@logto/schemas 1.37.1 → 1.39.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (73) hide show
  1. package/alterations/1.38.0-1772615848-add-oidc-model-instances-grant-id-partial-index.ts +26 -0
  2. package/alterations/1.38.0-1772619963-tune-oidc-model-instances-autovacuum.ts +28 -0
  3. package/alterations/1.38.0-1772621060-add-oidc-model-instances-grant-account-id-index.ts +26 -0
  4. package/alterations/1.39.0-1774752400-add-delete-account-url.ts +20 -0
  5. package/alterations/1.39.0-1774770686-add-account-center-custom-css.ts +20 -0
  6. package/alterations/1.39.0-1776502301-add-sign-up-profile-fields.ts +20 -0
  7. package/alterations-js/1.38.0-1772615848-add-oidc-model-instances-grant-id-partial-index.js +22 -0
  8. package/alterations-js/1.38.0-1772619963-tune-oidc-model-instances-autovacuum.js +24 -0
  9. package/alterations-js/1.38.0-1772621060-add-oidc-model-instances-grant-account-id-index.js +22 -0
  10. package/alterations-js/1.39.0-1774752400-add-delete-account-url.js +16 -0
  11. package/alterations-js/1.39.0-1774770686-add-account-center-custom-css.js +16 -0
  12. package/alterations-js/1.39.0-1776502301-add-sign-up-profile-fields.js +16 -0
  13. package/lib/consts/cookie.d.ts +1 -0
  14. package/lib/consts/cookie.js +1 -0
  15. package/lib/consts/experience.d.ts +1 -0
  16. package/lib/consts/experience.js +1 -0
  17. package/lib/consts/oidc.d.ts +3 -0
  18. package/lib/consts/oidc.js +3 -0
  19. package/lib/consts/system.d.ts +4 -0
  20. package/lib/consts/system.js +4 -0
  21. package/lib/db-entries/account-center.d.ts +9 -1
  22. package/lib/db-entries/account-center.js +8 -0
  23. package/lib/db-entries/sign-in-experience.d.ts +6 -2
  24. package/lib/db-entries/sign-in-experience.js +5 -1
  25. package/lib/foundations/jsonb-types/account-centers.d.ts +1 -0
  26. package/lib/foundations/jsonb-types/account-centers.js +8 -0
  27. package/lib/foundations/jsonb-types/oidc-module.d.ts +26 -7
  28. package/lib/foundations/jsonb-types/oidc-module.js +16 -1
  29. package/lib/foundations/jsonb-types/sign-in-experience.d.ts +36 -6
  30. package/lib/foundations/jsonb-types/sign-in-experience.js +10 -2
  31. package/lib/seeds/application.d.ts +3 -1
  32. package/lib/seeds/application.js +26 -1
  33. package/lib/types/alteration.d.ts +5 -0
  34. package/lib/types/application.d.ts +14 -2
  35. package/lib/types/connector.d.ts +8 -0
  36. package/lib/types/consent.d.ts +11 -3
  37. package/lib/types/consent.js +2 -1
  38. package/lib/types/custom-profile-fields.d.ts +7 -13
  39. package/lib/types/custom-profile-fields.js +6 -13
  40. package/lib/types/log/interaction.d.ts +4 -2
  41. package/lib/types/log/interaction.js +2 -0
  42. package/lib/types/log/token.d.ts +5 -3
  43. package/lib/types/log/token.js +2 -0
  44. package/lib/types/logto-config/index.d.ts +331 -15
  45. package/lib/types/logto-config/index.js +28 -4
  46. package/lib/types/logto-config/index.test.d.ts +1 -0
  47. package/lib/types/logto-config/index.test.js +29 -0
  48. package/lib/types/logto-config/jwt-customizer.d.ts +787 -253
  49. package/lib/types/logto-config/jwt-customizer.js +8 -3
  50. package/lib/types/logto-config/jwt-customizer.test.js +14 -2
  51. package/lib/types/oidc-config.d.ts +2 -1
  52. package/lib/types/oidc-config.js +1 -0
  53. package/lib/types/onboarding.d.ts +93 -1
  54. package/lib/types/onboarding.js +22 -1
  55. package/lib/types/sign-in-experience.d.ts +15 -4
  56. package/lib/types/user-logto-config.d.ts +49 -0
  57. package/lib/types/user-logto-config.js +19 -0
  58. package/lib/types/user-sessions.d.ts +712 -112
  59. package/lib/types/user-sessions.js +33 -2
  60. package/lib/types/verification-records/verification-type.d.ts +1 -1
  61. package/lib/types/verification-records/verification-type.js +1 -1
  62. package/lib/types/verification-records/web-authn-verification.d.ts +11 -11
  63. package/lib/types/verification-records/web-authn-verification.js +3 -3
  64. package/lib/utils/index.d.ts +1 -0
  65. package/lib/utils/index.js +1 -0
  66. package/lib/utils/oidc-private-key.d.ts +88 -0
  67. package/lib/utils/oidc-private-key.js +163 -0
  68. package/lib/utils/oidc-private-key.test.d.ts +1 -0
  69. package/lib/utils/oidc-private-key.test.js +128 -0
  70. package/package.json +9 -8
  71. package/tables/account_centers.sql +4 -0
  72. package/tables/oidc_model_instances.sql +16 -0
  73. package/tables/sign_in_experiences.sql +2 -0
package/lib/foundations/jsonb-types/sign-in-experience.d.ts CHANGED
@@ -51,13 +51,13 @@ export declare const brandingGuard: z.ZodObject<{
51
51
