth,
+              externalProviderId: providerId,
+              signer: "",
+              isExternalConnectionOnly: isConnectionOnly,
+              isExternalWithVerification: withVerification
+            }
+          });
+        },
+        {}
+      ));
       this.setExternalWallets(this.externalWallets);
       (0, import_utils2.dispatchEvent)(import_types.ParaEvent.EXTERNAL_WALLET_CHANGE_EVENT, null);
     });
@@ -1023,6 +1208,7 @@ const _ParaCore = class _ParaCore {
   /**
    * Fetches the most recent OAuth account metadata for the signed-in user.
    * If applicable, this will include the user's most recent metadata from their Google, Apple, Facebook, X, Discord, Farcaster, or Telegram account, the last time they signed in to your app.
+   * @deprecated use `para.getLinkedAccounts({ withMetadata: true })` instead.
    * @returns {Promise<AccountMetadata>} the user's account metadata.
    */
   getAccountMetadata() {
@@ -1168,8 +1354,15 @@ const _ParaCore = class _ParaCore {
   }
   getPartnerURL() {
     return __async(this, null, function* () {
-      const { portalUrl } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      return portalUrl;
+      try {
+        const { portalUrl } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
+        return portalUrl;
+      } catch (e) {
+        if (this.isPartnerOptional) {
+          return void 0;
+        }
+        throw e;
+      }
     });
   }
   /**
@@ -1255,15 +1448,27 @@ const _ParaCore = class _ParaCore {
       } = _b, urlOptions = __objRest(_b, [
         "externalWallet"
       ]);
-      if (this.externalWalletConnectionOnly) {
-        externalWallet.withFullParaAuth = false;
-        yield this.setExternalWallet(externalWallet);
+      const externalWallets = Array.isArray(externalWallet) ? externalWallet : [externalWallet];
+      if (this.externalWalletConnectionOnly || externalWallets.every((wallet) => wallet.isConnectionOnly)) {
+        yield this.addExternalWallets(
+          externalWallets.map((wallet) => __spreadProps(__spreadValues({}, wallet), {
+            withFullParaAuth: false
+          }))
+        );
         return Promise.resolve({
           userId: constants.EXTERNAL_WALLET_CONNECTION_ONLY_USER_ID
         });
       }
+      if (Array.isArray(externalWallet)) {
+        throw new Error(
+          "Cannot authenticate multiple external wallets at once. To connect multiple wallets at once, use CONNECTION_ONLY mode."
+        );
+      }
       this.requireApiKey();
       const serverAuthState = yield this.ctx.client.loginExternalWallet({ externalWallet });
+      if (!externalWallet.withFullParaAuth && externalWallet.withVerification) {
+        yield this.touchSession(true);
+      }
       return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
     });
   }
@@ -1280,36 +1485,78 @@ const _ParaCore = class _ParaCore {
         "cosmosPublicKeyHex",
         "cosmosSigner"
       ]);
+      var _a;
       const serverAuthState = yield this.ctx.client.verifyExternalWallet(this.userId, {
         externalWallet,
         signedMessage,
         cosmosPublicKeyHex,
         cosmosSigner
       });
+      if (serverAuthState.stage === "login" && ((_a = serverAuthState.loginAuthMethods) == null ? void 0 : _a.includes(import_user_management_client.AuthMethod.PIN))) {
+        const { sessionLookupId } = yield this.touchSession();
+        return __privateMethod(this, _ParaCore_instances, prepareLoginState_fn).call(this, serverAuthState, __spreadProps(__spreadValues({}, urlOptions), { sessionLookupId }));
+      }
       return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
     });
   }
+  verifyExternalWalletLink(opts) {
+    return __async(this, null, function* () {
+      const accountLinkInProgress = yield __privateMethod(this, _ParaCore_instances, assertIsLinkingAccount_fn).call(this, ["EXTERNAL_WALLET"]);
+      if (!accountLinkInProgress.externalWallet) {
+        throw new Error("no external wallet account link in progress");
+      }
+      const accounts = yield this.verifyLink(__spreadValues({
+        accountLinkInProgress,
+        externalWallet: accountLinkInProgress.externalWallet
+      }, opts));
+      return accounts;
+    });
+  }
   /**
    * Validates the response received from an attempted Telegram login for authenticity, then
    * creates or retrieves the corresponding Para user and prepares the Para instance to sign in with that user.
    * @param authResponse - the response JSON object received from the Telegram widget.
    * @returns `{ isValid: boolean; telegramUserId?: string; userId?: string; isNewUser?: boolean; supportedAuthMethods?: AuthMethod[]; biometricHints?: BiometricLocationHint[] }`
    */
-  verifyTelegram(_e) {
+  verifyTelegramProcess(_e) {
     return __async(this, null, function* () {
       var _f = _e, {
-        telegramAuthResponse
+        telegramAuthResponse,
+        isLinkAccount
       } = _f, urlOptions = __objRest(_f, [
-        "telegramAuthResponse"
+        "telegramAuthResponse",
+        "isLinkAccount"
       ]);
       try {
-        const serverAuthState = yield this.ctx.client.verifyTelegram(telegramAuthResponse);
-        return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
+        switch (isLinkAccount) {
+          case false: {
+            const serverAuthState = yield this.ctx.client.verifyTelegram(telegramAuthResponse);
+            return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
+          }
+          case true: {
+            const accountLinkInProgress = yield __privateMethod(this, _ParaCore_instances, assertIsLinkingAccountOrStart_fn).call(this, "TELEGRAM");
+            const accounts = yield this.verifyLink({
+              accountLinkInProgress,
+              telegramAuthResponse
+            });
+            return accounts;
+          }
+        }
       } catch (e) {
         throw new Error(e.message);
       }
     });
   }
+  verifyTelegram(opts) {
+    return __async(this, null, function* () {
+      return yield this.verifyTelegramProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: false }));
+    });
+  }
+  verifyTelegramLink(opts) {
+    return __async(this, null, function* () {
+      return yield this.verifyTelegramProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: true }));
+    });
+  }
   /**
    * Performs 2FA verification.
