@inkeep/agents-core 0.53.1 → 0.53.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/dist/auth/auth-schema.d.ts +107 -107
  2. package/dist/auth/auth-validation-schemas.d.ts +135 -135
  3. package/dist/auth/auth.d.ts +462 -433
  4. package/dist/auth/permissions.d.ts +13 -13
  5. package/dist/data-access/runtime/apiKeys.d.ts +8 -8
  6. package/dist/data-access/runtime/conversations.d.ts +4 -4
  7. package/dist/data-access/runtime/messages.d.ts +9 -9
  8. package/dist/data-access/runtime/scheduledTriggerInvocations.d.ts +3 -3
  9. package/dist/data-access/runtime/tasks.d.ts +1 -1
  10. package/dist/db/manage/manage-schema.d.ts +445 -445
  11. package/dist/db/runtime/runtime-schema.d.ts +294 -294
  12. package/dist/middleware/no-auth.d.ts +2 -2
  13. package/dist/utils/error.d.ts +51 -51
  14. package/dist/utils/slack-link-token.d.ts +2 -0
  15. package/dist/utils/slack-link-token.js +2 -1
  16. package/dist/validation/schemas.d.ts +1327 -1327
  17. package/package.json +3 -3
package/dist/auth/auth.d.ts CHANGED
@@ -3,7 +3,7 @@ import * as zod0 from "zod";
3
3
  import * as better_auth0 from "better-auth";
4
4
  import { BetterAuthAdvancedOptions } from "better-auth";
5
5
  import * as _better_auth_sso0 from "@better-auth/sso";
6
- import * as better_auth_plugins20 from "better-auth/plugins";
6
+ import * as better_auth_plugins0 from "better-auth/plugins";
7
7
  import { GoogleOptions } from "better-auth/social-providers";
8
8
 
9
9
  //#region src/auth/auth.d.ts
@@ -153,6 +153,7 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
153
153
  clientSecret?: string | undefined;
154
154
  scope?: string[] | undefined;
155
155
  disableDefaultScope?: boolean | undefined;
156
+ authorizationEndpoint?: string | undefined;
156
157
  clientKey?: string | undefined;
157
158
  disableIdTokenSignIn?: boolean | undefined;
158
159
  verifyIdToken?: ((token: string, nonce?: string) => Promise<boolean>) | undefined;
@@ -203,6 +204,7 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
203
204
  ipAddress?: {
204
205
  ipAddressHeaders?: string[];
205
206
  disableIpTracking?: boolean;
207
+ ipv6Subnet?: 128 | 64 | 48 | 32 | undefined;
206
208
  } | undefined;
207
209
  useSecureCookies?: boolean | undefined;
208
210
  disableCSRFCheck?: boolean | undefined;
@@ -227,8 +229,9 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
227
229
  } | undefined;
228
230
  trustedProxyHeaders?: boolean | undefined;
229
231
  backgroundTasks?: {
230
- handler: (promise: Promise<void>) => void;
232
+ handler: (promise: Promise<unknown>) => void;
231
233
  };
234
+ skipTrailingSlashes?: boolean | undefined;
232
235
  };
233
236
  trustedOrigins: string[];
234
237
  plugins: [{
@@ -247,7 +250,7 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
247
250
  handler: (inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<void>;
248
251
  }[];
249
252
  };
250
- options: better_auth_plugins20.BearerOptions | undefined;
253
+ options: better_auth_plugins0.BearerOptions | undefined;
251
254
  }, {
252
255
  id: "sso";
253
256
  endpoints: {
@@ -667,11 +670,14 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
667
670
  };
668
671
  }, never>>;
669
672
  callbackSSOSAML: ReturnType<(options?: _better_auth_sso0.SSOOptions) => better_auth0.StrictEndpoint<"/sso/saml2/callback/:providerId", {
670
- method: "POST";
671
- body: zod0.ZodObject<{
673
+ method: ("POST" | "GET")[];
674
+ body: zod0.ZodOptional<zod0.ZodObject<{
672
675
  SAMLResponse: zod0.ZodString;
673
676
  RelayState: zod0.ZodOptional<zod0.ZodString>;
674
- }, better_auth0.$strip>;
677
+ }, better_auth0.$strip>>;
678
+ query: zod0.ZodOptional<zod0.ZodObject<{
679
+ RelayState: zod0.ZodOptional<zod0.ZodString>;
680
+ }, better_auth0.$strip>>;
675
681
  metadata: {
676
682
  allowedMediaTypes: string[];
677
683
  openapi: {
@@ -695,9 +701,6 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
695
701
  }, never>>;
696
702
  acsEndpoint: ReturnType<(options?: _better_auth_sso0.SSOOptions) => better_auth0.StrictEndpoint<"/sso/saml2/sp/acs/:providerId", {
697
703
  method: "POST";
698
- params: zod0.ZodObject<{
699
- providerId: zod0.ZodOptional<zod0.ZodString>;
700
- }, better_auth0.$strip>;
701
704
  body: zod0.ZodObject<{
702
705
  SAMLResponse: zod0.ZodString;
703
706
  RelayState: zod0.ZodOptional<zod0.ZodString>;
@@ -717,6 +720,371 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
717
720
  scope: "server";
718
721
  };
719
722
  }, never>>;
723
+ listSSOProviders: ReturnType<() => better_auth0.StrictEndpoint<"/sso/providers", {
724
+ method: "GET";
725
+ use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
726
+ session: {
727
+ session: Record<string, any> & {
728
+ id: string;
729
+ createdAt: Date;
730
+ updatedAt: Date;
731
+ userId: string;
732
+ expiresAt: Date;
733
+ token: string;
734
+ ipAddress?: string | null | undefined;
735
+ userAgent?: string | null | undefined;
736
+ };
737