  export type Branding = z.infer<typeof brandingGuard>;
52
52
  export declare const languageInfoGuard: z.ZodObject<{
53
53
  autoDetect: z.ZodBoolean;
54
- fallbackLanguage: z.ZodType<"af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR", z.ZodTypeDef, "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR">;
54
+ fallbackLanguage: z.ZodType<"af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR", z.ZodTypeDef, "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR">;
55
55
  }, "strip", z.ZodTypeAny, {
56
56
  autoDetect: boolean;
57
- fallbackLanguage: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR";
57
+ fallbackLanguage: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR";
58
58
  }, {
59
59
  autoDetect: boolean;
60
- fallbackLanguage: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR";
60
+ fallbackLanguage: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR";
61
61
  }>;
62
62
  export type LanguageInfo = z.infer<typeof languageInfoGuard>;
63
63
  export declare enum SignInIdentifier {
@@ -237,12 +237,16 @@ export declare enum MfaPolicy {
237
237
  UserControlled = "UserControlled",
238
238
  /** MFA is required for all users */
239
239
  Mandatory = "Mandatory",
240
- /** Ask users to set up MFA on their sign-in after registration (skippable, one-time prompt) */
240
+ /** Ask users to set up MFA on their sign-in after registration (skippable, one-time prompt, Optional MFA only) */
241
241
  PromptOnlyAtSignIn = "PromptOnlyAtSignIn",
242
- /** Ask users to set up MFA during registration (skippable, one-time prompt) */
242
+ /** Ask users to set up MFA during registration (skippable, one-time prompt, Optional MFA only) */
243
243
  PromptAtSignInAndSignUp = "PromptAtSignInAndSignUp",
244
244
  /** Do not ask users to set up MFA */
245
- NoPrompt = "NoPrompt"
245
+ NoPrompt = "NoPrompt",
246
+ /** Ask users to set up MFA during registration or at next sign-in (no-skip, Adaptive MFA only) */
247
+ PromptAtSignInAndSignUpMandatory = "PromptAtSignInAndSignUpMandatory",
248
+ /** Ask users to set up MFA at next sign-in after registration (no-skip, Adaptive MFA only) */
249
+ PromptOnlyAtSignInMandatory = "PromptOnlyAtSignInMandatory"
246
250
  }
247
251
  export declare enum OrganizationRequiredMfaPolicy {
248
252
  /** Do not ask users to set up MFA */
@@ -411,4 +415,30 @@ export declare const passkeySignInGuard: z.ZodObject<{
411
415
  showPasskeyButton?: boolean | undefined;
412
416
  allowAutofill?: boolean | undefined;
413
417
  }>;
418
+ /**
419
+ * Configuration for which custom profile fields are shown on the sign-up page and in which order.
420
+ *
421
+ * The list is a pure projection over the catalog in `custom_profile_fields` — each entry references
422
+ * an existing field by name. Fields in the catalog but not in this list are not collected during
423
+ * sign-up. This enables reusing the same catalog for other surfaces (e.g. account center) without
424
+ * affecting sign-up.
425
+ */
426
+ export type SignUpProfileFieldItem = {
427
+ name: string;
428
+ };
429
+ export declare const signUpProfileFieldItemGuard: z.ZodObject<{
430
+ name: z.ZodString;
431
+ }, "strip", z.ZodTypeAny, {
432
+ name: string;
433
+ }, {
434
+ name: string;
435
+ }>;
436
+ export declare const signUpProfileFieldsGuard: z.ZodArray<z.ZodObject<{
437
+ name: z.ZodString;
438
+ }, "strip", z.ZodTypeAny, {
439
+ name: string;
440
+ }, {
441
+ name: string;
442
+ }>, "many">;
443
+ export type SignUpProfileFields = z.infer<typeof signUpProfileFieldsGuard>;
414
444
  export {};
package/lib/foundations/jsonb-types/sign-in-experience.js CHANGED
@@ -83,12 +83,16 @@ export var MfaPolicy;
83
83
  MfaPolicy["UserControlled"] = "UserControlled";
84
84
  /** MFA is required for all users */
85
85
  MfaPolicy["Mandatory"] = "Mandatory";
86
- /** Ask users to set up MFA on their sign-in after registration (skippable, one-time prompt) */
86
+ /** Ask users to set up MFA on their sign-in after registration (skippable, one-time prompt, Optional MFA only) */
87
87
  MfaPolicy["PromptOnlyAtSignIn"] = "PromptOnlyAtSignIn";
88
- /** Ask users to set up MFA during registration (skippable, one-time prompt) */
88
+ /** Ask users to set up MFA during registration (skippable, one-time prompt, Optional MFA only) */
89
89
  MfaPolicy["PromptAtSignInAndSignUp"] = "PromptAtSignInAndSignUp";
90
90
  /** Do not ask users to set up MFA */
91
91
  MfaPolicy["NoPrompt"] = "NoPrompt";
92
+ /** Ask users to set up MFA during registration or at next sign-in (no-skip, Adaptive MFA only) */
93
+ MfaPolicy["PromptAtSignInAndSignUpMandatory"] = "PromptAtSignInAndSignUpMandatory";
