@stytch/vanilla-js 2.2.2 → 3.0.1

package/dist/b2b/index.headless.esm.d.ts

@@ -0,0 +1,634 @@
+import { IHeadlessB2BDiscoveryClient, IHeadlessB2BMagicLinksClient, IHeadlessB2BMemberClient, IHeadlessB2BOAuthClient, IHeadlessB2BOrganizationClient, IHeadlessB2BOTPsClient, IHeadlessB2BSessionClient, IHeadlessB2BSSOClient, StytchClientOptions } from "@stytch/core/public";
+type ResponseCommon = {
+    /**
+     * Globally unique UUID that is returned with every API call.
+     * This value is important to log for debugging purposes;
+     * Stytch may ask for this value to help identify a specific API call when helping you debug an issue.
+     */
+    request_id: string;
+    /**
+     * The HTTP status code of the response.
+     * Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success,
+     * 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
+     */
+    status_code: number;
+};
+type SessionDurationOptions = {
+    /**
+     * Set the session lifetime to be this many minutes from now.
+     * This will return both an opaque `session_token` and `session_jwt` for this session, which will automatically be stored in the browser cookies.
+     * The `session_jwt` will have a fixed lifetime of five minutes regardless of the underlying session duration, and will be automatically refreshed by the SDK in the background over time.
+     * This value must be a minimum of 5 and may not exceed the maximum session duration minutes value set in the
+     * {@link https://stytch.com/dashboard/sdk-configuration SDK Configuration } page of the Stytch dashboard.
+     */
+    session_duration_minutes: number;
+};
+type locale = "en" | "es" | "pt-br" | string;
+// Authentication Factors
+interface B2BEmailFactor {
+    delivery_method: "email";
+    type: string;
+    last_authenticated_at: string;
+    email_factor: {
+        email_id: string;
+        email_address: string;
+    };
+    sequence_order: "PRIMARY";
+}
+interface B2BPhoneNumberFactor {
+    delivery_method: "sms" | "whatsapp";
+    type: string;
+    last_authenticated_at: string;
+    phone_number_factor: {
+        phone_id: string;
+        phone_number: string;
+    };
+    sequence_order: "SECONDARY";
+}
+interface B2BGoogleOAuthFactor {
+    delivery_method: "oauth_google";
+    type: string;
+    last_authenticated_at: string;
+    google_oauth_factor: {
+        id: string;
+        email_id: string;
+        provider_subject: string;
+    };
+    sequence_order: "PRIMARY";
+}
+interface B2BMicrosoftOAuthFactor {
+    delivery_method: "oauth_microsoft";
+    type: string;
+    last_authenticated_at: string;
+    microsoft_oauth_factor: {
+        id: string;
+        email_id: string;
+        provider_subject: string;
+    };
+    sequence_order: "PRIMARY";
+}
+type B2BAuthenticationFactor = B2BEmailFactor | B2BPhoneNumberFactor | B2BGoogleOAuthFactor | B2BMicrosoftOAuthFactor;
+type MemberResponseCommon = ResponseCommon & {
+    /**
+     * Globally unique UUID that identifies a specific member in the Stytch API.
+     * The member_id critical to perform operations on a member in our API
+     * so be sure to preserve this value.
+     */
+    member_id: string;
+    /**
+     * The Member object.
+     * See {@link Member} for details.
+     */
+    member: Member;
+    /**
+     * The Organization object.
+     * See {@link Organization} for details.
+     */
+    organization: Organization;
+};
+interface MemberSession {
+    /**
+     * Globally unique UUID that identifies a specific member session in the Stytch API.
+     */
+    member_session_id: string;
+    /**
+     * Globally unique UUID that identifies a specific member in the Stytch API.
+     * The member_id critical to perform operations on a member in our API
+     * so be sure to preserve this value.
+     */
+    member_id: string;
+    /**
+     * Globally unique UUID that identifies an organization in the Stytch API.
+     */
+    organization_id: string;
+    /**
+     * The timestamp of the session's creation.
+     * Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`.
+     */
+    started_at: string;
+    /**
+     * The timestamp of the last time the session was accessed.
+     * Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`.
+     */
+    last_accessed_at: string;
+    /**
+     * The timestamp of the session's expiration.
+     * Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`.
+     */
+    expires_at: string;
+    /**
+     * All the authentication factors that have been associated with the current member session.
+     */
+    authentication_factors: Array<B2BAuthenticationFactor>;
+    /**
+     * A map of the custom claims associated with the session.
