@xylex-group/athena 1.9.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,1284 @@
1
+ import { r as AthenaGatewayErrorCode, X as AthenaGatewayEndpointPath, Y as AthenaGatewayMethod, g as AthenaGatewayErrorDetails, Q as AthenaGatewayResponse, j as AnyModelDef, m as RowOf, I as InsertOf, U as UpdateOf } from './types-BnzoaNRC.cjs';
2
+
3
+ type AthenaAuthMethod = 'GET' | 'POST';
4
+ type AthenaAuthCredentials = 'omit' | 'same-origin' | 'include';
5
+ type AthenaAuthQueryPrimitive = string | number | boolean;
6
+ type AthenaAuthQueryValue = AthenaAuthQueryPrimitive | AthenaAuthQueryPrimitive[] | null | undefined;
7
+ type AthenaAuthEndpointPath = '/sign-in/social' | '/sign-in/email' | '/sign-in/username' | '/sign-up/email' | '/get-session' | '/sign-out' | '/forget-password' | '/reset-password' | '/verify-email' | '/send-verification-email' | '/change-email' | '/change-email/verify' | '/change-password' | '/set-password' | '/update-user' | '/delete-user' | '/delete-user/verify' | '/delete-user/callback' | '/email-list' | '/email/list' | '/list-sessions' | '/revoke-session' | '/revoke-sessions' | '/revoke-other-sessions' | '/link-social' | '/list-accounts' | '/unlink-account' | '/refresh-token' | '/get-access-token' | '/two-factor/get-totp-uri' | '/two-factor/verify-totp' | '/two-factor/send-otp' | '/two-factor/verify-otp' | '/two-factor/verify-backup-code' | '/two-factor/generate-backup-codes' | '/two-factor/enable' | '/two-factor/disable' | '/passkey/generate-register-options' | '/passkey/generate-authenticate-options' | '/passkey/verify-registration' | '/passkey/verify-authentication' | '/passkey/list-user-passkeys' | '/passkey/delete-passkey' | '/passkey/update-passkey' | '/.well-known/webauthn' | '/admin/set-role' | '/admin/list-users' | '/admin/list-user-sessions' | '/admin/create-user' | '/admin/unban-user' | '/admin/ban-user' | '/admin/impersonate-user' | '/admin/stop-impersonating' | '/admin/revoke-user-session' | '/admin/revoke-user-sessions' | '/admin/remove-user' | '/admin/set-user-password' | '/admin/has-permission' | '/admin/api-key/create' | '/admin/athena-client/create' | '/admin/athena-client/list' | '/admin/audit-log/list' | '/admin/email/get' | '/admin/email/create' | '/admin/email/update' | '/admin/email/delete' | '/admin/email-failure/list' | '/admin/email-failure/get' | '/admin/email-failure/create' | '/admin/email-failure/update' | '/admin/email-failure/delete' | '/admin/email-template/get' | '/admin/email-template/create' | '/admin/email-template/delete' | '/admin/email-template/list' | '/admin/email-template/update' | '/admin/email/list' | '/api-key/create' | '/api-key/get' | '/api-key/update' | '/api-key/delete' | '/api-key/list' | '/api-key/verify' | '/api-key/delete-all-expired-api-keys' | '/organization/create' | '/organization/check-slug' | '/organization/list' | '/organization/set-active' | '/organization/get-full-organization' | '/organization/update' | '/organization/delete' | '/organization/invite-member' | '/organization/accept-invitation' | '/organization/cancel-invitation' | '/organization/reject-invitation' | '/organization/get-invitation' | '/organization/list-invitations' | '/organization/list-user-invitations' | '/organization/list-members' | '/organization/remove-member' | '/organization/update-member-role' | '/organization/get-active-member' | '/organization/leave' | '/organization/has-permission' | `/callback/${string}` | '/health' | '/ok' | '/error' | `/reset-password/${string}`;
8
+ type AthenaAuthErrorCode = 'NETWORK_ERROR' | 'HTTP_ERROR' | 'INVALID_JSON' | 'UNKNOWN_ERROR';
9
+ interface AthenaAuthErrorDetails {
10
+ code: AthenaAuthErrorCode;
11
+ message: string;
12
+ status: number;
13
+ endpoint?: AthenaAuthEndpointPath;
14
+ method?: AthenaAuthMethod;
15
+ requestId?: string;
16
+ hint?: string;
17
+ cause?: string;
18
+ }
19
+ interface AthenaAuthResult<T = unknown> {
20
+ ok: boolean;
21
+ status: number;
22
+ data: T | null;
23
+ error: string | null;
24
+ errorDetails?: AthenaAuthErrorDetails | null;
25
+ raw: unknown;
26
+ }
27
+ interface AthenaAuthUser {
28
+ id: string;
29
+ email: string;
30
+ name?: string | null;
31
+ image?: string | null;
32
+ emailVerified?: boolean;
33
+ createdAt?: string;
34
+ updatedAt?: string;
35
+ username?: string | null;
36
+ displayUsername?: string | null;
37
+ twoFactorEnabled?: boolean;
38
+ role?: string | null;
39
+ banned?: boolean;
40
+ banReason?: string | null;
41
+ banExpires?: string | null;
42
+ }
43
+ interface AthenaAuthSession {
44
+ id: string;
45
+ expiresAt?: string;
46
+ token?: string;
47
+ createdAt?: string;
48
+ updatedAt?: string;
49
+ ipAddress?: string | null;
50
+ userAgent?: string | null;
51
+ userId?: string;
52
+ impersonatedBy?: string | null;
53
+ activeOrganizationId?: string | null;
54
+ }
55
+ interface AthenaAuthSessionResponse {
56
+ session: AthenaAuthSession;
57
+ user: AthenaAuthUser;
58
+ }
59
+ interface AthenaAuthOrganization {
60
+ id: string;
61
+ name: string;
62
+ slug: string;
63
+ logo?: string | null;
64
+ metadata?: Record<string, unknown> | null;
65
+ createdAt?: string;
66
+ updatedAt?: string;
67
+ }
68
+ interface AthenaAuthOrganizationMember {
69
+ id: string;
70
+ organizationId?: string;
71
+ userId?: string;
72
+ role?: string | string[] | null;
73
+ createdAt?: string;
74
+ updatedAt?: string;
75
+ user?: AthenaAuthUser;
76
+ }
77
+ interface AthenaAuthOrganizationInvitation {
78
+ id: string;
79
+ email?: string;
80
+ role?: string | string[] | null;
81
+ organizationId?: string;
82
+ inviterId?: string;
83
+ teamId?: string | null;
84
+ status?: string;
85
+ expiresAt?: string;
86
+ createdAt?: string;
87
+ updatedAt?: string;
88
+ }
89
+ interface AthenaEmailSignInRequest {
90
+ email: string;
91
+ password: string;
92
+ callbackURL?: string;
93
+ rememberMe?: boolean;
94
+ }
95
+ interface AthenaUsernameSignInRequest {
96
+ username: string;
97
+ password: string;
98
+ rememberMe?: boolean;
99
+ }
100
+ interface AthenaSocialSignInRequest {
101
+ provider: string;
102
+ callbackURL?: string;
103
+ newUserCallbackURL?: string;
104
+ errorCallbackURL?: string;
105
+ disableRedirect?: boolean;
106
+ idToken?: string;
107
+ scopes?: string[] | string;
108
+ requestSignUp?: boolean;
109
+ loginHint?: string;
110
+ }
111
+ interface AthenaEmailSignUpRequest {
112
+ name: string;
113
+ email: string;
114
+ password: string;
115
+ callbackURL?: string;
116
+ }
117
+ interface AthenaAuthSignInResponse {
118
+ redirect: false;
119
+ token: string;
120
+ url?: string | null;
121
+ user: AthenaAuthUser;
122
+ }
123
+ interface AthenaAuthSocialRedirectResponse {
124
+ url: string;
125
+ redirect: boolean;
126
+ }
127
+ interface AthenaAuthSignOutResponse {
128
+ success: boolean;
129
+ }
130
+ interface AthenaAuthStatusResponse {
