@okta/okta-auth-js 6.3.1 → 6.4.1

package/esm/esm.node.mjs

@@ -149,6 +149,8 @@ var OAuthError = function (_CustomError) {
     _this.name = 'OAuthError';
     _this.errorCode = errorCode;
     _this.errorSummary = summary;
+    _this.error = errorCode;
+    _this.error_description = summary;
     return _this;
   }
   return OAuthError;
@@ -656,7 +658,11 @@ function httpRequest(sdk, options) {
     if (sdk.options.transformErrorXHR) {
       resp = sdk.options.transformErrorXHR(clone(resp));
     }
-    err = new AuthApiError(serverErr, resp);
+    if (serverErr.error && serverErr.error_description) {
+      err = new OAuthError(serverErr.error, serverErr.error_description);
+    } else {
+      err = new AuthApiError(serverErr, resp);
+    }
     if (err.errorCode === 'E0000011') {
       storage.delete(STATE_TOKEN_KEY_NAME);
     }
@@ -3561,7 +3567,7 @@ var ServiceManager = function () {
     key: "start",
     value: function start() {
       if (this.started) {
-        this.stop();
+        return;
       }
       if (this.isLeaderRequired()) {
         this.startElector();
@@ -4529,8 +4535,9 @@ function assertValidConfig(args) {
 }
 
 function _createForOfIteratorHelper$6(o, allowArrayLike) { var it = typeof _Symbol !== "undefined" && _getIteratorMethod(o) || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray$6(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e) { throw _e; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e2) { didErr = true; err = _e2; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
-function _unsupportedIterableToArray$6(o, minLen) { var _context3; if (!o) return; if (typeof o === "string") return _arrayLikeToArray$6(o, minLen); var n = _sliceInstanceProperty(_context3 = Object.prototype.toString.call(o)).call(_context3, 8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return _Array$from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray$6(o, minLen); }
+function _unsupportedIterableToArray$6(o, minLen) { var _context5; if (!o) return; if (typeof o === "string") return _arrayLikeToArray$6(o, minLen); var n = _sliceInstanceProperty(_context5 = Object.prototype.toString.call(o)).call(_context5, 8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return _Array$from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray$6(o, minLen); }
 function _arrayLikeToArray$6(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) { arr2[i] = arr[i]; } return arr2; }
+var appJsonContentTypeRegex = /application\/\w*\+?json/;
 function readData(response) {
   var _context;
   if (response.headers.get('Content-Type') &&
@@ -4577,8 +4584,19 @@ function fetchRequest(method, url, args) {
   var body = args.data;
   var headers = args.headers || {};
   var contentType = headers['Content-Type'] || headers['content-type'] || '';
-  if (contentType === 'application/json' && body && typeof body !== 'string') {
-    body = _JSON$stringify(body);
+  if (body && typeof body !== 'string') {
+    if (appJsonContentTypeRegex.test(contentType)) {
+      body = _JSON$stringify(body);
+    } else if (contentType === 'application/x-www-form-urlencoded') {
+      var _context3;
+      body = _mapInstanceProperty(_context3 = _Object$entries(body)).call(_context3, function (_ref) {
+        var _context4;
+        var _ref2 = _slicedToArray(_ref, 2),
+            param = _ref2[0],
+            value = _ref2[1];
+        return _concatInstanceProperty(_context4 = "".concat(param, "=")).call(_context4, encodeURIComponent(value));
+      }).join('&');
+    }
   }
   var fetch = window.fetch || crossFetch;
   var fetchPromise = fetch(url, {
@@ -4689,26 +4707,12 @@ var ServerStorage = function () {
   }]);
   return ServerStorage;
 }();
-var serverStorage = new ServerStorage(sharedStorage);
+var storage = new ServerStorage(sharedStorage);
 
-var BROWSER_STORAGE = {
-  token: {
-    storageTypes: ['localStorage', 'sessionStorage', 'cookie']
-  },
-  cache: {
-    storageTypes: ['localStorage', 'sessionStorage', 'cookie']
-  },
-  transaction: {
-    storageTypes: ['sessionStorage', 'localStorage', 'cookie']
-  },
-  'shared-transaction': {
-    storageTypes: ['localStorage']
-  },
-  'original-uri': {
-    storageTypes: ['localStorage']
-  }
-};
-var SERVER_STORAGE = {
+function getStorage() {
+  return storage;
+}
+var STORAGE_MANAGER_OPTIONS = {
   token: {
     storageTypes: ['memory']
   },
@@ -4719,45 +4723,23 @@ var SERVER_STORAGE = {
     storageTypes: ['memory']
   }
 };
+var enableSharedStorage = false;
 function getCookieSettings() {
   var args = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-  var isHTTPS = arguments.length > 1 ? arguments[1] : undefined;
-  var cookieSettings = args.cookies || {};
-  if (typeof cookieSettings.secure === 'undefined') {
-    cookieSettings.secure = isHTTPS;
-  }
-  if (typeof cookieSettings.sameSite === 'undefined') {
-    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';
-  }
-  if (cookieSettings.secure && !isHTTPS) {
-    warn('The current page is not being served with the HTTPS protocol.\n' + 'For security reasons, we strongly recommend using HTTPS.\n' + 'If you cannot use HTTPS, set "cookies.secure" option to false.');
-    cookieSettings.secure = false;
-  }
-  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {
-    cookieSettings.sameSite = 'lax';
-  }
-  return cookieSettings;
+  return args.cookies;
 }
+
 function getDefaultOptions() {
-  var storageUtil$1;
-  if (isBrowser()) {
-    storageUtil$1 = _Object$assign({}, storageUtil, {
-      inMemoryStore: {}
-    });
-  } else {
-    storageUtil$1 = serverStorage;
-  }
-  var storageManager = isBrowser() ? BROWSER_STORAGE : SERVER_STORAGE;
-  var enableSharedStorage = isBrowser() ? true : false;
-  return {
+  var options = {
     devMode: false,
     httpRequestClient: fetchRequest,
-    storageUtil: storageUtil$1,
-    storageManager: storageManager,
+    storageUtil: getStorage(),
+    storageManager: STORAGE_MANAGER_OPTIONS,
     transactionManager: {
       enableSharedStorage: enableSharedStorage
     }
   };
+  return options;
 }
 function mergeOptions(options, args) {
   return _Object$assign({}, options, removeNils(args), {
@@ -4794,7 +4776,7 @@ function buildOptions() {
     devMode: !!args.devMode,
     storageManager: args.storageManager,
     transactionManager: args.transactionManager,
-    cookies: isBrowser() ? getCookieSettings(args, isHTTPS()) : args.cookies,
+    cookies: getCookieSettings(args, isHTTPS()),
     flow: args.flow,
     codeChallenge: args.codeChallenge,
     codeChallengeMethod: args.codeChallengeMethod,
@@ -4805,65 +4787,248 @@ function buildOptions() {
   });
 }
 
