@loginid/websdk3 3.1.0 → 3.2.2

package/dist/index.d.ts

@@ -1,1927 +1,2241 @@
-type ApiRequestOptions = {
-    readonly method: 'GET' | 'PUT' | 'POST' | 'DELETE' | 'OPTIONS' | 'HEAD' | 'PATCH';
-    readonly url: string;
-    readonly path?: Record<string, any>;
-    readonly cookies?: Record<string, any>;
-    readonly headers?: Record<string, any>;
-    readonly query?: Record<string, any>;
-    readonly formData?: Record<string, any>;
-    readonly body?: any;
-    readonly mediaType?: string;
-    readonly responseHeader?: string;
-    readonly errors?: Record<number, string>;
-};
+// Generated by dts-bundle-generator v9.5.1
 
-declare class CancelError extends Error {
-    constructor(message: string);
-    get isCancelled(): boolean;
-}
-interface OnCancel {
-    readonly isResolved: boolean;
-    readonly isRejected: boolean;
-    readonly isCancelled: boolean;
-    (cancelHandler: () => void): void;
-}
-declare class CancelablePromise<T> implements Promise<T> {
-    #private;
-    constructor(executor: (resolve: (value: T | PromiseLike<T>) => void, reject: (reason?: any) => void, onCancel: OnCancel) => void);
-    get [Symbol.toStringTag](): string;
-    then<TResult1 = T, TResult2 = never>(onFulfilled?: ((value: T) => TResult1 | PromiseLike<TResult1>) | null, onRejected?: ((reason: any) => TResult2 | PromiseLike<TResult2>) | null): Promise<TResult1 | TResult2>;
-    catch<TResult = never>(onRejected?: ((reason: any) => TResult | PromiseLike<TResult>) | null): Promise<T | TResult>;
-    finally(onFinally?: (() => void) | null): Promise<T>;
-    cancel(): void;
-    get isCancelled(): boolean;
-}
-
-type Resolver<T> = (options: ApiRequestOptions) => Promise<T>;
-type Headers = Record<string, string>;
-type OpenAPIConfig = {
-    BASE: string;
-    VERSION: string;
-    WITH_CREDENTIALS: boolean;
-    CREDENTIALS: 'include' | 'omit' | 'same-origin';
-    TOKEN?: string | Resolver<string> | undefined;
-    USERNAME?: string | Resolver<string> | undefined;
-    PASSWORD?: string | Resolver<string> | undefined;
-    HEADERS?: Headers | Resolver<Headers> | undefined;
-    ENCODE_PATH?: ((path: string) => string) | undefined;
+type DeviceInfo = {
+	/**
+	 * Client name
+	 */
+	clientName?: string;
+	/**
+	 * Client type.
+	 */
+	clientType?: "browser" | "other";
+	/**
+	 * Client version
+	 */
+	clientVersion?: string;
+	/**
+	 * An unique device identifier
+	 */
+	deviceId?: string;
+	/**
+	 * Last use timestamp in rfc3339 format
+	 */
+	lastUsedAt?: string;
+	/**
+	 * OS architecture
+	 */
+	osArch?: string;
+	/**
+	 * OS name
+	 */
+	osName?: string;
+	/**
+	 * OS version
+	 */
+	osVersion?: string;
+	/**
+	 * Screen height in pixels
+	 */
+	screenHeight?: number;
+	/**
+	 * Screen width in pixels
+	 */
+	screenWidth?: number;
 };
-declare const OpenAPI: OpenAPIConfig;
-
-declare abstract class BaseHttpRequest {
-    readonly config: OpenAPIConfig;
-    constructor(config: OpenAPIConfig);
-    abstract request<T>(options: ApiRequestOptions): CancelablePromise<T>;
-}
-
 /**
- * Code generation result
- */
-type AuthCode = {
-    /**
-     * Generated code
-     */
-    code: string;
-    /**
-     * Expiration time of the code
-     */
-    expiresAt: string;
+ * Checks if platform authenticator available
+ * */
+export declare const isPlatformAuthenticatorAvailable: () => Promise<boolean>;
+/**
+ * Checks if conditional UI is available
+ * */
+export declare const isConditionalUIAvailable: () => Promise<boolean>;
+type PubKeyCredentialDescriptor = {
+	/**
+	 * Base64 encoded byte array of the public key identifier.
+	 */
+	id: string;
+	transports?: Array<"usb" | "nfc" | "ble" | "internal" | "hybrid" | "cable" | "smart-card">;
+	/**
+	 * The valid credential types.
+	 */
+	type: "public-key";
 };
-
-type UserLogin = {
-    /**
-     * Username
-     */
-    username: string;
-    /**
-     * Username type
-     */
-    usernameType?: 'email' | 'phone' | 'other';
+type PublicKeyCredentialRequestOptions = {
+	/**
+	 * A list of PublicKeyCredentialDescriptor objects representing public key
+	 * credentials acceptable to the caller, in descending order of the caller’s
+	 * preference (the first item in the list is the most preferred credential,
+	 * and so on down the list).
+	 */
+	allowCredentials?: Array<PubKeyCredentialDescriptor>;
+	/**
+	 * This base64 encoded byte array represents a challenge that the selected
+	 * authenticator signs, along with other data, when producing an authentication
+	 * assertion.
+	 */
+	challenge: string;
+	/**
+	 * Additional parameters requesting additional processing by the client and
+	 * authenticator. For example, if transaction confirmation is sought from the
+	 * user, then the prompt string might be included as an extension.
+	 */
+	extensions?: Record<string, any>;
+	/**
+	 * The relying party identifier claimed by the caller. If omitted, its value will
+	 * be the CredentialsContainer object’s relevant settings object's origin's
+	 * effective domain.
+	 */
+	rpId?: string;
+	/**
+	 * Specifies a time, in milliseconds, that the caller is willing
+	 * to wait for the call to complete. The value is treated as a
+	 * hint, and MAY be overridden by the client.
+	 */
+	timeout?: number;
+	/**
+	 * User verification requirement
+	 */
+	userVerification?: "required" | "preferred" | "discouraged";
 };
-
-type AuthCodeRequestSMSRequestBody = {
-    user: UserLogin;
+type AuthenticatorSelectionCriteria = {
+	/**
+	 * Authenticator attachment modality
+	 */
+	authenticatorAttachment?: "platform" | "cross-platform";
+	/**
+	 * Resident key requirement
+	 */
+	requireResidentKey?: boolean;
+	/**
+	 * Resident key requirement
+	 */
+	residentKey?: "discouraged" | "preferred" | "required";
+	/**
+	 * User verification requirement
+	 */
+	userVerification?: "required" | "preferred" | "discouraged";
 };
-
-type AuthCodeVerifyRequestBody = {
-    /**
-     * Authentication code
-     */
-    authCode: string;
-    user: UserLogin;
+type PublicKeyCredentialParameters = {
+	/**
+	 * A cryptographic signature algorithm with which the newly generated credential
+	 * will be used, and thus also the type of asymmetric key pair to be generated,
+	 * e.g., RSA or Elliptic Curve.
+	 */
+	alg?: -7 | -35 | -36 | -257 | -8;
+	/**
+	 * The valid credential types.
+	 */
+	type?: "public-key";
+};
+type PublicKeyCredentialUserEntity = {
+	displayName: string;
+	id: string;
+	name: string;
+};
+type PublicKeyCredentialRpEntity = {
+	/**
+	 * A unique identifier for the Relying Party entity, which sets the RP ID.
+	 */
+	id?: string;
+	/**
+	 * Relaying party name
+	 */
+	name: string;
+};
+type PublicKeyCredentialCreationOptions = {
+	attestation?: "none" | "indirect" | "direct" | "enterprise";
+	authenticatorSelection?: AuthenticatorSelectionCriteria;
+	/**
+	 * This base64 encoded byte array represents a challenge that
+	 * the selected authenticator signs, along with other data, when
+	 * producing an authentication assertion.
+	 */
+	challenge: string;
+	/**
+	 * List of credentials to limit the creation of multiple credentials for the same
+	 * account on a single authenticator. The client is requested to return an error
+	 * if the new credential would be created on an authenticator that also contains
+	 * one of the credentials enumerated in this parameter.
+	 */
+	excludeCredentials?: Array<PubKeyCredentialDescriptor>;
+	/**
+	 * Additional parameters requesting processing by the client and authenticator.
+	 */
+	extensions?: Record<string, any>;
+	/**
+	 * This member contains information about the desired properties of the credential
+	 * to be created. The sequence is ordered from most preferred to least preferred.
+	 * The client makes a best-effort to create the most preferred credential that it
+	 * can.
+	 */
+	pubKeyCredParams: Array<PublicKeyCredentialParameters>;
+	rp: PublicKeyCredentialRpEntity;
+	/**
+	 * This OPTIONAL member specifies a time, in milliseconds,
+	 * that the caller is willing to wait for the call to complete. The
+	 * value is treated as a hint, and MAY be overridden by the client.
+	 */
+	timeout?: number;
+	user: PublicKeyCredentialUserEntity;
 };
-
 type AuthenticatorAssertionResponse = {
-    /**
-     * A base64 encoded authenticator data structure encodes contextual bindings
-     * made by the authenticator.
-     */
-    authenticatorData: string;
-    /**
-     * Base64 encoded byte array which is a JSON-compatible serialization of client data
-     * passed to the authenticator by the client in order to generate this assertion.
-     * The exact JSON serialization MUST be preserved, as the hash of the serialized
-     * client data has been computed over it.
-     */
-    clientDataJSON: string;
-    /**
-     * A base64 encoded byte sequence identifying a public key credential
-     * source and its authentication assertions.
-     */
-    credentialId: string;
-    /**
-     * Base64 encoded the raw signature returned from the authenticator.
-     */
-    signature: string;
-    /**
-     * User handle returned from the authenticator, or null if the authenticator did not return a user handle.
-     */
-    userHandle?: string;
+	/**
+	 * A base64 encoded authenticator data structure encodes contextual bindings
+	 * made by the authenticator.
+	 */
+	authenticatorData: string;
+	/**
+	 * Base64 encoded byte array which is a JSON-compatible serialization of client data
+	 * passed to the authenticator by the client in order to generate this assertion.
+	 * The exact JSON serialization MUST be preserved, as the hash of the serialized
+	 * client data has been computed over it.
+	 */
+	clientDataJSON: string;
+	/**
+	 * A base64 encoded byte sequence identifying a public key credential
+	 * source and its authentication assertions.
+	 */
+	credentialId: string;
+	/**
+	 * Base64 encoded the raw signature returned from the authenticator.
+	 */
+	signature: string;
+	/**
+	 * User handle returned from the authenticator, or null if the authenticator did not return a user handle.
+	 */
+	userHandle?: string;
 };
-
 type AuthCompleteRequestBody = {
-    assertionResult: AuthenticatorAssertionResponse;
-    /**
-     * An opaque object containing session data.
-     */
-    session: string;
+	assertionResult: AuthenticatorAssertionResponse;
+	/**
+	 * An opaque object containing session data.
+	 */
+	session: string;
 };
-
-type PubKeyCredentialDescriptor = {
-    /**
-     * Base64 encoded byte array of the public key identifier.
-     */
-    id: string;
-    transports?: Array<'usb' | 'nfc' | 'ble' | 'internal' | 'hybrid' | 'cable' | 'smart-card'>;
-    /**
-     * The valid credential types.
-     */
-    type: 'public-key';
+type AuthInit = {
+	/**
+	 * An action to be performed by the front-end to complete the authentication flow.
+	 */
+	action: "proceed" | "crossAuth" | "fallback";
+	assertionOptions: PublicKeyCredentialRequestOptions;
+	/**
+	 * List of cross authentication methods in the order of preference
+	 */
+	crossAuthMethods: Array<"otp" | "otp:sms" | "otp:email">;
+	/**
+	 * The list contains available fallback methods in the order of preference. The
+	 * list is dynamic and shall not be cached. The default fallback mechanism is
+	 * the one provided by CIAM but our system may provide additional ones as well.
+	 * These methods may be enabled by customer via application configuration but
+	 * they are disabled by default. The list may be empty which means no fallback
+	 * is available and authentication flow shall terminate at this point.
+	 */
+	fallbackMethods: Array<"ciam">;
+	/**
+	 * Type of passkey supported by the client.
+	 */
+	passkeyType?: string;
+	/**
+	 * An opaque object containing session data.
+	 */
+	session: string;
 };
-
-type PublicKeyCredentialRequestOptions = {
-    /**
-     * A list of PublicKeyCredentialDescriptor objects representing public key
-     * credentials acceptable to the caller, in descending order of the caller’s
-     * preference (the first item in the list is the most preferred credential,
-     * and so on down the list).
-     */
-    allowCredentials?: Array<PubKeyCredentialDescriptor>;
-    /**
-     * This base64 encoded byte array represents a challenge that the selected
-     * authenticator signs, along with other data, when producing an authentication
-     * assertion.
-     */
-    challenge: string;
-    /**
-     * Additional parameters requesting additional processing by the client and
-     * authenticator. For example, if transaction confirmation is sought from the
-     * user, then the prompt string might be included as an extension.
-     */
-    extensions?: Record<string, any>;
-    /**
-     * The relying party identifier claimed by the caller. If omitted, its value will
-     * be the CredentialsContainer object’s relevant settings object's origin's
-     * effective domain.
-     */
-    rpId?: string;
-    /**
-     * Specifies a time, in milliseconds, that the caller is willing
-     * to wait for the call to complete. The value is treated as a
-     * hint, and MAY be overridden by the client.
-     */
-    timeout?: number;
-    /**
-     * User verification requirement
-     */
-    userVerification?: 'required' | 'preferred' | 'discouraged';
+type CreationResult = {
+	/**
+	 * Base64 encoded byte array containing an attestation object, which is opaque to,
+	 * and cryptographically protected against tampering by, the client.
+	 */
+	attestationObject: string;
+	/**
+	 * A base64 encoded authenticator data structure encodes contextual bindings
+	 * made by the authenticator.
+	 */
+	authenticatorData?: string;
+	/**
+	 * Base64 encoded byte array which is a JSON-compatible serialization of client data
+	 * passed to the authenticator by the client in order to generate this credential.
+	 * The exact JSON serialization MUST be preserved, as the hash of the serialized
+	 * client data has been computed over it.
+	 */
+	clientDataJSON: string;
+	/**
+	 * A base64 encoded byte sequence identifying a public key credential
+	 * source and its authentication assertions.
+	 */
+	credentialId: string;
+	/**
+	 * Base64 encoded DER SubjectPublicKeyInfo of the new credential, or null if this is
+	 * not available.
+	 */
+	publicKey?: string;
+	publicKeyAlgorithm?: number;
+	/**
+	 * These values are the transports that the authenticator is believed to support,
+	 * or an empty sequence if the information is unavailable.
+	 */
+	transports?: Array<"usb" | "nfc" | "ble" | "internal" | "hybrid" | "cable" | "smart-card">;
 };
-
+type RegCompleteRequestBody = {
+	creationResult: CreationResult;
+	/**
+	 * An opaque object containing session data.
+	 */
+	session: string;
+};
+type RegInit = {
+	/**
+	 * An action to be performed by the front-end to complete the registration flow.
+	 */
+	action: "proceed" | "signIn" | "fail";
+	registrationRequestOptions: PublicKeyCredentialCreationOptions;
+	/**
+	 * An opaque object containing session data.
+	 */
+	session: string;
+};
+interface GetNavigatorCredentialOptions {
+	autoFill?: boolean;
+	abortController?: AbortController;
+}
+interface GetPasskeyCredentialOptions {
+	autoFill?: boolean;
+	abortController?: AbortController;
+}
+interface AuthzTokenOptions {
+	authzToken?: string;
+}
+interface SessionInfo {
+	/**
+	 * Current authenticated user's username.
+	 */
+	username: string;
+	/**
+	 * Current authenticated user's ID.
+	 */
+	id: string;
+}
+interface LoginIDTokenSet {
+	/**
+	 * The ID token representing the authenticated session.
