@rawdash/connector-entra-id 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,526 @@
1
+ import { BaseConnector, ConnectorContext, SyncOptions, StorageHandle, SyncResult, ConnectorDoc } from '@rawdash/core';
2
+ import { z } from 'zod';
3
+
4
+ declare const configFields: z.ZodObject<{
5
+ tenantId: z.ZodString;
6
+ clientId: z.ZodString;
7
+ clientSecret: z.ZodObject<{
8
+ $secret: z.ZodString;
9
+ }, z.core.$strip>;
10
+ resources: z.ZodOptional<z.ZodArray<z.ZodEnum<{
11
+ users: "users";
12
+ signins: "signins";
13
+ risky_users: "risky_users";
14
+ }>>>;
15
+ signinsLookbackDays: z.ZodOptional<z.ZodNumber>;
16
+ }, z.core.$strip>;
17
+ declare const doc: ConnectorDoc;
18
+ type EntraIdResource = 'users' | 'signins' | 'risky_users';
19
+ interface EntraIdSettings {
20
+ tenantId: string;
21
+ resources?: readonly EntraIdResource[];
22
+ signinsLookbackDays?: number;
23
+ }
24
+ declare const entraIdCredentials: {
25
+ clientId: {
26
+ description: string;
27
+ auth: "required";
28
+ };
29
+ clientSecret: {
30
+ description: string;
31
+ auth: "required";
32
+ };
33
+ };
34
+ type EntraIdCredentials = typeof entraIdCredentials;
35
+ declare const entraIdResources: {
36
+ readonly entra_user: {
37
+ readonly shape: "entity";
38
+ readonly filterable: [{
39
+ readonly field: "accountEnabled";
40
+ readonly ops: ["eq"];
41
+ readonly values: ["true", "false"];
42
+ }, {
43
+ readonly field: "userType";
44
+ readonly ops: ["eq"];
45
+ readonly values: ["Member", "Guest"];
46
+ }];
47
+ readonly description: "Entra ID users with display name, principal name, mail, account-enabled flag, and user type.";
48
+ readonly endpoint: "GET /v1.0/users";
49
+ readonly notes: "Fully enumerated on every sync; @odata.nextLink pages are followed within the chunked sync loop.";
50
+ readonly fields: [{
51
+ readonly name: "displayName";
52
+ readonly description: "Display name from the directory.";
53
+ }, {
54
+ readonly name: "userPrincipalName";
55
+ readonly description: "User principal name (e.g. alice@contoso.com).";
56
+ }, {
57
+ readonly name: "mail";
58
+ readonly description: "Primary SMTP address (may be null).";
59
+ }, {
60
+ readonly name: "accountEnabled";
61
+ readonly description: "Whether the account is enabled (sign-in allowed when true).";
62
+ }, {
63
+ readonly name: "userType";
64
+ readonly description: "Either \"Member\" (in-tenant) or \"Guest\" (B2B invitee).";
65
+ }, {
66
+ readonly name: "createdAt";
67
+ readonly description: "When the user was created (Unix ms).";
68
+ }];
69
+ readonly responses: {
70
+ readonly oauth_token: z.ZodObject<{
71
+ access_token: z.ZodString;
72
+ token_type: z.ZodOptional<z.ZodString>;
73
+ expires_in: z.ZodOptional<z.ZodNumber>;
74
+ }, z.core.$strip>;
75
+ readonly users: z.ZodObject<{
76
+ '@odata.nextLink': z.ZodOptional<z.ZodNullable<z.ZodString>>;
77
+ value: z.ZodArray<z.ZodObject<{
78
+ id: z.ZodString;
79
+ displayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
80
+ userPrincipalName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
81
+ mail: z.ZodOptional<z.ZodNullable<z.ZodString>>;
82
+ accountEnabled: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
83
+ userType: z.ZodOptional<z.ZodNullable<z.ZodString>>;
84
+ createdDateTime: z.ZodOptional<z.ZodNullable<z.ZodString>>;
85
+ }, z.core.$strip>>;
86
+ }, z.core.$strip>;
87
+ };
88
+ };
89
+ readonly entra_signin_event: {
90
+ readonly shape: "event";
