@logto/schemas 1.14.0 → 1.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (357) hide show
  1. package/alterations/1.0.0-1677208902-update-admin-console-config.ts +2 -2
  2. package/alterations/1.0.0-1677765137-seed-for-admin-tenant.ts +2 -2
  3. package/alterations/1.0.0-1677907982-allow-admin-create-multiple-tenants.ts +1 -1
  4. package/alterations/1.0.0-1678157950-privacy-policy-url.ts +1 -1
  5. package/alterations/1.0.0-1678199795-add-verification-status-table.ts +2 -2
  6. package/alterations/1.0.0-1678259693-remove-branding-style-config.ts +2 -2
  7. package/alterations/1.0.0-1678269972-use-restrictive-policies.ts +2 -2
  8. package/alterations/1.0.0-1678284778-restrict-internal-roles.ts +1 -1
  9. package/alterations/1.0.0-1678425761-m2m-app-for-tenants.ts +1 -1
  10. package/alterations/1.0.0-1678450233-support-custom-content.ts +1 -1
  11. package/alterations/1.0.0-1678716747-service-logs.ts +2 -2
  12. package/alterations/1.0.0-1678928481-remove-deprecated-logto-config-item.ts +2 -2
  13. package/alterations/1.0.0-1678953179-update-get-started-task-config.ts +2 -2
  14. package/alterations/1.0.0-1679209413-drop-connector-database-storage.ts +1 -1
  15. package/alterations/1.0.0_beta.10-1-logto-config.ts +1 -1
  16. package/alterations/1.0.0_beta.10-1663923211-machine-to-machine-app.ts +1 -1
  17. package/alterations/1.0.0_beta.10-1664265197-custom-phrases.ts +1 -1
  18. package/alterations/1.0.0_beta.11-1664347703-rename-language-key-to-tag.ts +1 -1
  19. package/alterations/1.0.0_beta.11-1664356000-add-created-at-column-to-users.ts +1 -1
  20. package/alterations/1.0.0_beta.11-1664462389-correct-user-created-at-column-by-user-logs.ts +1 -1
  21. package/alterations/1.0.0_beta.14-1665300135-sign-in-sign-up.ts +1 -1
  22. package/alterations/1.0.0_beta.14-1667283640-remove-forgot-password.ts +1 -1
  23. package/alterations/1.0.0_beta.14-1667292082-remove-sign-in-method.ts +1 -1
  24. package/alterations/1.0.0_beta.14-1667374974-user-suspend.ts +1 -1
  25. package/alterations/1.0.0_beta.14-1667900481-add-passcode-type-continue.ts +1 -1
  26. package/alterations/1.0.0_beta.18-1668666590-support-multiple-connector-instances.ts +1 -1
  27. package/alterations/1.0.0_beta.18-1668666600-remove-connector-enabled.ts +1 -1
  28. package/alterations/1.0.0_beta.18-1669091623-roles-and-scopes.ts +1 -1
  29. package/alterations/1.0.0_beta.18-1669702299-sign-up.ts +2 -2
  30. package/alterations/1.0.0_beta.18-1671039448-add-user-name-index.ts +1 -1
  31. package/alterations/1.0.0_beta.18-1671080370-terms-of-use.ts +2 -2
  32. package/alterations/1.0.0_beta.18-1671336831-refactor-log-types.ts +1 -1
  33. package/alterations/1.0.0_beta.18-1671509870-hooks.ts +1 -1
  34. package/alterations/1.0.0_beta.18-1672119200-align-passcode-type-with-message-type.ts +1 -1
  35. package/alterations/1.0.0_rc.0-1672815959-user-roles.ts +1 -1
  36. package/alterations/1.0.0_rc.0-1672820345-scope-resource-id.ts +1 -1
  37. package/alterations/1.0.0_rc.0-1672901841-roles-and-scopes-not-null.ts +1 -1
  38. package/alterations/1.0.0_rc.0-1673001922-support-generic-passcode.ts +1 -1
  39. package/alterations/1.0.0_rc.0-1673165463-scope-name-index.ts +1 -1
  40. package/alterations/1.0.0_rc.0-1673349501-sms-sign-in-identifier-to-phone.ts +1 -1
  41. package/alterations/1.0.0_rc.0-1673465463-ac-scope-name.ts +1 -1
  42. package/alterations/1.0.0_rc.0-1673853579-ac-default-scope.ts +1 -1
  43. package/alterations/1.0.0_rc.0-1673863835-ac-scope-role.ts +1 -1
  44. package/alterations/1.0.0_rc.0-1673882867-fix-alteration-issues.ts +1 -1
  45. package/alterations/1.0.0_rc.0-1673940577-scope-description-not-null.ts +1 -1
  46. package/alterations/1.0.0_rc.0-1673941897-application-roles.ts +1 -1
  47. package/alterations/1.0.0_rc.0-1674032095.1-dedup-resources-constraint.ts +1 -1
  48. package/alterations/1.0.0_rc.0-1674032095.2-oidc-model-pkey.ts +1 -1
  49. package/alterations/1.0.0_rc.0-1674032095.3-tenant-table.ts +1 -1
  50. package/alterations/1.0.0_rc.0-1674032095.4-add-id-column.ts +1 -1
  51. package/alterations/1.0.0_rc.0-1674032095.5-multi-tenancy.ts +6 -7
  52. package/alterations/1.0.0_rc.0-1674032095.6-add-tenant-id-trigger.ts +1 -1
  53. package/alterations/1.0.0_rc.0-1674987042-drop-settings-and-create-systems.ts +1 -1
  54. package/alterations/1.0.0_rc.0-1675316731-update-seed-data.ts +1 -1
  55. package/alterations/1.0.0_rc.1-1675788753-multi-tenancy-rls.ts +3 -4
  56. package/alterations/1.0.0_rc.1-1676115897-add-admin-tenant.ts +3 -4
  57. package/alterations/1.0.0_rc.1-1676185899-fix-logs-index.ts +1 -1
  58. package/alterations/1.0.0_rc.1-1676190092-migrate-admin-data.ts +2 -2
  59. package/alterations/1.0.0_rc.1-1676823841-update-sie-primary-key.ts +1 -1
  60. package/alterations/1.0.0_rc.1-1676874936-support-custom-css.ts +1 -1
  61. package/alterations/1.0.0_rc.1-1676886855-connector-database-read-write.ts +1 -1
  62. package/alterations/1.0.0_rc.1-1676906977-remove-demo-app.ts +1 -1
  63. package/alterations/1.0.0_rc.1-1676956206-move-console-sie-to-database.ts +1 -1
  64. package/alterations/1.0.0_rc.1-1677059985-move-console-application-to-database.ts +1 -1
  65. package/alterations/1.10.1-1695647183-update-private-key-type.ts +2 -2
  66. package/alterations/1.10.1-1696657546-organization-tables.ts +1 -1
  67. package/alterations/1.10.1-1697683802-add-sso-connectors-table.ts +1 -1
  68. package/alterations/1.10.1-1698646271-add-organization-created-flag.ts +2 -2
  69. package/alterations/1.10.1-1698820410-add-user-sso-identities-table.ts +1 -1
