@logto/cloud 0.2.5-c6ed487 → 0.2.5-c98a257

package/lib/routes/index.d.ts

@@ -1,11 +1,13 @@
-// Generated by dts-bundle-generator v9.0.0
+// Generated by dts-bundle-generator v9.3.1
 
-import { RequestContext } from '@withtyped/server';
+import { Json, JsonObject, RequestContext } from '@withtyped/server';
 import { InferModelType } from '@withtyped/server/model';
 
 export type WithAuthContext<Context = RequestContext> = Context & {
 	auth: {
+		/** The ID of the authenticated subject (`sub`). */
 		id: string;
+		/** The scopes that the subject has (`scope`). */
 		scopes: string[];
 	};
 };
@@ -14,13 +16,82 @@ declare enum VerificationCodeType {
 	Register = "Register",
 	ForgotPassword = "ForgotPassword",
 	Generic = "Generic",
+	UserPermissionValidation = "UserPermissionValidation",
+	BindNewIdentifier = "BindNewIdentifier",
 	/** @deprecated Use `Generic` type template for sending test sms/email use case */
 	Test = "Test"
 }
+declare enum TemplateType {
+	/** The template for sending verification code when user is signing in. */
+	SignIn = "SignIn",
+	/** The template for sending verification code when user is registering. */
+	Register = "Register",
+	/** The template for sending verification code when user is resetting password. */
+	ForgotPassword = "ForgotPassword",
+	/** The template for sending organization invitation. */
+	OrganizationInvitation = "OrganizationInvitation",
+	/** The template for generic usage. */
+	Generic = "Generic",
+	/** The template for validating user permission for sensitive operations. */
+	UserPermissionValidation = "UserPermissionValidation",
+	/** The template for binding a new identifier to an existing account. */
+	BindNewIdentifier = "BindNewIdentifier"
+}
+declare enum OrganizationInvitationStatus {
+	Pending = "Pending",
+	Accepted = "Accepted",
+	Expired = "Expired",
+	Revoked = "Revoked"
+}
+/** The scopes (permissions) defined by the organization template. */
+export type OrganizationScope = {
+	tenantId: string;
+	/** The globally unique identifier of the organization scope. */
+	id: string;
+	/** The organization scope's name, unique within the organization template. */
+	name: string;
+	/** A brief description of the organization scope. */
+	description: string | null;
+};
+declare enum LogtoJwtTokenKeyType {
+	AccessToken = "access-token",
+	ClientCredentials = "client-credentials"
+}
+/**
+ * The simplified organization role entity that is returned in the `roles` field
+ * of the organization.
+ */
+export type OrganizationRoleEntity = {
+	id: string;
+	name: string;
+};
 declare enum TenantTag {
 	Development = "development",
 	Production = "production"
 }
+declare enum TenantRole {
+	/** Admin of the tenant, who has all permissions. */
+	Admin = "admin",
+	/** Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings. */
+	Collaborator = "collaborator"
+}
+declare const availableReportableUsageKeys: readonly [
+	"tokenLimit",
+	"machineToMachineLimit",
+	"resourcesLimit",
+	"enterpriseSsoLimit",
+	"hooksLimit",
+	"tenantMembersLimit",
+	"mfaEnabled",
+	"organizationsEnabled",
+	"organizationsLimit"
+];
+export type ReportableUsageKey = (typeof availableReportableUsageKeys)[number];
+export type RealtimeReportableUsageKey = Exclude<ReportableUsageKey, "tokenLimit">;
+declare enum LogtoSkuType {
+	Basic = "Basic",
+	AddOn = "AddOn"
+}
 declare const AffiliateProperties: import("@withtyped/server/lib/model/index.js").default<"affiliate_properties", {
 	createdAt: Date;
 	affiliateId: string;
@@ -29,25 +100,52 @@ declare const AffiliateProperties: import("@withtyped/server/lib/model/index.js"
 }, "createdAt", "createdAt">;
 export type AffiliateProperty = InferModelType<typeof AffiliateProperties>;
 declare const Affiliates: import("@withtyped/server/lib/model/index.js").default<"affiliates", {
-	id: string;
-	createdAt: Date;
 	name: string;
-}, "createdAt" | "id", "createdAt" | "id">;
+	createdAt: Date;
+	id: string;
+}, "id" | "createdAt", "id" | "createdAt">;
 export type Affiliate = InferModelType<typeof Affiliates>;
+declare enum RegionName {
+	EU = "EU",
+	US = "US",
+	AU = "AU"
+}
 export type AffiliateData = Affiliate & {
 	properties: Array<Pick<AffiliateProperty, "type" | "value">>;
 };
-declare const router: import("@withtyped/server").Router<WithAuthContext, import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").BaseRoutes, import("@withtyped/server").RoutesWithPrefix<{
-	options: {};
+declare const router: import("@withtyped/server").Router<RequestContext, WithAuthContext<Omit<import("@withtyped/server").BaseContext & {
+	request: {
+		id?: string | undefined;
+		method?: import("@withtyped/server").RequestMethod | undefined;
+		headers: import("http").IncomingHttpHeaders;
+		url: URL;
+		body?: unknown;
+	};
+}, "request"> & {
+	request: Record<string, unknown> & {
+		id?: string | undefined;
+		method?: import("@withtyped/server").RequestMethod | undefined;
+		headers: import("http").IncomingHttpHeaders;
+		url: URL;
+		body?: unknown;
+	} & {
+		body?: Json | undefined;
+		bodyRaw?: Buffer | undefined;
+	};
+}>, import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").BaseRoutes, import("@withtyped/server").RoutesWithPrefix<{