+	 */
+	idToken: string;
+	/**
+	 * The access token used for authorization.
+	 */
+	accessToken: string;
+	/**
+	 * The refresh token used to obtain new access tokens.
+	 */
+	refreshToken: string;
+	/**
+	 * A JSON Web Signature (JWS) that provides cryptographic proof of the payload's integrity.
+	 * Ensures that the authentication data has not been tampered with.
+	 */
+	payloadSignature?: string;
+}
+type PasskeyErrorCode = "ERROR_PASSKEY_ABORTED" | "ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED" | "ERROR_USER_VERIFICATION_UNSUPPORTED" | "ERROR_PASSKEY_EXISTS" | "ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD" | "ERROR_ALGORITHMS_UNSUPPORTED" | "ERROR_DOMAIN_MISMATCH" | "ERROR_AUTHENTICATOR_UNKNOWN_ERROR";
 /**
- * FIDO2 authentication response
+ * Error class for passkey-related errors.
  */
-type AuthInit = {
-    /**
-     * An action to be performed by the front-end to complete the authentication flow.
-     */
-    action: 'proceed' | 'crossAuth' | 'fallback';
-    assertionOptions: PublicKeyCredentialRequestOptions;
-    /**
-     * List of cross authentication methods in the order of preference
-     */
-    crossAuthMethods: Array<'otp' | 'otp:sms' | 'otp:email'>;
-    /**
-     * The list contains available fallback methods in the order of preference. The
-     * list is dynamic and shall not be cached. The default fallback mechanism is
-     * the one provided by CIAM but our system may provide additional ones as well.
-     * These methods may be enabled by customer via application configuration but
-     * they are disabled by default. The list may be empty which means no fallback
-     * is available and authentication flow shall terminate at this point.
-     */
-    fallbackMethods: Array<'ciam'>;
-    /**
-     * Type of passkey supported by the client.
-     */
-    passkeyType?: string;
-    /**
-     * An opaque object containing session data.
-     */
-    session: string;
-};
-
+export declare class PasskeyError extends Error {
+	readonly code: PasskeyErrorCode;
+	/**
+	 * Initializes a new instance of PasskeyError with the provided message, code, and original error.
+	 *
+	 * @type {Error}
+	 * @memberof PasskeyError
+	 */
+	constructor(message: string, code: PasskeyErrorCode, originalError: Error);
+}
+export declare class WebAuthnHelper {
+	/**
+	 * A helper function that attempts public-key credential authentication using WebAuthn API. It is designed to be used with LoginID's
+	 * passkey authentication flow. The function takes an authentication initialization response and returns an authentication completion request body.
+	 */
+	static getNavigatorCredential(authInitResponseBody: AuthInit, options?: GetNavigatorCredentialOptions): Promise<AuthCompleteRequestBody>;
+	/**
+	 * A helper function that creates a public-key credential using WebAuthn API.
+	 * It processes the response body from registration initialization and returns
+	 * a registration completion request body.
+	 */
+	static createNavigatorCredential(regInitResponseBody: RegInit): Promise<RegCompleteRequestBody>;
+}
 /**
- * Application making the request. It contains additional info about the caller
- * to distinguish between tenants.
+ * Asynchronously creates a passkey credential using the provided registration response.
+ *
+ * @param {IRegisterPasskeyInitResponse} init - The registration initiation response.
+ * @returns {Promise<PublicKeyCredential>} A promise that resolves to the passkey credential.
+ * @throws {LoginIdError} If any errors occur during credential creation or if the credential type is invalid.
  */
-type Application = {
-    /**
-     * Unique application id
-     */
-    id: string;
-    /**
-     * App authorization token signed with application key.
-     */
-    token?: string;
-};
-
+export declare const createPasskeyCredential: (init: PublicKeyCredentialCreationOptions) => Promise<PublicKeyCredential>;
 /**
- * Information about the device. All of these attributes are optional and should
- * be provided on best effort basis. If provide, they will be taken into
- * consideration in order to improve user experience.
+ * Asynchronously retrieves a passkey credential for authentication using the provided request options.
+ *
+ * @param {publicKeyCredentialRequestOptionsResponseBody} init - The authentication initiation response.
+ * @param {AuthenticateWithPasskeysOptions} options - Additional options for the authentication request.
+ * @returns {Promise<PublicKeyCredential>} A promise that resolves to the passkey credential.
  */
-type DeviceInfo = {
-    /**
-     * Client name
-     */
-    clientName?: string;
-    /**
-     * Client type.
-     */
-    clientType?: 'browser' | 'other';
-    /**
-     * Client version
-     */
-    clientVersion?: string;
-    /**
-     * An unique device identifier
-     */
-    deviceId?: string;
-    /**
-     * Last use timestamp in rfc3339 format
-     */
-    lastUsedAt?: string;
-    /**
-     * OS architecture
-     */
-    osArch?: string;
-    /**
-     * OS name
-     */
-    osName?: string;
-    /**
-     * OS version
-     */
-    osVersion?: string;
-    /**
-     * Screen height in pixels
-     */
-    screenHeight?: number;
-    /**
-     * Screen width in pixels
-     */
-    screenWidth?: number;
+export declare const getPasskeyCredential: (init: PublicKeyCredentialRequestOptions, options?: GetPasskeyCredentialOptions) => Promise<PublicKeyCredential>;
+/**
+ * Error class for abort-related errors.
+ */
+export declare class AbortError extends Error {
+	/**
+	 * Initializes a new instance of AbortError with the provided message.
+	 *
+	 * @type {Error}
+	 * @memberof AbortError
+	 */
+	constructor(message: string);
+}
+type User = {
+	/**
+	 * Display Name
+	 */
+	displayName?: string;
+	/**
+	 * Username
+	 */
+	username: string;
+	/**
+	 * Username type
+	 */
+	usernameType: "email" | "phone" | "other";
 };
-
-type AuthInitRequestBody = {
-    app: Application;
-    deviceInfo: DeviceInfo;
-    trustInfo?: string;
-    user?: UserLogin;
+type MfaOption = {
+	/**
+	 * Human readable label
+	 */
+	label?: string;
+	/**
+	 * Option name
+	 */
+	name?: string;
+	/**
+	 * Option value to be used in the next request
+	 */
+	value: string;
 };
-
-type JWT = {
-    /**
-     * Device ID
-     */
-    deviceId?: string;
-    /**
-     * JWT access token
-     */
-    jwtAccess: string;
-    /**
-     * Passkey ID
-     */
-    passkeyId?: string;
-    /**
-     * User ID
-     */
-    userId: string;
+type MfaAction = {
+	action: {
+		/**
+		 * Action description
+		 */
+		desc?: string;
+		/**
+		 * Human readable action label
+		 */
+		label: string;
+		/**
+		 * Next Action to be performed.
+		 */
+		name: "passkey:reg" | "passkey:auth" | "passkey:tx" | "otp:email" | "otp:sms" | "otp:verify" | "external";
+	};
+	/**
+	 * Additional options associated with the action.
+	 */
+	options?: Array<MfaOption>;
 };
-
-declare class AuthService {
-    readonly httpRequest: BaseHttpRequest;
-    constructor(httpRequest: BaseHttpRequest);
-    /**
-     * Complete WebAuthn authentication
-     * @returns JWT OK response.
-     * @throws ApiError
-     */
-    authAuthComplete({ requestBody, }: {
-        requestBody: AuthCompleteRequestBody;
-    }): CancelablePromise<JWT>;
-    /**
-     * Start WebAuthn authentication flow
-     * @returns AuthInit OK response.
-     * @throws ApiError
-     */
-    authAuthInit({ requestBody, userAgent, }: {
-        requestBody: AuthInitRequestBody;
-        /**
-         * Raw user-agent header as set by a browser
-         */
-        userAgent?: string;
-    }): CancelablePromise<AuthInit>;
-    /**
-     * Request OTP code by an authenticated user
-     * An authenticated user can request an authentication code directly using this
-     * method. The code can be used for authentication from another device.
-     * @returns AuthCode OK response.
-     * @throws ApiError
-     */
-    authAuthCodeRequest({ authorization, }: {
-        /**
-         * JWT Authorization header
-         */
-        authorization?: string;
-    }): CancelablePromise<AuthCode>;
-    /**
-     * Request OTP code to be sent via email.
-     * Send authentication code to the provided email. The SMS will only be sent
-     * if the email address is known to the application, however, this method will
-     * return success regardless.
-     * @returns void
-     * @throws ApiError
-     */
-    authAuthCodeRequestEmail({ requestBody, }: {
-        requestBody: AuthCodeRequestSMSRequestBody;
-    }): CancelablePromise<void>;
-    /**
-     * Request OTP code to be sent via SMS.
-     * Send authentication code to the provided phone number. The SMS will only be
-     * sent if the phone is registered with the application, however, it will return
-     * success regardless.
-     * @returns void
-     * @throws ApiError
-     */
-    authAuthCodeRequestSms({ requestBody, }: {
-        requestBody: AuthCodeRequestSMSRequestBody;
-    }): CancelablePromise<void>;
-    /**
-     * Verify authentication code and return JWT access token with appropriate scopes
-     * @returns JWT OK response.
-     * @throws ApiError
-     */
-    authAuthCodeVerify({ requestBody, }: {
-        requestBody: AuthCodeVerifyRequestBody;
-    }): CancelablePromise<JWT>;
+type Mfa = {
+	/**
+	 * An authorization token (JWT) confirming successful authentication.
+	 */
+	accessToken: string;
+	/**
+	 * Device ID
+	 */
+	deviceId?: string;
+	/**
+	 * The current flow type.
+	 */
+	flow: "signIn" | "signUp";
+	/**
+	 * An authorization token (JWT) confirming successful authentication.
+	 */
+	idToken: string;
+	/**
+	 * Base64 encoded payload object
+	 */
+	payload: string;
+	/**
+	 * A digital signature (JWS) of the payload.
+	 */
+	payloadSignature: string;
+	/**
+	 * An authorization token (JWT) confirming successful authentication.
+	 */
+	refreshToken: string;
+};
+type UsernameType = User["usernameType"];
+type MfaFactorName = MfaAction["action"]["name"];
+type MfaFlow = Mfa["flow"];
+interface LoginIDConfig {
+	/**
+	 * The base URL for LoginID FIDO service which can be obtained on the [dashboard](https://dashboard.loginid.io).
+	 */
+	baseUrl: string;
+	/**
+	 * The optional app ID for specific application.
+	 */
+	appId?: string;
 }
-
-type Aaguid = {
-    /**
-     * Dark Icon of the AAGUID Vendor
-     */
-    iconDark: string;
-    /**
-     * Light Icon of the AAGUID Vendor
-     */
-    iconLight: string;
-    /**
-     * AAGUID
-     */
-    id: string;
-    /**
-     * Name of the AAGUID Vendor
-     */
-    name: string;
+interface LoginIDMfaConfig {
+	/**
+	 * The base URL for LoginID FIDO service which can be obtained on the [dashboard](https://dashboard.loginid.io).
+	 */
+	baseUrl: string;
+	/**
+	 * The optional app ID for specific application.
+	 */
+	appId?: string;
+}
+interface MfaBeginOptions {
+	/**
+	 * A human-palatable name for the user account, intended only for display on your passkeys and modals.
+	 */
+	displayName?: string;
+	/**
+	 * The type of username validation to be used. Defaults to **`other`**.
+	 */
+	usernameType?: UsernameType;
+	/**
+	 * A string representing transaction details for confirmation during MFA.
+	 * This can be any descriptive text, but using a JSON-formatted string is recommended
+	 * for structured transaction details.
+	 *
+	 * Example (plain text):
+	 * ```
+	 * Payment of $100 to John Doe
+	 * ```
+	 *
+	 * Example (JSON):
+	 * ```json
+	 * {
+	 *   "transactionId": "12345",
+	 *   "amount": "100.00",
+	 *   "currency": "USD",
+	 *   "recipient": "john.doe@example.com"
+	 * }
+	 * ```
+	 */
+	txPayload?: string;
+	/**
+	 * An identifier generated on the merchant side to identify the current checkout session.
+	 * This identifier is used as a key to retrieve associated trust information.
+	 *
+	 * It is passed to the wallet to link the session with wallet-issued identity data,
+	 * enabling secure transaction confirmation without revealing end-user identity to the merchant.
+	 */
+	checkoutId?: string;
+}
+interface MfaPerformActionOptions {
+	/**
+	 * The MFA state session.
+	 * This should be obtained from a previous MFA request or initiation step.
+	 */
+	session?: string;
+	/**
+	 * The payload required for completing the authentication factor.
+	 * This typically contains user input or challenge-response data.
+	 */
+	payload?: string;
+	/**
+	 * Enables passkey support in browser autofill suggestions (conditional UI), if supported.
+	 */
+	autoFill?: boolean;
+}
+interface RemainingFactor {
+	/**
+	 * The type of the MFA factor, such as passkey or OTP via email or SMS.
+	 * Use this value in performAction to initiate the factor.
+	 */
+	type: MfaFactorName;
+	/**
+	 * A user-friendly label for the factor, providing context on how it should be used.
+	 */
+	label: string;
+	/**
+	 * A description of the MFA factor, explaining its purpose or instructions for completion.
+	 */
+	description?: string;
+	/**
+	 * A unique token for authentication, useful for advanced MFA flows across multiple devices.
+	 *
+	 * This is available for the following MFA factor:
+	 * - passkey
+	 *
+	 * Example: To authenticate or add a passkey on another device, pass this value
+	 * along with the session token to continue the MFA process.
+	 */
+	value?: string;
+	/**
+	 * A list of available options for the MFA factor, if applicable.
+	 *
+	 * Supported for the following MFA factors:
+	 * - otp:email
+	 * - otp:sms
+	 *
+	 * Typically includes valid email addresses or phone numbers for OTP delivery.
+	 */
+	options?: string[];
+}
+interface MfaSessionResult {
+	/**
+	 * The MFA flow type indicating whether the session is part of sign-in or sign-up.
+	 * This helps differentiate between authentication scenarios.
+	 */
+	flow?: MfaFlow;
+	/**
+	 * List of MFA factors that still need to be completed for authentication.
+	 * If this list is empty, the authentication process is complete.
+	 */
+	remainingFactors: RemainingFactor[];
+	/**
+	 * The username associated with the authentication session.
+	 * This may be undefined if not provided or applicable.
+	 */
+	username?: string;
+	/**
+	 * Indicates whether the MFA session is complete.
+	 * If `true`, all required factors have been successfully validated.
+	 */
+	isComplete: boolean;
+	/**
+	 * The MFA state session.
+	 * This should be obtained from a previous MFA request or initiation step.
+	 */
+	session?: string;
+	/**
+	 * A JSON Web Token (JWT) issued upon successful authentication.
+	 * Used to verify user identity and grant access to protected resources.
+	 */
+	idToken?: string;
+	/**
+	 * A JSON Web Token (JWT) used for authorizing API requests.
+	 * This token grants access to user-specific resources and actions.
+	 */
+	accessToken?: string;
+	/**
+	 * A token used to obtain new access and ID tokens after expiration.
+	 * This helps maintain user sessions without requiring re-authentication.
+	 */
+	refreshToken?: string;
+	/**
+	 * A JSON Web Signature (JWS) that provides cryptographic proof of the payload's integrity.
+	 * Ensures that the authentication data has not been tampered with.
+	 */
+	payloadSignature?: string;
+	/**
+	 * The next recommended MFA factor action to take.
+	 * Indicates which MFA factor the user should complete next in order to proceed.
+	 */
+	nextAction?: MfaFactorName;
+}
+interface VerifyConfigResult {
+	/**
+	 * Indicates whether the configuration is valid.
+	 */
+	isValid: boolean;
+	/**
+	 * Suggested solution to fix any configuration issues.
+	 */
+	solution?: string;
+	/**
+	 * A message describing the issue with the configuration, if any.
+	 */
+	message?: string;
+	/**
+	 * A code representing the error type.
+	 */
+	code?: string;
+}
+declare class LoginIDConfigValidator {
+	/**
+	 * Holds the configuration settings for the LoginID integration, including API base URL and optional app ID.