+ user: Record<string, any> & {
738
+ id: string;
739
+ createdAt: Date;
740
+ updatedAt: Date;
741
+ email: string;
742
+ emailVerified: boolean;
743
+ name: string;
744
+ image?: string | null | undefined;
745
+ };
746
+ };
747
+ }>)[];
748
+ metadata: {
749
+ openapi: {
750
+ operationId: string;
751
+ summary: string;
752
+ description: string;
753
+ responses: {
754
+ "200": {
755
+ description: string;
756
+ };
757
+ };
758
+ };
759
+ };
760
+ }, {
761
+ providers: {
762
+ providerId: string;
763
+ type: string;
764
+ issuer: string;
765
+ domain: string;
766
+ organizationId: string | null;
767
+ domainVerified: boolean;
768
+ oidcConfig: {
769
+ discoveryEndpoint: string;
770
+ clientIdLastFour: string;
771
+ pkce: boolean;
772
+ authorizationEndpoint: string | undefined;
773
+ tokenEndpoint: string | undefined;
774
+ userInfoEndpoint: string | undefined;
775
+ jwksEndpoint: string | undefined;
776
+ scopes: string[] | undefined;
777
+ tokenEndpointAuthentication: "client_secret_post" | "client_secret_basic" | undefined;
778
+ } | undefined;
779
+ samlConfig: {
780
+ entryPoint: string;
781
+ callbackUrl: string;
782
+ audience: string | undefined;
783
+ wantAssertionsSigned: boolean | undefined;
784
+ identifierFormat: string | undefined;
785
+ signatureAlgorithm: string | undefined;
786
+ digestAlgorithm: string | undefined;
787
+ certificate: {
788
+ fingerprintSha256: string;
789
+ notBefore: string;
790
+ notAfter: string;
791
+ publicKeyAlgorithm: string;
792
+ } | {
793
+ error: string;
794
+ };
795
+ } | undefined;
796
+ spMetadataUrl: string;
797
+ }[];
798
+ }>>;
799
+ getSSOProvider: ReturnType<() => better_auth0.StrictEndpoint<"/sso/providers/:providerId", {
800
+ method: "GET";
801
+ use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
802
+ session: {
803
+ session: Record<string, any> & {
804
+ id: string;
805
+ createdAt: Date;
806
+ updatedAt: Date;
807
+ userId: string;
808
+ expiresAt: Date;
809
+ token: string;
810
+ ipAddress?: string | null | undefined;
811
+ userAgent?: string | null | undefined;
812
+ };
813
+ user: Record<string, any> & {
814
+ id: string;
815
+ createdAt: Date;
816
+ updatedAt: Date;
817
+ email: string;
818
+ emailVerified: boolean;
819
+ name: string;
820
+ image?: string | null | undefined;
821
+ };
822
+ };
823
+ }>)[];
824
+ params: zod0.ZodObject<{
825
+ providerId: zod0.ZodString;
826
+ }, better_auth0.$strip>;
827
+ metadata: {
828
+ openapi: {
829
+ operationId: string;
830
+ summary: string;
831
+ description: string;
832
+ responses: {
833
+ "200": {
834
+ description: string;
835
+ };
836
+ "404": {
837
+ description: string;
838
+ };
839
+ "403": {
840
+ description: string;
841
+ };
842
+ };
843
+ };
844
+ };
845
+ }, {
846
+ providerId: string;
847
+ type: string;
848
+ issuer: string;
849
+ domain: string;
850
+ organizationId: string | null;
851
+ domainVerified: boolean;
852
+ oidcConfig: {
853
+ discoveryEndpoint: string;
854
+ clientIdLastFour: string;
855
+ pkce: boolean;
856
+ authorizationEndpoint: string | undefined;
857
+ tokenEndpoint: string | undefined;
858
+ userInfoEndpoint: string | undefined;
859
+ jwksEndpoint: string | undefined;
860
+ scopes: string[] | undefined;
861
+ tokenEndpointAuthentication: "client_secret_post" | "client_secret_basic" | undefined;
862
+ } | undefined;
863
+ samlConfig: {
864
+ entryPoint: string;
865
+ callbackUrl: string;
866
+ audience: string | undefined;
867
+ wantAssertionsSigned: boolean | undefined;
868
+ identifierFormat: string | undefined;
869
+ signatureAlgorithm: string | undefined;
870
+ digestAlgorithm: string | undefined;
871
+ certificate: {
872
+ fingerprintSha256: string;
873
+ notBefore: string;
874
+ notAfter: string;
875
+ publicKeyAlgorithm: string;
876
+ } | {
877
+ error: string;
878
+ };
879
+ } | undefined;
880
+ spMetadataUrl: string;
881
+ }>>;
882
+ updateSSOProvider: ReturnType<(options: _better_auth_sso0.SSOOptions) => better_auth0.StrictEndpoint<"/sso/providers/:providerId", {
883
+ method: "PATCH";
884
+ use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
885
+ session: {
886
+ session: Record<string, any> & {
887
+ id: string;
888
+ createdAt: Date;
889
+ updatedAt: Date;
890
+ userId: string;
891
+ expiresAt: Date;
892
+ token: string;
893
+ ipAddress?: string | null | undefined;
894
+ userAgent?: string | null | undefined;
895
+ };
896
+ user: Record<string, any> & {
897
+ id: string;
898
+ createdAt: Date;
899
+ updatedAt: Date;
900
+ email: string;
901
+ emailVerified: boolean;
902
+ name: string;
903
+ image?: string | null | undefined;
904
+ };
905
+ };
906
+ }>)[];
907
+ params: zod0.ZodObject<{
908
+ providerId: zod0.ZodString;
909
+ }, better_auth0.$strip>;
910
+ body: zod0.ZodObject<{
911
+ issuer: zod0.ZodOptional<zod0.ZodString>;
912
+ domain: zod0.ZodOptional<zod0.ZodString>;
913
+ oidcConfig: zod0.ZodOptional<zod0.ZodObject<{
914
+ clientId: zod0.ZodOptional<zod0.ZodString>;
915