 	patch: {
 		"/tenants/:tenantId": import("@withtyped/server").PathGuard<"/:tenantId", unknown, {
 			name?: string | undefined;
 		}, {
 			id: string;
 			name: string;
+			createdAt: Date;
+			quota: {
+				mauLimit: number | null;
+				tokenLimit: number | null;
+			};
 			usage: {
 				activeUsers: number;
-				cost: number;
 				tokenUsage: number;
 			};
 			indicator: string;
@@ -58,12 +156,21 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 				planId: string;
 				currentPeriodStart: Date;
 				currentPeriodEnd: Date;
+				isEnterprisePlan: boolean;
+				id?: string | undefined;
+				upcomingInvoice?: {
+					subtotal: number;
+					subtotalExcludingTax: number | null;
+					total: number;
+					totalExcludingTax: number | null;
+				} | null | undefined;
 			};
+			regionName: RegionName;
 			tag: TenantTag;
 			openInvoices: {
-				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
-				createdAt: Date;
 				id: string;
+				createdAt: Date;
+				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
 				updatedAt: Date;
 				customerId: string | null;
 				billingReason: string | null;
@@ -71,19 +178,25 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 				periodEnd: Date;
 				amountDue: number;
 				amountPaid: number;
+				basicSkuId: string | null;
 				subscriptionId: string | null;
 				hostedInvoiceUrl: string | null;
 				invoicePdf: string | null;
 			}[];
 		}>;
 	};
+	options: {};
 	get: {
 		"/tenants": import("@withtyped/server").PathGuard<"/", unknown, unknown, {
 			id: string;
 			name: string;
+			createdAt: Date;
+			quota: {
+				mauLimit: number | null;
+				tokenLimit: number | null;
+			};
 			usage: {
 				activeUsers: number;
-				cost: number;
 				tokenUsage: number;
 			};
 			indicator: string;
@@ -94,12 +207,21 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 				planId: string;
 				currentPeriodStart: Date;
 				currentPeriodEnd: Date;
+				isEnterprisePlan: boolean;
+				id?: string | undefined;
+				upcomingInvoice?: {
+					subtotal: number;
+					subtotalExcludingTax: number | null;
+					total: number;
+					totalExcludingTax: number | null;
+				} | null | undefined;
 			};
+			regionName: RegionName;
 			tag: TenantTag;
 			openInvoices: {
-				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
-				createdAt: Date;
 				id: string;
+				createdAt: Date;
+				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
 				updatedAt: Date;
 				customerId: string | null;
 				billingReason: string | null;
@@ -107,6 +229,7 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 				periodEnd: Date;
 				amountDue: number;
 				amountPaid: number;
+				basicSkuId: string | null;
 				subscriptionId: string | null;
 				hostedInvoiceUrl: string | null;
 				invoicePdf: string | null;
@@ -117,12 +240,17 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 		"/tenants": import("@withtyped/server").PathGuard<"/", unknown, {
 			name?: string | undefined;
 			tag?: TenantTag | undefined;
+			regionName?: RegionName | undefined;
 		}, {
 			id: string;
 			name: string;
+			createdAt: Date;
+			quota: {
+				mauLimit: number | null;
+				tokenLimit: number | null;
+			};
 			usage: {
 				activeUsers: number;
-				cost: number;
 				tokenUsage: number;
 			};
 			indicator: string;
@@ -133,12 +261,21 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 				planId: string;
 				currentPeriodStart: Date;
 				currentPeriodEnd: Date;
+				isEnterprisePlan: boolean;
+				id?: string | undefined;
+				upcomingInvoice?: {
+					subtotal: number;
+					subtotalExcludingTax: number | null;
+					total: number;
+					totalExcludingTax: number | null;
+				} | null | undefined;
 			};
+			regionName: RegionName;
 			tag: TenantTag;
 			openInvoices: {
-				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
-				createdAt: Date;
 				id: string;
+				createdAt: Date;
+				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
 				updatedAt: Date;
 				customerId: string | null;
 				billingReason: string | null;
@@ -146,6 +283,7 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 				periodEnd: Date;
 				amountDue: number;
 				amountPaid: number;
+				basicSkuId: string | null;
 				subscriptionId: string | null;
 				hostedInvoiceUrl: string | null;
 				invoicePdf: string | null;
@@ -159,28 +297,281 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 	copy: {};
 	head: {};
 }, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
-	options: {};
 	patch: {};
+	options: {};
 	get: {
 		"/tenants/my/subscription": import("@withtyped/server").PathGuard<"/my/subscription", unknown, unknown, {
 			status: "incomplete" | "incomplete_expired" | "trialing" | "active" | "past_due" | "canceled" | "unpaid" | "paused";
+			quota: {
+				auditLogsRetentionDays: number | null;
+				mauLimit: number | null;
+				applicationsLimit: number | null;
+				thirdPartyApplicationsLimit: number | null;
+				scopesPerResourceLimit: number | null;
+				socialConnectorsLimit: number | null;
+				userRolesLimit: number | null;
+				machineToMachineRolesLimit: number | null;
+				scopesPerRoleLimit: number | null;
+				hooksLimit: number | null;
+				customJwtEnabled: boolean;
