@stackframe/stack-shared 2.6.12 → 2.6.16

package/CHANGELOG.md

@@ -1,5 +1,33 @@
 # @stackframe/stack-shared
 
+## 2.6.16
+
+### Patch Changes
+
+- - list user pagination
+  - fixed visual glitches
+  - @stackframe/stack-sc@2.6.16
+
+## 2.6.15
+
+### Patch Changes
+
+- Passkeys
+  - @stackframe/stack-sc@2.6.15
+
+## 2.6.14
+
+### Patch Changes
+
+- @stackframe/stack-sc@2.6.14
+
+## 2.6.13
+
+### Patch Changes
+
+- Updated docs
+  - @stackframe/stack-sc@2.6.13
+
 ## 2.6.12
 
 ### Patch Changes

package/dist/crud.d.ts

@@ -81,6 +81,9 @@ type InnerCrudTypeOf<S extends InnerCrudSchema> = (S['createSchema'] extends {}
     List: {
         items: yup.InferType<S['readSchema']>[];
         is_paginated: boolean;
+        pagination?: {
+            next_cursor: string | null;
+        };
     };
 } : {});
 export type CrudTypeOf<S extends CrudSchema> = {

package/dist/interface/clientInterface.d.ts

@@ -1,6 +1,7 @@
 import { KnownErrors } from '../known-errors';
 import { AccessToken, InternalSession, RefreshToken } from '../sessions';
 import { ReadonlyJson } from '../utils/json';
+import { AuthenticationResponseJSON, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialRequestOptionsJSON, RegistrationResponseJSON } from '../utils/passkey';
 import { Result } from "../utils/results";
 import { ContactChannelsCrud } from './crud/contact-channels';
 import { CurrentUserCrud } from './crud/current-user';
@@ -73,12 +74,24 @@ export declare class StackClientInterface {
     }, session: InternalSession): Promise<KnownErrors["PasswordRequirementsNotMet"] | undefined>;
     verifyPasswordResetCode(code: string): Promise<Result<undefined, KnownErrors["VerificationCodeError"]>>;
     verifyEmail(code: string): Promise<Result<undefined, KnownErrors["VerificationCodeError"]>>;
+    initiatePasskeyRegistration(options: {}, session: InternalSession): Promise<Result<{
+        options_json: PublicKeyCredentialCreationOptionsJSON;
+        code: string;
+    }, KnownErrors[]>>;
+    registerPasskey(options: {
+        credential: RegistrationResponseJSON;
+        code: string;
+    }, session: InternalSession): Promise<Result<undefined, KnownErrors["PasskeyRegistrationFailed"]>>;
+    initiatePasskeyAuthentication(options: {}, session: InternalSession): Promise<Result<{
+        options_json: PublicKeyCredentialRequestOptionsJSON;
+        code: string;
+    }, KnownErrors[]>>;
     sendTeamInvitation(options: {
         email: string;
         teamId: string;
         callbackUrl: string;
         session: InternalSession | null;
-    }): Promise<Result<undefined, KnownErrors["TeamPermissionRequired"]>>;
+    }): Promise<void>;
     acceptTeamInvitation<T extends 'use' | 'details' | 'check'>(options: {
         code: string;
         session: InternalSession;
@@ -104,6 +117,13 @@ export declare class StackClientInterface {
         accessToken: string;
         refreshToken: string;
     }, KnownErrors["VerificationCodeError"]>>;
+    signInWithPasskey(body: {
+        authentication_response: AuthenticationResponseJSON;
+        code: string;
+    }): Promise<Result<{
+        accessToken: string;
+        refreshToken: string;
+    }, KnownErrors["PasskeyAuthenticationFailed"]>>;
     getOAuthUrl(options: {
         provider: string;
         redirectUrl: string;

package/dist/interface/clientInterface.js

@@ -413,8 +413,47 @@ export class StackClientInterface {
             return Result.ok(undefined);
         }
     }
+    async initiatePasskeyRegistration(options, session) {
+        const res = await this.sendClientRequestAndCatchKnownError("/auth/passkey/initiate-passkey-registration", {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json"
+            },
+            body: JSON.stringify(options),
+        }, session, []);
+        if (res.status === "error") {
+            return Result.error(res.error);
+        }
+        return Result.ok(await res.data.json());
+    }
+    async registerPasskey(options, session) {
+        const res = await this.sendClientRequestAndCatchKnownError("/auth/passkey/register", {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json"
+            },
+            body: JSON.stringify(options),
+        }, session, [KnownErrors.PasskeyRegistrationFailed]);
+        if (res.status === "error") {
+            return Result.error(res.error);
+        }
+        return Result.ok(undefined);
+    }
+    async initiatePasskeyAuthentication(options, session) {
+        const res = await this.sendClientRequestAndCatchKnownError("/auth/passkey/initiate-passkey-authentication", {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json"
+            },
+            body: JSON.stringify(options),
+        }, session, []);
+        if (res.status === "error") {
+            return Result.error(res.error);
+        }
+        return Result.ok(await res.data.json());
+    }
     async sendTeamInvitation(options) {
-        const res = await this.sendClientRequestAndCatchKnownError("/team-invitations/send-code", {
+        await this.sendClientRequest("/team-invitations/send-code", {
             method: "POST",
             headers: {
                 "Content-Type": "application/json"
@@ -424,13 +463,7 @@ export class StackClientInterface {
                 team_id: options.teamId,
                 callback_url: options.callbackUrl,
             }),
-        }, options.session, [KnownErrors.TeamPermissionRequired]);
-        if (res.status === "error") {
-            return Result.error(res.error);
-        }
-        else {
-            return Result.ok(undefined);
-        }
+        }, options.session);
     }
     async acceptTeamInvitation(options) {
         const res = await this.sendClientRequestAndCatchKnownError(options.type === 'check' ?
@@ -533,6 +566,23 @@ export class StackClientInterface {
             newUser: result.is_new_user,
         });
     }
+    async signInWithPasskey(body) {
+        const res = await this.sendClientRequestAndCatchKnownError("/auth/passkey/sign-in", {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json"
+            },
+            body: JSON.stringify(body),
+        }, null, [KnownErrors.PasskeyAuthenticationFailed]);
+        if (res.status === "error") {
+            return Result.error(res.error);
+        }
+        const result = await res.data.json();
+        return Result.ok({
+            accessToken: result.access_token,
+            refreshToken: result.refresh_token,
+        });
+    }
     async getOAuthUrl(options) {
         const updatedRedirectUrl = new URL(options.redirectUrl);
         for (const key of ["code", "state"]) {

