@healthcloudai/hc-login-connector 0.0.13 → 0.0.14

package/README.md

@@ -770,7 +770,7 @@ Status:
 Public signature: `loginClient.login(email, password)`
 
 `login(...)` accepts only `email` and `password`.
-The client builds the full backend `Data` payload internally, and stores the
+The client builds the login `Data` payload internally, and stores the
 returned tokens in memory.
 On tenants that require onboarding completion, login may depend on the relevant
 onboarding steps already being finished.
@@ -783,20 +783,14 @@ await loginClient.login(
 ```
 
 #### Full API request
-Request sent for the usage example above:
+Request sent for the full payload usage example above:
 
 ```json
 {
   "Data": {
-    "FirstName": "",
-    "LastName": "",
     "Email": "john.smith@example.com",
     "Password": "ExamplePassword123!",
-    "TenantID": "test-tenant",
-    "AppPoolID": "",
-    "GoogleIdToken": "",
-    "AppleIdToken": "",
-    "AppleCode": ""
+    "TenantID": "test-tenant"
   }
 }
 ```
@@ -817,12 +811,15 @@ Status:
     "AccessToken": "eyJ_access_token_example",
     "IDToken": "eyJ_id_token_example",
     "EHR": "fhir",
+    "ErrorMessage": null,
     "HasInsurance": false,
     "HasIDCard": false,
     "HasSelfie": false,
     "Attributes": {
-      "EHR": "fhir"
+      "EHR": "fhir",
+      "Type": "PATIENT"
     },
+    "ID": "john.smith@example.com",
     "TenantID": "test-tenant",
     "Expiration": "2030-01-01T00:00:00.000Z",
     "Type": 0
@@ -836,21 +833,23 @@ Status:
 
 ### Reset Password
 
-Public signature: `loginClient.resetPassword(email, isPasswordResetWithOTP?)`
+`resetPassword` supports both OTP-based and link-based reset initiation
+flows.
+
+`IsPasswordResetWithOTP` is optional. It is included in the request body only
+when `isPasswordResetWithOTP` is `true`. When `false` or omitted, the field is
+not sent at all and `false` is not serialized into the payload.
 
-`TenantID` is injected automatically from `configure(...)`.
-If an ID token is already available, the client may also include an
-`Authorization` header.
+#### OTP-based password reset initiation
+
+Use this when the password reset flow should be handled through an OTP code.
+In this case, `IsPasswordResetWithOTP` should be `true`.
 
 ```ts
-await loginClient.resetPassword(
-  "john.smith@example.com",
-  true
-);
+await loginClient.resetPassword("john.smith@example.com", true);
 ```
 
 #### Full API request
-Request sent for the usage example above:
 
 ```json
 {
@@ -862,6 +861,27 @@ Request sent for the usage example above:
 }
 ```
 
+#### Link-based password reset initiation
+
+Use this when the password reset flow should be handled from an email link.
+In this case, `IsPasswordResetWithOTP` should be omitted by passing `false` or
+leaving the second argument out.
+
+```ts
+await loginClient.resetPassword("john.smith@example.com", false);
+```
+
+Effective request body:
+
+```json
+{
+  "Data": {
+    "Email": "john.smith@example.com",
+    "TenantID": "test-tenant"
+  }
+}
+```
+
 `Authorization: Bearer eyJ_id_token_example` may also be included when an ID token
 is already stored.
 
@@ -885,23 +905,32 @@ Status:
 
 ### Reset Password Confirm
 
-Public signature: `loginClient.resetPasswordConfirm(email, password, code, isPasswordResetWithOTP?)`
+`resetPasswordConfirm` supports both OTP-based and link-based confirmation
+flows.
+
+If `IsPasswordResetWithOTP` is `true`, `Code` is required. If
+`IsPasswordResetWithOTP` is not `true`, `Token` is required. For the
+link-based flow, the frontend is responsible for taking the token from the
+password reset email link and passing that token in the payload.
 
-`TenantID` is injected automatically from `configure(...)`.
-If an ID token is already available, the client may also include an
-`Authorization` header.
+#### OTP-based password reset confirmation
+
+Use this when the password reset flow was started with OTP. In this case,
+`IsPasswordResetWithOTP` should be `true` and `Code` should contain the final
+reset code.
 
