@objectstack/spec 0.1.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (152) hide show
  1. package/README.md +127 -5
  2. package/dist/ai/index.d.ts +14 -0
  3. package/dist/ai/index.d.ts.map +1 -0
  4. package/dist/ai/index.js +29 -0
  5. package/dist/ai/model-registry.zod.d.ts +1389 -0
  6. package/dist/ai/model-registry.zod.d.ts.map +1 -0
  7. package/dist/ai/model-registry.zod.js +164 -0
  8. package/dist/ai/nlq.zod.d.ts +1126 -0
  9. package/dist/ai/nlq.zod.d.ts.map +1 -0
  10. package/dist/ai/nlq.zod.js +246 -0
  11. package/dist/ai/rag-pipeline.zod.d.ts +1034 -0
  12. package/dist/ai/rag-pipeline.zod.d.ts.map +1 -0
  13. package/dist/ai/rag-pipeline.zod.js +244 -0
  14. package/dist/api/index.d.ts +9 -0
  15. package/dist/api/index.d.ts.map +1 -0
  16. package/dist/api/index.js +24 -0
  17. package/dist/data/filter.zod.d.ts +295 -0
  18. package/dist/data/filter.zod.d.ts.map +1 -0
  19. package/dist/data/filter.zod.js +226 -0
  20. package/dist/data/index.d.ts +21 -0
  21. package/dist/data/index.d.ts.map +1 -0
  22. package/dist/data/index.js +36 -0
  23. package/dist/data/query.zod.d.ts +386 -3
  24. package/dist/data/query.zod.d.ts.map +1 -1
  25. package/dist/data/query.zod.js +386 -3
  26. package/dist/data/validation.zod.d.ts +349 -0
  27. package/dist/data/validation.zod.d.ts.map +1 -1
  28. package/dist/data/validation.zod.js +395 -0
  29. package/dist/index.d.ts +36 -39
  30. package/dist/index.d.ts.map +1 -1
  31. package/dist/index.js +64 -47
  32. package/dist/system/auth-protocol.d.ts +175 -0
  33. package/dist/system/auth-protocol.d.ts.map +1 -0
  34. package/dist/system/auth-protocol.js +60 -0
  35. package/dist/system/auth.zod.d.ts +3319 -0
  36. package/dist/system/auth.zod.d.ts.map +1 -0
  37. package/dist/system/auth.zod.js +499 -0
  38. package/dist/system/datasource.zod.d.ts +118 -38
  39. package/dist/system/datasource.zod.d.ts.map +1 -1
  40. package/dist/system/datasource.zod.js +25 -6
  41. package/dist/system/driver.zod.d.ts +106 -0
  42. package/dist/system/driver.zod.d.ts.map +1 -1
  43. package/dist/system/driver.zod.js +47 -0
  44. package/dist/system/identity.zod.d.ts +234 -180
  45. package/dist/system/identity.zod.d.ts.map +1 -1
  46. package/dist/system/identity.zod.js +168 -51
  47. package/dist/system/index.d.ts +28 -0
  48. package/dist/system/index.d.ts.map +1 -0
  49. package/dist/system/index.js +43 -0
  50. package/dist/system/manifest.zod.d.ts +10 -10
  51. package/dist/system/organization.zod.d.ts +179 -0
  52. package/dist/system/organization.zod.d.ts.map +1 -0
  53. package/dist/system/organization.zod.js +129 -0
  54. package/dist/system/policy.zod.d.ts +10 -10
  55. package/dist/ui/action.zod.d.ts +2 -2
  56. package/dist/ui/dashboard.zod.d.ts +10 -10
  57. package/dist/ui/dashboard.zod.d.ts.map +1 -1
  58. package/dist/ui/dashboard.zod.js +3 -2
  59. package/dist/ui/index.d.ts +17 -0
  60. package/dist/ui/index.d.ts.map +1 -0
  61. package/dist/ui/index.js +32 -0
  62. package/dist/ui/report.zod.d.ts +4 -32
  63. package/dist/ui/report.zod.d.ts.map +1 -1
  64. package/dist/ui/report.zod.js +3 -8
  65. package/dist/ui/theme.zod.d.ts +6 -6
  66. package/json-schema/Account.json +87 -0
  67. package/json-schema/AccountLinkingConfig.json +27 -0
  68. package/json-schema/AuthConfig.json +841 -0
  69. package/json-schema/AuthPluginConfig.json +28 -0
  70. package/json-schema/AuthStrategy.json +17 -0