  70. package/alterations/1.10.1-1698910485-user-logto-data.ts +1 -1
  71. package/alterations/1.11.0-1699422979-add-sso-connector-id-col-to-user-sso-identities-table.ts +1 -1
  72. package/alterations/1.11.0-1699598903-remove-sso-only-column-in-sso-connectors-table.ts +1 -1
  73. package/alterations/1.12.0-1700031616-update-org-role-foreign-keys.ts +1 -1
  74. package/alterations/1.12.0-1701054133-add-unique-constraint-to-the-sso-connector-name.ts +1 -1
  75. package/alterations/1.12.0-1701245520-add-single-sign-on-enabled-flag-to-sie.ts +1 -1
  76. package/alterations/1.13.0-1702274830-add-new-third-party-column-to-applications-table.ts +1 -1
  77. package/alterations/1.13.0-1702372401-add-application-permissions-tables.ts +1 -1
  78. package/alterations/1.13.0-1702544178-sync-tenant-orgs.ts +1 -1
  79. package/alterations/1.13.0-1702871078-protected-application-type.ts +1 -1
  80. package/alterations/1.13.0-1702877515-protected-app-configs.ts +1 -1
  81. package/alterations/1.13.0-1702978120-application-sign-in-experience-table.ts +1 -1
  82. package/alterations/1.13.0-1703229996-daily-token-usage.ts +1 -1
  83. package/alterations/1.13.0-1703230000-update-tenant-roles.ts +1 -1
  84. package/alterations/1.13.0-1704692973-remove-legacy-resources.ts +1 -1
  85. package/alterations/1.13.0-1704934999-add-magic-links-table.ts +1 -1
  86. package/alterations/1.13.0-1704935001-add-organization-invitation-tables.ts +1 -1
  87. package/alterations/1.13.0-1705288654-add-application-user-consent-organizations-table.ts +1 -1
  88. package/alterations/1.13.0-1705991158-update-invitation-indices.ts +1 -1
  89. package/alterations/1.13.0-1706449174-update-organization-invitation-column.ts +1 -1
  90. package/alterations/1.13.0-1706510290-protected-app-host-index.ts +1 -1
  91. package/alterations/1.13.0-1706512952-restore-get-started-page.ts +1 -1
  92. package/alterations/1.13.0-1706528755-remove-magic-links.ts +1 -1
  93. package/alterations/1.13.0-1706585206-protected-app-custom-domain-unique.ts +1 -1
  94. package/alterations/1.13.1-1707360939-grant-is-suspended-read-permission.ts +1 -1
  95. package/alterations/1.14.0-1708916601-remove-management-api-scopes-assigned-to-user-role.ts +1 -1
  96. package/alterations/1.14.0-1709190131-enhance-dau-data-accuracy.ts +1 -1
  97. package/alterations/1.15.0-1709521416-user-password-encrypt-method.ts +36 -0
  98. package/alterations/1.15.0-1709528944-regenerate-dau-data.ts +49 -0
  99. package/alterations/1.15.0-1710223946-add-fetch-custom-jwt-cloud-scope.ts +92 -0
  100. package/alterations/1.15.0-1710408335-make-resource-scopes-description-nullable.ts +22 -0
  101. package/alterations/1.15.0-1710859622-add-oidc-standard-claim-properties.ts +38 -0
  102. package/alterations/1.15.0-1711607772-remove-invite-member-scope-from-tenant-member-role.ts +20 -0
  103. package/alterations/1.15.0-1711624564-add-read-member-scope-to-tenant-roles.ts +25 -0
  104. package/alterations/1.15.0-1711955211-organization-resource-scope.ts +39 -0
  105. package/alterations/1.15.0-1712041436-rename-organization-member-role-to-collaborator.ts +28 -0
  106. package/alterations/1.15.0-1712545011-fix-organization-resource-scope.ts +43 -0
  107. package/alterations/1.15.0-1712559358-fix-down-organization-resource-scope.ts +46 -0
  108. package/alterations/1.16.0-1712912361-delete-jwt-customier-with-empty-script.ts +23 -0
  109. package/alterations/1.16.0-1713942039-add-organization-custom-data.ts +25 -0
  110. package/alterations/1.16.0-1714270244-application-org-resource-scope.ts +32 -0
  111. package/alterations/1.2.0-1681267285-fix-get-started-passwordless-status.ts +1 -1
  112. package/alterations/1.3.0-1683292832-update-hooks.ts +1 -1
  113. package/alterations/1.5.0-1684382842-add-name-tag-created-at-for-tenants-table.ts +1 -1
  114. package/alterations/1.5.0-1684739802-create-hook-id-index-for-logs.ts +1 -1
  115. package/alterations/1.5.0-1684822341-init-domains.ts +2 -2
  116. package/alterations/1.5.0-1684837981-add-manage-tenant-self-scope-to-user-role.ts +1 -1
  117. package/alterations/1.5.0-1685285719-support-default-resource.ts +1 -1
  118. package/alterations/1.6.0-1685691718-domain-unique.ts +1 -1
  119. package/alterations/1.7.0-1688375200-sync-cloud-m2m-to-logto-config.ts +1 -1
  120. package/alterations/1.7.0-1688613459-remove-m2m-credentials-from-existing-logto-email-connector-config.ts +1 -1
  121. package/alterations/1.7.0-1688627407-daily-active-users.ts +1 -1
  122. package/alterations/1.8.0-1692088012-add-is-suspend-column-to-tenants-table.ts +1 -1
  123. package/alterations/1.8.0-1692194751-add-affiliate-scopes.ts +1 -1
  124. package/alterations/1.9.0-1693554904-add-possword-policy.ts +1 -1
  125. package/alterations/1.9.0-1694399696-add-type-col-to-roles-table.ts +1 -1
  126. package/alterations/1.9.0-1694418765-specify-check-role-type-function-to-be-public-schema.ts +1 -1
  127. package/alterations/1.9.0-1694484927-remove-deprecated-challenge-flag.ts +2 -2
  128. package/alterations/1.9.0-1694487524-sie-mfa.ts +1 -1
  129. package/alterations/1.9.0-1694509714-keep-existing-password-policy.ts +1 -1
  130. package/alterations/1.9.0-1694746763-user-verifications.ts +1 -1
  131. package/alterations/1.9.2-1694854226-init-sentinel.ts +1 -1
  132. package/alterations/1.9.2-1695198741-remove-m2m-app-admin-access-switch.ts +1 -1
  133. package/alterations/utils/1704934999-tables.ts +1 -1
  134. package/alterations-js/1.0.0-1677208902-update-admin-console-config.js +1 -1
