@logto/schemas 1.35.0 → 1.37.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (85) hide show
  1. package/alterations/1.36.0-1767193412-allow-token-exchange.ts +34 -0
  2. package/alterations/1.36.0-1767859553-passkey-sign-in.ts +21 -0
  3. package/alterations/1.36.0-1768192304-enable-account-center-for-admin-tenant.ts +32 -0
  4. package/alterations/1.36.0-1768464306-enable-mfa-for-admin-tenant.ts +30 -0
  5. package/alterations/1.36.0-1768758295-add-user-geo-location.ts +32 -0
  6. package/alterations/1.36.0-1768891516-add-user-sign-in-countries-table.ts +33 -0
  7. package/alterations/1.36.0-1769067642-add-adaptive-mfa-configuration.ts +19 -0
  8. package/alterations/1.36.0-1769172677-enable-organization-mfa-policy-for-admin-tenant.ts +31 -0
  9. package/alterations/1.37.0-1770295353-add-default-id-token-config.ts +30 -0
  10. package/alterations/1.37.0-1770361004-add-oidc-model-instances-session-account-id-indexes.ts +37 -0
  11. package/alterations/1.37.0-1770362227-add-client-id-column-to-oidc-session-extensions-table.ts +20 -0
  12. package/alterations-js/1.36.0-1767193412-allow-token-exchange.js +30 -0
  13. package/alterations-js/1.36.0-1767859553-passkey-sign-in.js +17 -0
  14. package/alterations-js/1.36.0-1768192304-enable-account-center-for-admin-tenant.js +27 -0
  15. package/alterations-js/1.36.0-1768464306-enable-mfa-for-admin-tenant.js +25 -0
  16. package/alterations-js/1.36.0-1768758295-add-user-geo-location.js +27 -0
  17. package/alterations-js/1.36.0-1768891516-add-user-sign-in-countries-table.js +28 -0
  18. package/alterations-js/1.36.0-1769067642-add-adaptive-mfa-configuration.js +15 -0
  19. package/alterations-js/1.36.0-1769172677-enable-organization-mfa-policy-for-admin-tenant.js +26 -0
  20. package/alterations-js/1.37.0-1770295353-add-default-id-token-config.js +23 -0
  21. package/alterations-js/1.37.0-1770361004-add-oidc-model-instances-session-account-id-indexes.js +31 -0
  22. package/alterations-js/1.37.0-1770362227-add-client-id-column-to-oidc-session-extensions-table.js +16 -0
  23. package/lib/db-entries/index.d.ts +2 -0
  24. package/lib/db-entries/index.js +2 -0
  25. package/lib/db-entries/oidc-session-extension.d.ts +3 -1
  26. package/lib/db-entries/oidc-session-extension.js +4 -0
  27. package/lib/db-entries/sign-in-experience.d.ts +6 -2
  28. package/lib/db-entries/sign-in-experience.js +9 -1
  29. package/lib/db-entries/user-geo-location.d.ts +24 -0
  30. package/lib/db-entries/user-geo-location.js +37 -0
  31. package/lib/db-entries/user-sign-in-country.d.ts +24 -0
  32. package/lib/db-entries/user-sign-in-country.js +33 -0
  33. package/lib/foundations/jsonb-types/account-centers.d.ts +3 -0
  34. package/lib/foundations/jsonb-types/account-centers.js +1 -0
  35. package/lib/foundations/jsonb-types/custom-profile-fields.d.ts +8 -8
  36. package/lib/foundations/jsonb-types/hooks.d.ts +4 -3
  37. package/lib/foundations/jsonb-types/hooks.js +2 -0
  38. package/lib/foundations/jsonb-types/logs.d.ts +700 -0
  39. package/lib/foundations/jsonb-types/logs.js +51 -0
  40. package/lib/foundations/jsonb-types/oidc-module.d.ts +343 -3
  41. package/lib/foundations/jsonb-types/oidc-module.js +57 -3
  42. package/lib/foundations/jsonb-types/saml-application-configs.d.ts +1 -1
  43. package/lib/foundations/jsonb-types/sentinel.d.ts +13 -1
  44. package/lib/foundations/jsonb-types/sentinel.js +12 -0
  45. package/lib/foundations/jsonb-types/sign-in-experience.d.ts +59 -0
  46. package/lib/foundations/jsonb-types/sign-in-experience.js +11 -0
  47. package/lib/seeds/account-center.d.ts +6 -0
  48. package/lib/seeds/account-center.js +24 -0
  49. package/lib/seeds/cloud-api.d.ts +3 -1
  50. package/lib/seeds/cloud-api.js +2 -0
  51. package/lib/seeds/logto-config.d.ts +6 -1
  52. package/lib/seeds/logto-config.js +11 -0
  53. package/lib/seeds/sign-in-experience.js +6 -1
  54. package/lib/types/application.d.ts +6 -0
  55. package/lib/types/consent.d.ts +4 -0
  56. package/lib/types/custom-profile-fields.d.ts +36 -36
  57. package/lib/types/hook.d.ts +2 -2
  58. package/lib/types/index.d.ts +1 -0
  59. package/lib/types/index.js +1 -0
  60. package/lib/types/log/index.d.ts +12 -6
  61. package/lib/types/log/interaction.d.ts +5 -1
  62. package/lib/types/logto-config/index.d.ts +1190 -91
  63. package/lib/types/logto-config/index.js +9 -0
  64. package/lib/types/logto-config/jwt-customizer.d.ts +2059 -136
  65. package/lib/types/logto-config/jwt-customizer.js +22 -2
  66. package/lib/types/logto-config/jwt-customizer.test.js +27 -1
  67. package/lib/types/logto-config/oidc-provider.d.ts +8 -8
  68. package/lib/types/saml-application.d.ts +7 -7
  69. package/lib/types/sign-in-experience.d.ts +6 -0
  70. package/lib/types/user-logto-config.d.ts +49 -0
  71. package/lib/types/user-logto-config.js +23 -0
  72. package/lib/types/user-sessions.d.ts +3208 -0
  73. package/lib/types/user-sessions.js +26 -0
  74. package/lib/types/user.d.ts +7 -7
  75. package/lib/types/verification-records/verification-type.d.ts +1 -0
  76. package/lib/types/verification-records/verification-type.js +1 -0
  77. package/lib/types/verification-records/web-authn-verification.d.ts +145 -8
  78. package/lib/types/verification-records/web-authn-verification.js +17 -3
  79. package/package.json +5 -5
  80. package/tables/oidc_model_instances.sql +7 -0
  81. package/tables/oidc_session_extensions.sql +1 -0
  82. package/tables/sign_in_experiences.sql +2 -0
  83. package/tables/user_geo_locations.sql +14 -0
  84. package/tables/user_sign_in_countries.sql +16 -0
  85. package/tables/users.sql +3 -0
package/lib/types/logto-config/index.d.ts CHANGED
@@ -1,3 +1,4 @@
1
+ import { extendedIdTokenClaims } from '@logto/core-kit';
1
2
  import type { ZodType } from 'zod';
2
3
  import { z } from 'zod';
3
4
  import { type AccessTokenJwtCustomizer, type ClientCredentialsJwtCustomizer } from './jwt-customizer.js';
@@ -76,28 +77,28 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
76
77
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
77
78
  }, "strict", z.ZodTypeAny, {
78
79
  grantId?: string | undefined;
80
+ sid?: string | undefined;
81
+ jti?: string | undefined;
82
+ kind?: "AccessToken" | undefined;
83
+ accountId?: string | undefined;
79
84
  scope?: string | undefined;
80
85
  sessionUid?: string | undefined;
81
- accountId?: string | undefined;
82
- jti?: string | undefined;
86
+ clientId?: string | undefined;
83
87
  expiresWithSession?: boolean | undefined;
84
88
  gty?: string | undefined;
85
- sid?: string | undefined;
86
- kind?: "AccessToken" | undefined;
87
89
  aud?: string | string[] | undefined;
88
- clientId?: string | undefined;
89
90
  }, {
90
91
  grantId?: string | undefined;
92
+ sid?: string | undefined;
93
+ jti?: string | undefined;
94
+ kind?: "AccessToken" | undefined;
95
+ accountId?: string | undefined;
91
96
  scope?: string | undefined;
92
97
  sessionUid?: string | undefined;
93
- accountId?: string | undefined;
94
- jti?: string | undefined;
98
+ clientId?: string | undefined;
95
99
  expiresWithSession?: boolean | undefined;
96
100
  gty?: string | undefined;
97
- sid?: string | undefined;
98
- kind?: "AccessToken" | undefined;
99
101
  aud?: string | string[] | undefined;
100
- clientId?: string | undefined;
101
102
  }>>;
102
103
  contextSample: z.ZodOptional<z.ZodObject<{
103
104
  user: z.ZodObject<{
@@ -157,10 +158,10 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
157
158
  details?: Record<string, import("@withtyped/server").Json> | undefined;
158
159
  }>>>;
159
160
  updatedAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
161
+ lastSignInAt: z.ZodOptional<ZodType<number | null, z.ZodTypeDef, number | null>>;
160
162
  primaryEmail: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
161
163
  primaryPhone: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
162
164
  isSuspended: z.ZodOptional<ZodType<boolean, z.ZodTypeDef, boolean>>;
163
- lastSignInAt: z.ZodOptional<ZodType<number | null, z.ZodTypeDef, number | null>>;
164
165
  hasPassword: z.ZodOptional<z.ZodBoolean>;
165
166
  ssoIdentities: z.ZodOptional<z.ZodArray<z.ZodObject<Pick<{
166
167
  tenantId: ZodType<string, z.ZodTypeDef, string>;
@@ -315,6 +316,10 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
315
316
  }> | undefined;
316
317
  avatar?: string | null | undefined;
317
318
  customData?: import("@withtyped/server").JsonObject | undefined;
319
+ identities?: Record<string, {
320
+ userId: string;
321
+ details?: Record<string, import("@withtyped/server").Json> | undefined;
322
+ }> | undefined;
318
323
  roles?: {
319
324
  name: string;
320
325