+     * Custom claims can only be set from the server, they cannot be set using the clientside SDKs.
+     * After claims have been added to a session, call {@link IHeadlessB2BSessionClient#authenticate stytch.sessions.authenticate} to refresh the session state clientside.
+     * See our {@link https://stytch.com/docs/sessions#using-sessions_custom-claims guide} for more information.
+     * If no claims are set, this field will be null.
+     */
+    custom_claims?: Record<string, unknown>;
+}
+interface SSORegistration {
+    connection_id: string;
+    external_id: string;
+    registration_id: string;
+    sso_attributes: Record<string, unknown>;
+}
+interface Member {
+    /**
+     * Globally unique UUID that identifies an organization in the Stytch API.
+     */
+    organization_id: string;
+    /**
+     * Globally unique UUID that identifies a specific member in the Stytch API.
+     * The member_id critical to perform operations on a member in our API
+     * so be sure to preserve this value.
+     */
+    member_id: string;
+    /**
+     * The email address of the member.
+     */
+    email_address: string;
+    /**
+     * Whether the member's email address is verified.
+     */
+    email_address_verified: boolean;
+    /**
+     * The `status` value denotes whether or not a user has successfully logged in at least once with any available login method.
+     */
+    status: string;
+    /**
+     * The name of the member
+     */
+    name: string;
+    /**
+     * A JSON object containing application-specific metadata.
+     * This field can only be updated by a direct API integration.
+     * Use it to store fields that a member should not be allowed to edit without backend validation - such as `role` or `subscription_status`.
+     * See our {@link https://stytch.com/docs/api/metadata metadata reference} for complete details.
+     */
+    trusted_metadata: Record<string, unknown>;
+    /**
+     * A JSON object containing application-specific metadata.
+     * Use it to store fields that a member can be allowed to edit directly without backend validation - such as `display_theme` or `preferred_locale`.
+     * See our {@link https://stytch.com/docs/api/metadata metadata reference} for complete details.
+     */
+    untrusted_metadata: Record<string, unknown>;
+    sso_registrations: Array<SSORegistration>;
+    is_breakglass: boolean;
+    /**
+     * Returned if the member has a registered password
+     */
+    member_password_id: string;
+    /**
+     * If true, the member must complete a secondary authentication flow, such as SMS OTP, along with their
+     * primary authentication factor in order to log in and attain a member session.
+     */
+    mfa_enrolled: boolean;
+    /**
+     * Returned if the member has a phone number.
+     */
+    mfa_phone_number: string;
+    /**
+     * Whether the member's phone number is verified.
+     */
+    mfa_phone_number_verified: boolean;
+}
+type B2BAuthenticateResponse = ResponseCommon & {
+    /**
+     * Globally unique UUID that identifies a specific member in the Stytch API.
+     * The member_id critical to perform operations on a member in our API
+     * so be sure to preserve this value.
+     */
+    member_id: string;
+    /**
+     * An opaque session token.
+     * Session tokens need to be authenticated via the {@link https://stytch.com/docs/b2b/api/authenticate-session SessionsAuthenticate}
+     * endpoint before a member takes any action that requires authentication
+     * See {@link https://stytch.com/docs/sessions#session-tokens-vs-JWTs_tokens our documentation} for more information.
+     */
+    session_token: string;
+    /**
+     * A JSON Web Token that contains standard claims about the user as well as information about the Stytch session
+     * Session JWTs can be authenticated locally without an API call.
+     * A session JWT is signed by project-specific keys stored by Stytch.
+     * See {@link https://stytch.com/docs/sessions#session-tokens-vs-JWTs_jwts our documentation} for more information.
+     */
+    session_jwt: string;
+    /**
+     * The Member Session object.
+     * See {@link MemberSession} for details.
+     */
+    member_session: MemberSession;
+    /**
+     * The Member object.
+     * See {@link Member} for details.
+     */
+    member: Member;
+    /**
+     * The Organization object.
+     * See {@link Organization} for details.
+     */
+    organization: Organization;
+};
+type B2BAuthenticateResponseWithMFA = B2BAuthenticateResponse & {
+    /**
+     * The Member Session object.
+     * See {@link MemberSession} for details.
+     */
+    member_session: MemberSession | null;
+    /**
+     * Returns true if the member is fully authenticated, in which case a member session is returned.
+     * Returns false if the member still needs to complete a secondary authentication requirement,
+     * in which case an intermediate_session_token is returned.
