@supabase/auth-js 2.72.1-canary.2 → 2.73.0-rc.3

package/dist/main/lib/types.d.ts

@@ -4,9 +4,9 @@ import { Fetch } from './fetch';
 import type { SolanaSignInInput, SolanaSignInOutput } from './web3/solana';
 import { EthereumSignInInput, Hex } from './web3/ethereum';
 /** One of the providers supported by GoTrue. */
-export type Provider = 'apple' | 'azure' | 'bitbucket' | 'discord' | 'facebook' | 'figma' | 'github' | 'gitlab' | 'google' | 'kakao' | 'keycloak' | 'linkedin' | 'linkedin_oidc' | 'notion' | 'slack' | 'slack_oidc' | 'spotify' | 'twitch' | 'twitter' | 'workos' | 'zoom' | 'fly';
-export type AuthChangeEventMFA = 'MFA_CHALLENGE_VERIFIED';
-export type AuthChangeEvent = 'INITIAL_SESSION' | 'PASSWORD_RECOVERY' | 'SIGNED_IN' | 'SIGNED_OUT' | 'TOKEN_REFRESHED' | 'USER_UPDATED' | AuthChangeEventMFA;
+export declare type Provider = 'apple' | 'azure' | 'bitbucket' | 'discord' | 'facebook' | 'figma' | 'github' | 'gitlab' | 'google' | 'kakao' | 'keycloak' | 'linkedin' | 'linkedin_oidc' | 'notion' | 'slack' | 'slack_oidc' | 'spotify' | 'twitch' | 'twitter' | 'workos' | 'zoom' | 'fly';
+export declare type AuthChangeEventMFA = 'MFA_CHALLENGE_VERIFIED';
+export declare type AuthChangeEvent = 'INITIAL_SESSION' | 'PASSWORD_RECOVERY' | 'SIGNED_IN' | 'SIGNED_OUT' | 'TOKEN_REFRESHED' | 'USER_UPDATED' | AuthChangeEventMFA;
 /**
  * Provide your own global lock implementation instead of the default
  * implementation. The function should acquire a lock for the duration of the
@@ -22,8 +22,8 @@ export type AuthChangeEvent = 'INITIAL_SESSION' | 'PASSWORD_RECOVERY' | 'SIGNED_
  *                       acquired after this much time (ms).
  * @param fn The operation to execute when the lock is acquired.
  */
-export type LockFunc = <R>(name: string, acquireTimeout: number, fn: () => Promise<R>) => Promise<R>;
-export type GoTrueClientOptions = {
+export declare type LockFunc = <R>(name: string, acquireTimeout: number, fn: () => Promise<R>) => Promise<R>;
+export declare type GoTrueClientOptions = {
     url?: string;
     headers?: {
         [key: string]: string;
@@ -56,87 +56,71 @@ export type GoTrueClientOptions = {
      */
     hasCustomAuthorizationHeader?: boolean;
 };
-export type WeakPasswordReasons = 'length' | 'characters' | 'pwned' | (string & {});
-export type WeakPassword = {
+declare const WeakPasswordReasons: readonly ["length", "characters", "pwned"];
+export declare type WeakPasswordReasons = typeof WeakPasswordReasons[number];
+export declare type WeakPassword = {
     reasons: WeakPasswordReasons[];
     message: string;
 };
-export type AuthResponse = {
-    data: {
-        user: User | null;
-        session: Session | null;
-    };
+/**
+ * Resolve mapped types and show the derived keys and their types when hovering in
+ * VS Code, instead of just showing the names those mapped types are defined with.
+ */
+export declare type Prettify<T> = T extends Function ? T : {
+    [K in keyof T]: T[K];
+};
+/**
+ * a shared result type that encapsulates errors instead of throwing them, allows you to optionally specify the ErrorType
+ */
+export declare type RequestResult<T, ErrorType extends Error = AuthError> = {
+    data: T;
     error: null;
 } | {
-    data: {
-        user: null;
-        session: null;
-    };
-    error: AuthError;
+    data: null;
+    error: Error extends AuthError ? AuthError : ErrorType;
 };
-export type AuthResponsePassword = {
-    data: {
-        user: User | null;
-        session: Session | null;
-        weak_password?: WeakPassword | null;
-    };
+/**
+ * similar to RequestResult except it allows you to destructure the possible shape of the success response
+ *  {@see RequestResult}
+ */
+export declare type RequestResultSafeDestructure<T> = {
+    data: T;
     error: null;
 } | {
-    data: {
-        user: null;
-        session: null;
-    };
+    data: T extends object ? {
+        [K in keyof T]: null;
+    } : null;
     error: AuthError;
 };
+export declare type AuthResponse = RequestResultSafeDestructure<{
+    user: User | null;
+    session: Session | null;
+}>;
+export declare type AuthResponsePassword = RequestResultSafeDestructure<{
+    user: User | null;
+    session: Session | null;
+    weak_password?: WeakPassword | null;
+}>;
 /**
  * AuthOtpResponse is returned when OTP is used.