+ clientSecret: zod0.ZodOptional<zod0.ZodString>;
916
+ authorizationEndpoint: zod0.ZodOptional<zod0.ZodString>;
917
+ tokenEndpoint: zod0.ZodOptional<zod0.ZodString>;
918
+ userInfoEndpoint: zod0.ZodOptional<zod0.ZodString>;
919
+ tokenEndpointAuthentication: zod0.ZodOptional<zod0.ZodEnum<{
920
+ client_secret_post: "client_secret_post";
921
+ client_secret_basic: "client_secret_basic";
922
+ }>>;
923
+ jwksEndpoint: zod0.ZodOptional<zod0.ZodString>;
924
+ discoveryEndpoint: zod0.ZodOptional<zod0.ZodString>;
925
+ scopes: zod0.ZodOptional<zod0.ZodArray<zod0.ZodString>>;
926
+ pkce: zod0.ZodOptional<zod0.ZodBoolean>;
927
+ overrideUserInfo: zod0.ZodOptional<zod0.ZodBoolean>;
928
+ mapping: zod0.ZodOptional<zod0.ZodObject<{
929
+ id: zod0.ZodOptional<zod0.ZodString>;
930
+ email: zod0.ZodOptional<zod0.ZodString>;
931
+ emailVerified: zod0.ZodOptional<zod0.ZodString>;
932
+ name: zod0.ZodOptional<zod0.ZodString>;
933
+ image: zod0.ZodOptional<zod0.ZodString>;
934
+ extraFields: zod0.ZodOptional<zod0.ZodRecord<zod0.ZodString, zod0.ZodAny>>;
935
+ }, better_auth0.$strip>>;
936
+ }, better_auth0.$strip>>;
937
+ samlConfig: zod0.ZodOptional<zod0.ZodObject<{
938
+ entryPoint: zod0.ZodOptional<zod0.ZodString>;
939
+ cert: zod0.ZodOptional<zod0.ZodString>;
940
+ callbackUrl: zod0.ZodOptional<zod0.ZodString>;
941
+ audience: zod0.ZodOptional<zod0.ZodString>;
942
+ idpMetadata: zod0.ZodOptional<zod0.ZodObject<{
943
+ metadata: zod0.ZodOptional<zod0.ZodString>;
944
+ entityID: zod0.ZodOptional<zod0.ZodString>;
945
+ cert: zod0.ZodOptional<zod0.ZodString>;
946
+ privateKey: zod0.ZodOptional<zod0.ZodString>;
947
+ privateKeyPass: zod0.ZodOptional<zod0.ZodString>;
948
+ isAssertionEncrypted: zod0.ZodOptional<zod0.ZodBoolean>;
949
+ encPrivateKey: zod0.ZodOptional<zod0.ZodString>;
950
+ encPrivateKeyPass: zod0.ZodOptional<zod0.ZodString>;
951
+ singleSignOnService: zod0.ZodOptional<zod0.ZodArray<zod0.ZodObject<{
952
+ Binding: zod0.ZodString;
953
+ Location: zod0.ZodString;
954
+ }, better_auth0.$strip>>>;
955
+ }, better_auth0.$strip>>;
956
+ spMetadata: zod0.ZodOptional<zod0.ZodObject<{
957
+ metadata: zod0.ZodOptional<zod0.ZodString>;
958
+ entityID: zod0.ZodOptional<zod0.ZodString>;
959
+ binding: zod0.ZodOptional<zod0.ZodString>;
960
+ privateKey: zod0.ZodOptional<zod0.ZodString>;
961
+ privateKeyPass: zod0.ZodOptional<zod0.ZodString>;
962
+ isAssertionEncrypted: zod0.ZodOptional<zod0.ZodBoolean>;
963
+ encPrivateKey: zod0.ZodOptional<zod0.ZodString>;
964
+ encPrivateKeyPass: zod0.ZodOptional<zod0.ZodString>;
965
+ }, better_auth0.$strip>>;
966
+ wantAssertionsSigned: zod0.ZodOptional<zod0.ZodBoolean>;
967
+ signatureAlgorithm: zod0.ZodOptional<zod0.ZodString>;
968
+ digestAlgorithm: zod0.ZodOptional<zod0.ZodString>;
969
+ identifierFormat: zod0.ZodOptional<zod0.ZodString>;
970
+ privateKey: zod0.ZodOptional<zod0.ZodString>;
971
+ decryptionPvk: zod0.ZodOptional<zod0.ZodString>;
972
+ additionalParams: zod0.ZodOptional<zod0.ZodRecord<zod0.ZodString, zod0.ZodAny>>;
973
+ mapping: zod0.ZodOptional<zod0.ZodObject<{
974
+ id: zod0.ZodOptional<zod0.ZodString>;
975
+ email: zod0.ZodOptional<zod0.ZodString>;
976
+ emailVerified: zod0.ZodOptional<zod0.ZodString>;
977
+ name: zod0.ZodOptional<zod0.ZodString>;
978
+ firstName: zod0.ZodOptional<zod0.ZodString>;
979
+ lastName: zod0.ZodOptional<zod0.ZodString>;
980
+ extraFields: zod0.ZodOptional<zod0.ZodRecord<zod0.ZodString, zod0.ZodAny>>;
981
+ }, better_auth0.$strip>>;
982
+ }, better_auth0.$strip>>;
983
+ }, better_auth0.$strip>;
984
+ metadata: {
985
+ openapi: {
986
+ operationId: string;
987
+ summary: string;
988
+ description: string;
989
+ responses: {
990
+ "200": {
991
+ description: string;
992
+ };
993
+ "404": {
994
+ description: string;
995
+ };
996
+ "403": {
997
+ description: string;
998
+ };
999
+ };
1000
+ };
1001
+ };
1002
+ }, {
1003
+ providerId: string;
1004
+ type: string;
1005
+ issuer: string;
1006
+ domain: string;
1007
+ organizationId: string | null;
1008
+ domainVerified: boolean;
1009
+ oidcConfig: {
1010
+ discoveryEndpoint: string;
1011
+ clientIdLastFour: string;
1012
+ pkce: boolean;
1013
+ authorizationEndpoint: string | undefined;
1014
+ tokenEndpoint: string | undefined;
1015
+ userInfoEndpoint: string | undefined;
1016
+ jwksEndpoint: string | undefined;
1017
+ scopes: string[] | undefined;
1018
+ tokenEndpointAuthentication: "client_secret_post" | "client_secret_basic" | undefined;
1019
+ } | undefined;
1020
+ samlConfig: {
1021
+ entryPoint: string;
1022
+ callbackUrl: string;
1023
+ audience: string | undefined;
1024
+ wantAssertionsSigned: boolean | undefined;
1025
+ identifierFormat: string | undefined;
1026
+ signatureAlgorithm: string | undefined;
1027
+ digestAlgorithm: string | undefined;
1028
+ certificate: {
1029
+ fingerprintSha256: string;
1030
+ notBefore: string;
1031
+ notAfter: string;
1032
+ publicKeyAlgorithm: string;
1033
+ } | {
1034
+ error: string;
1035
+ };