94
+ /** Ask users to set up MFA at next sign-in after registration (no-skip, Adaptive MFA only) */
95
+ MfaPolicy["PromptOnlyAtSignInMandatory"] = "PromptOnlyAtSignInMandatory";
92
96
  })(MfaPolicy || (MfaPolicy = {}));
93
97
  export var OrganizationRequiredMfaPolicy;
94
98
  (function (OrganizationRequiredMfaPolicy) {
@@ -134,3 +138,7 @@ export const passkeySignInGuard = z
134
138
  allowAutofill: z.boolean(),
135
139
  })
136
140
  .partial();
141
+ export const signUpProfileFieldItemGuard = z.object({
142
+ name: z.string(),
143
+ });
144
+ export const signUpProfileFieldsGuard = z.array(signUpProfileFieldItemGuard);
package/lib/seeds/application.d.ts CHANGED
@@ -7,9 +7,11 @@ import type { Application, CreateApplication, CreateApplicationsRole } from '../
7
7
  export declare const adminConsoleApplicationId = "admin-console";
8
8
  export declare const demoAppApplicationId = "demo-app";
9
9
  export declare const accountCenterApplicationId = "account-center";
10
+ export declare const deviceDemoAppApplicationId = "device-demo-app";
10
11
  export declare const buildDemoAppDataForTenant: (tenantId: string) => Application;
11
12
  export declare const buildAccountCenterAppDataForTenant: (tenantId: string) => Application;
12
- export type BuiltInApplicationId = typeof demoAppApplicationId | typeof accountCenterApplicationId;
13
+ export declare const buildDeviceDemoAppDataForTenant: (tenantId: string) => Application;
14
+ export type BuiltInApplicationId = typeof demoAppApplicationId | typeof accountCenterApplicationId | typeof deviceDemoAppApplicationId;
13
15
  export declare const isBuiltInApplicationId: (applicationId: string) => applicationId is BuiltInApplicationId;
14
16
  export declare const isBuiltInClientId: (applicationId: string) => applicationId is BuiltInApplicationId;
15
17
  export declare const buildBuiltInApplicationDataForTenant: (tenantId: string, applicationId: BuiltInApplicationId) => Application;
package/lib/seeds/application.js CHANGED
@@ -9,6 +9,7 @@ import { adminTenantId } from './tenant.js';
9
9
  export const adminConsoleApplicationId = 'admin-console';
10
10
  export const demoAppApplicationId = 'demo-app';
11
11
  export const accountCenterApplicationId = 'account-center';
12
+ export const deviceDemoAppApplicationId = 'device-demo-app';
12
13
  const buildSpaApplicationData = (tenantId, { id, name, description, }) => ({
13
14
  tenantId,
14
15
  id,
@@ -33,12 +34,36 @@ export const buildAccountCenterAppDataForTenant = (tenantId) => buildSpaApplicat
33
34
  name: 'Account Center',
34
35
  description: 'Placeholder application for Account Center.',
35
36
  });
36
- export const isBuiltInApplicationId = (applicationId) => applicationId === demoAppApplicationId || applicationId === accountCenterApplicationId;
37
+ const buildNativeApplicationData = (tenantId, { id, name, description, }) => ({
38
+ tenantId,
39
+ id,
40
+ name,
41
+ secret: 'N/A',
42
+ description,
43
+ type: ApplicationType.Native,
44
+ oidcClientMetadata: { redirectUris: [], postLogoutRedirectUris: [] },
45
+ customClientMetadata: { isDeviceFlow: true },
46
+ protectedAppMetadata: null,
47
+ isThirdParty: false,
48
+ createdAt: 0,
49
+ customData: {},
50
+ });
51
+ export const buildDeviceDemoAppDataForTenant = (tenantId) => buildNativeApplicationData(tenantId, {
52
+ id: deviceDemoAppApplicationId,
53
+ name: 'Device Flow Preview',
54
+ description: 'Preview for Device Authorization Flow.',
55
+ });
56
+ export const isBuiltInApplicationId = (applicationId) => applicationId === demoAppApplicationId ||
57
+ applicationId === accountCenterApplicationId ||
58
+ applicationId === deviceDemoAppApplicationId;
37
59
  export const isBuiltInClientId = isBuiltInApplicationId;
38
60
  export const buildBuiltInApplicationDataForTenant = (tenantId, applicationId) => {
39
61
  if (applicationId === demoAppApplicationId) {
40
62
  return buildDemoAppDataForTenant(tenantId);
41
63
  }
64
+ if (applicationId === deviceDemoAppApplicationId) {
65
+ return buildDeviceDemoAppDataForTenant(tenantId);
66
+ }
42
67
  return buildAccountCenterAppDataForTenant(tenantId);
43
68
  };
44
69
  export const createDefaultAdminConsoleApplication = () => Object.freeze({
package/lib/types/alteration.d.ts CHANGED
@@ -1,4 +1,9 @@
1
1
  import type { CommonQueryMethods, DatabaseTransactionConnection } from '@silverhand/slonik';
2
+ /**
3
+ * IMPORTANT: Logto Cloud has a parallel `AlterationScript` type in `@logto/cloud-alterations`
4
+ * (logto-cloud repo: `packages/cloud-alterations/src/types.ts`).