-var Interceptor = function () {
-  function Interceptor() {
-    _classCallCheck(this, Interceptor);
-    this.handlers = [];
+function createTransactionMeta(_x) {
+  return _createTransactionMeta.apply(this, arguments);
+}
+function _createTransactionMeta() {
+  _createTransactionMeta = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(authClient) {
+    var options,
+        tokenParams,
+        pkceMeta,
+        _Object$assign2,
+        _Object$assign2$flow,
+        flow,
+        _Object$assign2$withC,
+        withCredentials,
+        _Object$assign2$activ,
+        activationToken,
+        _Object$assign2$recov,
+        recoveryToken,
+        meta,
+        _args = arguments;
+    return _regeneratorRuntime.wrap(function _callee$(_context) {
+      while (1) {
+        switch (_context.prev = _context.next) {
+          case 0:
+            options = _args.length > 1 && _args[1] !== undefined ? _args[1] : {};
+            _context.next = 3;
+            return authClient.token.prepareTokenParams(options);
+          case 3:
+            tokenParams = _context.sent;
+            pkceMeta = createOAuthMeta(authClient, tokenParams);
+            _Object$assign2 = _Object$assign(_Object$assign({}, authClient.options), options), _Object$assign2$flow = _Object$assign2.flow, flow = _Object$assign2$flow === void 0 ? 'default' : _Object$assign2$flow, _Object$assign2$withC = _Object$assign2.withCredentials, withCredentials = _Object$assign2$withC === void 0 ? true : _Object$assign2$withC, _Object$assign2$activ = _Object$assign2.activationToken, activationToken = _Object$assign2$activ === void 0 ? undefined : _Object$assign2$activ, _Object$assign2$recov = _Object$assign2.recoveryToken, recoveryToken = _Object$assign2$recov === void 0 ? undefined : _Object$assign2$recov;
+            meta = _Object$assign(_Object$assign({}, pkceMeta), {
+              flow: flow,
+              withCredentials: withCredentials,
+              activationToken: activationToken,
+              recoveryToken: recoveryToken
+            });
+            return _context.abrupt("return", meta);
+          case 8:
+          case "end":
+            return _context.stop();
+        }
+      }
+    }, _callee);
+  }));
+  return _createTransactionMeta.apply(this, arguments);
+}
+function hasSavedInteractionHandle(authClient, options) {
+  var savedMeta = getSavedTransactionMeta(authClient, options);
+  if (savedMeta === null || savedMeta === void 0 ? void 0 : savedMeta.interactionHandle) {
+    return true;
   }
-  _createClass(Interceptor, [{
-    key: "use",
-    value: function use(before) {
-      this.handlers.push({
-        before: before
-      });
-    }
-  }, {
-    key: "clear",
-    value: function clear() {
-      this.handlers = [];
+  return false;
+}
+function getSavedTransactionMeta(authClient, options) {
+  options = removeNils(options);
+  options = _Object$assign(_Object$assign({}, authClient.options), options);
+  var savedMeta;
+  try {
+    savedMeta = authClient.transactionManager.load(options);
+  } catch (e) {
+  }
+  if (!savedMeta) {
+    return;
+  }
+  if (isTransactionMetaValid(savedMeta, options)) {
+    return savedMeta;
+  }
+  warn('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
+}
+function getTransactionMeta(_x2, _x3) {
+  return _getTransactionMeta.apply(this, arguments);
+}
+function _getTransactionMeta() {
+  _getTransactionMeta = _asyncToGenerator( _regeneratorRuntime.mark(function _callee2(authClient, options) {
+    var validExistingMeta;
+    return _regeneratorRuntime.wrap(function _callee2$(_context2) {
+      while (1) {
+        switch (_context2.prev = _context2.next) {
+          case 0:
+            options = removeNils(options);
+            options = _Object$assign(_Object$assign({}, authClient.options), options);
+            validExistingMeta = getSavedTransactionMeta(authClient, options);
+            if (!validExistingMeta) {
+              _context2.next = 5;
+              break;
+            }
+            return _context2.abrupt("return", validExistingMeta);
+          case 5:
+            return _context2.abrupt("return", createTransactionMeta(authClient, options));
+          case 6:
+          case "end":
+            return _context2.stop();
+        }
+      }
+    }, _callee2);
+  }));
+  return _getTransactionMeta.apply(this, arguments);
+}
+function saveTransactionMeta(authClient, meta) {
+  authClient.transactionManager.save(meta, {
+    muteWarning: true
+  });
+}
+function clearTransactionMeta(authClient) {
+  authClient.transactionManager.clear();
+}
+function isTransactionMetaValid(meta) {
+  var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+  var keys = ['issuer', 'clientId', 'redirectUri', 'state', 'codeChallenge', 'codeChallengeMethod', 'activationToken', 'recoveryToken'];
+  if (isTransactionMetaValidForOptions(meta, options, keys) === false) {
+    return false;
+  }
+  var flow = options.flow;
+  if (isTransactionMetaValidForFlow(meta, flow) === false) {
+    return false;
+  }
+  return true;
+}
+function isTransactionMetaValidForFlow(meta, flow) {
+  var shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';
+  if (shouldValidateFlow) {
+    if (flow !== meta.flow) {
+      return false;
     }
-  }]);
-  return Interceptor;
-}();
-var HttpClient = {
-  interceptors: {
-    request: new Interceptor()
   }
-};
-var request = function () {
-  var _ref2 = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(target, _ref) {
-    var _ref$method, method, _ref$headers, headers, _ref$credentials, credentials, body, requestOptions, url;
+  return true;
+}
+function isTransactionMetaValidForOptions(meta, options, keys) {
+  var mismatch = keys.some(function (key) {
+    var value = options[key];
+    if (value && value !== meta[key]) {
+      return true;
+    }
+  });
+  return !mismatch;
+}
+
+function getResponse(meta) {
+  return {
+    meta: meta,
+    interactionHandle: meta.interactionHandle,
+    state: meta.state
+  };
+}
+function interact(_x) {
+  return _interact.apply(this, arguments);
+}
+function _interact() {
+  _interact = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(authClient) {
+    var options,
+        meta,
+        baseUrl,
+        _meta,
+        clientId,
+        redirectUri,
+        state,
+        scopes,
+        withCredentials,
+        codeChallenge,
+        codeChallengeMethod,
+        activationToken,
+        recoveryToken,
+        clientSecret,
+        url,
+        params,
+        headers,
+        resp,
+        interactionHandle,
+        newMeta,
+        _args = arguments;
     return _regeneratorRuntime.wrap(function _callee$(_context) {
       while (1) {
         switch (_context.prev = _context.next) {
           case 0:
-            _ref$method = _ref.method, method = _ref$method === void 0 ? 'POST' : _ref$method, _ref$headers = _ref.headers, headers = _ref$headers === void 0 ? {} : _ref$headers, _ref$credentials = _ref.credentials, credentials = _ref$credentials === void 0 ? 'include' : _ref$credentials, body = _ref.body;
-            requestOptions = {
-              url: target,
-              method: method,
-              headers: _Object$assign({}, headers),
-              credentials: credentials,
-              body: body
+            options = _args.length > 1 && _args[1] !== undefined ? _args[1] : {};
+            options = removeNils(options);
+            meta = getSavedTransactionMeta(authClient, options);
+            if (!(meta === null || meta === void 0 ? void 0 : meta.interactionHandle)) {
+              _context.next = 5;
+              break;
+            }
+            return _context.abrupt("return", getResponse(meta));
+          case 5:
+            _context.next = 7;
+            return createTransactionMeta(authClient, _Object$assign(_Object$assign({}, meta), options));
+          case 7:
+            meta = _context.sent;
+            baseUrl = getOAuthBaseUrl(authClient);
+            _meta = meta, clientId = _meta.clientId, redirectUri = _meta.redirectUri, state = _meta.state, scopes = _meta.scopes, withCredentials = _meta.withCredentials, codeChallenge = _meta.codeChallenge, codeChallengeMethod = _meta.codeChallengeMethod, activationToken = _meta.activationToken, recoveryToken = _meta.recoveryToken;
+            clientSecret = options.clientSecret || authClient.options.clientSecret;
+            withCredentials = withCredentials !== null && withCredentials !== void 0 ? withCredentials : true;
+            url = "".concat(baseUrl, "/v1/interact");
+            params = {
+              client_id: clientId,
+              scope: scopes.join(' '),
+              redirect_uri: redirectUri,
+              code_challenge: codeChallenge,
+              code_challenge_method: codeChallengeMethod,
+              state: state
             };
-            if (HttpClient.interceptors) {
-              HttpClient.interceptors.request.handlers.forEach(function (interceptor) {
-                interceptor.before(requestOptions);
-              });
+            if (activationToken) {
+              params.activation_token = activationToken;
             }
-            url = requestOptions.url;
-            delete requestOptions.url;
-            return _context.abrupt("return", crossFetch(url, requestOptions));
-          case 6:
+            if (recoveryToken) {
+              params.recovery_token = recoveryToken;
+            }
+            if (clientSecret) {
+              params.client_secret = clientSecret;
+            }
+            headers = {
+              'Content-Type': 'application/x-www-form-urlencoded'
+            };
+            _context.next = 20;
+            return httpRequest(authClient, {
+              method: 'POST',
+              url: url,
+              headers: headers,
+              withCredentials: withCredentials,
+              args: params
+            });
+          case 20:
+            resp = _context.sent;
+            interactionHandle = resp.interaction_handle;
+            newMeta = _Object$assign(_Object$assign({}, meta), {
+              interactionHandle: interactionHandle,
+              withCredentials: withCredentials,
+              state: state,
+              scopes: scopes,
+              recoveryToken: recoveryToken,
+              activationToken: activationToken
+            });
+            saveTransactionMeta(authClient, newMeta);
+            return _context.abrupt("return", getResponse(newMeta));
+          case 25:
           case "end":
             return _context.stop();
         }
       }
     }, _callee);
   }));
-  return function request(_x, _x2) {
-    return _ref2.apply(this, arguments);
-  };
-}();
+  return _interact.apply(this, arguments);
+}
 
 function _createForOfIteratorHelper$5(o, allowArrayLike) { var it = typeof _Symbol !== "undefined" && _getIteratorMethod(o) || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray$5(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e) { throw _e; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e2) { didErr = true; err = _e2; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
 function _unsupportedIterableToArray$5(o, minLen) { var _context; if (!o) return; if (typeof o === "string") return _arrayLikeToArray$5(o, minLen); var n = _sliceInstanceProperty(_context = Object.prototype.toString.call(o)).call(_context, 8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return _Array$from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray$5(o, minLen); }
@@ -4939,71 +5104,80 @@ var divideActionParamsByMutability = function divideActionParamsByMutability(act
   };
 };
 