+				subjectTokenEnabled: boolean;
+				bringYourUiEnabled: boolean;
+				tokenLimit: number | null;
+				machineToMachineLimit: number | null;
+				resourcesLimit: number | null;
+				enterpriseSsoLimit: number | null;
+				tenantMembersLimit: number | null;
+				mfaEnabled: boolean;
+				organizationsEnabled: boolean;
+				organizationsLimit: number | null;
+				idpInitiatedSsoEnabled: boolean;
+				samlApplicationsLimit: number | null;
+			};
 			planId: string;
 			currentPeriodStart: Date;
 			currentPeriodEnd: Date;
+			isEnterprisePlan: boolean;
+			id?: string | undefined;
+			upcomingInvoice?: {
+				subtotal: number;
+				subtotalExcludingTax: number | null;
+				total: number;
+				totalExcludingTax: number | null;
+			} | null | undefined;
 		}>;
 	} & {
+		"/tenants/my/subscription-usage": import("@withtyped/server").PathGuard<"/my/subscription-usage", unknown, unknown, {
+			usage: {
+				applicationsLimit: number;
+				thirdPartyApplicationsLimit: number;
+				scopesPerResourceLimit: number;
+				socialConnectorsLimit: number;
+				userRolesLimit: number;
+				machineToMachineRolesLimit: number;
+				scopesPerRoleLimit: number;
+				hooksLimit: number;
+				customJwtEnabled: boolean;
+				subjectTokenEnabled: boolean;
+				bringYourUiEnabled: boolean;
+				machineToMachineLimit: number;
+				resourcesLimit: number;
+				enterpriseSsoLimit: number;
+				tenantMembersLimit: number;
+				mfaEnabled: boolean;
+				organizationsEnabled: boolean;
+				organizationsLimit: number;
+				idpInitiatedSsoEnabled: boolean;
+				samlApplicationsLimit: number;
+			};
+			resources: Record<string, number>;
+			roles: Record<string, number>;
+			quota: {
+				auditLogsRetentionDays: number | null;
+				mauLimit: number | null;
+				applicationsLimit: number | null;
+				thirdPartyApplicationsLimit: number | null;
+				scopesPerResourceLimit: number | null;
+				socialConnectorsLimit: number | null;
+				userRolesLimit: number | null;
+				machineToMachineRolesLimit: number | null;
+				scopesPerRoleLimit: number | null;
+				hooksLimit: number | null;
+				customJwtEnabled: boolean;
+				subjectTokenEnabled: boolean;
+				bringYourUiEnabled: boolean;
+				tokenLimit: number | null;
+				machineToMachineLimit: number | null;
+				resourcesLimit: number | null;
+				enterpriseSsoLimit: number | null;
+				tenantMembersLimit: number | null;
+				mfaEnabled: boolean;
+				organizationsEnabled: boolean;
+				organizationsLimit: number | null;
+				idpInitiatedSsoEnabled: boolean;
+				samlApplicationsLimit: number | null;
+			};
+			basicQuota: {
+				auditLogsRetentionDays: number | null;
+				mauLimit: number | null;
+				applicationsLimit: number | null;
+				thirdPartyApplicationsLimit: number | null;
+				scopesPerResourceLimit: number | null;
+				socialConnectorsLimit: number | null;
+				userRolesLimit: number | null;
+				machineToMachineRolesLimit: number | null;
+				scopesPerRoleLimit: number | null;
+				hooksLimit: number | null;
+				customJwtEnabled: boolean;
+				subjectTokenEnabled: boolean;
+				bringYourUiEnabled: boolean;
+				tokenLimit: number | null;
+				machineToMachineLimit: number | null;
+				resourcesLimit: number | null;
+				enterpriseSsoLimit: number | null;
+				tenantMembersLimit: number | null;
+				mfaEnabled: boolean;
+				organizationsEnabled: boolean;
+				organizationsLimit: number | null;
+				idpInitiatedSsoEnabled: boolean;
+				samlApplicationsLimit: number | null;
+			};
+		}>;
+	};
+	post: {
+		"/tenants/my/subscription/item-updates": import("@withtyped/server").PathGuard<"/my/subscription/item-updates", unknown, {
+			usageKey: RealtimeReportableUsageKey;
+		}, {
+			message: string;
+		}>;
+	};
+	put: {};
+	delete: {};
+	copy: {};
+	head: {};
+}, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
+	patch: {};
+	options: {};
+	get: {
 		"/tenants/:tenantId/subscription": import("@withtyped/server").PathGuard<"/:tenantId/subscription", unknown, unknown, {
 			status: "incomplete" | "incomplete_expired" | "trialing" | "active" | "past_due" | "canceled" | "unpaid" | "paused";
 			planId: string;
 			currentPeriodStart: Date;
 			currentPeriodEnd: Date;
+			isEnterprisePlan: boolean;
+			id?: string | undefined;
+			upcomingInvoice?: {
+				subtotal: number;
+				subtotalExcludingTax: number | null;
+				total: number;
+				totalExcludingTax: number | null;
+			} | null | undefined;
+		}>;
+	} & {
+		"/tenants/:tenantId/subscription-usage": import("@withtyped/server").PathGuard<"/:tenantId/subscription-usage", unknown, unknown, {
+			usage: {
+				applicationsLimit: number;
+				thirdPartyApplicationsLimit: number;
+				scopesPerResourceLimit: number;
+				socialConnectorsLimit: number;
+				userRolesLimit: number;
+				machineToMachineRolesLimit: number;
+				scopesPerRoleLimit: number;
+				hooksLimit: number;
+				customJwtEnabled: boolean;
+				subjectTokenEnabled: boolean;
+				bringYourUiEnabled: boolean;
+				machineToMachineLimit: number;
+				resourcesLimit: number;
+				enterpriseSsoLimit: number;
+				tenantMembersLimit: number;
+				mfaEnabled: boolean;
+				organizationsEnabled: boolean;
+				organizationsLimit: number;
+				idpInitiatedSsoEnabled: boolean;