5
+ * Any changes to this type must be synchronized with the Cloud type definition.
6
+ */
2
7
  export type AlterationScript = {
3
8
  /**
4
9
  * Optional hook that runs before `up` outside of a transaction.
package/lib/types/application.d.ts CHANGED
@@ -27,6 +27,8 @@ export declare const featuredApplicationGuard: z.ZodObject<Pick<{
27
27
  alwaysIssueRefreshToken?: boolean | undefined;
28
28
  rotateRefreshToken?: boolean | undefined;
29
29
  allowTokenExchange?: boolean | undefined;
30
+ isDeviceFlow?: boolean | undefined;
31
+ maxAllowedGrants?: number | undefined;
30
32
  }, z.ZodTypeDef, {
31
33
  corsAllowedOrigins?: string[] | undefined;
32
34
  idTokenTtl?: number | undefined;
@@ -36,6 +38,8 @@ export declare const featuredApplicationGuard: z.ZodObject<Pick<{
36
38
  alwaysIssueRefreshToken?: boolean | undefined;
37
39
  rotateRefreshToken?: boolean | undefined;
38
40
  allowTokenExchange?: boolean | undefined;
41
+ isDeviceFlow?: boolean | undefined;
42
+ maxAllowedGrants?: number | undefined;
39
43
  }>;
40
44
  protectedAppMetadata: z.ZodType<{
41
45
  host: string;
@@ -119,6 +123,8 @@ export declare const applicationCreateGuard: z.ZodObject<{
119
123
  alwaysIssueRefreshToken?: boolean | undefined;
120
124
  rotateRefreshToken?: boolean | undefined;
121
125
  allowTokenExchange?: boolean | undefined;
126
+ isDeviceFlow?: boolean | undefined;
127
+ maxAllowedGrants?: number | undefined;
122
128
  }, z.ZodTypeDef, {
123
129
  corsAllowedOrigins?: string[] | undefined;
124
130
  idTokenTtl?: number | undefined;
@@ -128,6 +134,8 @@ export declare const applicationCreateGuard: z.ZodObject<{
128
134
  alwaysIssueRefreshToken?: boolean | undefined;
129
135
  rotateRefreshToken?: boolean | undefined;
130
136
  allowTokenExchange?: boolean | undefined;
137
+ isDeviceFlow?: boolean | undefined;
138
+ maxAllowedGrants?: number | undefined;
131
139
  }>>>;
132
140
  protectedAppMetadata: z.ZodOptional<z.ZodOptional<z.ZodType<{
133
141
  host: string;
@@ -222,6 +230,8 @@ export declare const applicationPatchGuard: z.ZodObject<Omit<{
222
230
  alwaysIssueRefreshToken?: boolean | undefined;
223
231
  rotateRefreshToken?: boolean | undefined;
224
232
  allowTokenExchange?: boolean | undefined;
233
+ isDeviceFlow?: boolean | undefined;
234
+ maxAllowedGrants?: number | undefined;
225
235
  }, z.ZodTypeDef, {
226
236
  corsAllowedOrigins?: string[] | undefined;
227
237
  idTokenTtl?: number | undefined;
@@ -231,6 +241,8 @@ export declare const applicationPatchGuard: z.ZodObject<Omit<{
231
241
  alwaysIssueRefreshToken?: boolean | undefined;
232
242
  rotateRefreshToken?: boolean | undefined;
233
243
  allowTokenExchange?: boolean | undefined;
244
+ isDeviceFlow?: boolean | undefined;
245
+ maxAllowedGrants?: number | undefined;
234
246
  }>>>>;
235
247
  protectedAppMetadata: z.ZodOptional<z.ZodOptional<z.ZodOptional<z.ZodType<{
236
248
  host: string;
@@ -537,16 +549,16 @@ export declare const applicationSignInExperienceCreateGuard: z.ZodObject<Omit<{
537
549
  privacyPolicyUrl: z.ZodUnion<[z.ZodNullable<z.ZodOptional<z.ZodString>>, z.ZodLiteral<"">]>;
538
550
  }, "strip", z.ZodTypeAny, {
539
551
  displayName?: string | null;
552
+ customCss?: string | null;
540
553
  color?: import("../index.js").PartialColor;
541
554
  branding?: import("../index.js").Branding;
542
- customCss?: string | null;
543
555
  termsOfUseUrl?: string | null | undefined;
544
556
  privacyPolicyUrl?: string | null | undefined;
545
557
  }, {
546
558
  displayName?: string | null;
559
+ customCss?: string | null;
547
560
  color?: import("../index.js").PartialColor;
548
561
  branding?: import("../index.js").Branding;
549
- customCss?: string | null;
550
562
  termsOfUseUrl?: string | null | undefined;
551
563
  privacyPolicyUrl?: string | null | undefined;
552
564
  }>;
package/lib/types/connector.d.ts CHANGED
@@ -241,6 +241,7 @@ export declare const connectorResponseGuard: z.ZodObject<{
241
241
  "ca-ES"?: string | undefined;
242
242
  "cb-IQ"?: string | undefined;
243
243
  "co-FR"?: string | undefined;