-var generateDirectFetch = function generateDirectFetch(_ref) {
+var generateDirectFetch = function generateDirectFetch(authClient, _ref) {
   var actionDefinition = _ref.actionDefinition,
       _ref$defaultParamsFor = _ref.defaultParamsForAction,
       defaultParamsForAction = _ref$defaultParamsFor === void 0 ? {} : _ref$defaultParamsFor,
       _ref$immutableParamsF = _ref.immutableParamsForAction,
       immutableParamsForAction = _ref$immutableParamsF === void 0 ? {} : _ref$immutableParamsF,
-      toPersist = _ref.toPersist;
+      _ref$toPersist = _ref.toPersist,
+      toPersist = _ref$toPersist === void 0 ? {} : _ref$toPersist;
   var target = actionDefinition.href;
-  return function () {
-    var _ref2 = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(params) {
-      var headers, body, credentials, response, responseJSON, requestDidSucceed, idxResponse;
-      return _regeneratorRuntime.wrap(function _callee$(_context) {
-        while (1) {
-          switch (_context.prev = _context.next) {
-            case 0:
-              headers = {
-                'content-type': 'application/json',
-                'accept': actionDefinition.accepts || 'application/ion+json'
-              };
-              body = _JSON$stringify(_Object$assign(_Object$assign(_Object$assign({}, defaultParamsForAction), params), immutableParamsForAction));
-              credentials = toPersist && toPersist.withCredentials === false ? 'omit' : 'include';
-              _context.next = 5;
-              return request(target, {
-                method: actionDefinition.method,
-                headers: headers,
-                body: body,
-                credentials: credentials
-              });
-            case 5:
-              response = _context.sent;
-              _context.next = 8;
-              return response.json();
-            case 8:
-              responseJSON = _context.sent;
-              requestDidSucceed = response.ok;
-              idxResponse = makeIdxState$1(responseJSON, toPersist, requestDidSucceed);
-              if (response.status === 401 && response.headers.get('WWW-Authenticate') === 'Oktadevicejwt realm="Okta Device"') {
-                idxResponse.stepUp = true;
-              }
-              if (requestDidSucceed) {
-                _context.next = 14;
-                break;
-              }
-              throw idxResponse;
-            case 14:
-              return _context.abrupt("return", idxResponse);
-            case 15:
-            case "end":
-              return _context.stop();
-          }
+  return _asyncToGenerator( _regeneratorRuntime.mark(function _callee() {
+    var params,
+        _a,
+        headers,
+        body,
+        response,
+        _response,
+        payload,
+        wwwAuthHeader,
+        idxResponse,
+        _args = arguments;
+    return _regeneratorRuntime.wrap(function _callee$(_context) {
+      while (1) {
+        switch (_context.prev = _context.next) {
+          case 0:
+            params = _args.length > 0 && _args[0] !== undefined ? _args[0] : {};
+            headers = {
+              'Content-Type': 'application/json',
+              'Accept': actionDefinition.accepts || 'application/ion+json'
+            };
+            body = _JSON$stringify(_Object$assign(_Object$assign(_Object$assign({}, defaultParamsForAction), params), immutableParamsForAction));
+            _context.prev = 3;
+            _context.next = 6;
+            return httpRequest(authClient, {
+              url: target,
+              method: actionDefinition.method,
+              headers: headers,
+              args: body,
+              withCredentials: (_a = toPersist === null || toPersist === void 0 ? void 0 : toPersist.withCredentials) !== null && _a !== void 0 ? _a : true
+            });
+          case 6:
+            response = _context.sent;
+            return _context.abrupt("return", makeIdxState$1(authClient, _Object$assign({}, response), toPersist, true));
+          case 10:
+            _context.prev = 10;
+            _context.t0 = _context["catch"](3);
+            if (!(!(_context.t0 instanceof AuthApiError) || !(_context.t0 === null || _context.t0 === void 0 ? void 0 : _context.t0.xhr))) {
+              _context.next = 14;
+              break;
+            }
+            throw _context.t0;
+          case 14:
+            _response = _context.t0.xhr;
+            payload = _response.responseJSON || JSON.parse(_response.responseText);
+            wwwAuthHeader = _response.headers['WWW-Authenticate'] || _response.headers['www-authenticate'];
+            idxResponse = makeIdxState$1(authClient, _Object$assign({}, payload), toPersist, false);
+            if (_response.status === 401 && wwwAuthHeader === 'Oktadevicejwt realm="Okta Device"') {
+              idxResponse.stepUp = true;
+            }
+            throw idxResponse;
+          case 20:
+          case "end":
+            return _context.stop();
         }
-      }, _callee);
-    }));
-    return function (_x) {
-      return _ref2.apply(this, arguments);
-    };
-  }();
+      }
+    }, _callee, null, [[3, 10]]);
+  }));
 };
-var generateIdxAction = function generateIdxAction(actionDefinition, toPersist) {
+var generateIdxAction = function generateIdxAction(authClient, actionDefinition, toPersist) {
   var generator = generateDirectFetch;
   var _divideActionParamsBy = divideActionParamsByMutability(actionDefinition),
       defaultParams = _divideActionParamsBy.defaultParams,
       neededParams = _divideActionParamsBy.neededParams,
       immutableParams = _divideActionParamsBy.immutableParams;
-  var action = generator({
+  var action = generator(authClient, {
     actionDefinition: actionDefinition,
     defaultParamsForAction: defaultParams[actionDefinition.name],
     immutableParamsForAction: immutableParams[actionDefinition.name],
@@ -5013,10 +5187,10 @@ var generateIdxAction = function generateIdxAction(actionDefinition, toPersist)
   return action;
 };
 
-var generateRemediationFunctions = function generateRemediationFunctions(remediationValue) {
-  var toPersist = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+var generateRemediationFunctions = function generateRemediationFunctions(authClient, remediationValue) {
+  var toPersist = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
   return _Object$fromEntries(_mapInstanceProperty(remediationValue).call(remediationValue, function (remediation) {
-    return [remediation.name, generateIdxAction(remediation, toPersist)];
+    return [remediation.name, generateIdxAction(authClient, remediation, toPersist)];
   }));
 };
 
@@ -5025,9 +5199,9 @@ var SKIP_FIELDS = _Object$fromEntries(_mapInstanceProperty(_context = ['remediat
 ]).call(_context, function (field) {
   return [field, !!'skip this field'];
 }));
-var parseNonRemediations = function parseNonRemediations(idxResponse) {
+var parseNonRemediations = function parseNonRemediations(authClient, idxResponse) {
   var _context2;
-  var toPersist = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+  var toPersist = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
   var actions = {};
   var context = {};
   _filterInstanceProperty(_context2 = _Object$keys(idxResponse)).call(_context2, function (field) {
@@ -5039,7 +5213,7 @@ var parseNonRemediations = function parseNonRemediations(idxResponse) {
       return;
     }
     if (idxResponse[field].rel) {
-      actions[idxResponse[field].name] = generateIdxAction(idxResponse[field], toPersist);
+      actions[idxResponse[field].name] = generateIdxAction(authClient, idxResponse[field], toPersist);
       return;
     }
     var _a = idxResponse[field],
@@ -5060,7 +5234,7 @@ var parseNonRemediations = function parseNonRemediations(idxResponse) {
           value = _ref2[1];
       if (value.rel) {
         var _context3;
-        actions[_concatInstanceProperty(_context3 = "".concat(field, "-")).call(_context3, subField.name || subField)] = generateIdxAction(value, toPersist);
+        actions[_concatInstanceProperty(_context3 = "".concat(field, "-")).call(_context3, subField.name || subField)] = generateIdxAction(authClient, value, toPersist);
       } else {
         context[field].value[subField] = value;
       }
@@ -5093,24 +5267,24 @@ var expandRelatesTo = function expandRelatesTo(idxResponse, value) {
     }
   });
 };
-var convertRemediationAction = function convertRemediationAction(remediation, toPersist) {
-  var remediationActions = generateRemediationFunctions([remediation], toPersist);
+var convertRemediationAction = function convertRemediationAction(authClient, remediation, toPersist) {
+  var remediationActions = generateRemediationFunctions(authClient, [remediation], toPersist);
   var actionFn = remediationActions[remediation.name];
   return _Object$assign(_Object$assign({}, remediation), {
     action: actionFn
   });
 };
-var parseIdxResponse = function parseIdxResponse(idxResponse) {
-  var toPersist = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+var parseIdxResponse = function parseIdxResponse(authClient, idxResponse) {
+  var toPersist = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
   var _a;
   var remediationData = ((_a = idxResponse.remediation) === null || _a === void 0 ? void 0 : _a.value) || [];
   remediationData.forEach(function (remediation) {
     return expandRelatesTo(idxResponse, remediation);
   });
   var remediations = _mapInstanceProperty(remediationData).call(remediationData, function (remediation) {
-    return convertRemediationAction(remediation, toPersist);
+    return convertRemediationAction(authClient, remediation, toPersist);
   });
-  var _parseNonRemediations = parseNonRemediations(idxResponse, toPersist),
+  var _parseNonRemediations = parseNonRemediations(authClient, idxResponse, toPersist),
       context = _parseNonRemediations.context,
       actions = _parseNonRemediations.actions;
   return {
@@ -5120,10 +5294,10 @@ var parseIdxResponse = function parseIdxResponse(idxResponse) {
   };
 };
 