 ```ts
-await loginClient.resetPasswordConfirm(
-  "john.smith@example.com",
-  "ExamplePassword123!",
-  "123456",
-  true
-);
+await loginClient.resetPasswordConfirm({
+  Data: {
+    Email: "john.smith@example.com",
+    Password: "ExamplePassword123!",
+    IsPasswordResetWithOTP: true,
+    Code: "123456"
+  }
+});
 ```
 
-#### Full API request
-Request sent for the usage example above:
+Request body:
 
 ```json
 {
@@ -909,12 +938,42 @@ Request sent for the usage example above:
     "Email": "john.smith@example.com",
     "TenantID": "test-tenant",
     "Password": "ExamplePassword123!",
-    "code": "123456",
+    "Code": "123456",
     "IsPasswordResetWithOTP": true
   }
 }
 ```
 
+#### Link-based password reset confirmation
+
+Use this when the password reset flow was started from an email link. In this
+case, `Token` should be included in the payload, the frontend should read the
+token value from the password reset email link and send that token in the
+request payload, and `IsPasswordResetWithOTP` should be omitted or `false`.
+
+```ts
+await loginClient.resetPasswordConfirm({
+  Data: {
+    Email: "john.smith@example.com",
+    Password: "ExamplePassword123!",
+    Token: "token-from-email-link"
+  }
+});
+```
+
+Effective request body:
+
+```json
+{
+  "Data": {
+    "Email": "john.smith@example.com",
+    "TenantID": "test-tenant",
+    "Password": "ExamplePassword123!",
+    "Token": "token-from-email-link"
+  }
+}
+```
+
 `Authorization: Bearer eyJ_id_token_example` may also be included when an ID token
 is already stored.
 
@@ -975,6 +1034,13 @@ Status:
     "RefreshToken": "eyJ_refresh_token_example",
     "AccessToken": "eyJ_access_token_example",
     "IDToken": "eyJ_id_token_example",
+    "EHR": null,
+    "ErrorMessage": null,
+    "HasInsurance": false,
+    "HasIDCard": false,
+    "HasSelfie": false,
+    "Attributes": null,
+    "ID": null,
     "TenantID": "test-tenant",
     "Expiration": "2030-01-01T00:00:00.000Z",
     "Type": 0
@@ -1237,17 +1303,12 @@ eyJ_id_token_example
 
 ## API Key
 
-All outgoing requests from `HCLoginClient` can include an optional API key header.
+Use `setApiKey(...)` to attach an API key header to requests from `HCLoginClient`.
 