131
+ status: boolean;
132
+ }
133
+ interface AthenaAuthRevokeSessionRequest {
134
+ token: string;
135
+ }
136
+ interface AthenaForgetPasswordRequest {
137
+ email: string;
138
+ redirectTo?: string;
139
+ }
140
+ interface AthenaResetPasswordRequest {
141
+ newPassword: string;
142
+ token?: string;
143
+ }
144
+ interface AthenaVerifyEmailRequest {
145
+ token: string;
146
+ callbackURL?: string;
147
+ }
148
+ interface AthenaSendVerificationEmailRequest {
149
+ email: string;
150
+ callbackURL?: string;
151
+ }
152
+ interface AthenaChangeEmailRequest {
153
+ newEmail: string;
154
+ callbackURL?: string;
155
+ }
156
+ interface AthenaChangePasswordRequest {
157
+ newPassword: string;
158
+ currentPassword: string;
159
+ revokeOtherSessions?: boolean;
160
+ }
161
+ interface AthenaUpdateUserRequest {
162
+ name?: string;
163
+ image?: string;
164
+ }
165
+ interface AthenaDeleteUserRequest {
166
+ callbackURL?: string;
167
+ password?: string;
168
+ token?: string;
169
+ }
170
+ interface AthenaDeleteUserCallbackRequest {
171
+ token?: string;
172
+ callbackURL?: string;
173
+ }
174
+ interface AthenaDeleteUserResponse {
175
+ success: boolean;
176
+ message?: string;
177
+ }
178
+ interface AthenaAuthEmailChangeResponse {
179
+ status: boolean;
180
+ message?: string | null;
181
+ }
182
+ interface AthenaLinkSocialRequest {
183
+ provider: string;
184
+ callbackURL?: string;
185
+ scopes?: string[] | string;
186
+ }
187
+ interface AthenaUnlinkAccountRequest {
188
+ providerId: string;
189
+ accountId?: string;
190
+ }
191
+ interface AthenaOAuthAccountTokenRequest {
192
+ providerId: string;
193
+ accountId?: string;
194
+ userId?: string;
195
+ }
196
+ interface AthenaOAuthTokenBundle {
197
+ tokenType?: string;
198
+ idToken?: string;
199
+ accessToken?: string;
200
+ refreshToken?: string;
201
+ accessTokenExpiresAt?: string;
202
+ refreshTokenExpiresAt?: string;
203
+ }
204
+ interface AthenaAuthLinkedAccount {
205
+ id: string;
206
+ provider?: string;
207
+ accountId?: string;
208
+ scopes?: string[];
209
+ createdAt?: string;
210
+ updatedAt?: string;
211
+ }
212
+ type AthenaAuthPermissionSet = Record<string, unknown> | string[];
213
+ type AthenaAuthLooseRecord = Record<string, unknown>;
214
+ interface AthenaSetPasswordRequest {
215
+ newPassword: string;
216
+ }
217
+ interface AthenaAuthTokenQuery {
218
+ token: string;
219
+ }
220
+ interface AthenaAuthTokenVerificationResponse {
221
+ status: boolean;
222
+ message: string;
223
+ }
224
+ interface AthenaAuthEmailListQuery {
225
+ limit?: number;
226
+ offset?: number;
227
+ }
228
+ interface AthenaAuthEmailListResponse {
229
+ total: number;
230
+ limit: number;
231
+ offset: number;
232
+ emails: AthenaAuthLooseRecord[];
233
+ }
234
+ interface AthenaAuthHealthResponse {
235
+ status?: string;
236
+ service?: string;
237
+ version?: string;
238
+ }
239
+ interface AthenaAuthOkResponse {
240
+ ok: boolean;
241
+ }
242
+ interface AthenaAuthErrorResponse {
243
+ message: string;
244
+ }
245
+ interface AthenaAuthCallbackProviderRequest {
246
+ provider: string;
247
+ code: string;
248
+ state: string;
249
+ }
250
+ interface AthenaAuthCallbackProviderResponse {
251
+ token?: string;
252
+ user?: AthenaAuthLooseRecord;
253
+ }
254
+ interface AthenaTwoFactorGetTotpUriRequest {
255
+ password: string;
256
+ }
257
+ interface AthenaTwoFactorGetTotpUriResponse {
258
+ totpURI?: string;
259
+ }
260
+ interface AthenaTwoFactorVerifyTotpRequest {
261
+ code: string;
262
+ trustDevice?: string;
263
+ }
264
+ interface AthenaTwoFactorVerifyTotpResponse {
265
+ status?: boolean;
266
+ }
267
+ interface AthenaTwoFactorVerifyOtpRequest {
268
+ code: string;
269
+ trustDevice?: string;
270
+ }
271
+ interface AthenaTwoFactorVerifyOtpResponse {
272
+ token: string;
273
+ user: AthenaAuthUser;
274
+ }
275
+ interface AthenaTwoFactorVerifyBackupCodeRequest {
276
+ code: string;
277
+ disableSession?: string;
278
+ trustDevice?: string;
279
+ }
280
+ interface AthenaTwoFactorSessionSnapshot {
281
+ token: string;
282
+ userId: string;
283
+ createdAt: string;
284
+ expiresAt: string;
285
+ }
286
+ interface AthenaTwoFactorVerifyBackupCodeResponse {
287
+ user: AthenaAuthUser;
288
+ session: AthenaTwoFactorSessionSnapshot;
289
+ }
290
+ interface AthenaTwoFactorGenerateBackupCodesRequest {
291
+ password: string;
292
+ }
293
+ interface AthenaTwoFactorGenerateBackupCodesResponse {
294
+ status: true;
295
+ backupCodes: string[];
296
+ }
297
+ interface AthenaTwoFactorEnableRequest {
298
+ password: string;
299
+ issuer?: string;
300
+ }
301
+ interface AthenaTwoFactorEnableResponse {
302
+ totpURI?: string;
303
+ backupCodes?: string[];
304
+ }
305
+ interface AthenaTwoFactorDisableRequest {
306
+ password: string;
307
+ }
308
+ interface AthenaTwoFactorDisableResponse {
309
+ status?: boolean;
310
+ }
311
+ interface AthenaPasskeyCredentialDescriptor {
312
+ id?: string;
313
+ type?: string;
314
+ transports?: string[];
315
+ }
316
+ interface AthenaPasskeyPublicKeyCredentialParam {
317
+ type?: string;
318
+ alg?: number;
319
+ }
320
+ interface AthenaPasskeyUserDescriptor {
321
+ id?: string;
322
+ name?: string;
323
+ displayName?: string;
324
+ }
325
+ interface AthenaPasskeyRelyingParty {
326
+ name?: string;
327
+ id?: string;
328
+ }
329
+ interface AthenaPasskeyAuthenticatorSelection {
330
+ authenticatorAttachment?: string;
331
+ requireResidentKey?: boolean;
332
+ userVerification?: string;
333
+ }
334
+ interface AthenaPasskeyOptionsResponse {
335
+ challenge?: string;
336
+ rp?: AthenaPasskeyRelyingParty;
337
+ user?: AthenaPasskeyUserDescriptor;
338
+ timeout?: number;
339
+ allowCredentials?: AthenaPasskeyCredentialDescriptor[];
340
+ excludeCredentials?: AthenaPasskeyCredentialDescriptor[];
341
+ pubKeyCredParams?: AthenaPasskeyPublicKeyCredentialParam[];
342
+ userVerification?: string;
343
+ authenticatorSelection?: AthenaPasskeyAuthenticatorSelection;
344
+ attestation?: string;
345
+ extensions?: AthenaAuthLooseRecord;
346
+ }
347
+ interface AthenaPasskeyRecord {
348
+ id: string;
349
+ name?: string | null;
350
+ publicKey?: string;
351
+ userId: string;
352
+ credentialID?: string;
353
+ counter?: number;
354
+ deviceType?: string;
355
+ backedUp?: boolean;
356
+ transports?: string;
357
+ createdAt?: string;
358
+ }
359
+ interface AthenaPasskeyVerifyRegistrationRequest {
360
+ response: string;
361
+ name?: string;
362
+ }
363
+ interface AthenaPasskeyVerifyAuthenticationRequest {
364
+ response: string;
365
+ }
366
+ interface AthenaPasskeyVerifyAuthenticationResponse {
367
+ session: AthenaAuthSession;
368
+ user: AthenaAuthUser;
369
+ }
370
+ interface AthenaPasskeyDeleteRequest {
371
+ id: string;
372
+ }
373
+ interface AthenaPasskeyDeleteResponse {
374
+ status: boolean;
375
+ }
376
