@stytch/vanilla-js 4.5.3 → 4.5.5

package/dist/b2b/index.d.ts

@@ -1,743 +1,4 @@
-import { IHeadlessB2BDiscoveryClient, IHeadlessB2BMagicLinksClient, IHeadlessB2BMemberClient, IHeadlessB2BSelfClient, IHeadlessB2BOAuthClient, IHeadlessB2BOrganizationClient, IHeadlessB2BOTPsClient, IHeadlessB2BTOTPsClient, IHeadlessB2BSessionClient, IHeadlessB2BSSOClient, IHeadlessB2BRecoveryCodesClient, IHeadlessB2BRBACClient, StytchClientOptions } from "@stytch/core/public";
-import { Callbacks as Callbacks$0 } from "@stytch/core/public";
-import { StyleConfig as StyleConfig$0 } from "@stytch/core/public";
-import { StytchB2BUIConfig as StytchB2BUIConfig$0 } from "@stytch/core/public";
-type ResponseCommon = {
-    /**
-     * Globally unique UUID that is returned with every API call.
-     * This value is important to log for debugging purposes;
-     * Stytch may ask for this value to help identify a specific API call when helping you debug an issue.
-     */
-    request_id: string;
-    /**
-     * The HTTP status code of the response.
-     * Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success,
-     * 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
-     */
-    status_code: number;
-};
-type SessionDurationOptions = {
-    /**
-     * Set the session lifetime to be this many minutes from now.
-     * This will return both an opaque `session_token` and `session_jwt` for this session, which will automatically be stored in the browser cookies.
-     * The `session_jwt` will have a fixed lifetime of five minutes regardless of the underlying session duration, and will be automatically refreshed by the SDK in the background over time.
-     * This value must be a minimum of 5 and may not exceed the maximum session duration minutes value set in the
-     * {@link https://stytch.com/dashboard/sdk-configuration SDK Configuration } page of the Stytch dashboard.
-     */
-    session_duration_minutes: number;
-};
-type locale = "en" | "es" | "pt-br" | string;
-// Authentication Factors
-interface B2BEmailFactor {
-    delivery_method: "email";
-    type: string;
-    last_authenticated_at: string;
-    email_factor: {
-        email_id: string;
-        email_address: string;
-    };
-    sequence_order: "PRIMARY";
-}
-interface B2BPhoneNumberFactor {
-    delivery_method: "sms" | "whatsapp";
-    type: string;
-    last_authenticated_at: string;
-    phone_number_factor: {
-        phone_id: string;
-        phone_number: string;
-    };
-    sequence_order: "SECONDARY";
-}
-interface B2BGoogleOAuthFactor {
-    delivery_method: "oauth_google";
-    type: string;
-    last_authenticated_at: string;
-    google_oauth_factor: {
-        id: string;
-        email_id: string;
-        provider_subject: string;
-    };
-    sequence_order: "PRIMARY";
-}
-interface B2BMicrosoftOAuthFactor {
-    delivery_method: "oauth_microsoft";
-    type: string;
-    last_authenticated_at: string;
-    microsoft_oauth_factor: {
-        id: string;
-        email_id: string;
-        provider_subject: string;
-    };
-    sequence_order: "PRIMARY";
-}
-type B2BAuthenticationFactor = B2BEmailFactor | B2BPhoneNumberFactor | B2BGoogleOAuthFactor | B2BMicrosoftOAuthFactor;
-type MemberResponseCommon = ResponseCommon & {
-    /**
-     * Globally unique UUID that identifies a specific member in the Stytch API.
-     * The member_id critical to perform operations on a member in our API
-     * so be sure to preserve this value.
-     */
-    member_id: string;
-    /**
-     * The Member object.
-     * See {@link Member} for details.
-     */
-    member: Member;
-    /**
-     * The Organization object.
-     * See {@link Organization} for details.
-     */
-    organization: Organization;
-};
-interface MemberSession {
-    /**
-     * Globally unique UUID that identifies a specific member session in the Stytch API.
