@workos-inc/node 8.0.0-rc.7 → 8.0.0-rc.8

package/lib/client/index.cjs

@@ -1,15 +0,0 @@
-const require_client_user_management = require('./user-management.cjs');
-const require_client_sso = require('./sso.cjs');
-
-Object.defineProperty(exports, 'sso', {
-  enumerable: true,
-  get: function () {
-    return require_client_sso.sso_exports;
-  }
-});
-Object.defineProperty(exports, 'userManagement', {
-  enumerable: true,
-  get: function () {
-    return require_client_user_management.user_management_exports;
-  }
-});

package/lib/client/index.d.cts

@@ -1,3 +0,0 @@
-import { AuthorizationURLOptions, LogoutURLOptions, user_management_d_exports } from "./user-management.cjs";
-import { SSOAuthorizationURLOptions, sso_d_exports } from "./sso.cjs";
-export { type LogoutURLOptions, type SSOAuthorizationURLOptions, type AuthorizationURLOptions as UserManagementAuthorizationURLOptions, sso_d_exports as sso, user_management_d_exports as userManagement };

package/lib/client/index.d.ts

@@ -1,3 +0,0 @@
-import { AuthorizationURLOptions, LogoutURLOptions, user_management_d_exports } from "./user-management.js";
-import { SSOAuthorizationURLOptions, sso_d_exports } from "./sso.js";
-export { type LogoutURLOptions, type SSOAuthorizationURLOptions, type AuthorizationURLOptions as UserManagementAuthorizationURLOptions, sso_d_exports as sso, user_management_d_exports as userManagement };

package/lib/client/index.js

@@ -1,4 +0,0 @@
-import { user_management_exports } from "./user-management.js";
-import { sso_exports } from "./sso.js";
-
-export { sso_exports as sso, user_management_exports as userManagement };

package/lib/client/sso.cjs

@@ -1,40 +0,0 @@
-const require_rolldown_runtime = require('../_virtual/rolldown_runtime.cjs');
-const require_common_utils_query_string = require('../common/utils/query-string.cjs');
-
-//#region src/client/sso.ts
-var sso_exports = /* @__PURE__ */ require_rolldown_runtime.__export({ getAuthorizationUrl: () => getAuthorizationUrl });
-/**
-* Generates the authorization URL for SSO authentication.
-* Does not require an API key, suitable for OAuth client operations.
-*
-* @param options - SSO authorization URL options
-* @returns The authorization URL as a string
-* @throws Error if required arguments are missing
-*/
-function getAuthorizationUrl(options) {
-	const { connection, clientId, domainHint, loginHint, organization, provider, providerQueryParams, providerScopes, redirectUri, state, baseURL = "https://api.workos.com" } = options;
-	if (!provider && !connection && !organization) throw new Error(`Incomplete arguments. Need to specify either a 'connection', 'organization', or 'provider'.`);
-	return `${baseURL}/sso/authorize?${require_common_utils_query_string.toQueryString({
-		connection,
-		organization,
-		domain_hint: domainHint,
-		login_hint: loginHint,
-		provider,
-		provider_query_params: providerQueryParams,
-		provider_scopes: providerScopes,
-		client_id: clientId,
-		redirect_uri: redirectUri,
-		response_type: "code",
-		state
-	})}`;
-}
-
-//#endregion
-exports.getAuthorizationUrl = getAuthorizationUrl;
-Object.defineProperty(exports, 'sso_exports', {
-  enumerable: true,
-  get: function () {
-    return sso_exports;
-  }
-});
-//# sourceMappingURL=sso.cjs.map

