@transmitsecurity/platform-web-sdk 1.18.2 → 2.0.0

package/dist/drs.d.ts

@@ -13,36 +13,27 @@ type EventResponse = {
 type Recommendation = {
     type: RecommendationType;
 };
+type LightweightPayload = {
+    clientId: string;
+    deviceId: string;
+    userId: string | null;
+    sdkPlatform: 'mobile_web' | 'desktop_web';
+    events: Array<Record<string, unknown>>;
+};
 
 interface ActionResponse {
-    /** The token return by the SDK when the action was reported */
     actionToken?: string;
 }
 interface InitOptions {
-    /** Opaque identifier of the user in your system */
     userId?: string;
 }
-/**
- * Initial parameters for SDK
- */
 interface ConstructorOptions {
-    /** Print logs to console */
     verbose?: boolean;
-    /** Your server URL
-     *
-     * Default value is https://collect.riskid.security */
-    serverPath?: string;
-    /** Enable session token fetching
-     *
-     * Default value is false */
+    serverPath: string;
     enableSessionToken?: boolean;
-    /** First party server url for the identifiers migration
-     *
-     * Default value is undefined */
     firstPartyMigrationUrl?: string;
-    /** @internal
-     * Internal flag indicating this web_sdk instance has its own clientId separate from the Platform SDK root-level clientId */
     hasOwnClientId?: boolean;
+    tier?: 'standard' | 'lightweight';
 }
 interface TransactionData {
     amount: number;
@@ -63,27 +54,12 @@ interface TransactionData {
     };
 }
 interface ActionEventOptions {
-    /** Any ID that could help relate the action with external context or session */
     correlationId?: string;
-    /** User ID of the not yet authenticated user, used to enhance risk and
-     * trust assessments. Once the user is authenticated,
-     * {@link TSAccountProtection.setAuthenticatedUser} should be called. */
     claimedUserId?: string;
-    /**
-     * The reported claimedUserId type (if provided), should not contain PII unless it is hashed.
-     * Supported values: email, phone_number, account_id, ssn, national_id, passport_number, drivers_license_number, other.
-     */
     claimedUserIdType?: string;
-    /**
-     * A transaction data-points object for transaction-monitoring
-     */
     transactionData?: TransactionData;
-    /**
-     * Custom attributes matching the schema previously defined in the Admin Portal
-     */
     customAttributes?: Record<string, string | number | boolean>;
     /**
-     * The fields below are supported for Enterprise-IAM sdk usage actions, added `ignore` for avoiding preseting this attribute in the docs
      * @ignore
      */
     publicKey?: string;
@@ -120,6 +96,7 @@ declare class TSAccountProtection {
     private identifiersMigrationEnabled;
     private firstPartyMigrationUrl;
     private hasOwnClientId;
+    private tier;
     private validationManager;
     private storageManager;
     private eventsManager;
@@ -132,62 +109,34 @@ declare class TSAccountProtection {
     private logsReporter;
     private options;
     private clientId;
-    /**
-     *
-     Creates a new Account Protection SDK instance with your client context
-     @param clientId Your AccountProtection client identifier
-     @param options SDK configuration options
-     */
-    constructor(clientId: string, options?: ConstructorOptions);
+    constructor(clientId: string, options: ConstructorOptions);
     /** @ignore */
     constructor(serverPath: string, clientId: string);
     private generateDisabledToken;
     /**
      * @ignore
-     * @returns List of loaded actions that can be invoked
      */
     get actions(): string[];
     /** @ignore */
     getActions(): Promise<string[]>;
     getSessionToken(): Promise<any>;
-    /**
-     * Initializes the AccountProtection SDK, which starts automatically tracking and submitting info of the user journey
-     * @param options Init options
-     * @returns Indicates if the call succeeded
-     */
+    getPayload(): Promise<LightweightPayload>;
+    clearQueue(): void;
     init(options?: InitOptions | string): Promise<boolean>;
     private isInitialized;
-    /**
-     * Reports a user action event to the SDK
-     * @param actionType Type of user action event that was predefined in the Transmit Security server
-     * @returns Indicates if the call succeeded
-     */
     triggerActionEvent(actionType: string, options?: ActionEventOptions): Promise<ActionResponse>;
     /**
      * @ignore
      */
     identifyUser(userId: string): Promise<boolean>;
     private updateUserId;
+    setAuthenticatedUser(userId: string, options?: {}): Promise<boolean>;
+    clearUser(options?: {}): Promise<boolean>;
     /**
      * @ignore
      */
     unidentifiedUser(): Promise<boolean>;
-    /**
-     * Sets the user context for all subsequent events in the browser session (or until the user is explicitly cleared)
-     * It should be set only after you've fully authenticated the user (including, for example, any 2FA that was required)
-     * @param userId Opaque identifier of the user in your system
-     * @param options Reserved for future use
-     * @returns Indicates if the call succeeded
-     */
-    setAuthenticatedUser(userId: string, options?: {}): Promise<boolean>;
-    /** @ignore */
-    setUser(userId: string, _options?: {}): Promise<boolean>;
-    /**
-     * Clears the user context for all subsequent events in the browser session
-     * @param options Reserved for future use
-     * @returns Indicates if the call succeeded
-     */
-    clearUser(options?: {}): Promise<boolean>;
+    getSecureSessionToken(actionType?: string | null, expirationSeconds?: number): Promise<string>;
 }
 
