@loginid/websdk3 1.0.1 → 1.1.0

package/dist/index.d.cts

@@ -49,7 +49,7 @@ declare abstract class BaseHttpRequest {
     abstract request<T>(options: ApiRequestOptions): CancelablePromise<T>;
 }
 
-type authenticatorAssertionResponseRequestBody = {
+type AuthenticatorAssertionResponse = {
     /**
      * This attribute contains the authenticator data returned by the authenticator.
      */
@@ -76,29 +76,78 @@ type authenticatorAssertionResponseRequestBody = {
     userHandle?: string;
 };
 
-type AuthAuthCompleteRequestBody = {
-    assertionResult: authenticatorAssertionResponseRequestBody;
+type AuthCompleteRequestBody = {
+    assertionResult: AuthenticatorAssertionResponse;
     /**
      * An opaque object containing session data.
      */
     session: string;
 };
 
-/**
- * AuthCompleteResponseBody result type (default view)
- */
-type AuthAuthCompleteResponseBody = {
+type PubKeyCredentialDescriptor = {
     /**
-     * JWT access token
+     * Base64 encoded byte array of the public key identifier.
      */
-    jwtAccess: string;
+    id: string;
+    transports?: Array<'usb' | 'nfc' | 'ble' | 'internal' | 'hybrid'>;
+    type: 'public-key';
+};
+
+type PublicKeyCredentialRequestOptions = {
+    /**
+     * A list of PublicKeyCredentialDescriptor objects representing public key
+     * credentials acceptable to the caller, in descending order of the caller’s
+     * preference (the first item in the list is the most preferred credential,
+     * and so on down the list).
+     */
+    allowCredentials?: Array<PubKeyCredentialDescriptor>;
+    /**
+     * This base64 encoded byte array represents a challenge that the selected
+     * authenticator signs, along with other data, when producing an authentication
+     * assertion.
+     */
+    challenge: string;
+    /**
+     * Additional parameters requesting additional processing by the client and
+     * authenticator. For example, if transaction confirmation is sought from the
+     * user, then the prompt string might be included as an extension.
+     */
+    extensions?: Record<string, string>;
+    /**
+     * The relying party identifier claimed by the caller. If omitted, its value will
+     * be the CredentialsContainer object’s relevant settings object's origin's
+     * effective domain.
+     */
+    rpId?: string;
+    /**
+     * Specifies a time, in milliseconds, that the caller is willing
+     * to wait for the call to complete. The value is treated as a
+     * hint, and MAY be overridden by the client.
+     */
+    timeout?: number;
+    /**
+     * The Relying Party's requirements regarding user verification for the get()
+     * operation. The value SHOULD be a member of UserVerificationRequirement but
+     * client platforms MUST ignore unknown values, treating an unknown value as if
+     * the member does not exist. Eligible authenticators are filtered to only those
+     * capable of satisfying this requirement.
+     */
+    userVerification?: 'required' | 'preferred' | 'discouraged';
+};
+
+type AuthInit = {
+    assertionOptions: PublicKeyCredentialRequestOptions;
+    /**
+     * An opaque object containing session data.
+     */
+    session: string;
 };
 
 /**
  * Application making the request. It contains additional info about the caller
  * to distinguish between tenants.
  */
-type applicationRequestBody = {
+type Application = {
     /**
      * Unique application id
      */
@@ -114,7 +163,7 @@ type applicationRequestBody = {
  * be provided on best effort basis. If provide, they will be taken into
  * consideration in order to improve user experience.
  */
-type deviceInfoRequestBody = {
+type DeviceInfo = {
     /**
      * Client name
      */
@@ -153,7 +202,7 @@ type deviceInfoRequestBody = {
     screenWidth?: number;
 };
 
-type userRequestBody = {
+type User = {
     /**
      * Display Name
      */
@@ -168,72 +217,17 @@ type userRequestBody = {
     usernameType: 'email' | 'phone';
 };
 