+ interface AthenaPasskeyUpdateRequest {
377
+ id: string;
378
+ name: string;
379
+ }
380
+ interface AthenaPasskeyUpdateResponse {
381
+ passkey: AthenaPasskeyRecord;
382
+ }
383
+ interface AthenaAdminSetRoleRequest {
384
+ userId: string;
385
+ role: string;
386
+ }
387
+ interface AthenaAdminCreateUserRequest {
388
+ email: string;
389
+ password: string;
390
+ name: string;
391
+ role?: string;
392
+ data?: string;
393
+ }
394
+ interface AthenaAdminTargetUserRequest {
395
+ userId: string;
396
+ }
397
+ interface AthenaAdminBanUserRequest extends AthenaAdminTargetUserRequest {
398
+ banReason?: string;
399
+ banExpiresIn?: string;
400
+ }
401
+ interface AthenaAdminListUsersQuery {
402
+ searchValue?: string;
403
+ searchField?: string;
404
+ searchOperator?: string;
405
+ limit?: number | string;
406
+ offset?: number | string;
407
+ sortBy?: string;
408
+ sortDirection?: string;
409
+ filterField?: string;
410
+ filterValue?: string;
411
+ filterOperator?: string;
412
+ }
413
+ interface AthenaAdminListUsersResponse {
414
+ users: AthenaAuthUser[];
415
+ total: number;
416
+ limit?: number;
417
+ offset?: number;
418
+ }
419
+ interface AthenaAdminListUserSessionsRequest {
420
+ userId: string;
421
+ }
422
+ interface AthenaAdminListUserSessionsResponse {
423
+ sessions: AthenaAuthSession[];
424
+ }
425
+ interface AthenaAdminImpersonateResponse {
426
+ session: AthenaAuthSession;
427
+ user: AthenaAuthUser;
428
+ }
429
+ interface AthenaAdminStopImpersonatingRequest {
430
+ userId?: string;
431
+ }
432
+ interface AthenaAdminRevokeUserSessionRequest {
433
+ sessionToken: string;
434
+ userId: string;
435
+ sessionId?: string;
436
+ }
437
+ interface AthenaAdminRevokeUserSessionsRequest {
438
+ userId: string;
439
+ }
440
+ interface AthenaAdminSetUserPasswordRequest {
441
+ userId: string;
442
+ newPassword: string;
443
+ }
444
+ interface AthenaAdminUserResponse {
445
+ user: AthenaAuthUser;
446
+ }
447
+ interface AthenaAdminSuccessResponse {
448
+ success: boolean;
449
+ }
450
+ interface AthenaAdminHasPermissionRequest {
451
+ permission?: AthenaAuthPermissionSet;
452
+ permissions: AthenaAuthPermissionSet;
453
+ }
454
+ interface AthenaAdminHasPermissionResponse {
455
+ success: boolean;
456
+ error?: string;
457
+ }
458
+ interface AthenaAdminApiKeyCreateRequest {
459
+ name?: string;
460
+ expiresIn?: number;
461
+ athenaClientName?: string;
462
+ permissions?: AthenaAuthLooseRecord;
463
+ metadata?: AthenaAuthLooseRecord;
464
+ }
465
+ interface AthenaAdminApiKeyCreateResponse {
466
+ key?: string;
467
+ apiKey?: AthenaAuthLooseRecord;
468
+ }
469
+ interface AthenaAdminAthenaClientCreateRequest {
470
+ clientName: string;
471
+ description?: string;
472
+ isActive?: boolean;
473
+ pgUriEnvVar?: string;
474
+ metadata?: AthenaAuthLooseRecord;
475
+ }
476
+ interface AthenaAdminAthenaClientListResponse {
477
+ athenaClients?: AthenaAuthLooseRecord[];
478
+ }
479
+ interface AthenaAdminAuditLogListQuery {
480
+ limit?: number;
481
+ offset?: number;
482
+ actorUserId?: string;
483
+ action?: string;
484
+ targetType?: string;
485
+ targetId?: string;
486
+ success?: boolean;
487
+ createdAfter?: string;
488
+ createdBefore?: string;
489
+ }
490
+ interface AthenaAdminAuditLogListResponse {
491
+ total?: number;
492
+ limit?: number;
493
+ offset?: number;
494
+ auditLogs?: AthenaAuthLooseRecord[];
495
+ }
496
+ interface AthenaAdminEmailListQuery {
497
+ limit?: number;
498
+ offset?: number;
499
+ recipientEmail?: string;
500
+ provider?: string;
501
+ flow?: string;
502
+ subjectContains?: string;
503
+ createdAfter?: string;
504
+ createdBefore?: string;
505
+ }
506
+ interface AthenaAdminEmailListResponse {
507
+ total?: number;
508
+ limit?: number;
509
+ offset?: number;
510
+ emails?: AthenaAuthLooseRecord[];
511
+ }
512
+ interface AthenaAdminEmailGetQuery {
513
+ id: string;
514
+ }
515
+ interface AthenaAdminEmailGetResponse {
516
+ email?: AthenaAuthLooseRecord;
517
+ }
518
+ interface AthenaAdminEmailCreateRequest {
519
+ recipientEmail: string;
520
+ subject: string;
521
+ fromAddress: string;
522
+ fromName?: string;
523
+ textBody?: string;
524
+ htmlBody?: string;
525
+ provider: string;
526
+ flow?: string;
527
+ metadata?: AthenaAuthLooseRecord;
528
+ }
529
+ interface AthenaAdminEmailUpdateRequest {
530
+ id: string;
531
+ recipientEmail?: string;
532
+ subject?: string;
533
+ fromAddress?: string;
534
+ fromName?: string | null;
535
+ textBody?: string | null;
536
+ htmlBody?: string | null;
537
+ provider?: string;
538
+ flow?: string | null;
539
+ metadata?: AthenaAuthLooseRecord;
540
+ }
541
+ interface AthenaAdminEmailUpdateResponse {
542
+ email?: AthenaAuthLooseRecord;
543
+ }
544
+ interface AthenaAdminEmailDeleteRequest {
545
+ id: string;
546
+ }
547
+ interface AthenaAdminEmailFailureListQuery {
548
+ limit?: number;
549
+ offset?: number;
550
+ recipientEmail?: string;
551
+ provider?: string;
552
+ flow?: string;
553
+ resolved?: boolean;
554
+ createdAfter?: string;
555
+ createdBefore?: string;
556
+ }
557
+ interface AthenaAdminEmailFailureListResponse {
558
+ total?: number;
559
+ limit?: number;
560
+ offset?: number;
561
+ emailSendFailures?: AthenaAuthLooseRecord[];
562
+ }
563
+ interface AthenaAdminEmailFailureGetQuery {
564
+ id: string;
565
+ }
566
+ interface AthenaAdminEmailFailureGetResponse {
567
+ emailSendFailure?: AthenaAuthLooseRecord;
568
+ }
569
+ interface AthenaAdminEmailFailureCreateRequest {
570
+ userId?: string;
571
+ recipientEmail: string;
572
+ flow: string;
573
+ provider?: string;
574
+ errorMessage: string;
575
+ metadata?: AthenaAuthLooseRecord;
576
+ }
577
+ interface AthenaAdminEmailFailureUpdateRequest {
578
+ id: string;
579
+ resolved?: boolean;
580
+ resolutionNote?: string | null;
581
+ metadata?: AthenaAuthLooseRecord;
582
+ }
583
+ interface AthenaAdminEmailFailureUpdateResponse {
584
+ emailSendFailure?: AthenaAuthLooseRecord;
585
+ }
586
+ interface AthenaAdminEmailFailureDeleteRequest {
587
+ id: string;
588
+ }
589
+ interface AthenaAdminEmailTemplateListQuery {
590
+ limit?: number;
591
+ offset?: number;
592
+ templateKey?: string;
593
+ locale?: string;
594
+ isActive?: boolean;
595
+ }
596
+ interface AthenaAdminEmailTemplateListResponse {
597
+ total?: number;
598
+ limit?: number;
599
+ offset?: number;
600
+ emailTemplates?: AthenaAuthLooseRecord[];
601
+ }
602
+ interface AthenaAdminEmailTemplateCreateRequest {
603
+ templateKey: string;
604
+ locale?: string;
605
+ subjectTemplate: string;
606
+ textTemplate?: string;
607
+ htmlTemplate?: string;
608
+ variables?: string[];
609
+ isActive?: boolean;
610
+ metadata?: AthenaAuthLooseRecord;
611
+ }
612
+ interface AthenaAdminEmailTemplateUpdateRequest {
613
+ id: string;
614
+ templateKey?: string;
615
+ locale?: string;