91
+ readonly filterable: [{
92
+ readonly field: "status";
93
+ readonly ops: ["eq"];
94
+ readonly values: ["success", "failure"];
95
+ }, {
96
+ readonly field: "riskLevel";
97
+ readonly ops: ["eq"];
98
+ readonly values: ["none", "low", "medium", "high", "hidden", "unknownFutureValue"];
99
+ }, {
100
+ readonly field: "appDisplayName";
101
+ readonly ops: ["eq"];
102
+ }];
103
+ readonly description: "Sign-in events from the Entra ID audit logs (`/auditLogs/signIns`). One event per interactive sign-in attempt with user, app, IP, location, and risk fields.";
104
+ readonly endpoint: "GET /v1.0/auditLogs/signIns";
105
+ readonly notes: "Backfill window defaults to 7 days and is capped at the Microsoft Graph 30-day retention. Incremental syncs filter on `createdDateTime`.";
106
+ readonly fields: [{
107
+ readonly name: "status";
108
+ readonly description: "Aggregated status: \"success\" when the sign-in completed without error, otherwise \"failure\".";
109
+ }, {
110
+ readonly name: "errorCode";
111
+ readonly description: "Microsoft Graph signInStatus.errorCode (0 on success).";
112
+ }, {
113
+ readonly name: "failureReason";
114
+ readonly description: "Human-readable failure reason (null on success).";
115
+ }, {
116
+ readonly name: "userId";
117
+ readonly description: "Directory object id of the actor.";
118
+ }, {
119
+ readonly name: "userPrincipalName";
120
+ readonly description: "User principal name at sign-in time.";
121
+ }, {
122
+ readonly name: "appId";
123
+ readonly description: "Application (client) id signed into.";
124
+ }, {
125
+ readonly name: "appDisplayName";
126
+ readonly description: "Display name of the application signed into.";
127
+ }, {
128
+ readonly name: "ipAddress";
129
+ readonly description: "Client IP recorded by Entra.";
130
+ }, {
131
+ readonly name: "countryOrRegion";
132
+ readonly description: "Geographic country/region from location.countryOrRegion.";
133
+ }, {
134
+ readonly name: "city";
135
+ readonly description: "City from location.city (may be null).";
136
+ }, {
137
+ readonly name: "riskLevel";
138
+ readonly description: "Aggregated risk level (none / low / medium / high / hidden / unknownFutureValue).";
139
+ }, {
140
+ readonly name: "riskState";
141
+ readonly description: "Risk state (none / confirmedSafe / remediated / dismissed / atRisk / confirmedCompromised).";
142
+ }, {
143
+ readonly name: "clientAppUsed";
144
+ readonly description: "Client app type (Browser, Mobile Apps and Desktop clients, etc.).";
145
+ }, {
146
+ readonly name: "conditionalAccessStatus";
147
+ readonly description: "Outcome of conditional-access policy evaluation (success / failure / notApplied / unknownFutureValue).";
148
+ }];
149
+ readonly responses: {
150
+ readonly signins: z.ZodObject<{
151
+ '@odata.nextLink': z.ZodOptional<z.ZodNullable<z.ZodString>>;
152
+ value: z.ZodArray<z.ZodObject<{
153
+ id: z.ZodString;
154
+ createdDateTime: z.ZodString;
155
+ userId: z.ZodOptional<z.ZodNullable<z.ZodString>>;
156
+ userPrincipalName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
157
+ userDisplayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
158
+ appId: z.ZodOptional<z.ZodNullable<z.ZodString>>;
159
+ appDisplayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
160
+ ipAddress: z.ZodOptional<z.ZodNullable<z.ZodString>>;
161
+ clientAppUsed: z.ZodOptional<z.ZodNullable<z.ZodString>>;
162