-function makeIdxState$1(idxResponse, toPersist, requestDidSucceed) {
+function makeIdxState$1(authClient, idxResponse, toPersist, requestDidSucceed) {
   var _a, _b, _c;
   var rawIdxResponse = idxResponse;
-  var _parseIdxResponse = parseIdxResponse(idxResponse, toPersist),
+  var _parseIdxResponse = parseIdxResponse(authClient, idxResponse, toPersist),
       remediations = _parseIdxResponse.remediations,
       context = _parseIdxResponse.context,
       actions = _parseIdxResponse.actions;
@@ -5190,7 +5364,6 @@ var parsersForVersion = function parsersForVersion(version) {
       throw new Error("Unknown api version: ".concat(version, ".  Use an exact semver version."));
   }
 };
-
 function validateVersionConfig(version) {
   if (!version) {
     throw new Error('version is required');
@@ -5201,356 +5374,15 @@ function validateVersionConfig(version) {
   }
   parsersForVersion(version);
 }
-
-var introspect$1 = function () {
-  var _introspect = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(_ref) {
-    var withCredentials, domain, interactionHandle, stateHandle, version, target, body, headers, credentials, response, requestDidSucceed, rawIdxResponse;
-    return _regeneratorRuntime.wrap(function _callee$(_context) {
-      while (1) {
-        switch (_context.prev = _context.next) {
-          case 0:
-            withCredentials = _ref.withCredentials, domain = _ref.domain, interactionHandle = _ref.interactionHandle, stateHandle = _ref.stateHandle, version = _ref.version;
-            validateVersionConfig(version);
-            target = "".concat(domain, "/idp/idx/introspect");
-            body = stateHandle ? {
-              stateToken: stateHandle
-            } : {
-              interactionHandle: interactionHandle
-            };
-            headers = {
-              'content-type': "application/ion+json; okta-version=".concat(version),
-              accept: "application/ion+json; okta-version=".concat(version)
-            };
-            credentials = withCredentials === false ? 'omit' : 'include';
-            _context.next = 8;
-            return request(target, {
-              credentials: credentials,
-              headers: headers,
-              body: _JSON$stringify(body)
-            });
-          case 8:
-            response = _context.sent;
-            requestDidSucceed = response.ok;
-            _context.next = 12;
-            return response.json();
-          case 12:
-            rawIdxResponse = _context.sent;
-            if (requestDidSucceed) {
-              _context.next = 15;
-              break;
-            }
-            throw rawIdxResponse;
-          case 15:
-            return _context.abrupt("return", rawIdxResponse);
-          case 16:
-          case "end":
-            return _context.stop();
-        }
-      }
-    }, _callee);
-  }));
-  function introspect(_x) {
-    return _introspect.apply(this, arguments);
-  }
-  return introspect;
-}();
-
-var parseAndReject = function parseAndReject(response) {
-  return response.json().then(function (err) {
-    return _Promise.reject(err);
-  });
-};
-var interact$1 = function () {
-  var _interact = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(_ref) {
-    var _context;
-    var withCredentials, clientId, baseUrl, _ref$scopes, scopes, redirectUri, codeChallenge, codeChallengeMethod, state, activationToken, recoveryToken, clientSecret, target, params, body, headers, credentials;
-    return _regeneratorRuntime.wrap(function _callee$(_context3) {
-      while (1) {
-        switch (_context3.prev = _context3.next) {
-          case 0:
-            withCredentials = _ref.withCredentials, clientId = _ref.clientId, baseUrl = _ref.baseUrl, _ref$scopes = _ref.scopes, scopes = _ref$scopes === void 0 ? ['openid', 'email'] : _ref$scopes, redirectUri = _ref.redirectUri, codeChallenge = _ref.codeChallenge, codeChallengeMethod = _ref.codeChallengeMethod, state = _ref.state, activationToken = _ref.activationToken, recoveryToken = _ref.recoveryToken, clientSecret = _ref.clientSecret;
-            target = "".concat(baseUrl, "/v1/interact");
-            params = {
-              client_id: clientId,
-              scope: scopes.join(' '),
-              redirect_uri: redirectUri,
-              code_challenge: codeChallenge,
-              code_challenge_method: codeChallengeMethod,
-              state: state
-            };
-            if (activationToken) {
-              params.activation_token = activationToken;
-            }
-            if (recoveryToken) {
-              params.recovery_token = recoveryToken;
-            }
-            if (clientSecret) {
-              params.client_secret = clientSecret;
-            }
-            body = _mapInstanceProperty(_context = _Object$entries(params)).call(_context, function (_ref2) {
-              var _context2;
-              var _ref3 = _slicedToArray(_ref2, 2),
-                  param = _ref3[0],
-                  value = _ref3[1];
-              return _concatInstanceProperty(_context2 = "".concat(param, "=")).call(_context2, encodeURIComponent(value));
-            }).join('&');
-            headers = {
-              'content-type': 'application/x-www-form-urlencoded'
-            };
-            credentials = withCredentials === false ? 'omit' : 'include';
-            return _context3.abrupt("return", request(target, {
-              credentials: credentials,
-              headers: headers,
-              body: body
-            }).then(function (response) {
-              return response.ok ? response.json() : parseAndReject(response);
-            }).then(function (data) {
-              return data.interaction_handle;
-            }));
-          case 10:
-          case "end":
-            return _context3.stop();
-        }
-      }
-    }, _callee);
-  }));
-  function interact(_x) {
-    return _interact.apply(this, arguments);
-  }
-  return interact;
-}();
-
-var LATEST_SUPPORTED_IDX_API_VERSION = '1.0.0';
-var _parsersForVersion = parsersForVersion(LATEST_SUPPORTED_IDX_API_VERSION),
-    makeIdxState = _parsersForVersion.makeIdxState;
-var idx = {
-  introspect: introspect$1,
-  interact: interact$1,
-  makeIdxState: makeIdxState,
-  client: HttpClient,
-  LATEST_SUPPORTED_IDX_API_VERSION: LATEST_SUPPORTED_IDX_API_VERSION
-};
-
-function createTransactionMeta(_x) {
-  return _createTransactionMeta.apply(this, arguments);
-}
-function _createTransactionMeta() {
-  _createTransactionMeta = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(authClient) {
-    var options,
-        tokenParams,
-        pkceMeta,
-        _Object$assign2,
-        _Object$assign2$flow,
-        flow,
-        _Object$assign2$withC,
-        withCredentials,
-        _Object$assign2$activ,
-        activationToken,
-        _Object$assign2$recov,
-        recoveryToken,
-        meta,
-        _args = arguments;
-    return _regeneratorRuntime.wrap(function _callee$(_context) {
-      while (1) {
-        switch (_context.prev = _context.next) {
-          case 0:
-            options = _args.length > 1 && _args[1] !== undefined ? _args[1] : {};
-            _context.next = 3;
-            return authClient.token.prepareTokenParams(options);
-          case 3:
-            tokenParams = _context.sent;
-            pkceMeta = createOAuthMeta(authClient, tokenParams);
-            _Object$assign2 = _Object$assign(_Object$assign({}, authClient.options), options), _Object$assign2$flow = _Object$assign2.flow, flow = _Object$assign2$flow === void 0 ? 'default' : _Object$assign2$flow, _Object$assign2$withC = _Object$assign2.withCredentials, withCredentials = _Object$assign2$withC === void 0 ? true : _Object$assign2$withC, _Object$assign2$activ = _Object$assign2.activationToken, activationToken = _Object$assign2$activ === void 0 ? undefined : _Object$assign2$activ, _Object$assign2$recov = _Object$assign2.recoveryToken, recoveryToken = _Object$assign2$recov === void 0 ? undefined : _Object$assign2$recov;
-            meta = _Object$assign(_Object$assign({}, pkceMeta), {
-              flow: flow,
-              withCredentials: withCredentials,
-              activationToken: activationToken,
-              recoveryToken: recoveryToken
-            });
-            return _context.abrupt("return", meta);
-          case 8:
-          case "end":
-            return _context.stop();
-        }
-      }
-    }, _callee);
-  }));
-  return _createTransactionMeta.apply(this, arguments);
-}
-function hasSavedInteractionHandle(authClient, options) {
-  var savedMeta = getSavedTransactionMeta(authClient, options);
-  if (savedMeta === null || savedMeta === void 0 ? void 0 : savedMeta.interactionHandle) {
-    return true;
-  }
-  return false;
-}
-function getSavedTransactionMeta(authClient, options) {
-  options = removeNils(options);
-  options = _Object$assign(_Object$assign({}, authClient.options), options);
-  var savedMeta;
-  try {
-    savedMeta = authClient.transactionManager.load(options);
-  } catch (e) {
-  }
-  if (!savedMeta) {
-    return;
-  }
-  if (isTransactionMetaValid(savedMeta, options)) {
-    return savedMeta;
-  }
-  warn('Saved transaction meta does not match the current configuration. ' + 'This may indicate that two apps are sharing a storage key.');
-}
-function getTransactionMeta(_x2, _x3) {
-  return _getTransactionMeta.apply(this, arguments);
-}
-function _getTransactionMeta() {
-  _getTransactionMeta = _asyncToGenerator( _regeneratorRuntime.mark(function _callee2(authClient, options) {
-    var validExistingMeta;
-    return _regeneratorRuntime.wrap(function _callee2$(_context2) {
-      while (1) {
-        switch (_context2.prev = _context2.next) {
-          case 0:
-            options = removeNils(options);
-            options = _Object$assign(_Object$assign({}, authClient.options), options);
-            validExistingMeta = getSavedTransactionMeta(authClient, options);
-            if (!validExistingMeta) {
-              _context2.next = 5;
-              break;
-            }
-            return _context2.abrupt("return", validExistingMeta);
-          case 5:
-            return _context2.abrupt("return", createTransactionMeta(authClient, options));
-          case 6:
-          case "end":
-            return _context2.stop();
-        }
-      }
-    }, _callee2);
-  }));
-  return _getTransactionMeta.apply(this, arguments);
-}
-function saveTransactionMeta(authClient, meta) {
-  authClient.transactionManager.save(meta, {
-    muteWarning: true
-  });
-}
-function clearTransactionMeta(authClient) {
-  authClient.transactionManager.clear();
-}
-function isTransactionMetaValid(meta) {
-  var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-  var keys = ['issuer', 'clientId', 'redirectUri', 'state', 'codeChallenge', 'codeChallengeMethod', 'activationToken', 'recoveryToken'];
-  if (isTransactionMetaValidForOptions(meta, options, keys) === false) {
-    return false;
-  }
-  var flow = options.flow;
-  if (isTransactionMetaValidForFlow(meta, flow) === false) {
-    return false;
-  }
-  return true;
-}
-function isTransactionMetaValidForFlow(meta, flow) {
-  var shouldValidateFlow = flow && flow !== 'default' && flow !== 'proceed';
-  if (shouldValidateFlow) {
-    if (flow !== meta.flow) {
-      return false;
-    }
-  }
-  return true;
-}
-function isTransactionMetaValidForOptions(meta, options, keys) {
-  var mismatch = keys.some(function (key) {
-    var value = options[key];
-    if (value && value !== meta[key]) {
-      return true;
-    }
-  });
-  return !mismatch;
-}
-
-function getResponse(meta) {
-  return {
-    meta: meta,
-    interactionHandle: meta.interactionHandle,
-    state: meta.state
-  };
-}
-function interact(_x) {
-  return _interact.apply(this, arguments);
-}
-function _interact() {
-  _interact = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(authClient) {
-    var options,
-        meta,
-        baseUrl,
-        _meta,
-        clientId,
-        redirectUri,
-        state,
-        scopes,
-        withCredentials,
-        codeChallenge,
-        codeChallengeMethod,
-        activationToken,
-        recoveryToken,
-        clientSecret,
-        interactionHandle,
-        newMeta,
-        _args = arguments;
-    return _regeneratorRuntime.wrap(function _callee$(_context) {
-      while (1) {
-        switch (_context.prev = _context.next) {
-          case 0:
-            options = _args.length > 1 && _args[1] !== undefined ? _args[1] : {};
-            options = removeNils(options);
-            meta = getSavedTransactionMeta(authClient, options);
-            if (!(meta === null || meta === void 0 ? void 0 : meta.interactionHandle)) {
-              _context.next = 5;
-              break;
-            }
-            return _context.abrupt("return", getResponse(meta));
-          case 5:
-            _context.next = 7;
-            return createTransactionMeta(authClient, _Object$assign(_Object$assign({}, meta), options));
-          case 7:
-            meta = _context.sent;
-            baseUrl = getOAuthBaseUrl(authClient);
-            _meta = meta, clientId = _meta.clientId, redirectUri = _meta.redirectUri, state = _meta.state, scopes = _meta.scopes, withCredentials = _meta.withCredentials, codeChallenge = _meta.codeChallenge, codeChallengeMethod = _meta.codeChallengeMethod, activationToken = _meta.activationToken, recoveryToken = _meta.recoveryToken;
-            clientSecret = options.clientSecret || authClient.options.clientSecret;
-            _context.next = 13;
-            return idx.interact({
-              withCredentials: withCredentials,
-              clientId: clientId,
-              baseUrl: baseUrl,
-              scopes: scopes,
-              state: state,
-              redirectUri: redirectUri,
-              codeChallenge: codeChallenge,
-              codeChallengeMethod: codeChallengeMethod,
-              activationToken: activationToken,
-              recoveryToken: recoveryToken,
-              clientSecret: clientSecret
-            });
-          case 13:
-            interactionHandle = _context.sent;
-            newMeta = _Object$assign(_Object$assign({}, meta), {
-              interactionHandle: interactionHandle,
-              withCredentials: withCredentials,
-              state: state,
-              scopes: scopes,
-              recoveryToken: recoveryToken,
-              activationToken: activationToken
-            });
-            saveTransactionMeta(authClient, newMeta);
-            return _context.abrupt("return", getResponse(newMeta));
-          case 17:
-          case "end":
-            return _context.stop();
-        }
-      }
-    }, _callee);
-  }));
-  return _interact.apply(this, arguments);
+function makeIdxState(authClient, rawIdxResponse) {
+  var toPersist = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
+  var requestDidSucceed = arguments.length > 3 ? arguments[3] : undefined;
+  var _a;
+  var version = (_a = rawIdxResponse === null || rawIdxResponse === void 0 ? void 0 : rawIdxResponse.version) !== null && _a !== void 0 ? _a : IDX_API_VERSION;
+  validateVersionConfig(version);
+  var _parsersForVersion = parsersForVersion(version),
+      makeIdxState = _parsersForVersion.makeIdxState;
+  return makeIdxState(authClient, rawIdxResponse, toPersist, requestDidSucceed);
 }
 