package/dist/interface/crud/contact-channels.d.ts

@@ -146,19 +146,29 @@ export declare const contactChannelsCrud: import("../../crud").CrudSchemaFromOpt
     }, "">;
     docs: {
         clientRead: {
-            hidden: true;
+            summary: string;
+            description: string;
+            tags: string[];
         };
         clientCreate: {
-            hidden: true;
+            summary: string;
+            description: string;
+            tags: string[];
         };
         clientUpdate: {
-            hidden: true;
+            summary: string;
+            description: string;
+            tags: string[];
         };
         clientDelete: {
-            hidden: true;
+            summary: string;
+            description: string;
+            tags: string[];
         };
         clientList: {
-            hidden: true;
+            summary: string;
+            description: string;
+            tags: string[];
         };
     };
 }>;

package/dist/interface/crud/contact-channels.js

@@ -1,38 +1,32 @@
 import { createCrud } from "../../crud";
-import { userIdOrMeSchema, userIdSchema, yupBoolean, yupMixed, yupObject, yupString } from "../../schema-fields";
-const contactChannelsTypes = ['email'];
-const type = yupString().oneOf(contactChannelsTypes);
-const value = yupString().when('type', {
-    is: 'email',
-    then: (schema) => schema.email(),
-});
+import { contactChannelIdSchema, contactChannelIsPrimarySchema, contactChannelIsVerifiedSchema, contactChannelTypeSchema, contactChannelUsedForAuthSchema, contactChannelValueSchema, userIdOrMeSchema, userIdSchema, yupMixed, yupObject } from "../../schema-fields";
 export const contactChannelsClientReadSchema = yupObject({
     user_id: userIdSchema.required(),
-    id: yupString().required(),
-    value: value.required(),
-    type: type.required(),
-    used_for_auth: yupBoolean().required(),
-    is_verified: yupBoolean().required(),
-    is_primary: yupBoolean().required(),
+    id: contactChannelIdSchema.required(),
+    value: contactChannelValueSchema.required(),
+    type: contactChannelTypeSchema.required(),
+    used_for_auth: contactChannelUsedForAuthSchema.required(),
+    is_verified: contactChannelIsVerifiedSchema.required(),
+    is_primary: contactChannelIsPrimarySchema.required(),
 }).required();
 export const contactChannelsCrudClientUpdateSchema = yupObject({
-    value: value.optional(),
-    type: type.optional(),
-    used_for_auth: yupBoolean().optional(),
-    is_primary: yupBoolean().optional(),
+    value: contactChannelValueSchema.optional(),
+    type: contactChannelTypeSchema.optional(),
+    used_for_auth: contactChannelUsedForAuthSchema.optional(),
+    is_primary: contactChannelIsPrimarySchema.optional(),
 }).required();
 export const contactChannelsCrudServerUpdateSchema = contactChannelsCrudClientUpdateSchema.concat(yupObject({
-    is_verified: yupBoolean().optional(),
+    is_verified: contactChannelIsVerifiedSchema.optional(),
 }));
 export const contactChannelsCrudClientCreateSchema = yupObject({
     user_id: userIdOrMeSchema.required(),
-    value: value.required(),
-    type: type.required(),
-    used_for_auth: yupBoolean().required(),
-    is_primary: yupBoolean().optional(),
+    value: contactChannelValueSchema.required(),
+    type: contactChannelTypeSchema.required(),
+    used_for_auth: contactChannelUsedForAuthSchema.required(),
+    is_primary: contactChannelIsPrimarySchema.optional(),
 }).required();
 export const contactChannelsCrudServerCreateSchema = contactChannelsCrudClientCreateSchema.concat(yupObject({
-    is_verified: yupBoolean().optional(),
+    is_verified: contactChannelIsVerifiedSchema.optional(),
 }));
 export const contactChannelsCrudClientDeleteSchema = yupMixed();
 export const contactChannelsCrud = createCrud({
@@ -44,19 +38,29 @@ export const contactChannelsCrud = createCrud({
     serverCreateSchema: contactChannelsCrudServerCreateSchema,
     docs: {
         clientRead: {
-            hidden: true,
+            summary: "Get a contact channel",
+            description: "",
+            tags: ["Contact Channels"],
         },
         clientCreate: {
-            hidden: true,
+            summary: "Create a contact channel",
+            description: "",
+            tags: ["Contact Channels"],
         },
         clientUpdate: {
-            hidden: true,
+            summary: "Update a contact channel",
+            description: "",
+            tags: ["Contact Channels"],
         },
         clientDelete: {
-            hidden: true,
+            summary: "Delete a contact channel",
+            description: "",
+            tags: ["Contact Channels"],
         },
         clientList: {
-            hidden: true,
+            summary: "List contact channels",
+            description: "",
+            tags: ["Contact Channels"],
         }
     }
 });

package/dist/interface/crud/current-user.d.ts

@@ -13,6 +13,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         primary_email_verified: NonNullable<boolean | undefined>;
+        passkey_auth_enabled: NonNullable<boolean | undefined>;
         otp_auth_enabled: NonNullable<boolean | undefined>;
         selected_team_id: string | null;
         signed_up_at_millis: number;
@@ -45,6 +46,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         signed_up_at_millis: undefined;
         has_password: undefined;
         otp_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         client_metadata: undefined;
         client_read_only_metadata: undefined;
         server_metadata: undefined;
@@ -73,6 +75,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         signed_up_at_millis: number;
         has_password: NonNullable<boolean | undefined>;
         otp_auth_enabled: NonNullable<boolean | undefined>;
+        passkey_auth_enabled: NonNullable<boolean | undefined>;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -104,6 +107,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         signed_up_at_millis: undefined;
         has_password: undefined;
         otp_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         client_metadata: undefined;
         client_read_only_metadata: undefined;
         server_metadata: undefined;
@@ -116,6 +120,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         display_name: string | null | undefined;
         profile_image_url: string | null | undefined;
         client_metadata: {} | null | undefined;
+        passkey_auth_enabled: boolean | undefined;
         otp_auth_enabled: boolean | undefined;
         totp_secret_base64: string | null | undefined;
         selected_team_id: string | null | undefined;
@@ -128,6 +133,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         primary_email: undefined;
         primary_email_verified: undefined;
         primary_email_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         password: undefined;
         otp_auth_enabled: undefined;
         totp_secret_base64: undefined;
@@ -142,6 +148,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         primary_email: string | null | undefined;
         primary_email_verified: boolean | undefined;
         primary_email_auth_enabled: boolean | undefined;
+        passkey_auth_enabled: boolean | undefined;
         password: string | null | undefined;
         otp_auth_enabled: boolean | undefined;
         totp_secret_base64: string | null | undefined;
@@ -155,6 +162,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         primary_email: undefined;
         primary_email_verified: undefined;
         primary_email_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         password: undefined;
         otp_auth_enabled: undefined;
         totp_secret_base64: undefined;