+ conditionalAccessStatus: z.ZodOptional<z.ZodNullable<z.ZodString>>;
163
+ riskLevelAggregated: z.ZodOptional<z.ZodNullable<z.ZodString>>;
164
+ riskLevelDuringSignIn: z.ZodOptional<z.ZodNullable<z.ZodString>>;
165
+ riskState: z.ZodOptional<z.ZodNullable<z.ZodString>>;
166
+ riskDetail: z.ZodOptional<z.ZodNullable<z.ZodString>>;
167
+ status: z.ZodOptional<z.ZodNullable<z.ZodObject<{
168
+ errorCode: z.ZodOptional<z.ZodNullable<z.ZodNumber>>;
169
+ failureReason: z.ZodOptional<z.ZodNullable<z.ZodString>>;
170
+ additionalDetails: z.ZodOptional<z.ZodNullable<z.ZodString>>;
171
+ }, z.core.$strip>>>;
172
+ location: z.ZodOptional<z.ZodNullable<z.ZodObject<{
173
+ city: z.ZodOptional<z.ZodNullable<z.ZodString>>;
174
+ state: z.ZodOptional<z.ZodNullable<z.ZodString>>;
175
+ countryOrRegion: z.ZodOptional<z.ZodNullable<z.ZodString>>;
176
+ }, z.core.$strip>>>;
177
+ }, z.core.$strip>>;
178
+ }, z.core.$strip>;
179
+ };
180
+ };
181
+ readonly entra_risky_user: {
182
+ readonly shape: "entity";
183
+ readonly filterable: [{
184
+ readonly field: "riskLevel";
185
+ readonly ops: ["eq"];
186
+ readonly values: ["low", "medium", "high", "hidden", "unknownFutureValue"];
187
+ }, {
188
+ readonly field: "riskState";
189
+ readonly ops: ["eq"];
190
+ readonly values: ["none", "confirmedSafe", "remediated", "dismissed", "atRisk", "confirmedCompromised", "unknownFutureValue"];
191
+ }];
192
+ readonly description: "Users currently flagged by Entra Identity Protection, with their risk level, risk state, and last-updated timestamp.";
193
+ readonly endpoint: "GET /v1.0/identityProtection/riskyUsers";
194
+ readonly notes: "Fully enumerated on every sync; @odata.nextLink pages are followed within the chunked sync loop.";
195
+ readonly fields: [{
196
+ readonly name: "userPrincipalName";
197
+ readonly description: "User principal name of the risky user.";
198
+ }, {
199
+ readonly name: "displayName";
200
+ readonly description: "Display name of the risky user.";
201
+ }, {
202
+ readonly name: "riskLevel";
203
+ readonly description: "Identity Protection risk level (low / medium / high / hidden / unknownFutureValue).";
204
+ }, {
205
+ readonly name: "riskState";
206
+ readonly description: "Risk state (none / confirmedSafe / remediated / dismissed / atRisk / confirmedCompromised / unknownFutureValue).";
207
+ }, {
208
+ readonly name: "riskDetail";
209
+ readonly description: "Latest risk detail string (the specific reason for the flag).";
210
+ }, {
211
+ readonly name: "riskLastUpdatedAt";
212
+ readonly description: "When the risk was last refreshed (Unix ms).";
213
+ }];
214
+ readonly responses: {
215
+ readonly risky_users: z.ZodObject<{
216
+ '@odata.nextLink': z.ZodOptional<z.ZodNullable<z.ZodString>>;
217
+ value: z.ZodArray<z.ZodObject<{
218
+ id: z.ZodString;
219
+ userPrincipalName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
220
+ userDisplayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
221
+ riskLevel: z.ZodOptional<z.ZodNullable<z.ZodString>>;
222
+ riskState: z.ZodOptional<z.ZodNullable<z.ZodString>>;
223
+ riskDetail: z.ZodOptional<z.ZodNullable<z.ZodString>>;
224
+ riskLastUpdatedDateTime: z.ZodOptional<z.ZodNullable<z.ZodString>>;
225
+ isProcessing: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
226
+ isDeleted: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
227
+ }, z.core.$strip>>;
228
+ }, z.core.$strip>;
229
+ };
230
+ };
231
+ };
232