  *
  * {@see AuthResponse}
  */
-export type AuthOtpResponse = {
-    data: {
-        user: null;
-        session: null;
-        messageId?: string | null;
-    };
-    error: null;
-} | {
-    data: {
-        user: null;
-        session: null;
-        messageId?: string | null;
-    };
-    error: AuthError;
-};
-export type AuthTokenResponse = {
-    data: {
-        user: User;
-        session: Session;
-    };
-    error: null;
-} | {
-    data: {
-        user: null;
-        session: null;
-    };
-    error: AuthError;
-};
-export type AuthTokenResponsePassword = {
-    data: {
-        user: User;
-        session: Session;
-        weakPassword?: WeakPassword;
-    };
-    error: null;
-} | {
-    data: {
-        user: null;
-        session: null;
-        weakPassword?: null;
-    };
-    error: AuthError;
-};
-export type OAuthResponse = {
+export declare type AuthOtpResponse = RequestResultSafeDestructure<{
+    user: null;
+    session: null;
+    messageId?: string | null;
+}>;
+export declare type AuthTokenResponse = RequestResultSafeDestructure<{
+    user: User;
+    session: Session;
+}>;
+export declare type AuthTokenResponsePassword = RequestResultSafeDestructure<{
+    user: User;
+    session: Session;
+    weakPassword?: WeakPassword;
+}>;
+export declare type OAuthResponse = {
     data: {
         provider: Provider;
         url: string;
@@ -149,33 +133,19 @@ export type OAuthResponse = {
     };
     error: AuthError;
 };
-export type SSOResponse = {
-    data: {
-        /**
-         * URL to open in a browser which will complete the sign-in flow by
-         * taking the user to the identity provider's authentication flow.
-         *
-         * On browsers you can set the URL to `window.location.href` to take
-         * the user to the authentication flow.
-         */
-        url: string;
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
-};
-export type UserResponse = {
-    data: {
-        user: User;
-    };
-    error: null;
-} | {
-    data: {
-        user: null;
-    };
-    error: AuthError;
-};
+export declare type SSOResponse = RequestResult<{
+    /**
+     * URL to open in a browser which will complete the sign-in flow by
+     * taking the user to the identity provider's authentication flow.
+     *
+     * On browsers you can set the URL to `window.location.href` to take
+     * the user to the authentication flow.
+     */
+    url: string;
+}>;
+export declare type UserResponse = RequestResultSafeDestructure<{
+    user: User;
+}>;
 export interface Session {
     /**
      * The oauth provider token. If present, this can be used to make external API requests to the oauth provider used.
@@ -202,12 +172,14 @@ export interface Session {
      * A timestamp of when the token will expire. Returned when a login is confirmed.
      */
     expires_at?: number;
-    token_type: string;
+    token_type: 'bearer';
     /**
      * When using a separate user storage, accessing properties of this object will throw an error.
      */
     user: User;
 }
+declare const AMRMethods: readonly ["password", "otp", "oauth", "totp", "mfa/totp", "mfa/phone", "anonymous", "sso/saml", "magiclink", "web3"];
+export declare type AMRMethod = typeof AMRMethods[number] | (string & {});
 /**
  * An authentication methord reference (AMR) entry.
  *
@@ -218,7 +190,7 @@ export interface Session {
  */
 export interface AMREntry {
     /** Authentication method name. */
-    method: 'password' | 'otp' | 'oauth' | 'mfa/totp' | (string & {});
+    method: AMRMethod;
     /**
      * Timestamp when the method was successfully used. Represents number of
      * seconds since 1st January 1970 (UNIX epoch) in UTC.
@@ -237,6 +209,16 @@ export interface UserIdentity {
     last_sign_in_at?: string;
     updated_at?: string;
 }
+export declare const FactorTypes: readonly ["totp", "phone"];
+/**
+ * Type of factor. `totp` and `phone` supported with this version
+ */
+export declare type FactorType = typeof FactorTypes[number];
+declare const FactorVerificationStatuses: readonly ["verified", "unverified"];
+/**
+ * The verification status of the factor, default is `unverified` after `.enroll()`, then `verified` after the user verifies it with `.verify()`
+ */
+declare type FactorVerificationStatus = typeof FactorVerificationStatuses[number];
 /**
  * A MFA factor.