  71. package/json-schema/AuthenticationConfig.json +601 -0
  72. package/json-schema/AuthenticationProvider.json +617 -0
  73. package/json-schema/CSRFConfig.json +31 -0
  74. package/json-schema/ChunkingStrategy.json +133 -0
  75. package/json-schema/ComparisonOperator.json +56 -0
  76. package/json-schema/Dashboard.json +20 -0
  77. package/json-schema/DashboardWidget.json +20 -0
  78. package/json-schema/DatabaseAdapter.json +38 -0
  79. package/json-schema/DatabaseMapping.json +48 -0
  80. package/json-schema/Datasource.json +25 -5
  81. package/json-schema/DatasourceCapabilities.json +25 -5
  82. package/json-schema/DocumentChunk.json +97 -0
  83. package/json-schema/DocumentLoaderConfig.json +69 -0
  84. package/json-schema/DocumentMetadata.json +61 -0
  85. package/json-schema/DriverCapabilities.json +30 -0
  86. package/json-schema/DriverDefinition.json +25 -5
  87. package/json-schema/DriverInterface.json +30 -0
  88. package/json-schema/EmailPasswordConfig.json +43 -0
  89. package/json-schema/EmbeddingModel.json +57 -0
  90. package/json-schema/EnterpriseAuthConfig.json +172 -0
  91. package/json-schema/Entity.json +55 -0
  92. package/json-schema/EqualityOperator.json +14 -0
  93. package/json-schema/FieldOperators.json +108 -0
  94. package/json-schema/FieldSynonymConfig.json +39 -0
  95. package/json-schema/FilterCondition.json +28 -0
  96. package/json-schema/Invitation.json +69 -0
  97. package/json-schema/InvitationStatus.json +15 -0
  98. package/json-schema/LDAPConfig.json +22 -5
  99. package/json-schema/MagicLinkConfig.json +21 -0
  100. package/json-schema/Member.json +46 -0
  101. package/json-schema/ModelCapability.json +47 -0
  102. package/json-schema/ModelConfig.json +181 -0
  103. package/json-schema/ModelLimits.json +45 -0
  104. package/json-schema/ModelPricing.json +28 -0
  105. package/json-schema/ModelProvider.json +19 -0
  106. package/json-schema/ModelRegistry.json +427 -0
  107. package/json-schema/ModelRegistryEntry.json +239 -0
  108. package/json-schema/ModelSelectionCriteria.json +50 -0
  109. package/json-schema/NLQAnalytics.json +106 -0
  110. package/json-schema/NLQFieldMapping.json +40 -0
  111. package/json-schema/NLQModelConfig.json +78 -0
  112. package/json-schema/NLQParseResult.json +252 -0
  113. package/json-schema/NLQRequest.json +110 -0
  114. package/json-schema/NLQResponse.json +288 -0
  115. package/json-schema/NLQTrainingExample.json +120 -0
  116. package/json-schema/NormalizedFilter.json +348 -0
  117. package/json-schema/OAuthProvider.json +66 -0
  118. package/json-schema/OIDCConfig.json +18 -3
  119. package/json-schema/Organization.json +52 -0
  120. package/json-schema/PasskeyConfig.json +54 -0
  121. package/json-schema/PromptTemplate.json +163 -0
  122. package/json-schema/PromptVariable.json +56 -0
  123. package/json-schema/QueryContext.json +72 -0
  124. package/json-schema/QueryFilter.json +34 -0
  125. package/json-schema/QueryIntent.json +21 -0
  126. package/json-schema/QueryTemplate.json +81 -0
  127. package/json-schema/RAGPipelineConfig.json +552 -0
  128. package/json-schema/RAGPipelineStatus.json +66 -0
  129. package/json-schema/RAGQueryRequest.json +64 -0
  130. package/json-schema/RAGQueryResponse.json +108 -0
  131. package/json-schema/RangeOperator.json +41 -0
  132. package/json-schema/RateLimitConfig.json +36 -0
  133. package/json-schema/Report.json +20 -26
