@verdocs/js-sdk 6.7.7 → 6.8.2

package/dist/index.d.mts

@@ -409,19 +409,32 @@ interface IProfile {
 }
 interface IUser {
     id: string;
+    /** Email address. */
     email: string;
+    /** If true, the email has been verified in some way (e.g. OTP verification or trusted third party. */
     email_verified: boolean;
+    /** Password hash, present only for type consistency. Marked optional, but will never be returned by the backend. */
     pass_hash?: string;
     first_name: string | null;
     last_name: string | null;
     phone: string | null;
     picture: string | null;
+    /** If set, the Azure B2C ID for the user. Generally set only for Teams/PowerAutomate users. */
     b2cId: string | null;
+    /** If set, the Google account ID for the user. Set only for users logging in via Google. */
     googleId: string | null;
+    /** If set, the Apple account ID for the user. Set only for users logging in via Apple. */
     appleId: string | null;
+    /** If set, the Github account ID for the user. Set only for users logging in via Github. */
     githubId?: string | null;
     created_at: string;
     updated_at: string;
+    /** True if the account is locked, typically due to failed sign-in attempts. Only visible to admins or owners. */
+    locked?: boolean;
+    /** Reason the account is locked. Only visible to admins or owners. */
+    lock_reason?: string | null;
+    /** Consecutive failed sign-in attempts. Only visible to admins or owners. */
+    login_failures?: number;
 }
 type IWebhookEvents = Record<TWebhookEvent, boolean>;
 interface IWebhook {
@@ -609,6 +622,7 @@ interface IEnvelopeField {
     required: boolean | null;
     /** If true, the field will be not be editable by the participant(s). NOTE: Fields may not be both required and readonly. */
     readonly: boolean | null;
+    // TODO: In the future, let's decide on the fate of the `settings` object
     /** @deprecated. Use top-level fields instead. */
     settings: IEnvelopeFieldSettings | null;
     validator: string | null;
@@ -680,6 +694,8 @@ interface IEnvelopeFieldSettings {
     /** Checkbox settings */
     minimum_checked?: number;
     maximum_checked?: number;
+    canvasHeight?: number;
+    canvasWidth?: number;
 }
 interface IEnvelopeHistory {
     id: string;
@@ -1014,7 +1030,7 @@ type TTemplateSender = "envelope_creator" | "template_owner";
 type TTemplateAction = "create_personal" | "create_org" | "create_public" | "read" | "write" | "delete" | "change_visibility_personal" | "change_visibility_org" | "change_visibility_public";
 type TRecipientAction = "submit" | "decline" | "prepare" | "update";
 type TEnvelopeStatus = "complete" | "pending" | "in progress" | "declined" | "canceled";
-type TRecipientStatus = "invited" | "opened" | "signed" | "submitted" | "canceled" | "pending" | "declined";
+type TRecipientStatus = "invited" | "opened" | "signed" | "submitted" | "canceled" | "pending" | "declined" | "failed";
 type TRecipientType = "signer" | "cc" | "approver";
 /**
  * Plans provide access to Verdocs product features.
@@ -2289,6 +2305,14 @@ declare const recipientCanAct: (recipient: IRecipient, recipientsWithActions: IR
  * Returns true if the user can act.
  */
 declare const userCanAct: (email: string, recipientsWithActions: IRecipient[]) => boolean | undefined;
+/**
+ * Get a recipient from an envelope via an email match.
+ */
+declare const getRecipient: (email: string, envelope: IEnvelope) => IRecipient | undefined;
+/**
+ * Get a recipient that can act from an envelope via an email match.
+ */
+declare const getRecipientWithActions: (email: string, envelope: IEnvelope) => boolean | undefined;
 /**
  * Returns true if the user can act.
  */
@@ -3029,6 +3053,43 @@ declare const deleteOrganizationMember: (endpoint: VerdocsEndpoint, profileId: s
  * @apiSuccess IProfile . The updated profile for the member.
  */
 declare const updateOrganizationMember: (endpoint: VerdocsEndpoint, profileId: string, params: Partial<Pick<IProfile, "roles" | "first_name" | "last_name">>) => Promise<IProfile>;
+/**
+ * Lock an organization member's account. The member will be unable to sign in until an admin
+ * unlocks them or they complete the password-reset flow. Caller must be an admin or owner,
+ * may not lock him/herself, and the target must have a linked user account.
+ *
+ * ```typescript
+ * import {lockOrganizationMember} from '@verdocs/js-sdk';
+ *
+ * const result = await lockOrganizationMember(VerdocsEndpoint.getDefault(), 'PROFILEID', 'Departed employee');
+ * ```
+ *
+ * @group Organization Members
+ * @api PUT /v2/organization-members/:profile_id Perform an operation on an organization member.
+ * @apiParam string(format:uuid) profile_id The Profile ID to operate on.
+ * @apiBody string(enum:'lock') action Action to perform
+ * @apiBody string reason Reason the account is being locked. Stored on the user record and shown to admins.
+ * @apiSuccess IProfile . The updated profile for the member, with the joined user record.
+ */
+declare const lockOrganizationMember: (endpoint: VerdocsEndpoint, profileId: string, reason: string) => Promise<IProfile>;
+/**
+ * Unlock a member whose account has been locked (typically after too many failed sign-in attempts
+ * or via an earlier admin lock). Caller must be an admin or owner, may not unlock him/herself, and
+ * the target must have a linked user account. Clears `locked`, `lock_reason`, and `login_failures`.
+ *
+ * ```typescript
+ * import {unlockOrganizationMember} from '@verdocs/js-sdk';
+ *
+ * const result = await unlockOrganizationMember(VerdocsEndpoint.getDefault(), 'PROFILEID');
+ * ```
+ *
+ * @group Organization Members
+ * @api PUT /v2/organization-members/:profile_id Perform an operation on an organization member.
+ * @apiParam string(format:uuid) profile_id The Profile ID to operate on.
+ * @apiBody string(enum:'unlock') action Action to perform
+ * @apiSuccess IProfile . The updated profile for the member, with the joined user record.
+ */
+declare const unlockOrganizationMember: (endpoint: VerdocsEndpoint, profileId: string) => Promise<IProfile>;
 /**
  * Get all notification templates for the caller's organization.
  *
@@ -4049,4 +4110,4 @@ declare const decodeJWTBody: (token: string) => any;
  * the presence of the `document_id` field, which will only be present for signing sessions.