+				samlApplicationsLimit: number;
+			};
+			resources: Record<string, number>;
+			roles: Record<string, number>;
+			quota: {
+				auditLogsRetentionDays: number | null;
+				mauLimit: number | null;
+				applicationsLimit: number | null;
+				thirdPartyApplicationsLimit: number | null;
+				scopesPerResourceLimit: number | null;
+				socialConnectorsLimit: number | null;
+				userRolesLimit: number | null;
+				machineToMachineRolesLimit: number | null;
+				scopesPerRoleLimit: number | null;
+				hooksLimit: number | null;
+				customJwtEnabled: boolean;
+				subjectTokenEnabled: boolean;
+				bringYourUiEnabled: boolean;
+				tokenLimit: number | null;
+				machineToMachineLimit: number | null;
+				resourcesLimit: number | null;
+				enterpriseSsoLimit: number | null;
+				tenantMembersLimit: number | null;
+				mfaEnabled: boolean;
+				organizationsEnabled: boolean;
+				organizationsLimit: number | null;
+				idpInitiatedSsoEnabled: boolean;
+				samlApplicationsLimit: number | null;
+			};
+			basicQuota: {
+				auditLogsRetentionDays: number | null;
+				mauLimit: number | null;
+				applicationsLimit: number | null;
+				thirdPartyApplicationsLimit: number | null;
+				scopesPerResourceLimit: number | null;
+				socialConnectorsLimit: number | null;
+				userRolesLimit: number | null;
+				machineToMachineRolesLimit: number | null;
+				scopesPerRoleLimit: number | null;
+				hooksLimit: number | null;
+				customJwtEnabled: boolean;
+				subjectTokenEnabled: boolean;
+				bringYourUiEnabled: boolean;
+				tokenLimit: number | null;
+				machineToMachineLimit: number | null;
+				resourcesLimit: number | null;
+				enterpriseSsoLimit: number | null;
+				tenantMembersLimit: number | null;
+				mfaEnabled: boolean;
+				organizationsEnabled: boolean;
+				organizationsLimit: number | null;
+				idpInitiatedSsoEnabled: boolean;
+				samlApplicationsLimit: number | null;
+			};
+		}>;
+	} & {
+		"/tenants/:tenantId/subscription/periodic-usage": import("@withtyped/server").PathGuard<"/:tenantId/subscription/periodic-usage", unknown, unknown, {
+			mauLimit: number;
+			tokenLimit: number;
+		}>;
+	} & {
+		"/tenants/:tenantId/subscription/add-on-skus": import("@withtyped/server").PathGuard<"/:tenantId/subscription/add-on-skus", unknown, unknown, {
+			tokenLimit?: {
+				id: string;
+				name: string | null;
+				createdAt: Date;
+				defaultPriceId: string | null;
+				unitPrice: number | null;
+				type: LogtoSkuType;
+				quota: {
+					auditLogsRetentionDays?: number | null | undefined;
+					mauLimit?: number | null | undefined;
+					applicationsLimit?: number | null | undefined;
+					thirdPartyApplicationsLimit?: number | null | undefined;
+					scopesPerResourceLimit?: number | null | undefined;
+					socialConnectorsLimit?: number | null | undefined;
+					userRolesLimit?: number | null | undefined;
+					machineToMachineRolesLimit?: number | null | undefined;
+					scopesPerRoleLimit?: number | null | undefined;
+					hooksLimit?: number | null | undefined;
+					customJwtEnabled?: boolean | undefined;
+					subjectTokenEnabled?: boolean | undefined;
+					bringYourUiEnabled?: boolean | undefined;
+					tokenLimit?: number | null | undefined;
+					machineToMachineLimit?: number | null | undefined;
+					resourcesLimit?: number | null | undefined;
+					enterpriseSsoLimit?: number | null | undefined;
+					tenantMembersLimit?: number | null | undefined;
+					mfaEnabled?: boolean | undefined;
+					organizationsEnabled?: boolean | undefined;
+					organizationsLimit?: number | null | undefined;
+					idpInitiatedSsoEnabled?: boolean | undefined;
+					samlApplicationsLimit?: number | null | undefined;
+				};
+				updatedAt: Date;
+				productId: string | null;
+			} | undefined;
 		}>;
 	} & {
 		"/tenants/:tenantId/invoices": import("@withtyped/server").PathGuard<"/:tenantId/invoices", unknown, unknown, {
 			invoices: {
-				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
-				createdAt: Date;
 				id: string;
+				createdAt: Date;
+				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
 				updatedAt: Date;
 				customerId: string | null;
 				billingReason: string | null;
@@ -188,22 +579,56 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 				periodEnd: Date;
 				amountDue: number;
 				amountPaid: number;
+				basicSkuId: string | null;
 				subscriptionId: string | null;
 				hostedInvoiceUrl: string | null;
 				invoicePdf: string | null;
 				planName: string | null;
+				skuId?: string | null | undefined;
 			}[];
 		}>;
+	} & {
+		"/tenants/:tenantId/available-skus": import("@withtyped/server").PathGuard<"/:tenantId/available-skus", {
+			type?: LogtoSkuType | undefined;
+		}, unknown, {
+			id: string;
+			name: string | null;
+			createdAt: Date;
+			defaultPriceId: string | null;
+			unitPrice: number | null;
+			type: LogtoSkuType;
+			quota: {
+				auditLogsRetentionDays?: number | null | undefined;
+				mauLimit?: number | null | undefined;
+				applicationsLimit?: number | null | undefined;
+				thirdPartyApplicationsLimit?: number | null | undefined;
+				scopesPerResourceLimit?: number | null | undefined;
+				socialConnectorsLimit?: number | null | undefined;