package/dist/interface/crud/current-user.js

@@ -9,6 +9,7 @@ const clientUpdateSchema = usersCrudServerUpdateSchema.pick([
     "selected_team_id",
     "totp_secret_base64",
     "otp_auth_enabled",
+    "passkey_auth_enabled",
 ]).required();
 const serverUpdateSchema = usersCrudServerUpdateSchema;
 const clientReadSchema = usersCrudServerReadSchema.pick([
@@ -26,6 +27,7 @@ const clientReadSchema = usersCrudServerReadSchema.pick([
     "selected_team_id",
     "requires_totp_mfa",
     "otp_auth_enabled",
+    "passkey_auth_enabled",
 ]).concat(yupObject({
     selected_team: teamsCrudClientReadSchema.nullable().defined(),
 })).nullable().defined(); // TODO: next-release: make required

package/dist/interface/crud/projects.d.ts

@@ -12,6 +12,7 @@ export declare const projectsCrudAdminReadSchema: import("yup").ObjectSchema<{
         sign_up_enabled: NonNullable<boolean | undefined>;
         credential_enabled: NonNullable<boolean | undefined>;
         magic_link_enabled: NonNullable<boolean | undefined>;
+        passkey_enabled: NonNullable<boolean | undefined>;
         legacy_global_jwt_signing: NonNullable<boolean | undefined>;
         client_team_creation_enabled: NonNullable<boolean | undefined>;
         client_user_deletion_enabled: NonNullable<boolean | undefined>;
@@ -61,6 +62,7 @@ export declare const projectsCrudAdminReadSchema: import("yup").ObjectSchema<{
         sign_up_enabled: undefined;
         credential_enabled: undefined;
         magic_link_enabled: undefined;
+        passkey_enabled: undefined;
         legacy_global_jwt_signing: undefined;
         client_team_creation_enabled: undefined;
         client_user_deletion_enabled: undefined;
@@ -88,6 +90,7 @@ export declare const projectsCrudClientReadSchema: import("yup").ObjectSchema<{
         sign_up_enabled: NonNullable<boolean | undefined>;
         credential_enabled: NonNullable<boolean | undefined>;
         magic_link_enabled: NonNullable<boolean | undefined>;
+        passkey_enabled: NonNullable<boolean | undefined>;
         client_team_creation_enabled: NonNullable<boolean | undefined>;
         client_user_deletion_enabled: NonNullable<boolean | undefined>;
         enabled_oauth_providers: {
@@ -101,6 +104,7 @@ export declare const projectsCrudClientReadSchema: import("yup").ObjectSchema<{
         sign_up_enabled: undefined;
         credential_enabled: undefined;
         magic_link_enabled: undefined;
+        passkey_enabled: undefined;
         client_team_creation_enabled: undefined;
         client_user_deletion_enabled: undefined;
         enabled_oauth_providers: undefined;
@@ -115,6 +119,7 @@ export declare const projectsCrudAdminUpdateSchema: import("yup").ObjectSchema<{
         sign_up_enabled?: boolean | undefined;
         credential_enabled?: boolean | undefined;
         magic_link_enabled?: boolean | undefined;
+        passkey_enabled?: boolean | undefined;
         legacy_global_jwt_signing?: false | undefined;
         client_team_creation_enabled?: boolean | undefined;
         client_user_deletion_enabled?: boolean | undefined;
@@ -163,6 +168,7 @@ export declare const projectsCrudAdminCreateSchema: import("yup").ObjectSchema<{
         sign_up_enabled?: boolean | undefined;
         credential_enabled?: boolean | undefined;
         magic_link_enabled?: boolean | undefined;
+        passkey_enabled?: boolean | undefined;
         legacy_global_jwt_signing?: false | undefined;
         client_team_creation_enabled?: boolean | undefined;
         client_user_deletion_enabled?: boolean | undefined;
@@ -213,6 +219,7 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             sign_up_enabled: NonNullable<boolean | undefined>;
             credential_enabled: NonNullable<boolean | undefined>;
             magic_link_enabled: NonNullable<boolean | undefined>;
+            passkey_enabled: NonNullable<boolean | undefined>;
             client_team_creation_enabled: NonNullable<boolean | undefined>;
             client_user_deletion_enabled: NonNullable<boolean | undefined>;
             enabled_oauth_providers: {
@@ -226,6 +233,7 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             sign_up_enabled: undefined;
             credential_enabled: undefined;
             magic_link_enabled: undefined;
+            passkey_enabled: undefined;
             client_team_creation_enabled: undefined;
             client_user_deletion_enabled: undefined;
             enabled_oauth_providers: undefined;
@@ -244,6 +252,7 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             sign_up_enabled: NonNullable<boolean | undefined>;
             credential_enabled: NonNullable<boolean | undefined>;
             magic_link_enabled: NonNullable<boolean | undefined>;
+            passkey_enabled: NonNullable<boolean | undefined>;
             legacy_global_jwt_signing: NonNullable<boolean | undefined>;
             client_team_creation_enabled: NonNullable<boolean | undefined>;
             client_user_deletion_enabled: NonNullable<boolean | undefined>;
@@ -293,6 +302,7 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             sign_up_enabled: undefined;
             credential_enabled: undefined;
             magic_link_enabled: undefined;
+            passkey_enabled: undefined;
             legacy_global_jwt_signing: undefined;
             client_team_creation_enabled: undefined;
             client_user_deletion_enabled: undefined;
@@ -322,6 +332,7 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             sign_up_enabled?: boolean | undefined;
             credential_enabled?: boolean | undefined;
             magic_link_enabled?: boolean | undefined;
+            passkey_enabled?: boolean | undefined;
             legacy_global_jwt_signing?: false | undefined;
             client_team_creation_enabled?: boolean | undefined;
             client_user_deletion_enabled?: boolean | undefined;
@@ -400,6 +411,7 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
             sign_up_enabled: NonNullable<boolean | undefined>;
             credential_enabled: NonNullable<boolean | undefined>;
             magic_link_enabled: NonNullable<boolean | undefined>;
+            passkey_enabled: NonNullable<boolean | undefined>;
             legacy_global_jwt_signing: NonNullable<boolean | undefined>;
             client_team_creation_enabled: NonNullable<boolean | undefined>;
             client_user_deletion_enabled: NonNullable<boolean | undefined>;
@@ -449,6 +461,7 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
             sign_up_enabled: undefined;
             credential_enabled: undefined;
             magic_link_enabled: undefined;
+            passkey_enabled: undefined;
             legacy_global_jwt_signing: undefined;
             client_team_creation_enabled: undefined;
             client_user_deletion_enabled: undefined;
@@ -478,6 +491,7 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
             sign_up_enabled?: boolean | undefined;
             credential_enabled?: boolean | undefined;
             magic_link_enabled?: boolean | undefined;
+            passkey_enabled?: boolean | undefined;
             legacy_global_jwt_signing?: false | undefined;
             client_team_creation_enabled?: boolean | undefined;
             client_user_deletion_enabled?: boolean | undefined;