  */
 declare const decodeAccessTokenBody: (token: string) => TSession;
-export { TRequestStatus, TTemplateSender, TTemplateAction, TRecipientAction, TEnvelopeStatus, TRecipientStatus, TRecipientType, TSortTemplateBy, TAccessKeyType, TApiKeyPermission, TDeprecatedHistoryEvent, THistoryEvent, TEventDetail, TEnvelopeUpdateResult, TFieldType, TWebhookEvent, WEBHOOK_EVENTS, TTemplateVisibility, TEntitlement, TRecipientAuthMethod, TRecipientAuthStep, TUsageType, TWebhookAuthMethod, TNotificationType, TEventName, FIELD_TYPES, DEFAULT_FIELD_WIDTHS, DEFAULT_FIELD_HEIGHTS, ALL_PERMISSIONS, IChannel, IDisabledChannel, INotification, INotificationTemplate, IApiKey, IGroup, IGroupProfile, IOAuth2App, IEntitlement, IOrganization, IOrganizationInvitation, IPendingWebhook, IProfile, IUser, IWebhookEvents, IWebhook, IInPersonAccessKey, IInAppAccessKey, IEmailAccessKey, ISMSAccessKey, TAccessKey, IEnvelope, IEnvelopeDocument, IDropdownOption, IEnvelopeField, IEnvelopeFieldOptions, IEnvelopeFieldSettings, IEnvelopeHistory, IInitial, IKbaPINRequired, IKBAQuestion, IRecipient, IRole, ISignature, ITemplate, ITemplateDocument, ITemplateField, ITextFieldSetting, ITemplateFieldSetting, TOrganizationUsage, TEnvironment, TSessionChangedListener, VerdocsEndpointOptions, VerdocsEndpoint, createEnvelope, getEnvelope, getEnvelopeDocument, downloadEnvelopeDocument, getEnvelopeDocumentDownloadLink, getEnvelopeDocumentPreviewLink, cancelEnvelope, getEnvelopeFile, updateEnvelope, updateEnvelopeField, uploadEnvelopeFieldAttachment, deleteEnvelopeFieldAttachment, getEnvelopeDocumentPageDisplayUri, ITimeRange, IListEnvelopesParams, getEnvelopes, getEnvelopesZip, sortFields, sortDocuments, sortRecipients, isFieldFilled, isFieldValid, createInitials, IRecipientKbaStepNone, IRecipientKbaStepComplete, IRecipientKbaStepPin, IRecipientKbaStepIdentity, IRecipientKbaStepChallenge, IRecipientKbaStepFailed, TRecipientKbaStep, getKbaStep, submitKbaPin, IKbaIdentity, submitKbaIdentity, IKbaChallengeResponse, submitKbaChallengeResponse, envelopeRecipientAgree, envelopeRecipientDecline, envelopeRecipientSubmit, startSigningSession, getInPersonLink, verifySigner, delegateRecipient, updateRecipient, remindRecipient, resetRecipient, askQuestion, isEnvelopeOwner, isEnvelopeRecipient, canAccessEnvelope, userIsEnvelopeOwner, userIsEnvelopeRecipient, useCanAccessEnvelope, envelopeIsActive, envelopeIsComplete, userCanCancelEnvelope, userCanFinishEnvelope, recipientHasAction, getRecipientsWithActions, recipientCanAct, userCanAct, userCanSignNow, getNextRecipient, createSignature, IEnvelopesSearchResult, IDocumentSearchOptions, ICreateEnvelopeRecipientFromTemplate, ICreateEnvelopeRecipientDirectly, ISignerTokenResponse, IInPersonLinkResponse, IUpdateRecipientStatus, ICreateEnvelopeReminderRequest, IUpdateRecipientParams, ICreateEnvelopeDocumentFromData, ICreateEnvelopeDocumentFromUri, ICreateEnvelopeDocumentFromFile, ICreateEnvelopeFieldFromTemplate, ICreateEnvelopeFieldDirectly, ICreateEnvelopeFromTemplateRequest, ICreateEnvelopeDirectlyRequest, TCreateEnvelopeRequest, IAuthenticateRecipientViaPasscodeRequest, IAuthenticateRecipientViaEmailRequest, IAuthenticateRecipientViaSMSRequest, IKBAResponse, IAuthenticateRecipientViaKBARequest, TAuthenticateRecipientRequest, DEFAULT_DISCLOSURES, getApiKeys, createApiKey, rotateApiKey, updateApiKey, deleteApiKey, getOrganizationContacts, deleteOrganizationContact, createOrganizationContact, updateOrganizationContact, getGroups, getGroup, createGroup, updateGroup, deleteGroup, addGroupMember, deleteGroupMember, getOrganizationInvitations, createOrganizationInvitation, deleteOrganizationInvitation, updateOrganizationInvitation, resendOrganizationInvitation, getOrganizationInvitation, acceptOrganizationInvitation, declineOrganizationInvitation, getOrganizationMembers, deleteOrganizationMember, updateOrganizationMember, getNotificationTemplates, getNotificationTemplate, createNotificationTemplate, updateNotificationTemplate, deleteNotificationTemplate, getOrganization, getOrganizationChildren, getOrganizationUsage, createOrganization, updateOrganization, deleteOrganization, updateOrganizationLogo, updateOrganizationThumbnail, getEntitlements, getActiveEntitlements, ICreateApiKeyRequest, IUpdateApiKeyRequest, ICreateInvitationRequest, IAcceptOrganizationInvitationRequest, ISetWebhookRequest, ICreateNotificationTemplateRequest, IUpdateNotificationTemplateRequest, getWebhooks, setWebhooks, rotateWebhookSecret, TTemplatePermissionCreatePublic, TTemplatePermissionCreateOrg, TTemplatePermissionCreatePersonal, TTemplatePermissionDelete, TTemplatePermissionVisibility, TTemplateMemberRead, TTemplateMemberWrite, TTemplateMemberDelete, TTemplateMemberVisibility, TTemplatePermission, TAccountPermissionOwnerAdd, TAccountPermissionOwnerRemove, TAccountPermissionAdminAdd, TAccountPermissionAdminRemove, TAccountPermissionMemberView, TAccountPermissionMemberAdd, TAccountPermissionMemberRemove, TAccountPermission, TOrgPermissionCreate, TOrgPermissionView, TOrgPermissionUpdate, TOrgPermissionDelete, TOrgPermissionTransfer, TOrgPermissionList, TOrgPermission, TEnvelopePermissionCreate, TEnvelopePermissionCancel, TEnvelopePermissionView, TEnvelopePermissionOrg, TEnvelopePermission, TPermission, TRole, RolePermissions, userHasPermissions, ISigningSession, IUserSession, IIdToken, TSessionType, TSession, TActiveSession, canPerformTemplateAction, hasRequiredPermissions, createField, updateField, deleteField, userIsTemplateCreator, userHasSharedTemplate, userCanCreatePersonalTemplate, userCanCreateOrgTemplate, userCanCreatePublicTemplate, userCanReadTemplate, userCanUpdateTemplate, userCanMakeTemplatePrivate, userCanMakeTemplateShared, userCanMakeTemplatePublic, userCanChangeOrgVisibility, userCanDeleteTemplate, userCanSendTemplate, userCanCreateTemplate, userCanBuildTemplate, getFieldsForRole, userCanPreviewTemplate, createTemplateRole, updateTemplateRole, deleteTemplateRole, ITemplateSortBy, TTemplateVisibilityFilter, IGetTemplatesParams, getTemplates, getTemplate, IDocumentFromUri, IDocumentFromData, ITemplateCreateParams, createTemplate, duplicateTemplate, ITemplateCreateFromSharepointParams, createTemplateFromSharepoint, updateTemplate, deleteTemplate, toggleTemplateStar, createTemplateDocument, deleteTemplateDocument, getTemplateDocument, downloadTemplateDocument, getTemplateDocumentDownloadLink, getTemplateDocumentPreviewLink, getTemplateDocumentFile, getTemplateDocumentThumbnail, getTemplateDocumentPageDisplayUri, ITemplateTag, ITag, IStar, ITemplateSearchResult, IValidator, isValidInput, getValidators, isValidEmail, isValidPhone, isValidRoleName, isValidTag, IROPCRequest, IClientCredentialsRequest, IRefreshTokenRequest, TAuthenticationRequest, authenticate, refreshToken, changePassword, resetPassword, resendVerification, verifyEmail, getMyUser, getNotifications, getProfiles, getCurrentProfile, switchProfile, updateProfile, deleteProfile, createProfile, updateProfilePhoto, ICreateProfileRequest, IUpdateProfileRequest, IAuthenticateResponse, IChangePasswordRequest, IChangePasswordResponse, IResetPasswordRequest, IResetPasswordResponse, IVerifyEmailRequest, getRGB, getRGBA, nameToRGBA, getRoleColor, formatShortTimeAgo, collapseEntitlements, getRTop, getRLeft, getRValue, blobToBase64, rescale, fileToDataUrl, downloadBlob, Countries, getCountryByCode, isFrenchGuiana, isGuadeloupe, isMartinique, isMayotte, getPlusOneCountry, isCanada, isAmericanSamoa, isDominicanRepublic, isPuertoRico, getMatchingCountry, integerSequence, formatFullName, formatInitials, fullNameToInitials, capitalize, convertToE164, randomString, AtoB, decodeJWTBody, decodeAccessTokenBody, IFileWithData, ICountry };
+export { TRequestStatus, TTemplateSender, TTemplateAction, TRecipientAction, TEnvelopeStatus, TRecipientStatus, TRecipientType, TSortTemplateBy, TAccessKeyType, TApiKeyPermission, TDeprecatedHistoryEvent, THistoryEvent, TEventDetail, TEnvelopeUpdateResult, TFieldType, TWebhookEvent, WEBHOOK_EVENTS, TTemplateVisibility, TEntitlement, TRecipientAuthMethod, TRecipientAuthStep, TUsageType, TWebhookAuthMethod, TNotificationType, TEventName, FIELD_TYPES, DEFAULT_FIELD_WIDTHS, DEFAULT_FIELD_HEIGHTS, ALL_PERMISSIONS, IChannel, IDisabledChannel, INotification, INotificationTemplate, IApiKey, IGroup, IGroupProfile, IOAuth2App, IEntitlement, IOrganization, IOrganizationInvitation, IPendingWebhook, IProfile, IUser, IWebhookEvents, IWebhook, IInPersonAccessKey, IInAppAccessKey, IEmailAccessKey, ISMSAccessKey, TAccessKey, IEnvelope, IEnvelopeDocument, IDropdownOption, IEnvelopeField, IEnvelopeFieldOptions, IEnvelopeFieldSettings, IEnvelopeHistory, IInitial, IKbaPINRequired, IKBAQuestion, IRecipient, IRole, ISignature, ITemplate, ITemplateDocument, ITemplateField, ITextFieldSetting, ITemplateFieldSetting, TOrganizationUsage, TEnvironment, TSessionChangedListener, VerdocsEndpointOptions, VerdocsEndpoint, createEnvelope, getEnvelope, getEnvelopeDocument, downloadEnvelopeDocument, getEnvelopeDocumentDownloadLink, getEnvelopeDocumentPreviewLink, cancelEnvelope, getEnvelopeFile, updateEnvelope, updateEnvelopeField, uploadEnvelopeFieldAttachment, deleteEnvelopeFieldAttachment, getEnvelopeDocumentPageDisplayUri, ITimeRange, IListEnvelopesParams, getEnvelopes, getEnvelopesZip, sortFields, sortDocuments, sortRecipients, isFieldFilled, isFieldValid, createInitials, IRecipientKbaStepNone, IRecipientKbaStepComplete, IRecipientKbaStepPin, IRecipientKbaStepIdentity, IRecipientKbaStepChallenge, IRecipientKbaStepFailed, TRecipientKbaStep, getKbaStep, submitKbaPin, IKbaIdentity, submitKbaIdentity, IKbaChallengeResponse, submitKbaChallengeResponse, envelopeRecipientAgree, envelopeRecipientDecline, envelopeRecipientSubmit, startSigningSession, getInPersonLink, verifySigner, delegateRecipient, updateRecipient, remindRecipient, resetRecipient, askQuestion, isEnvelopeOwner, isEnvelopeRecipient, canAccessEnvelope, userIsEnvelopeOwner, userIsEnvelopeRecipient, useCanAccessEnvelope, envelopeIsActive, envelopeIsComplete, userCanCancelEnvelope, userCanFinishEnvelope, recipientHasAction, getRecipientsWithActions, recipientCanAct, userCanAct, getRecipient, getRecipientWithActions, userCanSignNow, getNextRecipient, createSignature, IEnvelopesSearchResult, IDocumentSearchOptions, ICreateEnvelopeRecipientFromTemplate, ICreateEnvelopeRecipientDirectly, ISignerTokenResponse, IInPersonLinkResponse, IUpdateRecipientStatus, ICreateEnvelopeReminderRequest, IUpdateRecipientParams, ICreateEnvelopeDocumentFromData, ICreateEnvelopeDocumentFromUri, ICreateEnvelopeDocumentFromFile, ICreateEnvelopeFieldFromTemplate, ICreateEnvelopeFieldDirectly, ICreateEnvelopeFromTemplateRequest, ICreateEnvelopeDirectlyRequest, TCreateEnvelopeRequest, IAuthenticateRecipientViaPasscodeRequest, IAuthenticateRecipientViaEmailRequest, IAuthenticateRecipientViaSMSRequest, IKBAResponse, IAuthenticateRecipientViaKBARequest, TAuthenticateRecipientRequest, DEFAULT_DISCLOSURES, getApiKeys, createApiKey, rotateApiKey, updateApiKey, deleteApiKey, getOrganizationContacts, deleteOrganizationContact, createOrganizationContact, updateOrganizationContact, getGroups, getGroup, createGroup, updateGroup, deleteGroup, addGroupMember, deleteGroupMember, getOrganizationInvitations, createOrganizationInvitation, deleteOrganizationInvitation, updateOrganizationInvitation, resendOrganizationInvitation, getOrganizationInvitation, acceptOrganizationInvitation, declineOrganizationInvitation, getOrganizationMembers, deleteOrganizationMember, updateOrganizationMember, lockOrganizationMember, unlockOrganizationMember, getNotificationTemplates, getNotificationTemplate, createNotificationTemplate, updateNotificationTemplate, deleteNotificationTemplate, getOrganization, getOrganizationChildren, getOrganizationUsage, createOrganization, updateOrganization, deleteOrganization, updateOrganizationLogo, updateOrganizationThumbnail, getEntitlements, getActiveEntitlements, ICreateApiKeyRequest, IUpdateApiKeyRequest, ICreateInvitationRequest, IAcceptOrganizationInvitationRequest, ISetWebhookRequest, ICreateNotificationTemplateRequest, IUpdateNotificationTemplateRequest, getWebhooks, setWebhooks, rotateWebhookSecret, TTemplatePermissionCreatePublic, TTemplatePermissionCreateOrg, TTemplatePermissionCreatePersonal, TTemplatePermissionDelete, TTemplatePermissionVisibility, TTemplateMemberRead, TTemplateMemberWrite, TTemplateMemberDelete, TTemplateMemberVisibility, TTemplatePermission, TAccountPermissionOwnerAdd, TAccountPermissionOwnerRemove, TAccountPermissionAdminAdd, TAccountPermissionAdminRemove, TAccountPermissionMemberView, TAccountPermissionMemberAdd, TAccountPermissionMemberRemove, TAccountPermission, TOrgPermissionCreate, TOrgPermissionView, TOrgPermissionUpdate, TOrgPermissionDelete, TOrgPermissionTransfer, TOrgPermissionList, TOrgPermission, TEnvelopePermissionCreate, TEnvelopePermissionCancel, TEnvelopePermissionView, TEnvelopePermissionOrg, TEnvelopePermission, TPermission, TRole, RolePermissions, userHasPermissions, ISigningSession, IUserSession, IIdToken, TSessionType, TSession, TActiveSession, canPerformTemplateAction, hasRequiredPermissions, createField, updateField, deleteField, userIsTemplateCreator, userHasSharedTemplate, userCanCreatePersonalTemplate, userCanCreateOrgTemplate, userCanCreatePublicTemplate, userCanReadTemplate, userCanUpdateTemplate, userCanMakeTemplatePrivate, userCanMakeTemplateShared, userCanMakeTemplatePublic, userCanChangeOrgVisibility, userCanDeleteTemplate, userCanSendTemplate, userCanCreateTemplate, userCanBuildTemplate, getFieldsForRole, userCanPreviewTemplate, createTemplateRole, updateTemplateRole, deleteTemplateRole, ITemplateSortBy, TTemplateVisibilityFilter, IGetTemplatesParams, getTemplates, getTemplate, IDocumentFromUri, IDocumentFromData, ITemplateCreateParams, createTemplate, duplicateTemplate, ITemplateCreateFromSharepointParams, createTemplateFromSharepoint, updateTemplate, deleteTemplate, toggleTemplateStar, createTemplateDocument, deleteTemplateDocument, getTemplateDocument, downloadTemplateDocument, getTemplateDocumentDownloadLink, getTemplateDocumentPreviewLink, getTemplateDocumentFile, getTemplateDocumentThumbnail, getTemplateDocumentPageDisplayUri, ITemplateTag, ITag, IStar, ITemplateSearchResult, IValidator, isValidInput, getValidators, isValidEmail, isValidPhone, isValidRoleName, isValidTag, IROPCRequest, IClientCredentialsRequest, IRefreshTokenRequest, TAuthenticationRequest, authenticate, refreshToken, changePassword, resetPassword, resendVerification, verifyEmail, getMyUser, getNotifications, getProfiles, getCurrentProfile, switchProfile, updateProfile, deleteProfile, createProfile, updateProfilePhoto, ICreateProfileRequest, IUpdateProfileRequest, IAuthenticateResponse, IChangePasswordRequest, IChangePasswordResponse, IResetPasswordRequest, IResetPasswordResponse, IVerifyEmailRequest, getRGB, getRGBA, nameToRGBA, getRoleColor, formatShortTimeAgo, collapseEntitlements, getRTop, getRLeft, getRValue, blobToBase64, rescale, fileToDataUrl, downloadBlob, Countries, getCountryByCode, isFrenchGuiana, isGuadeloupe, isMartinique, isMayotte, getPlusOneCountry, isCanada, isAmericanSamoa, isDominicanRepublic, isPuertoRico, getMatchingCountry, integerSequence, formatFullName, formatInitials, fullNameToInitials, capitalize, convertToE164, randomString, AtoB, decodeJWTBody, decodeAccessTokenBody, IFileWithData, ICountry };

package/dist/index.d.ts

@@ -409,19 +409,32 @@ interface IProfile {
 }
 interface IUser {
     id: string;
+    /** Email address. */
     email: string;
+    /** If true, the email has been verified in some way (e.g. OTP verification or trusted third party. */
     email_verified: boolean;
+    /** Password hash, present only for type consistency. Marked optional, but will never be returned by the backend. */
     pass_hash?: string;
     first_name: string | null;
     last_name: string | null;
     phone: string | null;
     picture: string | null;
+    /** If set, the Azure B2C ID for the user. Generally set only for Teams/PowerAutomate users. */
     b2cId: string | null;
+    /** If set, the Google account ID for the user. Set only for users logging in via Google. */
     googleId: string | null;
+    /** If set, the Apple account ID for the user. Set only for users logging in via Apple. */
     appleId: string | null;
+    /** If set, the Github account ID for the user. Set only for users logging in via Github. */
     githubId?: string | null;
     created_at: string;
     updated_at: string;
+    /** True if the account is locked, typically due to failed sign-in attempts. Only visible to admins or owners. */
+    locked?: boolean;
+    /** Reason the account is locked. Only visible to admins or owners. */
+    lock_reason?: string | null;
+    /** Consecutive failed sign-in attempts. Only visible to admins or owners. */
+    login_failures?: number;
 }
 type IWebhookEvents = Record<TWebhookEvent, boolean>;
 interface IWebhook {
@@ -609,6 +622,7 @@ interface IEnvelopeField {
     required: boolean | null;
     /** If true, the field will be not be editable by the participant(s). NOTE: Fields may not be both required and readonly. */
     readonly: boolean | null;
+    // TODO: In the future, let's decide on the fate of the `settings` object
     /** @deprecated. Use top-level fields instead. */
     settings: IEnvelopeFieldSettings | null;
     validator: string | null;
@@ -680,6 +694,8 @@ interface IEnvelopeFieldSettings {
     /** Checkbox settings */
     minimum_checked?: number;
     maximum_checked?: number;
+    canvasHeight?: number;
+    canvasWidth?: number;
 }
 interface IEnvelopeHistory {
     id: string;
@@ -1014,7 +1030,7 @@ type TTemplateSender = "envelope_creator" | "template_owner";
 type TTemplateAction = "create_personal" | "create_org" | "create_public" | "read" | "write" | "delete" | "change_visibility_personal" | "change_visibility_org" | "change_visibility_public";
 type TRecipientAction = "submit" | "decline" | "prepare" | "update";
 type TEnvelopeStatus = "complete" | "pending" | "in progress" | "declined" | "canceled";
-type TRecipientStatus = "invited" | "opened" | "signed" | "submitted" | "canceled" | "pending" | "declined";
+type TRecipientStatus = "invited" | "opened" | "signed" | "submitted" | "canceled" | "pending" | "declined" | "failed";
 type TRecipientType = "signer" | "cc" | "approver";
 /**
  * Plans provide access to Verdocs product features.