616
+ subjectTemplate?: string;
617
+ textTemplate?: string | null;
618
+ htmlTemplate?: string | null;
619
+ variables?: string[];
620
+ isActive?: boolean;
621
+ metadata?: AthenaAuthLooseRecord;
622
+ }
623
+ interface AthenaAdminEmailTemplateDeleteRequest {
624
+ id: string;
625
+ }
626
+ interface AthenaAdminEmailTemplateGetQuery {
627
+ id: string;
628
+ }
629
+ interface AthenaAdminEmailTemplateGetResponse {
630
+ emailTemplate?: AthenaAuthLooseRecord;
631
+ }
632
+ interface AthenaApiKeyCreateRequest {
633
+ name?: string;
634
+ expiresIn: string;
635
+ userId?: string;
636
+ prefix?: string;
637
+ remaining: string;
638
+ metadata?: string;
639
+ refillAmount?: string;
640
+ refillInterval?: string;
641
+ rateLimitTimeWindow?: string;
642
+ rateLimitMax?: string;
643
+ rateLimitEnabled?: string;
644
+ permissions?: string;
645
+ }
646
+ interface AthenaApiKeyRecord {
647
+ id: string;
648
+ name?: string | null;
649
+ start?: string | null;
650
+ prefix?: string | null;
651
+ userId: string;
652
+ refillInterval?: number | null;
653
+ refillAmount?: number | null;
654
+ lastRefillAt?: string | null;
655
+ enabled: boolean;
656
+ rateLimitEnabled: boolean;
657
+ rateLimitTimeWindow?: number | null;
658
+ rateLimitMax?: number | null;
659
+ requestCount: number;
660
+ remaining?: number | null;
661
+ lastRequest?: string | null;
662
+ expiresAt?: string | null;
663
+ createdAt: string;
664
+ updatedAt: string;
665
+ metadata?: AthenaAuthLooseRecord | null;
666
+ permissions?: string | null;
667
+ key?: string;
668
+ }
669
+ interface AthenaApiKeyGetQuery {
670
+ id?: string;
671
+ }
672
+ interface AthenaApiKeyUpdateRequest {
673
+ keyId: string;
674
+ userId?: string;
675
+ name?: string;
676
+ enabled?: string;
677
+ remaining?: string;
678
+ refillAmount?: string;
679
+ refillInterval?: string;
680
+ metadata?: string;
681
+ expiresIn: string;
682
+ rateLimitEnabled?: string;
683
+ rateLimitTimeWindow?: string;
684
+ rateLimitMax?: string;
685
+ permissions: string;
686
+ }
687
+ interface AthenaApiKeyDeleteRequest {
688
+ keyId: string;
689
+ }
690
+ interface AthenaApiKeyVerifyRequest {
691
+ key: string;
692
+ permissions?: AthenaAuthLooseRecord;
693
+ }
694
+ interface AthenaApiKeyVerifyResponse {
695
+ valid?: boolean;
696
+ error?: {
697
+ message?: string;
698
+ code?: string;
699
+ } | null;
700
+ key?: AthenaAuthLooseRecord | null;
701
+ }
702
+ interface AthenaApiKeyDeleteAllExpiredResponse {
703
+ deleted?: number;
704
+ }
705
+ interface AthenaAuthOrganizationCreateRequest {
706
+ name: string;
707
+ slug: string;
708
+ logo?: string;
709
+ metadata?: Record<string, unknown>;
710
+ userId?: string;
711
+ keepCurrentActiveOrganization?: boolean;
712
+ }
713
+ interface AthenaAuthOrganizationCheckSlugRequest {
714
+ slug: string;
715
+ }
716
+ interface AthenaAuthOrganizationSetActiveRequest {
717
+ organizationId?: string | null;
718
+ organizationSlug?: string | null;
719
+ }
720
+ interface AthenaAuthOrganizationGetFullQuery {
721
+ organizationId?: string;
722
+ organizationSlug?: string;
723
+ membersLimit?: number;
724
+ }
725
+ interface AthenaAuthOrganizationUpdateRequest {
726
+ data: {
727
+ name?: string;
728
+ slug?: string;
729
+ logo?: string;
730
+ metadata?: Record<string, unknown> | null;
731
+ };
732
+ organizationId?: string;
733
+ }
734
+ interface AthenaAuthOrganizationDeleteRequest {
735
+ organizationId: string;
736
+ }
737
+ interface AthenaAuthOrganizationInviteMemberRequest {
738
+ email: string;
739
+ role: string | string[];
740
+ organizationId?: string;
741
+ resend?: boolean;
742
+ teamId?: string;
743
+ }
744
+ interface AthenaAuthOrganizationInvitationActionRequest {
745
+ invitationId: string;
746
+ }
747
+ interface AthenaAuthOrganizationGetInvitationQuery {
748
+ id: string;
749
+ }
750
+ interface AthenaAuthOrganizationListInvitationsQuery {
751
+ organizationId?: string;
752
+ }
753
+ interface AthenaAuthOrganizationListUserInvitationsQuery {
754
+ email?: string;
755
+ }
756
+ type AthenaAuthOrganizationListMembersFilterOperator = 'eq' | 'ne' | 'lt' | 'lte' | 'gt' | 'gte' | 'in' | 'not_in' | 'contains' | 'starts_with' | 'ends_with';
757
+ interface AthenaAuthOrganizationListMembersQuery {
758
+ organizationId?: string;
759
+ limit?: number;
760
+ offset?: number;
761
+ sortBy?: string;
762
+ sortDirection?: 'asc' | 'desc';
763
+ filterField?: string;
764
+ filterOperator?: AthenaAuthOrganizationListMembersFilterOperator;
765
+ filterValue?: string | number | boolean | string[] | number[];
766
+ }
767
+ interface AthenaAuthOrganizationRemoveMemberRequest {
768
+ memberIdOrEmail: string;
769
+ organizationId?: string;
770
+ }
771
+ interface AthenaAuthOrganizationUpdateMemberRoleRequest {
772
+ role: string | string[];
773
+ memberId: string;
774
+ organizationId?: string;
775
+ }
776
+ interface AthenaAuthOrganizationLeaveRequest {
777
+ organizationId: string;
778
+ }
779
+ interface AthenaAuthRequestInput {
780
+ endpoint: AthenaAuthEndpointPath;
781
+ method?: AthenaAuthMethod;
782
+ body?: unknown;
783
+ query?: Record<string, AthenaAuthQueryValue>;
784
+ fetchOptions?: AthenaAuthCallOptions;
785
+ }
786
+ interface AthenaAuthCallOptions {
787
+ baseUrl?: string;
788
+ apiKey?: string;
789
+ bearerToken?: string;
790
+ headers?: Record<string, string>;
791
+ credentials?: AthenaAuthCredentials;
792
+ signal?: AbortSignal;
793
+ }
794
+ interface AthenaAuthFetchCompatibleInput {
795
+ fetchOptions?: AthenaAuthCallOptions;
796
+ }
797
+ interface AthenaAuthClientConfig extends AthenaAuthCallOptions {
798
+ fetch?: typeof fetch;
799
+ }
800
+ type AthenaAuthGenericInput = AthenaAuthFetchCompatibleInput & Record<string, unknown>;
801
+ type AthenaAuthGenericQueryInput = AthenaAuthFetchCompatibleInput & {
802
+ query?: Record<string, AthenaAuthQueryValue>;
803
+ };
804
+ type AthenaAuthResetPasswordBinding = ((input: AthenaResetPasswordRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>) & {
805
+ token: (input: {
806
+ token: string;
807
+ callbackURL?: string;
808
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<{
809
+ token?: string;
810
+ }>>;
811
+ };
812
+ type AthenaAuthSessionRevokeBinding = (input: (AthenaAuthRevokeSessionRequest & AthenaAuthFetchCompatibleInput) | (AthenaAuthRevokeSessionRequest[] & AthenaAuthFetchCompatibleInput), options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
813
+ type AthenaAuthAdminUserSessionRevokeBinding = (input: (AthenaAdminRevokeUserSessionRequest & AthenaAuthFetchCompatibleInput) | (AthenaAdminRevokeUserSessionsRequest & AthenaAuthFetchCompatibleInput) | ({
814
+ sessions: AthenaAdminRevokeUserSessionRequest[];
815
+ } & AthenaAuthFetchCompatibleInput) | ((AthenaAdminRevokeUserSessionRequest & AthenaAuthFetchCompatibleInput)[]), options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminSuccessResponse>>;