 ```ts
 const apiKey = process.env.HEALTHCLOUD_API_KEY;
-
-if (apiKey) {
-  loginClient.setApiKey("x-api-key", apiKey);
-}
+loginClient.setApiKey("x-api-key", apiKey);
 ```
 
 - Header name should be `x-api-key`.
-- API key is optional unless required by the backend.
-- If not set, behavior remains unchanged and the header is omitted.
 - The header is applied to registration, onboarding, login, token refresh, password reset, and authenticated patient header requests.

package/dist/index.cjs

@@ -219,15 +219,9 @@ var HCLoginClient = class {
     this.ensureConfigured();
     const requestPayload = {
       Data: {
-        FirstName: "",
-        LastName: "",
         Email: email,
         Password: password,
-        TenantID: this.config.tenantID,
-        AppPoolID: "",
-        GoogleIdToken: "",
-        AppleIdToken: "",
-        AppleCode: ""
+        TenantID: this.config.tenantID
       }
     };
     const resp = await this.http.post(
@@ -275,14 +269,14 @@ var HCLoginClient = class {
     this.tokens = tokens;
     return tokens;
   }
-  async resetPassword(email, isPasswordResetWithOTP = true) {
+  async resetPassword(email, isPasswordResetWithOTP = false) {
     var _a;
     this.ensureConfigured();
     const requestPayload = {
       Data: {
         Email: email,
         TenantID: this.config.tenantID,
-        IsPasswordResetWithOTP: isPasswordResetWithOTP
+        ...isPasswordResetWithOTP === true ? { IsPasswordResetWithOTP: true } : {}
       }
     };
     await this.http.post(
@@ -296,21 +290,24 @@ var HCLoginClient = class {
       }
     );
   }
-  async resetPasswordConfirm(email, password, code, isPasswordResetWithOTP = true) {
+  async resetPasswordConfirm(payload) {
     var _a;
     this.ensureConfigured();
-    const requestPayload = {
-      Data: {
-        Email: email,
-        TenantID: this.config.tenantID,
-        Password: password,
-        code,
-        IsPasswordResetWithOTP: isPasswordResetWithOTP
-      }
-    };
+    const isOtpFlow = payload.Data.IsPasswordResetWithOTP === true;
+    if (isOtpFlow && !payload.Data.Code) {
+      throw new Error("Code is required for OTP password reset confirmation.");
+    }
+    if (!isOtpFlow && !payload.Data.Token) {
+      throw new Error("Token is required for link-based password reset confirmation.");
+    }
     await this.http.post(
       `${this.config.baseUrl}/patient/password`,
-      requestPayload,
+      {
+        Data: {
+          ...payload.Data,
+          TenantID: this.config.tenantID
+        }
+      },
       {
         "Content-Type": "application/json",
         "X-Tenant-ID": this.config.tenantID,

package/dist/index.d.cts

@@ -39,17 +39,26 @@ interface VerifyEmailOptions {
     attributes?: Record<string, string>;
 }
 interface LoginBody {
-    FirstName: string;
-    LastName: string;
+    FirstName?: string;
+    LastName?: string;
     Email: string;
+    UserName?: string;
     Password: string;
-    TenantID: string;
-    AppPoolID: string;
-    GoogleIdToken: string;
-    AppleIdToken: string;
-    AppleCode: string;
+    PoolID?: string;
+    AppPoolID?: string;
+    AppClientID?: string;
+    TenantID?: string;
+    Token?: string;
+    Type?: number;
+    AppleIdToken?: string;
+    AppleCode?: string;
+    GoogleIdToken?: string;
+    IsPasswordResetWithOTP?: boolean;
+    Code?: string;
+    Language?: string;
 }
 type LoginRequest = ApiRequest<LoginBody>;
+type LoginPayload = LoginRequest;
 interface RefreshBody {
     RefreshToken: string;
     TenantID: string;
@@ -58,17 +67,24 @@ type RefreshRequest = ApiRequest<RefreshBody>;
 interface ResetBody {
     Email: string;
     TenantID: string;
-    IsPasswordResetWithOTP: boolean;
+    IsPasswordResetWithOTP?: boolean;
 }
 type ResetRequest = ApiRequest<ResetBody>;
-interface ResetConfirmBody {
+type ResetConfirmBody = {
     Email: string;
-    TenantID: string;
     Password: string;
-    code: string;
-    IsPasswordResetWithOTP: boolean;
-}
+    IsPasswordResetWithOTP: true;
+    Code: string;
+    Token?: string;
+} | {
+    Email: string;
+    Password: string;
+    Token: string;
+    IsPasswordResetWithOTP?: false;
+    Code?: string;
+};
 type ResetConfirmRequest = ApiRequest<ResetConfirmBody>;
+type ResetPasswordConfirmPayload = ResetConfirmRequest;
 interface RegisterCredentials {