package/lib/client/sso.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"sso.cjs","names":["toQueryString"],"sources":["../../src/client/sso.ts"],"sourcesContent":["import { toQueryString } from '../common/utils/query-string';\nimport type { SSOAuthorizationURLOptions as BaseSSOAuthorizationURLOptions } from '../sso/interfaces';\n\n// Extend the base options to include baseURL for internal use\nexport type SSOAuthorizationURLOptions = BaseSSOAuthorizationURLOptions & {\n  baseURL?: string;\n};\n\n/**\n * Generates the authorization URL for SSO authentication.\n * Does not require an API key, suitable for OAuth client operations.\n *\n * @param options - SSO authorization URL options\n * @returns The authorization URL as a string\n * @throws Error if required arguments are missing\n */\nexport function getAuthorizationUrl(\n  options: SSOAuthorizationURLOptions,\n): string {\n  const {\n    connection,\n    clientId,\n    domainHint,\n    loginHint,\n    organization,\n    provider,\n    providerQueryParams,\n    providerScopes,\n    redirectUri,\n    state,\n    baseURL = 'https://api.workos.com',\n  } = options;\n\n  if (!provider && !connection && !organization) {\n    throw new Error(\n      `Incomplete arguments. Need to specify either a 'connection', 'organization', or 'provider'.`,\n    );\n  }\n\n  const query = toQueryString({\n    connection,\n    organization,\n    domain_hint: domainHint,\n    login_hint: loginHint,\n    provider,\n    provider_query_params: providerQueryParams,\n    provider_scopes: providerScopes,\n    client_id: clientId,\n    redirect_uri: redirectUri,\n    response_type: 'code',\n    state,\n  });\n\n  return `${baseURL}/sso/authorize?${query}`;\n}\n"],"mappings":";;;;;;;;;;;;;AAgBA,SAAgB,oBACd,SACQ;CACR,MAAM,EACJ,YACA,UACA,YACA,WACA,cACA,UACA,qBACA,gBACA,aACA,OACA,UAAU,6BACR;AAEJ,KAAI,CAAC,YAAY,CAAC,cAAc,CAAC,aAC/B,OAAM,IAAI,MACR,8FACD;AAiBH,QAAO,GAAG,QAAQ,iBAdJA,gDAAc;EAC1B;EACA;EACA,aAAa;EACb,YAAY;EACZ;EACA,uBAAuB;EACvB,iBAAiB;EACjB,WAAW;EACX,cAAc;EACd,eAAe;EACf;EACD,CAAC"}

package/lib/client/sso.d.cts

@@ -1,21 +0,0 @@
-import { SSOAuthorizationURLOptions as SSOAuthorizationURLOptions$1 } from "../sso/interfaces/authorization-url-options.interface.cjs";
-
-//#region src/client/sso.d.ts
-declare namespace sso_d_exports {
-  export { SSOAuthorizationURLOptions, getAuthorizationUrl };
-}
-type SSOAuthorizationURLOptions = SSOAuthorizationURLOptions$1 & {
-  baseURL?: string;
-};
-/**
- * Generates the authorization URL for SSO authentication.
- * Does not require an API key, suitable for OAuth client operations.
- *
- * @param options - SSO authorization URL options
- * @returns The authorization URL as a string
- * @throws Error if required arguments are missing
- */
-declare function getAuthorizationUrl(options: SSOAuthorizationURLOptions): string;
-//#endregion
-export { SSOAuthorizationURLOptions, getAuthorizationUrl, sso_d_exports };
-//# sourceMappingURL=sso.d.cts.map

package/lib/client/sso.d.ts

@@ -1,21 +0,0 @@
-import { SSOAuthorizationURLOptions as SSOAuthorizationURLOptions$1 } from "../sso/interfaces/authorization-url-options.interface.js";
-
-//#region src/client/sso.d.ts
-declare namespace sso_d_exports {
-  export { SSOAuthorizationURLOptions, getAuthorizationUrl };
-}
-type SSOAuthorizationURLOptions = SSOAuthorizationURLOptions$1 & {
-  baseURL?: string;
-};
-/**
- * Generates the authorization URL for SSO authentication.
- * Does not require an API key, suitable for OAuth client operations.
- *
- * @param options - SSO authorization URL options
- * @returns The authorization URL as a string
- * @throws Error if required arguments are missing
- */
-declare function getAuthorizationUrl(options: SSOAuthorizationURLOptions): string;
-//#endregion
-export { SSOAuthorizationURLOptions, getAuthorizationUrl, sso_d_exports };
-//# sourceMappingURL=sso.d.ts.map

package/lib/client/sso.js

@@ -1,34 +0,0 @@
-import { __export } from "../_virtual/rolldown_runtime.js";
-import { toQueryString } from "../common/utils/query-string.js";
-
-//#region src/client/sso.ts
-var sso_exports = /* @__PURE__ */ __export({ getAuthorizationUrl: () => getAuthorizationUrl });
-/**
-* Generates the authorization URL for SSO authentication.
-* Does not require an API key, suitable for OAuth client operations.
-*
-* @param options - SSO authorization URL options
-* @returns The authorization URL as a string
-* @throws Error if required arguments are missing
-*/
-function getAuthorizationUrl(options) {
-	const { connection, clientId, domainHint, loginHint, organization, provider, providerQueryParams, providerScopes, redirectUri, state, baseURL = "https://api.workos.com" } = options;
-	if (!provider && !connection && !organization) throw new Error(`Incomplete arguments. Need to specify either a 'connection', 'organization', or 'provider'.`);
-	return `${baseURL}/sso/authorize?${toQueryString({
-		connection,
-		organization,
-		domain_hint: domainHint,
-		login_hint: loginHint,
-		provider,
-		provider_query_params: providerQueryParams,
-		provider_scopes: providerScopes,
-		client_id: clientId,
-		redirect_uri: redirectUri,
-		response_type: "code",
-		state
-	})}`;
-}
-
-//#endregion
-export { getAuthorizationUrl, sso_exports };
-//# sourceMappingURL=sso.js.map