-type AuthAuthInitRequestBody = {
-    app: applicationRequestBody;
-    deviceInfo: deviceInfoRequestBody;
-    user: userRequestBody;
-};
-
-type pubKeyCredentialDescriptorResponseBody = {
-    /**
-     * Base64 encoded byte array of the public key identifier.
-     */
-    id: string;
-    transports?: Array<'usb' | 'nfc' | 'ble' | 'internal'>;
-    type: 'public-key';
-};
-
-type publicKeyCredentialRequestOptionsResponseBody = {
-    /**
-     * A list of PublicKeyCredentialDescriptor objects representing public key
-     * credentials acceptable to the caller, in descending order of the caller’s
-     * preference (the first item in the list is the most preferred credential,
-     * and so on down the list).
-     */
-    allowCredentials?: Array<pubKeyCredentialDescriptorResponseBody>;
-    /**
-     * This base64 encoded byte array represents a challenge that the selected
-     * authenticator signs, along with other data, when producing an authentication
-     * assertion.
-     */
-    challenge: string;
-    /**
-     * Additional parameters requesting additional processing by the client and
-     * authenticator. For example, if transaction confirmation is sought from the
-     * user, then the prompt string might be included as an extension.
-     */
-    extensions?: Record<string, string>;
-    /**
-     * The relying party identifier claimed by the caller. If omitted, its value will
-     * be the CredentialsContainer object’s relevant settings object's origin's
-     * effective domain.
-     */
-    rpId?: string;
-    /**
-     * Specifies a time, in milliseconds, that the caller is willing
-     * to wait for the call to complete. The value is treated as a
-     * hint, and MAY be overridden by the client.
-     */
-    timeout?: number;
-    /**
-     * The Relying Party's requirements regarding user verification for the get()
-     * operation. The value SHOULD be a member of UserVerificationRequirement but
-     * client platforms MUST ignore unknown values, treating an unknown value as if
-     * the member does not exist. Eligible authenticators are filtered to only those
-     * capable of satisfying this requirement.
-     */
-    userVerification?: 'required' | 'preferred' | 'discouraged';
+type AuthInitRequestBody = {
+    app: Application;
+    deviceInfo: DeviceInfo;
+    user?: User;
 };
 
-/**
- * AuthInitResponseBody result type (default view)
- */
-type AuthAuthInitResponseBody = {
-    assertionOptions: publicKeyCredentialRequestOptionsResponseBody;
+type JWT = {
     /**
-     * An opaque object containing session data.
+     * JWT access token
      */
-    session: string;
+    jwtAccess: string;
 };
 
 declare class AuthService {
@@ -241,37 +235,27 @@ declare class AuthService {
     constructor(httpRequest: BaseHttpRequest);
     /**
      * Complete WebAuthn registration
-     * @returns AuthAuthCompleteResponseBody OK response.
+     * @returns JWT OK response.
      * @throws ApiError
      */
-    authAuthComplete({ authCompleteRequestBody, }: {
-        authCompleteRequestBody: AuthAuthCompleteRequestBody;
-    }): CancelablePromise<AuthAuthCompleteResponseBody>;
+    authAuthComplete({ requestBody, }: {
+        requestBody: AuthCompleteRequestBody;
+    }): CancelablePromise<JWT>;
     /**
      * Start WebAuthn registration flow
-     * @returns AuthAuthInitResponseBody OK response.
+     * @returns AuthInit OK response.
      * @throws ApiError
      */
-    authAuthInit({ authInitRequestBody, userAgent, }: {
-        authInitRequestBody: AuthAuthInitRequestBody;
+    authAuthInit({ requestBody, userAgent, }: {
+        requestBody: AuthInitRequestBody;
         /**
          * Raw user-agent header as set by a browser
          */
         userAgent?: string;
-    }): CancelablePromise<AuthAuthInitResponseBody>;
+    }): CancelablePromise<AuthInit>;
 }
 
-type PasskeysPasskeyRenameRequestBody = {
-    /**
-     * Internal passkey identifier
-     */
-    name: string;
-};
-
-/**
- * PasskeyResponse result type (default view)
- */
-type PasskeyResponse = {
+type Passkey = {
     /**
      * Timestamp in RFC3339 format.
      */
@@ -290,65 +274,54 @@ type PasskeyResponse = {
     name: string;
 };
 