package/dist/interface/crud/projects.js

@@ -43,12 +43,13 @@ export const projectsCrudAdminReadSchema = yupObject({
         sign_up_enabled: schemaFields.projectSignUpEnabledSchema.required(),
         credential_enabled: schemaFields.projectCredentialEnabledSchema.required(),
         magic_link_enabled: schemaFields.projectMagicLinkEnabledSchema.required(),
+        passkey_enabled: schemaFields.projectPasskeyEnabledSchema.required(),
         // TODO: remove this
         legacy_global_jwt_signing: schemaFields.yupBoolean().required(),
         client_team_creation_enabled: schemaFields.projectClientTeamCreationEnabledSchema.required(),
         client_user_deletion_enabled: schemaFields.projectClientUserDeletionEnabledSchema.required(),
         oauth_providers: yupArray(oauthProviderSchema.required()).required(),
-        enabled_oauth_providers: yupArray(enabledOAuthProviderSchema.required()).required(),
+        enabled_oauth_providers: yupArray(enabledOAuthProviderSchema.required()).required().meta({ openapiField: { hidden: true } }),
         domains: yupArray(domainSchema.required()).required(),
         email_config: emailConfigSchema.required(),
         create_team_on_sign_up: schemaFields.projectCreateTeamOnSignUpSchema.required(),
@@ -63,9 +64,10 @@ export const projectsCrudClientReadSchema = yupObject({
         sign_up_enabled: schemaFields.projectSignUpEnabledSchema.required(),
         credential_enabled: schemaFields.projectCredentialEnabledSchema.required(),
         magic_link_enabled: schemaFields.projectMagicLinkEnabledSchema.required(),
+        passkey_enabled: schemaFields.projectPasskeyEnabledSchema.required(),
         client_team_creation_enabled: schemaFields.projectClientTeamCreationEnabledSchema.required(),
         client_user_deletion_enabled: schemaFields.projectClientUserDeletionEnabledSchema.required(),
-        enabled_oauth_providers: yupArray(enabledOAuthProviderSchema.required()).required(),
+        enabled_oauth_providers: yupArray(enabledOAuthProviderSchema.required()).required().meta({ openapiField: { hidden: true } }),
     }).required(),
 }).required();
 export const projectsCrudAdminUpdateSchema = yupObject({
@@ -76,6 +78,7 @@ export const projectsCrudAdminUpdateSchema = yupObject({
         sign_up_enabled: schemaFields.projectSignUpEnabledSchema.optional(),
         credential_enabled: schemaFields.projectCredentialEnabledSchema.optional(),
         magic_link_enabled: schemaFields.projectMagicLinkEnabledSchema.optional(),
+        passkey_enabled: schemaFields.projectPasskeyEnabledSchema.optional(),
         client_team_creation_enabled: schemaFields.projectClientTeamCreationEnabledSchema.optional(),
         client_user_deletion_enabled: schemaFields.projectClientUserDeletionEnabledSchema.optional(),
         legacy_global_jwt_signing: schemaFields.yupBoolean().isFalse().optional(),

package/dist/interface/crud/team-member-profiles.d.ts

@@ -31,6 +31,7 @@ export declare const teamMemberProfilesCrudServerReadSchema: import("yup").Objec
         server_metadata: {} | null;
         primary_email_verified: NonNullable<boolean | undefined>;
         primary_email_auth_enabled: NonNullable<boolean | undefined>;
+        passkey_auth_enabled: NonNullable<boolean | undefined>;
         otp_auth_enabled: NonNullable<boolean | undefined>;
         selected_team_id: string | null;
         selected_team: {
@@ -73,6 +74,7 @@ export declare const teamMemberProfilesCrudServerReadSchema: import("yup").Objec
         signed_up_at_millis: undefined;
         has_password: undefined;
         otp_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         client_metadata: undefined;
         client_read_only_metadata: undefined;
         server_metadata: undefined;
@@ -122,6 +124,7 @@ export declare const teamMemberProfilesCrud: import("../../crud").CrudSchemaFrom
             server_metadata: {} | null;
             primary_email_verified: NonNullable<boolean | undefined>;
             primary_email_auth_enabled: NonNullable<boolean | undefined>;
+            passkey_auth_enabled: NonNullable<boolean | undefined>;
             otp_auth_enabled: NonNullable<boolean | undefined>;
             selected_team_id: string | null;
             selected_team: {
@@ -164,6 +167,7 @@ export declare const teamMemberProfilesCrud: import("../../crud").CrudSchemaFrom
             signed_up_at_millis: undefined;
             has_password: undefined;
             otp_auth_enabled: undefined;
+            passkey_auth_enabled: undefined;
             client_metadata: undefined;
             client_read_only_metadata: undefined;
             server_metadata: undefined;