+     */
+    member_authenticated: boolean;
+    /**
+     * If the intermediate_session_token is present, the member needs to complete MFA.
+     * The intermediate_session_token can be passed into a secondary authentication endpoint, such as OTP authenticate,
+     * in order to receive a member session. The intermediate_session_token can also be used with discovery endpoints
+     * to join a different organization or create a new organization.
+     */
+    intermediate_session_token: string;
+    /**
+     * Contains information about the member's options for completing MFA, if applicable.
+     */
+    mfa_required: MfaRequired | null;
+};
+interface Organization {
+    /**
+     * Globally unique UUID that identifies an organization in the Stytch API.
+     */
+    organization_id: string;
+    /**
+     * The name of the organization.
+     */
+    organization_name: string;
+    /**
+     * The slug of the organization.
+     */
+    organization_slug: string;
+    /**
+     * A URL of the organization's logo.
+     */
+    organization_logo_url: string;
+    /**
+     * A JSON object containing application-specific metadata.
+     * This field can only be updated by a direct API integration.
+     */
+    trusted_metadata: Record<string, unknown>;
+    sso_default_connection_id: string | null;
+    sso_jit_provisioning: "ALL_ALLOWED" | "RESTRICTED" | "NOT_ALLOWED";
+    sso_jit_provisioning_allowed_connections: string[];
+    sso_active_connections: Array<{
+        connection_id: string;
+        display_name: string;
+    }>;
+    email_allowed_domains: string[];
+    email_jit_provisioning: "RESTRICTED" | "NOT_ALLOWED";
+    email_invites: "ALL_ALLOWED" | "RESTRICTED" | "NOT_ALLOWED";
+    auth_methods: "ALL_ALLOWED" | "RESTRICTED";
+    allowed_auth_methods: string[];
+    mfa_policy: "OPTIONAL" | "REQUIRED_FOR_ALL";
+}
+interface MfaRequired {
+    member_options: MemberOptions;
+    /**
+     * Equal to 'sms_otp' if an OTP code was sent to the member's phone number.
+     */
+    secondary_auth_initiated: "sms_otp" | null;
+}
+interface MemberOptions {
+    mfa_phone_number: string;
+}
+type B2BPasswordAuthenticateOptions = SessionDurationOptions & {
+    /**
+     * The id of the Organization under which the Member and password belong
+     */
+    organization_id: string;
+    /**
+     * The email of the Member.
+     */
+    email_address: string;
+    /**
+     * The password for the Member.
+     */
+    password: string;
+    /**
+     * The locale will be used if an OTP code is sent to the member's phone number as part of a
+     * secondary authentication requirement.
+     */
+    locale?: locale;
+};
+type B2BPasswordAuthenticateResponse = B2BAuthenticateResponseWithMFA;
+type B2BPasswordResetByEmailStartOptions = {
+    /**
+     * The id of the Organization under which the Member and password belong
+     */
+    organization_id: string;
+    /**
+     * The email of the Member that requested the password reset.
+     */
+    email_address: string;
+    /**
+     * The url that the Member clicks from the password reset email to skip resetting their password and directly login.
+     * This should be a url that your app receives, parses, and subsequently sends an API request to the magic link authenticate endpoint to complete the login process without reseting their password.
+     * If this value is not passed, the login redirect URL that you set in your Dashboard is used.
+     * If you have not set a default login redirect URL, an error is returned.
+     */
+    login_redirect_url?: string;
+    /**
+     * The url that the Member clicks from the password reset email to finish the reset password flow.
+     * This should be a url that your app receives and parses before showing your app's reset password page.
+     * After the Member submits a new password to your app, it should send an API request to complete the password reset process.
+     * If this value is not passed, the default reset password redirect URL that you set in your Dashboard is used.
+     * If you have not set a default reset password redirect URL, an error is returned.
+     */
+    reset_password_redirect_url?: string;
+    /**
+     * Set the expiration for the password reset, in minutes.
+     * By default, it expires in 30 minutes.
+     * The minimum expiration is 5 minutes and the maximum is 7 days (10080 mins).
+     */
+    reset_password_expiration_minutes?: number;
+    /**
+     * The email template ID to use for password reset.
+     * If not provided, your default email template will be sent. If providing a template ID, it must be either a template using Stytch's customizations,
+     * or a Passwords reset custom HTML template.