-     */
-    member_session_id: string;
-    /**
-     * Globally unique UUID that identifies a specific member in the Stytch API.
-     * The member_id critical to perform operations on a member in our API
-     * so be sure to preserve this value.
-     */
-    member_id: string;
-    /**
-     * Globally unique UUID that identifies an organization in the Stytch API.
-     */
-    organization_id: string;
-    /**
-     * The timestamp of the session's creation.
-     * Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`.
-     */
-    started_at: string;
-    /**
-     * The timestamp of the last time the session was accessed.
-     * Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`.
-     */
-    last_accessed_at: string;
-    /**
-     * The timestamp of the session's expiration.
-     * Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`.
-     */
-    expires_at: string;
-    /**
-     * All the authentication factors that have been associated with the current member session.
-     */
-    authentication_factors: B2BAuthenticationFactor[];
-    /**
-     * A map of the custom claims associated with the session.
-     * Custom claims can only be set from the server, they cannot be set using the clientside SDKs.
-     * After claims have been added to a session, call {@link IHeadlessB2BSessionClient#authenticate stytch.sessions.authenticate} to refresh the session state clientside.
-     * See our {@link https://stytch.com/docs/sessions#using-sessions_custom-claims guide} for more information.
-     * If no claims are set, this field will be null.
-     */
-    custom_claims?: Record<string, unknown>;
-    /**
-     * A list of the roles associated with the session.
-     * Members may inherit certain roles depending on the factors in their session.
-     * For example, some roles may only be active if the member logged in from a specific SAML IDP.
-     */
-    roles: string[];
-}
-interface SSORegistration {
-    connection_id: string;
-    external_id: string;
-    registration_id: string;
-    sso_attributes: Record<string, unknown>;
-}
-type RoleSource = {
-    type: "direct_assignment";
-    details: Record<string, never>;
-} | {
-    type: "email_assignment";
-    details: {
-        email_domain: string;
-    };
-} | {
-    type: "sso_connection";
-    details: {
-        connection_id: string;
-    };
-} | {
-    type: "sso_connection_group";
-    details: {
-        connection_id: string;
-        group: string;
-    };
-};
-interface Member {
-    /**
-     * Globally unique UUID that identifies an organization in the Stytch API.
-     */
-    organization_id: string;
-    /**
-     * Globally unique UUID that identifies a specific member in the Stytch API.
-     * The member_id critical to perform operations on a member in our API
-     * so be sure to preserve this value.
-     */
-    member_id: string;
-    /**
-     * The email address of the member.
-     */
-    email_address: string;
-    /**
-     * Whether the member's email address is verified.
-     */
-    email_address_verified: boolean;
-    /**
-     * The `status` value denotes whether or not a user has successfully logged in at least once with any available login method.
-     */
-    status: string;
-    /**
-     * The name of the member
-     */
-    name: string;
-    /**
-     * A JSON object containing application-specific metadata.
-     * This field can only be updated by a direct API integration.
-     * Use it to store fields that a member should not be allowed to edit without backend validation - such as `role` or `subscription_status`.
-     * See our {@link https://stytch.com/docs/api/metadata metadata reference} for complete details.
-     */
-    trusted_metadata: Record<string, unknown>;
-    /**
-     * A JSON object containing application-specific metadata.
-     * Use it to store fields that a member can be allowed to edit directly without backend validation - such as `display_theme` or `preferred_locale`.
-     * See our {@link https://stytch.com/docs/api/metadata metadata reference} for complete details.
-     */
-    untrusted_metadata: Record<string, unknown>;
-    sso_registrations: SSORegistration[];
-    /**
-     * Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization's settings.
-     * A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures.
-     */
-    is_breakglass: boolean;
-    /**
-     * Returned if the member has a registered password
-     */
-    member_password_id: string;
-    /**
-     * If true, the member must complete a secondary authentication flow, such as SMS OTP, along with their
-     * primary authentication factor in order to log in and attain a member session.
-     */
-    mfa_enrolled: boolean;
-    /**
-     * Returned if the member has a phone number.