     Email: string;
     Password: string;
@@ -204,7 +220,7 @@ declare class HCLoginClient {
     login(email: string, password: string): Promise<AuthTokens>;
     refreshToken(): Promise<AuthTokens>;
     resetPassword(email: string, isPasswordResetWithOTP?: boolean): Promise<void>;
-    resetPasswordConfirm(email: string, password: string, code: string, isPasswordResetWithOTP?: boolean): Promise<void>;
+    resetPasswordConfirm(payload: ResetPasswordConfirmPayload): Promise<void>;
     getAccessToken(): string | undefined;
     getIDToken(): string | undefined;
     getUserInfo(): Promise<unknown>;
@@ -234,4 +250,4 @@ declare class HttpError extends Error {
     constructor(status: number, message: string);
 }
 
-export { type Address, type ApiRequest, AuthError, type AuthTokens, ConfigError, type Environment, HCLoginClient, type HealthProfile, HttpError, type LoginBody, type LoginConfig, type LoginRequest, type OnboardBody, type OnboardInput, type OnboardRequest, type OnboardUser, type OnboardingStep, type RefreshBody, type RefreshRequest, type Region, type RegisterAttributes, type RegisterBody, type RegisterCredentials, type RegisterFullBody, type RegisterFullOptions, type RegisterFullRequest, type RegisterFullUser, type RegisterOptions, type RegisterOpts, type RegisterRequest, type RegisterUser, type ResetBody, type ResetConfirmBody, type ResetConfirmRequest, type ResetRequest, type SmsData, type UserInfo, type VerifyEmailOptions };
+export { type Address, type ApiRequest, AuthError, type AuthTokens, ConfigError, type Environment, HCLoginClient, type HealthProfile, HttpError, type LoginBody, type LoginConfig, type LoginPayload, type LoginRequest, type OnboardBody, type OnboardInput, type OnboardRequest, type OnboardUser, type OnboardingStep, type RefreshBody, type RefreshRequest, type Region, type RegisterAttributes, type RegisterBody, type RegisterCredentials, type RegisterFullBody, type RegisterFullOptions, type RegisterFullRequest, type RegisterFullUser, type RegisterOptions, type RegisterOpts, type RegisterRequest, type RegisterUser, type ResetBody, type ResetConfirmBody, type ResetConfirmRequest, type ResetPasswordConfirmPayload, type ResetRequest, type SmsData, type UserInfo, type VerifyEmailOptions };

package/dist/index.d.ts

@@ -39,17 +39,26 @@ interface VerifyEmailOptions {
     attributes?: Record<string, string>;
 }
 interface LoginBody {
-    FirstName: string;
-    LastName: string;
+    FirstName?: string;
+    LastName?: string;
     Email: string;
+    UserName?: string;
     Password: string;
-    TenantID: string;
-    AppPoolID: string;
-    GoogleIdToken: string;
-    AppleIdToken: string;
-    AppleCode: string;
+    PoolID?: string;
+    AppPoolID?: string;
+    AppClientID?: string;
+    TenantID?: string;
+    Token?: string;
+    Type?: number;
+    AppleIdToken?: string;
+    AppleCode?: string;
+    GoogleIdToken?: string;
+    IsPasswordResetWithOTP?: boolean;
+    Code?: string;
+    Language?: string;
 }
 type LoginRequest = ApiRequest<LoginBody>;
+type LoginPayload = LoginRequest;
 interface RefreshBody {
     RefreshToken: string;
     TenantID: string;
@@ -58,17 +67,24 @@ type RefreshRequest = ApiRequest<RefreshBody>;
 interface ResetBody {
     Email: string;
     TenantID: string;
-    IsPasswordResetWithOTP: boolean;
+    IsPasswordResetWithOTP?: boolean;
 }
 type ResetRequest = ApiRequest<ResetBody>;
-interface ResetConfirmBody {
+type ResetConfirmBody = {
     Email: string;
-    TenantID: string;
     Password: string;
-    code: string;
-    IsPasswordResetWithOTP: boolean;
-}
+    IsPasswordResetWithOTP: true;
+    Code: string;
+    Token?: string;
+} | {
+    Email: string;
+    Password: string;
+    Token: string;
+    IsPasswordResetWithOTP?: false;
+    Code?: string;
+};
 type ResetConfirmRequest = ApiRequest<ResetConfirmBody>;
+type ResetPasswordConfirmPayload = ResetConfirmRequest;
 interface RegisterCredentials {
     Email: string;
     Password: string;
@@ -204,7 +220,7 @@ declare class HCLoginClient {
     login(email: string, password: string): Promise<AuthTokens>;
     refreshToken(): Promise<AuthTokens>;
     resetPassword(email: string, isPasswordResetWithOTP?: boolean): Promise<void>;
-    resetPasswordConfirm(email: string, password: string, code: string, isPasswordResetWithOTP?: boolean): Promise<void>;