package/lib/client/sso.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"sso.js","names":[],"sources":["../../src/client/sso.ts"],"sourcesContent":["import { toQueryString } from '../common/utils/query-string';\nimport type { SSOAuthorizationURLOptions as BaseSSOAuthorizationURLOptions } from '../sso/interfaces';\n\n// Extend the base options to include baseURL for internal use\nexport type SSOAuthorizationURLOptions = BaseSSOAuthorizationURLOptions & {\n  baseURL?: string;\n};\n\n/**\n * Generates the authorization URL for SSO authentication.\n * Does not require an API key, suitable for OAuth client operations.\n *\n * @param options - SSO authorization URL options\n * @returns The authorization URL as a string\n * @throws Error if required arguments are missing\n */\nexport function getAuthorizationUrl(\n  options: SSOAuthorizationURLOptions,\n): string {\n  const {\n    connection,\n    clientId,\n    domainHint,\n    loginHint,\n    organization,\n    provider,\n    providerQueryParams,\n    providerScopes,\n    redirectUri,\n    state,\n    baseURL = 'https://api.workos.com',\n  } = options;\n\n  if (!provider && !connection && !organization) {\n    throw new Error(\n      `Incomplete arguments. Need to specify either a 'connection', 'organization', or 'provider'.`,\n    );\n  }\n\n  const query = toQueryString({\n    connection,\n    organization,\n    domain_hint: domainHint,\n    login_hint: loginHint,\n    provider,\n    provider_query_params: providerQueryParams,\n    provider_scopes: providerScopes,\n    client_id: clientId,\n    redirect_uri: redirectUri,\n    response_type: 'code',\n    state,\n  });\n\n  return `${baseURL}/sso/authorize?${query}`;\n}\n"],"mappings":";;;;;;;;;;;;;AAgBA,SAAgB,oBACd,SACQ;CACR,MAAM,EACJ,YACA,UACA,YACA,WACA,cACA,UACA,qBACA,gBACA,aACA,OACA,UAAU,6BACR;AAEJ,KAAI,CAAC,YAAY,CAAC,cAAc,CAAC,aAC/B,OAAM,IAAI,MACR,8FACD;AAiBH,QAAO,GAAG,QAAQ,iBAdJ,cAAc;EAC1B;EACA;EACA,aAAa;EACb,YAAY;EACZ;EACA,uBAAuB;EACvB,iBAAiB;EACjB,WAAW;EACX,cAAc;EACd,eAAe;EACf;EACD,CAAC"}

package/lib/client/user-management.cjs

@@ -1,80 +0,0 @@
-const require_rolldown_runtime = require('../_virtual/rolldown_runtime.cjs');
-const require_common_utils_query_string = require('../common/utils/query-string.cjs');
-
-//#region src/client/user-management.ts
-var user_management_exports = /* @__PURE__ */ require_rolldown_runtime.__export({
-	getAuthorizationUrl: () => getAuthorizationUrl,
-	getJwksUrl: () => getJwksUrl,
-	getLogoutUrl: () => getLogoutUrl
-});
-/**
-* Generates the authorization URL for OAuth client authentication.
-* Suitable for PKCE flows and other OAuth client operations that don't require an API key.
-*
-* @param options - Authorization URL options
-* @returns The authorization URL as a string
-* @throws TypeError if required arguments are missing
-*/
-function getAuthorizationUrl(options) {
-	const { connectionId, codeChallenge, codeChallengeMethod, clientId, domainHint, loginHint, organizationId, provider, providerQueryParams, providerScopes, prompt, redirectUri, state, screenHint, baseURL = "https://api.workos.com" } = options;
-	if (!provider && !connectionId && !organizationId) throw new TypeError(`Incomplete arguments. Need to specify either a 'connectionId', 'organizationId', or 'provider'.`);
-	if (provider !== "authkit" && screenHint) throw new TypeError(`'screenHint' is only supported for 'authkit' provider`);
-	return `${baseURL}/user_management/authorize?${require_common_utils_query_string.toQueryString({
-		connection_id: connectionId,
-		code_challenge: codeChallenge,
-		code_challenge_method: codeChallengeMethod,
-		organization_id: organizationId,
-		domain_hint: domainHint,
-		login_hint: loginHint,
-		provider,
-		provider_query_params: providerQueryParams,
-		provider_scopes: providerScopes,
-		prompt,
-		client_id: clientId,
-		redirect_uri: redirectUri,
-		response_type: "code",
-		state,
-		screen_hint: screenHint
-	})}`;
-}
-/**
-* Generates the logout URL for ending a user session.
-* This method is safe to use in browser environments as it doesn't require an API key.
-*
-* @param options - Logout URL options
-* @returns The logout URL as a string
-* @throws TypeError if sessionId is not provided
-*/
-function getLogoutUrl(options) {
-	const { sessionId, returnTo, baseURL = "https://api.workos.com" } = options;
-	if (!sessionId) throw new TypeError(`Incomplete arguments. Need to specify 'sessionId'.`);
-	const url = new URL("/user_management/sessions/logout", baseURL);
-	url.searchParams.set("session_id", sessionId);
-	if (returnTo) url.searchParams.set("return_to", returnTo);
-	return url.toString();
-}
-/**
-* Gets the JWKS (JSON Web Key Set) URL for a given client ID.
-* Does not require an API key, returns the public JWKS endpoint.
-*
-* @param clientId - The WorkOS client ID
-* @param baseURL - Optional base URL for the API (defaults to https://api.workos.com)
-* @returns The JWKS URL as a string
-* @throws TypeError if clientId is not provided
-*/
-function getJwksUrl(clientId, baseURL = "https://api.workos.com") {
-	if (!clientId) throw new TypeError("clientId must be a valid clientId");
-	return `${baseURL}/sso/jwks/${clientId}`;
-}
-
-//#endregion
-exports.getAuthorizationUrl = getAuthorizationUrl;
-exports.getJwksUrl = getJwksUrl;
-exports.getLogoutUrl = getLogoutUrl;
-Object.defineProperty(exports, 'user_management_exports', {
-  enumerable: true,
-  get: function () {
-    return user_management_exports;
-  }
-});
-//# sourceMappingURL=user-management.cjs.map