  134. package/json-schema/RerankingConfig.json +34 -0
  135. package/json-schema/RetrievalStrategy.json +121 -0
  136. package/json-schema/SAMLConfig.json +17 -3
  137. package/json-schema/Session.json +63 -0
  138. package/json-schema/SessionConfig.json +56 -0
  139. package/json-schema/SetOperator.json +18 -0
  140. package/json-schema/SpecialOperator.json +18 -0
  141. package/json-schema/StandardAuthProvider.json +857 -0
  142. package/json-schema/StringOperator.json +21 -0
  143. package/json-schema/Timeframe.json +68 -0
  144. package/json-schema/TwoFactorConfig.json +40 -0
  145. package/json-schema/User.json +51 -0
  146. package/json-schema/UserFieldMapping.json +47 -0
  147. package/json-schema/VectorStoreConfig.json +82 -0
  148. package/json-schema/VectorStoreProvider.json +21 -0
  149. package/json-schema/VerificationToken.json +36 -0
  150. package/package.json +27 -1
  151. package/json-schema/AuthProtocol.json +0 -17
  152. package/json-schema/AuthProvider.json +0 -171
package/json-schema/AuthConfig.json ADDED
@@ -0,0 +1,841 @@
1
+ {
2
+ "$ref": "#/definitions/AuthConfig",
3
+ "definitions": {
4
+ "AuthConfig": {
5
+ "type": "object",
6
+ "properties": {
7
+ "name": {
8
+ "type": "string",
9
+ "pattern": "^[a-z_][a-z0-9_]*$",
10
+ "description": "Configuration name (snake_case)"
11
+ },
12
+ "label": {
13
+ "type": "string",
14
+ "description": "Display label"
15
+ },
16
+ "driver": {
17
+ "type": "string",
18
+ "default": "better-auth",
19
+ "description": "The underlying authentication implementation driver"
20
+ },
21
+ "strategies": {
22
+ "type": "array",
23
+ "items": {
24
+ "type": "string",
25
+ "enum": [
26
+ "email_password",
27
+ "magic_link",
28
+ "oauth",
29
+ "passkey",
30
+ "otp",
31
+ "anonymous"
32
+ ]
33
+ },
34
+ "minItems": 1,
35
+ "description": "Enabled authentication strategies"
36
+ },
37
+ "baseUrl": {
38
+ "type": "string",
39
+ "format": "uri",
40
+ "description": "Application base URL"
41
+ },
42
+ "secret": {
43
+ "type": "string",
44
+ "minLength": 32,
45
+ "description": "Secret key for signing (min 32 chars)"
46
+ },
47
+ "emailPassword": {
48
+ "type": "object",
49
+ "properties": {
50
+ "enabled": {
51
+ "type": "boolean",
52
+ "default": true
53
+ },
54
+ "requireEmailVerification": {
55
+ "type": "boolean",
56
+ "default": true,
57
+ "description": "Require email verification before login"
58
+ },
59
+ "minPasswordLength": {
60
+ "type": "number",
61
+ "minimum": 6,
62
+ "maximum": 128,
63
+ "default": 8,
64
+ "description": "Minimum password length"
65
+ },
66
+ "requirePasswordComplexity": {
67
+ "type": "boolean",
68
+ "default": true,
69
+ "description": "Require uppercase, lowercase, numbers, symbols"
70
+ },
71
+ "allowPasswordReset": {
72
+ "type": "boolean",
73
+ "default": true,
74
+ "description": "Enable password reset functionality"
75
+ },
76
+ "passwordResetExpiry": {
77
+ "type": "number",
78
+ "default": 3600,
79
+ "description": "Password reset token expiry in seconds"
80
+ }
81
+ },
82
+ "additionalProperties": false
83
+ },
84
+ "magicLink": {
85
+ "type": "object",
86
+ "properties": {
87
+ "enabled": {
88
+ "type": "boolean",
89
+ "default": true
90
+ },
91
+ "expiryTime": {
92
+ "type": "number",
93
+ "default": 900,
94
+ "description": "Magic link expiry time in seconds (default 15 min)"
95
+ }
96
+ },
97
+ "additionalProperties": false
98
+ },
99
+ "passkey": {