 function introspect(_x) {
@@ -5559,11 +5391,18 @@ function introspect(_x) {
 function _introspect() {
   _introspect = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(authClient) {
     var options,
+        _a,
         rawIdxResponse,
         requestDidSucceed,
         savedIdxResponse,
         version,
         domain,
+        interactionHandle,
+        stateHandle,
+        _withCredentials,
+        url,
+        body,
+        headers,
         withCredentials,
         _args = arguments;
     return _regeneratorRuntime.wrap(function _callee$(_context) {
@@ -5577,47 +5416,62 @@ function _introspect() {
               requestDidSucceed = savedIdxResponse.requestDidSucceed;
             }
             if (rawIdxResponse) {
-              _context.next = 21;
+              _context.next = 27;
               break;
             }
             version = options.version || IDX_API_VERSION;
             domain = getOAuthDomain(authClient);
-            _context.prev = 6;
-            _context.next = 9;
-            return idx.introspect(_Object$assign(_Object$assign({
-              domain: domain
-            }, options), {
-              version: version
-            }));
-          case 9:
-            rawIdxResponse = _context.sent;
+            interactionHandle = options.interactionHandle, stateHandle = options.stateHandle;
+            _withCredentials = (_a = options.withCredentials) !== null && _a !== void 0 ? _a : true;
+            _context.prev = 8;
             requestDidSucceed = true;
-            _context.next = 21;
+            validateVersionConfig(version);
+            url = "".concat(domain, "/idp/idx/introspect");
+            body = stateHandle ? {
+              stateToken: stateHandle
+            } : {
+              interactionHandle: interactionHandle
+            };
+            headers = {
+              'Content-Type': "application/ion+json; okta-version=".concat(version),
+              Accept: "application/ion+json; okta-version=".concat(version)
+            };
+            _context.next = 16;
+            return httpRequest(authClient, {
+              method: 'POST',
+              url: url,
+              headers: headers,
+              withCredentials: _withCredentials,
+              args: body
+            });
+          case 16:
+            rawIdxResponse = _context.sent;
+            _context.next = 27;
             break;
-          case 13:
-            _context.prev = 13;
-            _context.t0 = _context["catch"](6);
-            if (!isRawIdxResponse(_context.t0)) {
-              _context.next = 20;
+          case 19:
+            _context.prev = 19;
+            _context.t0 = _context["catch"](8);
+            if (!(isAuthApiError(_context.t0) && _context.t0.xhr && isRawIdxResponse(_context.t0.xhr.responseJSON))) {
+              _context.next = 26;
               break;
             }
-            rawIdxResponse = _context.t0;
+            rawIdxResponse = _context.t0.xhr.responseJSON;
             requestDidSucceed = false;
-            _context.next = 21;
+            _context.next = 27;
             break;
-          case 20:
+          case 26:
             throw _context.t0;
-          case 21:
+          case 27:
             withCredentials = options.withCredentials;
-            return _context.abrupt("return", idx.makeIdxState(rawIdxResponse, {
+            return _context.abrupt("return", makeIdxState(authClient, rawIdxResponse, {
               withCredentials: withCredentials
             }, requestDidSucceed));
-          case 23:
+          case 29:
           case "end":
             return _context.stop();
         }
       }
-    }, _callee, null, [[6, 13]]);
+    }, _callee, null, [[8, 19]]);
   }));
   return _introspect.apply(this, arguments);
 }
@@ -5704,7 +5558,7 @@ function findMatchedOption(authenticators, options) {
 }
 
 function _createForOfIteratorHelper$3(o, allowArrayLike) { var it = typeof _Symbol !== "undefined" && _getIteratorMethod(o) || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray$3(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e) { throw _e; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e2) { didErr = true; err = _e2; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
-function _unsupportedIterableToArray$3(o, minLen) { var _context10; if (!o) return; if (typeof o === "string") return _arrayLikeToArray$3(o, minLen); var n = _sliceInstanceProperty(_context10 = Object.prototype.toString.call(o)).call(_context10, 8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return _Array$from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray$3(o, minLen); }
+function _unsupportedIterableToArray$3(o, minLen) { var _context11; if (!o) return; if (typeof o === "string") return _arrayLikeToArray$3(o, minLen); var n = _sliceInstanceProperty(_context11 = Object.prototype.toString.call(o)).call(_context11, 8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return _Array$from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray$3(o, minLen); }
 function _arrayLikeToArray$3(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) { arr2[i] = arr[i]; } return arr2; }
 var Remediator = function () {
   function Remediator(remediation) {
@@ -5823,7 +5677,8 @@ var Remediator = function () {
         var input;
         var name = inputFromRemediation.name,
             type = inputFromRemediation.type,
-            visible = inputFromRemediation.visible;
+            visible = inputFromRemediation.visible,
+            messages = inputFromRemediation.messages;
         if (visible === false) {
           return;
         }
@@ -5854,6 +5709,9 @@ var Remediator = function () {
             return inputs.push(i);
           });
         } else {
+          if (messages) {
+            input.messages = messages;
+          }
           inputs.push(input);
         }
       });
@@ -5863,7 +5721,10 @@ var Remediator = function () {
     key: "getValuesAfterProceed",
     value:
     function getValuesAfterProceed() {
-      var inputs = this.getInputs();
+      var _context6;
+      var inputsFromRemediation = this.remediation.value || [];
+      var inputsFromRemediator = this.getInputs();
+      var inputs = _concatInstanceProperty(_context6 = []).call(_context6, _toConsumableArray(inputsFromRemediation), _toConsumableArray(inputsFromRemediator));
       var _iterator = _createForOfIteratorHelper$3(inputs),
           _step;
       try {
@@ -5881,7 +5742,7 @@ var Remediator = function () {
   }, {
     key: "getAuthenticator",
     value: function getAuthenticator() {
-      var _context6, _context7;
+      var _context7, _context8;
       var _a, _b;
       var relatesTo = (_a = this.remediation.relatesTo) === null || _a === void 0 ? void 0 : _a.value;
       if (!relatesTo) {
@@ -5891,11 +5752,11 @@ var Remediator = function () {
       if (!authenticatorFromRemediation) {
         return relatesTo;
       }
-      var id = _findInstanceProperty(_context6 = authenticatorFromRemediation.form.value).call(_context6, function (_ref2) {
+      var id = _findInstanceProperty(_context7 = authenticatorFromRemediation.form.value).call(_context7, function (_ref2) {
         var name = _ref2.name;
         return name === 'id';
       }).value;
-      var enrollmentId = (_b = _findInstanceProperty(_context7 = authenticatorFromRemediation.form.value).call(_context7, function (_ref3) {
+      var enrollmentId = (_b = _findInstanceProperty(_context8 = authenticatorFromRemediation.form.value).call(_context8, function (_ref3) {
         var name = _ref3.name;
         return name === 'enrollmentId';
       })) === null || _b === void 0 ? void 0 : _b.value;
@@ -5907,15 +5768,15 @@ var Remediator = function () {
   }], [{
     key: "getMessages",
     value: function getMessages(remediation) {
-      var _context8;
+      var _context9;
       var _a, _b;
       if (!remediation.value) {
         return;
       }
-      return (_b = (_a = remediation.value[0]) === null || _a === void 0 ? void 0 : _a.form) === null || _b === void 0 ? void 0 : _reduceInstanceProperty(_context8 = _b.value).call(_context8, function (messages, field) {
+      return (_b = (_a = remediation.value[0]) === null || _a === void 0 ? void 0 : _a.form) === null || _b === void 0 ? void 0 : _reduceInstanceProperty(_context9 = _b.value).call(_context9, function (messages, field) {
         if (field.messages) {
-          var _context9;
-          messages = _concatInstanceProperty(_context9 = []).call(_context9, _toConsumableArray(messages), _toConsumableArray(field.messages.value));
+          var _context10;
+          messages = _concatInstanceProperty(_context10 = []).call(_context10, _toConsumableArray(messages), _toConsumableArray(field.messages.value));
         }
         return messages;
       }, []);
@@ -7110,15 +6971,16 @@ var AuthenticatorVerificationData = function (_AuthenticatorData) {
   function AuthenticatorVerificationData(remediation) {
     var _this;
     var values = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+    var options = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
     _classCallCheck(this, AuthenticatorVerificationData);
     _this = _super.call(this, remediation, values);
-    _this.shouldProceedWithEmailAuthenticator = _this.authenticator.methods.length === 1 && _this.authenticator.methods[0].type === 'email';
+    _this.shouldProceedWithEmailAuthenticator = options.shouldProceedWithEmailAuthenticator !== false && _this.authenticator.methods.length === 1 && _this.authenticator.methods[0].type === 'email';
     return _this;
   }
   _createClass(AuthenticatorVerificationData, [{
     key: "canRemediate",
     value: function canRemediate() {
-      if (this.shouldProceedWithEmailAuthenticator) {
+      if (this.shouldProceedWithEmailAuthenticator !== false) {
         return true;
       }
       return _get(_getPrototypeOf(AuthenticatorVerificationData.prototype), "canRemediate", this).call(this);
@@ -7127,7 +6989,7 @@ var AuthenticatorVerificationData = function (_AuthenticatorData) {
     key: "mapAuthenticator",
     value: function mapAuthenticator() {
       var _a;
-      if (this.shouldProceedWithEmailAuthenticator) {
+      if (this.shouldProceedWithEmailAuthenticator !== false) {
         var _context;
         var authenticatorFromRemediation = this.getAuthenticatorFromRemediation();
         return (_a = authenticatorFromRemediation.form) === null || _a === void 0 ? void 0 : _reduceInstanceProperty(_context = _a.value).call(_context, function (acc, curr) {
@@ -7278,7 +7140,7 @@ var remediators = /*#__PURE__*/Object.freeze({
 });
 