-     */
-    mfa_phone_number: string;
-    /**
-     * Whether the member's phone number is verified.
-     */
-    mfa_phone_number_verified: boolean;
-    /**
-     * A list of the member's roles and their sources
-     */
-    roles: {
-        role_id: string;
-        sources: RoleSource[];
-    }[];
-    /**
-     * The member's default MFA method.
-     */
-    default_mfa_method: string;
-}
-type B2BAuthenticateResponse = ResponseCommon & {
-    /**
-     * Globally unique UUID that identifies a specific member in the Stytch API.
-     * The member_id critical to perform operations on a member in our API
-     * so be sure to preserve this value.
-     */
-    member_id: string;
-    /**
-     * An opaque session token.
-     * Session tokens need to be authenticated via the {@link https://stytch.com/docs/b2b/api/authenticate-session SessionsAuthenticate}
-     * endpoint before a member takes any action that requires authentication
-     * See {@link https://stytch.com/docs/sessions#session-tokens-vs-JWTs_tokens our documentation} for more information.
-     */
-    session_token: string;
-    /**
-     * A JSON Web Token that contains standard claims about the user as well as information about the Stytch session
-     * Session JWTs can be authenticated locally without an API call.
-     * A session JWT is signed by project-specific keys stored by Stytch.
-     * See {@link https://stytch.com/docs/sessions#session-tokens-vs-JWTs_jwts our documentation} for more information.
-     */
-    session_jwt: string;
-    /**
-     * The Member Session object.
-     * See {@link MemberSession} for details.
-     */
-    member_session: MemberSession;
-    /**
-     * The Member object.
-     * See {@link Member} for details.
-     */
-    member: Member;
-    /**
-     * The Organization object.
-     * See {@link Organization} for details.
-     */
-    organization: Organization;
-};
-type B2BAuthenticateResponseWithMFA = Omit<B2BAuthenticateResponse, "member_session"> & ({
-    /**
-     * The Member Session object.
-     * See {@link MemberSession} for details.
-     */
-    member_session: MemberSession;
-    /**
-     * Returns true if the member is fully authenticated, in which case a member session is returned.
-     * Returns false if the member still needs to complete a secondary authentication requirement,
-     * in which case an intermediate_session_token is returned.
-     */
-    member_authenticated: true;
-    /**
-     * If the intermediate_session_token is present, the member needs to complete MFA.
-     * The intermediate_session_token can be passed into a secondary authentication endpoint, such as OTP authenticate,
-     * in order to receive a member session. The intermediate_session_token can also be used with discovery endpoints
-     * to join a different organization or create a new organization.
-     */
-    intermediate_session_token: "";
-    /**
-     * Contains information about the member's options for completing MFA, if applicable.
-     */
-    mfa_required: null;
-} | {
-    /**
-     * The Member Session object.
-     * See {@link MemberSession} for details.
-     */
-    member_session: null;
-    /**
-     * Returns true if the member is fully authenticated, in which case a member session is returned.
-     * Returns false if the member still needs to complete a secondary authentication requirement,
-     * in which case an intermediate_session_token is returned.
-     */
-    member_authenticated: false;
-    /**
-     * If the intermediate_session_token is present, the member needs to complete MFA.
-     * The intermediate_session_token can be passed into a secondary authentication endpoint, such as OTP authenticate,
-     * in order to receive a member session. The intermediate_session_token can also be used with discovery endpoints
-     * to join a different organization or create a new organization.
-     */
-    intermediate_session_token: string;
-    /**
-     * Contains information about the member's options for completing MFA, if applicable.
-     */
-    mfa_required: MfaRequired;
-});
-interface Organization {
-    /**
-     * Globally unique UUID that identifies an organization in the Stytch API.
-     */
-    organization_id: string;
-    /**
-     * The name of the organization.
-     */
-    organization_name: string;
-    /**
-     * The slug of the organization.
-     */
-    organization_slug: string;
-    /**
-     * A URL of the organization's logo.