    * @param {Object} opts the options object
@@ -1353,10 +1600,35 @@ const _ParaCore = class _ParaCore {
   /**
    * Resend a verification email for the current user.
    */
-  resendVerificationCode() {
-    return __async(this, null, function* () {
+  resendVerificationCode(_0) {
+    return __async(this, arguments, function* ({
+      type: reason = "SIGNUP"
+    }) {
+      let type, linkedAccountId;
+      switch (reason) {
+        case "SIGNUP":
+        case "LOGIN":
+          {
+            const authInfo = this.assertIsAuthSet(["email", "phone"]);
+            type = authInfo.authType.toUpperCase();
+          }
+          break;
+        case "LINK_ACCOUNT":
+          {
+            const accountLinkInProgress = __privateMethod(this, _ParaCore_instances, assertIsLinkingAccount_fn).call(this, ["EMAIL", "PHONE"]);
+            linkedAccountId = accountLinkInProgress.id;
+            type = accountLinkInProgress.type;
+          }
+          break;
+      }
+      const userId = this.assertUserId({ allowGuestMode: true });
+      if (type !== "EMAIL" && type !== "PHONE") {
+        throw new Error("invalid auth type for verification code");
+      }
       yield this.ctx.client.resendVerificationCode(__spreadValues({
-        userId: this.userId
+        userId,
+        type,
+        linkedAccountId
       }, this.getVerificationEmailProps()));
     });
   }
@@ -1369,7 +1641,14 @@ const _ParaCore = class _ParaCore {
       if (this.externalWalletConnectionType === "CONNECTION_ONLY") {
         return true;
       }
-      const { isAuthenticated } = yield this.touchSession();
+      const { isAuthenticated, verifiedExternalWalletAddresses } = yield this.touchSession();
+      if (this.externalWalletConnectionType === "VERIFICATION") {
+        if (!verifiedExternalWalletAddresses) {
+          return false;
+        }
+        const externalAddresses = Object.values(this.externalWallets).map((w) => w.id);
+        return externalAddresses.every((address) => verifiedExternalWalletAddresses.includes(address));
+      }
       return !!isAuthenticated;
     });
   }
@@ -1380,12 +1659,18 @@ const _ParaCore = class _ParaCore {
   isFullyLoggedIn() {
     return __async(this, null, function* () {
       if (this.externalWalletConnectionType === "CONNECTION_ONLY") {
+        if (!this.isReady) {
+          yield this.ready();
+        }
         return true;
       }
       if (this.isGuestMode) {
         return true;
       }
       const isSessionActive = yield this.isSessionActive();
+      if (this.externalWalletConnectionType === "VERIFICATION") {
+        return isSessionActive;
+      }
       return isSessionActive && (this.isNoWalletConfig || this.currentWalletIdsArray.length > 0 && this.currentWalletIdsArray.reduce((acc, [id]) => acc && !!this.wallets[id], true));
     });
   }
@@ -1393,10 +1678,13 @@ const _ParaCore = class _ParaCore {
     return __privateGet(this, _ParaCore_instances, guestWalletIdsArray_get).length > 0 && Object.values(this.wallets).every(
       ({ userId, partnerId }) => {
         var _a;
-        return partnerId === ((_a = __privateGet(this, _partner)) == null ? void 0 : _a.id) && (!userId || userId !== this.userId);
+        return partnerId === ((_a = this.partner) == null ? void 0 : _a.id) && (!userId || userId !== this.userId);
       }
     );
   }
+  /**
+   * Get the auth methods available to an existing user
+   */
   supportedAuthMethods(auth) {
     return __async(this, null, function* () {
       const { supportedAuthMethods } = yield this.ctx.client.getSupportedAuthMethods(auth);
@@ -1490,15 +1778,13 @@ const _ParaCore = class _ParaCore {
     });
   }
   /**
-   * Initiates a Farcaster login attempt and return the URI for the user to connect.
+   * Initiates a Farcaster login attempt and returns the URL for the user to connect.
    * You can create a QR code with this URI that works with Farcaster's mobile app.
    * @return {string} the Farcaster connect URI
    */
   getFarcasterConnectUri() {
-    return __async(this, null, function* () {
-      const {
-        data: { connect_uri: connectUri }
-      } = yield this.ctx.client.initializeFarcasterLogin();
+    return __async(this, arguments, function* ({ appScheme } = {}) {
+      const { connect_uri: connectUri } = yield this.ctx.client.initializeFarcasterLogin({ appScheme });
       return connectUri;
     });
   }
@@ -1507,19 +1793,25 @@ const _ParaCore = class _ParaCore {
    * If successful, this returns the user's Farcaster username and profile picture and indicates whether the user already exists.
    * @return {Object} `{userExists: boolean; username: string; pfpUrl?: string | null }` - the user's information and whether the user already exists.