  id: string;
@@ -332,15 +337,11 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
332
337
  id: string;
333
338
  description: string | null;
334
339
  }[] | undefined;
335
- identities?: Record<string, {
336
- userId: string;
337
- details?: Record<string, import("@withtyped/server").Json> | undefined;
338
- }> | undefined;
339
340
  updatedAt?: number | undefined;
341
+ lastSignInAt?: number | null | undefined;
340
342
  primaryEmail?: string | null | undefined;
341
343
  primaryPhone?: string | null | undefined;
342
344
  isSuspended?: boolean | undefined;
343
- lastSignInAt?: number | null | undefined;
344
345
  hasPassword?: boolean | undefined;
345
346
  ssoIdentities?: {
346
347
  issuer: string;
@@ -382,6 +383,10 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
382
383
  }> | undefined;
383
384
  avatar?: string | null | undefined;
384
385
  customData?: import("@withtyped/server").JsonObject | undefined;
386
+ identities?: Record<string, {
387
+ userId: string;
388
+ details?: Record<string, import("@withtyped/server").Json> | undefined;
389
+ }> | undefined;
385
390
  roles?: {
386
391
  name: string;
387
392
  id: string;
@@ -399,15 +404,11 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
399
404
  id: string;
400
405
  description: string | null;
401
406
  }[] | undefined;
402
- identities?: Record<string, {
403
- userId: string;
404
- details?: Record<string, import("@withtyped/server").Json> | undefined;
405
- }> | undefined;
406
407
  updatedAt?: number | undefined;
408
+ lastSignInAt?: number | null | undefined;
407
409
  primaryEmail?: string | null | undefined;
408
410
  primaryPhone?: string | null | undefined;
409
411
  isSuspended?: boolean | undefined;
410
- lastSignInAt?: number | null | undefined;
411
412
  hasPassword?: boolean | undefined;
412
413
  ssoIdentities?: {
413
414
  issuer: string;
@@ -727,8 +728,6 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
727
728
  code?: string | undefined;
728
729
  }>, z.ZodObject<Omit<{
729
730
  id: z.ZodString;
730
- type: z.ZodLiteral<import("../index.js").VerificationType.WebAuthn>;
731
- userId: z.ZodString;
732
731
  verified: z.ZodBoolean;
733
732
  registrationChallenge: z.ZodOptional<z.ZodString>;
734
733
  registrationRpId: z.ZodOptional<z.ZodString>;
@@ -761,6 +760,9 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
761
760
  agent: string;
762
761
  name?: string | undefined;
763
762
  }>>;
763
+ } & {
764
+ type: z.ZodLiteral<import("../index.js").VerificationType.WebAuthn>;
765
+ userId: z.ZodString;
764
766
  }, "registrationChallenge" | "authenticationChallenge" | "registrationInfo">, "strip", z.ZodTypeAny, {
765
767
  type: import("../index.js").VerificationType.WebAuthn;
766
768
  id: string;
@@ -773,6 +775,56 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
773
775
  userId: string;
774
776
  verified: boolean;
775
777
  registrationRpId?: string | undefined;
778
+ }>, z.ZodObject<Omit<{
779
+ id: z.ZodString;
780
+ verified: z.ZodBoolean;
781
+ registrationChallenge: z.ZodOptional<z.ZodString>;
782
+ registrationRpId: z.ZodOptional<z.ZodString>;
783
+ authenticationChallenge: z.ZodOptional<z.ZodString>;
784
+ registrationInfo: z.ZodOptional<z.ZodObject<{
785
+ type: z.ZodLiteral<import("../../index.js").MfaFactor.WebAuthn>;
786
+ rpId: z.ZodString;
787
+ credentialId: z.ZodString;
788
+ publicKey: z.ZodString;
789
+ transports: z.ZodArray<z.ZodEnum<["usb", "nfc", "ble", "internal", "cable", "hybrid", "smart-card"]>, "many">;
790
+ counter: z.ZodNumber;
791
+ agent: z.ZodString;
792
+ name: z.ZodOptional<z.ZodString>;
793
+ }, "strip", z.ZodTypeAny, {
794
+ type: import("../../index.js").MfaFactor.WebAuthn;
795
+ rpId: string;
796
+ credentialId: string;
797
+ publicKey: string;
798
+ transports: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[];
799
+ counter: number;
800
+ agent: string;
801
+ name?: string | undefined;
802
+ }, {
803
+ type: import("../../index.js").MfaFactor.WebAuthn;
804
+ rpId: string;
805
+ credentialId: string;
806
+ publicKey: string;
807
+ transports: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[];
808
+ counter: number;
809
+ agent: string;
810
+ name?: string | undefined;
811
+ }>>;
812
+ } & {
813
+ type: z.ZodLiteral<import("../index.js").VerificationType.SignInWebAuthn>;
814
+ userId: z.ZodOptional<z.ZodString>;
815
+ authenticationRpId: z.ZodOptional<z.ZodString>;
816
+ }, "registrationChallenge" | "authenticationChallenge" | "registrationInfo" | "authenticationRpId">, "strip", z.ZodTypeAny, {
817
+ type: import("../index.js").VerificationType.SignInWebAuthn;
818
+ id: string;
819
+ verified: boolean;
820
+ userId?: string | undefined;
821
+ registrationRpId?: string | undefined;
822
+ }, {
823
+ type: import("../index.js").VerificationType.SignInWebAuthn;
824
+ id: string;
825
+ verified: boolean;
826
+ userId?: string | undefined;
827
+ registrationRpId?: string | undefined;
776
828
  }>, z.ZodObject<{
777
829
  id: z.ZodString;
778
830
  type: z.ZodLiteral<import("../index.js").VerificationType.OneTimeToken>;
@@ -846,6 +898,7 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
846
898
  type: import("../../index.js").SignInIdentifier;
847
899
  };
848
900
  }>]>, "many">>;
901
+ signInContext: z.ZodOptional<z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>>;
849
902
  }, "strip", z.ZodTypeAny, {
850
903
  userId?: string | undefined;
851
904
  interactionEvent?: import("../interactions.js").InteractionEvent | undefined;
@@ -934,7 +987,14 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
934
987
  userId: string;
935
988
  verified: boolean;
936
989
  registrationRpId?: string | undefined;
990
+ } | {
991
+ type: import("../index.js").VerificationType.SignInWebAuthn;
992
+ id: string;
993
+ verified: boolean;
994
+ userId?: string | undefined;
995
+ registrationRpId?: string | undefined;
937
996
  })[] | undefined;
997
+ signInContext?: Record<string, string> | undefined;
938
998
  }, {
939
999
  userId?: string | undefined;
940
1000
  interactionEvent?: import("../interactions.js").InteractionEvent | undefined;
@@ -1023,7 +1083,199 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1023
1083
  userId: string;
1024
1084
  verified: boolean;
1025
1085
  registrationRpId?: string | undefined;
1086
+ } | {
1087
+ type: import("../index.js").VerificationType.SignInWebAuthn;
1088
+ id: string;
1089
+ verified: boolean;
1090
+ userId?: string | undefined;
1091
+ registrationRpId?: string | undefined;
1026
1092
  })[] | undefined;
1093
+ signInContext?: Record<string, string> | undefined;
1094
+ }>>;
1095
+ application: z.ZodOptional<z.ZodObject<{
1096
+ type: z.ZodOptional<ZodType<import("../../index.js").ApplicationType, z.ZodTypeDef, import("../../index.js").ApplicationType>>;
1097
+ name: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
1098
+ id: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
1099
+ tenantId: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
1100
+ createdAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
1101
+ customData: z.ZodOptional<ZodType<import("@withtyped/server").JsonObject, z.ZodTypeDef, import("@withtyped/server").JsonObject>>;
1102
+ description: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1103
+ oidcClientMetadata: z.ZodOptional<ZodType<import("../../index.js").OidcClientMetadata, z.ZodTypeDef, import("../../index.js").OidcClientMetadata>>;
1104
+ customClientMetadata: z.ZodOptional<ZodType<{
1105
+ corsAllowedOrigins?: string[] | undefined;
1106
+ idTokenTtl?: number | undefined;
1107
+ refreshTokenTtl?: number | undefined;
1108
+ refreshTokenTtlInDays?: number | undefined;
1109
+ tenantId?: string | undefined;
1110
+ alwaysIssueRefreshToken?: boolean | undefined;
1111
+ rotateRefreshToken?: boolean | undefined;
1112
+ allowTokenExchange?: boolean | undefined;
1113
+ }, z.ZodTypeDef, {
1114
+ corsAllowedOrigins?: string[] | undefined;
1115
+ idTokenTtl?: number | undefined;
1116
+ refreshTokenTtl?: number | undefined;
1117
+ refreshTokenTtlInDays?: number | undefined;
1118
+ tenantId?: string | undefined;
1119
+ alwaysIssueRefreshToken?: boolean | undefined;
1120
+ rotateRefreshToken?: boolean | undefined;
1121
+ allowTokenExchange?: boolean | undefined;
1122
+ }>>;
1123
+ protectedAppMetadata: z.ZodOptional<ZodType<{
1124
+ host: string;
1125
+ origin: string;
1126
+ sessionDuration: number;
1127
+ pageRules: {
1128
+ path: string;
1129
+ }[];
1130
+ customDomains?: {
1131
+ status: import("../../index.js").DomainStatus;
1132
+ domain: string;
1133
+ errorMessage: string | null;
1134
+ dnsRecords: {
1135
+ value: string;
1136
+ type: string;
1137