-     */
-    organization_logo_url: string;
-    /**
-     * A JSON object containing application-specific metadata.
-     * This field can only be updated by a direct API integration.
-     */
-    trusted_metadata: Record<string, unknown>;
-    /**
-     * The default connection used for SSO when there are multiple active connections.
-     */
-    sso_default_connection_id: string | null;
-    /**
-     * The authentication setting that controls the JIT provisioning of Members when authenticating via SSO.
-     * The accepted values are:
-     *   ALL_ALLOWED – new Members will be automatically provisioned upon successful authentication via any of the Organization's sso_active_connections.
-     *   RESTRICTED – only new Members with SSO logins that comply with sso_jit_provisioning_allowed_connections can be provisioned upon authentication.
-     *   NOT_ALLOWED – disable JIT provisioning via SSO.
-     */
-    sso_jit_provisioning: "ALL_ALLOWED" | "RESTRICTED" | "NOT_ALLOWED";
-    /**
-     * An array of connection_ids that reference SAML Connection objects.
-     * Only these connections will be allowed to JIT provision Members via SSO when sso_jit_provisioning is set to RESTRICTED.
-     */
-    sso_jit_provisioning_allowed_connections: string[];
-    /**
-     * An array of active SSO Connection references.
-     */
-    sso_active_connections: {
-        connection_id: string;
-        display_name: string;
-    }[];
-    /**
-     * An array of email domains that allow invites or JIT provisioning for new Members.
-     * This list is enforced when either email_invites or email_jit_provisioning is set to RESTRICTED.
-     * Common domains such as gmail.com are not allowed.
-     */
-    email_allowed_domains: string[];
-    /**
-     * The authentication setting that controls how a new Member can be provisioned by authenticating via Email Magic Link.
-     * The accepted values are:
-     *   RESTRICTED – only new Members with verified emails that comply with email_allowed_domains can be provisioned upon authentication via Email Magic Link.
-     *   NOT_ALLOWED – disable JIT provisioning via Email Magic Link.
-     */
-    email_jit_provisioning: "RESTRICTED" | "NOT_ALLOWED";
-    /**
-     * The authentication setting that controls how a new Member can be invited to an organization by email.
-     * The accepted values are:
-     *   ALL_ALLOWED – any new Member can be invited to join via email.
-     *   RESTRICTED – only new Members with verified emails that comply with email_allowed_domains can be invited via email.
-     *   NOT_ALLOWED – disable email invites.
-     */
-    email_invites: "ALL_ALLOWED" | "RESTRICTED" | "NOT_ALLOWED";
-    /**
-     * The setting that controls which authentication methods can be used by Members of an Organization.
-     * The accepted values are:
-     *   ALL_ALLOWED – the default setting which allows all authentication methods to be used.
-     *   RESTRICTED – only methods that comply with allowed_auth_methods can be used for authentication. This setting does not apply to Members with is_breakglass set to true.
-     */
-    auth_methods: "ALL_ALLOWED" | "RESTRICTED";
-    /**
-     * An array of allowed authentication methods.
-     * This list is enforced when auth_methods is set to RESTRICTED.
-     * The list's accepted values are: sso, magic_link, password, google_oauth, and microsoft_oauth.
-     */
-    allowed_auth_methods: string[];
-    /**
-     * The setting that controls which mfa methods can be used by Members of an Organization.
-     * The accepted values are:
-     *   ALL_ALLOWED – the default setting which allows all MFA methods to be used.
-     *   RESTRICTED – only methods that comply with allowed_mfa_methods can be used for MFA. This setting does not apply to Members with is_breakglass set to true.
-     */
-    mfa_methods?: string;
-    /**
-     * An array of allowed MFA methods.
-     * This list is enforced when mfa_methods is set to RESTRICTED.
-     * The list's accepted values are: sms_otp and totp.
-     */
-    allowed_mfa_methods?: ("sms_otp" | "totp")[];
-    /**
-     * The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
-     *   REQUIRED_FOR_ALL – All Members within the Organization will be required to complete MFA every time they wish to log in.