+	 */
+	private readonly config;
+	/**
+	 * Constructs a new instance of the LoginIDConfigValidator class, initializing with the provided configuration.
+	 * @param {LoginIDConfig} config Configuration object for LoginID API, including the base URL and optional app ID.
+	 */
+	constructor(config: LoginIDConfig);
+	/**
+	 * Retrieves the application ID from the configuration or extracts it from the base URL if not provided.
+	 * @returns {string} The application ID.
+	 * @throws {Error} If the app ID is not found in the configuration or the base URL, throws an error.
+	 */
+	getAppId(): string;
+}
+type MfaNext = {
+	/**
+	 * The current flow type.
+	 */
+	flow?: "signIn" | "signUp";
+	/**
+	 * Additional info displayed to the user
+	 */
+	msg: string;
+	/**
+	 * Message code
+	 */
+	msgCode: string;
+	next?: Array<MfaAction>;
+	/**
+	 * An opaque "session" object to be used with the subsequent API call for maintaining flow state.
+	 */
+	session?: string;
 };
-
-type Passkey = {
-    /**
-     * AAGUID of passkey provider
-     */
-    aaguid: string;
-    /**
-     * Timestamp in RFC3339 format.
-     */
-    createdAt: string;
-    /**
-     * Credential available on multiple devices
-     */
-    credentialSynced?: boolean;
-    /**
-     * Internal passkey ID that uniquely identifies a passkey
-     */
-    id: string;
-    /**
-     * Last use timestamp in rfc3339 format
-     */
-    lastUsedAt?: string;
-    lastUsedFromDevice?: DeviceInfo;
-    /**
-     * Name of the passkey
-     */
-    name: string;
-    /**
-     * Name of the passkey provider
-     */
-    providerName?: string;
+type ApiRequestOptions = {
+	readonly method: "GET" | "PUT" | "POST" | "DELETE" | "OPTIONS" | "HEAD" | "PATCH";
+	readonly url: string;
+	readonly path?: Record<string, any>;
+	readonly cookies?: Record<string, any>;
+	readonly headers?: Record<string, any>;
+	readonly query?: Record<string, any>;
+	readonly formData?: Record<string, any>;
+	readonly body?: any;
+	readonly mediaType?: string;
+	readonly responseHeader?: string;
+	readonly errors?: Record<number, string>;
 };
-
-type PasskeyCollection = Array<Passkey>;
-
+interface OnCancel {
+	readonly isResolved: boolean;
+	readonly isRejected: boolean;
+	readonly isCancelled: boolean;
+	(cancelHandler: () => void): void;
+}
+declare class CancelablePromise<T> implements Promise<T> {
+	#private;
+	constructor(executor: (resolve: (value: T | PromiseLike<T>) => void, reject: (reason?: any) => void, onCancel: OnCancel) => void);
+	get [Symbol.toStringTag](): string;
+	then<TResult1 = T, TResult2 = never>(onFulfilled?: ((value: T) => TResult1 | PromiseLike<TResult1>) | null, onRejected?: ((reason: any) => TResult2 | PromiseLike<TResult2>) | null): Promise<TResult1 | TResult2>;
+	catch<TResult = never>(onRejected?: ((reason: any) => TResult | PromiseLike<TResult>) | null): Promise<T | TResult>;
+	finally(onFinally?: (() => void) | null): Promise<T>;
+	cancel(): void;
+	get isCancelled(): boolean;
+}
+type Resolver<T> = (options: ApiRequestOptions) => Promise<T>;
+type Headers = Record<string, string>;
+type OpenAPIConfig = {
+	BASE: string;
+	VERSION: string;
+	WITH_CREDENTIALS: boolean;
+	CREDENTIALS: "include" | "omit" | "same-origin";
+	TOKEN?: string | Resolver<string> | undefined;
+	USERNAME?: string | Resolver<string> | undefined;
+	PASSWORD?: string | Resolver<string> | undefined;
+	HEADERS?: Headers | Resolver<Headers> | undefined;
+	ENCODE_PATH?: ((path: string) => string) | undefined;
+};
+declare abstract class BaseHttpRequest {
+	readonly config: OpenAPIConfig;
+	constructor(config: OpenAPIConfig);
+	abstract request<T>(options: ApiRequestOptions): CancelablePromise<T>;
+}
 type PasskeyRenameRequestBody = {
-    /**
-     * Internal passkey identifier
-     */
-    name: string;
+	/**
+	 * Internal passkey identifier
+	 */
+	name: string;
+};
+export type Passkey = {
+	/**
+	 * AAGUID of passkey provider
+	 */
+	aaguid: string;
+	/**
+	 * Timestamp in RFC3339 format.
+	 */
+	createdAt: string;
+	/**
+	 * Credential available on multiple devices
+	 */
+	credentialSynced?: boolean;
+	/**
+	 * Internal passkey ID that uniquely identifies a passkey
+	 */
+	id: string;
+	/**
+	 * Last use timestamp in rfc3339 format
+	 */
+	lastUsedAt?: string;
+	lastUsedFromDevice?: DeviceInfo;
+	/**
+	 * Name of the passkey
+	 */
+	name: string;
+	/**
+	 * Name of the passkey provider
+	 */
+	providerName?: string;
+};
+export type PasskeyCollection = Array<Passkey>;
+type Aaguid = {
+	/**
+	 * Dark Icon of the AAGUID Vendor
+	 */
+	iconDark: string;
+	/**
+	 * Light Icon of the AAGUID Vendor
+	 */
+	iconLight: string;
+	/**
+	 * AAGUID
+	 */
+	id: string;
+	/**
+	 * Name of the AAGUID Vendor
+	 */
+	name: string;
 };
-
 declare class PasskeysService {
-    readonly httpRequest: BaseHttpRequest;
-    constructor(httpRequest: BaseHttpRequest);
-    /**
-     * List passkeys of the user
-     * @returns PasskeyCollection OK response.
-     * @throws ApiError
-     */
-    passkeysPasskeysList({ authorization, }: {
-        /**
-         * JWT Authorization header
-         */
-        authorization?: string;
-    }): CancelablePromise<PasskeyCollection>;
-    /**
-     * Delete passkey
-     * @returns void
-     * @throws ApiError
-     */
-    passkeysPasskeyDelete({ id, authorization, }: {
-        /**
-         * Internal passkey identifier
-         */
-        id: string;
-        /**
-         * JWT Authorization header
-         */
-        authorization?: string;
-    }): CancelablePromise<void>;
-    /**
-     * Rename passkey
-     * @returns void
-     * @throws ApiError
-     */
-    passkeysPasskeyRename({ id, requestBody, authorization, }: {
-        /**
-         * Internal passkey identifier
-         */
-        id: string;
-        requestBody: PasskeyRenameRequestBody;
-        /**
-         * JWT Authorization header
-         */
-        authorization?: string;
-    }): CancelablePromise<void>;
-    /**
-     * Get AAGUID Metadata
-     * @returns Aaguid OK response.
-     * @throws ApiError
-     */
-    passkeysAaguidMetadata({ aaguid, authorization, }: {
-        /**
-         * AAGUID identifier
-         */
-        aaguid: string;
-        /**
-         * JWT Authorization header
-         */
-        authorization?: string;
-    }): CancelablePromise<Aaguid>;
+	readonly httpRequest: BaseHttpRequest;
+	constructor(httpRequest: BaseHttpRequest);
+	/**
+	 * List passkeys of the user
+	 * @returns PasskeyCollection OK response.
+	 * @throws ApiError
+	 */
+	passkeysPasskeysList({ authorization, }: {
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<PasskeyCollection>;
+	/**
+	 * Delete passkey
+	 * @returns void
+	 * @throws ApiError
+	 */
+	passkeysPasskeyDelete({ id, authorization, }: {
+		/**
+		 * Internal passkey identifier
+		 */
+		id: string;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<void>;
+	/**
+	 * Rename passkey
+	 * @returns void
+	 * @throws ApiError
+	 */
+	passkeysPasskeyRename({ id, requestBody, authorization, }: {
+		/**
+		 * Internal passkey identifier
+		 */
+		id: string;
+		requestBody: PasskeyRenameRequestBody;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<void>;
+	/**
+	 * Get AAGUID Metadata
+	 * @returns Aaguid OK response.
+	 * @throws ApiError
+	 */
+	passkeysAaguidMetadata({ aaguid, authorization, }: {
+		/**
+		 * AAGUID identifier
+		 */
+		aaguid: string;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<Aaguid>;
 }
-
-type CreationResult = {
-    /**
-     * Base64 encoded byte array containing an attestation object, which is opaque to,
-     * and cryptographically protected against tampering by, the client.
-     */
-    attestationObject: string;
-    /**
-     * A base64 encoded authenticator data structure encodes contextual bindings
-     * made by the authenticator.
-     */
-    authenticatorData?: string;
-    /**
-     * Base64 encoded byte array which is a JSON-compatible serialization of client data
-     * passed to the authenticator by the client in order to generate this credential.
-     * The exact JSON serialization MUST be preserved, as the hash of the serialized
-     * client data has been computed over it.
-     */
-    clientDataJSON: string;
-    /**
-     * A base64 encoded byte sequence identifying a public key credential
-     * source and its authentication assertions.
-     */
-    credentialId: string;
-    /**
-     * Base64 encoded DER SubjectPublicKeyInfo of the new credential, or null if this is
-     * not available.
-     */
-    publicKey?: string;
-    publicKeyAlgorithm?: number;
-    /**
-     * These values are the transports that the authenticator is believed to support,
-     * or an empty sequence if the information is unavailable.
-     */
-    transports?: Array<'usb' | 'nfc' | 'ble' | 'internal' | 'hybrid' | 'cable' | 'smart-card'>;
+type UserLogin = {
+	/**
+	 * Username
+	 */
+	username: string;
+	/**
+	 * Username type
+	 */
+	usernameType?: "email" | "phone" | "other";
 };
-
-type RegCompleteRequestBody = {
-    creationResult: CreationResult;
-    /**
-     * An opaque object containing session data.
-     */
-    session: string;
+type AuthCodeRequestSMSRequestBody = {
+	user: UserLogin;
 };
-
-type AuthenticatorSelectionCriteria = {
-    /**
-     * Authenticator attachment modality
-     */
-    authenticatorAttachment?: 'platform' | 'cross-platform';
-    /**
-     * Resident key requirement
-     */
-    requireResidentKey?: boolean;
-    /**
-     * Resident key requirement
-     */
-    residentKey?: 'discouraged' | 'preferred' | 'required';
-    /**
-     * User verification requirement
-     */
-    userVerification?: 'required' | 'preferred' | 'discouraged';
+type AuthCodeVerifyRequestBody = {
+	/**
+	 * Authentication code
+	 */
+	authCode: string;
+	user: UserLogin;
 };
-
-/**
- * Additional parameters when creating a new credential.
- */
-type PublicKeyCredentialParameters = {
-    /**
-     * A cryptographic signature algorithm with which the newly generated credential
-     * will be used, and thus also the type of asymmetric key pair to be generated,
-     * e.g., RSA or Elliptic Curve.
-     */
-    alg?: -7 | -35 | -36 | -257 | -8;
-    /**
-     * The valid credential types.
-     */
-    type?: 'public-key';
+type Application = {
+	/**
+	 * Unique application id
+	 */
+	id: string;
+	/**
+	 * App authorization token signed with application key.
+	 */
+	token?: string;
 };
-
-/**
- * Data about the Relying Party responsible for the request.
- */
-type PublicKeyCredentialRpEntity = {
-    /**
-     * A unique identifier for the Relying Party entity, which sets the RP ID.
-     */
-    id?: string;
-    /**
-     * Relaying party name
-     */
-    name: string;
+type AuthInitRequestBody = {
+	app: Application;
+	deviceInfo: DeviceInfo;
+	/**
+	 * TrustIDs provided with the request
+	 */
+	trustItems?: Record<string, string>;
+	user?: UserLogin;
 };
-
-/**
- * Data about the user account for which the Relying Party is requesting attestation
- */
-type PublicKeyCredentialUserEntity = {
-    displayName: string;
-    id: string;
-    name: string;
+type AuthCode = {
+	/**
+	 * Generated code
+	 */
+	code: string;
+	/**
+	 * Expiration time of the code
+	 */
+	expiresAt: string;
 };
-
-type PublicKeyCredentialCreationOptions = {
-    attestation?: 'none' | 'indirect' | 'direct' | 'enterprise';
-    authenticatorSelection?: AuthenticatorSelectionCriteria;
-    /**
-     * This base64 encoded byte array represents a challenge that
-     * the selected authenticator signs, along with other data, when
-     * producing an authentication assertion.
-     */
-    challenge: string;
-    /**
-     * List of credentials to limit the creation of multiple credentials for the same
-     * account on a single authenticator. The client is requested to return an error
-     * if the new credential would be created on an authenticator that also contains
-     * one of the credentials enumerated in this parameter.
-     */
-    excludeCredentials?: Array<PubKeyCredentialDescriptor>;
-    /**
-     * Additional parameters requesting processing by the client and authenticator.
-     */
-    extensions?: Record<string, any>;
-    /**
-     * This member contains information about the desired properties of the credential
-     * to be created. The sequence is ordered from most preferred to least preferred.
-     * The client makes a best-effort to create the most preferred credential that it
-     * can.
-     */
-    pubKeyCredParams: Array<PublicKeyCredentialParameters>;
-    rp: PublicKeyCredentialRpEntity;
-    /**
-     * This OPTIONAL member specifies a time, in milliseconds,
-     * that the caller is willing to wait for the call to complete. The
-     * value is treated as a hint, and MAY be overridden by the client.
-     */
-    timeout?: number;
-    user: PublicKeyCredentialUserEntity;
+type JWT = {
+	/**
+	 * Device ID
+	 */
+	deviceId?: string;
+	/**
+	 * JWT access token
+	 */
+	jwtAccess: string;
+	/**
+	 * Passkey ID
+	 */
+	passkeyId?: string;
+	/**
+	 * User ID
+	 */
+	userId: string;
 };
-
-/**
- * FIDO2 registration response
- */
-type RegInit = {
-    /**
-     * An action to be performed by the front-end to complete the registration flow.
-     */
-    action: 'proceed' | 'signIn' | 'fail';
-    registrationRequestOptions: PublicKeyCredentialCreationOptions;
-    /**
-     * An opaque object containing session data.
-     */
-    session: string;
+declare class AuthService {
+	readonly httpRequest: BaseHttpRequest;
+	constructor(httpRequest: BaseHttpRequest);
+	/**
+	 * Complete WebAuthn authentication
+	 * @returns JWT OK response.
+	 * @throws ApiError
+	 */
+	authAuthComplete({ requestBody, }: {
+		requestBody: AuthCompleteRequestBody;
+	}): CancelablePromise<JWT>;
+	/**
+	 * Start WebAuthn authentication flow
+	 * @returns AuthInit OK response.
+	 * @throws ApiError
+	 */
+	authAuthInit({ requestBody, userAgent, }: {
+		requestBody: AuthInitRequestBody;
+		/**
+		 * Raw user-agent header as set by a browser
+		 */
+		userAgent?: string;
+	}): CancelablePromise<AuthInit>;
+	/**
+	 * Request OTP code by an authenticated user
+	 * An authenticated user can request an authentication code directly using this
+	 * method. The code can be used for authentication from another device.
+	 * @returns AuthCode OK response.
+	 * @throws ApiError
+	 */
+	authAuthCodeRequest({ authorization, }: {
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<AuthCode>;
+	/**
+	 * Request OTP code to be sent via email.
+	 * Send authentication code to the provided email. The SMS will only be sent
+	 * if the email address is known to the application, however, this method will
+	 * return success regardless.
+	 * @returns void
+	 * @throws ApiError
+	 */
+	authAuthCodeRequestEmail({ requestBody, }: {
+		requestBody: AuthCodeRequestSMSRequestBody;
+	}): CancelablePromise<void>;
+	/**
+	 * Request OTP code to be sent via SMS.