+ name: string;
1138
+ }[];
1139
+ cloudflareData: {
1140
+ status: string;
1141
+ id: string;
1142
+ ssl: {
1143
+ status: string;
1144
+ validation_errors?: {
1145
+ message: string;
1146
+ }[] | undefined;
1147
+ };
1148
+ verification_errors?: string[] | undefined;
1149
+ } | null;
1150
+ }[] | undefined;
1151
+ } | null, z.ZodTypeDef, {
1152
+ host: string;
1153
+ origin: string;
1154
+ sessionDuration: number;
1155
+ pageRules: {
1156
+ path: string;
1157
+ }[];
1158
+ customDomains?: {
1159
+ status: import("../../index.js").DomainStatus;
1160
+ domain: string;
1161
+ errorMessage: string | null;
1162
+ dnsRecords: {
1163
+ value: string;
1164
+ type: string;
1165
+ name: string;
1166
+ }[];
1167
+ cloudflareData: {
1168
+ status: string;
1169
+ id: string;
1170
+ ssl: {
1171
+ status: string;
1172
+ validation_errors?: {
1173
+ message: string;
1174
+ }[] | undefined;
1175
+ };
1176
+ verification_errors?: string[] | undefined;
1177
+ } | null;
1178
+ }[] | undefined;
1179
+ } | null>>;
1180
+ isThirdParty: z.ZodOptional<ZodType<boolean, z.ZodTypeDef, boolean>>;
1181
+ }, "strip", z.ZodTypeAny, {
1182
+ type?: import("../../index.js").ApplicationType | undefined;
1183
+ name?: string | undefined;
1184
+ id?: string | undefined;
1185
+ tenantId?: string | undefined;
1186
+ createdAt?: number | undefined;
1187
+ customData?: import("@withtyped/server").JsonObject | undefined;
1188
+ description?: string | null | undefined;
1189
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
1190
+ customClientMetadata?: {
1191
+ corsAllowedOrigins?: string[] | undefined;
1192
+ idTokenTtl?: number | undefined;
1193
+ refreshTokenTtl?: number | undefined;
1194
+ refreshTokenTtlInDays?: number | undefined;
1195
+ tenantId?: string | undefined;
1196
+ alwaysIssueRefreshToken?: boolean | undefined;
1197
+ rotateRefreshToken?: boolean | undefined;
1198
+ allowTokenExchange?: boolean | undefined;
1199
+ } | undefined;
1200
+ protectedAppMetadata?: {
1201
+ host: string;
1202
+ origin: string;
1203
+ sessionDuration: number;
1204
+ pageRules: {
1205
+ path: string;
1206
+ }[];
1207
+ customDomains?: {
1208
+ status: import("../../index.js").DomainStatus;
1209
+ domain: string;
1210
+ errorMessage: string | null;
1211
+ dnsRecords: {
1212
+ value: string;
1213
+ type: string;
1214
+ name: string;
1215
+ }[];
1216
+ cloudflareData: {
1217
+ status: string;
1218
+ id: string;
1219
+ ssl: {
1220
+ status: string;
1221
+ validation_errors?: {
1222
+ message: string;
1223
+ }[] | undefined;
1224
+ };
1225
+ verification_errors?: string[] | undefined;
1226
+ } | null;
1227
+ }[] | undefined;
1228
+ } | null | undefined;
1229
+ isThirdParty?: boolean | undefined;
1230
+ }, {
1231
+ type?: import("../../index.js").ApplicationType | undefined;
1232
+ name?: string | undefined;
1233
+ id?: string | undefined;
1234
+ tenantId?: string | undefined;
1235
+ createdAt?: number | undefined;
1236
+ customData?: import("@withtyped/server").JsonObject | undefined;
1237
+ description?: string | null | undefined;
1238
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
1239
+ customClientMetadata?: {
1240
+ corsAllowedOrigins?: string[] | undefined;
1241
+ idTokenTtl?: number | undefined;
1242
+ refreshTokenTtl?: number | undefined;
1243
+ refreshTokenTtlInDays?: number | undefined;
1244
+ tenantId?: string | undefined;
1245
+ alwaysIssueRefreshToken?: boolean | undefined;
1246
+ rotateRefreshToken?: boolean | undefined;
1247
+ allowTokenExchange?: boolean | undefined;
1248
+ } | undefined;
1249
+ protectedAppMetadata?: {
1250
+ host: string;
1251
+ origin: string;
1252
+ sessionDuration: number;
1253
+ pageRules: {
1254
+ path: string;
1255
+ }[];
1256
+ customDomains?: {
1257
+ status: import("../../index.js").DomainStatus;
1258
+ domain: string;
1259
+ errorMessage: string | null;
1260
+ dnsRecords: {
1261
+ value: string;
1262
+ type: string;
1263
+ name: string;
1264
+ }[];
1265
+ cloudflareData: {
1266
+ status: string;
1267
+ id: string;
1268
+ ssl: {
1269
+ status: string;
1270
+ validation_errors?: {
1271
+ message: string;
1272
+ }[] | undefined;
1273
+ };
1274
+ verification_errors?: string[] | undefined;
1275
+ } | null;
1276
+ }[] | undefined;
1277
+ } | null | undefined;
1278
+ isThirdParty?: boolean | undefined;
1027
1279
  }>>;
1028
1280
  }, "strip", z.ZodTypeAny, {
1029
1281
  user: {
@@ -1055,6 +1307,10 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1055
1307
  }> | undefined;
1056
1308
  avatar?: string | null | undefined;
1057
1309
  customData?: import("@withtyped/server").JsonObject | undefined;
1310
+ identities?: Record<string, {
1311
+ userId: string;
1312
+ details?: Record<string, import("@withtyped/server").Json> | undefined;
1313
+ }> | undefined;
1058
1314
  roles?: {
1059
1315
  name: string;
1060
1316
  id: string;
@@ -1072,15 +1328,11 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1072
1328
  id: string;
1073
1329
  description: string | null;
1074
1330
  }[] | undefined;
1075
- identities?: Record<string, {
1076
- userId: string;
1077
- details?: Record<string, import("@withtyped/server").Json> | undefined;
1078
- }> | undefined;
1079
1331
  updatedAt?: number | undefined;
1332
+ lastSignInAt?: number | null | undefined;
1080
1333
  primaryEmail?: string | null | undefined;
1081
1334
  primaryPhone?: string | null | undefined;
1082
1335
  isSuspended?: boolean | undefined;
1083
- lastSignInAt?: number | null | undefined;
1084
1336
  hasPassword?: boolean | undefined;
1085
1337
  ssoIdentities?: {
1086
1338
  issuer: string;
@@ -1094,6 +1346,56 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1094
1346
  roleName: string;
1095
1347
  }[] | undefined;
1096
1348
  };
1349
+ application?: {
1350
+ type?: import("../../index.js").ApplicationType | undefined;
1351
+ name?: string | undefined;
1352
+ id?: string | undefined;
1353
+ tenantId?: string | undefined;
1354
+ createdAt?: number | undefined;
1355
+ customData?: import("@withtyped/server").JsonObject | undefined;
1356
+ description?: string | null | undefined;
1357
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
1358
+ customClientMetadata?: {
1359
+ corsAllowedOrigins?: string[] | undefined;
1360
+ idTokenTtl?: number | undefined;
1361
+ refreshTokenTtl?: number | undefined;
1362
+ refreshTokenTtlInDays?: number | undefined;
1363
+ tenantId?: string | undefined;
1364
+ alwaysIssueRefreshToken?: boolean | undefined;
1365
+ rotateRefreshToken?: boolean | undefined;
1366
+ allowTokenExchange?: boolean | undefined;
1367
+ } | undefined;
1368
+ protectedAppMetadata?: {
1369
+ host: string;
1370
+ origin: string;
1371
+ sessionDuration: number;
1372
+ pageRules: {
1373
+ path: string;
1374
+ }[];
1375
+ customDomains?: {
1376
+ status: import("../../index.js").DomainStatus;
1377
+ domain: string;
1378
+ errorMessage: string | null;
1379
+ dnsRecords: {
1380
+ value: string;
1381
+ type: string;
1382
+ name: string;
1383
+ }[];
1384
+ cloudflareData: {
1385
+ status: string;
1386
+ id: string;
1387
+ ssl: {
1388
+ status: string;
1389
+ validation_errors?: {
1390
+ message: string;
1391
+ }[] | undefined;
1392
+ };
1393
+ verification_errors?: string[] | undefined;
1394
+ } | null;
1395
+ }[] | undefined;
1396
+ } | null | undefined;
1397
+ isThirdParty?: boolean | undefined;
1398
+ } | undefined;
1097
1399
  grant?: {
1098
1400
  type?: import("../oidc-config.js").GrantType.TokenExchange | undefined;
1099
1401
  subjectTokenContext?: Record<string, import("@withtyped/server").Json> | undefined;
@@ -1186,7 +1488,14 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1186
1488
  userId: string;
1187
1489
  verified: boolean;
1188
1490
  registrationRpId?: string | undefined;
1491
+ } | {
1492
+ type: import("../index.js").VerificationType.SignInWebAuthn;
1493
+ id: string;
1494
+ verified: boolean;
1495
+ userId?: string | undefined;
1496
+ registrationRpId?: string | undefined;
1189
1497
  })[] | undefined;
1498
+ signInContext?: Record<string, string> | undefined;
1190
1499
  } | undefined;
1191
1500
  }, {
1192
1501
  user: {
@@ -1218,6 +1527,10 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1218
1527
  }> | undefined;
1219
1528
  avatar?: string | null | undefined;
1220
1529
  customData?: import("@withtyped/server").JsonObject | undefined;
1530
+ identities?: Record<string, {
1531
+ userId: string;
1532
+ details?: Record<string, import("@withtyped/server").Json> | undefined;
1533
+ }> | undefined;
1221
1534
  roles?: {
1222
1535
  name: string;
1223
1536
  id: string;
@@ -1235,15 +1548,11 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1235
1548
  id: string;
1236
1549
  description: string | null;