    */
-  verifyFarcaster(_g) {
+  verifyFarcasterProcess(_g) {
     return __async(this, null, function* () {
       var _h = _g, {
         isCanceled = () => false,
         onConnectUri,
         onCancel,
-        onPoll
+        onPoll,
+        isLinkAccount
       } = _h, urlOptions = __objRest(_h, [
         "isCanceled",
         "onConnectUri",
         "onCancel",
-        "onPoll"
+        "onPoll",
+        "isLinkAccount"
       ]);
+      let accountLinkInProgress;
+      if (isLinkAccount) {
+        accountLinkInProgress = yield __privateMethod(this, _ParaCore_instances, assertIsLinkingAccountOrStart_fn).call(this, "FARCASTER");
+      }
       if (onConnectUri) {
         const connectUri = yield this.getFarcasterConnectUri();
         onConnectUri(connectUri);
@@ -1531,53 +1823,55 @@ const _ParaCore = class _ParaCore {
             try {
               if (isCanceled() || Date.now() - startedAt > constants.POLLING_TIMEOUT_MS) {
                 onCancel == null ? void 0 : onCancel();
-                return reject("canceled");
+                return reject("CANCELED");
               }
               yield new Promise((_resolve) => setTimeout(_resolve, constants.POLLING_INTERVAL_MS));
-              const serverAuthState = yield this.ctx.client.getFarcasterAuthStatus();
-              if ((0, import_utils2.isServerAuthState)(serverAuthState)) {
-                const authState = yield __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
-                return resolve(authState);
+              switch (isLinkAccount) {
+                case false:
+                  {
+                    const serverAuthState = yield this.ctx.client.getFarcasterAuthStatus();
+                    if ((0, import_utils2.isServerAuthState)(serverAuthState)) {
+                      const authState = yield __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
+                      return resolve(authState);
+                    }
+                  }
+                  break;
+                case true: {
+                  const result = yield this.verifyLink({
+                    accountLinkInProgress
+                  });
+                  if ("isConflict" in result) {
+                    throw new Error(import_types.AccountLinkError.Conflict);
+                  }
+                  return resolve(result);
+                }
               }
               onPoll == null ? void 0 : onPoll();
             } catch (e) {
-              console.error(e);
-              return reject(e);
+              if (!isLinkAccount || e.message === import_types.AccountLinkError.Conflict) {
+                return reject(e.message);
+              }
             }
           }
         }))();
       });
     });
   }
-  /**
-   * Generates a URL for the user to log in with OAuth using a desire method.
-   *
-   * @param {Object} opts the options object
-   * @param {TOAuthMethod} opts.method the third-party service to use for OAuth.
-   * @param {string} [opts.deeplinkUrl] the deeplink to redirect to after the OAuth flow. This is for mobile only.
-   * @returns {string} the URL for the user to log in with OAuth.
-   */
-  getOAuthUrl(_i) {
+  verifyFarcaster(opts) {
+    return __async(this, null, function* () {
+      return yield this.verifyFarcasterProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: false }));
+    });
+  }
+  verifyFarcasterLink(opts) {
+    return __async(this, null, function* () {
+      return yield this.verifyFarcasterProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: true }));
+    });
+  }
+  getOAuthUrl(opts) {
     return __async(this, null, function* () {
-      var _j = _i, { method, deeplinkUrl } = _j, params = __objRest(_j, ["method", "deeplinkUrl"]);
       var _a;
-      if (deeplinkUrl) {
-        try {
-          new URL(deeplinkUrl);
-        } catch (e) {
-          throw new Error("Invalid deeplink URL");
-        }
-      }
-      const sessionLookupId = (_a = params.sessionLookupId) != null ? _a : yield __privateMethod(this, _ParaCore_instances, prepareLogin_fn).call(this);
-      return (0, import_utils2.constructUrl)({
-        base: (0, import_userManagementClient.getBaseOAuthUrl)(this.ctx.env),
-        path: `/auth/${method}`,
-        params: {
-          apiKey: this.ctx.apiKey,
-          sessionLookupId,
-          deeplinkUrl
-        }
-      });
+      const sessionLookupId = (_a = opts.sessionLookupId) != null ? _a : yield this.prepareLogin();
+      return __privateMethod(this, _ParaCore_instances, getOAuthUrl_fn).call(this, __spreadProps(__spreadValues({}, opts), { sessionLookupId }));
     });
   }
   /**
@@ -1588,28 +1882,55 @@ const _ParaCore = class _ParaCore {
    * @param {Window} [opts.popupWindow] the popup window being used for login.
    * @return {Object} `{ email?: string; isError?: boolean; userExists: boolean; }` the result data
    */
-  verifyOAuth(_k) {
+  verifyOAuthProcess(_i) {
     return __async(this, null, function* () {
-      var _l = _k, {
+      var _j = _i, {
         method,
-        deeplinkUrl,
+        appScheme,
         isCanceled = () => false,
         onCancel,
         onPoll,
-        onOAuthUrl
-      } = _l, urlOptions = __objRest(_l, [
+        onOAuthUrl,
+        onOAuthPopup,
+        isLinkAccount
+      } = _j, urlOptions = __objRest(_j, [
         "method",
-        "deeplinkUrl",
+        "appScheme",
         "isCanceled",
         "onCancel",
         "onPoll",
-        "onOAuthUrl"
+        "onOAuthUrl",
+        "onOAuthPopup",
+        "isLinkAccount"
       ]);
-      let sessionLookupId;
-      if (onOAuthUrl) {
-        sessionLookupId = yield __privateMethod(this, _ParaCore_instances, prepareLogin_fn).call(this);
-        const oAuthUrl = yield this.getOAuthUrl({ method, deeplinkUrl, sessionLookupId });
-        onOAuthUrl(oAuthUrl);
+      let popupWindow;
+      if (onOAuthPopup) {
+        try {
+          popupWindow = yield this.platformUtils.openPopup("about:blank", { type: import_types.PopupType.OAUTH });
+        } catch (error) {
+          throw new Error(`Failed to open OAuth popup: ${error}`);
+        }
+      }
+      let sessionLookupId, accountLinkInProgress;
+      if (onOAuthUrl || onOAuthPopup) {
+        if (isLinkAccount) {