244
+ cs?: string | undefined;
244
245
  "cs-CZ"?: string | undefined;
245
246
  "cx-PH"?: string | undefined;
246
247
  "cy-GB"?: string | undefined;
@@ -374,6 +375,7 @@ export declare const connectorResponseGuard: z.ZodObject<{
374
375
  "ca-ES"?: string | undefined;
375
376
  "cb-IQ"?: string | undefined;
376
377
  "co-FR"?: string | undefined;
378
+ cs?: string | undefined;
377
379
  "cs-CZ"?: string | undefined;
378
380
  "cx-PH"?: string | undefined;
379
381
  "cy-GB"?: string | undefined;
@@ -577,6 +579,7 @@ export declare const connectorResponseGuard: z.ZodObject<{
577
579
  "ca-ES"?: string | undefined;
578
580
  "cb-IQ"?: string | undefined;
579
581
  "co-FR"?: string | undefined;
582
+ cs?: string | undefined;
580
583
  "cs-CZ"?: string | undefined;
581
584
  "cx-PH"?: string | undefined;
582
585
  "cy-GB"?: string | undefined;
@@ -710,6 +713,7 @@ export declare const connectorResponseGuard: z.ZodObject<{
710
713
  "ca-ES"?: string | undefined;
711
714
  "cb-IQ"?: string | undefined;
712
715
  "co-FR"?: string | undefined;
716
+ cs?: string | undefined;
713
717
  "cs-CZ"?: string | undefined;
714
718
  "cx-PH"?: string | undefined;
715
719
  "cy-GB"?: string | undefined;
@@ -1118,6 +1122,7 @@ export declare const connectorFactoryResponseGuard: z.ZodObject<{
1118
1122
  "ca-ES"?: string | undefined;
1119
1123
  "cb-IQ"?: string | undefined;
1120
1124
  "co-FR"?: string | undefined;
1125
+ cs?: string | undefined;
1121
1126
  "cs-CZ"?: string | undefined;
1122
1127
  "cx-PH"?: string | undefined;
1123
1128
  "cy-GB"?: string | undefined;
@@ -1251,6 +1256,7 @@ export declare const connectorFactoryResponseGuard: z.ZodObject<{
1251
1256
  "ca-ES"?: string | undefined;
1252
1257
  "cb-IQ"?: string | undefined;
1253
1258
  "co-FR"?: string | undefined;
1259
+ cs?: string | undefined;
1254
1260
  "cs-CZ"?: string | undefined;
1255
1261
  "cx-PH"?: string | undefined;
1256
1262
  "cy-GB"?: string | undefined;
@@ -1447,6 +1453,7 @@ export declare const connectorFactoryResponseGuard: z.ZodObject<{
1447
1453
  "ca-ES"?: string | undefined;
1448
1454
  "cb-IQ"?: string | undefined;
1449
1455
  "co-FR"?: string | undefined;
1456
+ cs?: string | undefined;
1450
1457
  "cs-CZ"?: string | undefined;
1451
1458
  "cx-PH"?: string | undefined;
1452
1459
  "cy-GB"?: string | undefined;
@@ -1580,6 +1587,7 @@ export declare const connectorFactoryResponseGuard: z.ZodObject<{
1580
1587
  "ca-ES"?: string | undefined;
1581
1588
  "cb-IQ"?: string | undefined;
1582
1589
  "co-FR"?: string | undefined;
1590
+ cs?: string | undefined;
1583
1591
  "cs-CZ"?: string | undefined;
1584
1592
  "cx-PH"?: string | undefined;
1585
1593
  "cy-GB"?: string | undefined;
package/lib/types/consent.d.ts CHANGED
@@ -158,6 +158,8 @@ export declare const publicApplicationGuard: z.ZodObject<Pick<{
158
158
  alwaysIssueRefreshToken?: boolean | undefined;
159
159
  rotateRefreshToken?: boolean | undefined;
160
160
  allowTokenExchange?: boolean | undefined;
161
+ isDeviceFlow?: boolean | undefined;
162
+ maxAllowedGrants?: number | undefined;
161
163
  }, z.ZodTypeDef, {
162
164
  corsAllowedOrigins?: string[] | undefined;
163
165
  idTokenTtl?: number | undefined;
@@ -167,6 +169,8 @@ export declare const publicApplicationGuard: z.ZodObject<Pick<{
167
169
  alwaysIssueRefreshToken?: boolean | undefined;
168
170
  rotateRefreshToken?: boolean | undefined;
169
171
  allowTokenExchange?: boolean | undefined;
172
+ isDeviceFlow?: boolean | undefined;
173
+ maxAllowedGrants?: number | undefined;
170
174
  }>;
171
175
  protectedAppMetadata: z.ZodType<{
172
176
  host: string;
@@ -477,6 +481,8 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
477
481
  alwaysIssueRefreshToken?: boolean | undefined;
478
482
  rotateRefreshToken?: boolean | undefined;
479
483
  allowTokenExchange?: boolean | undefined;
484
+ isDeviceFlow?: boolean | undefined;
485
+ maxAllowedGrants?: number | undefined;
480
486
  }, z.ZodTypeDef, {
481
487
  corsAllowedOrigins?: string[] | undefined;
482
488
  idTokenTtl?: number | undefined;