  135. package/alterations-js/1.0.0-1677765137-seed-for-admin-tenant.js +1 -1
  136. package/alterations-js/1.0.0-1677907982-allow-admin-create-multiple-tenants.js +1 -1
  137. package/alterations-js/1.0.0-1678157950-privacy-policy-url.js +1 -1
  138. package/alterations-js/1.0.0-1678199795-add-verification-status-table.js +1 -1
  139. package/alterations-js/1.0.0-1678259693-remove-branding-style-config.js +1 -1
  140. package/alterations-js/1.0.0-1678269972-use-restrictive-policies.js +1 -1
  141. package/alterations-js/1.0.0-1678284778-restrict-internal-roles.js +1 -1
  142. package/alterations-js/1.0.0-1678425761-m2m-app-for-tenants.js +1 -1
  143. package/alterations-js/1.0.0-1678450233-support-custom-content.js +1 -1
  144. package/alterations-js/1.0.0-1678716747-service-logs.js +1 -1
  145. package/alterations-js/1.0.0-1678928481-remove-deprecated-logto-config-item.js +1 -1
  146. package/alterations-js/1.0.0-1678953179-update-get-started-task-config.js +1 -1
  147. package/alterations-js/1.0.0-1679209413-drop-connector-database-storage.js +1 -1
  148. package/alterations-js/1.0.0_beta.10-1-logto-config.js +1 -1
  149. package/alterations-js/1.0.0_beta.10-1663923211-machine-to-machine-app.js +1 -1
  150. package/alterations-js/1.0.0_beta.10-1664265197-custom-phrases.js +1 -1
  151. package/alterations-js/1.0.0_beta.11-1664347703-rename-language-key-to-tag.js +1 -1
  152. package/alterations-js/1.0.0_beta.11-1664356000-add-created-at-column-to-users.js +1 -1
  153. package/alterations-js/1.0.0_beta.11-1664462389-correct-user-created-at-column-by-user-logs.js +1 -1
  154. package/alterations-js/1.0.0_beta.14-1665300135-sign-in-sign-up.js +1 -1
  155. package/alterations-js/1.0.0_beta.14-1667283640-remove-forgot-password.js +1 -1
  156. package/alterations-js/1.0.0_beta.14-1667292082-remove-sign-in-method.js +1 -1
  157. package/alterations-js/1.0.0_beta.14-1667374974-user-suspend.js +1 -1
  158. package/alterations-js/1.0.0_beta.14-1667900481-add-passcode-type-continue.js +1 -1
  159. package/alterations-js/1.0.0_beta.18-1668666590-support-multiple-connector-instances.js +1 -1
  160. package/alterations-js/1.0.0_beta.18-1668666600-remove-connector-enabled.js +1 -1
  161. package/alterations-js/1.0.0_beta.18-1669091623-roles-and-scopes.js +1 -1
  162. package/alterations-js/1.0.0_beta.18-1669702299-sign-up.js +1 -1
  163. package/alterations-js/1.0.0_beta.18-1671039448-add-user-name-index.js +1 -1
  164. package/alterations-js/1.0.0_beta.18-1671080370-terms-of-use.js +1 -1
  165. package/alterations-js/1.0.0_beta.18-1671336831-refactor-log-types.js +1 -1
  166. package/alterations-js/1.0.0_beta.18-1671509870-hooks.js +1 -1
  167. package/alterations-js/1.0.0_beta.18-1672119200-align-passcode-type-with-message-type.js +1 -1
  168. package/alterations-js/1.0.0_rc.0-1672815959-user-roles.js +1 -1
  169. package/alterations-js/1.0.0_rc.0-1672820345-scope-resource-id.js +1 -1
  170. package/alterations-js/1.0.0_rc.0-1672901841-roles-and-scopes-not-null.js +1 -1
  171. package/alterations-js/1.0.0_rc.0-1673001922-support-generic-passcode.js +1 -1
  172. package/alterations-js/1.0.0_rc.0-1673165463-scope-name-index.js +1 -1
  173. package/alterations-js/1.0.0_rc.0-1673349501-sms-sign-in-identifier-to-phone.js +1 -1
  174. package/alterations-js/1.0.0_rc.0-1673465463-ac-scope-name.js +1 -1
  175. package/alterations-js/1.0.0_rc.0-1673853579-ac-default-scope.js +1 -1
  176. package/alterations-js/1.0.0_rc.0-1673863835-ac-scope-role.js +1 -1
  177. package/alterations-js/1.0.0_rc.0-1673882867-fix-alteration-issues.js +1 -1
  178. package/alterations-js/1.0.0_rc.0-1673940577-scope-description-not-null.js +1 -1
  179. package/alterations-js/1.0.0_rc.0-1673941897-application-roles.js +1 -1
  180. package/alterations-js/1.0.0_rc.0-1674032095.1-dedup-resources-constraint.js +1 -1
  181. package/alterations-js/1.0.0_rc.0-1674032095.2-oidc-model-pkey.js +1 -1
  182. package/alterations-js/1.0.0_rc.0-1674032095.3-tenant-table.js +1 -1
  183. package/alterations-js/1.0.0_rc.0-1674032095.4-add-id-column.js +1 -1
  184. package/alterations-js/1.0.0_rc.0-1674032095.5-multi-tenancy.js +6 -7
  185. package/alterations-js/1.0.0_rc.0-1674032095.6-add-tenant-id-trigger.js +1 -1
  186. package/alterations-js/1.0.0_rc.0-1674987042-drop-settings-and-create-systems.js +1 -1
  187. package/alterations-js/1.0.0_rc.0-1675316731-update-seed-data.js +1 -1
  188. package/alterations-js/1.0.0_rc.1-1675788753-multi-tenancy-rls.js +2 -3
  189. package/alterations-js/1.0.0_rc.1-1676115897-add-admin-tenant.js +2 -3
  190. package/alterations-js/1.0.0_rc.1-1676185899-fix-logs-index.js +1 -1
  191. package/alterations-js/1.0.0_rc.1-1676190092-migrate-admin-data.js +1 -1
  192. package/alterations-js/1.0.0_rc.1-1676823841-update-sie-primary-key.js +1 -1
  193. package/alterations-js/1.0.0_rc.1-1676874936-support-custom-css.js +1 -1
  194. package/alterations-js/1.0.0_rc.1-1676886855-connector-database-read-write.js +1 -1
  195. package/alterations-js/1.0.0_rc.1-1676906977-remove-demo-app.js +1 -1
  196. package/alterations-js/1.0.0_rc.1-1676956206-move-console-sie-to-database.js +1 -1
  197. package/alterations-js/1.0.0_rc.1-1677059985-move-console-application-to-database.js +1 -1
  198. package/alterations-js/1.10.1-1695647183-update-private-key-type.js +1 -1
  199. package/alterations-js/1.10.1-1696657546-organization-tables.js +1 -1
  200. package/alterations-js/1.10.1-1697683802-add-sso-connectors-table.js +1 -1