package/lib/client/user-management.cjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"user-management.cjs","names":["toQueryString"],"sources":["../../src/client/user-management.ts"],"sourcesContent":["import { toQueryString } from '../common/utils/query-string';\n\n// Re-export necessary interfaces for client use\nexport interface AuthorizationURLOptions {\n  clientId: string;\n  codeChallenge?: string;\n  codeChallengeMethod?: 'S256';\n  connectionId?: string;\n  organizationId?: string;\n  domainHint?: string;\n  loginHint?: string;\n  provider?: string;\n  providerQueryParams?: Record<string, string | boolean | number>;\n  providerScopes?: string[];\n  prompt?: string;\n  redirectUri: string;\n  state?: string;\n  screenHint?: 'sign-up' | 'sign-in';\n}\n\nexport interface LogoutURLOptions {\n  sessionId: string;\n  returnTo?: string;\n}\n\n/**\n * Generates the authorization URL for OAuth client authentication.\n * Suitable for PKCE flows and other OAuth client operations that don't require an API key.\n *\n * @param options - Authorization URL options\n * @returns The authorization URL as a string\n * @throws TypeError if required arguments are missing\n */\nexport function getAuthorizationUrl(\n  options: AuthorizationURLOptions & { baseURL?: string },\n): string {\n  const {\n    connectionId,\n    codeChallenge,\n    codeChallengeMethod,\n    clientId,\n    domainHint,\n    loginHint,\n    organizationId,\n    provider,\n    providerQueryParams,\n    providerScopes,\n    prompt,\n    redirectUri,\n    state,\n    screenHint,\n    baseURL = 'https://api.workos.com',\n  } = options;\n\n  if (!provider && !connectionId && !organizationId) {\n    throw new TypeError(\n      `Incomplete arguments. Need to specify either a 'connectionId', 'organizationId', or 'provider'.`,\n    );\n  }\n\n  if (provider !== 'authkit' && screenHint) {\n    throw new TypeError(\n      `'screenHint' is only supported for 'authkit' provider`,\n    );\n  }\n\n  const query = toQueryString({\n    connection_id: connectionId,\n    code_challenge: codeChallenge,\n    code_challenge_method: codeChallengeMethod,\n    organization_id: organizationId,\n    domain_hint: domainHint,\n    login_hint: loginHint,\n    provider,\n    provider_query_params: providerQueryParams,\n    provider_scopes: providerScopes,\n    prompt,\n    client_id: clientId,\n    redirect_uri: redirectUri,\n    response_type: 'code',\n    state,\n    screen_hint: screenHint,\n  });\n\n  return `${baseURL}/user_management/authorize?${query}`;\n}\n\n/**\n * Generates the logout URL for ending a user session.\n * This method is safe to use in browser environments as it doesn't require an API key.\n *\n * @param options - Logout URL options\n * @returns The logout URL as a string\n * @throws TypeError if sessionId is not provided\n */\nexport function getLogoutUrl(\n  options: LogoutURLOptions & { baseURL?: string },\n): string {\n  const { sessionId, returnTo, baseURL = 'https://api.workos.com' } = options;\n\n  if (!sessionId) {\n    throw new TypeError(`Incomplete arguments. Need to specify 'sessionId'.`);\n  }\n\n  const url = new URL('/user_management/sessions/logout', baseURL);\n\n  url.searchParams.set('session_id', sessionId);\n  if (returnTo) {\n    url.searchParams.set('return_to', returnTo);\n  }\n\n  return url.toString();\n}\n\n/**\n * Gets the JWKS (JSON Web Key Set) URL for a given client ID.\n * Does not require an API key, returns the public JWKS endpoint.\n *\n * @param clientId - The WorkOS client ID\n * @param baseURL - Optional base URL for the API (defaults to https://api.workos.com)\n * @returns The JWKS URL as a string\n * @throws TypeError if clientId is not provided\n */\nexport function getJwksUrl(\n  clientId: string,\n  baseURL = 'https://api.workos.com',\n): string {\n  if (!clientId) {\n    throw new TypeError('clientId must be a valid clientId');\n  }\n\n  return `${baseURL}/sso/jwks/${clientId}`;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAiCA,SAAgB,oBACd,SACQ;CACR,MAAM,EACJ,cACA,eACA,qBACA,UACA,YACA,WACA,gBACA,UACA,qBACA,gBACA,QACA,aACA,OACA,YACA,UAAU,6BACR;AAEJ,KAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,eACjC,OAAM,IAAI,UACR,kGACD;AAGH,KAAI,aAAa,aAAa,WAC5B,OAAM,IAAI,UACR,wDACD;AAqBH,QAAO,GAAG,QAAQ,6BAlBJA,gDAAc;EAC1B,eAAe;EACf,gBAAgB;EAChB,uBAAuB;EACvB,iBAAiB;EACjB,aAAa;EACb,YAAY;EACZ;EACA,uBAAuB;EACvB,iBAAiB;EACjB;EACA,WAAW;EACX,cAAc;EACd,eAAe;EACf;EACA,aAAa;EACd,CAAC;;;;;;;;;;AAaJ,SAAgB,aACd,SACQ;CACR,MAAM,EAAE,WAAW,UAAU,UAAU,6BAA6B;AAEpE,KAAI,CAAC,UACH,OAAM,IAAI,UAAU,qDAAqD;CAG3E,MAAM,MAAM,IAAI,IAAI,oCAAoC,QAAQ;AAEhE,KAAI,aAAa,IAAI,cAAc,UAAU;AAC7C,KAAI,SACF,KAAI,aAAa,IAAI,aAAa,SAAS;AAG7C,QAAO,IAAI,UAAU;;;;;;;;;;;AAYvB,SAAgB,WACd,UACA,UAAU,0BACF;AACR,KAAI,CAAC,SACH,OAAM,IAAI,UAAU,oCAAoC;AAG1D,QAAO,GAAG,QAAQ,YAAY"}