1036
+ } | undefined;
1037
+ spMetadataUrl: string;
1038
+ }>>;
1039
+ deleteSSOProvider: ReturnType<() => better_auth0.StrictEndpoint<"/sso/providers/:providerId", {
1040
+ method: "DELETE";
1041
+ use: ((inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<{
1042
+ session: {
1043
+ session: Record<string, any> & {
1044
+ id: string;
1045
+ createdAt: Date;
1046
+ updatedAt: Date;
1047
+ userId: string;
1048
+ expiresAt: Date;
1049
+ token: string;
1050
+ ipAddress?: string | null | undefined;
1051
+ userAgent?: string | null | undefined;
1052
+ };
1053
+ user: Record<string, any> & {
1054
+ id: string;
1055
+ createdAt: Date;
1056
+ updatedAt: Date;
1057
+ email: string;
1058
+ emailVerified: boolean;
1059
+ name: string;
1060
+ image?: string | null | undefined;
1061
+ };
1062
+ };
1063
+ }>)[];
1064
+ params: zod0.ZodObject<{
1065
+ providerId: zod0.ZodString;
1066
+ }, better_auth0.$strip>;
1067
+ metadata: {
1068
+ openapi: {
1069
+ operationId: string;
1070
+ summary: string;
1071
+ description: string;
1072
+ responses: {
1073
+ "200": {
1074
+ description: string;
1075
+ };
1076
+ "404": {
1077
+ description: string;
1078
+ };
1079
+ "403": {
1080
+ description: string;
1081
+ };
1082
+ };
1083
+ };
1084
+ };
1085
+ }, {
1086
+ success: boolean;
1087
+ }>>;
720
1088
  } & {
721
1089
  requestDomainVerification: ReturnType<(options: _better_auth_sso0.SSOOptions) => better_auth0.StrictEndpoint<"/sso/request-domain-verification", {
722
1090
  method: "POST";
@@ -816,7 +1184,7 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
816
1184
  }>)[];
817
1185
  }, void>>;
818
1186
  };
819
- schema: any;
1187
+ schema: NonNullable<better_auth0.BetterAuthPlugin["schema"]>;
820
1188
  options: _better_auth_sso0.SSOOptions & {
821
1189
  domainVerification?: {
822
1190
  enabled: true;
@@ -873,446 +1241,102 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
873
1241
  handler: (inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<void>;
874
1242
  }[];
875
1243
  };
876
- }, {
877
- id: "organization";
878
- endpoints: better_auth_plugins20.OrganizationEndpoints<{
879
- allowUserToCreateOrganization: true;
880
- ac: better_auth_plugins20.AccessControl;
881
- roles: {
882
- member: {
883
- authorize<K_1 extends "organization" | "member" | "project" | "team" | "ac" | "invitation">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key] | {
884
- actions: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key];
885
- connector: "OR" | "AND";
886
- } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins20.AuthorizeResponse;
887
- statements: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>;
888
- };
889
- admin: {
890
- authorize<K_1 extends "organization" | "member" | "project" | "team" | "ac" | "invitation">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key] | {
891
- actions: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key];
892
- connector: "OR" | "AND";
893
- } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins20.AuthorizeResponse;
894
- statements: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>;
895
- };
896
- owner: {
897
- authorize<K_1 extends "organization" | "member" | "project" | "team" | "ac" | "invitation">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key] | {
898
- actions: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key];
899
- connector: "OR" | "AND";
900
- } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins20.AuthorizeResponse;
901
- statements: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>;
902
- };
1244
+ }, better_auth_plugins0.DefaultOrganizationPlugin<{
1245
+ allowUserToCreateOrganization: true;
1246
+ ac: better_auth_plugins0.AccessControl;
1247
+ roles: {
1248
+ member: {
1249
+ authorize<K_1 extends "organization" | "project" | "member" | "invitation" | "ac" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"organization" | "project" | "member" | "invitation" | "ac" | "team", better_auth_plugins0.Statements>[key] | {
1250
+ actions: better_auth_plugins0.Subset<"organization" | "project" | "member" | "invitation" | "ac" | "team", better_auth_plugins0.Statements>[key];
1251
+ connector: "OR" | "AND";
1252
+ } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
1253
+ statements: better_auth_plugins0.Subset<"organization" | "project" | "member" | "invitation" | "ac" | "team", better_auth_plugins0.Statements>;
903
1254
  };
904
- creatorRole: "admin";
905
- membershipLimit: number;
906
- invitationLimit: number;
907
- invitationExpiresIn: number;
908
- sendInvitationEmail(data: {
909
- id: string;
910
- role: string;
911
- email: string;
912
- organization: better_auth_plugins20.Organization;
913
- invitation: better_auth_plugins20.Invitation;
914
- inviter: better_auth_plugins20.Member & {
915
- user: better_auth0.User;
916
- };
917
- }): Promise<void>;
918
- schema: {
919
- invitation: {
920
- additionalFields: {
921
- authMethod: {
922