@@ -486,6 +492,8 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
486
492
  alwaysIssueRefreshToken?: boolean | undefined;
487
493
  rotateRefreshToken?: boolean | undefined;
488
494
  allowTokenExchange?: boolean | undefined;
495
+ isDeviceFlow?: boolean | undefined;
496
+ maxAllowedGrants?: number | undefined;
489
497
  }>;
490
498
  protectedAppMetadata: z.ZodType<{
491
499
  host: string;
@@ -900,7 +908,7 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
900
908
  description: string | null;
901
909
  }[];
902
910
  }>, "many">>;
903
- redirectUri: z.ZodString;
911
+ redirectUri: z.ZodOptional<z.ZodString>;
904
912
  }, "strip", z.ZodTypeAny, {
905
913
  application: {
906
914
  name: string;
@@ -915,7 +923,6 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
915
923
  termsOfUseUrl?: string | null | undefined;
916
924
  privacyPolicyUrl?: string | null | undefined;
917
925
  };
918
- redirectUri: string;
919
926
  user: {
920
927
  name: string | null;
921
928
  id: string;
@@ -940,6 +947,7 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
940
947
  }[];
941
948
  }[] | undefined;
942
949
  }[] | undefined;
950
+ redirectUri?: string | undefined;
943
951
  missingResourceScopes?: {
944
952
  resource: {
945
953
  name: string;
@@ -967,7 +975,6 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
967
975
  termsOfUseUrl?: string | null | undefined;
968
976
  privacyPolicyUrl?: string | null | undefined;
969
977
  };
970
- redirectUri: string;
971
978
  user: {
972
979
  name: string | null;
973
980
  id: string;
@@ -992,6 +999,7 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
992
999
  }[];
993
1000
  }[] | undefined;
994
1001
  }[] | undefined;
1002
+ redirectUri?: string | undefined;
995
1003
  missingResourceScopes?: {
996
1004
  resource: {
997
1005
  name: string;
package/lib/types/consent.js CHANGED
@@ -47,5 +47,6 @@ export const consentInfoResponseGuard = z.object({
47
47
  organizations: publicOrganizationGuard.array().optional(),
48
48
  missingOIDCScope: z.string().array().optional(),
49
49
  missingResourceScopes: missingResourceScopesGuard.array().optional(),
50
- redirectUri: z.string(),
50
+ // Device flow consent does not require a redirect_uri.
51
+ redirectUri: z.string().optional(),
51
52
  });
package/lib/types/custom-profile-fields.d.ts CHANGED
@@ -2383,11 +2383,10 @@ export declare const updateCustomProfileFieldSieOrderGuard: z.ZodObject<{
2383
2383
  sieOrder: number;
2384
2384
  }>;
2385
2385
  export type UpdateCustomProfileFieldSieOrder = z.infer<typeof updateCustomProfileFieldSieOrderGuard>;
2386
- /**
2387
- * Reserved custom data keys, which are used by the system and should not be used by custom profile fields.
2388
- */
2386
+ /** Reserved custom data keys, which are used by the system and should not be used by custom profile fields. */
2389
2387
  export declare const reservedCustomDataKeyGuard: z.ZodObject<{
2390
2388
  onboarding: z.ZodOptional<z.ZodString>;
2389
+ ossOnboarding: z.ZodOptional<z.ZodString>;
2391
2390
  guideRequests: z.ZodOptional<z.ZodString>;
2392
2391
  adminConsolePreferences: z.ZodOptional<z.ZodString>;
2393
2392
  defaultTenantId: z.ZodOptional<z.ZodString>;
@@ -2396,17 +2395,16 @@ export declare const reservedCustomDataKeyGuard: z.ZodObject<{
2396
2395
  guideRequests?: string | undefined;
2397
2396
  defaultTenantId?: string | undefined;
2398
2397
  onboarding?: string | undefined;
2398
+ ossOnboarding?: string | undefined;
2399
2399
  }, {
2400
2400
  adminConsolePreferences?: string | undefined;
2401
2401
  guideRequests?: string | undefined;
2402
2402
  defaultTenantId?: string | undefined;
2403
2403
  onboarding?: string | undefined;
2404
+ ossOnboarding?: string | undefined;
2404
2405
  }>;
2405
- export declare const reservedCustomDataKeys: readonly ["adminConsolePreferences", "guideRequests", "defaultTenantId", "onboarding"];
2406
- /**
2407
- * Disallow sign-in identifiers related field keys in custom profile fields, as this is conflicting
2408
- * with the built-in sign-in/sign-up experience flows.