package/lib/client/user-management.d.cts

@@ -1,58 +0,0 @@
-declare namespace user_management_d_exports {
-  export { AuthorizationURLOptions, LogoutURLOptions, getAuthorizationUrl, getJwksUrl, getLogoutUrl };
-}
-interface AuthorizationURLOptions {
-  clientId: string;
-  codeChallenge?: string;
-  codeChallengeMethod?: 'S256';
-  connectionId?: string;
-  organizationId?: string;
-  domainHint?: string;
-  loginHint?: string;
-  provider?: string;
-  providerQueryParams?: Record<string, string | boolean | number>;
-  providerScopes?: string[];
-  prompt?: string;
-  redirectUri: string;
-  state?: string;
-  screenHint?: 'sign-up' | 'sign-in';
-}
-interface LogoutURLOptions {
-  sessionId: string;
-  returnTo?: string;
-}
-/**
- * Generates the authorization URL for OAuth client authentication.
- * Suitable for PKCE flows and other OAuth client operations that don't require an API key.
- *
- * @param options - Authorization URL options
- * @returns The authorization URL as a string
- * @throws TypeError if required arguments are missing
- */
-declare function getAuthorizationUrl(options: AuthorizationURLOptions & {
-  baseURL?: string;
-}): string;
-/**
- * Generates the logout URL for ending a user session.
- * This method is safe to use in browser environments as it doesn't require an API key.
- *
- * @param options - Logout URL options
- * @returns The logout URL as a string
- * @throws TypeError if sessionId is not provided
- */
-declare function getLogoutUrl(options: LogoutURLOptions & {
-  baseURL?: string;
-}): string;
-/**
- * Gets the JWKS (JSON Web Key Set) URL for a given client ID.
- * Does not require an API key, returns the public JWKS endpoint.
- *
- * @param clientId - The WorkOS client ID
- * @param baseURL - Optional base URL for the API (defaults to https://api.workos.com)
- * @returns The JWKS URL as a string
- * @throws TypeError if clientId is not provided
- */
-declare function getJwksUrl(clientId: string, baseURL?: string): string;
-//#endregion
-export { AuthorizationURLOptions, LogoutURLOptions, getAuthorizationUrl, getJwksUrl, getLogoutUrl, user_management_d_exports };
-//# sourceMappingURL=user-management.d.cts.map