@@ -2289,6 +2305,14 @@ declare const recipientCanAct: (recipient: IRecipient, recipientsWithActions: IR
  * Returns true if the user can act.
  */
 declare const userCanAct: (email: string, recipientsWithActions: IRecipient[]) => boolean | undefined;
+/**
+ * Get a recipient from an envelope via an email match.
+ */
+declare const getRecipient: (email: string, envelope: IEnvelope) => IRecipient | undefined;
+/**
+ * Get a recipient that can act from an envelope via an email match.
+ */
+declare const getRecipientWithActions: (email: string, envelope: IEnvelope) => boolean | undefined;
 /**
  * Returns true if the user can act.
  */
@@ -3029,6 +3053,43 @@ declare const deleteOrganizationMember: (endpoint: VerdocsEndpoint, profileId: s
  * @apiSuccess IProfile . The updated profile for the member.
  */
 declare const updateOrganizationMember: (endpoint: VerdocsEndpoint, profileId: string, params: Partial<Pick<IProfile, "roles" | "first_name" | "last_name">>) => Promise<IProfile>;
+/**
+ * Lock an organization member's account. The member will be unable to sign in until an admin
+ * unlocks them or they complete the password-reset flow. Caller must be an admin or owner,
+ * may not lock him/herself, and the target must have a linked user account.
+ *
+ * ```typescript
+ * import {lockOrganizationMember} from '@verdocs/js-sdk';
+ *
+ * const result = await lockOrganizationMember(VerdocsEndpoint.getDefault(), 'PROFILEID', 'Departed employee');
+ * ```
+ *
+ * @group Organization Members
+ * @api PUT /v2/organization-members/:profile_id Perform an operation on an organization member.
+ * @apiParam string(format:uuid) profile_id The Profile ID to operate on.
+ * @apiBody string(enum:'lock') action Action to perform
+ * @apiBody string reason Reason the account is being locked. Stored on the user record and shown to admins.
+ * @apiSuccess IProfile . The updated profile for the member, with the joined user record.
+ */
+declare const lockOrganizationMember: (endpoint: VerdocsEndpoint, profileId: string, reason: string) => Promise<IProfile>;
+/**
+ * Unlock a member whose account has been locked (typically after too many failed sign-in attempts
+ * or via an earlier admin lock). Caller must be an admin or owner, may not unlock him/herself, and
+ * the target must have a linked user account. Clears `locked`, `lock_reason`, and `login_failures`.
+ *
+ * ```typescript
+ * import {unlockOrganizationMember} from '@verdocs/js-sdk';
+ *
+ * const result = await unlockOrganizationMember(VerdocsEndpoint.getDefault(), 'PROFILEID');
+ * ```
+ *
+ * @group Organization Members
+ * @api PUT /v2/organization-members/:profile_id Perform an operation on an organization member.
+ * @apiParam string(format:uuid) profile_id The Profile ID to operate on.
+ * @apiBody string(enum:'unlock') action Action to perform
+ * @apiSuccess IProfile . The updated profile for the member, with the joined user record.
+ */
+declare const unlockOrganizationMember: (endpoint: VerdocsEndpoint, profileId: string) => Promise<IProfile>;
 /**
  * Get all notification templates for the caller's organization.
  *
@@ -4049,4 +4110,4 @@ declare const decodeJWTBody: (token: string) => any;
  * the presence of the `document_id` field, which will only be present for signing sessions.
  */
 declare const decodeAccessTokenBody: (token: string) => TSession;
-export { TRequestStatus, TTemplateSender, TTemplateAction, TRecipientAction, TEnvelopeStatus, TRecipientStatus, TRecipientType, TSortTemplateBy, TAccessKeyType, TApiKeyPermission, TDeprecatedHistoryEvent, THistoryEvent, TEventDetail, TEnvelopeUpdateResult, TFieldType, TWebhookEvent, WEBHOOK_EVENTS, TTemplateVisibility, TEntitlement, TRecipientAuthMethod, TRecipientAuthStep, TUsageType, TWebhookAuthMethod, TNotificationType, TEventName, FIELD_TYPES, DEFAULT_FIELD_WIDTHS, DEFAULT_FIELD_HEIGHTS, ALL_PERMISSIONS, IChannel, IDisabledChannel, INotification, INotificationTemplate, IApiKey, IGroup, IGroupProfile, IOAuth2App, IEntitlement, IOrganization, IOrganizationInvitation, IPendingWebhook, IProfile, IUser, IWebhookEvents, IWebhook, IInPersonAccessKey, IInAppAccessKey, IEmailAccessKey, ISMSAccessKey, TAccessKey, IEnvelope, IEnvelopeDocument, IDropdownOption, IEnvelopeField, IEnvelopeFieldOptions, IEnvelopeFieldSettings, IEnvelopeHistory, IInitial, IKbaPINRequired, IKBAQuestion, IRecipient, IRole, ISignature, ITemplate, ITemplateDocument, ITemplateField, ITextFieldSetting, ITemplateFieldSetting, TOrganizationUsage, TEnvironment, TSessionChangedListener, VerdocsEndpointOptions, VerdocsEndpoint, createEnvelope, getEnvelope, getEnvelopeDocument, downloadEnvelopeDocument, getEnvelopeDocumentDownloadLink, getEnvelopeDocumentPreviewLink, cancelEnvelope, getEnvelopeFile, updateEnvelope, updateEnvelopeField, uploadEnvelopeFieldAttachment, deleteEnvelopeFieldAttachment, getEnvelopeDocumentPageDisplayUri, ITimeRange, IListEnvelopesParams, getEnvelopes, getEnvelopesZip, sortFields, sortDocuments, sortRecipients, isFieldFilled, isFieldValid, createInitials, IRecipientKbaStepNone, IRecipientKbaStepComplete, IRecipientKbaStepPin, IRecipientKbaStepIdentity, IRecipientKbaStepChallenge, IRecipientKbaStepFailed, TRecipientKbaStep, getKbaStep, submitKbaPin, IKbaIdentity, submitKbaIdentity, IKbaChallengeResponse, submitKbaChallengeResponse, envelopeRecipientAgree, envelopeRecipientDecline, envelopeRecipientSubmit, startSigningSession, getInPersonLink, verifySigner, delegateRecipient, updateRecipient, remindRecipient, resetRecipient, askQuestion, isEnvelopeOwner, isEnvelopeRecipient, canAccessEnvelope, userIsEnvelopeOwner, userIsEnvelopeRecipient, useCanAccessEnvelope, envelopeIsActive, envelopeIsComplete, userCanCancelEnvelope, userCanFinishEnvelope, recipientHasAction, getRecipientsWithActions, recipientCanAct, userCanAct, userCanSignNow, getNextRecipient, createSignature, IEnvelopesSearchResult, IDocumentSearchOptions, ICreateEnvelopeRecipientFromTemplate, ICreateEnvelopeRecipientDirectly, ISignerTokenResponse, IInPersonLinkResponse, IUpdateRecipientStatus, ICreateEnvelopeReminderRequest, IUpdateRecipientParams, ICreateEnvelopeDocumentFromData, ICreateEnvelopeDocumentFromUri, ICreateEnvelopeDocumentFromFile, ICreateEnvelopeFieldFromTemplate, ICreateEnvelopeFieldDirectly, ICreateEnvelopeFromTemplateRequest, ICreateEnvelopeDirectlyRequest, TCreateEnvelopeRequest, IAuthenticateRecipientViaPasscodeRequest, IAuthenticateRecipientViaEmailRequest, IAuthenticateRecipientViaSMSRequest, IKBAResponse, IAuthenticateRecipientViaKBARequest, TAuthenticateRecipientRequest, DEFAULT_DISCLOSURES, getApiKeys, createApiKey, rotateApiKey, updateApiKey, deleteApiKey, getOrganizationContacts, deleteOrganizationContact, createOrganizationContact, updateOrganizationContact, getGroups, getGroup, createGroup, updateGroup, deleteGroup, addGroupMember, deleteGroupMember, getOrganizationInvitations, createOrganizationInvitation, deleteOrganizationInvitation, updateOrganizationInvitation, resendOrganizationInvitation, getOrganizationInvitation, acceptOrganizationInvitation, declineOrganizationInvitation, getOrganizationMembers, deleteOrganizationMember, updateOrganizationMember, getNotificationTemplates, getNotificationTemplate, createNotificationTemplate, updateNotificationTemplate, deleteNotificationTemplate, getOrganization, getOrganizationChildren, getOrganizationUsage, createOrganization, updateOrganization, deleteOrganization, updateOrganizationLogo, updateOrganizationThumbnail, getEntitlements, getActiveEntitlements, ICreateApiKeyRequest, IUpdateApiKeyRequest, ICreateInvitationRequest, IAcceptOrganizationInvitationRequest, ISetWebhookRequest, ICreateNotificationTemplateRequest, IUpdateNotificationTemplateRequest, getWebhooks, setWebhooks, rotateWebhookSecret, TTemplatePermissionCreatePublic, TTemplatePermissionCreateOrg, TTemplatePermissionCreatePersonal, TTemplatePermissionDelete, TTemplatePermissionVisibility, TTemplateMemberRead, TTemplateMemberWrite, TTemplateMemberDelete, TTemplateMemberVisibility, TTemplatePermission, TAccountPermissionOwnerAdd, TAccountPermissionOwnerRemove, TAccountPermissionAdminAdd, TAccountPermissionAdminRemove, TAccountPermissionMemberView, TAccountPermissionMemberAdd, TAccountPermissionMemberRemove, TAccountPermission, TOrgPermissionCreate, TOrgPermissionView, TOrgPermissionUpdate, TOrgPermissionDelete, TOrgPermissionTransfer, TOrgPermissionList, TOrgPermission, TEnvelopePermissionCreate, TEnvelopePermissionCancel, TEnvelopePermissionView, TEnvelopePermissionOrg, TEnvelopePermission, TPermission, TRole, RolePermissions, userHasPermissions, ISigningSession, IUserSession, IIdToken, TSessionType, TSession, TActiveSession, canPerformTemplateAction, hasRequiredPermissions, createField, updateField, deleteField, userIsTemplateCreator, userHasSharedTemplate, userCanCreatePersonalTemplate, userCanCreateOrgTemplate, userCanCreatePublicTemplate, userCanReadTemplate, userCanUpdateTemplate, userCanMakeTemplatePrivate, userCanMakeTemplateShared, userCanMakeTemplatePublic, userCanChangeOrgVisibility, userCanDeleteTemplate, userCanSendTemplate, userCanCreateTemplate, userCanBuildTemplate, getFieldsForRole, userCanPreviewTemplate, createTemplateRole, updateTemplateRole, deleteTemplateRole, ITemplateSortBy, TTemplateVisibilityFilter, IGetTemplatesParams, getTemplates, getTemplate, IDocumentFromUri, IDocumentFromData, ITemplateCreateParams, createTemplate, duplicateTemplate, ITemplateCreateFromSharepointParams, createTemplateFromSharepoint, updateTemplate, deleteTemplate, toggleTemplateStar, createTemplateDocument, deleteTemplateDocument, getTemplateDocument, downloadTemplateDocument, getTemplateDocumentDownloadLink, getTemplateDocumentPreviewLink, getTemplateDocumentFile, getTemplateDocumentThumbnail, getTemplateDocumentPageDisplayUri, ITemplateTag, ITag, IStar, ITemplateSearchResult, IValidator, isValidInput, getValidators, isValidEmail, isValidPhone, isValidRoleName, isValidTag, IROPCRequest, IClientCredentialsRequest, IRefreshTokenRequest, TAuthenticationRequest, authenticate, refreshToken, changePassword, resetPassword, resendVerification, verifyEmail, getMyUser, getNotifications, getProfiles, getCurrentProfile, switchProfile, updateProfile, deleteProfile, createProfile, updateProfilePhoto, ICreateProfileRequest, IUpdateProfileRequest, IAuthenticateResponse, IChangePasswordRequest, IChangePasswordResponse, IResetPasswordRequest, IResetPasswordResponse, IVerifyEmailRequest, getRGB, getRGBA, nameToRGBA, getRoleColor, formatShortTimeAgo, collapseEntitlements, getRTop, getRLeft, getRValue, blobToBase64, rescale, fileToDataUrl, downloadBlob, Countries, getCountryByCode, isFrenchGuiana, isGuadeloupe, isMartinique, isMayotte, getPlusOneCountry, isCanada, isAmericanSamoa, isDominicanRepublic, isPuertoRico, getMatchingCountry, integerSequence, formatFullName, formatInitials, fullNameToInitials, capitalize, convertToE164, randomString, AtoB, decodeJWTBody, decodeAccessTokenBody, IFileWithData, ICountry };
+export { TRequestStatus, TTemplateSender, TTemplateAction, TRecipientAction, TEnvelopeStatus, TRecipientStatus, TRecipientType, TSortTemplateBy, TAccessKeyType, TApiKeyPermission, TDeprecatedHistoryEvent, THistoryEvent, TEventDetail, TEnvelopeUpdateResult, TFieldType, TWebhookEvent, WEBHOOK_EVENTS, TTemplateVisibility, TEntitlement, TRecipientAuthMethod, TRecipientAuthStep, TUsageType, TWebhookAuthMethod, TNotificationType, TEventName, FIELD_TYPES, DEFAULT_FIELD_WIDTHS, DEFAULT_FIELD_HEIGHTS, ALL_PERMISSIONS, IChannel, IDisabledChannel, INotification, INotificationTemplate, IApiKey, IGroup, IGroupProfile, IOAuth2App, IEntitlement, IOrganization, IOrganizationInvitation, IPendingWebhook, IProfile, IUser, IWebhookEvents, IWebhook, IInPersonAccessKey, IInAppAccessKey, IEmailAccessKey, ISMSAccessKey, TAccessKey, IEnvelope, IEnvelopeDocument, IDropdownOption, IEnvelopeField, IEnvelopeFieldOptions, IEnvelopeFieldSettings, IEnvelopeHistory, IInitial, IKbaPINRequired, IKBAQuestion, IRecipient, IRole, ISignature, ITemplate, ITemplateDocument, ITemplateField, ITextFieldSetting, ITemplateFieldSetting, TOrganizationUsage, TEnvironment, TSessionChangedListener, VerdocsEndpointOptions, VerdocsEndpoint, createEnvelope, getEnvelope, getEnvelopeDocument, downloadEnvelopeDocument, getEnvelopeDocumentDownloadLink, getEnvelopeDocumentPreviewLink, cancelEnvelope, getEnvelopeFile, updateEnvelope, updateEnvelopeField, uploadEnvelopeFieldAttachment, deleteEnvelopeFieldAttachment, getEnvelopeDocumentPageDisplayUri, ITimeRange, IListEnvelopesParams, getEnvelopes, getEnvelopesZip, sortFields, sortDocuments, sortRecipients, isFieldFilled, isFieldValid, createInitials, IRecipientKbaStepNone, IRecipientKbaStepComplete, IRecipientKbaStepPin, IRecipientKbaStepIdentity, IRecipientKbaStepChallenge, IRecipientKbaStepFailed, TRecipientKbaStep, getKbaStep, submitKbaPin, IKbaIdentity, submitKbaIdentity, IKbaChallengeResponse, submitKbaChallengeResponse, envelopeRecipientAgree, envelopeRecipientDecline, envelopeRecipientSubmit, startSigningSession, getInPersonLink, verifySigner, delegateRecipient, updateRecipient, remindRecipient, resetRecipient, askQuestion, isEnvelopeOwner, isEnvelopeRecipient, canAccessEnvelope, userIsEnvelopeOwner, userIsEnvelopeRecipient, useCanAccessEnvelope, envelopeIsActive, envelopeIsComplete, userCanCancelEnvelope, userCanFinishEnvelope, recipientHasAction, getRecipientsWithActions, recipientCanAct, userCanAct, getRecipient, getRecipientWithActions, userCanSignNow, getNextRecipient, createSignature, IEnvelopesSearchResult, IDocumentSearchOptions, ICreateEnvelopeRecipientFromTemplate, ICreateEnvelopeRecipientDirectly, ISignerTokenResponse, IInPersonLinkResponse, IUpdateRecipientStatus, ICreateEnvelopeReminderRequest, IUpdateRecipientParams, ICreateEnvelopeDocumentFromData, ICreateEnvelopeDocumentFromUri, ICreateEnvelopeDocumentFromFile, ICreateEnvelopeFieldFromTemplate, ICreateEnvelopeFieldDirectly, ICreateEnvelopeFromTemplateRequest, ICreateEnvelopeDirectlyRequest, TCreateEnvelopeRequest, IAuthenticateRecipientViaPasscodeRequest, IAuthenticateRecipientViaEmailRequest, IAuthenticateRecipientViaSMSRequest, IKBAResponse, IAuthenticateRecipientViaKBARequest, TAuthenticateRecipientRequest, DEFAULT_DISCLOSURES, getApiKeys, createApiKey, rotateApiKey, updateApiKey, deleteApiKey, getOrganizationContacts, deleteOrganizationContact, createOrganizationContact, updateOrganizationContact, getGroups, getGroup, createGroup, updateGroup, deleteGroup, addGroupMember, deleteGroupMember, getOrganizationInvitations, createOrganizationInvitation, deleteOrganizationInvitation, updateOrganizationInvitation, resendOrganizationInvitation, getOrganizationInvitation, acceptOrganizationInvitation, declineOrganizationInvitation, getOrganizationMembers, deleteOrganizationMember, updateOrganizationMember, lockOrganizationMember, unlockOrganizationMember, getNotificationTemplates, getNotificationTemplate, createNotificationTemplate, updateNotificationTemplate, deleteNotificationTemplate, getOrganization, getOrganizationChildren, getOrganizationUsage, createOrganization, updateOrganization, deleteOrganization, updateOrganizationLogo, updateOrganizationThumbnail, getEntitlements, getActiveEntitlements, ICreateApiKeyRequest, IUpdateApiKeyRequest, ICreateInvitationRequest, IAcceptOrganizationInvitationRequest, ISetWebhookRequest, ICreateNotificationTemplateRequest, IUpdateNotificationTemplateRequest, getWebhooks, setWebhooks, rotateWebhookSecret, TTemplatePermissionCreatePublic, TTemplatePermissionCreateOrg, TTemplatePermissionCreatePersonal, TTemplatePermissionDelete, TTemplatePermissionVisibility, TTemplateMemberRead, TTemplateMemberWrite, TTemplateMemberDelete, TTemplateMemberVisibility, TTemplatePermission, TAccountPermissionOwnerAdd, TAccountPermissionOwnerRemove, TAccountPermissionAdminAdd, TAccountPermissionAdminRemove, TAccountPermissionMemberView, TAccountPermissionMemberAdd, TAccountPermissionMemberRemove, TAccountPermission, TOrgPermissionCreate, TOrgPermissionView, TOrgPermissionUpdate, TOrgPermissionDelete, TOrgPermissionTransfer, TOrgPermissionList, TOrgPermission, TEnvelopePermissionCreate, TEnvelopePermissionCancel, TEnvelopePermissionView, TEnvelopePermissionOrg, TEnvelopePermission, TPermission, TRole, RolePermissions, userHasPermissions, ISigningSession, IUserSession, IIdToken, TSessionType, TSession, TActiveSession, canPerformTemplateAction, hasRequiredPermissions, createField, updateField, deleteField, userIsTemplateCreator, userHasSharedTemplate, userCanCreatePersonalTemplate, userCanCreateOrgTemplate, userCanCreatePublicTemplate, userCanReadTemplate, userCanUpdateTemplate, userCanMakeTemplatePrivate, userCanMakeTemplateShared, userCanMakeTemplatePublic, userCanChangeOrgVisibility, userCanDeleteTemplate, userCanSendTemplate, userCanCreateTemplate, userCanBuildTemplate, getFieldsForRole, userCanPreviewTemplate, createTemplateRole, updateTemplateRole, deleteTemplateRole, ITemplateSortBy, TTemplateVisibilityFilter, IGetTemplatesParams, getTemplates, getTemplate, IDocumentFromUri, IDocumentFromData, ITemplateCreateParams, createTemplate, duplicateTemplate, ITemplateCreateFromSharepointParams, createTemplateFromSharepoint, updateTemplate, deleteTemplate, toggleTemplateStar, createTemplateDocument, deleteTemplateDocument, getTemplateDocument, downloadTemplateDocument, getTemplateDocumentDownloadLink, getTemplateDocumentPreviewLink, getTemplateDocumentFile, getTemplateDocumentThumbnail, getTemplateDocumentPageDisplayUri, ITemplateTag, ITag, IStar, ITemplateSearchResult, IValidator, isValidInput, getValidators, isValidEmail, isValidPhone, isValidRoleName, isValidTag, IROPCRequest, IClientCredentialsRequest, IRefreshTokenRequest, TAuthenticationRequest, authenticate, refreshToken, changePassword, resetPassword, resendVerification, verifyEmail, getMyUser, getNotifications, getProfiles, getCurrentProfile, switchProfile, updateProfile, deleteProfile, createProfile, updateProfilePhoto, ICreateProfileRequest, IUpdateProfileRequest, IAuthenticateResponse, IChangePasswordRequest, IChangePasswordResponse, IResetPasswordRequest, IResetPasswordResponse, IVerifyEmailRequest, getRGB, getRGBA, nameToRGBA, getRoleColor, formatShortTimeAgo, collapseEntitlements, getRTop, getRLeft, getRValue, blobToBase64, rescale, fileToDataUrl, downloadBlob, Countries, getCountryByCode, isFrenchGuiana, isGuadeloupe, isMartinique, isMayotte, getPlusOneCountry, isCanada, isAmericanSamoa, isDominicanRepublic, isPuertoRico, getMatchingCountry, integerSequence, formatFullName, formatInitials, fullNameToInitials, capitalize, convertToE164, randomString, AtoB, decodeJWTBody, decodeAccessTokenBody, IFileWithData, ICountry };

package/dist/index.js

@@ -2155,6 +2155,12 @@ const userCanSendTemplate = (profile, template) => {
         case 'public':
             return true;
     }
+    if (!template.roles || !template.roles.length) {
+        return false;
+    }
+    if (!template.fields || !template.fields.length) {
+        return false;
+    }
 };
 /**
  * Confirm whether the user can create a new template.