  *
@@ -244,7 +226,7 @@ export interface UserIdentity {
  * @see {@link GoTrueMFAApi#listFactors}
  * @see {@link GoTrueMFAAdminApi#listFactors}
  */
-export interface Factor {
+export declare type Factor<Type extends FactorType = FactorType, Status extends FactorVerificationStatus = typeof FactorVerificationStatuses[number]> = {
     /** ID of the factor. */
     id: string;
     /** Friendly name of the factor, useful to disambiguate between multiple factors. */
@@ -252,12 +234,14 @@ export interface Factor {
     /**
      * Type of factor. `totp` and `phone` supported with this version
      */
-    factor_type: 'totp' | 'phone' | (string & {});
-    /** Factor's status. */
-    status: 'verified' | 'unverified';
+    factor_type: Type;
+    /**
+     * The verification status of the factor, default is `unverified` after `.enroll()`, then `verified` after the user verifies it with `.verify()`
+     */
+    status: Status;
     created_at: string;
     updated_at: string;
-}
+};
 export interface UserAppMetadata {
     provider?: string;
     [key: string]: any;
@@ -289,7 +273,7 @@ export interface User {
     identities?: UserIdentity[];
     is_anonymous?: boolean;
     is_sso_user?: boolean;
-    factors?: Factor[];
+    factors?: Factor<FactorType>[];
     deleted_at?: string;
 }
 export interface UserAttributes {
@@ -400,7 +384,7 @@ export interface Subscription {
      */
     unsubscribe: () => void;
 }
-export type SignInAnonymouslyCredentials = {
+export declare type SignInAnonymouslyCredentials = {
     options?: {
         /**
          * A custom data object to store the user's metadata. This maps to the `auth.users.raw_user_meta_data` column.
@@ -412,61 +396,27 @@ export type SignInAnonymouslyCredentials = {
         captchaToken?: string;
     };
 };
-export type SignUpWithPasswordCredentials = {
-    /** The user's email address. */
-    email: string;
-    /** The user's password. */
-    password: string;
+export declare type SignUpWithPasswordCredentials = Prettify<PasswordCredentialsBase & {
     options?: {
-        /** The redirect url embedded in the email link */
         emailRedirectTo?: string;
-        /**
-         * A custom data object to store the user's metadata. This maps to the `auth.users.raw_user_meta_data` column.
-         *
-         * The `data` should be a JSON object that includes user-specific info, such as their first and last name.
-         */
         data?: object;
-        /** Verification token received when the user completes the captcha on the site. */
         captchaToken?: string;
-    };
-} | {
-    /** The user's phone number. */
-    phone: string;
-    /** The user's password. */
-    password: string;
-    options?: {
-        /**
-         * A custom data object to store the user's metadata. This maps to the `auth.users.raw_user_meta_data` column.
-         *
-         * The `data` should be a JSON object that includes user-specific info, such as their first and last name.
-         */
-        data?: object;
-        /** Verification token received when the user completes the captcha on the site. Requires a configured WhatsApp sender on Twilio */
-        captchaToken?: string;
-        /** Messaging channel to use (e.g. whatsapp or sms) */
         channel?: 'sms' | 'whatsapp';
     };
-};
-export type SignInWithPasswordCredentials = {
-    /** The user's email address. */
+}>;
+declare type PasswordCredentialsBase = {
     email: string;
-    /** The user's password. */
     password: string;
-    options?: {
-        /** Verification token received when the user completes the captcha on the site. */
-        captchaToken?: string;
-    };
 } | {
-    /** The user's phone number. */
     phone: string;
-    /** The user's password. */
     password: string;
+};
+export declare type SignInWithPasswordCredentials = PasswordCredentialsBase & {
     options?: {
-        /** Verification token received when the user completes the captcha on the site. */
         captchaToken?: string;
     };
 };
-export type SignInWithPasswordlessCredentials = {
+export declare type SignInWithPasswordlessCredentials = {
     /** The user's email address. */
     email: string;
     options?: {
@@ -501,8 +451,8 @@ export type SignInWithPasswordlessCredentials = {
         channel?: 'sms' | 'whatsapp';
     };
 };
-export type AuthFlowType = 'implicit' | 'pkce';
-export type SignInWithOAuthCredentials = {
+export declare type AuthFlowType = 'implicit' | 'pkce';
+export declare type SignInWithOAuthCredentials = {
     /** One of the providers supported by GoTrue. */
     provider: Provider;
     options?: {
@@ -518,7 +468,7 @@ export type SignInWithOAuthCredentials = {
         skipBrowserRedirect?: boolean;
     };
 };
-export type SignInWithIdTokenCredentials = {
+export declare type SignInWithIdTokenCredentials = {
     /** Provider name or OIDC `iss` value identifying which provider should be used to verify the provided token. Supported names: `google`, `apple`, `azure`, `facebook`, `kakao`, `keycloak` (deprecated). */
     provider: 'google' | 'apple' | 'azure' | 'facebook' | 'kakao' | (string & {});
     /** OIDC ID token issued by the specified provider. The `iss` claim in the ID token must match the supplied provider. Some ID tokens contain an `at_hash` which require that you provide an `access_token` value to be accepted properly. If the token contains a `nonce` claim you must supply the nonce used to obtain the ID token. */
@@ -532,14 +482,14 @@ export type SignInWithIdTokenCredentials = {
         captchaToken?: string;
     };