-/**
- * PasskeysListResponseBody is the result type for an array of PasskeyResponse (default view)
- */
-type PasskeysPasskeyResponseCollection = Array<PasskeyResponse>;
+type PasskeyCollection = Array<Passkey>;
+
+type PasskeyRenameRequestBody = {
+    /**
+     * Internal passkey identifier
+     */
+    name: string;
+};
 
 declare class PasskeysService {
     readonly httpRequest: BaseHttpRequest;
     constructor(httpRequest: BaseHttpRequest);
     /**
      * List passkeys
-     * **Required security scopes for jwt**:
-     * * `passkey:read`
-     * @returns PasskeysPasskeyResponseCollection OK response.
+     * @returns PasskeyCollection OK response.
      * @throws ApiError
      */
-    passkeysPasskeysList({ authorization, }: {
-        /**
-         * Authorization token
-         */
-        authorization?: string;
-    }): CancelablePromise<PasskeysPasskeyResponseCollection>;
+    passkeysPasskeysList({ authorization }: {
+        authorization: string;
+    }): CancelablePromise<PasskeyCollection>;
     /**
-     * Rename passkey
-     * **Required security scopes for jwt**:
-     * * `passkey:write`
+     * Delete passkey
      * @returns void
      * @throws ApiError
      */
-    passkeysPasskeyRename({ id, passkeyRenameRequestBody, authorization, }: {
+    passkeysPasskeyDelete({ id, authorization, }: {
         /**
          * Internal passkey identifier
          */
         id: string;
-        passkeyRenameRequestBody: PasskeysPasskeyRenameRequestBody;
-        /**
-         * Authorization token
-         */
-        authorization?: string;
+        authorization: string;
     }): CancelablePromise<void>;
     /**
-     * Delete passkey
-     * **Required security scopes for jwt**:
-     * * `passkey:write`
+     * Rename passkey
      * @returns void
      * @throws ApiError
      */
-    passkeysPasskeyDelete({ id, authorization, }: {
+    passkeysPasskeyRename({ id, requestBody, authorization }: {
         /**
          * Internal passkey identifier
          */
         id: string;
-        /**
-         * Authorization token
-         */
-        authorization?: string;
+        requestBody: PasskeyRenameRequestBody;
+        authorization: string;
     }): CancelablePromise<void>;
 }
 
-type creationResultRequestBody = {
+type CreationResult = {
     /**
      * Base64 encoded byte array containing an attestation object, which is opaque to,
      * and cryptographically protected against tampering by, the client.
@@ -380,42 +353,18 @@ type creationResultRequestBody = {
      * These values are the transports that the authenticator is believed to support,
      * or an empty sequence if the information is unavailable.
      */
-    transports?: Array<'usb' | 'nfc' | 'ble' | 'internal'>;
+    transports?: Array<'usb' | 'nfc' | 'ble' | 'internal' | 'hybrid'>;
 };
 
-type RegRegCompleteRequestBody = {
-    creationResult: creationResultRequestBody;
+type RegCompleteRequestBody = {
+    creationResult: CreationResult;
     /**
      * An opaque object containing session data.
      */
     session: string;
 };
 
-/**
- * RegCompleteResponseBody result type (default view)
- */
-type RegRegCompleteResponseBody = {
-    /**
-     * JWT access token
-     */
-    jwtAccess: string;
-};
-
-type RegRegInitRequestBody = {
-    app: applicationRequestBody;
-    deviceInfo: deviceInfoRequestBody;
-    /**
-     * Set of authentication factors:
-     * - Single factor: Username (i.e. email or phone) + FIDO2 credential;
-     * - Two factor: Username + password + FIDO2 credential;
-     * - Passwordless: FIDO2 discoverable credentials;
-     * - Passwordless + MFA: FIDO2 discoverable credentials + PIN;
-     */
-    mfa?: Array<'fido2' | 'email' | 'phone' | 'password' | 'pin'>;
-    user: userRequestBody;
-};
-
-type authenticatorSelectionCriteriaResponseBody = {
+type AuthenticatorSelectionCriteria = {
     /**
      * Authenticator attachment modality
      */
@@ -437,7 +386,7 @@ type authenticatorSelectionCriteriaResponseBody = {
 /**
  * Additional parameters when creating a new credential.
  */
-type publicKeyCredentialParametersResponseBody = {
+type PublicKeyCredentialParameters = {
     /**
      * A cryptographic signature algorithm with which the newly generated credential
      * will be used, and thus also the type of asymmetric key pair to be generated,
@@ -450,7 +399,7 @@ type publicKeyCredentialParametersResponseBody = {
 /**
  * Data about the Relying Party responsible for the request.
  */
-type publicKeyCredentialRpEntityResponseBody = {
+type PublicKeyCredentialRpEntity = {
     /**
      * A unique identifier for the Relying Party entity, which sets the RP ID.
      */
@@ -464,18 +413,18 @@ type publicKeyCredentialRpEntityResponseBody = {
 /**
  * Data about the user account for which the Relying Party is requesting attestation
  */
-type publicKeyCredentialUserEntityResponseBody = {
+type PublicKeyCredentialUserEntity = {
     displayName: string;
     id: string;
     name: string;
 };
 