816
+ interface AthenaAuthOrganizationBindings {
817
+ /** Create an organization. Route: `POST /organization/create`. */
818
+ create: (input: AthenaAuthOrganizationCreateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOrganization>>;
819
+ /** Update an organization. Route: `POST /organization/update`. */
820
+ update: (input: AthenaAuthOrganizationUpdateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOrganization>>;
821
+ /** Delete an organization. Route: `POST /organization/delete`. */
822
+ delete: (input: AthenaAuthOrganizationDeleteRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
823
+ /** Set active organization for current session. Route: `POST /organization/set-active`. */
824
+ setActive: (input: AthenaAuthOrganizationSetActiveRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
825
+ /** List organizations visible to the current user. Route: `GET /organization/list`. */
826
+ list: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOrganization[]>>;
827
+ /** Get organization details including related members/invitations. Route: `GET /organization/get-full-organization`. */
828
+ getFull: (input?: {
829
+ query?: AthenaAuthOrganizationGetFullQuery;
830
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<{
831
+ organization: AthenaAuthOrganization;
832
+ members?: AthenaAuthOrganizationMember[];
833
+ invitations?: AthenaAuthOrganizationInvitation[];
834
+ }>>;
835
+ /** Check if an organization slug is available. Route: `POST /organization/check-slug`. */
836
+ checkSlug: (input: AthenaAuthOrganizationCheckSlugRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<{
837
+ available: boolean;
838
+ }>>;
839
+ /** Leave an organization. Route: `POST /organization/leave`. */
840
+ leave: (input: AthenaAuthOrganizationLeaveRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
841
+ /** List invitations for the current user. Route: `GET /organization/list-user-invitations`. */
842
+ listUserInvitations: (input?: {
843
+ query?: AthenaAuthOrganizationListUserInvitationsQuery;
844
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOrganizationInvitation[]>>;
845
+ /** Check organization-level permissions for the current principal. Route: `POST /organization/has-permission`. */
846
+ hasPermission: (input: AthenaAdminHasPermissionRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminHasPermissionResponse>>;
847
+ invitation: {
848
+ /** Cancel an organization invitation. Route: `POST /organization/cancel-invitation`. */
849
+ cancel: (input: AthenaAuthOrganizationInvitationActionRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
850
+ /** Accept an organization invitation. Route: `POST /organization/accept-invitation`. */
851
+ accept: (input: AthenaAuthOrganizationInvitationActionRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
852
+ /** Get an invitation by id. Route: `GET /organization/get-invitation`. */
853
+ get: (input: {
854
+ query: AthenaAuthOrganizationGetInvitationQuery;
855
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOrganizationInvitation>>;
856
+ /** Reject an organization invitation. Route: `POST /organization/reject-invitation`. */
857
+ reject: (input: AthenaAuthOrganizationInvitationActionRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
858
+ /** List invitations for an organization. Route: `GET /organization/list-invitations`. */
859
+ list: (input?: {
860
+ query?: AthenaAuthOrganizationListInvitationsQuery;
861
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOrganizationInvitation[]>>;
862
+ };
863
+ member: {
864
+ /** Remove an organization member. Route: `POST /organization/remove-member`. */
865
+ remove: (input: AthenaAuthOrganizationRemoveMemberRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
866
+ /** Update a member role. Route: `POST /organization/update-member-role`. */
867
+ updateRole: (input: AthenaAuthOrganizationUpdateMemberRoleRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
868
+ /** Invite a member to an organization. Route: `POST /organization/invite-member`. */
869
+ invite: (input: AthenaAuthOrganizationInviteMemberRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOrganizationInvitation>>;
870
+ /** Get the active organization member context for the current session. Route: `GET /organization/get-active-member`. */
871
+ getActive: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOrganizationMember>>;
872
+ /** List organization members. Route: `GET /organization/list-members`. */
873
+ list: (input?: {
874
+ query?: AthenaAuthOrganizationListMembersQuery;
875
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOrganizationMember[]>>;
876
+ };
877
+ }
878
+ interface AthenaAuthBindings {
879
+ /** Get current session. Route: `GET /get-session`. */
880
+ getSession: AthenaAuthSdkClient['getSession'];
881
+ /** Sign out current session. Route: `POST /sign-out`. */
882
+ signOut: AthenaAuthSdkClient['signOut'];
883
+ /** Trigger password reset email flow. Route: `POST /forget-password`. */
884
+ forgetPassword: AthenaAuthSdkClient['forgetPassword'];
885
+ /** Reset password (`POST /reset-password`) and token resolver (`GET /reset-password/{token}`). */
886
+ resetPassword: AthenaAuthResetPasswordBinding;
887
+ /** Set password for the current authenticated user. Route: `POST /set-password`. */
888
+ setPassword: (input: AthenaSetPasswordRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
889
+ /** Verify email token. Route: `GET /verify-email`. */
890
+ verifyEmail: AthenaAuthSdkClient['verifyEmail'];
891
+ /** Send verification email. Route: `POST /send-verification-email`. */
892
+ sendVerificationEmail: AthenaAuthSdkClient['sendVerificationEmail'];
893
+ /** Start change-email flow. Route: `POST /change-email`. */
894
+ changeEmail: AthenaAuthSdkClient['changeEmail'];
895
+ /** Verify pending email change. Route: `GET /change-email/verify`. */
896
+ changeEmailVerify: (input: {
897
+ query: AthenaAuthTokenQuery;
898
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthTokenVerificationResponse>>;
899
+ /** Verify pending delete-user flow. Route: `GET /delete-user/verify`. */
900
+ deleteUserVerify: (input: {
901
+ query: AthenaAuthTokenQuery;
902
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthTokenVerificationResponse>>;
903
+ /** Change current user password. Route: `POST /change-password`. */
904
+ changePassword: AthenaAuthSdkClient['changePassword'];
905
+ user: {
906
+ /** Update current user profile fields. Route: `POST /update-user`. */
907
+ update: AthenaAuthSdkClient['updateUser'];
908
+ /** Delete current user. Route: `POST /delete-user`. */
909
+ delete: AthenaAuthSdkClient['deleteUser'];
910
+ email: {
911
+ /**
912
+ * List email identities for current user.