 };
-export type SolanaWallet = {
+export declare type SolanaWallet = {
     signIn?: (...inputs: SolanaSignInInput[]) => Promise<SolanaSignInOutput | SolanaSignInOutput[]>;
     publicKey?: {
         toBase58: () => string;
     } | null;
     signMessage?: (message: Uint8Array, encoding?: 'utf8' | string) => Promise<Uint8Array> | undefined;
 };
-export type SolanaWeb3Credentials = {
+export declare type SolanaWeb3Credentials = {
     chain: 'solana';
     /** Wallet interface to use. If not specified will default to `window.solana`. */
     wallet?: SolanaWallet;
@@ -563,12 +513,12 @@ export type SolanaWeb3Credentials = {
         captchaToken?: string;
     };
 };
-export type EthereumWallet = EIP1193Provider;
-export type EthereumWeb3Credentials = {
+export declare type EthereumWallet = EIP1193Provider;
+export declare type EthereumWeb3Credentials = {
     chain: 'ethereum';
-    /** Wallet interface to use. If not specified will default to `window.solana`. */
+    /** Wallet interface to use. If not specified will default to `window.ethereum`. */
     wallet?: EthereumWallet;
-    /** Optional statement to include in the Sign in with Solana message. Must not include new line characters. Most wallets like Phantom **require specifying a statement!** */
+    /** Optional statement to include in the Sign in with Ethereum message. Must not include new line characters. Most wallets like Phantom **require specifying a statement!** */
     statement?: string;
     options?: {
         /** URL to use with the wallet interface. Some wallets do not allow signing a message for URLs different from the current page. */
@@ -581,15 +531,15 @@ export type EthereumWeb3Credentials = {
     chain: 'ethereum';
     /** Sign in with Ethereum compatible message. Must include `Issued At`, `URI` and `Version`. */
     message: string;
-    /** Ed25519 signature of the message. */
+    /** Ethereum curve (secp256k1) signature of the message. */
     signature: Hex;
     options?: {
         /** Verification token received when the user completes the captcha on the site. */
         captchaToken?: string;
     };
 };
-export type Web3Credentials = SolanaWeb3Credentials | EthereumWeb3Credentials;
-export type VerifyOtpParams = VerifyMobileOtpParams | VerifyEmailOtpParams | VerifyTokenHashParams;
+export declare type Web3Credentials = SolanaWeb3Credentials | EthereumWeb3Credentials;
+export declare type VerifyOtpParams = VerifyMobileOtpParams | VerifyEmailOtpParams | VerifyTokenHashParams;
 export interface VerifyMobileOtpParams {
     /** The user's phone number. */
     phone: string;
@@ -631,9 +581,9 @@ export interface VerifyTokenHashParams {
     /** The user's verification type. */
     type: EmailOtpType;
 }
-export type MobileOtpType = 'sms' | 'phone_change';
-export type EmailOtpType = 'signup' | 'invite' | 'magiclink' | 'recovery' | 'email_change' | 'email';
-export type ResendParams = {
+export declare type MobileOtpType = 'sms' | 'phone_change';
+export declare type EmailOtpType = 'signup' | 'invite' | 'magiclink' | 'recovery' | 'email_change' | 'email';
+export declare type ResendParams = {
     type: Extract<EmailOtpType, 'signup' | 'email_change'>;
     email: string;
     options?: {
@@ -650,7 +600,7 @@ export type ResendParams = {
         captchaToken?: string;
     };
 };
-export type SignInWithSSO = {
+export declare type SignInWithSSO = {
     /** UUID of the SSO provider to invoke single-sign on to. */
     providerId: string;
     options?: {
@@ -669,25 +619,25 @@ export type SignInWithSSO = {
         captchaToken?: string;
     };
 };
-export type GenerateSignupLinkParams = {
+export declare type GenerateSignupLinkParams = {
     type: 'signup';
     email: string;
     password: string;
     options?: Pick<GenerateLinkOptions, 'data' | 'redirectTo'>;
 };
-export type GenerateInviteOrMagiclinkParams = {
+export declare type GenerateInviteOrMagiclinkParams = {
     type: 'invite' | 'magiclink';
     /** The user's email */
     email: string;
     options?: Pick<GenerateLinkOptions, 'data' | 'redirectTo'>;
 };
-export type GenerateRecoveryLinkParams = {
+export declare type GenerateRecoveryLinkParams = {
     type: 'recovery';
     /** The user's email */
     email: string;
     options?: Pick<GenerateLinkOptions, 'redirectTo'>;
 };
-export type GenerateEmailChangeLinkParams = {
+export declare type GenerateEmailChangeLinkParams = {
     type: 'email_change_current' | 'email_change_new';
     /** The user's email */
     email: string;
@@ -707,22 +657,13 @@ export interface GenerateLinkOptions {
     /** The URL which will be appended to the email link generated. */
     redirectTo?: string;
 }
-export type GenerateLinkParams = GenerateSignupLinkParams | GenerateInviteOrMagiclinkParams | GenerateRecoveryLinkParams | GenerateEmailChangeLinkParams;
-export type GenerateLinkResponse = {
-    data: {
-        properties: GenerateLinkProperties;
-        user: User;
-    };
-    error: null;
-} | {
-    data: {
-        properties: null;
-        user: null;
-    };
-    error: AuthError;
-};
+export declare type GenerateLinkParams = GenerateSignupLinkParams | GenerateInviteOrMagiclinkParams | GenerateRecoveryLinkParams | GenerateEmailChangeLinkParams;
+export declare type GenerateLinkResponse = RequestResultSafeDestructure<{
+    properties: GenerateLinkProperties;
+    user: User;
+}>;
 /** The properties related to the email link generated  */
-export type GenerateLinkProperties = {
+export declare type GenerateLinkProperties = {
     /**
      * The email link to send to the user.