-type publicKeyCredentialCreationOptionsResponseBody = {
+type PublicKeyCredentialCreationOptions = {
     /**
      * A preference for attestation conveyance.
      */
     attestation?: 'none' | 'indirect' | 'direct' | 'enterprise';
-    authenticatorSelection?: authenticatorSelectionCriteriaResponseBody;
+    authenticatorSelection?: AuthenticatorSelectionCriteria;
     /**
      * This base64 encoded byte array represents a challenge that
      * the selected authenticator signs, along with other data, when
@@ -488,7 +437,7 @@ type publicKeyCredentialCreationOptionsResponseBody = {
      * if the new credential would be created on an authenticator that also contains
      * one of the credentials enumerated in this parameter.
      */
-    excludeCredentials?: Array<pubKeyCredentialDescriptorResponseBody>;
+    excludeCredentials?: Array<PubKeyCredentialDescriptor>;
     /**
      * Additional parameters requesting processing by the client and authenticator.
      */
@@ -499,57 +448,191 @@ type publicKeyCredentialCreationOptionsResponseBody = {
      * The client makes a best-effort to create the most preferred credential that it
      * can.
      */
-    pubKeyCredParams: Array<publicKeyCredentialParametersResponseBody>;
-    rp: publicKeyCredentialRpEntityResponseBody;
+    pubKeyCredParams: Array<PublicKeyCredentialParameters>;
+    rp: PublicKeyCredentialRpEntity;
     /**
      * This OPTIONAL member specifies a time, in milliseconds,
      * that the caller is willing to wait for the call to complete. The
      * value is treated as a hint, and MAY be overridden by the client.
      */
     timeout?: number;
-    user: publicKeyCredentialUserEntityResponseBody;
+    user: PublicKeyCredentialUserEntity;
 };
 
-/**
- * RegInitResponseBody result type (default view)
- */
-type RegRegInitResponseBody = {
-    registrationRequestOptions: publicKeyCredentialCreationOptionsResponseBody;
+type RegInit = {
+    registrationRequestOptions: PublicKeyCredentialCreationOptions;
     /**
      * An opaque object containing session data.
      */
     session: string;
 };
 
+type RegInitRequestBody = {
+    app: Application;
+    deviceInfo: DeviceInfo;
+    /**
+     * Set of authentication factors:
+     * - Single factor: Username (i.e. email or phone) + FIDO2 credential;
+     * - Two factor: Username + password + FIDO2 credential;
+     * - Passwordless: FIDO2 discoverable credentials;
+     * - Passwordless + MFA: FIDO2 discoverable credentials + PIN;
+     */
+    mfa?: Array<'fido2' | 'email' | 'phone' | 'password' | 'pin'>;
+    user: User;
+};
+
 declare class RegService {
     readonly httpRequest: BaseHttpRequest;
     constructor(httpRequest: BaseHttpRequest);
     /**
      * Complete WebAuthn registration flow
-     * @returns RegRegCompleteResponseBody OK response.
+     * @returns JWT OK response.
      * @throws ApiError
      */
-    regRegComplete({ regCompleteRequestBody, }: {
-        regCompleteRequestBody: RegRegCompleteRequestBody;
-    }): CancelablePromise<RegRegCompleteResponseBody>;
+    regRegComplete({ requestBody, }: {
+        requestBody: RegCompleteRequestBody;
+    }): CancelablePromise<JWT>;
     /**
      * Start WebAuthn registration flow
-     * @returns RegRegInitResponseBody OK response.
+     * @returns RegInit OK response.
      * @throws ApiError
      */
-    regRegInit({ regInitRequestBody, userAgent, }: {
-        regInitRequestBody: RegRegInitRequestBody;
+    regRegInit({ requestBody, userAgent, }: {
+        requestBody: RegInitRequestBody;
         /**
          * Raw user-agent header as set by a browser
          */
         userAgent?: string;
-    }): CancelablePromise<RegRegInitResponseBody>;
+    }): CancelablePromise<RegInit>;
 }
 