+ declare const id = "entra-id";
233
+ declare class EntraIdConnector extends BaseConnector<EntraIdSettings, EntraIdCredentials> {
234
+ static readonly id = "entra-id";
235
+ static readonly resources: {
236
+ readonly entra_user: {
237
+ readonly shape: "entity";
238
+ readonly filterable: [{
239
+ readonly field: "accountEnabled";
240
+ readonly ops: ["eq"];
241
+ readonly values: ["true", "false"];
242
+ }, {
243
+ readonly field: "userType";
244
+ readonly ops: ["eq"];
245
+ readonly values: ["Member", "Guest"];
246
+ }];
247
+ readonly description: "Entra ID users with display name, principal name, mail, account-enabled flag, and user type.";
248
+ readonly endpoint: "GET /v1.0/users";
249
+ readonly notes: "Fully enumerated on every sync; @odata.nextLink pages are followed within the chunked sync loop.";
250
+ readonly fields: [{
251
+ readonly name: "displayName";
252
+ readonly description: "Display name from the directory.";
253
+ }, {
254
+ readonly name: "userPrincipalName";
255
+ readonly description: "User principal name (e.g. alice@contoso.com).";
256
+ }, {
257
+ readonly name: "mail";
258
+ readonly description: "Primary SMTP address (may be null).";
259
+ }, {
260
+ readonly name: "accountEnabled";
261
+ readonly description: "Whether the account is enabled (sign-in allowed when true).";
262
+ }, {
263
+ readonly name: "userType";
264
+ readonly description: "Either \"Member\" (in-tenant) or \"Guest\" (B2B invitee).";
265
+ }, {
266
+ readonly name: "createdAt";
267
+ readonly description: "When the user was created (Unix ms).";
268
+ }];
269
+ readonly responses: {
270
+ readonly oauth_token: z.ZodObject<{
271
+ access_token: z.ZodString;
272
+ token_type: z.ZodOptional<z.ZodString>;
273
+ expires_in: z.ZodOptional<z.ZodNumber>;
274
+ }, z.core.$strip>;
275
+ readonly users: z.ZodObject<{
276
+ '@odata.nextLink': z.ZodOptional<z.ZodNullable<z.ZodString>>;
277
+ value: z.ZodArray<z.ZodObject<{
278
+ id: z.ZodString;
279
+ displayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
280
+ userPrincipalName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
281
+ mail: z.ZodOptional<z.ZodNullable<z.ZodString>>;
282
+ accountEnabled: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
283
+ userType: z.ZodOptional<z.ZodNullable<z.ZodString>>;
284
+ createdDateTime: z.ZodOptional<z.ZodNullable<z.ZodString>>;
285
+ }, z.core.$strip>>;
286
+ }, z.core.$strip>;
287
+ };
288
+ };
289
+ readonly entra_signin_event: {
290
+ readonly shape: "event";
291
+ readonly filterable: [{
292
+ readonly field: "status";
293
+ readonly ops: ["eq"];
294
+ readonly values: ["success", "failure"];
295
+ }, {
296
+ readonly field: "riskLevel";
297
+ readonly ops: ["eq"];
298
+ readonly values: ["none", "low", "medium", "high", "hidden", "unknownFutureValue"];
299
+ }, {
300
+ readonly field: "appDisplayName";
301
+ readonly ops: ["eq"];
302
+ }];
303
+ readonly description: "Sign-in events from the Entra ID audit logs (`/auditLogs/signIns`). One event per interactive sign-in attempt with user, app, IP, location, and risk fields.";
304
+ readonly endpoint: "GET /v1.0/auditLogs/signIns";
305
+ readonly notes: "Backfill window defaults to 7 days and is capped at the Microsoft Graph 30-day retention. Incremental syncs filter on `createdDateTime`.";
306
+ readonly fields: [{
307
+ readonly name: "status";
308
+ readonly description: "Aggregated status: \"success\" when the sign-in completed without error, otherwise \"failure\".";