-     *   OPTIONAL – The default value. The Organization does not require MFA by default for all Members. Members will be required to complete MFA only if their mfa_enrolled status is set to true
-     */
-    mfa_policy: "OPTIONAL" | "REQUIRED_FOR_ALL";
-    /**
-     * An array of implicit role assignments granted to members in this organization whose emails match the domain.
-     */
-    rbac_email_implicit_role_assignments?: {
-        role_id: string;
-        domain: string;
-    }[];
-}
-interface MfaRequired {
-    member_options: MemberOptions | null;
-    /**
-     * Equal to 'sms_otp' if an OTP code was sent to the member's phone number.
-     */
-    secondary_auth_initiated: "sms_otp" | null;
-}
-interface MemberOptions {
-    mfa_phone_number: string;
-}
-type B2BPasswordAuthenticateOptions = SessionDurationOptions & {
-    /**
-     * The id of the Organization under which the Member and password belong
-     */
-    organization_id: string;
-    /**
-     * The email of the Member.
-     */
-    email_address: string;
-    /**
-     * The password for the Member.
-     */
-    password: string;
-    /**
-     * The locale will be used if an OTP code is sent to the member's phone number as part of a
-     * secondary authentication requirement.
-     */
-    locale?: locale;
-};
-type B2BPasswordAuthenticateResponse = B2BAuthenticateResponseWithMFA;
-type B2BPasswordResetByEmailStartOptions = {
-    /**
-     * The id of the Organization under which the Member and password belong
-     */
-    organization_id: string;
-    /**
-     * The email of the Member that requested the password reset.
-     */
-    email_address: string;
-    /**
-     * The url that the Member clicks from the password reset email to skip resetting their password and directly login.
-     * This should be a url that your app receives, parses, and subsequently sends an API request to the magic link authenticate endpoint to complete the login process without reseting their password.
-     * If this value is not passed, the login redirect URL that you set in your Dashboard is used.
-     * If you have not set a default login redirect URL, an error is returned.
-     */
-    login_redirect_url?: string;
-    /**
-     * The url that the Member clicks from the password reset email to finish the reset password flow.
-     * This should be a url that your app receives and parses before showing your app's reset password page.
-     * After the Member submits a new password to your app, it should send an API request to complete the password reset process.
-     * If this value is not passed, the default reset password redirect URL that you set in your Dashboard is used.
-     * If you have not set a default reset password redirect URL, an error is returned.
-     */
-    reset_password_redirect_url?: string;
-    /**
-     * Set the expiration for the password reset, in minutes.
-     * By default, it expires in 30 minutes.
-     * The minimum expiration is 5 minutes and the maximum is 7 days (10080 mins).
-     */
-    reset_password_expiration_minutes?: number;
-    /**
-     * The email template ID to use for password reset.
-     * If not provided, your default email template will be sent. If providing a template ID, it must be either a template using Stytch's customizations,
-     * or a Passwords reset custom HTML template.
-     */
-    reset_password_template_id?: string;
-};
-type B2BPasswordResetByEmailStartResponse = MemberResponseCommon;
-type B2BPasswordResetByEmailOptions = SessionDurationOptions & {
-    /**
-     * The token to authenticate.
-     */
-    password_reset_token: string;
-    /**
-     * The new password for the Member.
-     */
-    password: string;
-    /**
-     * The locale will be used if an OTP code is sent to the member's phone number as part of a
-     * secondary authentication requirement.
-     */
-    locale?: locale;
-};
-type B2BPasswordResetByEmailResponse = B2BAuthenticateResponseWithMFA;
-type B2BPasswordResetByExistingPasswordOptions = SessionDurationOptions & {
-    /**
-     * The id of the Organization under which the Member and password belong
-     */
-    organization_id: string;
-    /**
-     * The Member's email.
-     */
-    email_address: string;
-    /**
-     * The Member's existing password.
-     */
-    existing_password: string;
-    /**
-     * The new password for the Member.