2409
- */
2406
+ export declare const reservedCustomDataKeys: readonly ["adminConsolePreferences", "guideRequests", "defaultTenantId", "onboarding", "ossOnboarding"];
2407
+ /** Disallow sign-in identifier related field keys in custom profile fields to avoid conflicts with built-in sign-in/sign-up flows. */
2410
2408
  export declare const signInIdentifierKeyGuard: z.ZodObject<Pick<{
2411
2409
  tenantId: z.ZodOptional<z.ZodType<string, z.ZodTypeDef, string>>;
2412
2410
  id: z.ZodType<string, z.ZodTypeDef, string>;
@@ -2544,11 +2542,7 @@ export declare const signInIdentifierKeyGuard: z.ZodObject<Pick<{
2544
2542
  primaryPhone?: string | null;
2545
2543
  }>;
2546
2544
  export declare const reservedSignInIdentifierKeys: readonly ["username", "email", "phone", "primaryEmail", "primaryPhone"];
2547
- /**
2548
- * Reserved user profile keys.
2549
- * Currently only `preferredUsername` is reserved since it is the standard username property used
2550
- * by most identity providers. Should not allow user updating this field via profile related APIs.
2551
- */
2545
+ /** Reserved user profile keys. Currently only `preferredUsername` is reserved for standard IdP usage. */
2552
2546
  export declare const reservedBuiltInProfileKeyGuard: z.ZodObject<Pick<{
2553
2547
  familyName: z.ZodOptional<z.ZodString>;
2554
2548
  givenName: z.ZodOptional<z.ZodString>;
package/lib/types/custom-profile-fields.js CHANGED
@@ -1,7 +1,7 @@
1
1
  import { z } from 'zod';
2
2
  import { Users } from '../db-entries/user.js';
3
3
  import { CustomProfileFieldType, customProfileFieldTypeGuard, fieldPartGuard, userProfileAddressKeys, userProfileGuard, } from '../foundations/index.js';
4
- import { userOnboardingDataKey } from './onboarding.js';
4
+ import { ossUserOnboardingDataKey, userOnboardingDataKey } from './onboarding.js';
5
5
  import { defaultTenantIdKey } from './tenant.js';
6
6
  import { consoleUserPreferenceKey, guideRequestsKey } from './user.js';
7
7
  const baseProfileFieldGuard = z.object({
@@ -129,22 +129,18 @@ export const updateCustomProfileFieldSieOrderGuard = z.object({
129
129
  name: z.string(),
130
130
  sieOrder: z.number(),
131
131
  });
132
- /**
133
- * Reserved custom data keys, which are used by the system and should not be used by custom profile fields.
134
- */
132
+ /** Reserved custom data keys, which are used by the system and should not be used by custom profile fields. */
135
133
  export const reservedCustomDataKeyGuard = z
136
134
  .object({
137
135
  [userOnboardingDataKey]: z.string(),
136
+ [ossUserOnboardingDataKey]: z.string(),
138
137
  [guideRequestsKey]: z.string(),
139
138
  [consoleUserPreferenceKey]: z.string(),
140
139
  [defaultTenantIdKey]: z.string(),
141
140
  })
142
141
  .partial();
143
142
  export const reservedCustomDataKeys = Object.freeze(reservedCustomDataKeyGuard.keyof().options);
144
- /**
145
- * Disallow sign-in identifiers related field keys in custom profile fields, as this is conflicting
146
- * with the built-in sign-in/sign-up experience flows.
147
- */
143
+ /** Disallow sign-in identifier related field keys in custom profile fields to avoid conflicts with built-in sign-in/sign-up flows. */
148
144
  export const signInIdentifierKeyGuard = Users.createGuard
149
145
  .pick({
150
146
  username: true,
@@ -156,11 +152,7 @@ export const signInIdentifierKeyGuard = Users.createGuard
156
152
  phone: z.string().nullable().optional(),
157
153
  });
158
154
  export const reservedSignInIdentifierKeys = Object.freeze(signInIdentifierKeyGuard.keyof().options);
159
- /**
160
- * Reserved user profile keys.
161
- * Currently only `preferredUsername` is reserved since it is the standard username property used
162
- * by most identity providers. Should not allow user updating this field via profile related APIs.
163
- */
155
+ /** Reserved user profile keys. Currently only `preferredUsername` is reserved for standard IdP usage. */
164
156
  export const reservedBuiltInProfileKeyGuard = userProfileGuard.pick({ preferredUsername: true });
165
157
  export const reservedBuiltInProfileKeys = Object.freeze(reservedBuiltInProfileKeyGuard.keyof().options);
166
158
  export var SupportedDateFormat;
@@ -176,3 +168,4 @@ export var Gender;
176
168
  Gender["Male"] = "male";
177
169
  Gender["Other"] = "prefer_not_to_say";
178
170
  })(Gender || (Gender = {}));
171
+ /* eslint-enable max-lines */
package/lib/types/log/interaction.d.ts CHANGED
@@ -9,9 +9,11 @@ export declare enum Field {
9
9
  Identifier = "Identifier",
10
10
  Profile = "Profile",
11
11
  BindMfa = "BindMfa",
12
+ /** @deprecated */
12
13
  Mfa = "Mfa",
13
14
  Verification = "Verification",
14
- Captcha = "Captcha"
15
+ Captcha = "Captcha",
16
+ SignInPasskey = "SignInPasskey"
15
17
  }
16
18
  /** Method to verify the identifier */
17
19
  export declare enum Method {
@@ -73,4 +75,4 @@ export type DeprecatedInteractionLogKey = `${Prefix}.${InteractionEvent}.${Field
73
75
  * - When {@link Method} is `VerificationCode`, {@link Action} can be `Create` (generate and send a code) or `Submit` (verify and submit to the identifiers);
74
76
  * - Otherwise, {@link Action} is fixed to `Submit` (other methods can be verified on submitting).