@@ -2988,7 +2994,19 @@ const recipientCanAct = (recipient, recipientsWithActions) => recipient.sequence
  * Returns true if the user can act.
  */
 const userCanAct = (email, recipientsWithActions) => {
-    const recipient = recipientsWithActions.find((r) => r.email === email);
+    const recipient = recipientsWithActions.find((r) => r.email?.toLowerCase() === email?.toLowerCase());
+    return recipient && recipient.sequence === recipientsWithActions?.[0]?.sequence;
+};
+/**
+ * Get a recipient from an envelope via an email match.
+ */
+const getRecipient = (email, envelope) => (envelope.recipients || []).find((r) => r.email?.toLowerCase() === email?.toLowerCase());
+/**
+ * Get a recipient that can act from an envelope via an email match.
+ */
+const getRecipientWithActions = (email, envelope) => {
+    const recipientsWithActions = getRecipientsWithActions(envelope);
+    const recipient = recipientsWithActions.find((r) => r.email?.toLowerCase() === email?.toLowerCase());
     return recipient && recipient.sequence === recipientsWithActions?.[0]?.sequence;
 };
 /**
@@ -2999,7 +3017,7 @@ const userCanSignNow = (profile, envelope) => {
         return false;
     }
     const recipientsWithActions = getRecipientsWithActions(envelope);
-    const myRecipient = recipientsWithActions.find((r) => r.profile_id === profile?.id || r.email === profile?.email);
+    const myRecipient = recipientsWithActions.find((r) => r.profile_id === profile?.id || r.email?.toLowerCase() === profile?.email?.toLowerCase());
     return (myRecipient &&
         envelopeIsActive(envelope) &&
         userIsEnvelopeRecipient(profile, envelope) &&
@@ -3488,6 +3506,47 @@ const deleteOrganizationMember = (endpoint, profileId) => endpoint.api //
 const updateOrganizationMember = (endpoint, profileId, params) => endpoint.api //
     .patch(`/v2/organization-members/${profileId}`, params)
     .then((r) => r.data);
+/**
+ * Lock an organization member's account. The member will be unable to sign in until an admin
+ * unlocks them or they complete the password-reset flow. Caller must be an admin or owner,
+ * may not lock him/herself, and the target must have a linked user account.
+ *
+ * ```typescript
+ * import {lockOrganizationMember} from '@verdocs/js-sdk';
+ *
+ * const result = await lockOrganizationMember(VerdocsEndpoint.getDefault(), 'PROFILEID', 'Departed employee');
+ * ```
+ *
+ * @group Organization Members
+ * @api PUT /v2/organization-members/:profile_id Perform an operation on an organization member.
+ * @apiParam string(format:uuid) profile_id The Profile ID to operate on.
+ * @apiBody string(enum:'lock') action Action to perform
+ * @apiBody string reason Reason the account is being locked. Stored on the user record and shown to admins.
+ * @apiSuccess IProfile . The updated profile for the member, with the joined user record.
+ */
+const lockOrganizationMember = (endpoint, profileId, reason) => endpoint.api //
+    .put(`/v2/organization-members/${profileId}`, { action: 'lock', reason })
+    .then((r) => r.data);
+/**
+ * Unlock a member whose account has been locked (typically after too many failed sign-in attempts
+ * or via an earlier admin lock). Caller must be an admin or owner, may not unlock him/herself, and
+ * the target must have a linked user account. Clears `locked`, `lock_reason`, and `login_failures`.
+ *
+ * ```typescript
+ * import {unlockOrganizationMember} from '@verdocs/js-sdk';
+ *
+ * const result = await unlockOrganizationMember(VerdocsEndpoint.getDefault(), 'PROFILEID');
+ * ```
+ *
+ * @group Organization Members
+ * @api PUT /v2/organization-members/:profile_id Perform an operation on an organization member.
+ * @apiParam string(format:uuid) profile_id The Profile ID to operate on.
+ * @apiBody string(enum:'unlock') action Action to perform
+ * @apiSuccess IProfile . The updated profile for the member, with the joined user record.
+ */
+const unlockOrganizationMember = (endpoint, profileId) => endpoint.api //
+    .put(`/v2/organization-members/${profileId}`, { action: 'unlock' })
+    .then((r) => r.data);
 
 /**
  * Notification Templates allow organizations to customize the email and SMS notifications
@@ -4006,6 +4065,8 @@ exports.getRGBA = getRGBA;
 exports.getRLeft = getRLeft;
 exports.getRTop = getRTop;
 exports.getRValue = getRValue;
+exports.getRecipient = getRecipient;
+exports.getRecipientWithActions = getRecipientWithActions;
 exports.getRecipientsWithActions = getRecipientsWithActions;
 exports.getRoleColor = getRoleColor;
 exports.getTemplate = getTemplate;
@@ -4037,6 +4098,7 @@ exports.isValidInput = isValidInput;
 exports.isValidPhone = isValidPhone;
 exports.isValidRoleName = isValidRoleName;
 exports.isValidTag = isValidTag;
+exports.lockOrganizationMember = lockOrganizationMember;
 exports.nameToRGBA = nameToRGBA;
 exports.randomString = randomString;
 exports.recipientCanAct = recipientCanAct;
@@ -4060,6 +4122,7 @@ exports.submitKbaIdentity = submitKbaIdentity;
 exports.submitKbaPin = submitKbaPin;
 exports.switchProfile = switchProfile;
 exports.toggleTemplateStar = toggleTemplateStar;
+exports.unlockOrganizationMember = unlockOrganizationMember;
 exports.updateApiKey = updateApiKey;
 exports.updateEnvelope = updateEnvelope;
 exports.updateEnvelopeField = updateEnvelopeField;