1237
1550
  }[] | undefined;
1238
- identities?: Record<string, {
1239
- userId: string;
1240
- details?: Record<string, import("@withtyped/server").Json> | undefined;
1241
- }> | undefined;
1242
1551
  updatedAt?: number | undefined;
1552
+ lastSignInAt?: number | null | undefined;
1243
1553
  primaryEmail?: string | null | undefined;
1244
1554
  primaryPhone?: string | null | undefined;
1245
1555
  isSuspended?: boolean | undefined;
1246
- lastSignInAt?: number | null | undefined;
1247
1556
  hasPassword?: boolean | undefined;
1248
1557
  ssoIdentities?: {
1249
1558
  issuer: string;
@@ -1257,6 +1566,56 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1257
1566
  roleName: string;
1258
1567
  }[] | undefined;
1259
1568
  };
1569
+ application?: {
1570
+ type?: import("../../index.js").ApplicationType | undefined;
1571
+ name?: string | undefined;
1572
+ id?: string | undefined;
1573
+ tenantId?: string | undefined;
1574
+ createdAt?: number | undefined;
1575
+ customData?: import("@withtyped/server").JsonObject | undefined;
1576
+ description?: string | null | undefined;
1577
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
1578
+ customClientMetadata?: {
1579
+ corsAllowedOrigins?: string[] | undefined;
1580
+ idTokenTtl?: number | undefined;
1581
+ refreshTokenTtl?: number | undefined;
1582
+ refreshTokenTtlInDays?: number | undefined;
1583
+ tenantId?: string | undefined;
1584
+ alwaysIssueRefreshToken?: boolean | undefined;
1585
+ rotateRefreshToken?: boolean | undefined;
1586
+ allowTokenExchange?: boolean | undefined;
1587
+ } | undefined;
1588
+ protectedAppMetadata?: {
1589
+ host: string;
1590
+ origin: string;
1591
+ sessionDuration: number;
1592
+ pageRules: {
1593
+ path: string;
1594
+ }[];
1595
+ customDomains?: {
1596
+ status: import("../../index.js").DomainStatus;
1597
+ domain: string;
1598
+ errorMessage: string | null;
1599
+ dnsRecords: {
1600
+ value: string;
1601
+ type: string;
1602
+ name: string;
1603
+ }[];
1604
+ cloudflareData: {
1605
+ status: string;
1606
+ id: string;
1607
+ ssl: {
1608
+ status: string;
1609
+ validation_errors?: {
1610
+ message: string;
1611
+ }[] | undefined;
1612
+ };
1613
+ verification_errors?: string[] | undefined;
1614
+ } | null;
1615
+ }[] | undefined;
1616
+ } | null | undefined;
1617
+ isThirdParty?: boolean | undefined;
1618
+ } | undefined;
1260
1619
  grant?: {
1261
1620
  type?: import("../oidc-config.js").GrantType.TokenExchange | undefined;
1262
1621
  subjectTokenContext?: Record<string, import("@withtyped/server").Json> | undefined;
@@ -1349,7 +1708,14 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1349
1708
  userId: string;
1350
1709
  verified: boolean;
1351
1710
  registrationRpId?: string | undefined;
1711
+ } | {
1712
+ type: import("../index.js").VerificationType.SignInWebAuthn;
1713
+ id: string;
1714
+ verified: boolean;
1715
+ userId?: string | undefined;
1716
+ registrationRpId?: string | undefined;
1352
1717
  })[] | undefined;
1718
+ signInContext?: Record<string, string> | undefined;
1353
1719
  } | undefined;
1354
1720
  }>>;
1355
1721
  }, "strict", z.ZodTypeAny, {
@@ -1385,6 +1751,10 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1385
1751
  }> | undefined;
1386
1752
  avatar?: string | null | undefined;
1387
1753
  customData?: import("@withtyped/server").JsonObject | undefined;
1754
+ identities?: Record<string, {
1755
+ userId: string;
1756
+ details?: Record<string, import("@withtyped/server").Json> | undefined;
1757
+ }> | undefined;
1388
1758
  roles?: {
1389
1759
  name: string;
1390
1760
  id: string;
@@ -1402,15 +1772,11 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1402
1772
  id: string;
1403
1773
  description: string | null;
1404
1774
  }[] | undefined;
1405
- identities?: Record<string, {
1406
- userId: string;
1407
- details?: Record<string, import("@withtyped/server").Json> | undefined;
1408
- }> | undefined;
1409
1775
  updatedAt?: number | undefined;
1776
+ lastSignInAt?: number | null | undefined;
1410
1777
  primaryEmail?: string | null | undefined;
1411
1778
  primaryPhone?: string | null | undefined;
1412
1779
  isSuspended?: boolean | undefined;
1413
- lastSignInAt?: number | null | undefined;
1414
1780
  hasPassword?: boolean | undefined;
1415
1781
  ssoIdentities?: {
1416
1782
  issuer: string;
@@ -1424,6 +1790,56 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1424
1790
  roleName: string;
1425
1791
  }[] | undefined;
1426
1792
  };
1793
+ application?: {
1794
+ type?: import("../../index.js").ApplicationType | undefined;
1795
+ name?: string | undefined;
1796
+ id?: string | undefined;
1797
+ tenantId?: string | undefined;
1798
+ createdAt?: number | undefined;
1799
+ customData?: import("@withtyped/server").JsonObject | undefined;
1800
+ description?: string | null | undefined;
1801
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
1802
+ customClientMetadata?: {
1803
+ corsAllowedOrigins?: string[] | undefined;
1804
+ idTokenTtl?: number | undefined;
1805
+ refreshTokenTtl?: number | undefined;
1806
+ refreshTokenTtlInDays?: number | undefined;
1807
+ tenantId?: string | undefined;
1808
+ alwaysIssueRefreshToken?: boolean | undefined;
1809
+ rotateRefreshToken?: boolean | undefined;
1810
+ allowTokenExchange?: boolean | undefined;
1811
+ } | undefined;
1812
+ protectedAppMetadata?: {
1813
+ host: string;
1814
+ origin: string;
1815
+ sessionDuration: number;
1816
+ pageRules: {
1817
+ path: string;
1818
+ }[];
1819
+ customDomains?: {
1820
+ status: import("../../index.js").DomainStatus;
1821
+ domain: string;
1822
+ errorMessage: string | null;
1823
+ dnsRecords: {
1824
+ value: string;
1825
+ type: string;
1826
+ name: string;
1827
+ }[];
1828
+ cloudflareData: {
1829
+ status: string;
1830
+ id: string;
1831
+ ssl: {
1832
+ status: string;
1833
+ validation_errors?: {
1834
+ message: string;
1835
+ }[] | undefined;
1836
+ };
1837
+ verification_errors?: string[] | undefined;
1838
+ } | null;
1839
+ }[] | undefined;
1840
+ } | null | undefined;
1841
+ isThirdParty?: boolean | undefined;
1842
+ } | undefined;
1427
1843
  grant?: {
1428
1844
  type?: import("../oidc-config.js").GrantType.TokenExchange | undefined;
1429
1845
  subjectTokenContext?: Record<string, import("@withtyped/server").Json> | undefined;
@@ -1516,21 +1932,28 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1516
1932
  userId: string;
1517
1933
  verified: boolean;
1518
1934
  registrationRpId?: string | undefined;
1935
+ } | {
1936
+ type: import("../index.js").VerificationType.SignInWebAuthn;
1937
+ id: string;
1938
+ verified: boolean;
1939
+ userId?: string | undefined;
1940
+ registrationRpId?: string | undefined;
1519
1941
  })[] | undefined;
1942
+ signInContext?: Record<string, string> | undefined;
1520
1943
  } | undefined;
1521
1944
  } | undefined;
1522
1945
  tokenSample?: {
1523
1946
  grantId?: string | undefined;
1947
+ sid?: string | undefined;
1948
+ jti?: string | undefined;
1949
+ kind?: "AccessToken" | undefined;
1950
+ accountId?: string | undefined;
1524
1951
  scope?: string | undefined;
1525
1952
  sessionUid?: string | undefined;
1526
- accountId?: string | undefined;
1527
- jti?: string | undefined;
1953
+ clientId?: string | undefined;
1528
1954
  expiresWithSession?: boolean | undefined;
1529
1955
  gty?: string | undefined;
1530
- sid?: string | undefined;
1531
- kind?: "AccessToken" | undefined;
1532
1956
  aud?: string | string[] | undefined;
1533
- clientId?: string | undefined;
1534
1957
  } | undefined;
1535
1958
  }, {
1536
1959
  script: string;
@@ -1565,6 +1988,10 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1565
1988
  }> | undefined;
1566
1989
  avatar?: string | null | undefined;
1567
1990
  customData?: import("@withtyped/server").JsonObject | undefined;
1991
+ identities?: Record<string, {
1992
+ userId: string;
1993
+ details?: Record<string, import("@withtyped/server").Json> | undefined;
1994
+ }> | undefined;
1568
1995
  roles?: {
1569
1996
  name: string;
1570
1997
  id: string;
@@ -1582,15 +2009,11 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1582
2009
  id: string;
1583
2010
  description: string | null;
1584
2011
  }[] | undefined;
1585
- identities?: Record<string, {
1586
- userId: string;
1587
- details?: Record<string, import("@withtyped/server").Json> | undefined;
1588
- }> | undefined;
1589
2012
  updatedAt?: number | undefined;
2013
+ lastSignInAt?: number | null | undefined;
1590
2014
  primaryEmail?: string | null | undefined;
1591
2015
  primaryPhone?: string | null | undefined;
1592
2016
  isSuspended?: boolean | undefined;
1593
- lastSignInAt?: number | null | undefined;