+     */
+    reset_password_template_id?: string;
+};
+type B2BPasswordResetByEmailStartResponse = MemberResponseCommon;
+type B2BPasswordResetByEmailOptions = SessionDurationOptions & {
+    /**
+     * The token to authenticate.
+     */
+    password_reset_token: string;
+    /**
+     * The new password for the Member.
+     */
+    password: string;
+    /**
+     * The locale will be used if an OTP code is sent to the member's phone number as part of a
+     * secondary authentication requirement.
+     */
+    locale?: locale;
+};
+type B2BPasswordResetByEmailResponse = B2BAuthenticateResponseWithMFA;
+type B2BPasswordResetByExistingPasswordOptions = SessionDurationOptions & {
+    /**
+     * The id of the Organization under which the Member and password belong
+     */
+    organization_id: string;
+    /**
+     * The Member's email.
+     */
+    email_address: string;
+    /**
+     * The Member's existing password.
+     */
+    existing_password: string;
+    /**
+     * The new password for the Member.
+     */
+    new_password: string;
+    /**
+     * The locale will be used if an OTP code is sent to the member's phone number as part of a
+     * secondary authentication requirement.
+     */
+    locale?: locale;
+};
+type B2BPasswordResetByExistingPasswordResponse = B2BAuthenticateResponseWithMFA;
+type B2BPasswordResetBySessionOptions = {
+    /**
+     * The id of the Organization under which the Member and password belong
+     */
+    organization_id: string;
+    password: string;
+};
+type B2BPasswordResetBySessionResponse = B2BAuthenticateResponse;
+type B2BPasswordStrengthCheckOptions = {
+    /**
+     * The email associated with the password. Provide this for a more accurate strength check.
+     */
+    email_address?: string;
+    /**
+     * The password to strength check.
+     */
+    password: string;
+};
+type B2BPasswordStrengthCheckResponse = MemberResponseCommon & {
+    /**
+     * Whether the password is considered valid and secure.
+     * Read more about password validity {@link https://stytch.com/docs/api/password-strength-check in our docs}.
+     */
+    valid_password: boolean;
+    /**
+     * The score of the password as determined by {@link https://github.com/dropbox/zxcvbn zxcvbn}.
+     */
+    score: number;
+    /**
+     * Determines if the password has been breached using {@link https://haveibeenpwned.com/ HaveIBeenPwned}.
+     */
+    breached_password: boolean;
+    /**
+     * Will return true if breach detection will be evaluated. By default this option is enabled.
+     * This option can be disabled by contacting support@stytch.com. If this value is false then
+     * breached_password will always be false as well.
+     */
+    breach_detection_on_create: boolean;
+    /**
+     * The strength policy type enforced, either `zxcvbn` or `luds`.
+     */
+    strength_policy: "luds" | "zxcvbn";
+    /**
+     * Feedback for how to improve the password's strength using {@link https://github.com/dropbox/zxcvbn zxcvbn}.
+     */
+    zxcvbn_feedback: {
+        suggestions: string[];
+        warning: string;
+    };
+    /**
+     * Feedback for how to improve the password's strength using Lowercase Uppercase Digits Special Characters
+     */
+    luds_feedback: {
+        has_lower_case: boolean;
+        has_upper_case: boolean;
+        has_digit: boolean;
+        has_symbol: boolean;
+        missing_complexity: number;
+        missing_characters: number;
+    };
+};
+interface IHeadlessB2BPasswordClient {
+    /**
+     * The Authenticate method wraps the {@link https://stytch.com/docs/api/password-authenticate Authenticate} Password API endpoint.
+     * This endpoint verifies that the Member has a password currently set, and that the entered password is correct.
+     *
+     * There are cases where this endpoint will return a `reset_password` error even if the password entered is correct.
+     * View our {@link https://stytch.com/docs/api/password-authenticate API Docs} for complete details.
+     *
+     * If this method succeeds, the Member will be logged in, granted an active session, and the
+     * {@link https://stytch.com/docs/sdks/javascript-sdk/resources/cookies-and-session-management session cookies} will be minted and stored in the browser.
+     *
+     * @example
+     * stytch.passwords.authenticate({
+     *   email_address: 'sandbox@stytch.com',
+     *   password: 'aVerySecurePassword',
+     *   session_duration_minutes: 60
+     * });
+     *
+     * @param options - {@link B2BPasswordAuthenticateOptions}
+     *
+     * @returns A {@link B2BPasswordAuthenticateResponse} indicating the password is valid and that the Member is now logged in.