-/**
- * VersionShowResponseBody result type (default view)
- */
-type VersionVersionShowResponseBody = {
+type TokenVerifyRequestBody = {
+    /**
+     * JWT access token
+     */
+    jwtAccess: string;
+};
+
+declare class TokenService {
+    readonly httpRequest: BaseHttpRequest;
+    constructor(httpRequest: BaseHttpRequest);
+    /**
+     * Validate JWT Access Token
+     * @returns void
+     * @throws ApiError
+     */
+    tokenTokenVerify({ requestBody, }: {
+        requestBody: TokenVerifyRequestBody;
+    }): CancelablePromise<void>;
+}
+
+type TxComplete = {
+    authCred?: Passkey;
+    /**
+     * Internal passkey identifier
+     */
+    credentialId: string;
+    /**
+     * JWT access token
+     */
+    jwtAccess: string;
+    /**
+     * Random string generated by LoginID.
+     */
+    lNonce: string;
+    /**
+     * Random string.
+     */
+    nonce: string;
+    /**
+     * Computed hash value of the transaction.
+     */
+    txHash: string;
+    /**
+     * Internal transaction identifier
+     */
+    txId: string;
+};
+
+type TxCompleteRequestBody = {
+    /**
+     * This attribute contains the authenticator data returned by the authenticator.
+     */
+    authenticatorData: string;
+    /**
+     * Base64 encoded byte array which is a JSON-compatible serialization of client data
+     * passed to the authenticator by the client in order to generate this assertion.
+     * The exact JSON serialization MUST be preserved, as the hash of the serialized
+     * client data has been computed over it.
+     */
+    clientData: string;
+    /**
+     * Identified of the passkey credential.
+     */
+    keyHandle: string;
+    /**
+     * An opaque object containing session data.
+     */
+    session: string;
+    /**
+     * Base64 encoded the raw signature returned from the authenticator.
+     */
+    signature: string;
+};
+
+type TxInit = {
+    assertionOptions: PublicKeyCredentialRequestOptions;
+    /**
+     * An opaque object containing session data.
+     */
+    session: string;
+    /**
+     * Internal transaction identifier
+     */
+    txId: string;
+};
+
+type TxInitRequestBody = {
+    /**
+     * Random string
+     */
+    nonce: string;
+    /**
+     * Payload of transaction
+     */
+    txPayload: string;
+    /**
+     * Type of transaction
+     */
+    txType: string;
+    /**
+     * Username of user
+     */
+    username: string;
+};
+
+declare class TxService {
+    readonly httpRequest: BaseHttpRequest;
+    constructor(httpRequest: BaseHttpRequest);
+    /**
+     * Complete transaction confirmation
+     * @returns TxComplete OK response.
+     * @throws ApiError
+     */
+    txTxComplete({ requestBody, }: {
+        requestBody: TxCompleteRequestBody;
+    }): CancelablePromise<TxComplete>;
+    /**
+     * Start transaction confirmation flow
+     * @returns TxInit OK response.
+     * @throws ApiError
+     */
+    txTxInit({ requestBody, }: {
+        requestBody: TxInitRequestBody;
+    }): CancelablePromise<TxInit>;
+}
+
+type Version = {
     /**
      * Version hash
      */
@@ -565,10 +648,10 @@ declare class VersionService {
     constructor(httpRequest: BaseHttpRequest);
     /**
      * Show software version
-     * @returns VersionVersionShowResponseBody OK response.
+     * @returns Version OK response.
      * @throws ApiError
      */
-    versionVersionShow(): CancelablePromise<VersionVersionShowResponseBody>;
+    versionVersionShow(): CancelablePromise<Version>;
 }
 