-     */
-    new_password: string;
-    /**
-     * The locale will be used if an OTP code is sent to the member's phone number as part of a
-     * secondary authentication requirement.
-     */
-    locale?: locale;
-};
-type B2BPasswordResetByExistingPasswordResponse = B2BAuthenticateResponseWithMFA;
-type B2BPasswordResetBySessionOptions = {
-    /**
-     * The new password for the Member.
-     */
-    password: string;
-};
-type B2BPasswordResetBySessionResponse = B2BAuthenticateResponse;
-type B2BPasswordStrengthCheckOptions = {
-    /**
-     * The email associated with the password. Provide this for a more accurate strength check.
-     */
-    email_address?: string;
-    /**
-     * The password to strength check.
-     */
-    password: string;
-};
-type B2BPasswordStrengthCheckResponse = MemberResponseCommon & {
-    /**
-     * Whether the password is considered valid and secure.
-     * Read more about password validity {@link https://stytch.com/docs/api/password-strength-check in our docs}.
-     */
-    valid_password: boolean;
-    /**
-     * The score of the password as determined by {@link https://github.com/dropbox/zxcvbn zxcvbn}.
-     */
-    score: number;
-    /**
-     * Determines if the password has been breached using {@link https://haveibeenpwned.com/ HaveIBeenPwned}.
-     */
-    breached_password: boolean;
-    /**
-     * Will return true if breach detection will be evaluated. By default this option is enabled.
-     * This option can be disabled by contacting support@stytch.com. If this value is false then
-     * breached_password will always be false as well.
-     */
-    breach_detection_on_create: boolean;
-    /**
-     * The strength policy type enforced, either `zxcvbn` or `luds`.
-     */
-    strength_policy: "luds" | "zxcvbn";
-    /**
-     * Feedback for how to improve the password's strength using {@link https://github.com/dropbox/zxcvbn zxcvbn}.
-     */
-    zxcvbn_feedback: {
-        suggestions: string[];
-        warning: string;
-    };
-    /**
-     * Feedback for how to improve the password's strength using Lowercase Uppercase Digits Special Characters
-     */
-    luds_feedback: {
-        has_lower_case: boolean;
-        has_upper_case: boolean;
-        has_digit: boolean;
-        has_symbol: boolean;
-        missing_complexity: number;
-        missing_characters: number;
-    };
-};
-interface IHeadlessB2BPasswordClient {
-    /**
-     * The Authenticate method wraps the {@link https://stytch.com/docs/b2b/api/passwords-authenticate Authenticate} Password API endpoint.
-     * This endpoint verifies that the Member has a password currently set, and that the entered password is correct.
-     *
-     * There are cases where this endpoint will return a `reset_password` error even if the password entered is correct.
-     * View our {@link https://stytch.com/docs/api/password-authenticate API Docs} for complete details.
-     *
-     * If this method succeeds, the Member will be logged in, granted an active session, and the
-     * {@link https://stytch.com/docs/sdks/javascript-sdk/resources/cookies-and-session-management session cookies} will be minted and stored in the browser.
-     *
-     * @example
-     * stytch.passwords.authenticate({
-     *   email_address: 'sandbox@stytch.com',
-     *   password: 'aVerySecurePassword',
-     *   session_duration_minutes: 60
-     * });
-     *
-     * @param options - {@link B2BPasswordAuthenticateOptions}
-     *
-     * @returns A {@link B2BPasswordAuthenticateResponse} indicating the password is valid and that the Member is now logged in.
-     *
-     * @throws A `StytchAPIError` when the Stytch API returns an error.
-     * @throws A `StytchAPIUnreachableError` when the SDK cannot contact the Stytch API.
-     * @throws A `StytchSDKUsageError` when called with invalid input (invalid email, invalid options, etc.)
-     */
-    authenticate(options: B2BPasswordAuthenticateOptions): Promise<B2BPasswordAuthenticateResponse>;
-    /**
-     * The resetByEmailStart method wraps the {@link https://stytch.com/docs/b2b/api/email-reset-start Reset By Email Start} Password API endpoint.