  201. package/alterations-js/1.10.1-1698646271-add-organization-created-flag.js +1 -1
  202. package/alterations-js/1.10.1-1698820410-add-user-sso-identities-table.js +1 -1
  203. package/alterations-js/1.10.1-1698910485-user-logto-data.js +1 -1
  204. package/alterations-js/1.11.0-1699422979-add-sso-connector-id-col-to-user-sso-identities-table.js +1 -1
  205. package/alterations-js/1.11.0-1699598903-remove-sso-only-column-in-sso-connectors-table.js +1 -1
  206. package/alterations-js/1.12.0-1700031616-update-org-role-foreign-keys.js +1 -1
  207. package/alterations-js/1.12.0-1701054133-add-unique-constraint-to-the-sso-connector-name.js +1 -1
  208. package/alterations-js/1.12.0-1701245520-add-single-sign-on-enabled-flag-to-sie.js +1 -1
  209. package/alterations-js/1.13.0-1702274830-add-new-third-party-column-to-applications-table.js +1 -1
  210. package/alterations-js/1.13.0-1702372401-add-application-permissions-tables.js +1 -1
  211. package/alterations-js/1.13.0-1702544178-sync-tenant-orgs.js +1 -1
  212. package/alterations-js/1.13.0-1702871078-protected-application-type.js +1 -1
  213. package/alterations-js/1.13.0-1702877515-protected-app-configs.js +1 -1
  214. package/alterations-js/1.13.0-1702978120-application-sign-in-experience-table.js +1 -1
  215. package/alterations-js/1.13.0-1703229996-daily-token-usage.js +1 -1
  216. package/alterations-js/1.13.0-1703230000-update-tenant-roles.js +1 -1
  217. package/alterations-js/1.13.0-1704692973-remove-legacy-resources.js +1 -1
  218. package/alterations-js/1.13.0-1704934999-add-magic-links-table.js +1 -1
  219. package/alterations-js/1.13.0-1704935001-add-organization-invitation-tables.js +1 -1
  220. package/alterations-js/1.13.0-1705288654-add-application-user-consent-organizations-table.js +1 -1
  221. package/alterations-js/1.13.0-1705991158-update-invitation-indices.js +1 -1
  222. package/alterations-js/1.13.0-1706449174-update-organization-invitation-column.js +1 -1
  223. package/alterations-js/1.13.0-1706510290-protected-app-host-index.js +1 -1
  224. package/alterations-js/1.13.0-1706512952-restore-get-started-page.js +1 -1
  225. package/alterations-js/1.13.0-1706528755-remove-magic-links.js +1 -1
  226. package/alterations-js/1.13.0-1706585206-protected-app-custom-domain-unique.js +1 -1
  227. package/alterations-js/1.13.1-1707360939-grant-is-suspended-read-permission.js +1 -1
  228. package/alterations-js/1.14.0-1708916601-remove-management-api-scopes-assigned-to-user-role.js +1 -1
  229. package/alterations-js/1.14.0-1709190131-enhance-dau-data-accuracy.js +1 -1
  230. package/alterations-js/1.15.0-1709521416-user-password-encrypt-method.d.ts +3 -0
  231. package/alterations-js/1.15.0-1709521416-user-password-encrypt-method.js +31 -0
  232. package/alterations-js/1.15.0-1709528944-regenerate-dau-data.d.ts +3 -0
  233. package/alterations-js/1.15.0-1709528944-regenerate-dau-data.js +34 -0
  234. package/alterations-js/1.15.0-1710223946-add-fetch-custom-jwt-cloud-scope.d.ts +3 -0
  235. package/alterations-js/1.15.0-1710223946-add-fetch-custom-jwt-cloud-scope.js +52 -0
  236. package/alterations-js/1.15.0-1710408335-make-resource-scopes-description-nullable.d.ts +3 -0
  237. package/alterations-js/1.15.0-1710408335-make-resource-scopes-description-nullable.js +18 -0
  238. package/alterations-js/1.15.0-1710859622-add-oidc-standard-claim-properties.d.ts +3 -0
  239. package/alterations-js/1.15.0-1710859622-add-oidc-standard-claim-properties.js +34 -0
  240. package/alterations-js/1.15.0-1711607772-remove-invite-member-scope-from-tenant-member-role.d.ts +3 -0
  241. package/alterations-js/1.15.0-1711607772-remove-invite-member-scope-from-tenant-member-role.js +16 -0
  242. package/alterations-js/1.15.0-1711624564-add-read-member-scope-to-tenant-roles.d.ts +3 -0
  243. package/alterations-js/1.15.0-1711624564-add-read-member-scope-to-tenant-roles.js +21 -0
  244. package/alterations-js/1.15.0-1711955211-organization-resource-scope.d.ts +3 -0
  245. package/alterations-js/1.15.0-1711955211-organization-resource-scope.js +32 -0
  246. package/alterations-js/1.15.0-1712041436-rename-organization-member-role-to-collaborator.d.ts +3 -0
  247. package/alterations-js/1.15.0-1712041436-rename-organization-member-role-to-collaborator.js +24 -0
  248. package/alterations-js/1.15.0-1712545011-fix-organization-resource-scope.d.ts +8 -0
  249. package/alterations-js/1.15.0-1712545011-fix-organization-resource-scope.js +35 -0
  250. package/alterations-js/1.15.0-1712559358-fix-down-organization-resource-scope.d.ts +8 -0
  251. package/alterations-js/1.15.0-1712559358-fix-down-organization-resource-scope.js +38 -0
  252. package/alterations-js/1.16.0-1712912361-delete-jwt-customier-with-empty-script.d.ts +3 -0
  253. package/alterations-js/1.16.0-1712912361-delete-jwt-customier-with-empty-script.js +17 -0
  254. package/alterations-js/1.16.0-1713942039-add-organization-custom-data.d.ts +4 -0
  255. package/alterations-js/1.16.0-1713942039-add-organization-custom-data.js +17 -0
  256. package/alterations-js/1.16.0-1714270244-application-org-resource-scope.d.ts +3 -0
  257. package/alterations-js/1.16.0-1714270244-application-org-resource-scope.js +27 -0
  258. package/alterations-js/1.2.0-1681267285-fix-get-started-passwordless-status.js +1 -1
  259. package/alterations-js/1.3.0-1683292832-update-hooks.js +1 -1
  260. package/alterations-js/1.5.0-1684382842-add-name-tag-created-at-for-tenants-table.js +1 -1