 type HttpRequestConstructor = new (config: OpenAPIConfig) => BaseHttpRequest;
@@ -576,6 +659,8 @@ declare class LoginIDService {
     readonly auth: AuthService;
     readonly passkeys: PasskeysService;
     readonly reg: RegService;
+    readonly token: TokenService;
+    readonly tx: TxService;
     readonly version: VersionService;
     readonly request: BaseHttpRequest;
     constructor(config?: Partial<OpenAPIConfig>, HttpRequest?: HttpRequestConstructor);
@@ -598,10 +683,10 @@ declare class ApiError extends Error {
     constructor(request: ApiRequestOptions, response: ApiResult, message: string);
 }
 
-type UsernameType = userRequestBody['usernameType'];
-type DeviceInfoRequestBody = deviceInfoRequestBody;
-type MFA = RegRegInitRequestBody['mfa'];
-type Transports = creationResultRequestBody['transports'];
+type UsernameType = User['usernameType'];
+type DeviceInfoRequestBody = DeviceInfo;
+type MFA = RegInitRequestBody['mfa'];
+type Transports = CreationResult['transports'];
 interface LoginIDConfig {
     baseUrl: string;
     appId: string;
@@ -618,6 +703,8 @@ interface AuthenticateWithPasskeysOptions extends PasskeyOptions {
 interface RegisterWithPasskeyOptions extends PasskeyOptions {
     mfa?: MFA;
 }
+interface ConfirmTransactionOptions extends Partial<Pick<TxInitRequestBody, 'txType'>> {
+}
 interface PasskeyResult {
     jwtAccess: string;
 }
@@ -654,10 +741,10 @@ declare class Passkeys extends LoginIDBase {
     constructor(config: LoginIDConfig);
     /**
      * Creates a navigator credential using WebAuthn.
-     * @param {RegRegInitResponseBody} regInitResponseBody The response body from registration initialization.
+     * @param {RegInit} regInitResponseBody The response body from registration initialization.
      * @returns {Promise<RegRegCompleteRequestBody>} Completion request body for registration.
      */
-    createNavigatorCredential(regInitResponseBody: RegRegInitResponseBody): Promise<RegRegCompleteRequestBody>;
+    createNavigatorCredential(regInitResponseBody: RegInit): Promise<RegCompleteRequestBody>;
     /**
      * Registers a user with a passkey.
      * @param {string} username Username to register.
@@ -667,18 +754,35 @@ declare class Passkeys extends LoginIDBase {
     registerWithPasskey(username: string, options?: RegisterWithPasskeyOptions): Promise<PasskeyResult>;
     /**
      * Retrieves a navigator credential for authentication.
-     * @param {AuthAuthInitResponseBody} authInitResponseBody The response body from authentication initialization.
+     * @param {AuthInit} authInitResponseBody The response body from authentication initialization.
      * @param {AuthenticateWithPasskeysOptions} options Additional options for authentication.
      * @returns {Promise<AuthAuthCompleteRequestBody>} Completion request body for authentication.
      */
-    getNavigatorCredential(authInitResponseBody: AuthAuthInitResponseBody, options?: AuthenticateWithPasskeysOptions): Promise<AuthAuthCompleteRequestBody>;
+    getNavigatorCredential(authInitResponseBody: AuthInit, options?: AuthenticateWithPasskeysOptions): Promise<AuthCompleteRequestBody>;
     /**
      * Authenticates a user with a passkey.
      * @param {string} username Username to authenticate.
      * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
      * @returns {Promise<any>} Result of the authentication operation.
      */
-    authenticateWithPasskey(username: string, options?: AuthenticateWithPasskeysOptions): Promise<PasskeyResult>;
+    authenticateWithPasskey(username?: string, options?: AuthenticateWithPasskeysOptions): Promise<PasskeyResult>;
+    /**
+     * Confirms a transaction using a passkey.
+     *
+     * This method initiates a transaction confirmation process by generating a transaction-specific challenge
+     * and then expects the client to provide an assertion response using a passkey.
+     * This method is useful for confirming actions such as payments
+     * or changes to sensitive account information, ensuring that the transaction is being authorized
+     * by the rightful owner of the passkey.
+     *
+     * @param {string} username The username of the user confirming the transaction.
+     * @param {string} txPayload The transaction-specific payload, which could include details
+     * such as the transaction amount, recipient, and other metadata necessary for the transaction.
+     * @param {ConfirmTransactionOptions} [options={}] Optional parameters for transaction confirmation.
+     * @returns {Promise<any>} A promise that resolves with the result of the transaction confirmation operation.
+     * The result includes details about the transaction's details and includes a new JWT access token.
+     */
+    confirmTransaction(username: string, txPayload: string, nonce: string, options?: ConfirmTransactionOptions): Promise<TxComplete>;
     /**
      * Retrieves the JWT access token.
      * @returns {string} The JWT access token.
@@ -700,7 +804,7 @@ declare class PasskeyManager extends LoginIDBase {
      * @param {string} authToken Authorization token to authenticate the request.
      * @returns {Promise<PasskeysPasskeyResponseCollection>} A collection of passkeys.
      */
-    listPasskeys(authToken: string): Promise<PasskeysPasskeyResponseCollection>;
+    listPasskeys(authToken: string): Promise<PasskeyCollection>;
     /**
      * Renames a specified passkey.
      * @param {string} authToken Authorization token to authenticate the request.
@@ -747,7 +851,7 @@ declare class PasskeyError extends Error {
  * @returns {Promise<PublicKeyCredential>} A promise that resolves to the passkey credential.
  * @throws {LoginIdError} If any errors occur during credential creation or if the credential type is invalid.
  */
-declare const createPasskeyCredential: (init: publicKeyCredentialCreationOptionsResponseBody) => Promise<PublicKeyCredential>;
+declare const createPasskeyCredential: (init: PublicKeyCredentialCreationOptions) => Promise<PublicKeyCredential>;
 /**
  * Asynchronously retrieves a passkey credential for authentication using the provided request options.
  *
@@ -755,7 +859,7 @@ declare const createPasskeyCredential: (init: publicKeyCredentialCreationOptions
  * @param {AuthenticateWithPasskeysOptions} options - Additional options for the authentication request.
  * @returns {Promise<PublicKeyCredential>} A promise that resolves to the passkey credential.
  */
-declare const getPasskeyCredential: (init: publicKeyCredentialRequestOptionsResponseBody, options?: AuthenticateWithPasskeysOptions) => Promise<PublicKeyCredential>;
+declare const getPasskeyCredential: (init: PublicKeyCredentialRequestOptions, options?: AuthenticateWithPasskeysOptions) => Promise<PublicKeyCredential>;
 