+				userRolesLimit?: number | null | undefined;
+				machineToMachineRolesLimit?: number | null | undefined;
+				scopesPerRoleLimit?: number | null | undefined;
+				hooksLimit?: number | null | undefined;
+				customJwtEnabled?: boolean | undefined;
+				subjectTokenEnabled?: boolean | undefined;
+				bringYourUiEnabled?: boolean | undefined;
+				tokenLimit?: number | null | undefined;
+				machineToMachineLimit?: number | null | undefined;
+				resourcesLimit?: number | null | undefined;
+				enterpriseSsoLimit?: number | null | undefined;
+				tenantMembersLimit?: number | null | undefined;
+				mfaEnabled?: boolean | undefined;
+				organizationsEnabled?: boolean | undefined;
+				organizationsLimit?: number | null | undefined;
+				idpInitiatedSsoEnabled?: boolean | undefined;
+				samlApplicationsLimit?: number | null | undefined;
+			};
+			updatedAt: Date;
+			productId: string | null;
+		}[]>;
 	} & {
 		"/tenants/:tenantId/invoices/:invoiceId/hosted-invoice-url": import("@withtyped/server").PathGuard<"/:tenantId/invoices/:invoiceId/hosted-invoice-url", unknown, unknown, {
 			hostedInvoiceUrl: string;
 		}>;
-	} & {
-		"/tenants/:tenantId/usage": import("@withtyped/server").PathGuard<"/:tenantId/usage", unknown, unknown, {
-			activeUsers: number;
-			cost: number;
-			tokenUsage: number;
-		}>;
 	};
 	post: {
 		"/tenants/:tenantId/stripe-customer-portal": import("@withtyped/server").PathGuard<"/:tenantId/stripe-customer-portal", unknown, {
@@ -219,8 +644,8 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 	copy: {};
 	head: {};
 }, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
-	options: {};
 	patch: {};
+	options: {};
 	get: {
 		"/services/mails/usage": import("@withtyped/server").PathGuard<"/mails/usage", {
 			from?: string | undefined;
@@ -231,9 +656,11 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 	post: {
 		"/services/mails": import("@withtyped/server").PathGuard<"/mails", unknown, {
 			data: {
-				type: VerificationCodeType;
+				type: TemplateType | VerificationCodeType;
 				payload: {
-					code: string;
+					code?: string | undefined;
+					link?: string | undefined;
+				} & Record<string, string> & {
 					senderName?: string | undefined;
 					companyInformation?: string | undefined;
 					appLogo?: string | undefined;
@@ -244,106 +671,218 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 	} & {
 		"/services/send-sms": import("@withtyped/server").PathGuard<"/send-sms", unknown, {
 			data: {
-				type: VerificationCodeType;
+				type: TemplateType | VerificationCodeType;
 				to: string;
 				payload: {
-					code: string;
-				};
+					code?: string | undefined;
+					link?: string | undefined;
+				} & Record<string, string>;
 			};
 		}, unknown>;
+	} & {
+		"/services/custom-jwt": import("@withtyped/server").PathGuard<"/custom-jwt", {
+			isTest?: string | undefined;
+		}, {
+			context: Record<string, Json>;
+			script: string;
+			tokenType: LogtoJwtTokenKeyType.AccessToken;
+			token: Record<string, Json>;
+			environmentVariables?: Record<string, string> | undefined;
+		} | {
+			script: string;
+			tokenType: LogtoJwtTokenKeyType.ClientCredentials;
+			token: Record<string, Json>;
+			environmentVariables?: Record<string, string> | undefined;
+		}, Record<string, unknown>>;
+	};
+	put: {
+		"/services/custom-jwt/worker": import("@withtyped/server").PathGuard<"/custom-jwt/worker", unknown, {
+			"jwt.accessToken"?: {
+				production?: string | undefined;
+				test?: string | undefined;
+			} | undefined;
+			"jwt.clientCredentials"?: {
+				production?: string | undefined;
+				test?: string | undefined;
+			} | undefined;
+		}, unknown>;
+	};
+	delete: {
+		"/services/custom-jwt/worker": import("@withtyped/server").PathGuard<"/custom-jwt/worker", unknown, unknown, unknown>;
 	};
-	put: {};
-	delete: {};
 	copy: {};
 	head: {};
 }, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
-	options: {};
 	patch: {};
+	options: {};
 	get: {
-		"/subscription-plans": import("@withtyped/server").PathGuard<"/", unknown, unknown, {
-			createdAt: Date;
+		"/skus": import("@withtyped/server").PathGuard<"/", {
+			type?: LogtoSkuType | undefined;
+		}, unknown, {
 			id: string;
-			name: string;
+			name: string | null;
+			createdAt: Date;
+			defaultPriceId: string | null;
+			unitPrice: number | null;
+			type: LogtoSkuType;
+			quota: {
+				auditLogsRetentionDays?: number | null | undefined;
+				mauLimit?: number | null | undefined;
+				applicationsLimit?: number | null | undefined;
+				thirdPartyApplicationsLimit?: number | null | undefined;
+				scopesPerResourceLimit?: number | null | undefined;
+				socialConnectorsLimit?: number | null | undefined;
+				userRolesLimit?: number | null | undefined;
+				machineToMachineRolesLimit?: number | null | undefined;
+				scopesPerRoleLimit?: number | null | undefined;
+				hooksLimit?: number | null | undefined;
+				customJwtEnabled?: boolean | undefined;
+				subjectTokenEnabled?: boolean | undefined;
+				bringYourUiEnabled?: boolean | undefined;
+				tokenLimit?: number | null | undefined;
+				machineToMachineLimit?: number | null | undefined;
+				resourcesLimit?: number | null | undefined;