309
+ }, {
310
+ readonly name: "errorCode";
311
+ readonly description: "Microsoft Graph signInStatus.errorCode (0 on success).";
312
+ }, {
313
+ readonly name: "failureReason";
314
+ readonly description: "Human-readable failure reason (null on success).";
315
+ }, {
316
+ readonly name: "userId";
317
+ readonly description: "Directory object id of the actor.";
318
+ }, {
319
+ readonly name: "userPrincipalName";
320
+ readonly description: "User principal name at sign-in time.";
321
+ }, {
322
+ readonly name: "appId";
323
+ readonly description: "Application (client) id signed into.";
324
+ }, {
325
+ readonly name: "appDisplayName";
326
+ readonly description: "Display name of the application signed into.";
327
+ }, {
328
+ readonly name: "ipAddress";
329
+ readonly description: "Client IP recorded by Entra.";
330
+ }, {
331
+ readonly name: "countryOrRegion";
332
+ readonly description: "Geographic country/region from location.countryOrRegion.";
333
+ }, {
334
+ readonly name: "city";
335
+ readonly description: "City from location.city (may be null).";
336
+ }, {
337
+ readonly name: "riskLevel";
338
+ readonly description: "Aggregated risk level (none / low / medium / high / hidden / unknownFutureValue).";
339
+ }, {
340
+ readonly name: "riskState";
341
+ readonly description: "Risk state (none / confirmedSafe / remediated / dismissed / atRisk / confirmedCompromised).";
342
+ }, {
343
+ readonly name: "clientAppUsed";
344
+ readonly description: "Client app type (Browser, Mobile Apps and Desktop clients, etc.).";
345
+ }, {
346
+ readonly name: "conditionalAccessStatus";
347
+ readonly description: "Outcome of conditional-access policy evaluation (success / failure / notApplied / unknownFutureValue).";
348
+ }];
349
+ readonly responses: {
350
+ readonly signins: z.ZodObject<{
351
+ '@odata.nextLink': z.ZodOptional<z.ZodNullable<z.ZodString>>;
352
+ value: z.ZodArray<z.ZodObject<{
353
+ id: z.ZodString;
354
+ createdDateTime: z.ZodString;
355
+ userId: z.ZodOptional<z.ZodNullable<z.ZodString>>;
356
+ userPrincipalName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
357
+ userDisplayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
358
+ appId: z.ZodOptional<z.ZodNullable<z.ZodString>>;
359
+ appDisplayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
360
+ ipAddress: z.ZodOptional<z.ZodNullable<z.ZodString>>;
361
+ clientAppUsed: z.ZodOptional<z.ZodNullable<z.ZodString>>;
362
+ conditionalAccessStatus: z.ZodOptional<z.ZodNullable<z.ZodString>>;
363
+ riskLevelAggregated: z.ZodOptional<z.ZodNullable<z.ZodString>>;
364
+ riskLevelDuringSignIn: z.ZodOptional<z.ZodNullable<z.ZodString>>;
365
+ riskState: z.ZodOptional<z.ZodNullable<z.ZodString>>;
366
+ riskDetail: z.ZodOptional<z.ZodNullable<z.ZodString>>;
367
+ status: z.ZodOptional<z.ZodNullable<z.ZodObject<{
368
+ errorCode: z.ZodOptional<z.ZodNullable<z.ZodNumber>>;
369
+ failureReason: z.ZodOptional<z.ZodNullable<z.ZodString>>;
370
+ additionalDetails: z.ZodOptional<z.ZodNullable<z.ZodString>>;
371
+ }, z.core.$strip>>>;
372
+ location: z.ZodOptional<z.ZodNullable<z.ZodObject<{
373
+ city: z.ZodOptional<z.ZodNullable<z.ZodString>>;
374
+ state: z.ZodOptional<z.ZodNullable<z.ZodString>>;
375
+ countryOrRegion: z.ZodOptional<z.ZodNullable<z.ZodString>>;
376
+ }, z.core.$strip>>>;
377
+ }, z.core.$strip>>;
378
+ }, z.core.$strip>;
379
+ };