+	 * Send authentication code to the provided phone number. The SMS will only be
+	 * sent if the phone is registered with the application, however, it will return
+	 * success regardless.
+	 * @returns void
+	 * @throws ApiError
+	 */
+	authAuthCodeRequestSms({ requestBody, }: {
+		requestBody: AuthCodeRequestSMSRequestBody;
+	}): CancelablePromise<void>;
+	/**
+	 * Verify authentication code and return JWT access token with appropriate scopes
+	 * @returns JWT OK response.
+	 * @throws ApiError
+	 */
+	authAuthCodeVerify({ requestBody, }: {
+		requestBody: AuthCodeVerifyRequestBody;
+	}): CancelablePromise<JWT>;
+}
+type MfaThirdPartyAuthVerifyRequestBody = {
+	/**
+	 * Authorization token produced by mgmt API.
+	 */
+	token: string;
 };
-
-type PasskeyOptions$1 = {
-    /**
-     * Flag to allow conditional creation
-     */
-    conditionalCreate: boolean;
+type MfaOtpRequestResponseBody = {
+	/**
+	 * An opaque session object to be included with the subsequent API call.
+	 */
+	session: string;
 };
-
-type User = {
-    /**
-     * Display Name
-     */
-    displayName?: string;
-    /**
-     * Username
-     */
-    username: string;
-    /**
-     * Username type
-     */
-    usernameType: 'email' | 'phone' | 'other';
+type MfaPasskeyAuthRequestBody = {
+	assertionResult: AuthenticatorAssertionResponse;
+};
+type MfaOtpRequestRequestBody = {
+	/**
+	 * OTP method
+	 */
+	method: "email" | "sms";
+	/**
+	 * An OTP option selected by the user (i.e. address to send the OTP request to - phone, email, etc.)
+	 */
+	option?: string;
+};
+type MfaPasskeyRegRequestBody = {
+	creationResult: CreationResult;
+};
+type MfaOtpVerifyRequestBody = {
+	otp: string;
+};
+type MfaBeginRequestBody = {
+	deviceInfo?: DeviceInfo;
+	/**
+	 * Payload to be signed
+	 */
+	payload?: string;
+	/**
+	 * TrustIDs provided with the request
+	 */
+	trustItems?: Record<string, string>;
+	user?: User;
+};
+type MfaErrorRequestBody = {
+	/**
+	 * Client side error code.
+	 */
+	error: string;
+};
+declare class MfaService {
+	readonly httpRequest: BaseHttpRequest;
+	constructor(httpRequest: BaseHttpRequest);
+	/**
+	 * Begin and appropriate flow for the provided username.
+	 * Perform pre-authentication.
+	 * @returns MfaNext OK response.
+	 * @throws ApiError
+	 */
+	mfaMfaBegin({ requestBody, userAgent, }: {
+		requestBody: MfaBeginRequestBody;
+		/**
+		 * Raw user-agent header as set by a browser
+		 */
+		userAgent?: string;
+	}): CancelablePromise<MfaNext>;
+	/**
+	 * Verify auth token created by a third party via management API.
+	 * Report a client error. It does not change state of the flow.
+	 * @returns void
+	 * @throws ApiError
+	 */
+	mfaMfaError({ requestBody, authorization, }: {
+		requestBody: MfaErrorRequestBody;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<void>;
+	/**
+	 * Request OTP authentication using one of the available methods.
+	 * Request OTP.
+	 * @returns MfaOtpRequestResponseBody OK response.
+	 * @throws ApiError
+	 */
+	mfaMfaOtpRequest({ requestBody, authorization, }: {
+		requestBody: MfaOtpRequestRequestBody;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<MfaOtpRequestResponseBody>;
+	/**
+	 * Confirm OTP received in a previous step.
+	 * Verify OTP received by one of the methods.
+	 * @returns Mfa OK response.
+	 * @throws ApiError
+	 */
+	mfaMfaOtpVerify({ requestBody, authorization, }: {
+		requestBody: MfaOtpVerifyRequestBody;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<Mfa>;
+	/**
+	 * Authenticate using passkey.
+	 * Authenticate with a passkeys.
+	 * @returns Mfa OK response.
+	 * @throws ApiError
+	 */
+	mfaMfaPasskeyAuth({ requestBody, authorization, }: {
+		requestBody: MfaPasskeyAuthRequestBody;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<Mfa>;
+	/**
+	 * Register a new passkey.
+	 * Register a new passkey.
+	 * @returns Mfa OK response.
+	 * @throws ApiError
+	 */
+	mfaMfaPasskeyReg({ requestBody, authorization, }: {
+		requestBody: MfaPasskeyRegRequestBody;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<Mfa>;
+	/**
+	 * Transaction confirmation using passkey.
+	 * Confirm a transaction with a passkey.
+	 * @returns Mfa OK response.
+	 * @throws ApiError
+	 */
+	mfaMfaPasskeyTx({ requestBody, authorization, }: {
+		requestBody: MfaPasskeyAuthRequestBody;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<Mfa>;
+	/**
+	 * Verify auth token created by a third party via management API.
+	 * Verify authentication token received from a third party.
+	 * @returns Mfa OK response.
+	 * @throws ApiError
+	 */
+	mfaMfaThirdPartyAuthVerify({ requestBody, authorization, }: {
+		requestBody: MfaThirdPartyAuthVerifyRequestBody;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<Mfa>;
+}
+type PasskeyOptions = {
+	/**
+	 * Flag to allow conditional creation
+	 */
+	conditionalCreate?: boolean;
+	/**
+	 * Whether the authenticator is a security key
+	 */
+	securityKey?: boolean;
 };
-
 type RegInitRequestBody = {
-    app: Application;
-    deviceInfo: DeviceInfo;
-    passkeyOptions?: PasskeyOptions$1;
-    trustInfo?: string;
-    user?: User;
+	app: Application;
+	deviceInfo: DeviceInfo;
+	passkeyOptions?: PasskeyOptions;
+	/**
+	 * TrustIDs provided with the request
+	 */
+	trustItems?: Record<string, string>;
+	user?: User;
 };
-
 declare class RegService {
-    readonly httpRequest: BaseHttpRequest;
-    constructor(httpRequest: BaseHttpRequest);
-    /**
-     * Complete WebAuthn registration flow
-     * @returns JWT OK response.
-     * @throws ApiError
-     */
-    regRegComplete({ requestBody, }: {
-        requestBody: RegCompleteRequestBody;
-    }): CancelablePromise<JWT>;
-    /**
-     * Start WebAuthn registration flow
-     * @returns RegInit OK response.
-     * @throws ApiError
-     */
-    regRegInit({ requestBody, userAgent, authorization, }: {
-        requestBody: RegInitRequestBody;
-        /**
-         * Raw user-agent header as set by a browser
-         */
-        userAgent?: string;
-        /**
-         * JWT Authorization header
-         */
-        authorization?: string;
-    }): CancelablePromise<RegInit>;
+	readonly httpRequest: BaseHttpRequest;
+	constructor(httpRequest: BaseHttpRequest);
+	/**
+	 * Complete WebAuthn registration flow
+	 * @returns JWT OK response.
+	 * @throws ApiError
+	 */
+	regRegComplete({ requestBody, }: {
+		requestBody: RegCompleteRequestBody;
+	}): CancelablePromise<JWT>;
+	/**
+	 * Start WebAuthn registration flow
+	 * @returns RegInit OK response.
+	 * @throws ApiError
+	 */
+	regRegInit({ requestBody, userAgent, authorization, }: {
+		requestBody: RegInitRequestBody;
+		/**
+		 * Raw user-agent header as set by a browser
+		 */
+		userAgent?: string;
+		/**
+		 * JWT Authorization header
+		 */
+		authorization?: string;
+	}): CancelablePromise<RegInit>;
 }
-
-/**
- * Transaction Confirmation Complete response
- */
-type TxComplete = {
-    authCred?: Passkey;
-    /**
-     * Internal passkey identifier
-     */
-    credentialId: string;
-    /**
-     * Authorization token
-     */
-    token: string;
-};
-
 type TxCompleteRequestBody = {
-    /**
-     * This attribute contains the authenticator data returned by the authenticator.
-     */
-    authenticatorData: string;
-    /**
-     * Base64 encoded byte array which is a JSON-compatible serialization of client data
-     * passed to the authenticator by the client in order to generate this assertion.
-     * The exact JSON serialization MUST be preserved, as the hash of the serialized
-     * client data has been computed over it.
-     */
-    clientData: string;
-    /**
-     * Identified of the passkey credential.
-     */
-    keyHandle: string;
-    /**
-     * An opaque object containing session data.
-     */
-    session: string;
-    /**
-     * Base64 encoded the raw signature returned from the authenticator.
-     */
-    signature: string;
-};
-
-/**
- * Transaction Confirmation Init response
- */
-type TxInit = {
-    assertionOptions: PublicKeyCredentialRequestOptions;
-    /**
-     * An opaque object containing session data.
-     */
-    session: string;
-    /**
-     * Internal transaction identifier
-     */
-    txId: string;
+	/**
+	 * This attribute contains the authenticator data returned by the authenticator.
+	 */
+	authenticatorData: string;
+	/**
+	 * Base64 encoded byte array which is a JSON-compatible serialization of client data
+	 * passed to the authenticator by the client in order to generate this assertion.
+	 * The exact JSON serialization MUST be preserved, as the hash of the serialized
+	 * client data has been computed over it.
+	 */
+	clientData: string;
+	/**
+	 * Identified of the passkey credential.
+	 */
+	keyHandle: string;
+	/**
+	 * An opaque object containing session data.
+	 */
+	session: string;
+	/**
+	 * Base64 encoded the raw signature returned from the authenticator.
+	 */
+	signature: string;
 };
-
 type TxInitRequestBody = {
-    /**
-     * Random string
-     */
-    nonce: string;
-    /**
-     * Payload of transaction
-     */
-    txPayload: string;
-    /**
-     * Type of transaction
-     */
-    txType: string;
-    /**
-     * Username of user
-     */
-    username: string;
+	/**
+	 * Random string
+	 */
+	nonce: string;
+	/**
+	 * Payload of transaction
+	 */
+	txPayload: string;
+	/**
+	 * Type of transaction
+	 */
+	txType: string;
+	/**
+	 * Username of user
+	 */
+	username: string;
+};
+type TxComplete = {
+	authCred?: Passkey;
+	/**
+	 * Internal passkey identifier
+	 */
+	credentialId: string;
+	/**
+	 * Authorization token
+	 */
+	token: string;
+};
+type TxInit = {
+	assertionOptions: PublicKeyCredentialRequestOptions;
+	/**
+	 * An opaque object containing session data.
+	 */
+	session: string;
+	/**
+	 * Internal transaction identifier
+	 */
+	txId: string;
 };
-
 declare class TxService {
-    readonly httpRequest: BaseHttpRequest;
-    constructor(httpRequest: BaseHttpRequest);
-    /**
-     * Complete transaction confirmation
-     * @returns TxComplete OK response.
-     * @throws ApiError
-     */
-    txTxComplete({ requestBody, }: {
-        requestBody: TxCompleteRequestBody;
-    }): CancelablePromise<TxComplete>;
-    /**
-     * Start transaction confirmation flow
-     * @returns TxInit OK response.
-     * @throws ApiError
-     */
-    txTxInit({ requestBody, }: {
-        requestBody: TxInitRequestBody;
-    }): CancelablePromise<TxInit>;
+	readonly httpRequest: BaseHttpRequest;
+	constructor(httpRequest: BaseHttpRequest);
+	/**
+	 * Complete transaction confirmation
+	 * @returns TxComplete OK response.
+	 * @throws ApiError
+	 */
+	txTxComplete({ requestBody, }: {
+		requestBody: TxCompleteRequestBody;
+	}): CancelablePromise<TxComplete>;
+	/**
+	 * Start transaction confirmation flow
+	 * @returns TxInit OK response.
+	 * @throws ApiError
+	 */
+	txTxInit({ requestBody, }: {
+		requestBody: TxInitRequestBody;
+	}): CancelablePromise<TxInit>;
 }
-
 type HttpRequestConstructor = new (config: OpenAPIConfig) => BaseHttpRequest;
 declare class LoginIDService {
-    readonly auth: AuthService;
-    readonly passkeys: PasskeysService;
-    readonly reg: RegService;
-    readonly tx: TxService;
-    readonly request: BaseHttpRequest;
-    constructor(config?: Partial<OpenAPIConfig>, HttpRequest?: HttpRequestConstructor);
+	readonly auth: AuthService;
+	readonly mfa: MfaService;
+	readonly passkeys: PasskeysService;
+	readonly reg: RegService;
+	readonly tx: TxService;
+	readonly request: BaseHttpRequest;
+	constructor(config?: Partial<OpenAPIConfig>, HttpRequest?: HttpRequestConstructor);
 }
-
-type ApiResult = {
-    readonly url: string;
-    readonly ok: boolean;
-    readonly status: number;
-    readonly statusText: string;
-    readonly body: any;
-};
-
-declare class ApiError extends Error {
-    readonly url: string;
-    readonly status: number;
-    readonly statusText: string;
-    readonly body: any;
-    readonly request: ApiRequestOptions;
-    constructor(request: ApiRequestOptions, response: ApiResult, message: string);
+declare class SessionManager {
+	/**
+	 * Holds the configuration settings for the LoginID integration, including API base URL.
+	 */
+	protected config: LoginIDConfigValidator;
+	/**
+	 * Initializes a new instance of SessionManager with the provided configuration.
+	 *
+	 * @param {LoginIDConfig} config Configuration object for LoginID.
+	 */
+	constructor(config: LoginIDConfig);
+	/**
+	 * Retrieves the authentication token from the provided options or from cookies if not available in options.
+	 *
+	 * @param {AuthzTokenOptions} options Options containing the token.
+	 * @returns {string} The authentication token.
+	 */
+	getToken(options: AuthzTokenOptions): string;
+	/**
+	 * Retrieves the currently authenticated user's session information.
+	 *
+	 * @returns {LoginIDUser | null} The currently authenticated user's information, including username and id.
+	 * It will return null if user is not authenticated
+	 */
+	getSessionInfo(): SessionInfo | null;
+	/**
+	 * Returns the dynamic Cookie name holding the authorization token for the given application.
+	 *
+	 * @returns {string} The name of the cookie
+	 */
+	getJwtCookieName(): string;
+	/**
+	 * Returns the dynamic Cookie name holding the identification token for the given user.
+	 *
+	 * @returns {string} The name of the cookie
+	 */
+	getIdTokenName(): string;
+	/**
+	 * Returns the dynamic Cookie name holding the access token for the given user.
+	 *
+	 * @returns {string} The name of the cookie
+	 */
+	getAccessTokenName(): string;
+	/**
+	 * Returns the dynamic Cookie name holding the refresh token for the given user.
+	 *
+	 * @returns {string} The name of the cookie
+	 */
+	getRefreshTokenName(): string;
+	/**
+	 * Returns the dynamic Cookie name holding the payload signature for the given user.
+	 *
+	 * @returns {string} The name of the cookie
+	 */
+	getPayloadSignatureName(): string;
+	/**
+	 * Set jwt token to local Cookie
+	 *
+	 * @param {string} jwt Configuration object for LoginID API, including the base URL.
+	 */
+	setJwtCookie(jwt: string): void;
+	/**
+	 * Retrieves the JWT access token.
+	 *
+	 * @returns {string | undefined} The JWT access token.
+	 */
+	getJwtCookie(): string | undefined;
+	/**
+	 * Checks if the user is logged in.
+	 *
+	 * @returns {boolean}
+	 */
+	isLoggedIn(): boolean;
+	/**
+	 * Deletes the jwt cookie.
+	 */
+	logout(): void;
+	/**
+	 * Set the successful result token set to local Cookie.
+	 *
+	 * @param {Mfa} result Configuration object for LoginID API, including the base URL.
+	 */
+	setTokenSet(result: Mfa): void;
+	/**
+	 * Retrieves a specific token by type.
+	 *
+	 * @param {string} tokenType The type of token to retrieve ('idToken', 'accessToken', 'refreshToken', 'payloadSignature').