+				enterpriseSsoLimit?: number | null | undefined;
+				tenantMembersLimit?: number | null | undefined;
+				mfaEnabled?: boolean | undefined;
+				organizationsEnabled?: boolean | undefined;
+				organizationsLimit?: number | null | undefined;
+				idpInitiatedSsoEnabled?: boolean | undefined;
+				samlApplicationsLimit?: number | null | undefined;
+			};
+			updatedAt: Date;
+			productId: string | null;
+		}[]>;
+	};
+	post: {
+		"/skus": import("@withtyped/server").PathGuard<"/", unknown, {
+			type: LogtoSkuType.AddOn;
+			quota: {
+				tokenLimit?: number | null | undefined;
+				machineToMachineLimit?: number | null | undefined;
+				resourcesLimit?: number | null | undefined;
+				enterpriseSsoLimit?: number | null | undefined;
+				hooksLimit?: number | null | undefined;
+				tenantMembersLimit?: number | null | undefined;
+				mfaEnabled?: boolean | undefined;
+				organizationsEnabled?: boolean | undefined;
+				organizationsLimit?: number | null | undefined;
+				auditLogsRetentionDays?: number | null | undefined;
+				mauLimit?: number | null | undefined;
+				applicationsLimit?: number | null | undefined;
+				thirdPartyApplicationsLimit?: number | null | undefined;
+				scopesPerResourceLimit?: number | null | undefined;
+				socialConnectorsLimit?: number | null | undefined;
+				userRolesLimit?: number | null | undefined;
+				machineToMachineRolesLimit?: number | null | undefined;
+				scopesPerRoleLimit?: number | null | undefined;
+				customJwtEnabled?: boolean | undefined;
+				subjectTokenEnabled?: boolean | undefined;
+				bringYourUiEnabled?: boolean | undefined;
+				idpInitiatedSsoEnabled?: boolean | undefined;
+				samlApplicationsLimit?: number | null | undefined;
+			};
+		} | {
+			type: LogtoSkuType.Basic;
 			quota: {
+				auditLogsRetentionDays: number | null;
 				mauLimit: number | null;
-				tokenLimit: number | null;
 				applicationsLimit: number | null;
-				machineToMachineLimit: number | null;
-				resourcesLimit: number | null;
+				thirdPartyApplicationsLimit: number | null;
 				scopesPerResourceLimit: number | null;
-				customDomainEnabled: boolean;
-				omniSignInEnabled: boolean;
-				builtInEmailConnectorEnabled: boolean;
 				socialConnectorsLimit: number | null;
-				standardConnectorsLimit: number | null;
-				rolesLimit: number | null;
+				userRolesLimit: number | null;
 				machineToMachineRolesLimit: number | null;
 				scopesPerRoleLimit: number | null;
 				hooksLimit: number | null;
-				auditLogsRetentionDays: number | null;
+				customJwtEnabled: boolean;
+				subjectTokenEnabled: boolean;
+				bringYourUiEnabled: boolean;
+				tokenLimit: number | null;
+				machineToMachineLimit: number | null;
+				resourcesLimit: number | null;
+				enterpriseSsoLimit: number | null;
+				tenantMembersLimit: number | null;
 				mfaEnabled: boolean;
 				organizationsEnabled: boolean;
-				ssoEnabled: boolean;
+				organizationsLimit: number | null;
+				idpInitiatedSsoEnabled: boolean;
+				samlApplicationsLimit: number | null;
 			};
-			stripeProducts: {
-				type: "flat" | "tier1" | "tier2" | "tier3";
-				id: string;
-				name: string;
-				price: {
-					id: string;
-					unitAmountDecimal: string;
-					quantity?: 1 | undefined;
-					unitAmount?: number | null | undefined;
-				};
-				description?: string | undefined;
-			}[];
+			addOnRelations: {
+				tokenLimit: string;
+			};
+		}, {
+			id: string;
+			createdAt: Date;
+			type: LogtoSkuType;
 			updatedAt: Date;
-		}[]>;
-	};
-	post: {};
-	put: {};
-	delete: {};
-	copy: {};
-	head: {};
-}, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
-	options: {};
-	patch: {};
-	get: {
-		"/my/tenant": import("@withtyped/server").PathGuard<"/tenant", unknown, unknown, {
+			quota: {
+				auditLogsRetentionDays?: number | null | undefined;
+				mauLimit?: number | null | undefined;
+				applicationsLimit?: number | null | undefined;
+				thirdPartyApplicationsLimit?: number | null | undefined;
+				scopesPerResourceLimit?: number | null | undefined;
+				socialConnectorsLimit?: number | null | undefined;
+				userRolesLimit?: number | null | undefined;
+				machineToMachineRolesLimit?: number | null | undefined;
+				scopesPerRoleLimit?: number | null | undefined;
+				hooksLimit?: number | null | undefined;
+				customJwtEnabled?: boolean | undefined;
+				subjectTokenEnabled?: boolean | undefined;
+				bringYourUiEnabled?: boolean | undefined;
+				tokenLimit?: number | null | undefined;
+				machineToMachineLimit?: number | null | undefined;
+				resourcesLimit?: number | null | undefined;
+				enterpriseSsoLimit?: number | null | undefined;
+				tenantMembersLimit?: number | null | undefined;
+				mfaEnabled?: boolean | undefined;
+				organizationsEnabled?: boolean | undefined;
+				organizationsLimit?: number | null | undefined;
+				idpInitiatedSsoEnabled?: boolean | undefined;
+				samlApplicationsLimit?: number | null | undefined;
+			};
+		}>;
+	} & {
+		"/skus/:skuId/products": import("@withtyped/server").PathGuard<"/:skuId/products", {
+			isOneTime?: string | undefined;
+		}, {
 			name: string;
-			id: string;
-			indicator: string;
-			isSuspended: boolean;
-			tag: TenantTag;
+			unitPrice: number;
+		}, {