      * The action_link follows the following format: auth/v1/verify?type={verification_type}&token={hashed_token}&redirect_to={redirect_to}
@@ -742,113 +683,95 @@ export type GenerateLinkProperties = {
     /** The verification type that the email link is associated to. */
     verification_type: GenerateLinkType;
 };
-export type GenerateLinkType = 'signup' | 'invite' | 'magiclink' | 'recovery' | 'email_change_current' | 'email_change_new';
-export type MFAEnrollParams = MFAEnrollTOTPParams | MFAEnrollPhoneParams;
-export type MFAUnenrollParams = {
+export declare type GenerateLinkType = 'signup' | 'invite' | 'magiclink' | 'recovery' | 'email_change_current' | 'email_change_new';
+export declare type MFAEnrollParams = MFAEnrollTOTPParams | MFAEnrollPhoneParams;
+export declare type MFAUnenrollParams = {
     /** ID of the factor being unenrolled. */
     factorId: string;
 };
-export type MFAVerifyParams = {
+declare type MFAVerifyParamsBase = {
     /** ID of the factor being verified. Returned in enroll(). */
     factorId: string;
     /** ID of the challenge being verified. Returned in challenge(). */
     challengeId: string;
+};
+declare type MFAVerifyTOTPParamFields = {
     /** Verification code provided by the user. */
     code: string;
 };
-export type MFAChallengeParams = {
+export declare type MFAVerifyTOTPParams = Prettify<MFAVerifyParamsBase & MFAVerifyTOTPParamFields>;
+declare type MFAVerifyPhoneParamFields = MFAVerifyTOTPParamFields;
+export declare type MFAVerifyPhoneParams = Prettify<MFAVerifyParamsBase & MFAVerifyPhoneParamFields>;
+export declare type MFAVerifyParams = MFAVerifyTOTPParams | MFAVerifyPhoneParams;
+declare type MFAChallengeParamsBase = {
     /** ID of the factor to be challenged. Returned in enroll(). */
     factorId: string;
-    /** Messaging channel to use (e.g. whatsapp or sms). Only relevant for phone factors */
-    channel?: 'sms' | 'whatsapp';
-};
-export type MFAChallengeAndVerifyParams = {
-    /** ID of the factor being verified. Returned in enroll(). */
-    factorId: string;
-    /** Verification code provided by the user. */
-    code: string;
-};
-export type AuthMFAVerifyResponse = {
-    data: {
-        /** New access token (JWT) after successful verification. */
-        access_token: string;
-        /** Type of token, typically `Bearer`. */
-        token_type: string;
-        /** Number of seconds in which the access token will expire. */
-        expires_in: number;
-        /** Refresh token you can use to obtain new access tokens when expired. */
-        refresh_token: string;
-        /** Updated user profile. */
-        user: User;
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
-};
-export type AuthMFAEnrollResponse = AuthMFAEnrollTOTPResponse | AuthMFAEnrollPhoneResponse;
-export type AuthMFAUnenrollResponse = {
-    data: {
-        /** ID of the factor that was successfully unenrolled. */
-        id: string;
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
-};
-export type AuthMFAChallengeResponse = {
-    data: {
-        /** ID of the newly created challenge. */
-        id: string;
-        /** Factor Type which generated the challenge */
-        type: 'totp' | 'phone';
-        /** Timestamp in UNIX seconds when this challenge will no longer be usable. */
-        expires_at: number;
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
-};
-export type AuthMFAListFactorsResponse = {
-    data: {
-        /** All available factors (verified and unverified). */
-        all: Factor[];
-        /** Only verified TOTP factors. (A subset of `all`.) */
-        totp: Factor[];
-        /** Only verified Phone factors. (A subset of `all`.) */
-        phone: Factor[];
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
-};
-export type AuthenticatorAssuranceLevels = 'aal1' | 'aal2';
-export type AuthMFAGetAuthenticatorAssuranceLevelResponse = {
-    data: {
-        /** Current AAL level of the session. */
-        currentLevel: AuthenticatorAssuranceLevels | null;
-        /**
-         * Next possible AAL level for the session. If the next level is higher
-         * than the current one, the user should go through MFA.