+	 * @returns {string | undefined} The token value, or null if not found.
+	 */
+	retrieveToken(tokenType: "idToken" | "accessToken" | "refreshToken" | "payloadSignature"): string;
+	/**
+	 * Retrieves the complete token set as a JavaScript object.
+	 *
+	 * @returns {LoginIDTokenSet} The token set object.
+	 */
+	getTokenSet(): LoginIDTokenSet;
 }
-
-type AppError = {
-    msg: string;
-    /**
-     * Message code
-     */
-    msgCode: 'bad_request' | 'unauthorized' | 'forbidden' | 'not_found' | 'internal_error';
-};
-
-type index_Aaguid = Aaguid;
-type index_ApiError = ApiError;
-declare const index_ApiError: typeof ApiError;
-type index_AppError = AppError;
-type index_Application = Application;
-type index_AuthCode = AuthCode;
-type index_AuthCodeRequestSMSRequestBody = AuthCodeRequestSMSRequestBody;
-type index_AuthCodeVerifyRequestBody = AuthCodeVerifyRequestBody;
-type index_AuthCompleteRequestBody = AuthCompleteRequestBody;
-type index_AuthInit = AuthInit;
-type index_AuthInitRequestBody = AuthInitRequestBody;
-type index_AuthService = AuthService;
-declare const index_AuthService: typeof AuthService;
-type index_AuthenticatorAssertionResponse = AuthenticatorAssertionResponse;
-type index_AuthenticatorSelectionCriteria = AuthenticatorSelectionCriteria;
-type index_BaseHttpRequest = BaseHttpRequest;
-declare const index_BaseHttpRequest: typeof BaseHttpRequest;
-type index_CancelError = CancelError;
-declare const index_CancelError: typeof CancelError;
-type index_CancelablePromise<T> = CancelablePromise<T>;
-declare const index_CancelablePromise: typeof CancelablePromise;
-type index_CreationResult = CreationResult;
-type index_DeviceInfo = DeviceInfo;
-type index_JWT = JWT;
-type index_LoginIDService = LoginIDService;
-declare const index_LoginIDService: typeof LoginIDService;
-declare const index_OpenAPI: typeof OpenAPI;
-type index_OpenAPIConfig = OpenAPIConfig;
-type index_Passkey = Passkey;
-type index_PasskeyCollection = PasskeyCollection;
-type index_PasskeyRenameRequestBody = PasskeyRenameRequestBody;
-type index_PasskeysService = PasskeysService;
-declare const index_PasskeysService: typeof PasskeysService;
-type index_PubKeyCredentialDescriptor = PubKeyCredentialDescriptor;
-type index_PublicKeyCredentialCreationOptions = PublicKeyCredentialCreationOptions;
-type index_PublicKeyCredentialParameters = PublicKeyCredentialParameters;
-type index_PublicKeyCredentialRequestOptions = PublicKeyCredentialRequestOptions;
-type index_PublicKeyCredentialRpEntity = PublicKeyCredentialRpEntity;
-type index_PublicKeyCredentialUserEntity = PublicKeyCredentialUserEntity;
-type index_RegCompleteRequestBody = RegCompleteRequestBody;
-type index_RegInit = RegInit;
-type index_RegInitRequestBody = RegInitRequestBody;
-type index_RegService = RegService;
-declare const index_RegService: typeof RegService;
-type index_TxComplete = TxComplete;
-type index_TxCompleteRequestBody = TxCompleteRequestBody;
-type index_TxInit = TxInit;
-type index_TxInitRequestBody = TxInitRequestBody;
-type index_TxService = TxService;
-declare const index_TxService: typeof TxService;
-type index_User = User;
-type index_UserLogin = UserLogin;
-declare namespace index {
-  export { type index_Aaguid as Aaguid, index_ApiError as ApiError, type index_AppError as AppError, type index_Application as Application, type index_AuthCode as AuthCode, type index_AuthCodeRequestSMSRequestBody as AuthCodeRequestSMSRequestBody, type index_AuthCodeVerifyRequestBody as AuthCodeVerifyRequestBody, type index_AuthCompleteRequestBody as AuthCompleteRequestBody, type index_AuthInit as AuthInit, type index_AuthInitRequestBody as AuthInitRequestBody, index_AuthService as AuthService, type index_AuthenticatorAssertionResponse as AuthenticatorAssertionResponse, type index_AuthenticatorSelectionCriteria as AuthenticatorSelectionCriteria, index_BaseHttpRequest as BaseHttpRequest, index_CancelError as CancelError, index_CancelablePromise as CancelablePromise, type index_CreationResult as CreationResult, type index_DeviceInfo as DeviceInfo, type index_JWT as JWT, index_LoginIDService as LoginIDService, index_OpenAPI as OpenAPI, type index_OpenAPIConfig as OpenAPIConfig, type index_Passkey as Passkey, type index_PasskeyCollection as PasskeyCollection, type PasskeyOptions$1 as PasskeyOptions, type index_PasskeyRenameRequestBody as PasskeyRenameRequestBody, index_PasskeysService as PasskeysService, type index_PubKeyCredentialDescriptor as PubKeyCredentialDescriptor, type index_PublicKeyCredentialCreationOptions as PublicKeyCredentialCreationOptions, type index_PublicKeyCredentialParameters as PublicKeyCredentialParameters, type index_PublicKeyCredentialRequestOptions as PublicKeyCredentialRequestOptions, type index_PublicKeyCredentialRpEntity as PublicKeyCredentialRpEntity, type index_PublicKeyCredentialUserEntity as PublicKeyCredentialUserEntity, type index_RegCompleteRequestBody as RegCompleteRequestBody, type index_RegInit as RegInit, type index_RegInitRequestBody as RegInitRequestBody, index_RegService as RegService, type index_TxComplete as TxComplete, type index_TxCompleteRequestBody as TxCompleteRequestBody, type index_TxInit as TxInit, type index_TxInitRequestBody as TxInitRequestBody, index_TxService as TxService, type index_User as User, type index_UserLogin as UserLogin };
+declare class LoginIDBase {
+	/**
+	 * Holds the configuration settings for the LoginID integration, including API base URL.
+	 */
+	protected readonly config: LoginIDConfigValidator;
+	/**
+	 * Instance of LoginIDService, providing access to the LoginID API methods.
+	 */
+	protected readonly service: LoginIDService;
+	/**
+	 * Instance of SessionManager, providing access to the session management methods.
+	 */
+	readonly session: SessionManager;
+	/**
+	 * Constructs a new instance of the LoginIDBase class, initializing the service with the provided configuration.
+	 * @param {LoginIDConfig} config Configuration object for LoginID API, including the base URL.
+	 */
+	constructor(config: LoginIDConfig);
 }
-
-type Complete<T> = {
-    [P in keyof T]-?: T[P];
+declare class Utils extends LoginIDBase {
+	/**
+	 * Initializes a new Utils instance with the provided configuration.
+	 *
+	 * @param {LoginIDConfig} config Configuration object for LoginID.
+	 */
+	constructor(config: LoginIDConfig);
+	/**
+	 * Validates the application's configuration settings and provides a suggested correction if any issues are detected.
+	 *
+	 * @returns {Promise<VerifyConfigResult>} The result of the verification process.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * async function checkConfig() {
+	 *   const result = await lid.verifyConfigSettings();
+	 *
+	 *   if (result.isValid) {
+	 *     console.log('Configuration is valid');
+	 *   } else {
+	 *     console.error(`Error: ${result.message} (Code: ${result.code})`);
+	 *     console.info(`Solution: ${result.solution}`);
+	 *   }
+	 * }
+	 *
+	 * checkConfig();
+	 *
+	 * // Attach the click handler to a button
+	 * const checkConfigButton = document.getElementById("button");
+	 * checkConfigButton.addEventListener("click", checkConfig);
+	 * ```
+	 */
+	verifyConfigSettings(): Promise<VerifyConfigResult>;
+	/**
+	 * Check whether the user of the current browser session is authenticated and returns user info.
+	 * This info is retrieved locally and no requests to backend are made.
+	 *
+	 * @returns {SessionInfo | null} The currently authenticated user's information, including username and id.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 * const username = "billy@loginid.io";
+	 *
+	 * try {
+	 *   // Retrieve session information
+	 *   await lid.authenticateWithPasskey(username);
+	 *   const sessionInfo = lid.getSessionInfo();
+	 *   console.log("Session Information:", sessionInfo);
+	 * } catch (error) {
+	 *   console.error("Error retrieving session information:", error);
+	 * }
+	 * ```
+	 */
+	getSessionInfo(): SessionInfo | null;
+	/**
+	 * Clears current user session. This method is executed locally and it just deletes authorization token from local Cookies.
+	 *
+	 * @returns {boolean}
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * try {
+	 *   // Retrieve user information
+	 *   await lid.authenticateWithPasskey(username);
+	 *   lid.logout();
+	 *   const info = lid.getSessionInfo();
+	 *   // false
+	 *   console.log("Is user signed in?", info !== null);
+	 * } catch (error) {
+	 *   console.error("Error:", error);
+	 * }
+	 * ```
+	 */
+	logout(): void;
+}
+declare class MFA extends LoginIDBase {
+	/**
+	 * Initializes a new MFA instance with the provided configuration.
+	 *
+	 * @param {LoginIDMfaConfig} config Configuration object for LoginID services.
+	 *
+	 */
+	constructor(config: LoginIDMfaConfig);
+	/**
+	 * Initiates the pre-authentication process for Multi-Factor Authentication (MFA).
+	 * This method begins an MFA session and stores session details in local storage.
+	 *
+	 * To proceed with the MFA flow, use the `performAction` method with the required
+	 * payload if necessary. To check the current MFA session status, use `getMfaSessionDetails`.
+	 *
+	 * @param {string} username - The username of the user initiating MFA.
+	 * @param {MfaBeginOptions} [options={}] - Optional parameters for initiating MFA.
+	 * @returns {Promise<MfaSessionResult>} - A promise resolving to the MFA session result.
+	 */
+	beginFlow(username: string, options?: MfaBeginOptions): Promise<MfaSessionResult>;
+	/**
+	 * Performs a Multi-Factor Authentication (MFA) action using the specified factor.
+	 *
+	 * This method supports various MFA factors, including passkeys, OTP (email/SMS), and external authentication.
+	 * It validates the provided options, processes the authentication step, and invokes the corresponding MFA API.
+	 * The MFA session deatils is updated upon a successful factor completion.
+	 *
+	 * - **OTP Request (email/SMS):** Initiates an OTP request by sending an OTP to the user's contact information. If `options.payload` contains a contact, it will be used; otherwise, the primary contact on record is used.
+	 * - **OTP Verify (email/SMS):** Verifies the OTP code provided in `options.payload` by validating it against the expected value.
+	 * - **External authentication:** Provide the authorization code in `options.payload`.
+	 * - **Passkeys:** Uses WebAuthn for authentication or registration.
+	 *
+	 * @param {MfaFactorName} factorName - The MFA factor being performed (e.g., `"passkey"`, `"otp:email"`, `"otp:sms"`, `"external"`).
+	 * @param {MfaPerformActionOptions} [options={}] - The options containing session and payload data for the MFA factor.
+	 * @returns {Promise<MfaSessionResult>} - A promise resolving to the updated MFA session result.
+	 */
+	performAction(factorName: MfaFactorName, options?: MfaPerformActionOptions): Promise<MfaSessionResult>;
+	/**
+	 * Retrieves the current Multi-Factor Authentication (MFA) session details.
+	 *
+	 * This method fetches the latest MFA session information from local storage and
+	 * includes any available authentication tokens. It provides the current status
+	 * of the MFA process, including remaining factors and completion state.
+	 *
+	 * @returns {MfaSessionResult} - The current MFA session details, including session status and tokens.
+	 */
+	getMfaSessionDetails(): MfaSessionResult;
+	/**
+	 * Handles the execution of an MFA API request and updates the MFA session state.
+	 *
+	 * This internal method executes the provided MFA request function, updates local storage,
+	 * and sets authentication tokens. If the request results in an MFA challenge (401 error),
+	 * it processes the response and updates the session accordingly.
+	 *
+	 * @param {string} appId - The application ID associated with the MFA session.
+	 * @param {string} [username=""] - The username, if available.
+	 * @param {() => Promise<Mfa>} fn - A function that performs the MFA API request.
+	 * @returns {Promise<MfaSessionResult>} - The updated MFA session result.
+	 */
+	private invokeMfaApi;
+}
+export interface LoginIDMfa extends MFA, Utils {
+}
+export declare class LoginIDMfa extends LoginIDBase {
+	constructor(config: LoginIDConfig);
+}
+type ApiResult = {
+	readonly url: string;
+	readonly ok: boolean;
+	readonly status: number;
+	readonly statusText: string;
+	readonly body: any;
 };
-type UsernameType = User['usernameType'];
-type DeviceInfoRequestBody = DeviceInfo;
-type Transports = CreationResult['transports'];
-type Message = 'email' | 'sms';
-type FallbackOptions = string[];
-type FallbackCallback = (username: string, options: FallbackOptions) => Promise<void>;
-type SuccessCallback = (result: AuthResult) => Promise<void>;
-interface Callbacks {
-    onFallback?: FallbackCallback;
-    onSuccess?: SuccessCallback;
+export declare class ApiError extends Error {
+	readonly url: string;
+	readonly status: number;
+	readonly statusText: string;
+	readonly body: any;
+	readonly request: ApiRequestOptions;
+	constructor(request: ApiRequestOptions, response: ApiResult, message: string);
 }
-interface AllOptions {
-    authzToken?: string;
-    usernameType?: UsernameType;
-    displayName?: string;
-    callbacks?: Callbacks;
+export type Complete<T> = {
+	[P in keyof T]-?: T[P];
+};
+export type DeviceInfoRequestBody = DeviceInfo;
+export type Transports = CreationResult["transports"];
+export type Message = "email" | "sms";
+export type FallbackOptions = string[];
+export type FallbackCallback = (username: string, options: FallbackOptions) => Promise<void>;
+export type SuccessCallback = (result: AuthResult) => Promise<void>;
+export interface Callbacks {
+	onFallback?: FallbackCallback;
+	onSuccess?: SuccessCallback;
 }
-/**
- * Configuration for LoginID FIDO service.
- */
-interface LoginIDConfig {
-    /**
-     * The base URL for LoginID FIDO service which can be obtained on the [dashboard](https://dashboard.loginid.io).
-     */
-    baseUrl: string;
-    /**
-     * The optional app ID for specific application.
-     */
-    appId?: string;
+export interface AllOptions {
+	authzToken?: string;
+	usernameType?: UsernameType;
+	displayName?: string;
+	callbacks?: Callbacks;
 }
 /**
  * The base interface for passkey options.
  */
-interface PasskeyOptions {
-    /**
-     * Authorization token used for accessing protected resources typically used for adding multiple passkeys to a user.
-     */
-    authzToken?: string;
-    /**
-     * Callback functions that can be triggered on various events during the authentication process.
-     */
-    callbacks?: Callbacks;
-    /**
-    * The type of username validation to be used. Defaults to **`other`**.
-    */
-    usernameType?: UsernameType;
+export interface MainPasskeyOptions {
+	/**
+	 * Authorization token used for accessing protected resources typically used for adding multiple passkeys to a user.
+	 */
+	authzToken?: string;
+	/**
+	 * Callback functions that can be triggered on various events during the authentication process.
+	 */
+	callbacks?: Callbacks;
+	/**
+	 * The type of username validation to be used. Defaults to **`other`**.
+	 */
+	usernameType?: UsernameType;
 }
 /**
  * The base interface for passkey management options.
  */
-interface PasskeyManagementOptions {
-    /**
-     * Authorization token used for authorizing passkey management actions.
-     */
-    authzToken?: string;
+export interface PasskeyManagementOptions {
+	/**
+	 * Authorization token used for authorizing passkey management actions.
+	 */
+	authzToken?: string;
 }
 /**
  * List passkeys options.