913
+ * Routes: primary `GET /email/list`; falls back to `GET /email-list` on `404`.
914
+ */
915
+ list: (input?: {
916
+ query?: AthenaAuthEmailListQuery;
917
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthEmailListResponse>>;
918
+ };
919
+ };
920
+ session: {
921
+ /** List user sessions. Route: `GET /list-sessions`. */
922
+ list: AthenaAuthSdkClient['listSessions'];
923
+ /** Revoke one or multiple sessions; collapses to `/revoke-session` or `/revoke-sessions` by payload shape. */
924
+ revoke: AthenaAuthSessionRevokeBinding;
925
+ /** Revoke all other sessions for current user. Route: `POST /revoke-other-sessions`. */
926
+ revokeOther: AthenaAuthSdkClient['revokeOtherSessions'];
927
+ };
928
+ social: {
929
+ /** Link a social provider to current user. Route: `POST /link-social`. */
930
+ link: AthenaAuthSdkClient['linkSocial'];
931
+ };
932
+ account: {
933
+ /** List linked provider accounts. Route: `GET /list-accounts`. */
934
+ list: AthenaAuthSdkClient['listAccounts'];
935
+ /** Unlink a provider account. Route: `POST /unlink-account`. */
936
+ unlink: AthenaAuthSdkClient['unlinkAccount'];
937
+ };
938
+ deleteUser: {
939
+ /** Callback endpoint for delete-user verification flows. Route: `GET /delete-user/callback`. */
940
+ callback: AthenaAuthSdkClient['deleteUserCallback'];
941
+ };
942
+ /** Refresh provider token. Route: `POST /refresh-token`. */
943
+ refreshToken: AthenaAuthSdkClient['refreshToken'];
944
+ /** Get provider access token. Route: `POST /get-access-token`. */
945
+ getAccessToken: AthenaAuthSdkClient['getAccessToken'];
946
+ /** Auth health route. Primary `GET /health`; falls back to `GET /ok` on `404`. */
947
+ health: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthHealthResponse>>;
948
+ /** Health route passthrough. Route: `GET /ok`. */
949
+ ok: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthOkResponse>>;
950
+ /** Error route passthrough. Route: `GET /error`. */
951
+ error: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthErrorResponse | string>>;
952
+ twoFactor: {
953
+ /** Get TOTP URI for setup. Route: `POST /two-factor/get-totp-uri`. */
954
+ getTotpUri: (input: AthenaTwoFactorGetTotpUriRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaTwoFactorGetTotpUriResponse>>;
955
+ /** Verify TOTP code. Route: `POST /two-factor/verify-totp`. */
956
+ verifyTotp: (input: AthenaTwoFactorVerifyTotpRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaTwoFactorVerifyTotpResponse>>;
957
+ /** Send one-time passcode (OTP). Route: `POST /two-factor/send-otp`. */
958
+ sendOtp: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
959
+ /** Verify OTP code. Route: `POST /two-factor/verify-otp`. */
960
+ verifyOtp: (input: AthenaTwoFactorVerifyOtpRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaTwoFactorVerifyOtpResponse>>;
961
+ /** Verify backup code. Route: `POST /two-factor/verify-backup-code`. */
962
+ verifyBackupCode: (input: AthenaTwoFactorVerifyBackupCodeRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaTwoFactorVerifyBackupCodeResponse>>;
963
+ /** Generate backup codes. Route: `POST /two-factor/generate-backup-codes`. */
964
+ generateBackupCodes: (input: AthenaTwoFactorGenerateBackupCodesRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaTwoFactorGenerateBackupCodesResponse>>;
965
+ /** Enable two-factor auth. Route: `POST /two-factor/enable`. */
966
+ enable: (input: AthenaTwoFactorEnableRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaTwoFactorEnableResponse>>;
967
+ /** Disable two-factor auth. Route: `POST /two-factor/disable`. */
968
+ disable: (input: AthenaTwoFactorDisableRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaTwoFactorDisableResponse>>;
969
+ };
970
+ passkey: {
971
+ /** Generate WebAuthn registration options. Route: `GET /passkey/generate-register-options`. */
972
+ generateRegisterOptions: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaPasskeyOptionsResponse>>;
973
+ /** Generate WebAuthn authentication options. Route: `POST /passkey/generate-authenticate-options`. */
974
+ generateAuthenticateOptions: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaPasskeyOptionsResponse>>;
975
+ /** Verify passkey registration response. Route: `POST /passkey/verify-registration`. */
976
+ verifyRegistration: (input: AthenaPasskeyVerifyRegistrationRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaPasskeyRecord>>;
977
+ /** Verify passkey authentication response. Route: `POST /passkey/verify-authentication`. */
978
+ verifyAuthentication: (input: AthenaPasskeyVerifyAuthenticationRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaPasskeyVerifyAuthenticationResponse>>;
979
+ /** List current user's passkeys. Route: `GET /passkey/list-user-passkeys`. */
980
+ listUserPasskeys: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaPasskeyRecord[]>>;
981
+ /** Delete a passkey. Route: `POST /passkey/delete-passkey`. */
982
+ deletePasskey: (input: AthenaPasskeyDeleteRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaPasskeyDeleteResponse>>;
983
+ /** Update a passkey metadata record. Route: `POST /passkey/update-passkey`. */
984
+ updatePasskey: (input: AthenaPasskeyUpdateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaPasskeyUpdateResponse>>;
985
+ /** Return related origins for WebAuthn. Route: `GET /.well-known/webauthn`. */
986
+ getRelatedOrigins: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<{
987
+ origins?: string[];
988
+ }>>;
989
+ };
990
+ admin: {
991
+ role: {
992
+ /** Set a user role. Route: `POST /admin/set-role`. */
993
+ set: (input: AthenaAdminSetRoleRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminUserResponse>>;
994
+ };
995
+ user: {
996
+ /** List users. Route: `GET /admin/list-users`. */
997
+ list: (input?: {
998
+ query?: AthenaAdminListUsersQuery;
999
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminListUsersResponse>>;
1000
+ /** Create user. Route: `POST /admin/create-user`. */
1001
+ create: (input: AthenaAdminCreateUserRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminUserResponse>>;
1002
+ /** Unban user. Route: `POST /admin/unban-user`. */
1003
+ unban: (input: AthenaAdminTargetUserRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminUserResponse>>;
1004
+ /** Ban user. Route: `POST /admin/ban-user`. */
1005
+ ban: (input: AthenaAdminBanUserRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminUserResponse>>;
1006
+ /** Start impersonation. Route: `POST /admin/impersonate-user`. */
1007
+ impersonate: (input: AthenaAdminTargetUserRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminImpersonateResponse>>;
1008
+ /** Stop impersonation. Route: `POST /admin/stop-impersonating`. */
1009
+ stopImpersonating: (input?: AthenaAdminStopImpersonatingRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthLooseRecord>>;
1010
+ /** Remove user. Route: `POST /admin/remove-user`. */
1011
+ remove: (input: AthenaAdminTargetUserRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminSuccessResponse>>;
1012
+ /** Set user password. Route: `POST /admin/set-user-password`. */
1013
+ setPassword: (input: AthenaAdminSetUserPasswordRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1014
+ session: {
1015
+ /** List sessions for a target user. Route: `POST /admin/list-user-sessions`. */
1016
+ list: (input: AthenaAdminListUserSessionsRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminListUserSessionsResponse>>;
1017
+ /**
1018
+ * Revoke one or multiple sessions; collapses to `/admin/revoke-user-session` or
1019
+ * `/admin/revoke-user-sessions`. `userId` is required and plural payloads must share one `userId`.