-     * This endpoint initiates a password reset for the email address provided.
-     * This will trigger an email to be sent to the address, containing a magic link that will allow them to set a new password and authenticate.
-     *
-     * @example
-     * stytch.passwords.resetByEmailStart({
-     *   email_address: 'sandbox@stytch.com',
-     *   reset_password_redirect_url: 'https://example.com/login/reset',
-     *   reset_password_expiration_minutes: 10,
-     *   login_redirect_url: 'https://example.com/login/authenticate',
-     * });
-     *
-     * @param options - {@link B2BPasswordResetByEmailStartOptions}
-     *
-     * @returns A {@link B2BPasswordResetByEmailStartResponse} indicating the password is valid and that the Member is now logged in.
-     *
-     * @throws A `StytchAPIError` when the Stytch API returns an error.
-     * @throws A `StytchAPIUnreachableError` when the SDK cannot contact the Stytch API.
-     * @throws A `StytchSDKUsageError` when called with invalid input (invalid email, invalid options, etc.)
-     */
-    resetByEmailStart(options: B2BPasswordResetByEmailStartOptions): Promise<B2BPasswordResetByEmailStartResponse>;
-    /**
-     * The resetByEmail method wraps the {@link https://stytch.com/docs/b2b/api/email-reset Reset By Email} Password API endpoint.
-     * This endpoint the Member’s password and authenticate them.
-     * This endpoint checks that the magic link token is valid, hasn't expired, or already been used.
-     * The provided password needs to meet our password strength requirements, which can be checked in advance with the {@link IHeadlessB2BPasswordClient#strengthCheck password strength} endpoint.
-     *
-     * If this method succeeds, the Member will be logged in, granted an active session, and the
-     * {@link https://stytch.com/docs/sdks/javascript-sdk/resources/cookies-and-session-management session cookies} will be minted and stored in the browser.
-     *
-     * @example
-     * const currentLocation = new URL(window.location.href);
-     * const token = currentLocation.searchParams.get('token');
-     * stytch.passwords.resetByEmail({
-     *   token,
-     *   email_address: 'sandbox@stytch.com',
-     *   password: 'aVerySecurePassword',
-     *   session_duration_minutes: 60
-     * });
-     *
-     * @param options - {@link B2BPasswordResetByEmailOptions}
-     *
-     * @returns A {@link B2BPasswordResetByEmailResponse} indicating the password is valid and that the Member is now logged in.
-     *
-     * @throws A `StytchAPIError` when the Stytch API returns an error.
-     * @throws A `StytchAPIUnreachableError` when the SDK cannot contact the Stytch API.
-     * @throws A `StytchSDKUsageError` when called with invalid input (invalid email, invalid options, etc.)
-     */
-    resetByEmail(options: B2BPasswordResetByEmailOptions): Promise<B2BPasswordResetByEmailResponse>;
-    /**
-     * The strengthCheck method wraps the {@link https://stytch.com/docs/b2b/api/strength-check Strength Check} Password API endpoint.
-     * This endpoint allows you to check whether or not the Member’s provided password is valid,
-     * and to provide feedback to the Member on how to increase the strength of their password.
-     *
-     * @example
-     * const {valid_password, feedback} = await stytch.passwords.strengthCheck({ email, password });
-     * if (!valid_password) {
-     *   throw new Error('Password is not strong enough: ' + feedback.warning);
-     * }
-     *
-     * @param options - {@link B2BPasswordStrengthCheckOptions}
-     *
-     * @returns A {@link B2BPasswordStrengthCheckResponse} containing password strength feedback.
-     *
-     * @throws A `StytchAPIError` when the Stytch API returns an error.
-     * @throws A `StytchAPIUnreachableError` when the SDK cannot contact the Stytch API.
-     * @throws A `StytchSDKUsageError` when called with invalid input (invalid email, invalid options, etc.)
-     */
-    strengthCheck(options: B2BPasswordStrengthCheckOptions): Promise<B2BPasswordStrengthCheckResponse>;
-    /**
-     * The resetByExistingPassword method wraps the {@link https://stytch.com/docs/b2b/api/existing-reset Reset By Existing Password} API endpoint.