- type: "string";
923
- input: true;
924
- required: false;
925
- };
926
- };
927
- };
928
- organization: {
929
- additionalFields: {
930
- preferredAuthMethod: {
931
- type: "string";
932
- input: true;
933
- required: false;
934
- };
935
- serviceAccountUserId: {
936
- type: "string";
937
- input: true;
938
- required: false;
939
- };
940
- };
941
- };
1255
+ admin: {
1256
+ authorize<K_1 extends "organization" | "project" | "member" | "invitation" | "ac" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"organization" | "project" | "member" | "invitation" | "ac" | "team", better_auth_plugins0.Statements>[key] | {
1257
+ actions: better_auth_plugins0.Subset<"organization" | "project" | "member" | "invitation" | "ac" | "team", better_auth_plugins0.Statements>[key];
1258
+ connector: "OR" | "AND";
1259
+ } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
1260
+ statements: better_auth_plugins0.Subset<"organization" | "project" | "member" | "invitation" | "ac" | "team", better_auth_plugins0.Statements>;
942
1261
  };
943
- organizationHooks: {
944
- afterAcceptInvitation: ({
945
- member,
946
- user,
947
- organization: org
948
- }: {
949
- invitation: better_auth_plugins20.Invitation & Record<string, any>;
950
- member: better_auth_plugins20.Member & Record<string, any>;
951
- user: better_auth0.User & Record<string, any>;
952
- organization: better_auth_plugins20.Organization & Record<string, any>;
953
- }) => Promise<void>;
954
- beforeUpdateMemberRole: ({
955
- member,
956
- organization: org,
957
- newRole
958
- }: {
959
- member: better_auth_plugins20.Member & Record<string, any>;
960
- newRole: string;
961
- user: better_auth0.User & Record<string, any>;
962
- organization: better_auth_plugins20.Organization & Record<string, any>;
963
- }) => Promise<void>;
964
- beforeRemoveMember: ({
965
- member,
966
- organization: org
967
- }: {
968
- member: better_auth_plugins20.Member & Record<string, any>;
969
- user: better_auth0.User & Record<string, any>;
970
- organization: better_auth_plugins20.Organization & Record<string, any>;
971
- }) => Promise<void>;
1262
+ owner: {
1263
+ authorize<K_1 extends "organization" | "project" | "member" | "invitation" | "ac" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"organization" | "project" | "member" | "invitation" | "ac" | "team", better_auth_plugins0.Statements>[key] | {
1264
+ actions: better_auth_plugins0.Subset<"organization" | "project" | "member" | "invitation" | "ac" | "team", better_auth_plugins0.Statements>[key];
1265
+ connector: "OR" | "AND";
1266
+ } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
1267
+ statements: better_auth_plugins0.Subset<"organization" | "project" | "member" | "invitation" | "ac" | "team", better_auth_plugins0.Statements>;
972
1268
  };
973
- }>;
1269
+ };
1270
+ creatorRole: "admin";
1271
+ membershipLimit: number;
1272
+ invitationLimit: number;
1273
+ invitationExpiresIn: number;
1274
+ sendInvitationEmail(data: {
1275
+ id: string;
1276
+ role: string;
1277
+ email: string;
1278
+ organization: better_auth_plugins0.Organization;
1279
+ invitation: better_auth_plugins0.Invitation;
1280
+ inviter: better_auth_plugins0.Member & {
1281
+ user: better_auth0.User;
1282
+ };
1283
+ }): Promise<void>;
974
1284
  schema: {
975
- organization: {
976
- modelName: string;
977
- fields: {
978
- name: {
979
- type: "string";
980
- required: true;
981
- sortable: true;
982
- };
983
- slug: {
984
- type: "string";
985
- required: true;
986
- unique: true;
987
- sortable: true;
988
- };
989
- logo: {
1285
+ invitation: {
1286
+ additionalFields: {
1287
+ authMethod: {
990
1288
  type: "string";
991
- required: false;
992
- };
993
- createdAt: {
994
- type: "date";
995
- required: true;
996
- };
997
- updatedAt: {
998
- type: "date";
1289
+ input: true;
999
1290
  required: false;
1000
1291
  };
1001
1292
  };
1002
1293
  };
1003
- member: {
1004
- modelName: string;
1005
- fields: {
1006
- organizationId: {
1007
- type: "string";
1008
- required: true;
1009
- references: {
1010
- model: "organization";
1011
- field: "id";
1012
- };
1013
- };
1014
- userId: {
1015
- type: "string";
1016
- required: true;
1017
- references: {
1018
- model: "user";
1019
- field: "id";
1020
- };
1021
- };
1022
- role: {
1023
- type: "string";
1024
- required: true;
1025
- defaultValue: "member";
1026
- };
1027
- createdAt: {
1028
- type: "date";
1029
- required: true;
1030
- };
1031
- };
1032
- };
1033
- invitation: {
1034
- modelName: string;
1035
- fields: {
1036
- organizationId: {
1037
- type: "string";
1038
- required: true;
1039
- references: {
1040
- model: "organization";
1041
- field: "id";
1042
- };
1043
- };
1044
- email: {
1045
- type: "string";
1046
- required: true;
1047
- sortable: true;
1048
- };
1049
- role: {
1050
- type: "string";
1051
- required: true;
1052
- sortable: true;
1053
- };
1054
- status: {
1294
+ organization: {
1295
+ additionalFields: {
1296