1594
2017
  hasPassword?: boolean | undefined;
1595
2018
  ssoIdentities?: {
1596
2019
  issuer: string;
@@ -1604,6 +2027,56 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1604
2027
  roleName: string;
1605
2028
  }[] | undefined;
1606
2029
  };
2030
+ application?: {
2031
+ type?: import("../../index.js").ApplicationType | undefined;
2032
+ name?: string | undefined;
2033
+ id?: string | undefined;
2034
+ tenantId?: string | undefined;
2035
+ createdAt?: number | undefined;
2036
+ customData?: import("@withtyped/server").JsonObject | undefined;
2037
+ description?: string | null | undefined;
2038
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
2039
+ customClientMetadata?: {
2040
+ corsAllowedOrigins?: string[] | undefined;
2041
+ idTokenTtl?: number | undefined;
2042
+ refreshTokenTtl?: number | undefined;
2043
+ refreshTokenTtlInDays?: number | undefined;
2044
+ tenantId?: string | undefined;
2045
+ alwaysIssueRefreshToken?: boolean | undefined;
2046
+ rotateRefreshToken?: boolean | undefined;
2047
+ allowTokenExchange?: boolean | undefined;
2048
+ } | undefined;
2049
+ protectedAppMetadata?: {
2050
+ host: string;
2051
+ origin: string;
2052
+ sessionDuration: number;
2053
+ pageRules: {
2054
+ path: string;
2055
+ }[];
2056
+ customDomains?: {
2057
+ status: import("../../index.js").DomainStatus;
2058
+ domain: string;
2059
+ errorMessage: string | null;
2060
+ dnsRecords: {
2061
+ value: string;
2062
+ type: string;
2063
+ name: string;
2064
+ }[];
2065
+ cloudflareData: {
2066
+ status: string;
2067
+ id: string;
2068
+ ssl: {
2069
+ status: string;
2070
+ validation_errors?: {
2071
+ message: string;
2072
+ }[] | undefined;
2073
+ };
2074
+ verification_errors?: string[] | undefined;
2075
+ } | null;
2076
+ }[] | undefined;
2077
+ } | null | undefined;
2078
+ isThirdParty?: boolean | undefined;
2079
+ } | undefined;
1607
2080
  grant?: {
1608
2081
  type?: import("../oidc-config.js").GrantType.TokenExchange | undefined;
1609
2082
  subjectTokenContext?: Record<string, import("@withtyped/server").Json> | undefined;
@@ -1696,21 +2169,28 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1696
2169
  userId: string;
1697
2170
  verified: boolean;
1698
2171
  registrationRpId?: string | undefined;
2172
+ } | {
2173
+ type: import("../index.js").VerificationType.SignInWebAuthn;
2174
+ id: string;
2175
+ verified: boolean;
2176
+ userId?: string | undefined;
2177
+ registrationRpId?: string | undefined;
1699
2178
  })[] | undefined;
2179
+ signInContext?: Record<string, string> | undefined;
1700
2180
  } | undefined;
1701
2181
  } | undefined;
1702
2182
  tokenSample?: {
1703
2183
  grantId?: string | undefined;
2184
+ sid?: string | undefined;
2185
+ jti?: string | undefined;
2186
+ kind?: "AccessToken" | undefined;
2187
+ accountId?: string | undefined;
1704
2188
  scope?: string | undefined;
1705
2189
  sessionUid?: string | undefined;
1706
- accountId?: string | undefined;
1707
- jti?: string | undefined;
2190
+ clientId?: string | undefined;
1708
2191
  expiresWithSession?: boolean | undefined;
1709
2192
  gty?: string | undefined;
1710
- sid?: string | undefined;
1711
- kind?: "AccessToken" | undefined;
1712
2193
  aud?: string | string[] | undefined;
1713
- clientId?: string | undefined;
1714
2194
  } | undefined;
1715
2195
  }>;
1716
2196
  }, "strip", z.ZodTypeAny, {
@@ -1747,6 +2227,10 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1747
2227
  }> | undefined;
1748
2228
  avatar?: string | null | undefined;
1749
2229
  customData?: import("@withtyped/server").JsonObject | undefined;
2230
+ identities?: Record<string, {
2231
+ userId: string;
2232
+ details?: Record<string, import("@withtyped/server").Json> | undefined;
2233
+ }> | undefined;
1750
2234
  roles?: {
1751
2235
  name: string;
1752
2236
  id: string;
@@ -1764,15 +2248,11 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1764
2248
  id: string;
1765
2249
  description: string | null;
1766
2250
  }[] | undefined;
1767
- identities?: Record<string, {
1768
- userId: string;
1769
- details?: Record<string, import("@withtyped/server").Json> | undefined;
1770
- }> | undefined;
1771
2251
  updatedAt?: number | undefined;
2252
+ lastSignInAt?: number | null | undefined;
1772
2253
  primaryEmail?: string | null | undefined;
1773
2254
  primaryPhone?: string | null | undefined;
1774
2255
  isSuspended?: boolean | undefined;
1775
- lastSignInAt?: number | null | undefined;
1776
2256
  hasPassword?: boolean | undefined;
1777
2257
  ssoIdentities?: {
1778
2258
  issuer: string;
@@ -1786,6 +2266,56 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1786
2266
  roleName: string;
1787
2267
  }[] | undefined;
1788
2268
  };
2269
+ application?: {
2270
+ type?: import("../../index.js").ApplicationType | undefined;
2271
+ name?: string | undefined;
2272
+ id?: string | undefined;
2273
+ tenantId?: string | undefined;
2274
+ createdAt?: number | undefined;
2275
+ customData?: import("@withtyped/server").JsonObject | undefined;
2276
+ description?: string | null | undefined;
2277
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
2278
+ customClientMetadata?: {
2279
+ corsAllowedOrigins?: string[] | undefined;
2280
+ idTokenTtl?: number | undefined;
2281
+ refreshTokenTtl?: number | undefined;
2282
+ refreshTokenTtlInDays?: number | undefined;
2283
+ tenantId?: string | undefined;
2284
+ alwaysIssueRefreshToken?: boolean | undefined;
2285
+ rotateRefreshToken?: boolean | undefined;
2286
+ allowTokenExchange?: boolean | undefined;
2287
+ } | undefined;
2288
+ protectedAppMetadata?: {
2289
+ host: string;
2290
+ origin: string;
2291
+ sessionDuration: number;
2292
+ pageRules: {
2293
+ path: string;
2294
+ }[];
2295
+ customDomains?: {
2296
+ status: import("../../index.js").DomainStatus;
2297
+ domain: string;
2298
+ errorMessage: string | null;
2299
+ dnsRecords: {
2300
+ value: string;
2301
+ type: string;
2302
+ name: string;
2303
+ }[];
2304
+ cloudflareData: {
2305
+ status: string;
2306
+ id: string;
2307
+ ssl: {
2308
+ status: string;
2309
+ validation_errors?: {
2310
+ message: string;
2311
+ }[] | undefined;
2312
+ };
2313
+ verification_errors?: string[] | undefined;
2314
+ } | null;
2315
+ }[] | undefined;
2316
+ } | null | undefined;
2317
+ isThirdParty?: boolean | undefined;
2318
+ } | undefined;
1789
2319
  grant?: {
1790
2320
  type?: import("../oidc-config.js").GrantType.TokenExchange | undefined;
1791
2321
  subjectTokenContext?: Record<string, import("@withtyped/server").Json> | undefined;
@@ -1878,21 +2408,28 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1878
2408
  userId: string;
1879
2409
  verified: boolean;
1880
2410
  registrationRpId?: string | undefined;
2411
+ } | {
2412
+ type: import("../index.js").VerificationType.SignInWebAuthn;
2413
+ id: string;
2414
+ verified: boolean;
2415
+ userId?: string | undefined;
2416
+ registrationRpId?: string | undefined;
1881
2417
  })[] | undefined;
2418
+ signInContext?: Record<string, string> | undefined;
1882
2419
  } | undefined;
1883
2420
  } | undefined;
1884
2421
  tokenSample?: {
1885
2422
  grantId?: string | undefined;
2423
+ sid?: string | undefined;
2424
+ jti?: string | undefined;
2425
+ kind?: "AccessToken" | undefined;
2426
+ accountId?: string | undefined;
1886
2427
  scope?: string | undefined;
1887
2428
  sessionUid?: string | undefined;
1888
- accountId?: string | undefined;
1889
- jti?: string | undefined;
2429
+ clientId?: string | undefined;
1890
2430
  expiresWithSession?: boolean | undefined;
1891
2431
  gty?: string | undefined;
1892
- sid?: string | undefined;
1893
- kind?: "AccessToken" | undefined;
1894
2432
  aud?: string | string[] | undefined;
1895
- clientId?: string | undefined;
1896
2433
  } | undefined;
1897
2434
  };
1898
2435
  key: LogtoJwtTokenKey.AccessToken;
@@ -1930,6 +2467,10 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1930
2467
  }> | undefined;
1931
2468
  avatar?: string | null | undefined;
1932
2469
  customData?: import("@withtyped/server").JsonObject | undefined;
2470
+ identities?: Record<string, {
2471
+ userId: string;
2472
+ details?: Record<string, import("@withtyped/server").Json> | undefined;
2473
+ }> | undefined;
1933
2474
  roles?: {
1934
2475
  name: string;
1935
2476
  id: string;
@@ -1947,15 +2488,11 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1947
2488
  id: string;
1948
2489
  description: string | null;
1949
2490
  }[] | undefined;
1950
- identities?: Record<string, {
1951
- userId: string;
1952
- details?: Record<string, import("@withtyped/server").Json> | undefined;
1953
- }> | undefined;
1954
2491
  updatedAt?: number | undefined;
2492