1020
+ */
1021
+ revoke: AthenaAuthAdminUserSessionRevokeBinding;
1022
+ };
1023
+ };
1024
+ /** Check permission under admin policy. Route: `POST /admin/has-permission`. */
1025
+ hasPermission: (input: AthenaAdminHasPermissionRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminHasPermissionResponse>>;
1026
+ apiKey: {
1027
+ /** Create admin-scoped API key. Route: `POST /admin/api-key/create`. */
1028
+ create: (input?: AthenaAdminApiKeyCreateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminApiKeyCreateResponse>>;
1029
+ };
1030
+ athenaClient: {
1031
+ /** Create Athena client credentials. Route: `POST /admin/athena-client/create`. */
1032
+ create: (input: AthenaAdminAthenaClientCreateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthLooseRecord>>;
1033
+ /** List Athena client credentials. Route: `GET /admin/athena-client/list`. */
1034
+ list: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminAthenaClientListResponse>>;
1035
+ };
1036
+ auditLog: {
1037
+ /** List auth audit events. Route: `GET /admin/audit-log/list`. */
1038
+ list: (input?: {
1039
+ query?: AthenaAdminAuditLogListQuery;
1040
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminAuditLogListResponse>>;
1041
+ };
1042
+ email: {
1043
+ /** List emails. Route: `GET /admin/email/list`. */
1044
+ list: (input?: {
1045
+ query?: AthenaAdminEmailListQuery;
1046
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailListResponse>>;
1047
+ /** Get a specific email record. Route: `GET /admin/email/get`. */
1048
+ get: (input: {
1049
+ query: AthenaAdminEmailGetQuery;
1050
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailGetResponse>>;
1051
+ /** Create an email record. Route: `POST /admin/email/create`. */
1052
+ create: (input: AthenaAdminEmailCreateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminSuccessResponse>>;
1053
+ /** Update an email record. Route: `POST /admin/email/update`. */
1054
+ update: (input: AthenaAdminEmailUpdateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailUpdateResponse>>;
1055
+ /** Delete an email record. Route: `POST /admin/email/delete`. */
1056
+ delete: (input: AthenaAdminEmailDeleteRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminSuccessResponse>>;
1057
+ failure: {
1058
+ /** List email failure records. Route: `GET /admin/email-failure/list`. */
1059
+ list: (input?: {
1060
+ query?: AthenaAdminEmailFailureListQuery;
1061
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailFailureListResponse>>;
1062
+ /** Get an email failure record. Route: `GET /admin/email-failure/get`. */
1063
+ get: (input: {
1064
+ query: AthenaAdminEmailFailureGetQuery;
1065
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailFailureGetResponse>>;
1066
+ /** Create an email failure record. Route: `POST /admin/email-failure/create`. */
1067
+ create: (input: AthenaAdminEmailFailureCreateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminSuccessResponse>>;
1068
+ /** Update an email failure record. Route: `POST /admin/email-failure/update`. */
1069
+ update: (input: AthenaAdminEmailFailureUpdateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailFailureUpdateResponse>>;
1070
+ /** Delete an email failure record. Route: `POST /admin/email-failure/delete`. */
1071
+ delete: (input: AthenaAdminEmailFailureDeleteRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminSuccessResponse>>;
1072
+ };
1073
+ template: {
1074
+ /** List email templates. Route: `GET /admin/email-template/list`. */
1075
+ list: (input?: {
1076
+ query?: AthenaAdminEmailTemplateListQuery;
1077
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailTemplateListResponse>>;
1078
+ /** Get email template by ID. Route: `GET /admin/email-template/get`. */
1079
+ get: (input: {
1080
+ query: AthenaAdminEmailTemplateGetQuery;
1081
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailTemplateGetResponse>>;
1082
+ /** Create email template. Route: `POST /admin/email-template/create`. */
1083
+ create: (input: AthenaAdminEmailTemplateCreateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthLooseRecord>>;
1084
+ /** Update email template. Route: `POST /admin/email-template/update`. */
1085
+ update: (input: AthenaAdminEmailTemplateUpdateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthLooseRecord>>;
1086
+ /** Delete email template. Route: `POST /admin/email-template/delete`. */
1087
+ delete: (input: AthenaAdminEmailTemplateDeleteRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminSuccessResponse>>;
1088
+ };
1089
+ };
1090
+ emailTemplate: {
1091
+ /** Get email template by ID. Route: `GET /admin/email-template/get`. */
1092
+ get: (input: {
1093
+ query: AthenaAdminEmailTemplateGetQuery;
1094
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailTemplateGetResponse>>;
1095
+ /** Create email template. Route: `POST /admin/email-template/create`. */
1096
+ create: (input: AthenaAdminEmailTemplateCreateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthLooseRecord>>;
1097
+ /** Delete email template. Route: `POST /admin/email-template/delete`. */
1098
+ delete: (input: AthenaAdminEmailTemplateDeleteRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminSuccessResponse>>;
1099
+ /** List email templates. Route: `GET /admin/email-template/list`. */
1100
+ list: (input?: {
1101
+ query?: AthenaAdminEmailTemplateListQuery;
1102
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminEmailTemplateListResponse>>;
1103
+ /** Update email template. Route: `POST /admin/email-template/update`. */
1104
+ update: (input: AthenaAdminEmailTemplateUpdateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthLooseRecord>>;
1105
+ };
1106
+ };
1107
+ apiKey: {
1108
+ /** Create API key. Route: `POST /api-key/create`. */
1109
+ create: (input: AthenaApiKeyCreateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaApiKeyRecord>>;
1110
+ /** Get API key metadata. Route: `GET /api-key/get`. */
1111
+ get: (input?: {
1112
+ query?: AthenaApiKeyGetQuery;
1113
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaApiKeyRecord>>;
1114
+ /** Update API key metadata. Route: `POST /api-key/update`. */
1115
+ update: (input: AthenaApiKeyUpdateRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaApiKeyRecord>>;
1116
+ /** Delete API key. Route: `POST /api-key/delete`. */
1117
+ delete: (input: AthenaApiKeyDeleteRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAdminSuccessResponse>>;
1118
+ /** List API keys. Route: `GET /api-key/list`. */
1119
+ list: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaApiKeyRecord[]>>;
1120
+ /** Verify an API key. Route: `POST /api-key/verify`. */
1121
+ verify: (input: AthenaApiKeyVerifyRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaApiKeyVerifyResponse>>;
1122
+ /** Delete all expired API keys. Route: `POST /api-key/delete-all-expired-api-keys`. */
1123
+ deleteAllExpired: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaApiKeyDeleteAllExpiredResponse>>;
1124
+ };
1125
+ signIn: {
1126
+ /** Sign in with email and password. Route: `POST /sign-in/email`. */
1127
+ email: AthenaAuthSdkClient['signIn']['email'];
1128
+ /** Sign in with username and password. Route: `POST /sign-in/username`. */
1129
+ username: AthenaAuthSdkClient['signIn']['username'];
1130
+ /** Sign in with social provider. Route: `POST /sign-in/social`. */
1131
+ social: AthenaAuthSdkClient['signIn']['social'];
1132
+ };
1133
+ signUp: {
1134
+ /** Sign up with email/password identity. Route: `POST /sign-up/email`. */
1135
+ email: AthenaAuthSdkClient['signUp']['email'];
1136
+ };
1137
+ /** Organization plugin helper surface. Routes: `/organization/*`. */
1138
+ organization: AthenaAuthOrganizationBindings;
1139
+ callback: {
1140
+ /** OAuth provider callback passthrough. Route: `GET /callback/{provider}`. */
1141
+ provider: (input: AthenaAuthCallbackProviderRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthCallbackProviderResponse>>;