 declare module '@transmit-security/web-sdk-common/dist/module-metadata/module-metadata' {
@@ -205,8 +154,6 @@ declare module '@transmit-security/web-sdk-common/dist/module-metadata/module-me
  * @returns Indicates if the call succeeded
  */
 declare const triggerActionEvent: TSAccountProtection['triggerActionEvent'];
-/** @ignore */
-declare const setUser: TSAccountProtection['setUser'];
 /**
  * Sets the user context for all subsequent events in the browser session (or until the user is explicitly cleared)
  * It should be set only after you've fully authenticated the user (including, for example, any 2FA that was required)
@@ -222,13 +169,18 @@ declare const setAuthenticatedUser: TSAccountProtection['setAuthenticatedUser'];
  */
 declare const clearUser: TSAccountProtection['clearUser'];
 /** @ignore */
-declare const identifyUser: TSAccountProtection['identifyUser'];
-/** @ignore */
-declare const unidentifiedUser: TSAccountProtection['unidentifiedUser'];
-/** @ignore */
 declare const getActions: TSAccountProtection['getActions'];
 /** @ignore */
 declare const getSessionToken: TSAccountProtection['getSessionToken'];
+/**
+ * Gets a secure session token that is signed with the device's private key
+ * @param actionType Optional action type to include in the token payload (default: null)
+ * @param expirationSeconds Optional expiration time in seconds (default: 300 seconds / 5 minutes)
+ * @returns A JWT-like token containing the backend session token and device information, signed with the device's private key
+ */
+declare const getSecureSessionToken: TSAccountProtection['getSecureSessionToken'];
+/** @ignore */
+declare const getPayload: TSAccountProtection['getPayload'];
 /** @ignore */
 declare const __internal: {
     getDeviceId(): string;
@@ -239,4 +191,4 @@ declare const __internal: {
 declare const PACKAGE_VERSION: string;
 declare function initialize(config: any): void;
 
-export { ActionEventOptions, ActionResponse, PACKAGE_VERSION, __internal, clearUser, getActions, getSessionToken, identifyUser, initialize, setAuthenticatedUser, setUser, triggerActionEvent, unidentifiedUser };
+export { ActionEventOptions, ActionResponse, LightweightPayload, PACKAGE_VERSION, __internal, clearUser, getActions, getPayload, getSecureSessionToken, getSessionToken, initialize, setAuthenticatedUser, triggerActionEvent };