  */
-interface ListPasskeysOptions extends PasskeyManagementOptions {
+export interface ListPasskeysOptions extends PasskeyManagementOptions {
 }
 /**
  * Rename passkeys options.
  */
-interface RenamePasskeyOptions extends PasskeyManagementOptions {
+export interface RenamePasskeyOptions extends PasskeyManagementOptions {
 }
 /**
  * Delete passkeys options.
  */
-interface DeletePasskeyOptions extends PasskeyManagementOptions {
+export interface DeletePasskeyOptions extends PasskeyManagementOptions {
 }
 /**
  * Authenticate with passkeys options.
  */
-interface AuthenticateWithPasskeysOptions extends PasskeyOptions {
-    /**
-     * When true it will enable passkeys on the browser autofill suggestions if supported (conditional UI). Username does not need to be set.
-     */
-    autoFill?: boolean;
-    /**
-     * This should be used with the **`options.autoFill`** option to trigger the cancellation of the passkey conditional UI.
-     * Pass this if additional passkeys API calls may be anticipated on the current context page.
-     */
-    abortController?: AbortController;
+export interface AuthenticateWithPasskeysOptions extends MainPasskeyOptions {
+	/**
+	 * When true it will enable passkeys on the browser autofill suggestions if supported (conditional UI). Username does not need to be set.
+	 */
+	autoFill?: boolean;
+	/**
+	 * This should be used with the **`options.autoFill`** option to trigger the cancellation of the passkey conditional UI.
+	 * Pass this if additional passkeys API calls may be anticipated on the current context page.
+	 */
+	abortController?: AbortController;
 }
 /**
  * Authenticate with passkey autofill options.
  */
-interface AuthenticateWithPasskeyAutofillOptions extends AuthenticateWithPasskeysOptions {
+export interface AuthenticateWithPasskeyAutofillOptions extends AuthenticateWithPasskeysOptions {
 }
 /**
  * Create passkeys options interface.
  */
-interface CreatePasskeyOptions extends PasskeyOptions {
-    /**
-     * A human-palatable name for the user account, intended only for display on your passkeys and modals.
-     */
-    displayName?: string;
+export interface CreatePasskeyOptions extends MainPasskeyOptions {
+	/**
+	 * A human-palatable name for the user account, intended only for display on your passkeys and modals.
+	 */
+	displayName?: string;
 }
 /**
  * Confirm transaction options.
  */
-interface ConfirmTransactionOptions extends PasskeyOptions {
-    /**
-     * Specify the type of transaction being confirmed for additional validation.
-     */
-    txType?: string;
-    /**
-     * A unique nonce to ensure the transaction's integrity and prevent replay attacks
-     */
-    nonce?: string;
+export interface ConfirmTransactionOptions extends MainPasskeyOptions {
+	/**
+	 * Specify the type of transaction being confirmed for additional validation.
+	 */
+	txType?: string;
+	/**
+	 * A unique nonce to ensure the transaction's integrity and prevent replay attacks
+	 */
+	nonce?: string;
 }
 /**
  * Request and send OTP options.
  */
-interface RequestAndSendOtpOptions {
-    /**
-    * The type of username validation to be used. Defaults to **`other`**.
-    */
-    usernameType?: UsernameType;
+export interface RequestAndSendOtpOptions {
+	/**
+	 * The type of username validation to be used. Defaults to **`other`**.
+	 */
+	usernameType?: UsernameType;
 }
 /**
  * Request OTP options.
  */
-interface RequestOtpOptions extends AuthenticateWithPasskeyAutofillOptions {
+export interface RequestOtpOptions extends AuthenticateWithPasskeyAutofillOptions {
 }
 /**
  * Validate OTP options.
  */
-interface ValidateOtpOptions extends RequestAndSendOtpOptions {
+export interface ValidateOtpOptions extends RequestAndSendOtpOptions {
 }
 /**
  * The result after requesting an OTP with **`requestOtp`**.
  */
-interface Otp extends AuthCode {
+export interface Otp extends AuthCode {
 }
 /**
  * The result after a successful authentication process either with passkeys or OTP.
  */
-interface AuthResult {
-    /**
-     * Indicates whether the user is authenticated. If **`false`**, a fallback options can be taken place if available on **`fallbackOptions`**.
-     */
-    isAuthenticated: boolean;
-    /**
-     * A short-lived authorization token is returned, allowing access to protected resources for the given user such as listing, renaming or deleting passkeys.
-     */
-    token: string;
-    /**
-     * The unique identifier of the authenticated user.
-     */
-    userId: string;
-    /**
-     * The identifier for the passkey used in authentication, if applicable.
-     */
-    passkeyId?: string;
-    /**
-     * An identifier for the device used in the authentication process. This property helps determine if supported authentications can be proceeded,
-     * allowing future authentications to identify the device correctly.
-     */
-    deviceID?: string;
-    /**
-     * If **`true`**, the authentication process should resort to a fallback method as specified in **`fallbackOptions`**.
-     */
-    isFallback: boolean;
-    /**
-     * This property will be returned if the LoginID indicates that the user is unlikely to proceed with passkey authentication.
-     * In this case, instead of prompting for passkey authentication, available cross-authentication options are listed as an alternative,
-     * providing suggested authentications to use instead.
-     */
-    fallbackOptions?: FallbackOptions;
-}
-/**
- * General information about the current user session. Information is obtained from the stored authorization token.
- */
-interface SessionInfo {
-    /**
-     * Current authenticated user's username.
-     */
-    username: string;
-    /**
-     * Current authenticated user's ID.
-     */
-    id: string;
+export interface AuthResult {
+	/**
+	 * Indicates whether the user is authenticated. If **`false`**, a fallback options can be taken place if available on **`fallbackOptions`**.
+	 */
+	isAuthenticated: boolean;
+	/**
+	 * A short-lived authorization token is returned, allowing access to protected resources for the given user such as listing, renaming or deleting passkeys.
+	 */
+	token: string;
+	/**
+	 * The unique identifier of the authenticated user.
+	 */
+	userId: string;
+	/**
+	 * The identifier for the passkey used in authentication, if applicable.
+	 */
+	passkeyId?: string;
+	/**
+	 * An identifier for the device used in the authentication process. This property helps determine if supported authentications can be proceeded,
+	 * allowing future authentications to identify the device correctly.
+	 */
+	deviceID?: string;
+	/**
+	 * If **`true`**, the authentication process should resort to a fallback method as specified in **`fallbackOptions`**.
+	 */
+	isFallback: boolean;
+	/**
+	 * This property will be returned if the LoginID indicates that the user is unlikely to proceed with passkey authentication.
+	 * In this case, instead of prompting for passkey authentication, available cross-authentication options are listed as an alternative,
+	 * providing suggested authentications to use instead.
+	 */
+	fallbackOptions?: FallbackOptions;
 }
-/**
- * The result of verifying the application's configuration settings.
- */
-interface VerifyConfigResult {
-    /**
-     * Indicates whether the configuration is valid.
-     */
-    isValid: boolean;
-    /**
-     * Suggested solution to fix any configuration issues.
-     */
-    solution?: string;
-    /**
-     * A message describing the issue with the configuration, if any.
-     */
-    message?: string;
-    /**
-     * A code representing the error type.
-     */
-    code?: string;
-}
-/**
- * Represents the claims included in a TrustID token.
- */
-interface TrustIDClaims {
-    /**
-     * Unique identifier for the Trust ID.
-     */
-    id: string;
-    /**
-     * Username associated with the token owner.
-     */
-    username: string;
-    /**
-     * Audience for which the token is intended. This is the app ID.
-     */
-    aud: string;
-}
-/**
- * Represents a stored Trust ID record in the trust store database.
- */
-interface TrustIDRecord {
-    /**
-     * Unique identifier for the Trust ID, derived from the TrustID token.
-     */
-    id: string;
-    /**
-     * Username associated with the Trust ID.
-     */
-    username: string;
-    /**
-     * Cryptographic key pair used for signing and verification.
-     */
-    keyPair: CryptoKeyPair;
-}
-
-declare class SessionManager {
-    /**
-     * Holds the configuration settings for the LoginID integration, including API base URL.
-     */
-    private config;
-    /**
-     * Initializes a new instance of SessionManager with the provided configuration.
-     *
-     * @param {LoginIDConfig} config Configuration object for LoginID.
-     */
-    constructor(config: LoginIDConfig);
-    /**
-     * Retrieves the authentication token from the provided options or from cookies if not available in options.
-     *
-     * @param {PasskeyOptions} options Options containing the token.
-     * @returns {string} The authentication token.
-     */
-    getToken(options: PasskeyOptions): string;
-    /**
-     * Retrieves the currently authenticated user's session information.
-     *
-     * @returns {LoginIDUser | null} The currently authenticated user's information, including username and id.
-     * It will return null if user is not authenticated
-     */
-    getSessionInfo(): SessionInfo | null;
-    /**
-     * Returns the dynamic Cookie name holding the authorization token for the given application.
-     *
-     * @returns {string} The name of the cookie
-     */
-    getJwtCookieName(): string;
-    /**
-     * Set jwt token to local Cookie
-     *
-     * @param {string} jwt Configuration object for LoginID API, including the base URL.
-     */
-    setJwtCookie(jwt: string): void;
-    /**
-     * Retrieves the JWT access token.
-     *
-     * @returns {string | undefined} The JWT access token.
-     */
-    getJwtCookie(): string | undefined;
-    /**
-     * Checks if the user is logged in.
-     *
-     * @returns {boolean}
-     */
-    isLoggedIn(): boolean;
-    /**
-     * Deletes the jwt cookie.
-     *
-     * @returns {boolean}
-     */
-    logout(): void;
-}
-
-declare class LoginIDConfigValidator {
-    /**
-     * Holds the configuration settings for the LoginID integration, including API base URL and optional app ID.
-     */
-    private readonly config;
-    /**
-     * Constructs a new instance of the LoginIDConfigValidator class, initializing with the provided configuration.
-     * @param {LoginIDConfig} config Configuration object for LoginID API, including the base URL and optional app ID.
-     */
-    constructor(config: LoginIDConfig);
-    /**
-     * Retrieves the application ID from the configuration or extracts it from the base URL if not provided.
-     * @returns {string} The application ID.
-     * @throws {Error} If the app ID is not found in the configuration or the base URL, throws an error.
-     */
-    getAppId(): string;
-}
-
-/**
- * Provides a base class for integrating with the LoginID API services.
- * This class initializes the common configuration and service needed for derived classes to interact with LoginID services.
- */
-declare class LoginIDBase {
-    /**
-     * Holds the configuration settings for the LoginID integration, including API base URL.
-     */
-    protected readonly config: LoginIDConfigValidator;
-    /**
-     * Instance of LoginIDService, providing access to the LoginID API methods.
-     */
-    protected readonly service: LoginIDService;
-    /**
-     * Instance of SessionManager, providing access to the session management methods.
-     */
-    readonly session: SessionManager;
-    /**
-     * Constructs a new instance of the LoginIDBase class, initializing the service with the provided configuration.
-     * @param {LoginIDConfig} config Configuration object for LoginID API, including the base URL.
-     */
-    constructor(config: LoginIDConfig);
+declare class PasskeyManager extends LoginIDBase {
+	/**
+	 * Initializes a new instance of PasskeyManager with the provided configuration.
+	 *
+	 * @param {LoginIDConfig} config Configuration object for LoginID.
+	 */
+	constructor(config: LoginIDConfig);
+	/**
+	 * This method returns list of passkeys associated with the current user. The user must be fully authorized for this call to succeed.
+	 *
+	 * @param {ListPasskeysOptions} options Additional options for listing passkeys.
+	 * @returns {Promise<PasskeyCollection>} A collection of passkeys.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * // Button click handler for signing in
+	 * async function handleSigninButtonClick() {
+	 *   const username = "billy@loginid.io";
+	 *
+	 *   try {
+	 *     // Sign in with a passkey
+	 *     await lid.authenticateWithPasskey(username);
+	 *
+	 *     // List all user credentials
+	 *     const passkeys = await lid.listPasskeys();
+	 *     // Handle the sign-in result
+	 *   } catch (error) {
+	 *     // Handle errors
+	 *     console.error("Error during obtaining passkeys:", error);
+	 *   }
+	 * }
+	 *
+	 * // Attach the click handler to a button
+	 * const signinButton = document.getElementById("signinButton");
+	 * signinButton.addEventListener("click", handleSigninButtonClick);
+	 * ```
+	 */
+	listPasskeys(options?: ListPasskeysOptions): Promise<PasskeyCollection>;
+	/**
+	 * Renames a specified passkey by ID. The user must be fully authorized for this call to succeed.
+	 *
+	 * @param {string} id The ID of the passkey to rename.
+	 * @param {string} name The new name for the passkey.
+	 * @param {RenamePasskeyOptions} options Additional options for renaming the passkey.
+	 * @returns {Promise<void>} A promise that resolves when the operation completes successfully.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * const passkeyId = "abc123";
+	 * const newCredName = "New Passkey Credential Name";
+	 *
+	 * // Rename the passkey user credential
+	 * try {
+	 *   // Signin with passkey
+	 *   await lid.authenticateWithPasskey(username);
+	 *
+	 *   // Find a way to retrieve passkey ID
+	 *   await lid.renamePasskey(passkeyId, newCredName);
+	 *   // Passkey credential successfully renamed
+	 * } catch (error) {
+	 *   // Handle errors
+	 *   console.error("Error during passkey credential renaming:", error);
+	 * }
+	 * ```
+	 */
+	renamePasskey(id: string, name: string, options?: RenamePasskeyOptions): Promise<void>;
+	/**
+	 * Delete a specified passkey by ID from LoginID. The user must be fully authorized for this call to succeed.
+	 *
+	 * @param {string} id The ID of the passkey to delete.
+	 * @param {DeletePasskeyOptions} options Additional options for deleting the passkey.
+	 * @returns {Promise<void>} A promise that resolves when the operation completes successfully.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * const passkeyId = "abc123";
+	 *
+	 * // Delete the passkey user credential
+	 * try {
+	 *   // Signin with passkey
+	 *   const signinResult = await lid.authenticateWithPasskey(username);
+	 *
+	 *   // Find a way to retrieve passkey ID
+	 *   await lid.deletePasskey(passkeyId);
+	 *   // Passkey credential successfully deleted
+	 * } catch (error) {
+	 *   // Handle errors
+	 *   console.error("Error deleting passkey:", error);
+	 * }
+	 * ```
+	 */
+	deletePasskey(id: string, options?: DeletePasskeyOptions): Promise<void>;
 }
-
-/**
- * Extends LoginIDBase to support OTP methods.
- */
 declare class OTP extends LoginIDBase {
-    /**
-     * Initializes a new instance of OTP with the provided configuration.
-     *
-     * @param {LoginIDConfig} config Configuration object for LoginID.
-     */
-    constructor(config: LoginIDConfig);
-    /**
-     * This method verifies the OTP and returns an authorization token, which can be used with the `passkeyCreate()`
-     * method to create a new passkey. The authorization token has a short validity period and should be used immediately.
-     *
-     * @param {string} username Username to validate with.
-     * @param {string} otp OTP to validate.
-     * @param {ValidateOtpOptions} options Additional authentication options.
-     * @returns {Promise<AuthResult>} Result of the authentication operation.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * // Button click handler to generate a code with passkey
-     * async function handleRequestOTPButtonClick() {
-     *   const username = "billy@loginid.io";
-     *
-     *   try {
-     *     // Request OTP with passkey
-     *     const result = await lid.requestOtp(username);
-     *     // Extract the OTP from the response
-     *     const otp = result.code;
-     *
-     *     // Authenticate with the OTP
-     *     // You can authenticate on another device with this OTP
-     *     const authenticateResult = await lid.validateOtp(username, otp);
-     *     // Handle the authentication result
-     *     console.log("Authentication Result:", authenticateResult);
-     *   } catch (error) {
-     *     // Handle errors
-     *     console.error("Error during authentication:", error);
-     *   }
-     * }
-     *
-     * // Attach the click handler to a button
-     * const requestOtpButton = document.getElementById("requestOtpButton");
-     * requestOtpButton.addEventListener("click", handleRequestOTPButtonClick);
-     * ```
-     */
-    validateOtp(username: string, otp: string, options?: ValidateOtpOptions): Promise<AuthResult>;
-    /**
-     * This method requests an OTP from the backend to be sent via the selected method. The method of delivery should be based on
-     * the user's choice from the list of available options. This can be found in the result of `authenticateWithPasskey`
-     * method as `fallbackOptions`.