380
+ };
381
+ readonly entra_risky_user: {
382
+ readonly shape: "entity";
383
+ readonly filterable: [{
384
+ readonly field: "riskLevel";
385
+ readonly ops: ["eq"];
386
+ readonly values: ["low", "medium", "high", "hidden", "unknownFutureValue"];
387
+ }, {
388
+ readonly field: "riskState";
389
+ readonly ops: ["eq"];
390
+ readonly values: ["none", "confirmedSafe", "remediated", "dismissed", "atRisk", "confirmedCompromised", "unknownFutureValue"];
391
+ }];
392
+ readonly description: "Users currently flagged by Entra Identity Protection, with their risk level, risk state, and last-updated timestamp.";
393
+ readonly endpoint: "GET /v1.0/identityProtection/riskyUsers";
394
+ readonly notes: "Fully enumerated on every sync; @odata.nextLink pages are followed within the chunked sync loop.";
395
+ readonly fields: [{
396
+ readonly name: "userPrincipalName";
397
+ readonly description: "User principal name of the risky user.";
398
+ }, {
399
+ readonly name: "displayName";
400
+ readonly description: "Display name of the risky user.";
401
+ }, {
402
+ readonly name: "riskLevel";
403
+ readonly description: "Identity Protection risk level (low / medium / high / hidden / unknownFutureValue).";
404
+ }, {
405
+ readonly name: "riskState";
406
+ readonly description: "Risk state (none / confirmedSafe / remediated / dismissed / atRisk / confirmedCompromised / unknownFutureValue).";
407
+ }, {
408
+ readonly name: "riskDetail";
409
+ readonly description: "Latest risk detail string (the specific reason for the flag).";
410
+ }, {
411
+ readonly name: "riskLastUpdatedAt";
412
+ readonly description: "When the risk was last refreshed (Unix ms).";
413
+ }];
414
+ readonly responses: {
415
+ readonly risky_users: z.ZodObject<{
416
+ '@odata.nextLink': z.ZodOptional<z.ZodNullable<z.ZodString>>;
417
+ value: z.ZodArray<z.ZodObject<{
418
+ id: z.ZodString;
419
+ userPrincipalName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
420
+ userDisplayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
421
+ riskLevel: z.ZodOptional<z.ZodNullable<z.ZodString>>;
422
+ riskState: z.ZodOptional<z.ZodNullable<z.ZodString>>;
423
+ riskDetail: z.ZodOptional<z.ZodNullable<z.ZodString>>;
424
+ riskLastUpdatedDateTime: z.ZodOptional<z.ZodNullable<z.ZodString>>;
425
+ isProcessing: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
426
+ isDeleted: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
427
+ }, z.core.$strip>>;
428
+ }, z.core.$strip>;
429
+ };
430
+ };
431
+ };
432
+ static readonly schemas: {
433
+ readonly oauth_token: z.ZodObject<{
434
+ access_token: z.ZodString;
435
+ token_type: z.ZodOptional<z.ZodString>;
436
+ expires_in: z.ZodOptional<z.ZodNumber>;
437
+ }, z.core.$strip>;
438
+ readonly users: z.ZodObject<{
439
+ '@odata.nextLink': z.ZodOptional<z.ZodNullable<z.ZodString>>;
440
+ value: z.ZodArray<z.ZodObject<{
441
+ id: z.ZodString;
442
+ displayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
443
+ userPrincipalName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
444
+ mail: z.ZodOptional<z.ZodNullable<z.ZodString>>;
445
+ accountEnabled: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
446
+ userType: z.ZodOptional<z.ZodNullable<z.ZodString>>;
447
+ createdDateTime: z.ZodOptional<z.ZodNullable<z.ZodString>>;
448
+ }, z.core.$strip>>;
449
+ }, z.core.$strip>;
450
+ } & {
451
+ readonly signins: z.ZodObject<{
452