+			productId: string;
 		}>;
 	};
-	post: {};
 	put: {};
-	delete: {};
+	delete: {
+		"/skus/:skuId": import("@withtyped/server").PathGuard<"/:skuId", unknown, unknown, unknown>;
+	};
 	copy: {};
 	head: {};
 }, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
-	options: {};
 	patch: {};
+	options: {};
 	get: {
 		"/checkout-session/:id": import("@withtyped/server").PathGuard<"/:id", unknown, unknown, {
-			status: "open" | "complete" | "expired";
-			createdAt: Date;
 			id: string;
+			createdAt: Date;
 			userId: string;
-			updatedAt: Date;
+			status: "open" | "complete" | "expired";
 			tenantId: string | null;
-			planId: string;
+			updatedAt: Date;
+			skuId: string | null;
+			planId: string | null;
 		}>;
 	};
 	post: {
 		"/checkout-session": import("@withtyped/server").PathGuard<"/", unknown, {
-			planId: string;
 			successCallbackUrl: string;
 			tenantId?: string | undefined;
-			cancelCallbackUrl?: string | undefined;
-			tenantTag?: TenantTag | undefined;
+			skuId?: string | undefined;
 			tenantName?: string | undefined;
+			tenantTag?: TenantTag | undefined;
+			tenantRegionName?: RegionName | undefined;
+			cancelCallbackUrl?: string | undefined;
 		}, {
 			sessionId: string;
 			redirectUri?: string | null | undefined;
@@ -354,8 +893,8 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 	copy: {};
 	head: {};
 }, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
-	options: {};
 	patch: {};
+	options: {};
 	get: {
 		"/affiliates": import("@withtyped/server").PathGuard<"/", unknown, unknown, AffiliateData[]>;
 	};
@@ -363,33 +902,33 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 		"/affiliates": import("@withtyped/server").PathGuard<"/", unknown, {
 			name: string;
 		}, {
-			createdAt: Date;
 			id: string;
+			createdAt: Date;
 			name: string;
 		}>;
 	} & {
 		"/affiliates/:id/properties": import("@withtyped/server").PathGuard<"/:id/properties", unknown, {
-			value: string;
 			type: "hostname" | "query";
-		}, {
 			value: string;
-			type: "hostname" | "query";
+		}, {
 			createdAt: Date;
 			affiliateId: string;
+			type: "hostname" | "query";
+			value: string;
 		}>;
 	};
 	put: {};
 	delete: {
 		"/affiliates/:id/properties": import("@withtyped/server").PathGuard<"/:id/properties", unknown, {
-			value: string;
 			type: "hostname" | "query";
+			value: string;
 		}, unknown>;
 	};
 	copy: {};
 	head: {};
 }, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
-	options: {};
 	patch: {};
+	options: {};
 	get: {};
 	post: {
 		"/affiliate-logs": import("@withtyped/server").PathGuard<"/", unknown, {
@@ -398,8 +937,8 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 			hostname?: string | undefined;
 			query?: string | undefined;
 		}, {
-			createdAt: Date;
 			id: string;
+			createdAt: Date;
 			affiliateId: string | null;
 			userId: string;
 			createdVia: {
@@ -413,7 +952,164 @@ declare const router: import("@withtyped/server").Router<WithAuthContext, import
 	delete: {};
 	copy: {};
 	head: {};
+}, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
+	patch: {
+		"/invitations/:invitationId/status": import("@withtyped/server").PathGuard<"/:invitationId/status", unknown, {
+			status: OrganizationInvitationStatus.Accepted;
+		}, unknown>;
+	};
+	options: {};
+	get: {
+		"/invitations": import("@withtyped/server").PathGuard<"/", unknown, unknown, ({
+			id: string;
+			createdAt: number;
+			status: OrganizationInvitationStatus;
+			tenantId: string;
+			updatedAt: number;
+			inviterId: string | null;
+			invitee: string;
+			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
+			organizationRoles: OrganizationRoleEntity[];
+		} & {
+			tenantName: string;
+			tenantTag: TenantTag;
+		})[]>;
+	} & {
+		"/invitations/:invitationId": import("@withtyped/server").PathGuard<"/:invitationId", unknown, unknown, {
+			id: string;
+			createdAt: number;
+			status: OrganizationInvitationStatus;
+			tenantId: string;
+			updatedAt: number;
+			inviterId: string | null;
+			invitee: string;
+			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
+			organizationRoles: OrganizationRoleEntity[];
+		}>;
+	};
+	post: {};
+	put: {};
+	delete: {};
+	copy: {};
+	head: {};
+}, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
+	patch: {};
+	options: {};
+	get: {};
+	post: {};
+	put: {};
+	delete: {
+		"/me": import("@withtyped/server").PathGuard<"/", unknown, unknown, unknown>;
+	};
+	copy: {};
+	head: {};
 }, "/api">>, "/api">;
+export declare const tenantAuthRouter: import("@withtyped/server").Router<RequestContext, import("@withtyped/server").WithBodyContext<import("@withtyped/server").BaseContext & {
+	request: {
+		id?: string | undefined;
+		method?: import("@withtyped/server").RequestMethod | undefined;
+		headers: import("http").IncomingHttpHeaders;
+		url: URL;
+		body?: unknown;
+	};
+}>, import("@withtyped/server").MergeRoutes<import("@withtyped/server").BaseRoutes, import("@withtyped/server").RoutesWithPrefix<{
+	patch: {
+		"/:tenantId/invitations/:invitationId/status": import("@withtyped/server").PathGuard<"/:tenantId/invitations/:invitationId/status", unknown, {
+			status: OrganizationInvitationStatus.Revoked;
+		}, {
+			id: string;
+			createdAt: number;