-     *
-     * @param {string} username Username to request and send the OTP to.
-     * @param {Message} method Method to send the code, either 'email' or 'sms'. Default is 'email'.
-     * @param {RequestAndSendOtpOptions} options Additional options for sending the OTP.
-     * @returns {Promise<void>} A promise that resolves when the operation completes successfully.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * const username = "billy@loginid.io";
-     *
-     * async function sendUserOTPHandler() {
-     *   try {
-     *     // Send OTP to a user via email
-     *     await lid.requestAndSendOtp(username, "email");
-     *     console.log("OTP sent successfully.");
-     *   } catch (error) {
-     *     console.error("Error sending code:", error);
-     *   }
-     * }
-     *
-     * const sendOtpButton = document.getElementById("button");
-     * sendOtpButton.addEventListener("click", sendUserOTPHandler);
-     * ```
-     */
-    requestAndSendOtp(username: string, method?: Message, options?: RequestAndSendOtpOptions): Promise<void>;
+	/**
+	 * Initializes a new instance of OTP with the provided configuration.
+	 *
+	 * @param {LoginIDConfig} config Configuration object for LoginID.
+	 */
+	constructor(config: LoginIDConfig);
+	/**
+	 * This method verifies the OTP and returns an authorization token, which can be used with the `passkeyCreate()`
+	 * method to create a new passkey. The authorization token has a short validity period and should be used immediately.
+	 *
+	 * @param {string} username Username to validate with.
+	 * @param {string} otp OTP to validate.
+	 * @param {ValidateOtpOptions} options Additional authentication options.
+	 * @returns {Promise<AuthResult>} Result of the authentication operation.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * // Button click handler to generate a code with passkey
+	 * async function handleRequestOTPButtonClick() {
+	 *   const username = "billy@loginid.io";
+	 *
+	 *   try {
+	 *     // Request OTP with passkey
+	 *     const result = await lid.requestOtp(username);
+	 *     // Extract the OTP from the response
+	 *     const otp = result.code;
+	 *
+	 *     // Authenticate with the OTP
+	 *     // You can authenticate on another device with this OTP
+	 *     const authenticateResult = await lid.validateOtp(username, otp);
+	 *     // Handle the authentication result
+	 *     console.log("Authentication Result:", authenticateResult);
+	 *   } catch (error) {
+	 *     // Handle errors
+	 *     console.error("Error during authentication:", error);
+	 *   }
+	 * }
+	 *
+	 * // Attach the click handler to a button
+	 * const requestOtpButton = document.getElementById("requestOtpButton");
+	 * requestOtpButton.addEventListener("click", handleRequestOTPButtonClick);
+	 * ```
+	 */
+	validateOtp(username: string, otp: string, options?: ValidateOtpOptions): Promise<AuthResult>;
+	/**
+	 * This method requests an OTP from the backend to be sent via the selected method. The method of delivery should be based on
+	 * the user's choice from the list of available options. This can be found in the result of `authenticateWithPasskey`
+	 * method as `fallbackOptions`.
+	 *
+	 * @param {string} username Username to request and send the OTP to.
+	 * @param {Message} method Method to send the code, either 'email' or 'sms'. Default is 'email'.
+	 * @param {RequestAndSendOtpOptions} options Additional options for sending the OTP.
+	 * @returns {Promise<void>} A promise that resolves when the operation completes successfully.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * const username = "billy@loginid.io";
+	 *
+	 * async function sendUserOTPHandler() {
+	 *   try {
+	 *     // Send OTP to a user via email
+	 *     await lid.requestAndSendOtp(username, "email");
+	 *     console.log("OTP sent successfully.");
+	 *   } catch (error) {
+	 *     console.error("Error sending code:", error);
+	 *   }
+	 * }
+	 *
+	 * const sendOtpButton = document.getElementById("button");
+	 * sendOtpButton.addEventListener("click", sendUserOTPHandler);
+	 * ```
+	 */
+	requestAndSendOtp(username: string, method?: Message, options?: RequestAndSendOtpOptions): Promise<void>;
 }
-
-declare class Utils extends LoginIDBase {
-    /**
-     * Initializes a new Utils instance with the provided configuration.
-     *
-     * @param {LoginIDConfig} config Configuration object for LoginID.
-     */
-    constructor(config: LoginIDConfig);
-    /**
-     * Validates the application's configuration settings and provides a suggested correction if any issues are detected.
-     *
-     * @returns {Promise<VerifyConfigResult>} The result of the verification process.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * async function checkConfig() {
-     *   const result = await lid.verifyConfigSettings();
-     *
-     *   if (result.isValid) {
-     *     console.log('Configuration is valid');
-     *   } else {
-     *     console.error(`Error: ${result.message} (Code: ${result.code})`);
-     *     console.info(`Solution: ${result.solution}`);
-     *   }
-     * }
-     *
-     * checkConfig();
-     *
-     * // Attach the click handler to a button
-     * const checkConfigButton = document.getElementById("button");
-     * checkConfigButton.addEventListener("click", checkConfig);
-     * ```
-     */
-    verifyConfigSettings(): Promise<VerifyConfigResult>;
-    /**
-     * Check whether the user of the current browser session is authenticated and returns user info.
-     * This info is retrieved locally and no requests to backend are made.
-     *
-     * @returns {SessionInfo | null} The currently authenticated user's information, including username and id.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     * const username = "billy@loginid.io";
-     *
-     * try {
-     *   // Retrieve session information
-     *   await lid.authenticateWithPasskey(username);
-     *   const sessionInfo = lid.getSessionInfo();
-     *   console.log("Session Information:", sessionInfo);
-     * } catch (error) {
-     *   console.error("Error retrieving session information:", error);
-     * }
-     * ```
-     */
-    getSessionInfo(): SessionInfo | null;
-    /**
-     * Clears current user session. This method is executed locally and it just deletes authorization token from local Cookies.
-     *
-     * @returns {boolean}
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * try {
-     *   // Retrieve user information
-     *   await lid.authenticateWithPasskey(username);
-     *   lid.logout();
-     *   const info = lid.getSessionInfo();
-     *   // false
-     *   console.log("Is user signed in?", info !== null);
-     * } catch (error) {
-     *   console.error("Error:", error);
-     * }
-     * ```
-     */
-    logout(): void;
-}
-
-/**
- * Extends LoginIDBase to support creation and authentication of passkeys.
- */
 declare class Passkeys extends OTP {
-    /**
-     * Initializes a new Passkeys instance with the provided configuration.
-     *
-     * @param {LoginIDConfig} config Configuration object for LoginID.
-     *
-     */
-    constructor(config: LoginIDConfig);
-    /**
-     * A helper function that creates a public-key credential using WebAuthn API. It is designed to be used with LoginID's
-     * passkey creation flow. The function takes a registration initialization response and returns a registration completion request body.
-     *
-     * @param {RegInit} regInitResponseBody The response body from registration initialization.
-     * @returns {Promise<RegRegCompleteRequestBody>} Completion request body for registration.
-     */
-    private createNavigatorCredential;
-    /**
-     * This method helps to create a passkey. The only required parameter is the username, but additional attributes can be provided in the options parameter.
-     * Note: While the authorization token is optional, it must always be used in a production environment. You can skip it during development by adjusting
-     * the app configuration in the LoginID dashboard.
-     *
-     * A short-lived authorization token is returned, allowing access to protected resources for the given user such as listing, renaming or deleting passkeys.
-     *
-     * @param {string} username Username to register.
-     * @param {string} authzToken Authorization token for passkey creation.
-     * @param {CreatePasskeyOptions} options Additional passkey creation options.
-     * @returns {Promise<AuthResult>} Result of the passkey creation operation.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * // Button click handler
-     * async function handleSignupButtonClick() {
-     *   const username = "billy@loginid.io";
-     *
-     *   try {
-     *     // Sign up with a passkey
-     *     const signupResult = await lid.createPasskey(username);
-     *     // Handle the signup result
-     *     console.log("Signup Result:", signupResult);
-     *   } catch (error) {
-     *     // Handle errors
-     *     console.error("Error during signup:", error);
-     *   }
-     * }
-     *
-     * // Attach the click handler to a button
-     * const signinButton = document.getElementById("signinButton");
-     * signinButton.addEventListener("click", handleSigninButtonClick);
-     * ```
-     */
-    createPasskey(username: string, authzToken?: string, options?: CreatePasskeyOptions): Promise<AuthResult>;
-    /**
-     * A helper function that attempts public-key credential authentication using WebAuthn API. It is designed to be used with LoginID's
-     * passkey authentication flow. The function takes an authentication initialization response and returns an authentication completion request body.
-     *
-     * @param {AuthInit} authInitResponseBody The response body from authentication initialization.
-     * @param {AuthenticateWithPasskeysOptions} options Additional options for authentication.
-     * @returns {Promise<AuthAuthCompleteRequestBody>} Completion request body for authentication.
-     */
-    private getNavigatorCredential;
-    /**
-     * This method authenticates a user with a passkey and may trigger additional browser dialogs to guide the user through the process.
-     *
-     * A short-lived authorization token is returned, allowing access to protected resources for the given user such as listing, renaming or deleting passkeys.
-     *
-     * @param {string} username Username to authenticate. When empty, usernameless passkey authentication is performed.
-     * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
-     * @returns {Promise<AuthResult>} Result of the passkey authentication operation.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * // Button click handler
-     * async function handleSignupButtonClick() {
-     *   const username = "billy@loginid.io";
-     *
-     *   try {
-     *     // Sign in with a passkey
-     *     const signinResult = await lid.authenticateWithPasskey(username);
-     *     // Handle the signin result
-     *     console.log("Signin Result:", signinResult);
-     *   } catch (error) {
-     *     // Handle errors
-     *     console.error("Error during signin:", error);
-     *   }
-     * }
-     *
-     * // Attach the click handler to a button
-     * const signinButton = document.getElementById("signinButton");
-     * signinButton.addEventListener("click", handleSigninButtonClick);
-     * ```
-     */
-    authenticateWithPasskey(username?: string, options?: AuthenticateWithPasskeysOptions): Promise<AuthResult>;
-    /**
-     * Authenticates a user by utilizing the browser's passkey autofill capabilities.
-     *
-     * A short-lived authorization token is returned, allowing access to protected resources for the given user such as listing, renaming or deleting passkeys.
-     *
-     * @param {AuthenticateWithPasskeyAutofillOptions} options Additional authentication options.
-     * @returns {Promise<AuthResult>} Result of the passkey authentication operation.
-     * @example
-     * * import { isConditionalUIAvailable, LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * window.addEventListener("load", async (event) => {
-     *   try {
-     *     const result = await isConditionalUIAvailable();
-     *     if (!result) {
-     *       // If conditional UI is not supported then continue without it or handle what to do
-     *       // next here.
-     *       return;
-     *     }
-     *
-     *     const result = await lid.authenticateWithPasskeyAutofill();
-     *     console.log("Authentication Result:", result);
-     *   } catch (error) {
-     *     // Handle errors
-     *     console.error("Error during authentication:", error);
-     *   }
-     * });
-     */
-    authenticateWithPasskeyAutofill(options?: AuthenticateWithPasskeyAutofillOptions): Promise<AuthResult>;
-    /**
-     * This method returns a one-time OTP to be displayed on the current device. The user must be authenticated on this device.
-     * The OTP is meant for cross-authentication, where the user reads the OTP from the screen and enters it on the target device.
-     *
-     * @param {string} username The username used for passkey authentication and OTP request.
-     * @param {RequestOtpOptions} options Additional request OTP options.
-     * @returns {Promise<Otp>} Result of the request OTP operation returning an OTP and expiry time.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * // Button click handler
-     * async function handleRequestOTPButtonClick() {
-     *   const username = "billy@loginid.io";
-     *
-     *   try {
-     *     // Request OTP with passkey
-     *     const result = await lid.requestOtp(username);
-     *     const otp = result.code;
-     *     console.log("The OTP is: ", otp);
-     *   } catch (error) {
-     *     // Handle errors
-     *     console.error("Error during authentication:", error);
-     *   }
-     * }
-     *
-     * // Attach the click handler to a button
-     * const requestOTPButton = document.getElementById("requestOTPButton");
-     * requestOTPButton.addEventListener("click", handleRequestOTPButtonClick);
-     * ```
-     */
-    requestOtp(username: string, options?: RequestOtpOptions): Promise<Otp>;
-    /**
-     * This method initiates a non-repudiation signature process by generating a transaction-specific challenge
-     * and then expects the client to provide an assertion response using a passkey.
-     *
-     * This method is useful for confirming actions such as payments
-     * or changes to sensitive account information, ensuring that the transaction is being authorized
-     * by the rightful owner of the passkey.
-     *
-     * For a more detailed guide click [here](https://docs.loginid.io/scenarios/transaction-confirmation).
-     *
-     * @param {string} username The username of the user confirming the transaction.
-     * @param {string} txPayload The transaction-specific payload, which could include details
-     * such as the transaction amount, recipient, and other metadata necessary for the transaction.
-     * @param {ConfirmTransactionOptions} options Optional parameters for transaction confirmation.
-     * @returns {Promise<TxComplete>} A promise that resolves with the result of the transaction confirmation operation.
-     * The result includes details about the transaction's details and includes a new JWT access token.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * const username = "jane@securelogin.com";
-     * const txPayload = JSON.stringify({
-     *   amount: 100,
-     *   recipient: "bob@securepay.com",
-     * });
-     * // Unique transaction nonce
-     * const nonce = "f846bb01-492e-422b-944a-44b04adc441e";
-     *
-     * async function handleTransactionConfirmation() {
-     *   try {
-     *     // Confirm the transaction
-     *     const confirmationResult = await lid.confirmTransaction(
-     *       username,
-     *       txPayload,
-     *       nonce
-     *     );
-     *     // Handle the transaction confirmation result
-     *     console.log("Transaction Confirmation Result:", confirmationResult);
-     *
-     *     // Check nonce
-     *     const { nonce: resultNonce } = confirmationResult;
-     *     if (nonce !== resultNonce) {
-     *       throw new Error("Nonce mismatch");
-     *     }
-     *   } catch (error) {
-     *     // Handle errors
-     *     console.error("Error during transaction confirmation:", error);
-     *   }
-     * }
-     *
-     * // Attach the click handler to a button for transaction confirmation
-     * const confirmTransactionButton = document.getElementById(
-     *   "confirmTransactionButton"
-     * );
-     * confirmTransactionButton.addEventListener(
-     *   "click",
-     *   handleTransactionConfirmation
-     * );
-     * ```
-     */
-    confirmTransaction(username: string, txPayload: string, options?: ConfirmTransactionOptions): Promise<TxComplete>;
-}
-
-/**
- * Extends LoginIDBase to manage Passkeys, including listing, renaming, and deleting passkeys.
- */
-declare class PasskeyManager extends LoginIDBase {
-    /**
-     * Initializes a new instance of PasskeyManager with the provided configuration.
-     *
-     * @param {LoginIDConfig} config Configuration object for LoginID.
-     */
-    constructor(config: LoginIDConfig);
-    /**
-     * This method returns list of passkeys associated with the current user. The user must be fully authorized for this call to succeed.
-     *
-     * @param {ListPasskeysOptions} options Additional options for listing passkeys.