  261. package/alterations-js/1.5.0-1684739802-create-hook-id-index-for-logs.js +1 -1
  262. package/alterations-js/1.5.0-1684822341-init-domains.js +1 -1
  263. package/alterations-js/1.5.0-1684837981-add-manage-tenant-self-scope-to-user-role.js +1 -1
  264. package/alterations-js/1.5.0-1685285719-support-default-resource.js +1 -1
  265. package/alterations-js/1.6.0-1685691718-domain-unique.js +1 -1
  266. package/alterations-js/1.7.0-1688375200-sync-cloud-m2m-to-logto-config.js +1 -1
  267. package/alterations-js/1.7.0-1688613459-remove-m2m-credentials-from-existing-logto-email-connector-config.js +1 -1
  268. package/alterations-js/1.7.0-1688627407-daily-active-users.js +1 -1
  269. package/alterations-js/1.8.0-1692088012-add-is-suspend-column-to-tenants-table.js +1 -1
  270. package/alterations-js/1.8.0-1692194751-add-affiliate-scopes.js +1 -1
  271. package/alterations-js/1.9.0-1693554904-add-possword-policy.js +1 -1
  272. package/alterations-js/1.9.0-1694399696-add-type-col-to-roles-table.js +1 -1
  273. package/alterations-js/1.9.0-1694418765-specify-check-role-type-function-to-be-public-schema.js +1 -1
  274. package/alterations-js/1.9.0-1694484927-remove-deprecated-challenge-flag.js +1 -1
  275. package/alterations-js/1.9.0-1694487524-sie-mfa.js +1 -1
  276. package/alterations-js/1.9.0-1694509714-keep-existing-password-policy.js +1 -1
  277. package/alterations-js/1.9.0-1694746763-user-verifications.js +1 -1
  278. package/alterations-js/1.9.2-1694854226-init-sentinel.js +1 -1
  279. package/alterations-js/1.9.2-1695198741-remove-m2m-app-admin-access-switch.js +1 -1
  280. package/alterations-js/utils/1704934999-tables.d.ts +1 -1
  281. package/alterations-js/utils/1704934999-tables.js +1 -1
  282. package/lib/consts/experience.d.ts +8 -0
  283. package/lib/consts/experience.js +9 -0
  284. package/lib/consts/index.d.ts +1 -0
  285. package/lib/consts/index.js +1 -0
  286. package/lib/consts/oidc.d.ts +48 -0
  287. package/lib/consts/oidc.js +44 -0
  288. package/lib/consts/subscriptions.d.ts +23 -0
  289. package/lib/consts/subscriptions.js +23 -0
  290. package/lib/db-entries/application-user-consent-organization-resource-scope.d.ts +24 -0
  291. package/lib/db-entries/application-user-consent-organization-resource-scope.js +29 -0
  292. package/lib/db-entries/custom-types.d.ts +5 -1
  293. package/lib/db-entries/custom-types.js +4 -0
  294. package/lib/db-entries/index.d.ts +2 -0
  295. package/lib/db-entries/index.js +2 -0
  296. package/lib/db-entries/organization-role-resource-scope-relation.d.ts +20 -0
  297. package/lib/db-entries/organization-role-resource-scope-relation.js +29 -0
  298. package/lib/db-entries/organization.d.ts +6 -2
  299. package/lib/db-entries/organization.js +5 -0
  300. package/lib/db-entries/scope.d.ts +2 -2
  301. package/lib/db-entries/scope.js +2 -2
  302. package/lib/db-entries/user.d.ts +10 -2
  303. package/lib/db-entries/user.js +9 -1
  304. package/lib/foundations/jsonb-types/hooks.d.ts +71 -3
  305. package/lib/foundations/jsonb-types/hooks.js +98 -7
  306. package/lib/foundations/jsonb-types/index.d.ts +1 -5
  307. package/lib/foundations/jsonb-types/index.js +1 -7
  308. package/lib/foundations/jsonb-types/users.d.ts +103 -6
  309. package/lib/foundations/jsonb-types/users.js +26 -1
  310. package/lib/seeds/cloud-api.d.ts +6 -3
  311. package/lib/seeds/cloud-api.js +6 -2
  312. package/lib/types/alteration.d.ts +1 -1
  313. package/lib/types/application.d.ts +88 -7
  314. package/lib/types/application.js +7 -4
  315. package/lib/types/consent.d.ts +307 -38
  316. package/lib/types/consent.js +11 -7
  317. package/lib/types/hook.d.ts +6 -20
  318. package/lib/types/index.d.ts +2 -1
  319. package/lib/types/index.js +2 -1
  320. package/lib/types/log/index.d.ts +4 -1
  321. package/lib/types/log/index.js +1 -0
  322. package/lib/types/log/jwt-customizer.d.ts +8 -0
  323. package/lib/types/log/jwt-customizer.js +7 -0
  324. package/lib/types/logto-config/index.d.ts +1098 -0
  325. package/lib/types/{logto-config.js → logto-config/index.js} +25 -0
  326. package/lib/types/logto-config/jwt-customizer.d.ts +1726 -0
  327. package/lib/types/logto-config/jwt-customizer.js +92 -0
  328. package/lib/types/logto-config/jwt-customizer.test.d.ts +1 -0
  329. package/lib/types/logto-config/jwt-customizer.test.js +78 -0
  330. package/lib/types/logto-config/oidc-provider.d.ts +67 -0
  331. package/lib/types/logto-config/oidc-provider.js +33 -0
  332. package/lib/types/onboarding.d.ts +144 -0
  333. package/lib/types/onboarding.js +75 -0
  334. package/lib/types/organization.d.ts +17 -5
  335. package/lib/types/organization.js +10 -0
  336. package/lib/types/scope.d.ts +3 -3
  337. package/lib/types/service-log.d.ts +2 -1
  338. package/lib/types/service-log.js +1 -0
  339. package/lib/types/sso-connector.d.ts +16 -2
  340. package/lib/types/sso-connector.js +17 -4
  341. package/lib/types/system.d.ts +30 -3
  342. package/lib/types/system.js +16 -0
  343. package/lib/types/tenant-organization.d.ts +10 -6
  344. package/lib/types/tenant-organization.js +19 -9
  345. package/lib/types/user.d.ts +231 -192
  346. package/lib/types/user.js +5 -1
  347. package/lib/utils/domain.test.js +1 -0
  348. package/lib/utils/zod.d.ts +4 -0
  349. package/lib/utils/zod.js +1 -0
  350. package/package.json +17 -19
  351. package/tables/_functions.sql +8 -0
  352. package/tables/application_user_consent_organization_resource_scopes.sql +18 -0
  353. package/tables/organization_role_resource_scope_relations.sql +12 -0