+          accountLinkInProgress = yield __privateMethod(this, _ParaCore_instances, assertIsLinkingAccountOrStart_fn).call(this, method);
+          sessionLookupId = (yield this.touchSession()).sessionLookupId;
+        } else {
+          sessionLookupId = yield this.prepareLogin();
+        }
+        const oAuthUrl = yield __privateMethod(this, _ParaCore_instances, getOAuthUrl_fn).call(this, { method, appScheme, sessionLookupId, accountLinkInProgress });
+        switch (true) {
+          case !!onOAuthUrl: {
+            onOAuthUrl(oAuthUrl);
+            break;
+          }
+          case (!!onOAuthPopup && !!popupWindow): {
+            popupWindow.location.href = oAuthUrl;
+            onOAuthPopup(popupWindow);
+            break;
+          }
+        }
       } else {
         ({ sessionLookupId } = yield this.touchSession());
       }
@@ -1620,17 +1941,29 @@ const _ParaCore = class _ParaCore {
             try {
               if (isCanceled() || Date.now() - startedAt > constants.POLLING_TIMEOUT_MS) {
                 onCancel == null ? void 0 : onCancel();
-                return reject("canceled");
+                return reject(import_types.AccountLinkError.Canceled);
               }
               yield new Promise((_resolve) => setTimeout(_resolve, constants.POLLING_INTERVAL_MS));
-              const serverAuthState = yield this.ctx.client.verifyOAuth();
-              if ((0, import_utils2.isServerAuthState)(serverAuthState)) {
-                const authState = yield __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, __spreadProps(__spreadValues({}, urlOptions), { sessionLookupId }));
-                return resolve(authState);
+              switch (isLinkAccount) {
+                case false:
+                  {
+                    const serverAuthState = yield this.ctx.client.verifyOAuth();
+                    if ((0, import_utils2.isServerAuthState)(serverAuthState)) {
+                      const authState = yield __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, __spreadProps(__spreadValues({}, urlOptions), { sessionLookupId }));
+                      return resolve(authState);
+                    }
+                  }
+                  break;
+                case true: {
+                  const accounts = yield this.verifyLink({ accountLinkInProgress });
+                  return resolve(accounts);
+                }
               }
               onPoll == null ? void 0 : onPoll();
             } catch (err) {
-              console.error(err);
+              if (isLinkAccount && err.message === import_types.AccountLinkError.Conflict) {
+                return reject(err.message);
+              }
               onPoll == null ? void 0 : onPoll();
             }
           }
@@ -1638,6 +1971,16 @@ const _ParaCore = class _ParaCore {
       });
     });
   }
+  verifyOAuth(opts) {
+    return __async(this, null, function* () {
+      return yield this.verifyOAuthProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: false }));
+    });
+  }
+  verifyOAuthLink(opts) {
+    return __async(this, null, function* () {
+      return yield this.verifyOAuthProcess(__spreadProps(__spreadValues({}, opts), { isLinkAccount: true }));
+    });
+  }
   /**
    * Waits for the session to be active and sets up the user.
    *
@@ -1723,7 +2066,7 @@ const _ParaCore = class _ParaCore {
         sessionId
       });
       if (shouldOpenPopup) {
-        this.platformUtils.openPopup(link);
+        yield this.platformUtils.openPopup(link);
       }
       return link;
     });
@@ -2267,25 +2610,12 @@ const _ParaCore = class _ParaCore {
       });
     });
   }
-  getOnRampTransactionUrl(_m) {
-    return __async(this, null, function* () {
-      var _n = _m, {
-        purchaseId,
-        providerKey
-      } = _n, walletParams = __objRest(_n, [
-        "purchaseId",
-        "providerKey"
-      ]);
-      const { sessionId } = yield this.touchSession();
-      const [key, identifier] = (0, import_user_management_client.extractWalletRef)(walletParams);
+  getOnRampTransactionUrl(_0) {
+    return __async(this, arguments, function* ({
+      purchaseId
+    }) {
       return this.constructPortalUrl("onRamp", {
-        pathId: purchaseId,
-        sessionId,
-        params: {
-          [key]: identifier,
-          providerKey,
-          currentWalletIds: JSON.stringify(this.currentWalletIds)
-        }
+        pathId: purchaseId
       });
     });
   }
@@ -2319,7 +2649,7 @@ const _ParaCore = class _ParaCore {
       let signRes = yield this.signMessageInner({ wallet, signerId, messageBase64, cosmosSignDocBase64 });
       let timeStart = Date.now();
       if (signRes.pendingTransactionId) {
-        this.platformUtils.openPopup(
+        yield this.platformUtils.openPopup(
           yield this.getTransactionReviewUrl(signRes.pendingTransactionId, timeoutMs),
           { type: cosmosSignDocBase64 ? import_types.PopupType.SIGN_TRANSACTION_REVIEW : import_types.PopupType.SIGN_MESSAGE_REVIEW }
         );
@@ -2431,7 +2761,7 @@ const _ParaCore = class _ParaCore {
       );
       let timeStart = Date.now();
       if (signRes.pendingTransactionId) {
-        this.platformUtils.openPopup(
+        yield this.platformUtils.openPopup(
           yield this.getTransactionReviewUrl(signRes.pendingTransactionId, timeoutMs),
           { type: import_types.PopupType.SIGN_TRANSACTION_REVIEW }
         );
@@ -2507,7 +2837,8 @@ const _ParaCore = class _ParaCore {
         providerKey: onRampPurchase.providerKey
       }, walletParams));
       if (shouldOpenPopup) {
-        this.platformUtils.openPopup(portalUrl, { type: import_types.PopupType.ON_RAMP_TRANSACTION });
+        const onRampWindow = yield this.platformUtils.openPopup(portalUrl, { type: import_types.PopupType.ON_RAMP_TRANSACTION });
+        this.onRampPopup = { window: onRampWindow, onRampPurchase };
       }
       return { onRampPurchase, portalUrl };
     });
@@ -2590,6 +2921,12 @@ const _ParaCore = class _ParaCore {
       return sessionLookupId;
     });
   }
+  issueJwt() {
+    return __async(this, arguments, function* ({ keyIndex = 0 } = {}) {
+      const res = yield this.ctx.client.issueJwt({ keyIndex });
+      return res;
+    });
+  }
   /**
    * Logs the user out.
    * @param {Object} opts the options object.