-     * @returns {Promise<PasskeyCollection>} A collection of passkeys.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * // Button click handler for signing in
-     * async function handleSigninButtonClick() {
-     *   const username = "billy@loginid.io";
-     *
-     *   try {
-     *     // Sign in with a passkey
-     *     await lid.authenticateWithPasskey(username);
-     *
-     *     // List all user credentials
-     *     const passkeys = await lid.listPasskeys();
-     *     // Handle the sign-in result
-     *   } catch (error) {
-     *     // Handle errors
-     *     console.error("Error during obtaining passkeys:", error);
-     *   }
-     * }
-     *
-     * // Attach the click handler to a button
-     * const signinButton = document.getElementById("signinButton");
-     * signinButton.addEventListener("click", handleSigninButtonClick);
-     * ```
-     */
-    listPasskeys(options?: ListPasskeysOptions): Promise<PasskeyCollection>;
-    /**
-     * Renames a specified passkey by ID. The user must be fully authorized for this call to succeed.
-     *
-     * @param {string} id The ID of the passkey to rename.
-     * @param {string} name The new name for the passkey.
-     * @param {RenamePasskeyOptions} options Additional options for renaming the passkey.
-     * @returns {Promise<void>} A promise that resolves when the operation completes successfully.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * const passkeyId = "abc123";
-     * const newCredName = "New Passkey Credential Name";
-     *
-     * // Rename the passkey user credential
-     * try {
-     *   // Signin with passkey
-     *   await lid.authenticateWithPasskey(username);
-     *
-     *   // Find a way to retrieve passkey ID
-     *   await lid.renamePasskey(passkeyId, newCredName);
-     *   // Passkey credential successfully renamed
-     * } catch (error) {
-     *   // Handle errors
-     *   console.error("Error during passkey credential renaming:", error);
-     * }
-     * ```
-     */
-    renamePasskey(id: string, name: string, options?: RenamePasskeyOptions): Promise<void>;
-    /**
-     * Delete a specified passkey by ID from LoginID. The user must be fully authorized for this call to succeed.
-     *
-     * @param {string} id The ID of the passkey to delete.
-     * @param {DeletePasskeyOptions} options Additional options for deleting the passkey.
-     * @returns {Promise<void>} A promise that resolves when the operation completes successfully.
-     * @example
-     * ```javascript
-     * import { LoginIDWebSDK } from "@loginid/websdk3";
-     *
-     * // Obtain credentials from LoginID
-     * const BASE_URL = process.env.BASE_URL;
-     *
-     * // Initialize the SDK with your configuration
-     * const config = {
-     *   baseUrl: BASE_URL,
-     * };
-     *
-     * // Use the SDK components for signup and signin
-     * const lid = new LoginIDWebSDK(config);
-     *
-     * const passkeyId = "abc123";
-     *
-     * // Delete the passkey user credential
-     * try {
-     *   // Signin with passkey
-     *   const signinResult = await lid.authenticateWithPasskey(username);
-     *
-     *   // Find a way to retrieve passkey ID
-     *   await lid.deletePasskey(passkeyId);
-     *   // Passkey credential successfully deleted
-     * } catch (error) {
-     *   // Handle errors
-     *   console.error("Error deleting passkey:", error);
-     * }
-     * ```
-     */
-    deletePasskey(id: string, options?: DeletePasskeyOptions): Promise<void>;
+	/**
+	 * Initializes a new Passkeys instance with the provided configuration.
+	 *
+	 * @param {LoginIDConfig} config Configuration object for LoginID.
+	 *
+	 */
+	constructor(config: LoginIDConfig);
+	/**
+	 * This method helps to create a passkey. The only required parameter is the username, but additional attributes can be provided in the options parameter.
+	 * Note: While the authorization token is optional, it must always be used in a production environment. You can skip it during development by adjusting
+	 * the app configuration in the LoginID dashboard.
+	 *
+	 * A short-lived authorization token is returned, allowing access to protected resources for the given user such as listing, renaming or deleting passkeys.
+	 *
+	 * @param {string} username Username to register.
+	 * @param {string} authzToken Authorization token for passkey creation.
+	 * @param {CreatePasskeyOptions} options Additional passkey creation options.
+	 * @returns {Promise<AuthResult>} Result of the passkey creation operation.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * // Button click handler
+	 * async function handleSignupButtonClick() {
+	 *   const username = "billy@loginid.io";
+	 *
+	 *   try {
+	 *     // Sign up with a passkey
+	 *     const signupResult = await lid.createPasskey(username);
+	 *     // Handle the signup result
+	 *     console.log("Signup Result:", signupResult);
+	 *   } catch (error) {
+	 *     // Handle errors
+	 *     console.error("Error during signup:", error);
+	 *   }
+	 * }
+	 *
+	 * // Attach the click handler to a button
+	 * const signinButton = document.getElementById("signinButton");
+	 * signinButton.addEventListener("click", handleSigninButtonClick);
+	 * ```
+	 */
+	createPasskey(username: string, authzToken?: string, options?: CreatePasskeyOptions): Promise<AuthResult>;
+	/**
+	 * This method authenticates a user with a passkey and may trigger additional browser dialogs to guide the user through the process.
+	 *
+	 * A short-lived authorization token is returned, allowing access to protected resources for the given user such as listing, renaming or deleting passkeys.
+	 *
+	 * @param {string} username Username to authenticate. When empty, usernameless passkey authentication is performed.
+	 * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
+	 * @returns {Promise<AuthResult>} Result of the passkey authentication operation.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * // Button click handler
+	 * async function handleSignupButtonClick() {
+	 *   const username = "billy@loginid.io";
+	 *
+	 *   try {
+	 *     // Sign in with a passkey
+	 *     const signinResult = await lid.authenticateWithPasskey(username);
+	 *     // Handle the signin result
+	 *     console.log("Signin Result:", signinResult);
+	 *   } catch (error) {
+	 *     // Handle errors
+	 *     console.error("Error during signin:", error);
+	 *   }
+	 * }
+	 *
+	 * // Attach the click handler to a button
+	 * const signinButton = document.getElementById("signinButton");
+	 * signinButton.addEventListener("click", handleSigninButtonClick);
+	 * ```
+	 */
+	authenticateWithPasskey(username?: string, options?: AuthenticateWithPasskeysOptions): Promise<AuthResult>;
+	/**
+	 * Authenticates a user by utilizing the browser's passkey autofill capabilities.
+	 *
+	 * A short-lived authorization token is returned, allowing access to protected resources for the given user such as listing, renaming or deleting passkeys.
+	 *
+	 * @param {AuthenticateWithPasskeyAutofillOptions} options Additional authentication options.
+	 * @returns {Promise<AuthResult>} Result of the passkey authentication operation.
+	 * @example
+	 * * import { isConditionalUIAvailable, LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * window.addEventListener("load", async (event) => {
+	 *   try {
+	 *     const result = await isConditionalUIAvailable();
+	 *     if (!result) {
+	 *       // If conditional UI is not supported then continue without it or handle what to do
+	 *       // next here.
+	 *       return;
+	 *     }
+	 *
+	 *     const result = await lid.authenticateWithPasskeyAutofill();
+	 *     console.log("Authentication Result:", result);
+	 *   } catch (error) {
+	 *     // Handle errors
+	 *     console.error("Error during authentication:", error);
+	 *   }
+	 * });
+	 */
+	authenticateWithPasskeyAutofill(options?: AuthenticateWithPasskeyAutofillOptions): Promise<AuthResult>;
+	/**
+	 * This method returns a one-time OTP to be displayed on the current device. The user must be authenticated on this device.
+	 * The OTP is meant for cross-authentication, where the user reads the OTP from the screen and enters it on the target device.
+	 *
+	 * @param {string} username The username used for passkey authentication and OTP request.
+	 * @param {RequestOtpOptions} options Additional request OTP options.
+	 * @returns {Promise<Otp>} Result of the request OTP operation returning an OTP and expiry time.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * // Obtain credentials from LoginID
+	 * const BASE_URL = process.env.BASE_URL;
+	 *
+	 * // Initialize the SDK with your configuration
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * // Use the SDK components for signup and signin
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * // Button click handler
+	 * async function handleRequestOTPButtonClick() {
+	 *   const username = "billy@loginid.io";
+	 *
+	 *   try {
+	 *     // Request OTP with passkey
+	 *     const result = await lid.requestOtp(username);
+	 *     const otp = result.code;
+	 *     console.log("The OTP is: ", otp);
+	 *   } catch (error) {
+	 *     // Handle errors
+	 *     console.error("Error during authentication:", error);
+	 *   }
+	 * }
+	 *
+	 * // Attach the click handler to a button
+	 * const requestOTPButton = document.getElementById("requestOTPButton");
+	 * requestOTPButton.addEventListener("click", handleRequestOTPButtonClick);
+	 * ```
+	 */
+	requestOtp(username: string, options?: RequestOtpOptions): Promise<Otp>;
+	/**
+	 * This method initiates a non-repudiation signature process by generating a transaction-specific challenge
+	 * and then expects the client to provide an assertion response using a passkey.
+	 *
+	 * This method is useful for confirming actions such as payments
+	 * or changes to sensitive account information, ensuring that the transaction is being authorized
+	 * by the rightful owner of the passkey.
+	 *
+	 * For a more detailed guide click [here](https://docs.loginid.io/scenarios/transaction-confirmation).
+	 *
+	 * @param {string} username The username of the user confirming the transaction.
+	 * @param {string} txPayload The transaction-specific payload, which could include details
+	 * such as the transaction amount, recipient, and other metadata necessary for the transaction.
+	 * @param {ConfirmTransactionOptions} options Optional parameters for transaction confirmation.
+	 * @returns {Promise<TxComplete>} A promise that resolves with the result of the transaction confirmation operation.
+	 * The result includes details about the transaction's details and includes a new JWT access token.
+	 * @example
+	 * ```javascript
+	 * import { LoginIDWebSDK } from "@loginid/websdk3";
+	 *
+	 * const config = {
+	 *   baseUrl: BASE_URL,
+	 * };
+	 *
+	 * const lid = new LoginIDWebSDK(config);
+	 *
+	 * const username = "jane@securelogin.com";
+	 * const txPayload = JSON.stringify({
+	 *   amount: 100,
+	 *   recipient: "bob@securepay.com",
+	 * });
+	 * // Unique transaction nonce
+	 * const nonce = "f846bb01-492e-422b-944a-44b04adc441e";
+	 *
+	 * async function handleTransactionConfirmation() {
+	 *   try {
+	 *     // Confirm the transaction
+	 *     const confirmationResult = await lid.confirmTransaction(
+	 *       username,
+	 *       txPayload,
+	 *       nonce
+	 *     );
+	 *     // Handle the transaction confirmation result
+	 *     console.log("Transaction Confirmation Result:", confirmationResult);
+	 *
+	 *     // Check nonce
+	 *     const { nonce: resultNonce } = confirmationResult;
+	 *     if (nonce !== resultNonce) {
+	 *       throw new Error("Nonce mismatch");
+	 *     }
+	 *   } catch (error) {
+	 *     // Handle errors
+	 *     console.error("Error during transaction confirmation:", error);
+	 *   }
+	 * }
+	 *
+	 * // Attach the click handler to a button for transaction confirmation
+	 * const confirmTransactionButton = document.getElementById(
+	 *   "confirmTransactionButton"
+	 * );
+	 * confirmTransactionButton.addEventListener(
+	 *   "click",
+	 *   handleTransactionConfirmation
+	 * );
+	 * ```
+	 */
+	confirmTransaction(username: string, txPayload: string, options?: ConfirmTransactionOptions): Promise<TxComplete>;
 }
-
-interface LoginIDWebSDK extends Passkeys, OTP, PasskeyManager, Utils {
+export interface LoginIDWebSDK extends Passkeys, OTP, PasskeyManager, Utils {
 }
-declare class LoginIDWebSDK extends LoginIDBase {
-    constructor(config: LoginIDConfig);
+export declare class LoginIDWebSDK extends LoginIDBase {
+	constructor(config: LoginIDConfig);
 }
 
-/**
- * Error class for abort-related errors.
- */
-declare class AbortError extends Error {
-    /**
-     * Initializes a new instance of AbortError with the provided message.
-     *
-     * @type {Error}
-     * @memberof AbortError
-     */
-    constructor(message: string);
-}
-
-type PasskeyErrorCode = 'ERROR_PASSKEY_ABORTED' | 'ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED' | 'ERROR_USER_VERIFICATION_UNSUPPORTED' | 'ERROR_PASSKEY_EXISTS' | 'ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD' | 'ERROR_ALGORITHMS_UNSUPPORTED' | 'ERROR_DOMAIN_MISMATCH' | 'ERROR_AUTHENTICATOR_UNKNOWN_ERROR';
-
-/**
- * Error class for passkey-related errors.
- */
-declare class PasskeyError extends Error {
-    readonly code: PasskeyErrorCode;
-    /**
-     * Initializes a new instance of PasskeyError with the provided message, code, and original error.
-     *
-     * @type {Error}
-     * @memberof PasskeyError
-     */
-    constructor(message: string, code: PasskeyErrorCode, originalError: Error);
-}
-
-declare class WebAuthnHelper {
-    /**
-     * Retrieves a navigator credential for authentication.
-     * @param {AuthInit} authInitResponseBody The response body from authentication initialization.
-     * @param {AuthenticateWithPasskeysOptions} options Additional options for authentication.
-     * @returns {Promise<AuthAuthCompleteRequestBody>} Completion request body for authentication.
-     */
-    static getNavigatorCredential(authInitResponseBody: AuthInit, options?: AuthenticateWithPasskeysOptions): Promise<AuthCompleteRequestBody>;
-    /**
-     * Creates a navigator credential using WebAuthn.
-     * @param {RegInit} regInitResponseBody The response body from registration initialization.
-     * @returns {Promise<RegRegCompleteRequestBody>} Completion request body for registration.
-     */
-    static createNavigatorCredential(regInitResponseBody: RegInit): Promise<RegCompleteRequestBody>;
-}
-
-/**
- * Asynchronously creates a passkey credential using the provided registration response.
- *
- * @param {IRegisterPasskeyInitResponse} init - The registration initiation response.
- * @returns {Promise<PublicKeyCredential>} A promise that resolves to the passkey credential.
- * @throws {LoginIdError} If any errors occur during credential creation or if the credential type is invalid.
- */
-declare const createPasskeyCredential: (init: PublicKeyCredentialCreationOptions) => Promise<PublicKeyCredential>;
-/**
- * Asynchronously retrieves a passkey credential for authentication using the provided request options.
- *
- * @param {publicKeyCredentialRequestOptionsResponseBody} init - The authentication initiation response.
- * @param {AuthenticateWithPasskeysOptions} options - Additional options for the authentication request.
- * @returns {Promise<PublicKeyCredential>} A promise that resolves to the passkey credential.
- */
-declare const getPasskeyCredential: (init: PublicKeyCredentialRequestOptions, options?: AuthenticateWithPasskeysOptions) => Promise<PublicKeyCredential>;
-
-/**
- * Checks if platform authenticator available
- * */
-declare function isPlatformAuthenticatorAvailable(): Promise<boolean>;
-/**
- * Checks if conditional UI is available
- * */
-declare function isConditionalUIAvailable(): Promise<boolean>;
+export {
+	LoginIDWebSDK as default,
+};
 
-export { AbortError, type AllOptions, ApiError, type AuthResult, type AuthenticateWithPasskeyAutofillOptions, type AuthenticateWithPasskeysOptions, type Callbacks, type Complete, type ConfirmTransactionOptions, type CreatePasskeyOptions, type DeletePasskeyOptions, type DeviceInfoRequestBody, type FallbackCallback, type FallbackOptions, type ListPasskeysOptions, index as LoginIDAPI, type LoginIDConfig, LoginIDWebSDK, type Message, type Otp, type Passkey, type PasskeyCollection, PasskeyError, type PasskeyManagementOptions, type PasskeyOptions, type RenamePasskeyOptions, type RequestAndSendOtpOptions, type RequestOtpOptions, type SessionInfo, type SuccessCallback, type Transports, type TrustIDClaims, type TrustIDRecord, type UsernameType, type ValidateOtpOptions, type VerifyConfigResult, WebAuthnHelper, createPasskeyCredential, LoginIDWebSDK as default, getPasskeyCredential, isConditionalUIAvailable, isPlatformAuthenticatorAvailable };
+export {};