75
77
  */
76
- export type LogKey = `${Prefix}.${Action.Create | Action.End}` | `${Prefix}.${Action.Create}.${Field.Captcha}` | `${Prefix}.${InteractionEvent}.${Action.Create | Action.Update | Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Profile}.${Action.Update}` | `${Prefix}.${InteractionEvent}.${Field.BindMfa}.${MfaFactor}.${Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Verification}.${VerificationType}.${Action}` | `${Prefix}.${InteractionEvent}.${Field.Identifier}.${Action.Submit}` | `${Prefix}.${InteractionEvent.SignIn}.${Field.Verification}.IdpInitiatedSso.${Action.Create}` | DeprecatedInteractionLogKey;
78
+ export type LogKey = `${Prefix}.${Action.Create | Action.End}` | `${Prefix}.${Action.Create}.${Field.Captcha}` | `${Prefix}.${InteractionEvent}.${Action.Create | Action.Update | Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Profile}.${Action.Update}` | `${Prefix}.${InteractionEvent}.${Field.BindMfa}.${MfaFactor}.${Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.SignInPasskey}.${Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Verification}.${VerificationType}.${Action}` | `${Prefix}.${InteractionEvent}.${Field.Identifier}.${Action.Submit}` | `${Prefix}.${InteractionEvent.SignIn}.${Field.Verification}.IdpInitiatedSso.${Action.Create}` | DeprecatedInteractionLogKey;
package/lib/types/log/interaction.js CHANGED
@@ -6,9 +6,11 @@ export var Field;
6
6
  Field["Identifier"] = "Identifier";
7
7
  Field["Profile"] = "Profile";
8
8
  Field["BindMfa"] = "BindMfa";
9
+ /** @deprecated */
9
10
  Field["Mfa"] = "Mfa";
10
11
  Field["Verification"] = "Verification";
11
12
  Field["Captcha"] = "Captcha";
13
+ Field["SignInPasskey"] = "SignInPasskey";
12
14
  })(Field || (Field = {}));
13
15
  /** Method to verify the identifier */
14
16
  export var Method;
package/lib/types/log/token.d.ts CHANGED
@@ -1,7 +1,8 @@
1
1
  /** The type of a token event. */
2
2
  export declare enum Type {
3
3
  ExchangeTokenBy = "ExchangeTokenBy",
4
- RevokeToken = "RevokeToken"
4
+ RevokeToken = "RevokeToken",
5
+ RevokeGrants = "RevokeGrants"
5
6
  }
6
7
  /** Available grant token types extracted from [oidc-provider](https://github.com/panva/node-oidc-provider/blob/564b1095ee869c89381d63dfdb5875c99f870f5f/lib/helpers/revoke.js#L13). */
7
8
  export declare enum TokenType {
@@ -18,6 +19,7 @@ export declare enum ExchangeByType {
18
19
  AuthorizationCode = "AuthorizationCode",
19
20
  RefreshToken = "RefreshToken",
20
21
  ClientCredentials = "ClientCredentials",
21
- TokenExchange = "TokenExchange"
22
+ TokenExchange = "TokenExchange",
23
+ DeviceCode = "DeviceCode"
22
24
  }
23
- export type LogKey = `${Type.ExchangeTokenBy}.${ExchangeByType}` | `${Type.RevokeToken}`;
25
+ export type LogKey = `${Type.ExchangeTokenBy}.${ExchangeByType}` | `${Type.RevokeToken}` | `${Type.RevokeGrants}`;
package/lib/types/log/token.js CHANGED
@@ -3,6 +3,7 @@ export var Type;
3
3
  (function (Type) {
4
4
  Type["ExchangeTokenBy"] = "ExchangeTokenBy";
5
5
  Type["RevokeToken"] = "RevokeToken";
6
+ Type["RevokeGrants"] = "RevokeGrants";
6
7
  })(Type || (Type = {}));
7
8
  /** Available grant token types extracted from [oidc-provider](https://github.com/panva/node-oidc-provider/blob/564b1095ee869c89381d63dfdb5875c99f870f5f/lib/helpers/revoke.js#L13). */
8
9
  export var TokenType;
@@ -22,4 +23,5 @@ export var ExchangeByType;
22
23
  ExchangeByType["RefreshToken"] = "RefreshToken";
23
24
  ExchangeByType["ClientCredentials"] = "ClientCredentials";
24
25
  ExchangeByType["TokenExchange"] = "TokenExchange";
26
+ ExchangeByType["DeviceCode"] = "DeviceCode";
25
27
  })(ExchangeByType || (ExchangeByType = {}));