+			status: OrganizationInvitationStatus;
+			tenantId: string;
+			updatedAt: number;
+			inviterId: string | null;
+			invitee: string;
+			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
+			organizationRoles: OrganizationRoleEntity[];
+		}>;
+	};
+	options: {};
+	get: {
+		"/:tenantId/members": import("@withtyped/server").PathGuard<"/:tenantId/members", unknown, unknown, {
+			id: string;
+			name: string | null;
+			username: string | null;
+			primaryEmail: string | null;
+			primaryPhone: string | null;
+			avatar: string | null;
+			organizationRoles: OrganizationRoleEntity[];
+		}[]>;
+	} & {
+		"/:tenantId/members/:userId/scopes": import("@withtyped/server").PathGuard<"/:tenantId/members/:userId/scopes", unknown, unknown, OrganizationScope[]>;
+	} & {
+		"/:tenantId/invitations": import("@withtyped/server").PathGuard<"/:tenantId/invitations", unknown, unknown, ({
+			id: string;
+			createdAt: number;
+			status: OrganizationInvitationStatus;
+			tenantId: string;
+			updatedAt: number;
+			inviterId: string | null;
+			invitee: string;
+			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
+			organizationRoles: OrganizationRoleEntity[];
+		} & {
+			inviterName?: string | undefined;
+		})[]>;
+	};
+	post: {
+		"/:tenantId/invitations": import("@withtyped/server").PathGuard<"/:tenantId/invitations", unknown, {
+			invitee: string | string[];
+			roleName: TenantRole;
+			expiresAt?: number | undefined;
+		}, {
+			id: string;
+			createdAt: number;
+			status: OrganizationInvitationStatus;
+			tenantId: string;
+			updatedAt: number;
+			inviterId: string | null;
+			invitee: string;
+			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
+			organizationRoles: OrganizationRoleEntity[];
+		} | {
+			id: string;
+			createdAt: number;
+			status: OrganizationInvitationStatus;
+			tenantId: string;
+			updatedAt: number;
+			inviterId: string | null;
+			invitee: string;
+			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
+			organizationRoles: OrganizationRoleEntity[];
+		}[]>;
+	} & {
+		"/:tenantId/invitations/:invitationId/message": import("@withtyped/server").PathGuard<"/:tenantId/invitations/:invitationId/message", unknown, unknown, unknown>;
+	};
+	put: {
+		"/:tenantId/members/:userId/roles": import("@withtyped/server").PathGuard<"/:tenantId/members/:userId/roles", unknown, {
+			roleName: TenantRole;
+		}, unknown>;
+	};
+	delete: {
+		"/:tenantId/members/:userId": import("@withtyped/server").PathGuard<"/:tenantId/members/:userId", unknown, unknown, unknown>;
+	} & {
+		"/:tenantId/invitations/:invitationId": import("@withtyped/server").PathGuard<"/:tenantId/invitations/:invitationId", unknown, unknown, unknown>;
+	};
+	copy: {};
+	head: {};
+}, "/api/tenants">>, "/api/tenants">;
 
 export {
 	router as default,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/cloud",
-  "version": "0.2.5-c6ed487",
+  "version": "0.2.5-c98a257",
   "description": "Logto Cloud service.",
   "main": "build/index.js",
   "author": "Silverhand Inc. <contact@silverhand.io>",
@@ -16,22 +16,21 @@
     "#src/*": "./build/*"
   },
   "devDependencies": {
-    "@silverhand/eslint-config": "5.0.0",
-    "@silverhand/jest-config": "4.0.0",
-    "@silverhand/ts-config": "5.0.0",
+    "@silverhand/eslint-config": "6.0.1",
+    "@silverhand/ts-config": "6.0.0",
     "@types/accepts": "^1.3.5",
     "@types/http-proxy": "^1.17.9",
-    "@types/jest": "^29.4.0",
     "@types/mime-types": "^2.1.1",
-    "@types/node": "^18.11.18",
+    "@types/node": "^20.0.0",
     "@types/yargs": "^17.0.24",
-    "dts-bundle-generator": "^9.0.0",
-    "eslint": "^8.44.0",
-    "jest": "^29.5.0",
+    "dts-bundle-generator": "^9.3.1",
+    "eslint": "^8.57.0",
     "lint-staged": "^15.0.0",
     "nodemon": "^3.0.0",
     "prettier": "^3.0.0",
-    "typescript": "^5.3.3"
+    "typescript": "^5.3.3",
+    "vite-tsconfig-paths": "^5.0.0",
+    "vitest": "^2.1.8"
   },
   "engines": {
     "node": "^20.9.0"
@@ -50,22 +49,19 @@
     "access": "public"
   },
   "dependencies": {
-    "@silverhand/essentials": "^2.8.6",
-    "@withtyped/server": "^0.12.7"
+    "@silverhand/essentials": "^2.9.2",
+    "@withtyped/server": "^0.14.0"
   },
   "scripts": {
     "precommit": "lint-staged",
     "build": "rm -rf build/ && tsc -p tsconfig.build.json && pnpm build:lib",
     "//": "It is not used to build the service itself.",
     "build:lib": "rm -rf lib/ && dts-bundle-generator src/routes/index.ts --project tsconfig.build.lib.json -o lib/routes/index.d.ts",
-    "build:test": "rm -rf build/ && tsc -p tsconfig.test.json --sourcemap",
     "lint": "eslint --ext .ts src",
     "lint:report": "pnpm lint --format json --output-file report.json",
     "dev": "rm -rf build/ && nodemon",
     "start": "NODE_ENV=production node .",
-    "test:only": "NODE_OPTIONS=\"--experimental-vm-modules --max_old_space_size=4096\" jest --logHeapUsage",
-    "test": "pnpm build:test && pnpm test:only && pnpm build:lib && pnpm test:types",
-    "test:ci": "pnpm test:only --coverage --silent",
+    "test": "vitest && pnpm build:lib && pnpm test:types",
     "test:types": "tsc -p tsconfig.test.types.json",
     "cli": "node ./build/cli/index.js"
   }