100
+ "type": "object",
101
+ "properties": {
102
+ "enabled": {
103
+ "type": "boolean",
104
+ "default": false
105
+ },
106
+ "rpName": {
107
+ "type": "string",
108
+ "description": "Relying Party name"
109
+ },
110
+ "rpId": {
111
+ "type": "string",
112
+ "description": "Relying Party ID (defaults to domain)"
113
+ },
114
+ "allowedOrigins": {
115
+ "type": "array",
116
+ "items": {
117
+ "type": "string",
118
+ "format": "uri"
119
+ },
120
+ "description": "Allowed origins for WebAuthn"
121
+ },
122
+ "userVerification": {
123
+ "type": "string",
124
+ "enum": [
125
+ "required",
126
+ "preferred",
127
+ "discouraged"
128
+ ],
129
+ "default": "preferred"
130
+ },
131
+ "attestation": {
132
+ "type": "string",
133
+ "enum": [
134
+ "none",
135
+ "indirect",
136
+ "direct",
137
+ "enterprise"
138
+ ],
139
+ "default": "none"
140
+ }
141
+ },
142
+ "required": [
143
+ "rpName"
144
+ ],
145
+ "additionalProperties": false
146
+ },
147
+ "oauth": {
148
+ "type": "object",
149
+ "properties": {
150
+ "providers": {
151
+ "type": "array",
152
+ "items": {
153
+ "type": "object",
154
+ "properties": {
155
+ "provider": {
156
+ "type": "string",
157
+ "enum": [
158
+ "google",
159
+ "github",
160
+ "facebook",
161
+ "twitter",
162
+ "linkedin",
163
+ "microsoft",
164
+ "apple",
165
+ "discord",
166
+ "gitlab",
167
+ "custom"
168
+ ],
169
+ "description": "OAuth provider type"
170
+ },
171
+ "clientId": {
172
+ "type": "string",
173
+ "description": "OAuth client ID"
174
+ },
175
+ "clientSecret": {
176
+ "type": "string",
177
+ "description": "OAuth client secret (typically from ENV)"
178
+ },
179
+ "scopes": {
180
+ "type": "array",
181
+ "items": {
182
+ "type": "string"
183
+ },
184
+ "description": "Requested OAuth scopes"
185
+ },
186
+ "redirectUri": {
187
+ "type": "string",
188
+ "format": "uri",
189
+ "description": "OAuth callback URL"
190
+ },
191
+ "enabled": {
192
+ "type": "boolean",
193
+ "default": true,
194
+ "description": "Whether this provider is enabled"
195
+ },
196
+ "displayName": {
197
+ "type": "string",
198
+ "description": "Display name for the provider button"
199
+ },
200
+ "icon": {
201
+ "type": "string",
202
+ "description": "Icon URL or identifier"
203
+ }
204
+ },
205
+ "required": [
206
+ "provider",
207
+ "clientId",
208
+ "clientSecret"
209
+ ],
210
+ "additionalProperties": false
211
+ },
212
+ "minItems": 1
213
+ }
214
+ },
215
+ "required": [
216
+ "providers"
217
+ ],
218
+ "additionalProperties": false
219
+ },
220
+ "session": {
221
+ "type": "object",
222
+ "properties": {
223
+ "expiresIn": {
224
+ "type": "number",
225
+ "default": 604800,
226
+ "description": "Session expiry in seconds (default 7 days)"
227
+ },
228
+ "updateAge": {
229
+ "type": "number",
230
+ "default": 86400,
231
+ "description": "Session update interval in seconds (default 1 day)"
232
+ },
233
+ "cookieName": {
234
+ "type": "string",
235
+ "default": "session_token",
236
+ "description": "Session cookie name"
237
+ },
238
+ "cookieSecure": {
239
+ "type": "boolean",
240
+ "default": true,
241
+ "description": "Use secure cookies (HTTPS only)"
242
+ },
243
+ "cookieSameSite": {
244
+ "type": "string",
245
+ "enum": [
246
+ "strict",
247
+ "lax",
248
+ "none"
249
+ ],
250
+ "default": "lax",
251
+ "description": "SameSite cookie attribute"
252
+ },
253
+ "cookieDomain": {
254
+ "type": "string",
255
+ "description": "Cookie domain"