 /**
  * Checks if platform authenticator available
@@ -774,4 +878,4 @@ interface DoesDeviceSupportPasskeysResponse {
  */
 declare function doesDeviceSupportPasskeys(): Promise<DoesDeviceSupportPasskeysResponse>;
 
-export { ApiError, type AuthenticateWithPasskeysOptions, type DeviceInfoRequestBody, type DoesDeviceSupportPasskeysResponse, type LoginIDConfig, LoginIDWebSDK, type MFA, PasskeyError, type PasskeyOptions, type PasskeyResult, type RegisterWithPasskeyOptions, type Transports, type UsernameType, createPasskeyCredential, LoginIDWebSDK as default, doesDeviceSupportPasskeys, getPasskeyCredential, isConditionalUIAvailable, isPlatformAuthenticatorAvailable };
+export { ApiError, type AuthenticateWithPasskeysOptions, type ConfirmTransactionOptions, type DeviceInfoRequestBody, type DoesDeviceSupportPasskeysResponse, type LoginIDConfig, LoginIDWebSDK, type MFA, PasskeyError, type PasskeyOptions, type PasskeyResult, type RegisterWithPasskeyOptions, type Transports, type UsernameType, createPasskeyCredential, LoginIDWebSDK as default, doesDeviceSupportPasskeys, getPasskeyCredential, isConditionalUIAvailable, isPlatformAuthenticatorAvailable };