+ preferredAuthMethod: {
1055
1297
  type: "string";
1056
- required: true;
1057
- sortable: true;
1058
- defaultValue: "pending";
1059
- };
1060
- expiresAt: {
1061
- type: "date";
1298
+ input: true;
1062
1299
  required: false;
1063
1300
  };
1064
- createdAt: {
1065
- type: "date";
1066
- required: true;
1067
- defaultValue: Date;
1068
- };
1069
- inviterId: {
1070
- type: "string";
1071
- required: true;
1072
- references: {
1073
- model: "user";
1074
- field: "id";
1075
- };
1076
- };
1077
- };
1078
- };
1079
- session: {
1080
- fields: {
1081
- activeOrganizationId: {
1301
+ serviceAccountUserId: {
1082
1302
  type: "string";
1303
+ input: true;
1083
1304
  required: false;
1084
1305
  };
1085
1306
  };
1086
1307
  };
1087
1308
  };
1088
- $Infer: {
1089
- Organization: {
1090
- id: string;
1091
- name: string;
1092
- slug: string;
1093
- createdAt: Date;
1094
- logo?: string | null | undefined;
1095
- metadata?: any;
1096
- preferredAuthMethod?: string | undefined;
1097
- serviceAccountUserId?: string | undefined;
1098
- };
1099
- Invitation: {
1100
- id: string;
1101
- organizationId: string;
1102
- email: string;
1103
- role: "member" | "admin" | "owner";
1104
- status: better_auth_plugins20.InvitationStatus;
1105
- inviterId: string;
1106
- expiresAt: Date;
1107
- createdAt: Date;
1108
- authMethod?: string | undefined;
1109
- };
1110
- Member: {
1111
- id: string;
1112
- organizationId: string;
1113
- role: "member" | "admin" | "owner";
1114
- createdAt: Date;
1115
- userId: string;
1116
- user: {
1117
- id: string;
1118
- email: string;
1119
- name: string;
1120
- image?: string | undefined;
1121
- };
1122
- };
1123
- Team: any;
1124
- TeamMember: any;
1125
- ActiveOrganization: {
1126
- members: {
1127
- id: string;
1128
- organizationId: string;
1129
- role: "member" | "admin" | "owner";
1130
- createdAt: Date;
1131
- userId: string;
1132
- user: {
1133
- id: string;
1134
- email: string;
1135
- name: string;
1136
- image?: string | undefined;
1137
- };
1138
- }[];
1139
- invitations: {
1140
- id: string;
1141
- organizationId: string;
1142
- email: string;
1143
- role: "member" | "admin" | "owner";
1144
- status: better_auth_plugins20.InvitationStatus;
1145
- inviterId: string;
1146
- expiresAt: Date;
1147
- createdAt: Date;
1148
- authMethod?: string | undefined;
1149
- }[];
1150
- } & {
1151
- id: string;
1152
- name: string;
1153
- slug: string;
1154
- createdAt: Date;
1155
- logo?: string | null | undefined;
1156
- metadata?: any;
1157
- preferredAuthMethod?: string | undefined;
1158
- serviceAccountUserId?: string | undefined;
1159
- };
1309
+ organizationHooks: {
1310
+ afterAcceptInvitation: ({
1311
+ member,
1312
+ user,
1313
+ organization: org
1314
+ }: {
1315
+ invitation: better_auth_plugins0.Invitation & Record<string, any>;
1316
+ member: better_auth_plugins0.Member & Record<string, any>;
1317
+ user: better_auth0.User & Record<string, any>;
1318
+ organization: better_auth_plugins0.Organization & Record<string, any>;
1319
+ }) => Promise<void>;
1320
+ beforeUpdateMemberRole: ({
1321
+ member,
1322
+ organization: org,
1323
+ newRole
1324
+ }: {
1325
+ member: better_auth_plugins0.Member & Record<string, any>;
1326
+ newRole: string;
1327
+ user: better_auth0.User & Record<string, any>;
1328
+ organization: better_auth_plugins0.Organization & Record<string, any>;
1329
+ }) => Promise<void>;
1330
+ beforeRemoveMember: ({
1331
+ member,
1332
+ organization: org
1333
+ }: {
1334
+ member: better_auth_plugins0.Member & Record<string, any>;
1335
+ user: better_auth0.User & Record<string, any>;
1336
+ organization: better_auth_plugins0.Organization & Record<string, any>;
1337
+ }) => Promise<void>;
1160
1338
  };
1161
- $ERROR_CODES: {
1162
- readonly YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_ORGANIZATION: "You are not allowed to create a new organization";
1163
- readonly YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_ORGANIZATIONS: "You have reached the maximum number of organizations";
1164
- readonly ORGANIZATION_ALREADY_EXISTS: "Organization already exists";
1165
- readonly ORGANIZATION_SLUG_ALREADY_TAKEN: "Organization slug already taken";
1166
- readonly ORGANIZATION_NOT_FOUND: "Organization not found";
1167
- readonly USER_IS_NOT_A_MEMBER_OF_THE_ORGANIZATION: "User is not a member of the organization";
1168
- readonly YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_ORGANIZATION: "You are not allowed to update this organization";
1169
- readonly YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_ORGANIZATION: "You are not allowed to delete this organization";
1170
- readonly NO_ACTIVE_ORGANIZATION: "No active organization";
1171
- readonly USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION: "User is already a member of this organization";
1172
- readonly MEMBER_NOT_FOUND: "Member not found";
1173
- readonly ROLE_NOT_FOUND: "Role not found";
1174