256
+ },
257
+ "cookiePath": {
258
+ "type": "string",
259
+ "default": "/",
260
+ "description": "Cookie path"
261
+ },
262
+ "cookieHttpOnly": {
263
+ "type": "boolean",
264
+ "default": true,
265
+ "description": "HttpOnly cookie attribute"
266
+ }
267
+ },
268
+ "additionalProperties": false,
269
+ "default": {}
270
+ },
271
+ "rateLimit": {
272
+ "type": "object",
273
+ "properties": {
274
+ "enabled": {
275
+ "type": "boolean",
276
+ "default": true
277
+ },
278
+ "maxAttempts": {
279
+ "type": "number",
280
+ "default": 5,
281
+ "description": "Maximum login attempts"
282
+ },
283
+ "windowMs": {
284
+ "type": "number",
285
+ "default": 900000,
286
+ "description": "Time window in milliseconds (default 15 min)"
287
+ },
288
+ "blockDuration": {
289
+ "type": "number",
290
+ "default": 900000,
291
+ "description": "Block duration after max attempts in ms"
292
+ },
293
+ "skipSuccessfulRequests": {
294
+ "type": "boolean",
295
+ "default": false,
296
+ "description": "Only count failed requests"
297
+ }
298
+ },
299
+ "additionalProperties": false,
300
+ "default": {}
301
+ },
302
+ "csrf": {
303
+ "type": "object",
304
+ "properties": {
305
+ "enabled": {
306
+ "type": "boolean",
307
+ "default": true
308
+ },
309
+ "tokenLength": {
310
+ "type": "number",
311
+ "default": 32,
312
+ "description": "CSRF token length"
313
+ },
314
+ "cookieName": {
315
+ "type": "string",
316
+ "default": "csrf_token",
317
+ "description": "CSRF cookie name"
318
+ },
319
+ "headerName": {
320
+ "type": "string",
321
+ "default": "X-CSRF-Token",
322
+ "description": "CSRF header name"
323
+ }
324
+ },
325
+ "additionalProperties": false,
326
+ "default": {}
327
+ },
328
+ "accountLinking": {
329
+ "type": "object",
330
+ "properties": {
331
+ "enabled": {
332
+ "type": "boolean",
333
+ "default": true,
334
+ "description": "Allow account linking"
335
+ },
336
+ "autoLink": {
337
+ "type": "boolean",
338
+ "default": false,
339
+ "description": "Automatically link accounts with same email"
340
+ },
341
+ "requireVerification": {
342
+ "type": "boolean",
343
+ "default": true,
344
+ "description": "Require email verification before linking"
345
+ }
346
+ },
347
+ "additionalProperties": false,
348
+ "default": {}
349
+ },
350
+ "twoFactor": {
351
+ "type": "object",
352
+ "properties": {
353
+ "enabled": {
354
+ "type": "boolean",
355
+ "default": false
356
+ },
357
+ "issuer": {
358
+ "type": "string",
359
+ "description": "TOTP issuer name"
360
+ },
361
+ "qrCodeSize": {
362
+ "type": "number",
363
+ "default": 200,
364
+ "description": "QR code size in pixels"
365
+ },
366
+ "backupCodes": {
367
+ "type": "object",
368
+ "properties": {
369
+ "enabled": {
370
+ "type": "boolean",
371
+ "default": true
372
+ },
373
+ "count": {
374
+ "type": "number",
375
+ "default": 10,
376
+ "description": "Number of backup codes to generate"
377
+ }
378
+ },
379
+ "additionalProperties": false
380
+ }
381
+ },
382
+ "additionalProperties": false
383
+ },
384
+ "organization": {
385
+ "type": "object",
386
+ "properties": {
387
+ "enabled": {
388
+ "type": "boolean",
389
+ "default": false,
390
+ "description": "Enable organization/multi-tenant features"
391
+ },
392
+ "allowUserToCreateOrg": {
393
+ "type": "boolean",
394
+ "default": true,
395
+ "description": "Allow users to create organizations"
396
+ },
397
+ "defaultRole": {
398
+ "type": "string",
399