+ lastSignInAt?: number | null | undefined;
1955
2493
  primaryEmail?: string | null | undefined;
1956
2494
  primaryPhone?: string | null | undefined;
1957
2495
  isSuspended?: boolean | undefined;
1958
- lastSignInAt?: number | null | undefined;
1959
2496
  hasPassword?: boolean | undefined;
1960
2497
  ssoIdentities?: {
1961
2498
  issuer: string;
@@ -1969,6 +2506,56 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
1969
2506
  roleName: string;
1970
2507
  }[] | undefined;
1971
2508
  };
2509
+ application?: {
2510
+ type?: import("../../index.js").ApplicationType | undefined;
2511
+ name?: string | undefined;
2512
+ id?: string | undefined;
2513
+ tenantId?: string | undefined;
2514
+ createdAt?: number | undefined;
2515
+ customData?: import("@withtyped/server").JsonObject | undefined;
2516
+ description?: string | null | undefined;
2517
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
2518
+ customClientMetadata?: {
2519
+ corsAllowedOrigins?: string[] | undefined;
2520
+ idTokenTtl?: number | undefined;
2521
+ refreshTokenTtl?: number | undefined;
2522
+ refreshTokenTtlInDays?: number | undefined;
2523
+ tenantId?: string | undefined;
2524
+ alwaysIssueRefreshToken?: boolean | undefined;
2525
+ rotateRefreshToken?: boolean | undefined;
2526
+ allowTokenExchange?: boolean | undefined;
2527
+ } | undefined;
2528
+ protectedAppMetadata?: {
2529
+ host: string;
2530
+ origin: string;
2531
+ sessionDuration: number;
2532
+ pageRules: {
2533
+ path: string;
2534
+ }[];
2535
+ customDomains?: {
2536
+ status: import("../../index.js").DomainStatus;
2537
+ domain: string;
2538
+ errorMessage: string | null;
2539
+ dnsRecords: {
2540
+ value: string;
2541
+ type: string;
2542
+ name: string;
2543
+ }[];
2544
+ cloudflareData: {
2545
+ status: string;
2546
+ id: string;
2547
+ ssl: {
2548
+ status: string;
2549
+ validation_errors?: {
2550
+ message: string;
2551
+ }[] | undefined;
2552
+ };
2553
+ verification_errors?: string[] | undefined;
2554
+ } | null;
2555
+ }[] | undefined;
2556
+ } | null | undefined;
2557
+ isThirdParty?: boolean | undefined;
2558
+ } | undefined;
1972
2559
  grant?: {
1973
2560
  type?: import("../oidc-config.js").GrantType.TokenExchange | undefined;
1974
2561
  subjectTokenContext?: Record<string, import("@withtyped/server").Json> | undefined;
@@ -2061,21 +2648,28 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
2061
2648
  userId: string;
2062
2649
  verified: boolean;
2063
2650
  registrationRpId?: string | undefined;
2651
+ } | {
2652
+ type: import("../index.js").VerificationType.SignInWebAuthn;
2653
+ id: string;
2654
+ verified: boolean;
2655
+ userId?: string | undefined;
2656
+ registrationRpId?: string | undefined;
2064
2657
  })[] | undefined;
2658
+ signInContext?: Record<string, string> | undefined;
2065
2659
  } | undefined;
2066
2660
  } | undefined;
2067
2661
  tokenSample?: {
2068
2662
  grantId?: string | undefined;
2663
+ sid?: string | undefined;
2664
+ jti?: string | undefined;
2665
+ kind?: "AccessToken" | undefined;
2666
+ accountId?: string | undefined;
2069
2667
  scope?: string | undefined;
2070
2668
  sessionUid?: string | undefined;
2071
- accountId?: string | undefined;
2072
- jti?: string | undefined;
2669
+ clientId?: string | undefined;
2073
2670
  expiresWithSession?: boolean | undefined;
2074
2671
  gty?: string | undefined;
2075
- sid?: string | undefined;
2076
- kind?: "AccessToken" | undefined;
2077
2672
  aud?: string | string[] | undefined;
2078
- clientId?: string | undefined;
2079
2673
  } | undefined;
2080
2674
  };
2081
2675
  key: LogtoJwtTokenKey.AccessToken;
@@ -2084,7 +2678,6 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
2084
2678
  value: z.ZodObject<{
2085
2679
  script: z.ZodString;
2086
2680
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
2087
- contextSample: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>>;
2088
2681
  } & {
2089
2682
  tokenSample: z.ZodOptional<z.ZodObject<{
2090
2683
  kind: z.ZodOptional<z.ZodLiteral<"ClientCredentials">>;
@@ -2093,52 +2686,494 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
2093
2686
  scope: z.ZodOptional<z.ZodOptional<z.ZodString>>;
2094
2687
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
2095
2688
  }, "strict", z.ZodTypeAny, {
2096
- scope?: string | undefined;
2097
2689
  jti?: string | undefined;
2098
2690
  kind?: "ClientCredentials" | undefined;
2099
- aud?: string | string[] | undefined;
2691
+ scope?: string | undefined;
2100
2692
  clientId?: string | undefined;
2693
+ aud?: string | string[] | undefined;
2101
2694
  }, {
2102
- scope?: string | undefined;
2103
2695
  jti?: string | undefined;
2104
2696
  kind?: "ClientCredentials" | undefined;
2105
- aud?: string | string[] | undefined;
2697
+ scope?: string | undefined;
2106
2698
  clientId?: string | undefined;
2699
+ aud?: string | string[] | undefined;
2700
+ }>>;
2701
+ contextSample: z.ZodOptional<z.ZodObject<{
2702
+ application: z.ZodOptional<z.ZodObject<{
2703
+ type: z.ZodOptional<ZodType<import("../../index.js").ApplicationType, z.ZodTypeDef, import("../../index.js").ApplicationType>>;
2704
+ name: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
2705
+ id: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
2706
+ tenantId: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
2707
+ createdAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
2708
+ customData: z.ZodOptional<ZodType<import("@withtyped/server").JsonObject, z.ZodTypeDef, import("@withtyped/server").JsonObject>>;
2709
+ description: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
2710
+ oidcClientMetadata: z.ZodOptional<ZodType<import("../../index.js").OidcClientMetadata, z.ZodTypeDef, import("../../index.js").OidcClientMetadata>>;
2711
+ customClientMetadata: z.ZodOptional<ZodType<{
2712
+ corsAllowedOrigins?: string[] | undefined;
2713
+ idTokenTtl?: number | undefined;
2714
+ refreshTokenTtl?: number | undefined;
2715
+ refreshTokenTtlInDays?: number | undefined;
2716
+ tenantId?: string | undefined;
2717
+ alwaysIssueRefreshToken?: boolean | undefined;
2718
+ rotateRefreshToken?: boolean | undefined;
2719
+ allowTokenExchange?: boolean | undefined;
2720
+ }, z.ZodTypeDef, {
2721
+ corsAllowedOrigins?: string[] | undefined;
2722
+ idTokenTtl?: number | undefined;
2723
+ refreshTokenTtl?: number | undefined;
2724
+ refreshTokenTtlInDays?: number | undefined;
2725
+ tenantId?: string | undefined;
2726
+ alwaysIssueRefreshToken?: boolean | undefined;
2727
+ rotateRefreshToken?: boolean | undefined;
2728
+ allowTokenExchange?: boolean | undefined;
2729
+ }>>;
2730
+ protectedAppMetadata: z.ZodOptional<ZodType<{
2731
+ host: string;
2732
+ origin: string;
2733
+ sessionDuration: number;
2734
+ pageRules: {
2735
+ path: string;
2736
+ }[];
2737
+ customDomains?: {
2738
+ status: import("../../index.js").DomainStatus;
2739
+ domain: string;
2740
+ errorMessage: string | null;
2741
+ dnsRecords: {
2742
+ value: string;
2743
+ type: string;
2744
+ name: string;
2745
+ }[];
2746
+ cloudflareData: {
2747
+ status: string;
2748
+ id: string;
2749
+ ssl: {
2750
+ status: string;
2751
+ validation_errors?: {
2752
+ message: string;
2753
+ }[] | undefined;
2754
+ };
2755
+ verification_errors?: string[] | undefined;
2756
+ } | null;
2757
+ }[] | undefined;
2758
+ } | null, z.ZodTypeDef, {
2759
+ host: string;
2760
+ origin: string;
2761
+ sessionDuration: number;
2762
+ pageRules: {
2763
+ path: string;
2764
+ }[];
2765
+ customDomains?: {
2766
+ status: import("../../index.js").DomainStatus;
2767
+ domain: string;
2768
+ errorMessage: string | null;
2769
+ dnsRecords: {
2770
+ value: string;
2771
+ type: string;
2772
+ name: string;
2773
+ }[];
2774
+ cloudflareData: {
2775
+ status: string;
2776
+ id: string;
2777
+ ssl: {
2778
+ status: string;
2779
+ validation_errors?: {
2780
+ message: string;
2781
+ }[] | undefined;
2782
+ };
2783
+ verification_errors?: string[] | undefined;
2784
+ } | null;
2785
+ }[] | undefined;
2786
+ } | null>>;
2787
+ isThirdParty: z.ZodOptional<ZodType<boolean, z.ZodTypeDef, boolean>>;
2788
+ }, "strip", z.ZodTypeAny, {
2789
+ type?: import("../../index.js").ApplicationType | undefined;
2790
+ name?: string | undefined;
2791
+ id?: string | undefined;
2792
+ tenantId?: string | undefined;
2793
+ createdAt?: number | undefined;
2794
+ customData?: import("@withtyped/server").JsonObject | undefined;
2795
+ description?: string | null | undefined;
2796
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
2797
+ customClientMetadata?: {
2798
+ corsAllowedOrigins?: string[] | undefined;
2799
+ idTokenTtl?: number | undefined;
2800
+ refreshTokenTtl?: number | undefined;