@@ -2597,6 +2934,7 @@ const _ParaCore = class _ParaCore {
    **/
   logout() {
     return __async(this, arguments, function* ({ clearPregenWallets = false } = {}) {
+      const shouldDispatchLogoutEvent = yield this.isSessionActive();
       yield this.ctx.client.logout();
       yield this.clearStorage();
       if (!clearPregenWallets) {
@@ -2613,22 +2951,17 @@ const _ParaCore = class _ParaCore {
       this.externalWallets = {};
       this.loginEncryptionKeyPair = void 0;
       __privateSet(this, _authInfo, void 0);
+      this.accountLinkInProgress = void 0;
       this.userId = void 0;
       this.sessionCookie = void 0;
-      (0, import_utils2.dispatchEvent)(import_types.ParaEvent.LOGOUT_EVENT, null);
-    });
-  }
-  /** @deprecated */
-  getSupportedCreateAuthMethods() {
-    return __async(this, null, function* () {
-      const partner = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
-      let supportedAuthMethods = /* @__PURE__ */ new Set();
-      for (const authMethod of partner.supportedAuthMethods) {
-        supportedAuthMethods.add(import_user_management_client.AuthMethod[authMethod]);
+      if (shouldDispatchLogoutEvent) {
+        (0, import_utils2.dispatchEvent)(import_types.ParaEvent.LOGOUT_EVENT, null);
       }
-      return supportedAuthMethods;
     });
   }
+  get toStringAdditions() {
+    return {};
+  }
   /**
    * Converts to a string, removing sensitive data when logging this class.
    *
@@ -2652,10 +2985,10 @@ const _ParaCore = class _ParaCore {
       }),
       {}
     );
-    const obj = {
-      partnerId: (_a = __privateGet(this, _partner)) == null ? void 0 : _a.id,
-      supportedWalletTypes: (_b = __privateGet(this, _partner)) == null ? void 0 : _b.supportedWalletTypes,
-      cosmosPrefix: (_c = __privateGet(this, _partner)) == null ? void 0 : _c.cosmosPrefix,
+    const obj = __spreadProps(__spreadValues({
+      partnerId: (_a = this.partner) == null ? void 0 : _a.id,
+      supportedWalletTypes: (_b = this.partner) == null ? void 0 : _b.supportedWalletTypes,
+      cosmosPrefix: (_c = this.partner) == null ? void 0 : _c.cosmosPrefix,
       authInfo: __privateGet(this, _authInfo),
       isGuestMode: this.isGuestMode,
       userId: this.userId,
@@ -2665,6 +2998,8 @@ const _ParaCore = class _ParaCore {
       wallets: redactedWallets,
       externalWallets: redactedExternalWallets,
       loginEncryptionKeyPair: this.loginEncryptionKeyPair ? "[REDACTED]" : void 0,
+      isReady: this.isReady
+    }, this.toStringAdditions), {
       ctx: {
         apiKey: this.ctx.apiKey,
         disableWorkers: this.ctx.disableWorkers,
@@ -2675,9 +3010,14 @@ const _ParaCore = class _ParaCore {
         useDKLS: this.ctx.useDKLS,
         cosmosPrefix: this.ctx.cosmosPrefix
       }
-    };
+    });
     return `Para ${JSON.stringify(obj, null, 2)}`;
   }
+  devLog(...s) {
+    if (this.ctx.env === import_types.Environment.DEV || this.ctx.env === import_types.Environment.SANDBOX) {
+      console.log(...s);
+    }
+  }
   getNewCredentialAndUrl() {
     return __async(this, arguments, function* ({
       authMethod = "PASSKEY",
@@ -2705,6 +3045,14 @@ const _ParaCore = class _ParaCore {
           }));
           urlType = "createPassword";
           break;
+        case "PIN":
+          ({
+            data: { id: credentialId }
+          } = yield this.ctx.client.addSessionPasswordPublicKey(this.userId, {
+            status: import_user_management_client.PasswordStatus.PENDING
+          }));
+          urlType = "createPIN";
+          break;
       }
       const url = this.isNativePasskey && urlType === "createAuth" ? void 0 : yield this.constructPortalUrl(urlType, {
         isForNewDevice,
@@ -2716,7 +3064,7 @@ const _ParaCore = class _ParaCore {
     });
   }
   /**
-   * Returns a Para Portal URL for logging in with a WebAuth passkey or a password.
+   * Returns a Para Portal URL for logging in with a WebAuth passkey, password or PIN.
    * @param {Object} opts the options object
    * @param {String} opts.auth - the user auth to sign up or log in with, in the form ` { email: string } | { phone: `+${number}` } `
    * @param {boolean} opts.useShortUrls - whether to shorten the generated portal URLs
@@ -2742,6 +3090,9 @@ const _ParaCore = class _ParaCore {
         case "PASSWORD":
           urlType = "loginPassword";
           break;
+        case "PIN":
+          urlType = "loginPIN";
+          break;
         default:
           throw new Error(`invalid authentication method: '${authMethod}'`);
       }
@@ -2752,53 +3103,193 @@ const _ParaCore = class _ParaCore {
       });
     });
   }
-  signUpOrLogIn(_o) {
+  prepareLogin() {
+    return __async(this, null, function* () {
+      yield this.logout();
+      const { sessionLookupId } = yield this.touchSession(true);
+      if (!this.loginEncryptionKeyPair) {
+        yield this.setLoginEncryptionKeyPair();
+      }
+      return sessionLookupId;
+    });
+  }
+  signUpOrLogIn(_k) {
     return __async(this, null, function* () {
-      var _p = _o, { auth } = _p, urlOptions = __objRest(_p, ["auth"]);
+      var _l = _k, { auth } = _l, urlOptions = __objRest(_l, ["auth"]);
       const serverAuthState = yield this.ctx.client.signUpOrLogIn(__spreadValues(__spreadValues({}, auth), this.getVerificationEmailProps()));
+      const authInfo = serverAuthState.auth;
+      if (this.fetchPregenWalletsOverride && (0, import_user_management_client.isPregenAuth)(authInfo)) {
+        const { userShare } = yield this.fetchPregenWalletsOverride({ pregenId: authInfo });
+        if (userShare) {