 function _createForOfIteratorHelper$1(o, allowArrayLike) { var it = typeof _Symbol !== "undefined" && _getIteratorMethod(o) || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray$1(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e) { throw _e; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e2) { didErr = true; err = _e2; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
-function _unsupportedIterableToArray$1(o, minLen) { var _context11; if (!o) return; if (typeof o === "string") return _arrayLikeToArray$1(o, minLen); var n = _sliceInstanceProperty(_context11 = Object.prototype.toString.call(o)).call(_context11, 8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return _Array$from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray$1(o, minLen); }
+function _unsupportedIterableToArray$1(o, minLen) { var _context12; if (!o) return; if (typeof o === "string") return _arrayLikeToArray$1(o, minLen); var n = _sliceInstanceProperty(_context12 = Object.prototype.toString.call(o)).call(_context12, 8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return _Array$from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray$1(o, minLen); }
 function _arrayLikeToArray$1(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) { arr2[i] = arr[i]; } return arr2; }
 function isTerminalResponse(idxResponse) {
   var neededToProceed = idxResponse.neededToProceed,
@@ -7423,25 +7285,34 @@ function getAvailableSteps(idxResponse) {
   }
   return res;
 }
-function filterValuesForRemediation(idxResponse, values) {
+function filterValuesForRemediation(idxResponse, remediationName, values) {
   var _context10;
-  var valuesForRemediation = _reduceInstanceProperty(_context10 = idxResponse.neededToProceed[0].value).call(_context10, function (res, entry) {
-    var name = entry.name;
-    res[name] = values[name];
+  var remediations = idxResponse.neededToProceed || [];
+  var remediation = _findInstanceProperty(remediations).call(remediations, function (r) {
+    return r.name === remediationName;
+  });
+  if (!remediation) {
+    warn("filterValuesForRemediation: \"".concat(remediationName, "\" did not match any remediations"));
+    return values;
+  }
+  var valuesForRemediation = _reduceInstanceProperty(_context10 = remediation.value).call(_context10, function (res, entry) {
+    var name = entry.name,
+        value = entry.value;
+    if (name === 'stateHandle') {
+      res[name] = value;
+    } else {
+      res[name] = values[name];
+    }
     return res;
   }, {});
   return valuesForRemediation;
 }
-
-function _createForOfIteratorHelper(o, allowArrayLike) { var it = typeof _Symbol !== "undefined" && _getIteratorMethod(o) || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e) { throw _e; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e2) { didErr = true; err = _e2; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
-function _unsupportedIterableToArray(o, minLen) { var _context6; if (!o) return; if (typeof o === "string") return _arrayLikeToArray(o, minLen); var n = _sliceInstanceProperty(_context6 = Object.prototype.toString.call(o)).call(_context6, 8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return _Array$from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray(o, minLen); }
-function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) { arr2[i] = arr[i]; } return arr2; }
 function getRemediator(idxRemediations, values, options) {
   var remediators = options.remediators;
   var remediator;
   if (options.step) {
-    var remediation = _findInstanceProperty(idxRemediations).call(idxRemediations, function (_ref) {
-      var name = _ref.name;
+    var remediation = _findInstanceProperty(idxRemediations).call(idxRemediations, function (_ref5) {
+      var name = _ref5.name;
       return name === options.step;
     });
     if (remediation) {
@@ -7453,13 +7324,13 @@ function getRemediator(idxRemediations, values, options) {
     }
   }
   var remediatorCandidates = [];
-  var _iterator = _createForOfIteratorHelper(idxRemediations),
-      _step;
+  var _iterator3 = _createForOfIteratorHelper$1(idxRemediations),
+      _step3;
   try {
-    for (_iterator.s(); !(_step = _iterator.n()).done;) {
-      var _context;
-      var _remediation = _step.value;
-      var isRemeditionInFlow = _includesInstanceProperty(_context = _Object$keys(remediators)).call(_context, _remediation.name);
+    for (_iterator3.s(); !(_step3 = _iterator3.n()).done;) {
+      var _context11;
+      var _remediation = _step3.value;
+      var isRemeditionInFlow = _includesInstanceProperty(_context11 = _Object$keys(remediators)).call(_context11, _remediation.name);
       if (!isRemeditionInFlow) {
         continue;
       }
@@ -7471,9 +7342,9 @@ function getRemediator(idxRemediations, values, options) {
       remediatorCandidates.push(remediator);
     }
   } catch (err) {
-    _iterator.e(err);
+    _iterator3.e(err);
   } finally {
-    _iterator.f();
+    _iterator3.f();
   }
   return remediatorCandidates[0];
 }
@@ -7492,7 +7363,9 @@ function handleIdxError(e, remediator) {
   if (!idxResponse) {
     throw e;
   }
-  idxResponse.requestDidSucceed = false;
+  idxResponse = _Object$assign(_Object$assign({}, idxResponse), {
+    requestDidSucceed: false
+  });
   var terminal = isTerminalResponse(idxResponse);
   var messages = getMessagesFromResponse(idxResponse);
   if (terminal) {
@@ -7511,44 +7384,61 @@ function handleIdxError(e, remediator) {
     });
   }
 }
+
+function _createForOfIteratorHelper(o, allowArrayLike) { var it = typeof _Symbol !== "undefined" && _getIteratorMethod(o) || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e) { throw _e; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e2) { didErr = true; err = _e2; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
+function _unsupportedIterableToArray(o, minLen) { var _context5; if (!o) return; if (typeof o === "string") return _arrayLikeToArray(o, minLen); var n = _sliceInstanceProperty(_context5 = Object.prototype.toString.call(o)).call(_context5, 8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return _Array$from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray(o, minLen); }
+function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) { arr2[i] = arr[i]; } return arr2; }
 function getActionFromValues(values, idxResponse) {
-  var _context2;
-  return _findInstanceProperty(_context2 = _Object$keys(idxResponse.actions)).call(_context2, function (action) {
+  var _context;
+  return _findInstanceProperty(_context = _Object$keys(idxResponse.actions)).call(_context, function (action) {
     return !!values.resend && _includesInstanceProperty(action).call(action, '-resend');
   });
 }
 function removeActionFromValues(values) {
-  values.resend = undefined;
-  return values;
+  return _Object$assign(_Object$assign({}, values), {
+    resend: undefined
+  });
+}
+function removeActionFromOptions(options, actionName) {
+  var actions = options.actions || [];
+  actions = _filterInstanceProperty(actions).call(actions, function (entry) {
+    if (typeof entry === 'string') {
+      return entry !== actionName;
+    }
+    return entry.name !== actionName;
+  });
+  return _Object$assign(_Object$assign({}, options), {
+    actions: actions
+  });
 }
 function remediate(_x, _x2, _x3) {
   return _remediate.apply(this, arguments);
 }
 function _remediate() {
   _remediate = _asyncToGenerator( _regeneratorRuntime.mark(function _callee(idxResponse, values, options) {
-    var _context3;
-    var _idxResponse, neededToProceed, interactionCode, flow, terminal, messages, remediator, actionFromValues, actionFromOptions, actions, _iterator2, _step2, _loop, _ret, nextStep, _nextStep, name, data;
-    return _regeneratorRuntime.wrap(function _callee$(_context5) {
+    var _context2;
+    var _idxResponse, neededToProceed, interactionCode, _options, flow, terminal, messages, remediator, actionFromValues, actionFromOptions, actions, _iterator, _step, _loop, _ret, nextStep, name, data;
+    return _regeneratorRuntime.wrap(function _callee$(_context4) {
       while (1) {
-        switch (_context5.prev = _context5.next) {
+        switch (_context4.prev = _context4.next) {
           case 0:
             _idxResponse = idxResponse, neededToProceed = _idxResponse.neededToProceed, interactionCode = _idxResponse.interactionCode;
-            flow = options.flow;
+            _options = options, flow = _options.flow;
             if (!interactionCode) {
-              _context5.next = 4;
+              _context4.next = 4;
               break;
             }
-            return _context5.abrupt("return", {
+            return _context4.abrupt("return", {
               idxResponse: idxResponse
             });
           case 4:
             terminal = isTerminalResponse(idxResponse);
             messages = getMessagesFromResponse(idxResponse);
             if (!terminal) {
-              _context5.next = 8;
+              _context4.next = 8;
               break;
             }
-            return _context5.abrupt("return", {
+            return _context4.abrupt("return", {
               idxResponse: idxResponse,
               terminal: terminal,
               messages: messages
@@ -7557,150 +7447,157 @@ function _remediate() {
             remediator = getRemediator(neededToProceed, values, options);
             actionFromValues = getActionFromValues(values, idxResponse);
             actionFromOptions = options.actions || [];
-            actions = _concatInstanceProperty(_context3 = []).call(_context3, _toConsumableArray(actionFromOptions), _toConsumableArray(actionFromValues && [actionFromValues] || []));
+            actions = _concatInstanceProperty(_context2 = []).call(_context2, _toConsumableArray(actionFromOptions), _toConsumableArray(actionFromValues && [actionFromValues] || []));
             if (!actions) {
-              _context5.next = 32;
+              _context4.next = 32;
               break;
             }
-            _iterator2 = _createForOfIteratorHelper(actions);
-            _context5.prev = 14;
+            _iterator = _createForOfIteratorHelper(actions);
+            _context4.prev = 14;
             _loop = _regeneratorRuntime.mark(function _loop() {
-              var action, valuesWithoutExecutedAction, optionsWithoutExecutedAction, remediationAction;
-              return _regeneratorRuntime.wrap(function _loop$(_context4) {
+              var action, params, valuesWithoutExecutedAction, optionsWithoutExecutedAction, remediationAction;
+              return _regeneratorRuntime.wrap(function _loop$(_context3) {
                 while (1) {
-                  switch (_context4.prev = _context4.next) {
+                  switch (_context3.prev = _context3.next) {
                     case 0:
-                      action = _step2.value;
+                      action = _step.value;
+                      params = {};
+                      if (typeof action !== 'string') {
+                        params = action.params || {};
+                        action = action.name;
+                      }
                       valuesWithoutExecutedAction = removeActionFromValues(values);
-                      optionsWithoutExecutedAction = _Object$assign(_Object$assign({}, options), {
-                        actions: _filterInstanceProperty(actionFromOptions).call(actionFromOptions, function (entry) {
-                          return entry !== action;
-                        })
-                      });
+                      optionsWithoutExecutedAction = removeActionFromOptions(options, action);
                       if (!(typeof idxResponse.actions[action] === 'function')) {
-                        _context4.next = 17;
+                        _context3.next = 19;
                         break;
                       }
-                      _context4.prev = 4;
-                      _context4.next = 7;
-                      return idxResponse.actions[action]();
-                    case 7:
-                      idxResponse = _context4.sent;
-                      idxResponse.requestDidSucceed = true;
-                      _context4.next = 14;
+                      _context3.prev = 6;
+                      _context3.next = 9;
+                      return idxResponse.actions[action](params);
+                    case 9:
+                      idxResponse = _context3.sent;
+                      idxResponse = _Object$assign(_Object$assign({}, idxResponse), {
+                        requestDidSucceed: true
+                      });
+                      _context3.next = 16;
                       break;
-                    case 11:
-                      _context4.prev = 11;
-                      _context4.t0 = _context4["catch"](4);
-                      return _context4.abrupt("return", {
-                        v: handleIdxError(_context4.t0, remediator)
+                    case 13:
+                      _context3.prev = 13;
+                      _context3.t0 = _context3["catch"](6);
+                      return _context3.abrupt("return", {
+                        v: handleIdxError(_context3.t0, remediator)
                       });
-                    case 14:
+                    case 16:
                       if (!(action === 'cancel')) {
-                        _context4.next = 16;
+                        _context3.next = 18;
                         break;
                       }
-                      return _context4.abrupt("return", {
+                      return _context3.abrupt("return", {
                         v: {
                           idxResponse: idxResponse,
                           canceled: true
                         }
                       });
-                    case 16:
-                      return _context4.abrupt("return", {
+                    case 18:
+                      return _context3.abrupt("return", {
                         v: remediate(idxResponse, valuesWithoutExecutedAction, optionsWithoutExecutedAction)
                       });
-                    case 17:
-                      remediationAction = _findInstanceProperty(neededToProceed).call(neededToProceed, function (_ref2) {
-                        var name = _ref2.name;
+                    case 19:
+                      remediationAction = _findInstanceProperty(neededToProceed).call(neededToProceed, function (_ref) {
+                        var name = _ref.name;
                         return name === action;
                       });
                       if (!remediationAction) {
-                        _context4.next = 30;
+                        _context3.next = 32;
                         break;
                       }
-                      _context4.prev = 19;
-                      _context4.next = 22;
-                      return idxResponse.proceed(action, {});
-                    case 22:
-                      idxResponse = _context4.sent;
-                      idxResponse.requestDidSucceed = true;
-                      _context4.next = 29;
+                      _context3.prev = 21;
+                      _context3.next = 24;
+                      return idxResponse.proceed(action, params);
+                    case 24:
+                      idxResponse = _context3.sent;
+                      idxResponse = _Object$assign(_Object$assign({}, idxResponse), {
+                        requestDidSucceed: true
+                      });
+                      _context3.next = 31;
                       break;
-                    case 26:
-                      _context4.prev = 26;
-                      _context4.t1 = _context4["catch"](19);
-                      return _context4.abrupt("return", {
-                        v: handleIdxError(_context4.t1, remediator)
+                    case 28:
+                      _context3.prev = 28;
+                      _context3.t1 = _context3["catch"](21);
+                      return _context3.abrupt("return", {
+                        v: handleIdxError(_context3.t1, remediator)
                       });
-                    case 29:
-                      return _context4.abrupt("return", {
+                    case 31:
+                      return _context3.abrupt("return", {
                         v: remediate(idxResponse, values, optionsWithoutExecutedAction)
                       });
-                    case 30:
+                    case 32:
                     case "end":
-                      return _context4.stop();
+                      return _context3.stop();
                   }
                 }
-              }, _loop, null, [[4, 11], [19, 26]]);
+              }, _loop, null, [[6, 13], [21, 28]]);
             });
-            _iterator2.s();
+            _iterator.s();
           case 17:
-            if ((_step2 = _iterator2.n()).done) {
-              _context5.next = 24;
+            if ((_step = _iterator.n()).done) {
+              _context4.next = 24;
               break;
             }
-            return _context5.delegateYield(_loop(), "t0", 19);
+            return _context4.delegateYield(_loop(), "t0", 19);
           case 19:
-            _ret = _context5.t0;
+            _ret = _context4.t0;
             if (!(_typeof(_ret) === "object")) {
-              _context5.next = 22;
+              _context4.next = 22;
               break;
             }
-            return _context5.abrupt("return", _ret.v);
+            return _context4.abrupt("return", _ret.v);
           case 22:
-            _context5.next = 17;
+            _context4.next = 17;
             break;
           case 24:
-            _context5.next = 29;
+            _context4.next = 29;
             break;
           case 26:
-            _context5.prev = 26;
-            _context5.t1 = _context5["catch"](14);
-            _iterator2.e(_context5.t1);
+            _context4.prev = 26;
+            _context4.t1 = _context4["catch"](14);
+            _iterator.e(_context4.t1);
           case 29:
-            _context5.prev = 29;
-            _iterator2.f();
-            return _context5.finish(29);
+            _context4.prev = 29;
+            _iterator.f();
+            return _context4.finish(29);
           case 32:
             if (remediator) {
-              _context5.next = 49;
+              _context4.next = 49;
               break;
             }
             if (!options.step) {
-              _context5.next = 46;
+              _context4.next = 46;
               break;
             }
-            values = filterValuesForRemediation(idxResponse, values);
-            _context5.prev = 35;
-            _context5.next = 38;
+            values = filterValuesForRemediation(idxResponse, options.step, values);
+            _context4.prev = 35;
+            _context4.next = 38;
             return idxResponse.proceed(options.step, values);
           case 38:
-            idxResponse = _context5.sent;
-            idxResponse.requestDidSucceed = true;
-            return _context5.abrupt("return", {
+            idxResponse = _context4.sent;
+            idxResponse = _Object$assign(_Object$assign({}, idxResponse), {
+              requestDidSucceed: true
+            });
+            return _context4.abrupt("return", {
               idxResponse: idxResponse
             });
           case 43:
-            _context5.prev = 43;
-            _context5.t2 = _context5["catch"](35);
-            return _context5.abrupt("return", handleIdxError(_context5.t2));
+            _context4.prev = 43;
+            _context4.t2 = _context4["catch"](35);
+            return _context4.abrupt("return", handleIdxError(_context4.t2));
           case 46:
             if (!(flow === 'default')) {
-              _context5.next = 48;
+              _context4.next = 48;
               break;
             }
-            return _context5.abrupt("return", {
+            return _context4.abrupt("return", {
               idxResponse: idxResponse
             });
           case 48:
@@ -7708,48 +7605,42 @@ function _remediate() {
               return acc ? acc + ' ,' + curr.name : curr.name;
             }, ''), "]\n    "));
           case 49:
-            if (!messages.length) {
-              _context5.next = 52;
+            if (remediator.canRemediate()) {
+              _context4.next = 52;
               break;
             }
             nextStep = getNextStep(remediator, idxResponse);
-            return _context5.abrupt("return", {
+            return _context4.abrupt("return", {
               idxResponse: idxResponse,
               nextStep: nextStep,
-              messages: messages
+              messages: messages.length ? messages : undefined
             });
           case 52:
-            if (remediator.canRemediate()) {
-              _context5.next = 55;
-              break;
-            }
-            _nextStep = getNextStep(remediator, idxResponse);
-            return _context5.abrupt("return", {
-              idxResponse: idxResponse,
-              nextStep: _nextStep
-            });
-          case 55:
             name = remediator.getName();
             data = remediator.getData();
-            _context5.prev = 57;
-            _context5.next = 60;
+            _context4.prev = 54;
+            _context4.next = 57;
             return idxResponse.proceed(name, data);
-          case 60:
-            idxResponse = _context5.sent;
-            idxResponse.requestDidSucceed = true;
+          case 57:
+            idxResponse = _context4.sent;
+            idxResponse = _Object$assign(_Object$assign({}, idxResponse), {
+              requestDidSucceed: true
+            });
             values = remediator.getValuesAfterProceed();
-            delete options.step;
-            return _context5.abrupt("return", remediate(idxResponse, values, options));
+            options = _Object$assign(_Object$assign({}, options), {
+              step: undefined
+            });
+            return _context4.abrupt("return", remediate(idxResponse, values, options));
+          case 64:
+            _context4.prev = 64;
+            _context4.t3 = _context4["catch"](54);
+            return _context4.abrupt("return", handleIdxError(_context4.t3, remediator));
           case 67:
-            _context5.prev = 67;
-            _context5.t3 = _context5["catch"](57);
-            return _context5.abrupt("return", handleIdxError(_context5.t3, remediator));
-          case 70:
           case "end":
-            return _context5.stop();
+            return _context4.stop();
         }
       }
-    }, _callee, null, [[14, 26, 29, 32], [35, 43], [57, 67]]);
+    }, _callee, null, [[14, 26, 29, 32], [35, 43], [54, 64]]);
   }));
   return _remediate.apply(this, arguments);
 }
@@ -7844,7 +7735,7 @@ function getFlowSpecification(oktaAuth) {
 }
 