- readonly YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_TEAM: "You are not allowed to create a new team";
1175
- readonly TEAM_ALREADY_EXISTS: "Team already exists";
1176
- readonly TEAM_NOT_FOUND: "Team not found";
1177
- readonly YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER: "You cannot leave the organization as the only owner";
1178
- readonly YOU_CANNOT_LEAVE_THE_ORGANIZATION_WITHOUT_AN_OWNER: "You cannot leave the organization without an owner";
1179
- readonly YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_MEMBER: "You are not allowed to delete this member";
1180
- readonly YOU_ARE_NOT_ALLOWED_TO_INVITE_USERS_TO_THIS_ORGANIZATION: "You are not allowed to invite users to this organization";
1181
- readonly USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION: "User is already invited to this organization";
1182
- readonly INVITATION_NOT_FOUND: "Invitation not found";
1183
- readonly YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION: "You are not the recipient of the invitation";
1184
- readonly EMAIL_VERIFICATION_REQUIRED_BEFORE_ACCEPTING_OR_REJECTING_INVITATION: "Email verification required before accepting or rejecting invitation";
1185
- readonly YOU_ARE_NOT_ALLOWED_TO_CANCEL_THIS_INVITATION: "You are not allowed to cancel this invitation";
1186
- readonly INVITER_IS_NO_LONGER_A_MEMBER_OF_THE_ORGANIZATION: "Inviter is no longer a member of the organization";
1187
- readonly YOU_ARE_NOT_ALLOWED_TO_INVITE_USER_WITH_THIS_ROLE: "You are not allowed to invite a user with this role";
1188
- readonly FAILED_TO_RETRIEVE_INVITATION: "Failed to retrieve invitation";
1189
- readonly YOU_HAVE_REACHED_THE_MAXIMUM_NUMBER_OF_TEAMS: "You have reached the maximum number of teams";
1190
- readonly UNABLE_TO_REMOVE_LAST_TEAM: "Unable to remove last team";
1191
- readonly YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER: "You are not allowed to update this member";
1192
- readonly ORGANIZATION_MEMBERSHIP_LIMIT_REACHED: "Organization membership limit reached";
1193
- readonly YOU_ARE_NOT_ALLOWED_TO_CREATE_TEAMS_IN_THIS_ORGANIZATION: "You are not allowed to create teams in this organization";
1194
- readonly YOU_ARE_NOT_ALLOWED_TO_DELETE_TEAMS_IN_THIS_ORGANIZATION: "You are not allowed to delete teams in this organization";
1195
- readonly YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_TEAM: "You are not allowed to update this team";
1196
- readonly YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_TEAM: "You are not allowed to delete this team";
1197
- readonly INVITATION_LIMIT_REACHED: "Invitation limit reached";
1198
- readonly TEAM_MEMBER_LIMIT_REACHED: "Team member limit reached";
1199
- readonly USER_IS_NOT_A_MEMBER_OF_THE_TEAM: "User is not a member of the team";
1200
- readonly YOU_CAN_NOT_ACCESS_THE_MEMBERS_OF_THIS_TEAM: "You are not allowed to list the members of this team";
1201
- readonly YOU_DO_NOT_HAVE_AN_ACTIVE_TEAM: "You do not have an active team";
1202
- readonly YOU_ARE_NOT_ALLOWED_TO_CREATE_A_NEW_TEAM_MEMBER: "You are not allowed to create a new member";
1203
- readonly YOU_ARE_NOT_ALLOWED_TO_REMOVE_A_TEAM_MEMBER: "You are not allowed to remove a team member";
1204
- readonly YOU_ARE_NOT_ALLOWED_TO_ACCESS_THIS_ORGANIZATION: "You are not allowed to access this organization as an owner";
1205
- readonly YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION: "You are not a member of this organization";
1206
- readonly MISSING_AC_INSTANCE: "Dynamic Access Control requires a pre-defined ac instance on the server auth plugin. Read server logs for more information";
1207
- readonly YOU_MUST_BE_IN_AN_ORGANIZATION_TO_CREATE_A_ROLE: "You must be in an organization to create a role";
1208
- readonly YOU_ARE_NOT_ALLOWED_TO_CREATE_A_ROLE: "You are not allowed to create a role";
1209
- readonly YOU_ARE_NOT_ALLOWED_TO_UPDATE_A_ROLE: "You are not allowed to update a role";
1210
- readonly YOU_ARE_NOT_ALLOWED_TO_DELETE_A_ROLE: "You are not allowed to delete a role";
1211
- readonly YOU_ARE_NOT_ALLOWED_TO_READ_A_ROLE: "You are not allowed to read a role";
1212
- readonly YOU_ARE_NOT_ALLOWED_TO_LIST_A_ROLE: "You are not allowed to list a role";
1213
- readonly YOU_ARE_NOT_ALLOWED_TO_GET_A_ROLE: "You are not allowed to get a role";
1214
- readonly TOO_MANY_ROLES: "This organization has too many roles";
1215
- readonly INVALID_RESOURCE: "The provided permission includes an invalid resource";
1216
- readonly ROLE_NAME_IS_ALREADY_TAKEN: "That role name is already taken";
1217
- readonly CANNOT_DELETE_A_PRE_DEFINED_ROLE: "Cannot delete a pre-defined role";
1218
- };
1219
- options: NoInfer<{
1220
- allowUserToCreateOrganization: true;
1221
- ac: better_auth_plugins20.AccessControl;
1222
- roles: {
1223
- member: {
1224
- authorize<K_1 extends "organization" | "member" | "project" | "team" | "ac" | "invitation">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key] | {
1225
- actions: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key];