package/dist/interface/crud/users.d.ts

@@ -8,6 +8,7 @@ export declare const usersCrudServerUpdateSchema: import("yup").ObjectSchema<{
     primary_email: string | null | undefined;
     primary_email_verified: boolean | undefined;
     primary_email_auth_enabled: boolean | undefined;
+    passkey_auth_enabled: boolean | undefined;
     password: string | null | undefined;
     otp_auth_enabled: boolean | undefined;
     totp_secret_base64: string | null | undefined;
@@ -21,6 +22,7 @@ export declare const usersCrudServerUpdateSchema: import("yup").ObjectSchema<{
     primary_email: undefined;
     primary_email_verified: undefined;
     primary_email_auth_enabled: undefined;
+    passkey_auth_enabled: undefined;
     password: undefined;
     otp_auth_enabled: undefined;
     totp_secret_base64: undefined;
@@ -46,6 +48,7 @@ export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     signed_up_at_millis: number;
     has_password: NonNullable<boolean | undefined>;
     otp_auth_enabled: NonNullable<boolean | undefined>;
+    passkey_auth_enabled: NonNullable<boolean | undefined>;
     client_metadata: {} | null;
     client_read_only_metadata: {} | null;
     server_metadata: {} | null;
@@ -77,6 +80,7 @@ export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     signed_up_at_millis: undefined;
     has_password: undefined;
     otp_auth_enabled: undefined;
+    passkey_auth_enabled: undefined;
     client_metadata: undefined;
     client_read_only_metadata: undefined;
     server_metadata: undefined;
@@ -95,6 +99,7 @@ export declare const usersCrudServerCreateSchema: import("yup").ObjectSchema<{
     server_metadata: {} | null | undefined;
     primary_email_verified: boolean | undefined;
     primary_email_auth_enabled: boolean | undefined;
+    passkey_auth_enabled: boolean | undefined;
     otp_auth_enabled: boolean | undefined;
     totp_secret_base64: string | null | undefined;
 } & {
@@ -112,6 +117,7 @@ export declare const usersCrudServerCreateSchema: import("yup").ObjectSchema<{
     primary_email: undefined;
     primary_email_verified: undefined;
     primary_email_auth_enabled: undefined;
+    passkey_auth_enabled: undefined;
     password: undefined;
     otp_auth_enabled: undefined;
     totp_secret_base64: undefined;
@@ -140,6 +146,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         signed_up_at_millis: number;
         has_password: NonNullable<boolean | undefined>;
         otp_auth_enabled: NonNullable<boolean | undefined>;
+        passkey_auth_enabled: NonNullable<boolean | undefined>;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -171,6 +178,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         signed_up_at_millis: undefined;
         has_password: undefined;
         otp_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         client_metadata: undefined;
         client_read_only_metadata: undefined;
         server_metadata: undefined;
@@ -188,6 +196,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         primary_email: string | null | undefined;
         primary_email_verified: boolean | undefined;
         primary_email_auth_enabled: boolean | undefined;
+        passkey_auth_enabled: boolean | undefined;
         password: string | null | undefined;
         otp_auth_enabled: boolean | undefined;
         totp_secret_base64: string | null | undefined;
@@ -201,6 +210,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         primary_email: undefined;
         primary_email_verified: undefined;
         primary_email_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         password: undefined;
         otp_auth_enabled: undefined;
         totp_secret_base64: undefined;
@@ -216,6 +226,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         server_metadata: {} | null | undefined;
         primary_email_verified: boolean | undefined;
         primary_email_auth_enabled: boolean | undefined;
+        passkey_auth_enabled: boolean | undefined;
         otp_auth_enabled: boolean | undefined;
         totp_secret_base64: string | null | undefined;
     } & {
@@ -233,6 +244,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         primary_email: undefined;
         primary_email_verified: undefined;
         primary_email_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         password: undefined;
         otp_auth_enabled: undefined;
         totp_secret_base64: undefined;
@@ -291,6 +303,7 @@ export declare const userCreatedWebhookEvent: {
         signed_up_at_millis: number;
         has_password: NonNullable<boolean | undefined>;
         otp_auth_enabled: NonNullable<boolean | undefined>;
+        passkey_auth_enabled: NonNullable<boolean | undefined>;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -322,6 +335,7 @@ export declare const userCreatedWebhookEvent: {
         signed_up_at_millis: undefined;
         has_password: undefined;
         otp_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         client_metadata: undefined;
         client_read_only_metadata: undefined;
         server_metadata: undefined;
@@ -358,6 +372,7 @@ export declare const userUpdatedWebhookEvent: {
         signed_up_at_millis: number;
         has_password: NonNullable<boolean | undefined>;
         otp_auth_enabled: NonNullable<boolean | undefined>;
+        passkey_auth_enabled: NonNullable<boolean | undefined>;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -389,6 +404,7 @@ export declare const userUpdatedWebhookEvent: {
         signed_up_at_millis: undefined;
         has_password: undefined;
         otp_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         client_metadata: undefined;
         client_read_only_metadata: undefined;
         server_metadata: undefined;