+ "default": "member",
400
+ "description": "Default role for new members"
401
+ },
402
+ "creatorRole": {
403
+ "type": "string",
404
+ "default": "owner",
405
+ "description": "Role assigned to organization creator"
406
+ }
407
+ },
408
+ "additionalProperties": false,
409
+ "description": "Organization/multi-tenant configuration"
410
+ },
411
+ "enterprise": {
412
+ "type": "object",
413
+ "properties": {
414
+ "oidc": {
415
+ "type": "object",
416
+ "properties": {
417
+ "enabled": {
418
+ "type": "boolean",
419
+ "default": false
420
+ },
421
+ "issuer": {
422
+ "type": "string",
423
+ "format": "uri",
424
+ "description": "OIDC Issuer URL (.well-known/openid-configuration)"
425
+ },
426
+ "clientId": {
427
+ "type": "string",
428
+ "description": "OIDC client ID"
429
+ },
430
+ "clientSecret": {
431
+ "type": "string",
432
+ "description": "OIDC client secret"
433
+ },
434
+ "scopes": {
435
+ "type": "array",
436
+ "items": {
437
+ "type": "string"
438
+ },
439
+ "default": [
440
+ "openid",
441
+ "profile",
442
+ "email"
443
+ ],
444
+ "description": "OIDC scopes"
445
+ },
446
+ "attributeMapping": {
447
+ "type": "object",
448
+ "additionalProperties": {
449
+ "type": "string"
450
+ },
451
+ "description": "Map IdP claims to User fields"
452
+ },
453
+ "displayName": {
454
+ "type": "string",
455
+ "description": "Display name for the provider button"
456
+ },
457
+ "icon": {
458
+ "type": "string",
459
+ "description": "Icon URL or identifier"
460
+ }
461
+ },
462
+ "required": [
463
+ "issuer",
464
+ "clientId",
465
+ "clientSecret"
466
+ ],
467
+ "additionalProperties": false,
468
+ "description": "OpenID Connect configuration"
469
+ },
470
+ "saml": {
471
+ "type": "object",
472
+ "properties": {
473
+ "enabled": {
474
+ "type": "boolean",
475
+ "default": false
476
+ },
477
+ "entryPoint": {
478
+ "type": "string",
479
+ "format": "uri",
480
+ "description": "IdP SSO URL"
481
+ },
482
+ "cert": {
483
+ "type": "string",
484
+ "description": "IdP Public Certificate (PEM format)"
485
+ },
486
+ "issuer": {
487
+ "type": "string",
488
+ "description": "Entity ID of the IdP"
489
+ },
490
+ "signatureAlgorithm": {
491
+ "type": "string",
492
+ "enum": [
493
+ "sha256",
494
+ "sha512"
495
+ ],
496
+ "default": "sha256",
497
+ "description": "Signature algorithm"
498
+ },
499
+ "attributeMapping": {
500
+ "type": "object",
501
+ "additionalProperties": {
502
+ "type": "string"
503
+ },
504
+ "description": "Map SAML attributes to User fields"
505
+ },
506
+ "displayName": {
507
+ "type": "string",
508
+ "description": "Display name for the provider button"
509
+ },
510
+ "icon": {
511
+ "type": "string",
512
+ "description": "Icon URL or identifier"
513
+ }
514
+ },
515
+ "required": [
516
+ "entryPoint",
517
+ "cert",
518
+ "issuer"
519
+ ],
520
+ "additionalProperties": false,
521
+ "description": "SAML 2.0 configuration"
522
+ },
523
+ "ldap": {
524
+ "type": "object",
525
+ "properties": {
526
+ "enabled": {
527
+ "type": "boolean",
528
+ "default": false
529
+ },
530
+ "url": {
531
+ "type": "string",
532
+ "format": "uri",
533
+ "description": "LDAP Server URL (ldap:// or ldaps://)"
534
+ },
535
+ "bindDn": {
536
+ "type": "string",
537
+ "description": "Bind DN for LDAP authentication"
538
+ },
539
+ "bindCredentials": {
540
+ "type": "string",
541
+ "description": "Bind credentials"
542
+ },
543
+ "searchBase": {
544
+ "type": "string",
545