  354. package/tables/organizations.sql +2 -0
  355. package/tables/scopes.sql +1 -1
  356. package/tables/users.sql +10 -1
  357. package/lib/types/logto-config.d.ts +0 -154
package/lib/types/sso-connector.d.ts CHANGED
@@ -25,7 +25,12 @@ export declare enum SsoProviderName {
25
25
  SAML = "SAML",
26
26
  AZURE_AD = "AzureAD",
27
27
  GOOGLE_WORKSPACE = "GoogleWorkspace",
28
- OKTA = "Okta"
28
+ OKTA = "Okta",
29
+ AZURE_AD_OIDC = "AzureAdOidc"
30
+ }
31
+ export declare enum SsoProviderType {
32
+ OIDC = "oidc",
33
+ SAML = "saml"
29
34
  }
30
35
  export declare const singleSignOnDomainBlackList: readonly string[];
31
36
  export type SupportedSsoConnector = Omit<SsoConnector, 'providerName'> & {
@@ -33,6 +38,7 @@ export type SupportedSsoConnector = Omit<SsoConnector, 'providerName'> & {
33
38
  };
34
39
  declare const ssoConnectorProviderDetailGuard: z.ZodObject<{
35
40
  providerName: z.ZodNativeEnum<typeof SsoProviderName>;
41
+ providerType: z.ZodNativeEnum<typeof SsoProviderType>;
36
42
  logo: z.ZodString;
37
43
  logoDark: z.ZodString;
38
44
  description: z.ZodString;
@@ -43,16 +49,19 @@ declare const ssoConnectorProviderDetailGuard: z.ZodObject<{
43
49
  description: string;
44
50
  logoDark: string;
45
51
  providerName: SsoProviderName;
52
+ providerType: SsoProviderType;
46
53
  }, {
47
54
  name: string;
48
55
  logo: string;
49
56
  description: string;
50
57
  logoDark: string;
51
58
  providerName: SsoProviderName;
59
+ providerType: SsoProviderType;
52
60
  }>;
53
61
  export type SsoConnectorProviderDetail = z.infer<typeof ssoConnectorProviderDetailGuard>;
54
62
  export declare const ssoConnectorProvidersResponseGuard: z.ZodArray<z.ZodObject<{
55
63
  providerName: z.ZodNativeEnum<typeof SsoProviderName>;
64
+ providerType: z.ZodNativeEnum<typeof SsoProviderType>;
56
65
  logo: z.ZodString;
57
66
  logoDark: z.ZodString;
58
67
  description: z.ZodString;
@@ -63,12 +72,14 @@ export declare const ssoConnectorProvidersResponseGuard: z.ZodArray<z.ZodObject<
63
72
  description: string;
64
73
  logoDark: string;
65
74
  providerName: SsoProviderName;
75
+ providerType: SsoProviderType;
66
76
  }, {
67
77
  name: string;
68
78
  logo: string;
69
79
  description: string;
70
80
  logoDark: string;
71
81
  providerName: SsoProviderName;
82
+ providerType: SsoProviderType;
72
83
  }>, "many">;
73
84
  export type SsoConnectorProvidersResponse = z.infer<typeof ssoConnectorProvidersResponseGuard>;
74
85
  export declare const ssoConnectorWithProviderConfigGuard: z.ZodObject<{
@@ -87,9 +98,10 @@ export declare const ssoConnectorWithProviderConfigGuard: z.ZodObject<{
87
98
  syncProfile: z.ZodType<boolean, z.ZodTypeDef, boolean>;
88
99
  config: z.ZodType<import("@withtyped/server").JsonObject, z.ZodTypeDef, import("@withtyped/server").JsonObject>;
89
100
  domains: z.ZodType<string[], z.ZodTypeDef, string[]>;
101
+ providerName: z.ZodNativeEnum<typeof SsoProviderName>;
90
102
  connectorName: z.ZodType<string, z.ZodTypeDef, string>;
91
103
  name: z.ZodString;
92
- providerName: z.ZodNativeEnum<typeof SsoProviderName>;
104
+ providerType: z.ZodNativeEnum<typeof SsoProviderType>;
93
105
  providerLogo: z.ZodString;
94
106
  providerLogoDark: z.ZodString;
95
107
  providerConfig: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
@@ -108,6 +120,7 @@ export declare const ssoConnectorWithProviderConfigGuard: z.ZodObject<{
108
120
  domains: string[];
109
121
  providerName: SsoProviderName;
110
122
  connectorName: string;
123
+ providerType: SsoProviderType;
111
124
  providerLogo: string;
112
125
  providerLogoDark: string;
113
126
  providerConfig?: Record<string, unknown> | undefined;
@@ -126,6 +139,7 @@ export declare const ssoConnectorWithProviderConfigGuard: z.ZodObject<{
126
139
  domains: string[];
127
140
  providerName: SsoProviderName;
128
141
  connectorName: string;
142
+ providerType: SsoProviderType;
129
143
  providerLogo: string;
130
144
  providerLogoDark: string;
131
145
  providerConfig?: Record<string, unknown> | undefined;
package/lib/types/sso-connector.js CHANGED
@@ -16,7 +16,13 @@ export var SsoProviderName;
16
16
  SsoProviderName["AZURE_AD"] = "AzureAD";
17
17
  SsoProviderName["GOOGLE_WORKSPACE"] = "GoogleWorkspace";
18
18
  SsoProviderName["OKTA"] = "Okta";
19
+ SsoProviderName["AZURE_AD_OIDC"] = "AzureAdOidc";
19
20
  })(SsoProviderName || (SsoProviderName = {}));
21
+ export var SsoProviderType;
22
+ (function (SsoProviderType) {
23
+ SsoProviderType["OIDC"] = "oidc";
24
+ SsoProviderType["SAML"] = "saml";
25
+ })(SsoProviderType || (SsoProviderType = {}));
20
26
  export const singleSignOnDomainBlackList = Object.freeze([
21
27
  'gmail.com',
22
28
  'yahoo.com',
@@ -40,6 +46,7 @@ export const singleSignOnDomainBlackList = Object.freeze([
40
46
  ]);
41
47
  const ssoConnectorProviderDetailGuard = z.object({
42
48
  providerName: z.nativeEnum(SsoProviderName),
49
+ providerType: z.nativeEnum(SsoProviderType),
43
50
  logo: z.string(),
44
51
  logoDark: z.string(),
45
52
  description: z.string(),
@@ -48,11 +55,17 @@ const ssoConnectorProviderDetailGuard = z.object({
48
55
  export const ssoConnectorProvidersResponseGuard = z.array(ssoConnectorProviderDetailGuard);
49
56
  // API response guard for all the SSO connectors CRUD APIs
50
57
  export const ssoConnectorWithProviderConfigGuard = SsoConnectors.guard
51
- .omit({ providerName: true })
52
- .merge(z.object({
53
- name: z.string(), // For display purpose, generate from i18n key name defined by SSO factory.