package/dist/interface/crud/users.js

@@ -10,6 +10,7 @@ export const usersCrudServerUpdateSchema = fieldSchema.yupObject({
     primary_email: fieldSchema.primaryEmailSchema.nullable().optional(),
     primary_email_verified: fieldSchema.primaryEmailVerifiedSchema.optional(),
     primary_email_auth_enabled: fieldSchema.primaryEmailAuthEnabledSchema.optional(),
+    passkey_auth_enabled: fieldSchema.userOtpAuthEnabledSchema.optional(),
     password: fieldSchema.userPasswordMutationSchema.optional(),
     otp_auth_enabled: fieldSchema.userOtpAuthEnabledMutationSchema.optional(),
     totp_secret_base64: fieldSchema.userTotpSecretMutationSchema.optional(),
@@ -27,6 +28,7 @@ export const usersCrudServerReadSchema = fieldSchema.yupObject({
     signed_up_at_millis: fieldSchema.signedUpAtMillisSchema.required(),
     has_password: fieldSchema.userHasPasswordSchema.required(),
     otp_auth_enabled: fieldSchema.userOtpAuthEnabledSchema.required(),
+    passkey_auth_enabled: fieldSchema.userOtpAuthEnabledSchema.required(),
     client_metadata: fieldSchema.userClientMetadataSchema,
     client_read_only_metadata: fieldSchema.userClientReadOnlyMetadataSchema,
     server_metadata: fieldSchema.userServerMetadataSchema,
@@ -35,7 +37,7 @@ export const usersCrudServerReadSchema = fieldSchema.yupObject({
         id: fieldSchema.yupString().required(),
         account_id: fieldSchema.yupString().required(),
         email: fieldSchema.yupString().nullable(),
-    }).required()).required().meta({ openapiField: { hidden: true, description: 'A list of OAuth providers connected to this account', exampleValue: [{ id: 'google', account_id: '12345', email: 'john.doe@gmail.com' }] } }),
+    }).required()).required().meta({ openapiField: { hidden: true } }),
     /**
      * @deprecated
      */
@@ -50,7 +52,7 @@ export const usersCrudServerCreateSchema = usersCrudServerUpdateSchema.omit(['se
         id: fieldSchema.yupString().required(),
         account_id: fieldSchema.yupString().required(),
         email: fieldSchema.yupString().nullable().defined().default(null),
-    }).required()).optional(),
+    }).required()).optional().meta({ openapiField: { hidden: true } }),
 }).required());
 export const usersCrudServerDeleteSchema = fieldSchema.yupMixed();
 export const usersCrud = createCrud({

package/dist/interface/serverInterface.d.ts

@@ -45,7 +45,13 @@ export declare class StackServerInterface extends StackClientInterface {
         teamId?: string;
         recursive: boolean;
     }, session: InternalSession | null): Promise<TeamPermissionsCrud['Server']['Read'][]>;
-    listServerUsers(): Promise<UsersCrud['Server']['Read'][]>;
+    listServerUsers(options: {
+        cursor?: string;
+        limit?: number;
+        orderBy?: 'signedUpAt';
+        desc?: boolean;
+        query?: string;
+    }): Promise<UsersCrud['Server']['List']>;
     listServerTeams(options?: {
         userId?: string;
     }): Promise<TeamsCrud['Server']['Read'][]>;
@@ -78,5 +84,5 @@ export declare class StackServerInterface extends StackClientInterface {
     updateServerContactChannel(userId: string, contactChannelId: string, data: ContactChannelsCrud['Server']['Update']): Promise<ContactChannelsCrud['Server']['Read']>;
     deleteServerContactChannel(userId: string, contactChannelId: string): Promise<void>;
     listServerContactChannels(userId: string): Promise<ContactChannelsCrud['Server']['Read'][]>;
-    sendServerContactChannelVerificationEmail(userId: string, contactChannelId: string, callbackUrl: string): Promise<Result<undefined, KnownErrors["EmailAlreadyVerified"]>>;
+    sendServerContactChannelVerificationEmail(userId: string, contactChannelId: string, callbackUrl: string): Promise<void>;
 }

package/dist/interface/serverInterface.js

@@ -81,10 +81,22 @@ export class StackServerInterface extends StackClientInterface {
         const result = await response.json();
         return result.items;
     }
-    async listServerUsers() {
-        const response = await this.sendServerRequest("/users", {}, null);
-        const result = await response.json();
-        return result.items;
+    async listServerUsers(options) {
+        const searchParams = new URLSearchParams(filterUndefined({
+            cursor: options.cursor,
+            limit: options.limit?.toString(),
+            desc: options.desc?.toString(),
+            ...options.orderBy ? {
+                order_by: {
+                    signedUpAt: "signed_up_at",
+                }[options.orderBy],
+            } : {},
+            ...options.query ? {
+                query: options.query,
+            } : {},
+        }));
+        const response = await this.sendServerRequest("/users?" + searchParams.toString(), {}, null);
+        return await response.json();
     }
     async listServerTeams(options) {
         const response = await this.sendServerRequest("/teams?" + new URLSearchParams(filterUndefined({
@@ -247,16 +259,12 @@ export class StackServerInterface extends StackClientInterface {
         return json.items;
     }
     async sendServerContactChannelVerificationEmail(userId, contactChannelId, callbackUrl) {
-        const responseOrError = await this.sendServerRequestAndCatchKnownError(`/contact-channels/${userId}/${contactChannelId}/send-verification-code`, {
+        await this.sendServerRequest(`/contact-channels/${userId}/${contactChannelId}/send-verification-code`, {
             method: "POST",
             headers: {
                 "content-type": "application/json",
             },
             body: JSON.stringify({ callback_url: callbackUrl }),
-        }, null, [KnownErrors.EmailAlreadyVerified]);
-        if (responseOrError.status === "error") {
-            return Result.error(responseOrError.error);
-        }
-        return Result.ok(undefined);
+        }, null);
     }
 }

package/dist/interface/webhooks.d.ts

@@ -30,6 +30,7 @@ export declare const webhookEvents: readonly [{
         signed_up_at_millis: number;
         has_password: NonNullable<boolean | undefined>;
         otp_auth_enabled: NonNullable<boolean | undefined>;
+        passkey_auth_enabled: NonNullable<boolean | undefined>;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -61,6 +62,7 @@ export declare const webhookEvents: readonly [{
         signed_up_at_millis: undefined;
         has_password: undefined;
         otp_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         client_metadata: undefined;
         client_read_only_metadata: undefined;
         server_metadata: undefined;
@@ -96,6 +98,7 @@ export declare const webhookEvents: readonly [{
         signed_up_at_millis: number;
         has_password: NonNullable<boolean | undefined>;
         otp_auth_enabled: NonNullable<boolean | undefined>;
+        passkey_auth_enabled: NonNullable<boolean | undefined>;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -127,6 +130,7 @@ export declare const webhookEvents: readonly [{
         signed_up_at_millis: undefined;
         has_password: undefined;
         otp_auth_enabled: undefined;
+        passkey_auth_enabled: undefined;
         client_metadata: undefined;
         client_read_only_metadata: undefined;
         server_metadata: undefined;