+ '@odata.nextLink': z.ZodOptional<z.ZodNullable<z.ZodString>>;
453
+ value: z.ZodArray<z.ZodObject<{
454
+ id: z.ZodString;
455
+ createdDateTime: z.ZodString;
456
+ userId: z.ZodOptional<z.ZodNullable<z.ZodString>>;
457
+ userPrincipalName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
458
+ userDisplayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
459
+ appId: z.ZodOptional<z.ZodNullable<z.ZodString>>;
460
+ appDisplayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
461
+ ipAddress: z.ZodOptional<z.ZodNullable<z.ZodString>>;
462
+ clientAppUsed: z.ZodOptional<z.ZodNullable<z.ZodString>>;
463
+ conditionalAccessStatus: z.ZodOptional<z.ZodNullable<z.ZodString>>;
464
+ riskLevelAggregated: z.ZodOptional<z.ZodNullable<z.ZodString>>;
465
+ riskLevelDuringSignIn: z.ZodOptional<z.ZodNullable<z.ZodString>>;
466
+ riskState: z.ZodOptional<z.ZodNullable<z.ZodString>>;
467
+ riskDetail: z.ZodOptional<z.ZodNullable<z.ZodString>>;
468
+ status: z.ZodOptional<z.ZodNullable<z.ZodObject<{
469
+ errorCode: z.ZodOptional<z.ZodNullable<z.ZodNumber>>;
470
+ failureReason: z.ZodOptional<z.ZodNullable<z.ZodString>>;
471
+ additionalDetails: z.ZodOptional<z.ZodNullable<z.ZodString>>;
472
+ }, z.core.$strip>>>;
473
+ location: z.ZodOptional<z.ZodNullable<z.ZodObject<{
474
+ city: z.ZodOptional<z.ZodNullable<z.ZodString>>;
475
+ state: z.ZodOptional<z.ZodNullable<z.ZodString>>;
476
+ countryOrRegion: z.ZodOptional<z.ZodNullable<z.ZodString>>;
477
+ }, z.core.$strip>>>;
478
+ }, z.core.$strip>>;
479
+ }, z.core.$strip>;
480
+ } & {
481
+ readonly risky_users: z.ZodObject<{
482
+ '@odata.nextLink': z.ZodOptional<z.ZodNullable<z.ZodString>>;
483
+ value: z.ZodArray<z.ZodObject<{
484
+ id: z.ZodString;
485
+ userPrincipalName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
486
+ userDisplayName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
487
+ riskLevel: z.ZodOptional<z.ZodNullable<z.ZodString>>;
488
+ riskState: z.ZodOptional<z.ZodNullable<z.ZodString>>;
489
+ riskDetail: z.ZodOptional<z.ZodNullable<z.ZodString>>;
490
+ riskLastUpdatedDateTime: z.ZodOptional<z.ZodNullable<z.ZodString>>;
491
+ isProcessing: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
492
+ isDeleted: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
493
+ }, z.core.$strip>>;
494
+ }, z.core.$strip>;
495
+ } & Readonly<Record<string, z.ZodType<unknown, unknown, z.core.$ZodTypeInternals<unknown, unknown>>>>;
496
+ static create(input: unknown, ctx?: ConnectorContext): EntraIdConnector;
497
+ readonly id = "entra-id";
498
+ readonly credentials: {
499
+ clientId: {
500
+ description: string;
501
+ auth: "required";
502
+ };
503
+ clientSecret: {
504
+ description: string;
505
+ auth: "required";
506
+ };
507
+ };
508
+ private accessToken;
509
+ private accessTokenExpiry;
510
+ private tokenUrl;
511
+ private refreshAccessToken;
512
+ private getAccessToken;
513
+ private apiGet;
514
+ private signinsSince;
515
+ private buildInitialUrl;
516
+ private fetchPhasePage;
517
+ private writeUsers;
518
+ private writeSignins;
519
+ private writeRiskyUsers;
520
+ private writePhase;
521
+ private clearScopeOnFirstPage;
522
+ private resolveCursor;
523
+ sync(options: SyncOptions, storage: StorageHandle, signal?: AbortSignal): Promise<SyncResult>;
524
+ }
525
+
526
+ export { EntraIdConnector, type EntraIdResource, type EntraIdSettings, configFields, EntraIdConnector as default, doc, id, entraIdResources as resources };