-         *
-         * @see {@link GoTrueMFAApi#challenge}
-         */
-        nextLevel: AuthenticatorAssuranceLevels | null;
-        /**
-         * A list of all authentication methods attached to this session. Use
-         * the information here to detect the last time a user verified a
-         * factor, for example if implementing a step-up scenario.
-         */
-        currentAuthenticationMethods: AMREntry[];
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
 };
+declare const MFATOTPChannels: readonly ["sms", "whatsapp"];
+export declare type MFATOTPChannel = typeof MFATOTPChannels[number];
+export declare type MFAChallengeTOTPParams = Prettify<MFAChallengeParamsBase>;
+declare type MFAChallengePhoneParamFields<Channel extends MFATOTPChannel = MFATOTPChannel> = {
+    /** Messaging channel to use (e.g. whatsapp or sms). Only relevant for phone factors */
+    channel: Channel;
+};
+export declare type MFAChallengePhoneParams = Prettify<MFAChallengeParamsBase & MFAChallengePhoneParamFields>;
+export declare type MFAChallengeParams = MFAChallengeTOTPParams | MFAChallengePhoneParams;
+declare type MFAChallengeAndVerifyParamsBase = Omit<MFAVerifyParamsBase, 'challengeId'>;
+declare type MFAChallengeAndVerifyTOTPParamFields = MFAVerifyTOTPParamFields;
+declare type MFAChallengeAndVerifyTOTPParams = Prettify<MFAChallengeAndVerifyParamsBase & MFAChallengeAndVerifyTOTPParamFields>;
+declare type MFAChallengeAndVerifyPhoneParamFields = MFAVerifyPhoneParamFields;
+declare type MFAChallengeAndVerifyPhoneParams = Prettify<MFAChallengeAndVerifyParamsBase & MFAChallengeAndVerifyPhoneParamFields>;
+export declare type MFAChallengeAndVerifyParams = MFAChallengeAndVerifyTOTPParams | MFAChallengeAndVerifyPhoneParams;
+export declare type AuthMFAVerifyResponse = RequestResult<{
+    /** New access token (JWT) after successful verification. */
+    access_token: string;
+    /** Type of token, always `bearer`. */
+    token_type: 'bearer';
+    /** Number of seconds in which the access token will expire. */
+    expires_in: number;
+    /** Refresh token you can use to obtain new access tokens when expired. */
+    refresh_token: string;
+    /** Updated user profile. */
+    user: User;
+}>;
+export declare type AuthMFAEnrollResponse = AuthMFAEnrollTOTPResponse | AuthMFAEnrollPhoneResponse;
+export declare type AuthMFAUnenrollResponse = RequestResult<{
+    /** ID of the factor that was successfully unenrolled. */
+    id: string;
+}>;
+export declare type AuthMFAChallengeResponse<T extends FactorType> = RequestResult<{
+    /** ID of the newly created challenge. */
+    id: string;
+    /** Factor Type which generated the challenge */
+    type: T;
+    /** Timestamp in UNIX seconds when this challenge will no longer be usable. */
+    expires_at: number;
+}>;
+/** response of ListFactors, which should contain all the types of factors that are available, this ensures we always include all */
+export declare type AuthMFAListFactorsResponse<T extends typeof FactorTypes = typeof FactorTypes> = RequestResult<{
+    /** All available factors (verified and unverified). */
+    all: Prettify<Factor>[];
+} & {
+    [K in T[number]]: Prettify<Factor<K, 'verified'>>[];
+}>;
+export declare type AuthenticatorAssuranceLevels = 'aal1' | 'aal2';
+export declare type AuthMFAGetAuthenticatorAssuranceLevelResponse = RequestResult<{
+    /** Current AAL level of the session. */
+    currentLevel: AuthenticatorAssuranceLevels | null;
+    /**
+     * Next possible AAL level for the session. If the next level is higher
+     * than the current one, the user should go through MFA.
+     *
+     * @see {@link GoTrueMFAApi#challenge}
+     */
+    nextLevel: AuthenticatorAssuranceLevels | null;
+    /**
+     * A list of all authentication methods attached to this session. Use
+     * the information here to detect the last time a user verified a
+     * factor, for example if implementing a step-up scenario.
+     */
+    currentAuthenticationMethods: AMREntry[];
+}>;
 /**
  * Contains the full multi-factor authentication API.
  *
@@ -862,7 +785,6 @@ export interface GoTrueMFAApi {
      * The user has to enter the code from their authenticator app to verify it.
      *
      * Upon verifying a factor, all other sessions are logged out and the current session's authenticator level is promoted to `aal2`.
-     *
      */
     enroll(params: MFAEnrollTOTPParams): Promise<AuthMFAEnrollTOTPResponse>;
     enroll(params: MFAEnrollPhoneParams): Promise<AuthMFAEnrollPhoneResponse>;
@@ -871,11 +793,15 @@ export interface GoTrueMFAApi {
      * Prepares a challenge used to verify that a user has access to a MFA
      * factor.