+     *
+     * @throws A {@link StytchSDKAPIError} when the Stytch API returns an error.
+     * @throws A {@link SDKAPIUnreachableError} when the SDK cannot contact the Stytch API.
+     * @throws A {@link StytchSDKUsageError} when called with invalid input (invalid email, invalid options, etc.)
+     */
+    authenticate(options: B2BPasswordAuthenticateOptions): Promise<B2BPasswordAuthenticateResponse>;
+    /**
+     * The resetByEmailStart method wraps the {@link https://stytch.com/docs/api/password-email-reset-start Reset By Email Start} Password API endpoint.
+     * This endpoint initiates a password reset for the email address provided.
+     * This will trigger an email to be sent to the address, containing a magic link that will allow them to set a new password and authenticate.
+     *
+     * @example
+     * stytch.passwords.resetByEmailStart({
+     *   email_address: 'sandbox@stytch.com',
+     *   reset_password_redirect_url: 'https://example.com/login/reset',
+     *   reset_password_expiration_minutes: 10,
+     *   login_redirect_url: 'https://example.com/login/authenticate',
+     * });
+     *
+     * @param options - {@link B2BPasswordResetByEmailStartOptions}
+     *
+     * @returns A {@link B2BPasswordResetByEmailStartResponse} indicating the password is valid and that the Member is now logged in.
+     *
+     * @throws A {@link StytchSDKAPIError} when the Stytch API returns an error.
+     * @throws A {@link SDKAPIUnreachableError} when the SDK cannot contact the Stytch API.
+     * @throws A {@link StytchSDKUsageError} when called with invalid input (invalid email, invalid options, etc.)
+     */
+    resetByEmailStart(options: B2BPasswordResetByEmailStartOptions): Promise<B2BPasswordResetByEmailStartResponse>;
+    /**
+     * The resetByEmail method wraps the {@link https://stytch.com/docs/api/password-email-reset Reset By Email} Password API endpoint.
+     * This endpoint the Member’s password and authenticate them.
+     * This endpoint checks that the magic link token is valid, hasn't expired, or already been used.
+     * The provided password needs to meet our password strength requirements, which can be checked in advance with the {@link IHeadlessB2BPasswordClient#strengthCheck password strength} endpoint.
+     *
+     * If this method succeeds, the Member will be logged in, granted an active session, and the
+     * {@link https://stytch.com/docs/sdks/javascript-sdk/resources/cookies-and-session-management session cookies} will be minted and stored in the browser.
+     *
+     * @example
+     * const currentLocation = new URL(window.location.href);
+     * const token = currentLocation.searchParams.get('token');
+     * stytch.passwords.resetByEmail({
+     *   token,
+     *   email_address: 'sandbox@stytch.com',
+     *   password: 'aVerySecurePassword',
+     *   session_duration_minutes: 60
+     * });
+     *
+     * @param options - {@link B2BPasswordResetByEmailOptions}
+     *
+     * @returns A {@link B2BPasswordResetByEmailResponse} indicating the password is valid and that the Member is now logged in.
+     *
+     * @throws A {@link StytchSDKAPIError} when the Stytch API returns an error.
+     * @throws A {@link SDKAPIUnreachableError} when the SDK cannot contact the Stytch API.
+     * @throws A {@link StytchSDKUsageError} when called with invalid input (invalid email, invalid options, etc.)
+     */
+    resetByEmail(options: B2BPasswordResetByEmailOptions): Promise<B2BPasswordResetByEmailResponse>;
+    /**
+     * The strengthCheck method wraps the {@link https://stytch.com/docs/api/password-strength-check Strength Check} Password API endpoint.
+     * This endpoint allows you to check whether or not the Member’s provided password is valid,
+     * and to provide feedback to the Member on how to increase the strength of their password.
+     *
+     * @example
+     * const {valid_password, feedback} = await stytch.passwords.strengthCheck({ email, password });
+     * if (!valid_password) {
+     *   throw new Error('Password is not strong enough: ' + feedback.warning);
+     * }
+     *
+     * @param options - {@link B2BPasswordStrengthCheckOptions}
+     *
+     * @returns A {@link B2BPasswordStrengthCheckResponse} containing password strength feedback.
+     *
+     * @throws A {@link StytchSDKAPIError} when the Stytch API returns an error.
+     * @throws A {@link SDKAPIUnreachableError} when the SDK cannot contact the Stytch API.
+     * @throws A {@link StytchSDKUsageError} when called with invalid input (invalid email, invalid options, etc.)