1226
- connector: "OR" | "AND";
1227
- } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins20.AuthorizeResponse;
1228
- statements: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>;
1229
- };
1230
- admin: {
1231
- authorize<K_1 extends "organization" | "member" | "project" | "team" | "ac" | "invitation">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key] | {
1232
- actions: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key];
1233
- connector: "OR" | "AND";
1234
- } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins20.AuthorizeResponse;
1235
- statements: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>;
1236
- };
1237
- owner: {
1238
- authorize<K_1 extends "organization" | "member" | "project" | "team" | "ac" | "invitation">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key] | {
1239
- actions: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>[key];
1240
- connector: "OR" | "AND";
1241
- } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins20.AuthorizeResponse;
1242
- statements: better_auth_plugins20.Subset<"organization" | "member" | "project" | "team" | "ac" | "invitation", better_auth_plugins20.Statements>;
1243
- };
1244
- };
1245
- creatorRole: "admin";
1246
- membershipLimit: number;
1247
- invitationLimit: number;
1248
- invitationExpiresIn: number;
1249
- sendInvitationEmail(data: {
1250
- id: string;
1251
- role: string;
1252
- email: string;
1253
- organization: better_auth_plugins20.Organization;
1254
- invitation: better_auth_plugins20.Invitation;
1255
- inviter: better_auth_plugins20.Member & {
1256
- user: better_auth0.User;
1257
- };
1258
- }): Promise<void>;
1259
- schema: {
1260
- invitation: {
1261
- additionalFields: {
1262
- authMethod: {
1263
- type: "string";
1264
- input: true;
1265
- required: false;
1266
- };
1267
- };
1268
- };
1269
- organization: {
1270
- additionalFields: {
1271
- preferredAuthMethod: {
1272
- type: "string";
1273
- input: true;
1274
- required: false;
1275
- };
1276
- serviceAccountUserId: {
1277
- type: "string";
1278
- input: true;
1279
- required: false;
1280
- };
1281
- };
1282
- };
1283
- };
1284
- organizationHooks: {
1285
- afterAcceptInvitation: ({
1286
- member,
1287
- user,
1288
- organization: org
1289
- }: {
1290
- invitation: better_auth_plugins20.Invitation & Record<string, any>;
1291
- member: better_auth_plugins20.Member & Record<string, any>;
1292
- user: better_auth0.User & Record<string, any>;
1293
- organization: better_auth_plugins20.Organization & Record<string, any>;
1294
- }) => Promise<void>;
1295
- beforeUpdateMemberRole: ({
1296
- member,
1297
- organization: org,
1298
- newRole
1299
- }: {
1300
- member: better_auth_plugins20.Member & Record<string, any>;
1301
- newRole: string;
1302
- user: better_auth0.User & Record<string, any>;
1303
- organization: better_auth_plugins20.Organization & Record<string, any>;
1304
- }) => Promise<void>;
1305
- beforeRemoveMember: ({
1306
- member,
1307
- organization: org
1308
- }: {
1309
- member: better_auth_plugins20.Member & Record<string, any>;
1310
- user: better_auth0.User & Record<string, any>;
1311
- organization: better_auth_plugins20.Organization & Record<string, any>;
1312
- }) => Promise<void>;
1313
- };
1314
- }>;
1315
- }, {
1339
+ }>, {
1316
1340
  id: "device-authorization";
1317
1341
  schema: {
1318
1342
  deviceCode: {
@@ -1560,8 +1584,10 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
1560
1584
  }, better_auth0.$strip>;
1561
1585
  error: zod0.ZodObject<{
1562
1586
  error: zod0.ZodEnum<{
1587
+ unauthorized: "unauthorized";
1563
1588
  invalid_request: "invalid_request";
1564
1589
  expired_token: "expired_token";
1590
+ access_denied: "access_denied";
1565
1591
  device_code_already_processed: "device_code_already_processed";
1566
1592
  }>;
1567
1593
  error_description: zod0.ZodString;
@@ -1599,11 +1625,14 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
1599
1625
  }, better_auth0.$strip>;
1600
1626
  error: zod0.ZodObject<{
1601
1627
  error: zod0.ZodEnum<{
1628
+ unauthorized: "unauthorized";
1602
1629
  invalid_request: "invalid_request";
1603
1630
  expired_token: "expired_token";
1631
+ access_denied: "access_denied";
1604
1632
  }>;
1605
1633
  error_description: zod0.ZodString;
1606
1634
  }, better_auth0.$strip>;
1635
+ requireHeaders: true;
1607
1636
  metadata: {
1608
1637
  openapi: {
1609
1638
  description: string;
@@ -1645,8 +1674,8 @@ declare function createAuth(config: BetterAuthConfig): better_auth0.Auth<{
1645
1674
  readonly AUTHENTICATION_REQUIRED: "Authentication required";
1646
1675
  };
1647
1676
  options: Partial<{
1648
- expiresIn: better_auth_plugins20.TimeString;
1649
- interval: better_auth_plugins20.TimeString;
1677
+ expiresIn: better_auth_plugins0.TimeString;
1678
+ interval: better_auth_plugins0.TimeString;
1650
1679
  deviceCodeLength: number;
1651
1680
  userCodeLength: number;
1652
1681
  schema: {