package/lib/client/user-management.d.ts

@@ -1,58 +0,0 @@
-declare namespace user_management_d_exports {
-  export { AuthorizationURLOptions, LogoutURLOptions, getAuthorizationUrl, getJwksUrl, getLogoutUrl };
-}
-interface AuthorizationURLOptions {
-  clientId: string;
-  codeChallenge?: string;
-  codeChallengeMethod?: 'S256';
-  connectionId?: string;
-  organizationId?: string;
-  domainHint?: string;
-  loginHint?: string;
-  provider?: string;
-  providerQueryParams?: Record<string, string | boolean | number>;
-  providerScopes?: string[];
-  prompt?: string;
-  redirectUri: string;
-  state?: string;
-  screenHint?: 'sign-up' | 'sign-in';
-}
-interface LogoutURLOptions {
-  sessionId: string;
-  returnTo?: string;
-}
-/**
- * Generates the authorization URL for OAuth client authentication.
- * Suitable for PKCE flows and other OAuth client operations that don't require an API key.
- *
- * @param options - Authorization URL options
- * @returns The authorization URL as a string
- * @throws TypeError if required arguments are missing
- */
-declare function getAuthorizationUrl(options: AuthorizationURLOptions & {
-  baseURL?: string;
-}): string;
-/**
- * Generates the logout URL for ending a user session.
- * This method is safe to use in browser environments as it doesn't require an API key.
- *
- * @param options - Logout URL options
- * @returns The logout URL as a string
- * @throws TypeError if sessionId is not provided
- */
-declare function getLogoutUrl(options: LogoutURLOptions & {
-  baseURL?: string;
-}): string;
-/**
- * Gets the JWKS (JSON Web Key Set) URL for a given client ID.
- * Does not require an API key, returns the public JWKS endpoint.
- *
- * @param clientId - The WorkOS client ID
- * @param baseURL - Optional base URL for the API (defaults to https://api.workos.com)
- * @returns The JWKS URL as a string
- * @throws TypeError if clientId is not provided
- */
-declare function getJwksUrl(clientId: string, baseURL?: string): string;
-//#endregion
-export { AuthorizationURLOptions, LogoutURLOptions, getAuthorizationUrl, getJwksUrl, getLogoutUrl, user_management_d_exports };
-//# sourceMappingURL=user-management.d.ts.map