+    resetPasswordConfirm(payload: ResetPasswordConfirmPayload): Promise<void>;
     getAccessToken(): string | undefined;
     getIDToken(): string | undefined;
     getUserInfo(): Promise<unknown>;
@@ -234,4 +250,4 @@ declare class HttpError extends Error {
     constructor(status: number, message: string);
 }
 
-export { type Address, type ApiRequest, AuthError, type AuthTokens, ConfigError, type Environment, HCLoginClient, type HealthProfile, HttpError, type LoginBody, type LoginConfig, type LoginRequest, type OnboardBody, type OnboardInput, type OnboardRequest, type OnboardUser, type OnboardingStep, type RefreshBody, type RefreshRequest, type Region, type RegisterAttributes, type RegisterBody, type RegisterCredentials, type RegisterFullBody, type RegisterFullOptions, type RegisterFullRequest, type RegisterFullUser, type RegisterOptions, type RegisterOpts, type RegisterRequest, type RegisterUser, type ResetBody, type ResetConfirmBody, type ResetConfirmRequest, type ResetRequest, type SmsData, type UserInfo, type VerifyEmailOptions };
+export { type Address, type ApiRequest, AuthError, type AuthTokens, ConfigError, type Environment, HCLoginClient, type HealthProfile, HttpError, type LoginBody, type LoginConfig, type LoginPayload, type LoginRequest, type OnboardBody, type OnboardInput, type OnboardRequest, type OnboardUser, type OnboardingStep, type RefreshBody, type RefreshRequest, type Region, type RegisterAttributes, type RegisterBody, type RegisterCredentials, type RegisterFullBody, type RegisterFullOptions, type RegisterFullRequest, type RegisterFullUser, type RegisterOptions, type RegisterOpts, type RegisterRequest, type RegisterUser, type ResetBody, type ResetConfirmBody, type ResetConfirmRequest, type ResetPasswordConfirmPayload, type ResetRequest, type SmsData, type UserInfo, type VerifyEmailOptions };

package/dist/index.js

@@ -190,15 +190,9 @@ var HCLoginClient = class {
     this.ensureConfigured();
     const requestPayload = {
       Data: {
-        FirstName: "",
-        LastName: "",
         Email: email,
         Password: password,
-        TenantID: this.config.tenantID,
-        AppPoolID: "",
-        GoogleIdToken: "",
-        AppleIdToken: "",
-        AppleCode: ""
+        TenantID: this.config.tenantID
       }
     };
     const resp = await this.http.post(
@@ -246,14 +240,14 @@ var HCLoginClient = class {
     this.tokens = tokens;
     return tokens;
   }
-  async resetPassword(email, isPasswordResetWithOTP = true) {
+  async resetPassword(email, isPasswordResetWithOTP = false) {
     var _a;
     this.ensureConfigured();
     const requestPayload = {
       Data: {
         Email: email,
         TenantID: this.config.tenantID,
-        IsPasswordResetWithOTP: isPasswordResetWithOTP
+        ...isPasswordResetWithOTP === true ? { IsPasswordResetWithOTP: true } : {}
       }
     };
     await this.http.post(
@@ -267,21 +261,24 @@ var HCLoginClient = class {
       }
     );
   }
-  async resetPasswordConfirm(email, password, code, isPasswordResetWithOTP = true) {
+  async resetPasswordConfirm(payload) {
     var _a;
     this.ensureConfigured();
-    const requestPayload = {
-      Data: {
-        Email: email,
-        TenantID: this.config.tenantID,
-        Password: password,
-        code,
-        IsPasswordResetWithOTP: isPasswordResetWithOTP
-      }
-    };
+    const isOtpFlow = payload.Data.IsPasswordResetWithOTP === true;
+    if (isOtpFlow && !payload.Data.Code) {
+      throw new Error("Code is required for OTP password reset confirmation.");
+    }
+    if (!isOtpFlow && !payload.Data.Token) {
+      throw new Error("Token is required for link-based password reset confirmation.");
+    }
     await this.http.post(
       `${this.config.baseUrl}/patient/password`,
-      requestPayload,
+      {
+        Data: {
+          ...payload.Data,
+          TenantID: this.config.tenantID
+        }
+      },
       {
         "Content-Type": "application/json",
         "X-Tenant-ID": this.config.tenantID,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@healthcloudai/hc-login-connector",
-  "version": "0.0.13",
+  "version": "0.0.14",
   "description": "Healthcheck Login authentication SDK with TypeScrip and token refresh",
   "author": "Healthcheck Systems Inc",
   "license": "MIT",