 function initializeValues(options) {
-  var knownOptions = ['flow', 'remediators', 'actions', 'withCredentials', 'step'];
+  var knownOptions = ['flow', 'remediators', 'actions', 'withCredentials', 'step', 'shouldProceedWithEmailAuthenticator'];
   var values = _Object$assign({}, options);
   knownOptions.forEach(function (option) {
     delete values[option];
@@ -7888,26 +7779,26 @@ function _getDataFromIntrospect() {
           case 0:
             options = data.options;
             stateHandle = options.stateHandle, withCredentials = options.withCredentials, version = options.version, state = options.state, scopes = options.scopes, recoveryToken = options.recoveryToken, activationToken = options.activationToken;
+            meta = getSavedTransactionMeta(authClient, {
+              state: state,
+              recoveryToken: recoveryToken,
+              activationToken: activationToken
+            });
             if (!stateHandle) {
-              _context.next = 8;
+              _context.next = 9;
               break;
             }
-            _context.next = 5;
+            _context.next = 6;
             return introspect(authClient, {
               withCredentials: withCredentials,
               version: version,
               stateHandle: stateHandle
             });
-          case 5:
+          case 6:
             idxResponse = _context.sent;
             _context.next = 20;
             break;
-          case 8:
-            meta = getSavedTransactionMeta(authClient, {
-              state: state,
-              recoveryToken: recoveryToken,
-              activationToken: activationToken
-            });
+          case 9:
             interactionHandle = meta === null || meta === void 0 ? void 0 : meta.interactionHandle;
             if (interactionHandle) {
               _context.next = 17;
@@ -7954,13 +7845,13 @@ function getDataFromRemediate(_x3) {
 }
 function _getDataFromRemediate() {
   _getDataFromRemediate = _asyncToGenerator( _regeneratorRuntime.mark(function _callee2(data) {
-    var idxResponse, options, values, autoRemediate, remediators, actions, flow, step, shouldRemediate, _yield$remediate, idxResponseFromRemediation, nextStep, canceled;
+    var idxResponse, options, values, autoRemediate, remediators, actions, flow, step, shouldProceedWithEmailAuthenticator, shouldRemediate, _yield$remediate, idxResponseFromRemediation, nextStep, canceled;
     return _regeneratorRuntime.wrap(function _callee2$(_context2) {
       while (1) {
         switch (_context2.prev = _context2.next) {
           case 0:
             idxResponse = data.idxResponse, options = data.options, values = _valuesInstanceProperty(data);
-            autoRemediate = options.autoRemediate, remediators = options.remediators, actions = options.actions, flow = options.flow, step = options.step;
+            autoRemediate = options.autoRemediate, remediators = options.remediators, actions = options.actions, flow = options.flow, step = options.step, shouldProceedWithEmailAuthenticator = options.shouldProceedWithEmailAuthenticator;
             shouldRemediate = autoRemediate !== false && (remediators || actions || step);
             if (shouldRemediate) {
               _context2.next = 5;
@@ -7976,7 +7867,8 @@ function _getDataFromRemediate() {
               remediators: remediators,
               actions: actions,
               flow: flow,
-              step: step
+              step: step,
+              shouldProceedWithEmailAuthenticator: shouldProceedWithEmailAuthenticator
             });
           case 8:
             _yield$remediate = _context2.sent;
@@ -8150,13 +8042,14 @@ function _run() {
         error,
         interactionCode,
         rawIdxResponse,
-        requestDidSucceed,
+        _requestDidSucceed,
         _ref,
         actions,
         context,
         neededToProceed,
         proceed,
         rawIdxState,
+        requestDidSucceed,
         _args5 = arguments;
     return _regeneratorRuntime.wrap(function _callee5$(_context5) {
       while (1) {
@@ -8196,14 +8089,14 @@ function _run() {
             } else {
               saveTransactionMeta(authClient, _Object$assign({}, meta));
               if (idxResponse) {
-                rawIdxResponse = idxResponse.rawIdxState, requestDidSucceed = idxResponse.requestDidSucceed;
+                rawIdxResponse = idxResponse.rawIdxState, _requestDidSucceed = idxResponse.requestDidSucceed;
                 authClient.transactionManager.saveIdxResponse({
                   rawIdxResponse: rawIdxResponse,
-                  requestDidSucceed: requestDidSucceed
+                  requestDidSucceed: _requestDidSucceed
                 });
               }
             }
-            _ref = idxResponse || {}, actions = _ref.actions, context = _ref.context, neededToProceed = _ref.neededToProceed, proceed = _ref.proceed, rawIdxState = _ref.rawIdxState;
+            _ref = idxResponse || {}, actions = _ref.actions, context = _ref.context, neededToProceed = _ref.neededToProceed, proceed = _ref.proceed, rawIdxState = _ref.rawIdxState, requestDidSucceed = _ref.requestDidSucceed;
             return _context5.abrupt("return", _Object$assign(_Object$assign(_Object$assign(_Object$assign(_Object$assign(_Object$assign(_Object$assign(_Object$assign({
               status: status
             }, meta && {
@@ -8226,7 +8119,8 @@ function _run() {
               context: context,
               neededToProceed: neededToProceed,
               proceed: proceed,
-              rawIdxState: rawIdxState
+              rawIdxState: rawIdxState,
+              requestDidSucceed: requestDidSucceed
             }));
           case 22:
           case "end":
@@ -8687,26 +8581,10 @@ function _unlockAccount() {
   return _unlockAccount.apply(this, arguments);
 }
 