package/lib/client/user-management.js

@@ -1,72 +0,0 @@
-import { __export } from "../_virtual/rolldown_runtime.js";
-import { toQueryString } from "../common/utils/query-string.js";
-
-//#region src/client/user-management.ts
-var user_management_exports = /* @__PURE__ */ __export({
-	getAuthorizationUrl: () => getAuthorizationUrl,
-	getJwksUrl: () => getJwksUrl,
-	getLogoutUrl: () => getLogoutUrl
-});
-/**
-* Generates the authorization URL for OAuth client authentication.
-* Suitable for PKCE flows and other OAuth client operations that don't require an API key.
-*
-* @param options - Authorization URL options
-* @returns The authorization URL as a string
-* @throws TypeError if required arguments are missing
-*/
-function getAuthorizationUrl(options) {
-	const { connectionId, codeChallenge, codeChallengeMethod, clientId, domainHint, loginHint, organizationId, provider, providerQueryParams, providerScopes, prompt, redirectUri, state, screenHint, baseURL = "https://api.workos.com" } = options;
-	if (!provider && !connectionId && !organizationId) throw new TypeError(`Incomplete arguments. Need to specify either a 'connectionId', 'organizationId', or 'provider'.`);
-	if (provider !== "authkit" && screenHint) throw new TypeError(`'screenHint' is only supported for 'authkit' provider`);
-	return `${baseURL}/user_management/authorize?${toQueryString({
-		connection_id: connectionId,
-		code_challenge: codeChallenge,
-		code_challenge_method: codeChallengeMethod,
-		organization_id: organizationId,
-		domain_hint: domainHint,
-		login_hint: loginHint,
-		provider,
-		provider_query_params: providerQueryParams,
-		provider_scopes: providerScopes,
-		prompt,
-		client_id: clientId,
-		redirect_uri: redirectUri,
-		response_type: "code",
-		state,
-		screen_hint: screenHint
-	})}`;
-}
-/**
-* Generates the logout URL for ending a user session.
-* This method is safe to use in browser environments as it doesn't require an API key.
-*
-* @param options - Logout URL options
-* @returns The logout URL as a string
-* @throws TypeError if sessionId is not provided
-*/
-function getLogoutUrl(options) {
-	const { sessionId, returnTo, baseURL = "https://api.workos.com" } = options;
-	if (!sessionId) throw new TypeError(`Incomplete arguments. Need to specify 'sessionId'.`);
-	const url = new URL("/user_management/sessions/logout", baseURL);
-	url.searchParams.set("session_id", sessionId);
-	if (returnTo) url.searchParams.set("return_to", returnTo);
-	return url.toString();
-}
-/**
-* Gets the JWKS (JSON Web Key Set) URL for a given client ID.
-* Does not require an API key, returns the public JWKS endpoint.
-*
-* @param clientId - The WorkOS client ID
-* @param baseURL - Optional base URL for the API (defaults to https://api.workos.com)
-* @returns The JWKS URL as a string
-* @throws TypeError if clientId is not provided
-*/
-function getJwksUrl(clientId, baseURL = "https://api.workos.com") {
-	if (!clientId) throw new TypeError("clientId must be a valid clientId");
-	return `${baseURL}/sso/jwks/${clientId}`;
-}
-
-//#endregion
-export { getAuthorizationUrl, getJwksUrl, getLogoutUrl, user_management_exports };
-//# sourceMappingURL=user-management.js.map

package/lib/client/user-management.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"user-management.js","names":[],"sources":["../../src/client/user-management.ts"],"sourcesContent":["import { toQueryString } from '../common/utils/query-string';\n\n// Re-export necessary interfaces for client use\nexport interface AuthorizationURLOptions {\n  clientId: string;\n  codeChallenge?: string;\n  codeChallengeMethod?: 'S256';\n  connectionId?: string;\n  organizationId?: string;\n  domainHint?: string;\n  loginHint?: string;\n  provider?: string;\n  providerQueryParams?: Record<string, string | boolean | number>;\n  providerScopes?: string[];\n  prompt?: string;\n  redirectUri: string;\n  state?: string;\n  screenHint?: 'sign-up' | 'sign-in';\n}\n\nexport interface LogoutURLOptions {\n  sessionId: string;\n  returnTo?: string;\n}\n\n/**\n * Generates the authorization URL for OAuth client authentication.\n * Suitable for PKCE flows and other OAuth client operations that don't require an API key.\n *\n * @param options - Authorization URL options\n * @returns The authorization URL as a string\n * @throws TypeError if required arguments are missing\n */\nexport function getAuthorizationUrl(\n  options: AuthorizationURLOptions & { baseURL?: string },\n): string {\n  const {\n    connectionId,\n    codeChallenge,\n    codeChallengeMethod,\n    clientId,\n    domainHint,\n    loginHint,\n    organizationId,\n    provider,\n    providerQueryParams,\n    providerScopes,\n    prompt,\n    redirectUri,\n    state,\n    screenHint,\n    baseURL = 'https://api.workos.com',\n  } = options;\n\n  if (!provider && !connectionId && !organizationId) {\n    throw new TypeError(\n      `Incomplete arguments. Need to specify either a 'connectionId', 'organizationId', or 'provider'.`,\n    );\n  }\n\n  if (provider !== 'authkit' && screenHint) {\n    throw new TypeError(\n      `'screenHint' is only supported for 'authkit' provider`,\n    );\n  }\n\n  const query = toQueryString({\n    connection_id: connectionId,\n    code_challenge: codeChallenge,\n    code_challenge_method: codeChallengeMethod,\n    organization_id: organizationId,\n    domain_hint: domainHint,\n    login_hint: loginHint,\n    provider,\n    provider_query_params: providerQueryParams,\n    provider_scopes: providerScopes,\n    prompt,\n    client_id: clientId,\n    redirect_uri: redirectUri,\n    response_type: 'code',\n    state,\n    screen_hint: screenHint,\n  });\n\n  return `${baseURL}/user_management/authorize?${query}`;\n}\n\n/**\n * Generates the logout URL for ending a user session.\n * This method is safe to use in browser environments as it doesn't require an API key.\n *\n * @param options - Logout URL options\n * @returns The logout URL as a string\n * @throws TypeError if sessionId is not provided\n */\nexport function getLogoutUrl(\n  options: LogoutURLOptions & { baseURL?: string },\n): string {\n  const { sessionId, returnTo, baseURL = 'https://api.workos.com' } = options;\n\n  if (!sessionId) {\n    throw new TypeError(`Incomplete arguments. Need to specify 'sessionId'.`);\n  }\n\n  const url = new URL('/user_management/sessions/logout', baseURL);\n\n  url.searchParams.set('session_id', sessionId);\n  if (returnTo) {\n    url.searchParams.set('return_to', returnTo);\n  }\n\n  return url.toString();\n}\n\n/**\n * Gets the JWKS (JSON Web Key Set) URL for a given client ID.\n * Does not require an API key, returns the public JWKS endpoint.\n *\n * @param clientId - The WorkOS client ID\n * @param baseURL - Optional base URL for the API (defaults to https://api.workos.com)\n * @returns The JWKS URL as a string\n * @throws TypeError if clientId is not provided\n */\nexport function getJwksUrl(\n  clientId: string,\n  baseURL = 'https://api.workos.com',\n): string {\n  if (!clientId) {\n    throw new TypeError('clientId must be a valid clientId');\n  }\n\n  return `${baseURL}/sso/jwks/${clientId}`;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAiCA,SAAgB,oBACd,SACQ;CACR,MAAM,EACJ,cACA,eACA,qBACA,UACA,YACA,WACA,gBACA,UACA,qBACA,gBACA,QACA,aACA,OACA,YACA,UAAU,6BACR;AAEJ,KAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,eACjC,OAAM,IAAI,UACR,kGACD;AAGH,KAAI,aAAa,aAAa,WAC5B,OAAM,IAAI,UACR,wDACD;AAqBH,QAAO,GAAG,QAAQ,6BAlBJ,cAAc;EAC1B,eAAe;EACf,gBAAgB;EAChB,uBAAuB;EACvB,iBAAiB;EACjB,aAAa;EACb,YAAY;EACZ;EACA,uBAAuB;EACvB,iBAAiB;EACjB;EACA,WAAW;EACX,cAAc;EACd,eAAe;EACf;EACA,aAAa;EACd,CAAC;;;;;;;;;;AAaJ,SAAgB,aACd,SACQ;CACR,MAAM,EAAE,WAAW,UAAU,UAAU,6BAA6B;AAEpE,KAAI,CAAC,UACH,OAAM,IAAI,UAAU,qDAAqD;CAG3E,MAAM,MAAM,IAAI,IAAI,oCAAoC,QAAQ;AAEhE,KAAI,aAAa,IAAI,cAAc,UAAU;AAC7C,KAAI,SACF,KAAI,aAAa,IAAI,aAAa,SAAS;AAG7C,QAAO,IAAI,UAAU;;;;;;;;;;;AAYvB,SAAgB,WACd,UACA,UAAU,0BACF;AACR,KAAI,CAAC,SACH,OAAM,IAAI,UAAU,oCAAoC;AAG1D,QAAO,GAAG,QAAQ,YAAY"}