package/dist/known-errors.d.ts

@@ -251,6 +251,9 @@ export declare const KnownErrors: {
     PasswordAuthenticationNotEnabled: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSWORD_AUTHENTICATION_NOT_ENABLED">, []> & {
         errorCode: "PASSWORD_AUTHENTICATION_NOT_ENABLED";
     };
+    PasskeyAuthenticationNotEnabled: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSKEY_AUTHENTICATION_NOT_ENABLED">, []> & {
+        errorCode: "PASSKEY_AUTHENTICATION_NOT_ENABLED";
+    };
     EmailPasswordMismatch: KnownErrorConstructor<KnownError & KnownErrorBrand<"EMAIL_PASSWORD_MISMATCH">, []> & {
         errorCode: "EMAIL_PASSWORD_MISMATCH";
     };
@@ -308,6 +311,15 @@ export declare const KnownErrors: {
     EmailIsNotPrimaryEmail: KnownErrorConstructor<KnownError & KnownErrorBrand<"EMAIL_IS_NOT_PRIMARY_EMAIL">, [email: string, primaryEmail: string | null]> & {
         errorCode: "EMAIL_IS_NOT_PRIMARY_EMAIL";
     };
+    PasskeyRegistrationFailed: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSKEY_REGISTRATION_FAILED">, [message: string]> & {
+        errorCode: "PASSKEY_REGISTRATION_FAILED";
+    };
+    PasskeyWebAuthnError: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSKEY_WEBAUTHN_ERROR">, [message: string, code: string]> & {
+        errorCode: "PASSKEY_WEBAUTHN_ERROR";
+    };
+    PasskeyAuthenticationFailed: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSKEY_AUTHENTICATION_FAILED">, [message: string]> & {
+        errorCode: "PASSKEY_AUTHENTICATION_FAILED";
+    };
     PermissionNotFound: KnownErrorConstructor<KnownError & KnownErrorBrand<"PERMISSION_NOT_FOUND">, [permissionId: string]> & {
         errorCode: "PERMISSION_NOT_FOUND";
     };

package/dist/known-errors.js

@@ -328,6 +328,10 @@ const PasswordAuthenticationNotEnabled = createKnownErrorConstructor(KnownError,
     400,
     "Password authentication is not enabled for this project.",
 ], () => []);
+const PasskeyAuthenticationNotEnabled = createKnownErrorConstructor(KnownError, "PASSKEY_AUTHENTICATION_NOT_ENABLED", () => [
+    400,
+    "Passkey authentication is not enabled for this project.",
+], () => []);
 const EmailPasswordMismatch = createKnownErrorConstructor(KnownError, "EMAIL_PASSWORD_MISMATCH", () => [
     400,
     "Wrong e-mail or password.",
@@ -396,6 +400,22 @@ const EmailIsNotPrimaryEmail = createKnownErrorConstructor(KnownError, "EMAIL_IS
         primary_email: primaryEmail,
     },
 ], (json) => [json.email, json.primary_email]);
+const PasskeyRegistrationFailed = createKnownErrorConstructor(KnownError, "PASSKEY_REGISTRATION_FAILED", (message) => [
+    400,
+    message,
+], (json) => [json.message]);
+const PasskeyWebAuthnError = createKnownErrorConstructor(KnownError, "PASSKEY_WEBAUTHN_ERROR", (message, code) => [
+    400,
+    message,
+    {
+        message,
+        code,
+    },
+], (json) => [json.message, json.code]);
+const PasskeyAuthenticationFailed = createKnownErrorConstructor(KnownError, "PASSKEY_AUTHENTICATION_FAILED", (message) => [
+    400,
+    message,
+], (json) => [json.message]);
 const PermissionNotFound = createKnownErrorConstructor(KnownError, "PERMISSION_NOT_FOUND", (permissionId) => [
     404,
     `Permission "${permissionId}" not found. Make sure you created it on the dashboard.`,
@@ -586,6 +606,7 @@ export const KnownErrors = {
     ProjectNotFound,
     SignUpNotEnabled,
     PasswordAuthenticationNotEnabled,
+    PasskeyAuthenticationNotEnabled,
     EmailPasswordMismatch,
     RedirectUrlNotWhitelisted,
     PasswordRequirementsNotMet,
@@ -601,6 +622,9 @@ export const KnownErrors = {
     EmailAlreadyVerified,
     EmailNotAssociatedWithUser,
     EmailIsNotPrimaryEmail,
+    PasskeyRegistrationFailed,
+    PasskeyWebAuthnError,
+    PasskeyAuthenticationFailed,
     PermissionNotFound,
     ContainedPermissionNotFound,
     TeamNotFound,

package/dist/schema-fields.d.ts

@@ -39,6 +39,7 @@ export declare const projectConfigIdSchema: yup.StringSchema<string | undefined,
 export declare const projectAllowLocalhostSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const projectCreateTeamOnSignUpSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const projectMagicLinkEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
+export declare const projectPasskeyEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const projectClientTeamCreationEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const projectClientUserDeletionEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const projectSignUpEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
@@ -83,6 +84,7 @@ export declare const userOAuthProviderSchema: yup.ObjectSchema<{
     provider_user_id: undefined;
 }, "">;
 export declare const userLastActiveAtMillisSchema: yup.NumberSchema<number | null | undefined, yup.AnyObject, undefined, "">;
+export declare const userPasskeyAuthEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const userOtpAuthEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const userOtpAuthEnabledMutationSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const userHasPasswordSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
@@ -121,5 +123,11 @@ export declare const teamInvitationCallbackUrlSchema: yup.StringSchema<string |
 export declare const teamCreatorUserIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare const teamMemberDisplayNameSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare const teamMemberProfileImageUrlSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
+export declare const contactChannelIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
+export declare const contactChannelTypeSchema: yup.StringSchema<"email" | undefined, yup.AnyObject, undefined, "">;
+export declare const contactChannelValueSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
+export declare const contactChannelUsedForAuthSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
+export declare const contactChannelIsVerifiedSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
+export declare const contactChannelIsPrimarySchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare function yupRequiredWhen<S extends yup.AnyObject>(schema: S, triggerName: string, isValue: any): S;
 export {};