      */
-    challenge(params: MFAChallengeParams): Promise<AuthMFAChallengeResponse>;
+    challenge(params: MFAChallengeTOTPParams): Promise<Prettify<AuthMFAChallengeResponse<'totp'>>>;
+    challenge(params: MFAChallengePhoneParams): Promise<Prettify<AuthMFAChallengeResponse<'phone'>>>;
+    challenge(params: MFAChallengeParams): Promise<Prettify<AuthMFAChallengeResponse<'totp' | 'phone'>>>;
     /**
      * Verifies a code against a challenge. The verification code is
      * provided by the user by entering a code seen in their authenticator app.
      */
+    verify(params: MFAVerifyTOTPParams): Promise<AuthMFAVerifyResponse>;
+    verify(params: MFAVerifyPhoneParams): Promise<AuthMFAVerifyResponse>;
     verify(params: MFAVerifyParams): Promise<AuthMFAVerifyResponse>;
     /**
      * Unenroll removes a MFA factor.
@@ -914,20 +840,14 @@ export interface GoTrueMFAApi {
 /**
  * @expermental
  */
-export type AuthMFAAdminDeleteFactorResponse = {
-    data: {
-        /** ID of the factor that was successfully deleted. */
-        id: string;
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
-};
+export declare type AuthMFAAdminDeleteFactorResponse = RequestResult<{
+    /** ID of the factor that was successfully deleted. */
+    id: string;
+}>;
 /**
  * @expermental
  */
-export type AuthMFAAdminDeleteFactorParams = {
+export declare type AuthMFAAdminDeleteFactorParams = {
     /** ID of the MFA factor to delete. */
     id: string;
     /** ID of the user whose factor is being deleted. */
@@ -936,20 +856,14 @@ export type AuthMFAAdminDeleteFactorParams = {
 /**
  * @expermental
  */
-export type AuthMFAAdminListFactorsResponse = {
-    data: {
-        /** All factors attached to the user. */
-        factors: Factor[];
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
-};
+export declare type AuthMFAAdminListFactorsResponse = RequestResult<{
+    /** All factors attached to the user. */
+    factors: Factor[];
+}>;
 /**
  * @expermental
  */
-export type AuthMFAAdminListFactorsParams = {
+export declare type AuthMFAAdminListFactorsParams = {
     /** ID of the user. */
     userId: string;
 };
@@ -974,12 +888,12 @@ export interface GoTrueAdminMFAApi {
      */
     deleteFactor(params: AuthMFAAdminDeleteFactorParams): Promise<AuthMFAAdminDeleteFactorResponse>;
 }
-type AnyFunction = (...args: any[]) => any;
-type MaybePromisify<T> = T | Promise<T>;
-type PromisifyMethods<T> = {
+declare type AnyFunction = (...args: any[]) => any;
+declare type MaybePromisify<T> = T | Promise<T>;
+declare type PromisifyMethods<T> = {
     [K in keyof T]: T[K] extends AnyFunction ? (...args: Parameters<T[K]>) => MaybePromisify<ReturnType<T[K]>> : T[K];
 };
-export type SupportedStorage = PromisifyMethods<Pick<Storage, 'getItem' | 'setItem' | 'removeItem'>> & {
+export declare type SupportedStorage = PromisifyMethods<Pick<Storage, 'getItem' | 'setItem' | 'removeItem'>> & {
     /**
      * If set to `true` signals to the library that the storage medium is used
      * on a server and the values may not be authentic, such as reading from
@@ -989,29 +903,23 @@ export type SupportedStorage = PromisifyMethods<Pick<Storage, 'getItem' | 'setIt
      */
     isServer?: boolean;
 };
-export type InitializeResult = {
+export declare type InitializeResult = {
     error: AuthError | null;
 };
-export type CallRefreshTokenResult = {
-    session: Session;
-    error: null;
-} | {
-    session: null;
-    error: AuthError;
-};
-export type Pagination = {
+export declare type CallRefreshTokenResult = RequestResult<Session>;
+export declare type Pagination = {
     [key: string]: any;
     nextPage: number | null;
     lastPage: number;
     total: number;
 };
-export type PageParams = {
+export declare type PageParams = {
     /** The page number */
     page?: number;
     /** Number of items returned per page */
     perPage?: number;
 };
-export type SignOut = {
+export declare type SignOut = {
     /**
      * Determines which sessions should be
      * logged out. Global means all
@@ -1024,72 +932,58 @@ export type SignOut = {
      */
     scope?: 'global' | 'local' | 'others';
 };
-export type MFAEnrollTOTPParams = {
+declare type MFAEnrollParamsBase<T extends FactorType> = {
     /** The type of factor being enrolled. */
-    factorType: 'totp';
-    /** Domain which the user is enrolled with. */
-    issuer?: string;
+    factorType: T;
     /** Human readable name assigned to the factor. */
     friendlyName?: string;
 };
-export type MFAEnrollPhoneParams = {
-    /** The type of factor being enrolled. */
-    factorType: 'phone';
-    /** Human readable name assigned to the factor. */