-function setGlobalRequestInterceptor(fn) {
-  idx.client.interceptors.request.use(fn);
-}
-function createGlobalRequestInterceptor(sdk) {
-  return function (requestConfig) {
-    var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();
-    var headers = _Object$assign(_Object$assign({}, oktaUserAgentHeader), sdk.options.headers);
-    _Object$keys(headers).forEach(function (name) {
-      if (!sdk.options.clientSecret && name === 'X-Device-Token') {
-        return;
-      }
-      requestConfig.headers[name] = headers[name];
-    });
-  };
-}
-
 var OktaUserAgent = function () {
   function OktaUserAgent() {
     _classCallCheck(this, OktaUserAgent);
-    this.environments = ["okta-auth-js/".concat("6.3.1")];
+    this.environments = ["okta-auth-js/".concat("6.4.1")];
   }
   _createClass(OktaUserAgent, [{
     key: "addEnvironment",
@@ -8724,7 +8602,7 @@ var OktaUserAgent = function () {
   }, {
     key: "getVersion",
     value: function getVersion() {
-      return "6.3.1";
+      return "6.4.1";
     }
   }, {
     key: "maybeAddNodeEnvironment",
@@ -8743,6 +8621,7 @@ var OktaAuth = function () {
   function OktaAuth(args) {
     var _this = this;
     _classCallCheck(this, OktaAuth);
+    this.features = features;
     var options = this.options = buildOptions(args);
     this.storageManager = new StorageManager(options.storageManager, options.cookies, options.storageUtil);
     this.transactionManager = new TransactionManager(_Object$assign({
@@ -8872,7 +8751,6 @@ var OktaAuth = function () {
       canProceed: canProceed.bind(null, this),
       unlockAccount: unlockAccount.bind(null, this)
     };
-    setGlobalRequestInterceptor(createGlobalRequestInterceptor(this));
     this.http = {
       setRequestHeader: setRequestHeader.bind(null, this)
     };
@@ -9584,9 +9462,10 @@ var OktaAuth = function () {
   }]);
   return OktaAuth;
 }();
-OktaAuth.features = OktaAuth.prototype.features = features;
+OktaAuth.features = features;
 OktaAuth.crypto = crypto;
 OktaAuth.webauthn = webauthn;
+OktaAuth.features = OktaAuth.prototype.features = features;
 _Object$assign(OktaAuth, {
   constants: constants
 });