2801
+ refreshTokenTtlInDays?: number | undefined;
2802
+ tenantId?: string | undefined;
2803
+ alwaysIssueRefreshToken?: boolean | undefined;
2804
+ rotateRefreshToken?: boolean | undefined;
2805
+ allowTokenExchange?: boolean | undefined;
2806
+ } | undefined;
2807
+ protectedAppMetadata?: {
2808
+ host: string;
2809
+ origin: string;
2810
+ sessionDuration: number;
2811
+ pageRules: {
2812
+ path: string;
2813
+ }[];
2814
+ customDomains?: {
2815
+ status: import("../../index.js").DomainStatus;
2816
+ domain: string;
2817
+ errorMessage: string | null;
2818
+ dnsRecords: {
2819
+ value: string;
2820
+ type: string;
2821
+ name: string;
2822
+ }[];
2823
+ cloudflareData: {
2824
+ status: string;
2825
+ id: string;
2826
+ ssl: {
2827
+ status: string;
2828
+ validation_errors?: {
2829
+ message: string;
2830
+ }[] | undefined;
2831
+ };
2832
+ verification_errors?: string[] | undefined;
2833
+ } | null;
2834
+ }[] | undefined;
2835
+ } | null | undefined;
2836
+ isThirdParty?: boolean | undefined;
2837
+ }, {
2838
+ type?: import("../../index.js").ApplicationType | undefined;
2839
+ name?: string | undefined;
2840
+ id?: string | undefined;
2841
+ tenantId?: string | undefined;
2842
+ createdAt?: number | undefined;
2843
+ customData?: import("@withtyped/server").JsonObject | undefined;
2844
+ description?: string | null | undefined;
2845
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
2846
+ customClientMetadata?: {
2847
+ corsAllowedOrigins?: string[] | undefined;
2848
+ idTokenTtl?: number | undefined;
2849
+ refreshTokenTtl?: number | undefined;
2850
+ refreshTokenTtlInDays?: number | undefined;
2851
+ tenantId?: string | undefined;
2852
+ alwaysIssueRefreshToken?: boolean | undefined;
2853
+ rotateRefreshToken?: boolean | undefined;
2854
+ allowTokenExchange?: boolean | undefined;
2855
+ } | undefined;
2856
+ protectedAppMetadata?: {
2857
+ host: string;
2858
+ origin: string;
2859
+ sessionDuration: number;
2860
+ pageRules: {
2861
+ path: string;
2862
+ }[];
2863
+ customDomains?: {
2864
+ status: import("../../index.js").DomainStatus;
2865
+ domain: string;
2866
+ errorMessage: string | null;
2867
+ dnsRecords: {
2868
+ value: string;
2869
+ type: string;
2870
+ name: string;
2871
+ }[];
2872
+ cloudflareData: {
2873
+ status: string;
2874
+ id: string;
2875
+ ssl: {
2876
+ status: string;
2877
+ validation_errors?: {
2878
+ message: string;
2879
+ }[] | undefined;
2880
+ };
2881
+ verification_errors?: string[] | undefined;
2882
+ } | null;
2883
+ }[] | undefined;
2884
+ } | null | undefined;
2885
+ isThirdParty?: boolean | undefined;
2886
+ }>>;
2887
+ }, "strip", z.ZodTypeAny, {
2888
+ application?: {
2889
+ type?: import("../../index.js").ApplicationType | undefined;
2890
+ name?: string | undefined;
2891
+ id?: string | undefined;
2892
+ tenantId?: string | undefined;
2893
+ createdAt?: number | undefined;
2894
+ customData?: import("@withtyped/server").JsonObject | undefined;
2895
+ description?: string | null | undefined;
2896
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
2897
+ customClientMetadata?: {
2898
+ corsAllowedOrigins?: string[] | undefined;
2899
+ idTokenTtl?: number | undefined;
2900
+ refreshTokenTtl?: number | undefined;
2901
+ refreshTokenTtlInDays?: number | undefined;
2902
+ tenantId?: string | undefined;
2903
+ alwaysIssueRefreshToken?: boolean | undefined;
2904
+ rotateRefreshToken?: boolean | undefined;
2905
+ allowTokenExchange?: boolean | undefined;
2906
+ } | undefined;
2907
+ protectedAppMetadata?: {
2908
+ host: string;
2909
+ origin: string;
2910
+ sessionDuration: number;
2911
+ pageRules: {
2912
+ path: string;
2913
+ }[];
2914
+ customDomains?: {
2915
+ status: import("../../index.js").DomainStatus;
2916
+ domain: string;
2917
+ errorMessage: string | null;
2918
+ dnsRecords: {
2919
+ value: string;
2920
+ type: string;
2921
+ name: string;
2922
+ }[];
2923
+ cloudflareData: {
2924
+ status: string;
2925
+ id: string;
2926
+ ssl: {
2927
+ status: string;
2928
+ validation_errors?: {
2929
+ message: string;
2930
+ }[] | undefined;
2931
+ };
2932
+ verification_errors?: string[] | undefined;
2933
+ } | null;
2934
+ }[] | undefined;
2935
+ } | null | undefined;
2936
+ isThirdParty?: boolean | undefined;
2937
+ } | undefined;
2938
+ }, {
2939
+ application?: {
2940
+ type?: import("../../index.js").ApplicationType | undefined;
2941
+ name?: string | undefined;
2942
+ id?: string | undefined;
2943
+ tenantId?: string | undefined;
2944
+ createdAt?: number | undefined;
2945
+ customData?: import("@withtyped/server").JsonObject | undefined;
2946
+ description?: string | null | undefined;
2947
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
2948
+ customClientMetadata?: {
2949
+ corsAllowedOrigins?: string[] | undefined;
2950
+ idTokenTtl?: number | undefined;
2951
+ refreshTokenTtl?: number | undefined;
2952
+ refreshTokenTtlInDays?: number | undefined;
2953
+ tenantId?: string | undefined;
2954
+ alwaysIssueRefreshToken?: boolean | undefined;
2955
+ rotateRefreshToken?: boolean | undefined;
2956
+ allowTokenExchange?: boolean | undefined;
2957
+ } | undefined;
2958
+ protectedAppMetadata?: {
2959
+ host: string;
2960
+ origin: string;
2961
+ sessionDuration: number;
2962
+ pageRules: {
2963
+ path: string;
2964
+ }[];
2965
+ customDomains?: {
2966
+ status: import("../../index.js").DomainStatus;
2967
+ domain: string;
2968
+ errorMessage: string | null;
2969
+ dnsRecords: {
2970
+ value: string;
2971
+ type: string;
2972
+ name: string;
2973
+ }[];
2974
+ cloudflareData: {
2975
+ status: string;
2976
+ id: string;
2977
+ ssl: {
2978
+ status: string;
2979
+ validation_errors?: {
2980
+ message: string;
2981
+ }[] | undefined;
2982
+ };
2983
+ verification_errors?: string[] | undefined;
2984
+ } | null;
2985
+ }[] | undefined;
2986
+ } | null | undefined;
2987
+ isThirdParty?: boolean | undefined;
2988
+ } | undefined;
2107
2989
  }>>;
2108
2990
  }, "strict", z.ZodTypeAny, {
2109
2991
  script: string;
2110
2992
  environmentVariables?: Record<string, string> | undefined;
2111
- contextSample?: Record<string, import("@withtyped/server").Json> | undefined;
2993
+ contextSample?: {
2994
+ application?: {
2995
+ type?: import("../../index.js").ApplicationType | undefined;
2996
+ name?: string | undefined;
2997
+ id?: string | undefined;
2998
+ tenantId?: string | undefined;
2999
+ createdAt?: number | undefined;
3000
+ customData?: import("@withtyped/server").JsonObject | undefined;
3001
+ description?: string | null | undefined;
3002
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
3003
+ customClientMetadata?: {
3004
+ corsAllowedOrigins?: string[] | undefined;
3005
+ idTokenTtl?: number | undefined;
3006
+ refreshTokenTtl?: number | undefined;
3007
+ refreshTokenTtlInDays?: number | undefined;
3008
+ tenantId?: string | undefined;
3009
+ alwaysIssueRefreshToken?: boolean | undefined;
3010
+ rotateRefreshToken?: boolean | undefined;
3011
+ allowTokenExchange?: boolean | undefined;
3012
+ } | undefined;
3013
+ protectedAppMetadata?: {
3014
+ host: string;
3015
+ origin: string;
3016
+ sessionDuration: number;
3017
+ pageRules: {
3018
+ path: string;
3019
+ }[];
3020
+ customDomains?: {
3021
+ status: import("../../index.js").DomainStatus;
3022
+ domain: string;
3023
+ errorMessage: string | null;
3024
+ dnsRecords: {
3025
+ value: string;
3026
+ type: string;
3027
+ name: string;
3028
+ }[];
3029
+ cloudflareData: {
3030
+ status: string;
3031
+ id: string;
3032
+ ssl: {
3033
+ status: string;
3034
+ validation_errors?: {
3035
+ message: string;
3036
+ }[] | undefined;
3037
+ };
3038
+ verification_errors?: string[] | undefined;
3039
+ } | null;
3040
+ }[] | undefined;
3041
+ } | null | undefined;
3042
+ isThirdParty?: boolean | undefined;
3043
+ } | undefined;
3044
+ } | undefined;
2112
3045
  tokenSample?: {
2113
- scope?: string | undefined;
2114
3046
  jti?: string | undefined;
2115
3047
  kind?: "ClientCredentials" | undefined;
2116
- aud?: string | string[] | undefined;
3048
+ scope?: string | undefined;
2117
3049
  clientId?: string | undefined;
3050
+ aud?: string | string[] | undefined;
2118
3051
  } | undefined;
2119
3052
  }, {
2120
3053
  script: string;
2121
3054
  environmentVariables?: Record<string, string> | undefined;
2122
- contextSample?: Record<string, import("@withtyped/server").Json> | undefined;
3055
+ contextSample?: {
3056
+ application?: {
3057
+ type?: import("../../index.js").ApplicationType | undefined;
3058
+ name?: string | undefined;
3059
+ id?: string | undefined;
3060
+ tenantId?: string | undefined;
3061
+ createdAt?: number | undefined;
3062