54
- providerName: z.nativeEnum(SsoProviderName),
58
+ // Must be a supported SSO provider name. Overwrite the providerName string type to enum.
59
+ .extend({ providerName: z.nativeEnum(SsoProviderName) })
60
+ .merge(
61
+ // Static provider details
62
+ z.object({
63
+ name: z.string(),
64
+ providerType: z.nativeEnum(SsoProviderType),
55
65
  providerLogo: z.string(),
56
66
  providerLogoDark: z.string(),
67
+ // SSO connection config parsed from the provider.
68
+ // - OIDC: connection config fetched from the OIDC provider.
69
+ // - SAML: connection config fetched from the metadata url or metadata file.
57
70
  providerConfig: z.record(z.unknown()).optional(),
58
71
  }));
package/lib/types/system.d.ts CHANGED
@@ -153,14 +153,14 @@ export declare const demoSocialDataGuard: z.ZodArray<z.ZodObject<{
153
153
  name: string;
154
154
  logo: string;
155
155
  logoDark: string;
156
- provider: DemoSocialProvider;
157
156
  clientId: string;
157
+ provider: DemoSocialProvider;
158
158
  }, {
159
159
  name: string;
160
160
  logo: string;
161
161
  logoDark: string;
162
- provider: DemoSocialProvider;
163
162
  clientId: string;
163
+ provider: DemoSocialProvider;
164
164
  }>, "many">;
165
165
  export type DemoSocialData = z.infer<typeof demoSocialDataGuard>;
166
166
  export declare enum DemoSocialKey {
@@ -206,15 +206,42 @@ export declare const protectedAppConfigProviderDataGuard: z.ZodObject<{
206
206
  keyName: string;
207
207
  }>;
208
208
  export type ProtectedAppConfigProviderData = z.infer<typeof protectedAppConfigProviderDataGuard>;
209
+ /**
210
+ * Cloudflare workers config for custom JWT.
211
+ * Ref: https://developers.cloudflare.com/api/
212
+ */
213
+ export declare const customJwtWorkerConfigGuard: z.ZodObject<{
214
+ /** Cloudflare API Key (api_key). */
215
+ apiKey: z.ZodString;
216
+ /** Cloudflare API Key (api_email). */
217
+ apiEmail: z.ZodString;
218
+ /** Cloudflare account ID. */
219
+ accountId: z.ZodString;
220
+ /** Default Cloudflare subdomain for the account. */
221
+ subdomain: z.ZodString;
222
+ }, "strip", z.ZodTypeAny, {
223
+ accountId: string;
224
+ apiKey: string;
225
+ apiEmail: string;
226
+ subdomain: string;
227
+ }, {
228
+ accountId: string;
229
+ apiKey: string;
230
+ apiEmail: string;
231
+ subdomain: string;
232
+ }>;
233
+ export type CustomJwtWorkerConfig = z.infer<typeof customJwtWorkerConfigGuard>;
209
234
  export declare enum CloudflareKey {
210
235
  HostnameProvider = "cloudflareHostnameProvider",
211
236
  ProtectedAppConfigProvider = "cloudflareProtectedAppConfigProvider",
212
- ProtectedAppHostnameProvider = "cloudflareProtectedAppHostnameProvider"
237
+ ProtectedAppHostnameProvider = "cloudflareProtectedAppHostnameProvider",
238
+ CustomJwtWorkerConfig = "cloudflareCustomJwtWorkerConfig"
213
239
  }
214
240
  export type CloudflareType = {
215
241
  [CloudflareKey.HostnameProvider]: HostnameProviderData;
216
242
  [CloudflareKey.ProtectedAppConfigProvider]: ProtectedAppConfigProviderData;
217
243
  [CloudflareKey.ProtectedAppHostnameProvider]: HostnameProviderData;
244
+ [CloudflareKey.CustomJwtWorkerConfig]: CustomJwtWorkerConfig;
218
245
  };
219
246
  export declare const cloudflareGuard: Readonly<{
220
247
  [key in CloudflareKey]: ZodType<CloudflareType[key]>;
package/lib/types/system.js CHANGED
@@ -114,16 +114,32 @@ export const protectedAppConfigProviderDataGuard = z.object({
114
114
  domain: z.string(),
115
115
  apiToken: z.string(), // Requires account permission for "KV Storage Edit"
116
116
  });
117
+ /**
118
+ * Cloudflare workers config for custom JWT.
119
+ * Ref: https://developers.cloudflare.com/api/
120
+ */
121
+ export const customJwtWorkerConfigGuard = z.object({
122
+ /** Cloudflare API Key (api_key). */
123
+ apiKey: z.string(),
124
+ /** Cloudflare API Key (api_email). */
125
+ apiEmail: z.string(),
126
+ /** Cloudflare account ID. */
127
+ accountId: z.string(),
128
+ /** Default Cloudflare subdomain for the account. */
129
+ subdomain: z.string(),
130
+ });
117
131
  export var CloudflareKey;
118
132
  (function (CloudflareKey) {
119
133
  CloudflareKey["HostnameProvider"] = "cloudflareHostnameProvider";
120
134
  CloudflareKey["ProtectedAppConfigProvider"] = "cloudflareProtectedAppConfigProvider";
121
135
  CloudflareKey["ProtectedAppHostnameProvider"] = "cloudflareProtectedAppHostnameProvider";
136
+ CloudflareKey["CustomJwtWorkerConfig"] = "cloudflareCustomJwtWorkerConfig";
122
137
  })(CloudflareKey || (CloudflareKey = {}));
123
138
  export const cloudflareGuard = Object.freeze({
124
139
  [CloudflareKey.HostnameProvider]: hostnameProviderDataGuard,
125
140
  [CloudflareKey.ProtectedAppConfigProvider]: protectedAppConfigProviderDataGuard,
126
141
  [CloudflareKey.ProtectedAppHostnameProvider]: hostnameProviderDataGuard,
142
+ [CloudflareKey.CustomJwtWorkerConfig]: customJwtWorkerConfigGuard,
127
143
  });
128
144
  export const systemKeys = Object.freeze([
129
145
  ...Object.values(AlterationStateKey),
package/lib/types/tenant-organization.d.ts CHANGED
@@ -9,6 +9,8 @@
9
9
  import { type CreateOrganization, type OrganizationRole, type OrganizationScope } from '../db-entries/index.js';
10
10
  /** Given a tenant ID, return the corresponding organization ID in the admin tenant. */
11
11
  export declare const getTenantOrganizationId: (tenantId: string) => string;
12
+ /** Given an admin tenant organization ID, check the format and return the corresponding user tenant ID. */
13
+ export declare const getTenantIdFromOrganizationId: (organizationId: string) => string;
12
14
  /**
13
15
  * Given a tenant ID, return the organization create data for the admin tenant. It follows a
14
16
  * convention to generate the organization ID and name which can be used across the system.