package/dist/schema-fields.js

@@ -53,7 +53,7 @@ export async function yupValidate(schema, obj, options) {
         throw error;
     }
 }
-const _idDescription = (identify) => `The unique identifier of this ${identify}`;
+const _idDescription = (identify) => `The unique identifier of the ${identify}`;
 const _displayNameDescription = (identify) => `Human-readable ${identify} display name. This is not a unique identifier.`;
 const _clientMetaDataDescription = (identify) => `Client metadata. Used as a data store, accessible from the client side. Do not store information that should not be exposed to the client.`;
 const _clientReadOnlyMetaDataDescription = (identify) => `Client read-only, server-writable metadata. Used as a data store, accessible from the client side. Do not store information that should not be exposed to the client. The client can read this data, but cannot modify it. This is useful for things like subscription status.`;
@@ -203,6 +203,7 @@ export const projectConfigIdSchema = yupString().meta({ openapiField: { descript
 export const projectAllowLocalhostSchema = yupBoolean().meta({ openapiField: { description: 'Whether localhost is allowed as a domain for this project. Should only be allowed in development mode', exampleValue: true } });
 export const projectCreateTeamOnSignUpSchema = yupBoolean().meta({ openapiField: { description: 'Whether a team should be created for each user that signs up', exampleValue: true } });
 export const projectMagicLinkEnabledSchema = yupBoolean().meta({ openapiField: { description: 'Whether magic link authentication is enabled for this project', exampleValue: true } });
+export const projectPasskeyEnabledSchema = yupBoolean().meta({ openapiField: { description: 'Whether passkey authentication is enabled for this project', exampleValue: true } });
 export const projectClientTeamCreationEnabledSchema = yupBoolean().meta({ openapiField: { description: 'Whether client users can create teams', exampleValue: true } });
 export const projectClientUserDeletionEnabledSchema = yupBoolean().meta({ openapiField: { description: 'Whether client users can delete their own account from the client', exampleValue: true } });
 export const projectSignUpEnabledSchema = yupBoolean().meta({ openapiField: { description: 'Whether users can sign up new accounts, or whether they are only allowed to sign in to existing accounts. Regardless of this option, the server API can always create new users with the `POST /users` endpoint.', exampleValue: true } });
@@ -263,6 +264,7 @@ export const userOAuthProviderSchema = yupObject({
     provider_user_id: yupString().required(),
 });
 export const userLastActiveAtMillisSchema = yupNumber().nullable().meta({ openapiField: { description: _lastActiveAtMillisDescription, exampleValue: 1630000000000 } });
+export const userPasskeyAuthEnabledSchema = yupBoolean().meta({ openapiField: { hidden: true, description: 'Whether the user has passkeys enabled', exampleValue: false } });
 export const userOtpAuthEnabledSchema = yupBoolean().meta({ openapiField: { hidden: true, description: 'Whether the user has OTP/magic link enabled. ', exampleValue: true } });
 export const userOtpAuthEnabledMutationSchema = yupBoolean().meta({ openapiField: { hidden: true, description: 'Whether the user has OTP/magic link enabled. Note that only accounts with verified emails can sign-in with OTP.', exampleValue: true } });
 export const userHasPasswordSchema = yupBoolean().meta({ openapiField: { hidden: true, description: 'Whether the user has a password set. If the user does not have a password set, they will not be able to sign in with email/password.', exampleValue: true } });
@@ -318,6 +320,16 @@ export const teamCreatorUserIdSchema = userIdOrMeSchema.meta({ openapiField: { d
 // Team member profiles
 export const teamMemberDisplayNameSchema = yupString().meta({ openapiField: { description: _displayNameDescription('team member') + ' Note that this is separate from the display_name of the user.', exampleValue: 'John Doe' } });
 export const teamMemberProfileImageUrlSchema = urlSchema.max(1000000).meta({ openapiField: { description: _profileImageUrlDescription('team member'), exampleValue: 'https://example.com/image.jpg' } });
+// Contact channels
+export const contactChannelIdSchema = yupString().uuid().meta({ openapiField: { description: _idDescription('contact channel'), exampleValue: 'b3d396b8-c574-4c80-97b3-50031675ceb2' } });
+export const contactChannelTypeSchema = yupString().oneOf(['email']).meta({ openapiField: { description: `The type of the contact channel. Currently only "email" is supported.`, exampleValue: 'email' } });
+export const contactChannelValueSchema = yupString().when('type', {
+    is: 'email',
+    then: (schema) => schema.email(),
+}).meta({ openapiField: { description: 'The value of the contact channel. For email, this should be a valid email address.', exampleValue: 'johndoe@example.com' } });
+export const contactChannelUsedForAuthSchema = yupBoolean().meta({ openapiField: { description: 'Whether the contact channel is used for authentication. If this is set to `true`, the user will be able to sign in with the contact channel with password or OTP.', exampleValue: true } });
+export const contactChannelIsVerifiedSchema = yupBoolean().meta({ openapiField: { description: 'Whether the contact channel has been verified. If this is set to `true`, the contact channel has been verified to belong to the user.', exampleValue: true } });
+export const contactChannelIsPrimarySchema = yupBoolean().meta({ openapiField: { description: 'Whether the contact channel is the primary contact channel. If this is set to `true`, it will be used for authentication and notifications by default.', exampleValue: true } });
 // Utils
 export function yupRequiredWhen(schema, triggerName, isValue) {
     return schema.when(triggerName, {

package/dist/utils/passkey.d.ts

@@ -0,0 +1 @@
+export type { AuthenticationResponseJSON, RegistrationResponseJSON, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialRequestOptionsJSON, AuthenticatorAttestationResponseJSON } from "@simplewebauthn/types";

package/dist/utils/passkey.js

@@ -0,0 +1 @@
+export {};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackframe/stack-shared",
-  "version": "2.6.12",
+  "version": "2.6.16",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "files": [
@@ -32,15 +32,17 @@
     }
   },
   "dependencies": {
+    "@simplewebauthn/browser": "^11.0.0",
     "bcrypt": "^5.1.1",
     "elliptic": "^6.5.7",
     "jose": "^5.2.2",
     "oauth4webapi": "^2.10.3",
     "semver": "^7.6.3",
     "uuid": "^9.0.1",
-    "@stackframe/stack-sc": "2.6.12"
+    "@stackframe/stack-sc": "2.6.16"
   },
   "devDependencies": {
+    "@simplewebauthn/types": "^11.0.0",
     "@types/bcrypt": "^5.0.2",
     "@types/elliptic": "^6.4.18",
     "@types/react": "^18.2.66",