+     */
+    strengthCheck(options: B2BPasswordStrengthCheckOptions): Promise<B2BPasswordStrengthCheckResponse>;
+    /**
+     * The resetByExistingPassword method wraps the {@link https://stytch.com/docs/docs/api/password-existing-password-reset Reset By Existing Password} API endpoint.
+     * If this method succeeds, the Member will be logged in, granted an active session, and the
+     * {@link https://stytch.com/docs/sdks/javascript-sdk/resources/cookies-and-session-management session cookies} will be minted and stored in the browser.
+     * You can listen for successful login events anywhere in the codebase with the `stytch.session.onChange()` method or `useStytchSession` hook if you are using React.
+     *
+     * @example
+     * stytch.passwords.resetByExistingPassword({
+     *   email_address: 'sandbox@stytch.com',
+     *   existing_password: 'aVerySecurePassword',
+     *   new_password: 'aVerySecureNewPassword'
+     * });
+     *
+     * @param options - {@link B2BPasswordResetByExistingPasswordOptions}
+     *
+     * @returns A {@link B2BPasswordResetByExistingPasswordResponse} indicating the password is valid and that the Member is now logged in.
+     *
+     * @throws A {@link StytchSDKAPIError} when the Stytch API returns an error.
+     * @throws A {@link SDKAPIUnreachableError} when the SDK cannot contact the Stytch API.
+     * @throws A {@link StytchSDKUsageError} when called with invalid input (invalid email, invalid options, etc.)
+     */
+    resetByExistingPassword(options: B2BPasswordResetByExistingPasswordOptions): Promise<B2BPasswordResetByExistingPasswordResponse>;
+    /**
+     * The resetBySession method wraps the {@link https://stytch.com/docs/docs/api/password-session-reset Reset By Session} API endpoint.
+     * If this method succeeds, the Member will be logged in, granted an active session, and the
+     * {@link https://stytch.com/docs/sdks/javascript-sdk/resources/cookies-and-session-management session cookies} will be minted and stored in the browser.
+     * You can listen for successful login events anywhere in the codebase with the `stytch.session.onChange()` method or `useStytchSession` hook if you are using React.
+     *
+     * @example
+     * stytch.passwords.resetBySession({
+     *   password: 'aVerySecurePassword'
+     * });
+     *
+     * @param options - {@link B2BPasswordResetBySessionOptions}
+     *
+     * @returns A {@link B2BPasswordResetBySessionResponse} indicating the password is valid and that the Member is now logged in.
+     *
+     * @throws A {@link StytchSDKAPIError} when the Stytch API returns an error.
+     * @throws A {@link SDKAPIUnreachableError} when the SDK cannot contact the Stytch API.
+     * @throws A {@link StytchSDKUsageError} when called with invalid input (invalid email, invalid options, etc.)
+     */
+    resetBySession(options: B2BPasswordResetBySessionOptions): Promise<B2BPasswordResetBySessionResponse>;
+}
+/**
+ * A headless client used for invoking Stytch's B2B APIs.
+ * The Stytch Headless Client can be used as a drop-in solution for authentication and session management.
+ * Full documentation can be found {@link https://stytch.com/docs/b2b/sdks/javascript-sdk online}.
+ *
+ * @example
+ * const stytch = new StytchB2BHeadlessClient('public-token-<find yours in the stytch dashboard>');
+ * stytch.magicLinks.email.loginOrCreate({
+ *   email: 'sandbox@stytch.com',
+ *   organization_id: 'organization-test-123',
+ * });
+ */
+declare class StytchB2BHeadlessClient {
+    private readonly _subscriptionService;
+    private readonly _sessionManager;
+    private readonly _networkClient;
+    private readonly _dataLayer;
+    // External API Clients
+    magicLinks: IHeadlessB2BMagicLinksClient;
+    session: IHeadlessB2BSessionClient;
+    member: IHeadlessB2BMemberClient;
+    organization: IHeadlessB2BOrganizationClient;
+    oauth: IHeadlessB2BOAuthClient;
+    sso: IHeadlessB2BSSOClient;
+    discovery: IHeadlessB2BDiscoveryClient;
+    passwords: IHeadlessB2BPasswordClient;
+    otps: IHeadlessB2BOTPsClient;
+    constructor(_PUBLIC_TOKEN: string, options?: StytchClientOptions);
+}
+export { StytchB2BHeadlessClient };
+export * from '@stytch/core/public';