@@ -41,6 +43,8 @@ export declare enum TenantScope {
41
43
  WriteData = "write:data",
42
44
  /** Delete data of the tenant. */
43
45
  DeleteData = "delete:data",
46
+ /** Read members of the tenant. */
47
+ ReadMember = "read:member",
44
48
  /** Invite members to the tenant. */
45
49
  InviteMember = "invite:member",
46
50
  /** Remove members from the tenant. */
@@ -78,22 +82,22 @@ export declare const getTenantScope: (scope: TenantScope) => Readonly<Organizati
78
82
  export declare enum TenantRole {
79
83
  /** Admin of the tenant, who has all permissions. */
80
84
  Admin = "admin",
81
- /** Member of the tenant, who has permissions to operate the tenant data, but not the tenant settings. */
82
- Member = "member"
85
+ /** Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings. */
86
+ Collaborator = "collaborator"
83
87
  }
84
88
  /**
85
89
  * Given a tenant role, return the corresponding organization role data in the admin tenant.
86
90
  *
87
91
  * @example
88
92
  * ```ts
89
- * const role = TenantRole.Member; // 'member'
93
+ * const role = TenantRole.Collaborator; // 'collaborator'
90
94
  * const roleData = getTenantRole(role);
91
95
  *
92
96
  * expect(roleData).toEqual({
93
97
  * tenantId: 'admin',
94
- * id: 'member',
95
- * name: 'member',
96
- * description: 'Member of the tenant, who has permissions to operate the tenant data, but not the tenant settings.',
98
+ * id: 'collaborator',
99
+ * name: 'collaborator',
100
+ * description: 'Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings.',
97
101
  * });
98
102
  * ```
99
103
  *
package/lib/types/tenant-organization.js CHANGED
@@ -9,6 +9,13 @@
9
9
  import { adminTenantId } from '../seeds/tenant.js';
10
10
  /** Given a tenant ID, return the corresponding organization ID in the admin tenant. */
11
11
  export const getTenantOrganizationId = (tenantId) => `t-${tenantId}`;
12
+ /** Given an admin tenant organization ID, check the format and return the corresponding user tenant ID. */
13
+ export const getTenantIdFromOrganizationId = (organizationId) => {
14
+ if (!organizationId.startsWith('t-')) {
15
+ throw new Error(`Invalid admin tenant organization ID: ${organizationId}`);
16
+ }
17
+ return organizationId.slice(2);
18
+ };
12
19
  /**
13
20
  * Given a tenant ID, return the organization create data for the admin tenant. It follows a
14
21
  * convention to generate the organization ID and name which can be used across the system.
@@ -46,6 +53,8 @@ export var TenantScope;
46
53
  TenantScope["WriteData"] = "write:data";
47
54
  /** Delete data of the tenant. */
48
55
  TenantScope["DeleteData"] = "delete:data";
56
+ /** Read members of the tenant. */
57
+ TenantScope["ReadMember"] = "read:member";
49
58
  /** Invite members to the tenant. */
50
59
  TenantScope["InviteMember"] = "invite:member";
51
60
  /** Remove members from the tenant. */
@@ -84,6 +93,7 @@ const tenantScopeDescriptions = Object.freeze({
84
93
  [TenantScope.ReadData]: 'Read the tenant data.',
85
94
  [TenantScope.WriteData]: 'Write the tenant data, including creating and updating the tenant.',
86
95
  [TenantScope.DeleteData]: 'Delete data of the tenant.',
96
+ [TenantScope.ReadMember]: 'Read members of the tenant.',
87
97
  [TenantScope.InviteMember]: 'Invite members to the tenant.',
88
98
  [TenantScope.RemoveMember]: 'Remove members from the tenant.',
89
99
  [TenantScope.UpdateMemberRole]: 'Update the role of a member in the tenant.',
@@ -99,26 +109,26 @@ export var TenantRole;
99
109
  (function (TenantRole) {
100
110
  /** Admin of the tenant, who has all permissions. */
101
111
  TenantRole["Admin"] = "admin";
102
- /** Member of the tenant, who has permissions to operate the tenant data, but not the tenant settings. */
103
- TenantRole["Member"] = "member";
112
+ /** Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings. */
113
+ TenantRole["Collaborator"] = "collaborator";
104
114
  })(TenantRole || (TenantRole = {}));
105
115
  const tenantRoleDescriptions = Object.freeze({
106
116
  [TenantRole.Admin]: 'Admin of the tenant, who has all permissions.',
107
- [TenantRole.Member]: 'Member of the tenant, who has permissions to operate the tenant data, but not the tenant settings.',
117
+ [TenantRole.Collaborator]: 'Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings.',
108
118
  });
109
119
  /**
110
120
  * Given a tenant role, return the corresponding organization role data in the admin tenant.
111
121
  *
112
122
  * @example
113
123
  * ```ts
114
- * const role = TenantRole.Member; // 'member'
124
+ * const role = TenantRole.Collaborator; // 'collaborator'
115
125
  * const roleData = getTenantRole(role);
116
126
  *
117
127
  * expect(roleData).toEqual({
118
128
  * tenantId: 'admin',
119
- * id: 'member',
120
- * name: 'member',
121
- * description: 'Member of the tenant, who has permissions to operate the tenant data, but not the tenant settings.',
129
+ * id: 'collaborator',
130
+ * name: 'collaborator',
131
+ * description: 'Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings.',
122
132
  * });
123
133
  * ```
124
134
  *
@@ -136,10 +146,10 @@ export const getTenantRole = (role) => Object.freeze({
136
146
  */
137
147
  export const tenantRoleScopes = Object.freeze({
138
148
  [TenantRole.Admin]: allTenantScopes,
139
- [TenantRole.Member]: [
149
+ [TenantRole.Collaborator]: [
140
150
  TenantScope.ReadData,
141
151
  TenantScope.WriteData,
142
152
  TenantScope.DeleteData,
143
- TenantScope.InviteMember,
153
+ TenantScope.ReadMember,
144
154
  ],
145
155
  });