+ "description": "Search base DN"
546
+ },
547
+ "searchFilter": {
548
+ "type": "string",
549
+ "description": "Search filter"
550
+ },
551
+ "groupSearchBase": {
552
+ "type": "string",
553
+ "description": "Group search base DN"
554
+ },
555
+ "displayName": {
556
+ "type": "string",
557
+ "description": "Display name for the provider button"
558
+ },
559
+ "icon": {
560
+ "type": "string",
561
+ "description": "Icon URL or identifier"
562
+ }
563
+ },
564
+ "required": [
565
+ "url",
566
+ "bindDn",
567
+ "bindCredentials",
568
+ "searchBase",
569
+ "searchFilter"
570
+ ],
571
+ "additionalProperties": false,
572
+ "description": "LDAP/Active Directory configuration"
573
+ }
574
+ },
575
+ "additionalProperties": false
576
+ },
577
+ "userFieldMapping": {
578
+ "type": "object",
579
+ "properties": {
580
+ "id": {
581
+ "type": "string",
582
+ "default": "id",
583
+ "description": "User ID field"
584
+ },
585
+ "email": {
586
+ "type": "string",
587
+ "default": "email",
588
+ "description": "Email field"
589
+ },
590
+ "name": {
591
+ "type": "string",
592
+ "default": "name",
593
+ "description": "Name field"
594
+ },
595
+ "image": {
596
+ "type": "string",
597
+ "default": "image",
598
+ "description": "Profile image field"
599
+ },
600
+ "emailVerified": {
601
+ "type": "string",
602
+ "default": "email_verified",
603
+ "description": "Email verification status field"
604
+ },
605
+ "createdAt": {
606
+ "type": "string",
607
+ "default": "created_at",
608
+ "description": "Created timestamp field"
609
+ },
610
+ "updatedAt": {
611
+ "type": "string",
612
+ "default": "updated_at",
613
+ "description": "Updated timestamp field"
614
+ }
615
+ },
616
+ "additionalProperties": false,
617
+ "default": {}
618
+ },
619
+ "database": {
620
+ "type": "object",
621
+ "properties": {
622
+ "type": {
623
+ "type": "string",
624
+ "enum": [
625
+ "prisma",
626
+ "drizzle",
627
+ "kysely",
628
+ "custom"
629
+ ],
630
+ "description": "Database adapter type"
631
+ },
632
+ "connectionString": {
633
+ "type": "string",
634
+ "description": "Database connection string"
635
+ },
636
+ "tablePrefix": {
637
+ "type": "string",
638
+ "default": "auth_",
639
+ "description": "Prefix for auth tables"
640
+ },
641
+ "schema": {
642
+ "type": "string",
643
+ "description": "Database schema name"
644
+ }
645
+ },
646
+ "required": [
647
+ "type"
648
+ ],
649
+ "additionalProperties": false
650
+ },
651
+ "mapping": {
652
+ "type": "object",
653
+ "properties": {
654
+ "user": {
655
+ "type": "object",
656
+ "additionalProperties": {
657
+ "type": "string"
658
+ },
659
+ "description": "User field mapping (e.g., { \"emailVerified\": \"email_verified\" })"
660
+ },
661
+ "session": {
662
+ "type": "object",
663
+ "additionalProperties": {
664
+ "type": "string"
665
+ },
666
+ "default": {
667
+ "sessionToken": "token",
668
+ "expires": "expiresAt"
669
+ },
670
+ "description": "Session field mapping"
671
+ },
672
+ "account": {
673
+ "type": "object",
674
+ "additionalProperties": {
675
+ "type": "string"
676
+ },
677
+ "default": {
678
+ "providerAccountId": "accountId",
679
+ "provider": "providerId"
680
+ },
681
+ "description": "Account field mapping"
682
+ },
683
+ "verificationToken": {
684
+ "type": "object",
685
+ "additionalProperties": {
686
+ "type": "string"
687
+ },
688
+ "description": "VerificationToken field mapping"
689
+ }
690
+ },
691