-    friendlyName?: string;
+declare type MFAEnrollTOTPParamFields = {
+    /** Domain which the user is enrolled with. */
+    issuer?: string;
+};
+export declare type MFAEnrollTOTPParams = Prettify<MFAEnrollParamsBase<'totp'> & MFAEnrollTOTPParamFields>;
+declare type MFAEnrollPhoneParamFields = {
     /** Phone number associated with a factor. Number should conform to E.164 format */
     phone: string;
 };
-export type AuthMFAEnrollTOTPResponse = {
-    data: {
-        /** ID of the factor that was just enrolled (in an unverified state). */
-        id: string;
-        /** Type of MFA factor.*/
-        type: 'totp';
-        /** TOTP enrollment information. */
-        totp: {
-            /** Contains a QR code encoding the authenticator URI. You can
-             * convert it to a URL by prepending `data:image/svg+xml;utf-8,` to
-             * the value. Avoid logging this value to the console. */
-            qr_code: string;
-            /** The TOTP secret (also encoded in the QR code). Show this secret
-             * in a password-style field to the user, in case they are unable to
-             * scan the QR code. Avoid logging this value to the console. */
-            secret: string;
-            /** The authenticator URI encoded within the QR code, should you need
-             * to use it. Avoid loggin this value to the console. */
-            uri: string;
-        };
-        /** Friendly name of the factor, useful for distinguishing between factors **/
-        friendly_name?: string;
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
+export declare type MFAEnrollPhoneParams = Prettify<MFAEnrollParamsBase<'phone'> & MFAEnrollPhoneParamFields>;
+declare type AuthMFAEnrollResponseBase<T extends FactorType> = {
+    /** ID of the factor that was just enrolled (in an unverified state). */
+    id: string;
+    /** Type of MFA factor.*/
+    type: T;
+    /** Friendly name of the factor, useful for distinguishing between factors **/
+    friendly_name?: string;
 };
-export type AuthMFAEnrollPhoneResponse = {
-    data: {
-        /** ID of the factor that was just enrolled (in an unverified state). */
-        id: string;
-        /** Type of MFA factor. */
-        type: 'phone';
-        /** Friendly name of the factor, useful for distinguishing between factors **/
-        friendly_name?: string;
-        /** Phone number of the MFA factor in E.164 format. Used to send messages  */
-        phone: string;
-    };
-    error: null;
-} | {
-    data: null;
-    error: AuthError;
+declare type AuthMFAEnrollTOTPResponseFields = {
+    /** TOTP enrollment information. */
+    totp: {
+        /** Contains a QR code encoding the authenticator URI. You can
+         * convert it to a URL by prepending `data:image/svg+xml;utf-8,` to
+         * the value. Avoid logging this value to the console. */
+        qr_code: string;
+        /** The TOTP secret (also encoded in the QR code). Show this secret
+         * in a password-style field to the user, in case they are unable to
+         * scan the QR code. Avoid logging this value to the console. */
+        secret: string;
+        /** The authenticator URI encoded within the QR code, should you need
+         * to use it. Avoid loggin this value to the console. */
+        uri: string;
+    };
+};
+export declare type AuthMFAEnrollTOTPResponse = RequestResult<Prettify<AuthMFAEnrollResponseBase<'totp'> & AuthMFAEnrollTOTPResponseFields>>;
+declare type AuthMFAEnrollPhoneResponseFields = {
+    /** Phone number of the MFA factor in E.164 format. Used to send messages  */
+    phone: string;
 };
-export type JwtHeader = {
+export declare type AuthMFAEnrollPhoneResponse = RequestResult<Prettify<AuthMFAEnrollResponseBase<'phone'> & AuthMFAEnrollPhoneResponseFields>>;
+export declare type JwtHeader = {
     alg: 'RS256' | 'ES256' | 'HS256';
     kid: string;
     typ: string;
 };
-export type RequiredClaims = {
+export declare type RequiredClaims = {
     iss: string;
     sub: string;
     aud: string | string[];
@@ -1099,7 +993,7 @@ export type RequiredClaims = {
     aal: AuthenticatorAssuranceLevels;
     session_id: string;
 };
-export type JwtPayload = RequiredClaims & {
+export declare type JwtPayload = RequiredClaims & {
     [key: string]: any;
 };
 export interface JWK {
@@ -1110,6 +1004,6 @@ export interface JWK {
     [key: string]: any;
 }
 export declare const SIGN_OUT_SCOPES: readonly ["global", "local", "others"];
-export type SignOutScope = (typeof SIGN_OUT_SCOPES)[number];
+export declare type SignOutScope = typeof SIGN_OUT_SCOPES[number];
 export {};
 //# sourceMappingURL=types.d.ts.map