-     * If this method succeeds, the Member will be logged in, granted an active session, and the
-     * {@link https://stytch.com/docs/sdks/javascript-sdk/resources/cookies-and-session-management session cookies} will be minted and stored in the browser.
-     * You can listen for successful login events anywhere in the codebase with the `stytch.session.onChange()` method or `useStytchSession` hook if you are using React.
-     *
-     * @example
-     * stytch.passwords.resetByExistingPassword({
-     *   email_address: 'sandbox@stytch.com',
-     *   existing_password: 'aVerySecurePassword',
-     *   new_password: 'aVerySecureNewPassword'
-     * });
-     *
-     * @param options - {@link B2BPasswordResetByExistingPasswordOptions}
-     *
-     * @returns A {@link B2BPasswordResetByExistingPasswordResponse} indicating the password is valid and that the Member is now logged in.
-     *
-     * @throws A `StytchAPIError` when the Stytch API returns an error.
-     * @throws A `StytchAPIUnreachableError` when the SDK cannot contact the Stytch API.
-     * @throws A `StytchSDKUsageError` when called with invalid input (invalid email, invalid options, etc.)
-     */
-    resetByExistingPassword(options: B2BPasswordResetByExistingPasswordOptions): Promise<B2BPasswordResetByExistingPasswordResponse>;
-    /**
-     * The resetBySession method wraps the {@link https://stytch.com/docs/b2b/api/session-reset Reset By Session} API endpoint.
-     * If this method succeeds, the Member will be logged in, granted an active session, and the
-     * {@link https://stytch.com/docs/sdks/javascript-sdk/resources/cookies-and-session-management session cookies} will be minted and stored in the browser.
-     * You can listen for successful login events anywhere in the codebase with the `stytch.session.onChange()` method or `useStytchSession` hook if you are using React.
-     *
-     * @example
-     * stytch.passwords.resetBySession({
-     *   password: 'aVerySecurePassword'
-     * });
-     *
-     * @param options - {@link B2BPasswordResetBySessionOptions}
-     *
-     * @returns A {@link B2BPasswordResetBySessionResponse} indicating the password is valid and that the Member is now logged in.
-     *
-     * @throws A `StytchAPIError` when the Stytch API returns an error.
-     * @throws A `StytchAPIUnreachableError` when the SDK cannot contact the Stytch API.
-     * @throws A `StytchSDKUsageError` when called with invalid input (invalid email, invalid options, etc.)
-     */
-    resetBySession(options: B2BPasswordResetBySessionOptions): Promise<B2BPasswordResetBySessionResponse>;
-}
+import { IHeadlessB2BDiscoveryClient, IHeadlessB2BMagicLinksClient, IHeadlessB2BMemberClient, IHeadlessB2BSelfClient, IHeadlessB2BOAuthClient, IHeadlessB2BOrganizationClient, IHeadlessB2BOTPsClient, IHeadlessB2BTOTPsClient, IHeadlessB2BSessionClient, IHeadlessB2BSSOClient, IHeadlessB2BRecoveryCodesClient, IHeadlessB2BRBACClient, StytchClientOptions, IHeadlessB2BPasswordClient, Callbacks, StyleConfig, StytchB2BUIConfig } from "@stytch/core/public";
 /**
  * A headless client used for invoking Stytch's B2B APIs.
  * The Stytch Headless Client can be used as a drop-in solution for authentication and session management.
@@ -805,9 +66,9 @@ declare class StytchB2BUIClient extends StytchB2BHeadlessClient {
      */
     mount({ elementId, styles, callbacks, config }: {
         elementId: string;
-        styles?: StyleConfig$0;
-        callbacks?: Callbacks$0;
-        config: StytchB2BUIConfig$0;
+        styles?: StyleConfig;
+        callbacks?: Callbacks;
+        config: StytchB2BUIConfig;
     }): void;
 }
 export { StytchB2BUIClient };