package/lib/index.client.cjs

@@ -1,15 +0,0 @@
-const require_client_user_management = require('./client/user-management.cjs');
-const require_client_sso = require('./client/sso.cjs');
-
-Object.defineProperty(exports, 'sso', {
-  enumerable: true,
-  get: function () {
-    return require_client_sso.sso_exports;
-  }
-});
-Object.defineProperty(exports, 'userManagement', {
-  enumerable: true,
-  get: function () {
-    return require_client_user_management.user_management_exports;
-  }
-});

package/lib/index.client.d.cts

@@ -1,3 +0,0 @@
-import { AuthorizationURLOptions, LogoutURLOptions, user_management_d_exports } from "./client/user-management.cjs";
-import { SSOAuthorizationURLOptions, sso_d_exports } from "./client/sso.cjs";
-export { type LogoutURLOptions, type SSOAuthorizationURLOptions, type AuthorizationURLOptions as UserManagementAuthorizationURLOptions, sso_d_exports as sso, user_management_d_exports as userManagement };

package/lib/index.client.d.ts

@@ -1,3 +0,0 @@
-import { AuthorizationURLOptions, LogoutURLOptions, user_management_d_exports } from "./client/user-management.js";
-import { SSOAuthorizationURLOptions, sso_d_exports } from "./client/sso.js";
-export { type LogoutURLOptions, type SSOAuthorizationURLOptions, type AuthorizationURLOptions as UserManagementAuthorizationURLOptions, sso_d_exports as sso, user_management_d_exports as userManagement };

package/lib/index.client.js

@@ -1,4 +0,0 @@
-import { user_management_exports } from "./client/user-management.js";
-import { sso_exports } from "./client/sso.js";
-
-export { sso_exports as sso, user_management_exports as userManagement };