+          yield this.setUserShare(userShare);
+        }
+      }
       return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
     });
   }
-  verifyNewAccount(_q) {
+  verifyNewAccount(_m) {
     return __async(this, null, function* () {
-      var _r = _q, {
+      var _n = _m, {
         verificationCode
-      } = _r, urlOptions = __objRest(_r, [
+      } = _n, urlOptions = __objRest(_n, [
         "verificationCode"
       ]);
       this.assertIsAuthSet(["email", "phone"]);
-      const userId = this.assertUserId();
-      const serverAuthState = yield this.ctx.client.verifyNewAccount(userId, {
+      const userId = this.assertUserId({ allowGuestMode: true });
+      const serverAuthState = yield this.ctx.client.verifyAccount(userId, {
         verificationCode
       });
+      if (serverAuthState.stage === "login") {
+        throw new Error("Account already exists.");
+      }
       return __privateMethod(this, _ParaCore_instances, prepareAuthState_fn).call(this, serverAuthState, urlOptions);
     });
   }
+  getLinkedAccounts() {
+    return __async(this, arguments, function* ({
+      withMetadata = false
+    } = {}) {
+      const userId = this.assertUserId();
+      const { accounts } = yield this.ctx.client.getLinkedAccounts({ userId, withMetadata });
+      return __spreadValues({
+        userId
+      }, accounts);
+    });
+  }
+  linkAccount(opts) {
+    return __async(this, null, function* () {
+      const { supportedAccountLinks = [...import_user_management_client.LINKED_ACCOUNT_TYPES] } = yield __privateMethod(this, _ParaCore_instances, assertPartner_fn).call(this);
+      let type, identifier, externalWallet, isPermitted;
+      switch (true) {
+        case "auth" in opts:
+          {
+            const authInfo = (0, import_user_management_client.extractAuthInfo)(opts.auth, { isRequired: true });
+            if (authInfo.auth === this.authInfo.auth) {
+              throw new Error(import_types.AccountLinkError.Conflict);
+            }
+            type = authInfo.authType.toUpperCase();
+            identifier = authInfo.identifier;
+            isPermitted = supportedAccountLinks.includes(type);
+          }
+          break;
+        case "externalWallet" in opts:
+          {
+            externalWallet = opts.externalWallet;
+            type = "EXTERNAL_WALLET";
+            isPermitted = supportedAccountLinks.includes("EXTERNAL_WALLET") || supportedAccountLinks.includes(externalWallet.providerId);
+          }
+          break;
+        case "type" in opts:
+          {
+            type = opts.type;
+            if (type === "X") {
+              type = "TWITTER";
+            }
+            isPermitted = supportedAccountLinks.includes(type);
+          }
+          break;
+        default:
+          throw new Error("Invalid parameters for linking account, must pass `auth` or `type` or `externalWallet");
+      }
+      if (!isPermitted) {
+        throw new Error(`Account linking for type '${type}' is not supported by the current API key configuration`);
+      }
+      const userId = this.assertUserId();
+      const result = yield this.ctx.client.linkAccount(__spreadValues(__spreadValues({
+        userId,
+        type
+      }, identifier ? { identifier } : {}), externalWallet ? { externalWallet } : {}));
+      if ("isConflict" in result) {
+        throw new Error(import_types.AccountLinkError.Conflict);
+      }
+      const { linkedAccountId, signatureVerificationMessage } = result;
+      this.accountLinkInProgress = __spreadValues(__spreadValues({
+        id: linkedAccountId,
+        type,
+        isComplete: false
+      }, identifier ? { identifier } : {}), signatureVerificationMessage && externalWallet ? {
+        externalWallet: __spreadProps(__spreadValues({}, externalWallet), {
+          signatureVerificationMessage
+        })
+      } : {});
+      return this.accountLinkInProgress;
+    });
+  }
+  unlinkAccount(_0) {
+    return __async(this, arguments, function* ({
+      linkedAccountId
+    }) {
+      if (!linkedAccountId) {
+        throw new Error("No linked account ID provided");
+      }
+      const userId = this.assertUserId();
+      const accounts = yield this.ctx.client.unlinkAccount({ linkedAccountId, userId });
+      return accounts;
+    });
+  }
+  verifyLink() {
+    return __async(this, arguments, function* (_o = {}) {
+      var _p = _o, {
+        accountLinkInProgress = __privateMethod(this, _ParaCore_instances, assertIsLinkingAccount_fn).call(this)
+      } = _p, opts = __objRest(_p, [
+        "accountLinkInProgress"
+      ]);
+      try {
+        const userId = this.assertUserId(), result = yield this.ctx.client.verifyLink(__spreadValues({
+          linkedAccountId: accountLinkInProgress.id,
+          userId
+        }, opts));
+        if ("isConflict" in result) {
+          throw new Error(import_types.AccountLinkError.Conflict);
+        }
+        this.accountLinkInProgress = void 0;
+        return result.accounts;
+      } catch (e) {
+        throw new Error(e.message === import_types.AccountLinkError.Conflict ? import_types.AccountLinkError.Conflict : e.message);
+      }
+    });
+  }
+  verifyEmailOrPhoneLink(_0) {
+    return __async(this, arguments, function* ({
+      verificationCode
+    }) {
+      const accounts = yield this.verifyLink({
+        accountLinkInProgress: __privateMethod(this, _ParaCore_instances, assertIsLinkingAccount_fn).call(this, ["EMAIL", "PHONE"]),
+        verificationCode
+      });
+      return accounts;
+    });
+  }
+  sendLoginCode() {
+    return __async(this, null, function* () {