+ "additionalProperties": false
692
+ },
693
+ "plugins": {
694
+ "type": "array",
695
+ "items": {
696
+ "type": "object",
697
+ "properties": {
698
+ "name": {
699
+ "type": "string",
700
+ "description": "Plugin name"
701
+ },
702
+ "enabled": {
703
+ "type": "boolean",
704
+ "default": true
705
+ },
706
+ "options": {
707
+ "type": "object",
708
+ "additionalProperties": {},
709
+ "description": "Plugin-specific options"
710
+ }
711
+ },
712
+ "required": [
713
+ "name"
714
+ ],
715
+ "additionalProperties": false
716
+ },
717
+ "default": []
718
+ },
719
+ "hooks": {
720
+ "type": "object",
721
+ "properties": {},
722
+ "additionalProperties": false,
723
+ "description": "Authentication lifecycle hooks"
724
+ },
725
+ "security": {
726
+ "type": "object",
727
+ "properties": {
728
+ "allowedOrigins": {
729
+ "type": "array",
730
+ "items": {
731
+ "type": "string"
732
+ },
733
+ "description": "CORS allowed origins"
734
+ },
735
+ "trustProxy": {
736
+ "type": "boolean",
737
+ "default": false,
738
+ "description": "Trust proxy headers"
739
+ },
740
+ "ipRateLimiting": {
741
+ "type": "boolean",
742
+ "default": true,
743
+ "description": "Enable IP-based rate limiting"
744
+ },
745
+ "sessionFingerprinting": {
746
+ "type": "boolean",
747
+ "default": true,
748
+ "description": "Enable session fingerprinting"
749
+ },
750
+ "maxSessions": {
751
+ "type": "number",
752
+ "default": 5,
753
+ "description": "Maximum concurrent sessions per user"
754
+ }
755
+ },
756
+ "additionalProperties": false,
757
+ "description": "Advanced security settings"
758
+ },
759
+ "email": {
760
+ "type": "object",
761
+ "properties": {
762
+ "from": {
763
+ "type": "string",
764
+ "format": "email",
765
+ "description": "From email address"
766
+ },
767
+ "fromName": {
768
+ "type": "string",
769
+ "description": "From name"
770
+ },
771
+ "provider": {
772
+ "type": "string",
773
+ "enum": [
774
+ "smtp",
775
+ "sendgrid",
776
+ "mailgun",
777
+ "ses",
778
+ "resend",
779
+ "custom"
780
+ ],
781
+ "description": "Email provider"
782
+ },
783
+ "config": {
784
+ "type": "object",
785
+ "additionalProperties": {},
786
+ "description": "Provider-specific configuration"
787
+ }
788
+ },
789
+ "required": [
790
+ "from",
791
+ "provider"
792
+ ],
793
+ "additionalProperties": false,
794
+ "description": "Email configuration"
795
+ },
796
+ "ui": {
797
+ "type": "object",
798
+ "properties": {
799
+ "brandName": {
800
+ "type": "string",
801
+ "description": "Brand name displayed in auth UI"
802
+ },
803
+ "logo": {
804
+ "type": "string",
805
+ "description": "Logo URL"
806
+ },
807
+ "primaryColor": {
808
+ "type": "string",
809
+ "description": "Primary brand color (hex)"
810
+ },
811
+ "customCss": {
812
+ "type": "string",
813
+ "description": "Custom CSS for auth pages"
814
+ }
815
+ },
816
+ "additionalProperties": false,
817
+ "description": "UI customization"
818
+ },
819
+ "active": {
820
+ "type": "boolean",
821
+ "default": true,
822
+ "description": "Whether this provider is active"
823
+ },
824
+ "allowRegistration": {
825
+ "type": "boolean",
826
+ "default": true,
827
+ "description": "Allow new user registration"
828
+ }
829
+ },
830
+ "required": [
831
+ "name",
832
+ "label",
833
+ "strategies",
834
+ "baseUrl",
835
+ "secret"
836
+ ],
837
+ "additionalProperties": false
838
+ }
839
+ },
840
+ "$schema": "http://json-schema.org/draft-07/schema#"
841
+ }