+ customData?: import("@withtyped/server").JsonObject | undefined;
3063
+ description?: string | null | undefined;
3064
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
3065
+ customClientMetadata?: {
3066
+ corsAllowedOrigins?: string[] | undefined;
3067
+ idTokenTtl?: number | undefined;
3068
+ refreshTokenTtl?: number | undefined;
3069
+ refreshTokenTtlInDays?: number | undefined;
3070
+ tenantId?: string | undefined;
3071
+ alwaysIssueRefreshToken?: boolean | undefined;
3072
+ rotateRefreshToken?: boolean | undefined;
3073
+ allowTokenExchange?: boolean | undefined;
3074
+ } | undefined;
3075
+ protectedAppMetadata?: {
3076
+ host: string;
3077
+ origin: string;
3078
+ sessionDuration: number;
3079
+ pageRules: {
3080
+ path: string;
3081
+ }[];
3082
+ customDomains?: {
3083
+ status: import("../../index.js").DomainStatus;
3084
+ domain: string;
3085
+ errorMessage: string | null;
3086
+ dnsRecords: {
3087
+ value: string;
3088
+ type: string;
3089
+ name: string;
3090
+ }[];
3091
+ cloudflareData: {
3092
+ status: string;
3093
+ id: string;
3094
+ ssl: {
3095
+ status: string;
3096
+ validation_errors?: {
3097
+ message: string;
3098
+ }[] | undefined;
3099
+ };
3100
+ verification_errors?: string[] | undefined;
3101
+ } | null;
3102
+ }[] | undefined;
3103
+ } | null | undefined;
3104
+ isThirdParty?: boolean | undefined;
3105
+ } | undefined;
3106
+ } | undefined;
2123
3107
  tokenSample?: {
2124
- scope?: string | undefined;
2125
3108
  jti?: string | undefined;
2126
3109
  kind?: "ClientCredentials" | undefined;
2127
- aud?: string | string[] | undefined;
3110
+ scope?: string | undefined;
2128
3111
  clientId?: string | undefined;
3112
+ aud?: string | string[] | undefined;
2129
3113
  } | undefined;
2130
3114
  }>;
2131
3115
  }, "strip", z.ZodTypeAny, {
2132
3116
  value: {
2133
3117
  script: string;
2134
3118
  environmentVariables?: Record<string, string> | undefined;
2135
- contextSample?: Record<string, import("@withtyped/server").Json> | undefined;
3119
+ contextSample?: {
3120
+ application?: {
3121
+ type?: import("../../index.js").ApplicationType | undefined;
3122
+ name?: string | undefined;
3123
+ id?: string | undefined;
3124
+ tenantId?: string | undefined;
3125
+ createdAt?: number | undefined;
3126
+ customData?: import("@withtyped/server").JsonObject | undefined;
3127
+ description?: string | null | undefined;
3128
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
3129
+ customClientMetadata?: {
3130
+ corsAllowedOrigins?: string[] | undefined;
3131
+ idTokenTtl?: number | undefined;
3132
+ refreshTokenTtl?: number | undefined;
3133
+ refreshTokenTtlInDays?: number | undefined;
3134
+ tenantId?: string | undefined;
3135
+ alwaysIssueRefreshToken?: boolean | undefined;
3136
+ rotateRefreshToken?: boolean | undefined;
3137
+ allowTokenExchange?: boolean | undefined;
3138
+ } | undefined;
3139
+ protectedAppMetadata?: {
3140
+ host: string;
3141
+ origin: string;
3142
+ sessionDuration: number;
3143
+ pageRules: {
3144
+ path: string;
3145
+ }[];
3146
+ customDomains?: {
3147
+ status: import("../../index.js").DomainStatus;
3148
+ domain: string;
3149
+ errorMessage: string | null;
3150
+ dnsRecords: {
3151
+ value: string;
3152
+ type: string;
3153
+ name: string;
3154
+ }[];
3155
+ cloudflareData: {
3156
+ status: string;
3157
+ id: string;
3158
+ ssl: {
3159
+ status: string;
3160
+ validation_errors?: {
3161
+ message: string;
3162
+ }[] | undefined;
3163
+ };
3164
+ verification_errors?: string[] | undefined;
3165
+ } | null;
3166
+ }[] | undefined;
3167
+ } | null | undefined;
3168
+ isThirdParty?: boolean | undefined;
3169
+ } | undefined;
3170
+ } | undefined;
2136
3171
  tokenSample?: {
2137
- scope?: string | undefined;
2138
3172
  jti?: string | undefined;
2139
3173
  kind?: "ClientCredentials" | undefined;
2140
- aud?: string | string[] | undefined;
3174
+ scope?: string | undefined;
2141
3175
  clientId?: string | undefined;
3176
+ aud?: string | string[] | undefined;
2142
3177
  } | undefined;
2143
3178
  };
2144
3179
  key: LogtoJwtTokenKey.ClientCredentials;
@@ -2146,13 +3181,64 @@ export declare const jwtCustomizerConfigsGuard: z.ZodDiscriminatedUnion<"key", [
2146
3181
  value: {
2147
3182
  script: string;
2148
3183
  environmentVariables?: Record<string, string> | undefined;
2149
- contextSample?: Record<string, import("@withtyped/server").Json> | undefined;
3184
+ contextSample?: {
3185
+ application?: {
3186
+ type?: import("../../index.js").ApplicationType | undefined;
3187
+ name?: string | undefined;
3188
+ id?: string | undefined;
3189
+ tenantId?: string | undefined;
3190
+ createdAt?: number | undefined;
3191
+ customData?: import("@withtyped/server").JsonObject | undefined;
3192
+ description?: string | null | undefined;
3193
+ oidcClientMetadata?: import("../../index.js").OidcClientMetadata | undefined;
3194
+ customClientMetadata?: {
3195
+ corsAllowedOrigins?: string[] | undefined;
3196
+ idTokenTtl?: number | undefined;
3197
+ refreshTokenTtl?: number | undefined;
3198
+ refreshTokenTtlInDays?: number | undefined;
3199
+ tenantId?: string | undefined;
3200
+ alwaysIssueRefreshToken?: boolean | undefined;
3201
+ rotateRefreshToken?: boolean | undefined;
3202
+ allowTokenExchange?: boolean | undefined;
3203
+ } | undefined;
3204
+ protectedAppMetadata?: {
3205
+ host: string;
3206
+ origin: string;
3207
+ sessionDuration: number;
3208
+ pageRules: {
3209
+ path: string;
3210
+ }[];
3211
+ customDomains?: {
3212
+ status: import("../../index.js").DomainStatus;
3213
+ domain: string;
3214
+ errorMessage: string | null;
3215
+ dnsRecords: {
3216
+ value: string;
3217
+ type: string;
3218
+ name: string;
3219
+ }[];
3220
+ cloudflareData: {
3221
+ status: string;
3222
+ id: string;
3223
+ ssl: {
3224
+ status: string;
3225
+ validation_errors?: {
3226
+ message: string;
3227
+ }[] | undefined;
3228
+ };
3229
+ verification_errors?: string[] | undefined;
3230
+ } | null;
3231
+ }[] | undefined;
3232
+ } | null | undefined;
3233
+ isThirdParty?: boolean | undefined;
3234
+ } | undefined;
3235
+ } | undefined;
2150
3236
  tokenSample?: {
2151
- scope?: string | undefined;
2152
3237
  jti?: string | undefined;
2153
3238
  kind?: "ClientCredentials" | undefined;
2154
- aud?: string | string[] | undefined;
3239
+ scope?: string | undefined;
2155
3240
  clientId?: string | undefined;
3241
+ aud?: string | string[] | undefined;
2156
3242
  } | undefined;
2157
3243
  };
2158
3244
  key: LogtoJwtTokenKey.ClientCredentials;
@@ -2238,11 +3324,23 @@ export declare const cloudConnectionDataGuard: z.ZodObject<{
2238
3324
  appSecret: string;
2239
3325
  }>;
2240
3326
  export type CloudConnectionData = z.infer<typeof cloudConnectionDataGuard>;
3327
+ export declare const extendedIdTokenClaimsGuard: z.ZodEnum<["custom_data", "identities", "sso_identities", "roles", "organizations", "organization_data", "organization_roles"]>;
3328
+ export type ExtendedIdTokenClaim = (typeof extendedIdTokenClaims)[number];
3329
+ export declare const idTokenConfigGuard: z.ZodObject<{
3330
+ enabledExtendedClaims: z.ZodOptional<z.ZodArray<z.ZodEnum<["custom_data", "identities", "sso_identities", "roles", "organizations", "organization_data", "organization_roles"]>, "many">>;
3331
+ }, "strip", z.ZodTypeAny, {
3332
+ enabledExtendedClaims?: ("custom_data" | "identities" | "sso_identities" | "roles" | "organizations" | "organization_data" | "organization_roles")[] | undefined;
3333
+ }, {
3334
+ enabledExtendedClaims?: ("custom_data" | "identities" | "sso_identities" | "roles" | "organizations" | "organization_data" | "organization_roles")[] | undefined;
3335
+ }>;
3336
+ export type IdTokenConfig = z.infer<typeof idTokenConfigGuard>;
2241
3337
  export declare enum LogtoTenantConfigKey {
2242
3338
  AdminConsole = "adminConsole",
2243
3339
  CloudConnection = "cloudConnection",
2244
3340
  /** The URL to redirect when session not found in Sign-in Experience. */
2245
- SessionNotFoundRedirectUrl = "sessionNotFoundRedirectUrl"
3341
+ SessionNotFoundRedirectUrl = "sessionNotFoundRedirectUrl",
3342
+ /** ID token configuration for extended claims. */
3343
+ IdToken = "idToken"
2246
3344
  }
2247
3345
  export type LogtoTenantConfigType = {
2248
3346
  [LogtoTenantConfigKey.AdminConsole]: AdminConsoleData;
@@ -2250,6 +3348,7 @@ export type LogtoTenantConfigType = {
2250
3348
  [LogtoTenantConfigKey.SessionNotFoundRedirectUrl]: {
2251
3349
  url: string;
2252
3350
  };
3351
+ [LogtoTenantConfigKey.IdToken]: IdTokenConfig;
2253
3352
  };
2254
3353
  export declare const logtoTenantConfigGuard: Readonly<{
2255
3354
  [key in LogtoTenantConfigKey]: ZodType<LogtoTenantConfigType[key]>;