+      const { userId } = yield this.ctx.client.sendLoginVerificationCode(this.authInfo);
+      this.setUserId(userId);
+    });
+  }
 };
 _authInfo = new WeakMap();
-_partner = new WeakMap();
 _ParaCore_instances = new WeakSet();
 assertPartner_fn = function() {
   return __async(this, null, function* () {
     var _a, _b;
-    if (!__privateGet(this, _partner)) {
+    if (!this.partner) {
       yield this.touchSession();
     }
-    if (((_a = __privateGet(this, _partner)) == null ? void 0 : _a.cosmosPrefix) && this.ctx.cosmosPrefix !== __privateGet(this, _partner).cosmosPrefix) {
-      this.ctx.cosmosPrefix = (_b = __privateGet(this, _partner)) == null ? void 0 : _b.cosmosPrefix;
+    if (((_a = this.partner) == null ? void 0 : _a.cosmosPrefix) && this.ctx.cosmosPrefix !== this.partner.cosmosPrefix) {
+      this.ctx.cosmosPrefix = (_b = this.partner) == null ? void 0 : _b.cosmosPrefix;
     }
-    return __privateGet(this, _partner);
+    return this.partner;
   });
 };
 guestWalletIds_get = function() {
   var _a, _b, _c;
-  if (!((_a = __privateGet(this, _partner)) == null ? void 0 : _a.supportedWalletTypes)) {
+  if (!((_a = this.partner) == null ? void 0 : _a.supportedWalletTypes)) {
     return {};
   }
   const guestId = (_c = (_b = this.pregenIds) == null ? void 0 : _b.GUEST_ID) == null ? void 0 : _c[0];
   return !!guestId ? Object.entries(this.wallets).reduce((acc, [id, wallet]) => {
     if (wallet.isPregen && !wallet.userId && wallet.pregenIdentifierType === "GUEST_ID" && wallet.pregenIdentifier === guestId) {
-      return __spreadValues(__spreadValues({}, acc), (0, import_utils2.getEquivalentTypes)(wallet.type).filter((type) => __privateGet(this, _partner).supportedWalletTypes.some((entry) => entry.type === type)).reduce((acc2, eqType) => {
+      return __spreadValues(__spreadValues({}, acc), (0, import_utils2.getEquivalentTypes)(wallet.type).filter((type) => this.partner.supportedWalletTypes.some((entry) => entry.type === type)).reduce((acc2, eqType) => {
         var _a2;
         return __spreadProps(__spreadValues({}, acc2), { [eqType]: [.../* @__PURE__ */ new Set([...(_a2 = acc2[eqType]) != null ? _a2 : [], id])] });
       }, {}));
@@ -2855,9 +3346,57 @@ setAuthInfo_fn = function(authInfo) {
 };
 getPartner_fn = function(partnerId) {
   return __async(this, null, function* () {
+    if (this.isPartnerOptional && !partnerId) {
+      return void 0;
+    }
     const res = yield this.ctx.client.getPartner(partnerId);
-    __privateSet(this, _partner, res.data.partner);
-    return __privateGet(this, _partner);
+    this.partner = res.data.partner;
+    return this.partner;
+  });
+};
+assertIsLinkingAccount_fn = function(types) {
+  if (!this.accountLinkInProgress || this.accountLinkInProgress.isComplete) {
+    throw new Error("no account linking in progress");
+  }
+  if (types && !types.includes(this.accountLinkInProgress.type)) {
+    throw new Error(
+      `account linking in progress for type ${this.accountLinkInProgress.type}, expected one of ${types.join(", ")}`
+    );
+  }
+  return this.accountLinkInProgress;
+};
+assertIsLinkingAccountOrStart_fn = function(type) {
+  return __async(this, null, function* () {
+    if (this.accountLinkInProgress && !this.accountLinkInProgress.isComplete) {
+      return __privateMethod(this, _ParaCore_instances, assertIsLinkingAccount_fn).call(this, [type]);
+    }
+    return yield this.linkAccount({ type });
+  });
+};
+/**
+ * Generates a URL for the user to log in with OAuth using a desire method.
+ *
+ * @param {Object} opts the options object
+ * @param {TOAuthMethod} opts.method the third-party service to use for OAuth.
+ * @param {string} [opts.appScheme] the app scheme to redirect to after the OAuth flow. This is for mobile only.
+ * @returns {string} the URL for the user to log in with OAuth.
+ */
+getOAuthUrl_fn = function({
+  method,
+  appScheme,
+  accountLinkInProgress,
+  sessionLookupId
+}) {
+  return (0, import_utils2.constructUrl)({
+    base: (0, import_userManagementClient.getBaseOAuthUrl)(this.ctx.env),
+    path: `/auth/${method}`,
+    params: __spreadValues({
+      apiKey: this.ctx.apiKey,
+      sessionLookupId,
+      appScheme
+    }, accountLinkInProgress ? {
+      linkedAccountId: this.accountLinkInProgress.id
+    } : {})
   });
 };
 createPregenWallet_fn = function(opts) {
@@ -2910,8 +3449,9 @@ createPregenWallet_fn = function(opts) {
 _isCreateGuestWalletsPending = new WeakMap();
 prepareAuthState_fn = function(_0) {
   return __async(this, arguments, function* (serverAuthState, opts = {}) {
-    if (!opts.sessionLookupId && serverAuthState.stage === "login") {
-      opts.sessionLookupId = yield __privateMethod(this, _ParaCore_instances, prepareLogin_fn).call(this);
+    var _a, _b;
+    if (!opts.sessionLookupId && serverAuthState.stage === "login" && (!serverAuthState.externalWallet || !(((_a = serverAuthState.externalWallet) == null ? void 0 : _a.withFullParaAuth) && ((_b = serverAuthState.loginAuthMethods) == null ? void 0 : _b.includes(import_user_management_client.AuthMethod.PIN))))) {
+      opts.sessionLookupId = yield this.prepareLogin();
     }
     const { auth, externalWallet, userId, displayName, pfpUrl, username } = serverAuthState;
     const authInfo = __spreadValues(__spreadValues({}, (0, import_user_management_client.extractAuthInfo)(auth, { isRequired: true })), Object.fromEntries(
@@ -2925,7 +3465,7 @@ prepareAuthState_fn = function(_0) {
     yield __privateMethod(this, _ParaCore_instances, setAuthInfo_fn).call(this, authInfo);
     yield this.assertIsAuthSet();
     if (!!externalWallet) {
-      yield this.setExternalWallet(externalWallet);
+      yield this.setExternalWallet([externalWallet]);
     }
     if (!!userId) {
       yield this.setUserId(userId);
@@ -2936,33 +3476,34 @@ prepareAuthState_fn = function(_0) {
         authState = serverAuthState;
         break;
       case "login":
+        if (externalWallet && !(externalWallet == null ? void 0 : externalWallet.withFullParaAuth)) {
+          authState = serverAuthState;
+          break;
+        }
         authState = yield __privateMethod(this, _ParaCore_instances, prepareLoginState_fn).call(this, serverAuthState, __spreadProps(__spreadValues({}, opts), { sessionLookupId: opts.sessionLookupId }));
         break;
       case "signup":
+        if (externalWallet && !(externalWallet == null ? void 0 : externalWallet.withFullParaAuth)) {
+          authState = serverAuthState;
+          break;
+        }
         authState = yield __privateMethod(this, _ParaCore_instances, prepareSignUpState_fn).call(this, serverAuthState, opts);
         break;
     }
     return authState;
   });
 };
-prepareLogin_fn = function() {
-  return __async(this, null, function* () {
-    yield this.logout();
-    const { sessionLookupId } = yield this.touchSession(true);
-    if (!this.loginEncryptionKeyPair) {
-      yield this.setLoginEncryptionKeyPair();
-    }
-    return sessionLookupId;
-  });
-};
 prepareLoginState_fn = function(_0, _1) {
   return __async(this, arguments, function* (loginState, {
     useShortUrls: shorten = false,
     portalTheme,
     sessionLookupId
   }) {
-    const _a = loginState, { loginAuthMethods } = _a, authState = __objRest(_a, ["loginAuthMethods"]);
-    return __spreadValues(__spreadValues(__spreadValues({}, authState), !this.isNativePasskey && loginAuthMethods.includes(import_user_management_client.AuthMethod.PASSKEY) ? {
+    const _a = loginState, { loginAuthMethods, hasPasswordWithoutPIN } = _a, authState = __objRest(_a, ["loginAuthMethods", "hasPasswordWithoutPIN"]);
+    const isPasskeySupported = yield this.isPasskeySupported(), isPasskeyPossible = loginAuthMethods.includes(import_user_management_client.AuthMethod.PASSKEY) && !this.isNativePasskey, isPasswordPossible = loginAuthMethods.includes(import_user_management_client.AuthMethod.PASSWORD) && hasPasswordWithoutPIN, isPINPossible = loginAuthMethods.includes(import_user_management_client.AuthMethod.PIN);
+    return __spreadValues(__spreadValues(__spreadValues(__spreadProps(__spreadValues({}, authState), {
+      isPasskeySupported
+    }), isPasskeyPossible ? {
       passkeyUrl: yield this.getLoginUrl({ sessionId: sessionLookupId, shorten, portalTheme }),
       passkeyKnownDeviceUrl: yield this.constructPortalUrl("loginAuth", {
         sessionId: sessionLookupId,
@@ -2973,11 +3514,19 @@ prepareLoginState_fn = function(_0, _1) {
         shorten,
         portalTheme
       })
-    } : {}), loginAuthMethods.includes(import_user_management_client.AuthMethod.PASSWORD) ? {
+    } : {}), isPasswordPossible ? {
       passwordUrl: yield this.constructPortalUrl("loginPassword", {
         sessionId: sessionLookupId,
         shorten,
-        portalTheme
+        portalTheme,
+        params: { isEmbedded: `${!loginState.isWalletSelectionNeeded}` }
+      })
+    } : {}), isPINPossible ? {
+      pinUrl: yield this.constructPortalUrl("loginPIN", {
+        sessionId: sessionLookupId,
+        shorten,
+        portalTheme,
+        params: { isEmbedded: `${!loginState.isWalletSelectionNeeded}` }
       })
     } : {});
   });
@@ -2985,16 +3534,18 @@ prepareLoginState_fn = function(_0, _1) {
 prepareSignUpState_fn = function(_0, _1) {
   return __async(this, arguments, function* (serverSignupState, { useShortUrls: shorten = false, portalTheme }) {
     const _a = serverSignupState, { signupAuthMethods } = _a, authState = __objRest(_a, ["signupAuthMethods"]);
-    const [isPasskey, isPassword] = [
+    const isPasskeySupported = yield this.isPasskeySupported();
+    const [isPasskey, isPassword, isPIN] = [
       signupAuthMethods.includes(import_user_management_client.AuthMethod.PASSKEY),
-      signupAuthMethods.includes(import_user_management_client.AuthMethod.PASSWORD)
+      signupAuthMethods.includes(import_user_management_client.AuthMethod.PASSWORD) || !isPasskeySupported,
+      signupAuthMethods.includes(import_user_management_client.AuthMethod.PIN)
     ];
-    if (!isPasskey && !isPassword) {
+    if (!isPasskey && !isPassword && !isPIN) {
       throw new Error(
-        "No supported authentication methods found. Please ensure you have enabled either WebAuth passkeys or passwords in your Developer Portal settings."
+        "No supported authentication methods found. Please ensure you have enabled either WebAuth passkeys, passwords or PINs in your Developer Portal settings."
       );
     }
-    const signupState = authState;
+    const signupState = __spreadProps(__spreadValues({}, authState), { isPasskeySupported });
     if (isPasskey) {
       const { url: passkeyUrl, credentialId: passkeyId } = yield this.getNewCredentialAndUrl({
         authMethod: "PASSKEY",
@@ -3012,6 +3563,15 @@ prepareSignUpState_fn = function(_0, _1) {
       signupState.passwordUrl = passwordUrl;
       signupState.passwordId = passwordId;
     }
+    if (isPIN) {
+      const { url: pinUrl, credentialId: pinId } = yield this.getNewCredentialAndUrl({
+        authMethod: "PIN",
+        portalTheme,
+        shorten
+      });
+      signupState.pinUrl = pinUrl;
+      signupState.pinId = pinId;
+    }
     return signupState;
   });
 };