1142
+ };
1143
+ }
1144
+ interface AthenaAuthSdkClient {
1145
+ baseUrl: string;
1146
+ request: <T = unknown>(input: AthenaAuthRequestInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<T>>;
1147
+ signIn: {
1148
+ email: (input: AthenaEmailSignInRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthSignInResponse>>;
1149
+ username: (input: AthenaUsernameSignInRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthSignInResponse>>;
1150
+ social: (input: AthenaSocialSignInRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthSocialRedirectResponse | AthenaAuthSignInResponse>>;
1151
+ };
1152
+ signUp: {
1153
+ email: (input: AthenaEmailSignUpRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthSignInResponse>>;
1154
+ };
1155
+ signOut: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthSignOutResponse>>;
1156
+ logout: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthSignOutResponse>>;
1157
+ getSession: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthSessionResponse>>;
1158
+ listSessions: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthSession[]>>;
1159
+ revokeSession: (input: AthenaAuthRevokeSessionRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1160
+ clearSession: (input: AthenaAuthRevokeSessionRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1161
+ revokeSessions: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1162
+ clearSessions: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1163
+ revokeOtherSessions: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1164
+ clearOtherSessions: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1165
+ forgetPassword: (input: AthenaForgetPasswordRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1166
+ resetPassword: (input: AthenaResetPasswordRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1167
+ resolveResetPasswordToken: (input: {
1168
+ token: string;
1169
+ callbackURL?: string;
1170
+ } & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<{
1171
+ token?: string;
1172
+ }>>;
1173
+ verifyEmail: (input: AthenaVerifyEmailRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<{
1174
+ user: AthenaAuthUser;
1175
+ status: boolean;
1176
+ }>>;
1177
+ sendVerificationEmail: (input: AthenaSendVerificationEmailRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1178
+ changeEmail: (input: AthenaChangeEmailRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthEmailChangeResponse>>;
1179
+ changePassword: (input: AthenaChangePasswordRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<{
1180
+ token?: string | null;
1181
+ user: AthenaAuthUser;
1182
+ }>>;
1183
+ updateUser: (input: AthenaUpdateUserRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1184
+ deleteUser: (input?: AthenaDeleteUserRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaDeleteUserResponse>>;
1185
+ deleteUserCallback: (input?: AthenaDeleteUserCallbackRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaDeleteUserResponse>>;
1186
+ linkSocial: (input: AthenaLinkSocialRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthSocialRedirectResponse>>;
1187
+ listAccounts: (input?: AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthLinkedAccount[]>>;
1188
+ unlinkAccount: (input: AthenaUnlinkAccountRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaAuthStatusResponse>>;
1189
+ refreshToken: (input: AthenaOAuthAccountTokenRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaOAuthTokenBundle>>;
1190
+ getAccessToken: (input: AthenaOAuthAccountTokenRequest & AthenaAuthFetchCompatibleInput, options?: AthenaAuthCallOptions) => Promise<AthenaAuthResult<AthenaOAuthTokenBundle>>;
1191
+ organization: AthenaAuthOrganizationBindings;
1192
+ auth: AthenaAuthBindings;
1193
+ }
1194
+
1195
+ interface AthenaGatewayErrorInput {
1196
+ code: AthenaGatewayErrorCode;
1197
+ message: string;
1198
+ status?: number;
1199
+ endpoint?: AthenaGatewayEndpointPath;
1200
+ method?: AthenaGatewayMethod;
1201
+ requestId?: string;
1202
+ hint?: string;
1203
+ cause?: string;
1204
+ }
1205
+ /**
1206
+ * Canonical error for gateway failures.
1207
+ * Holds request context and machine-readable classification.
1208
+ */
1209
+ declare class AthenaGatewayError extends Error {
1210
+ readonly code: AthenaGatewayErrorCode;
1211
+ readonly status: number;
1212
+ readonly endpoint?: AthenaGatewayEndpointPath;
1213
+ readonly method?: AthenaGatewayMethod;
1214
+ readonly requestId?: string;
1215
+ readonly hint?: string;
1216
+ readonly causeDetail?: string;
1217
+ constructor(input: AthenaGatewayErrorInput);
1218
+ toDetails(): AthenaGatewayErrorDetails;
1219
+ static fromResponse<T>(response: AthenaGatewayResponse<T>, fallback: Omit<AthenaGatewayErrorInput, 'code' | 'message' | 'status'>): AthenaGatewayError;
1220
+ }
1221
+ declare function isAthenaGatewayError(error: unknown): error is AthenaGatewayError;
1222
+
1223
+ type ModelFormNullishMode = 'empty-string' | 'undefined' | 'null';
1224
+ type NullishValueByMode = {
1225
+ 'empty-string': '';
1226
+ undefined: undefined;
1227
+ null: null;
1228
+ };
1229
+ type MapNullableToFormValue<TField, TMode extends ModelFormNullishMode> = null extends TField ? Exclude<TField, null> | NullishValueByMode[TMode] : TField;
1230
+ /**
1231
+ * Form value shape derived from a model insert payload.
1232
+ * Nullable fields are remapped to the selected nullish representation.
1233
+ */
1234
+ type ModelFormValues<TModel extends AnyModelDef, TMode extends ModelFormNullishMode = 'empty-string'> = {
1235
+ [K in keyof InsertOf<TModel>]: MapNullableToFormValue<InsertOf<TModel>[K], TMode>;
1236
+ };
1237
+ /**
1238
+ * Default value shape for form initialization.
1239
+ */
1240
+ type ModelFormDefaults<TModel extends AnyModelDef, TMode extends ModelFormNullishMode = 'empty-string'> = Partial<ModelFormValues<TModel, TMode>>;
1241
+ interface ToModelFormDefaultsOptions<TMode extends ModelFormNullishMode = 'empty-string'> {
1242
+ /**
1243
+ * Controls how nullable model values are represented in form defaults.
1244
+ * - `empty-string` (default): `null -> ""`
1245
+ * - `undefined`: `null -> undefined`
1246
+ * - `null`: keeps `null`
1247
+ */
1248
+ nullishMode?: TMode;
1249
+ }
1250
+ interface ToModelPayloadOptions {
1251
+ /**
1252
+ * Converts `""` into `null` for nullable model fields.
1253
+ * Defaults to `true`.
1254
+ */
1255
+ emptyStringAsNull?: boolean;
1256
+ /**
1257
+ * Omits `undefined` keys from the outgoing payload.
1258
+ * Defaults to `true`.
1259
+ */
1260
+ stripUndefined?: boolean;
1261
+ }
1262
+ /**
1263
+ * Normalizes model data into form-safe defaults using model nullability metadata.
1264
+ */
1265
+ declare function toModelFormDefaults<TModel extends AnyModelDef, TMode extends ModelFormNullishMode = 'empty-string'>(model: TModel, values?: Partial<RowOf<TModel>> | Partial<InsertOf<TModel>> | null, options?: ToModelFormDefaultsOptions<TMode>): ModelFormDefaults<TModel, TMode>;
1266
+ /**
1267
+ * Normalizes form values back into model-compatible insert/update payloads.
1268
+ */
1269
+ declare function toModelPayload<TModel extends AnyModelDef>(model: TModel, formValues: Partial<ModelFormValues<TModel, 'empty-string' | 'undefined' | 'null'>>, options?: ToModelPayloadOptions): Partial<InsertOf<TModel>>;
1270
+ /**
1271
+ * Runtime form adapter bound to a model contract.
1272
+ */
1273
+ interface ModelFormAdapter<TModel extends AnyModelDef> {
1274
+ model: TModel;
1275
+ toDefaults<TMode extends ModelFormNullishMode = 'empty-string'>(values?: Partial<RowOf<TModel>> | Partial<InsertOf<TModel>> | null, options?: ToModelFormDefaultsOptions<TMode>): ModelFormDefaults<TModel, TMode>;
1276
+ toInsert(values: Partial<ModelFormValues<TModel, 'empty-string' | 'undefined' | 'null'>>, options?: ToModelPayloadOptions): Partial<InsertOf<TModel>>;
1277
+ toUpdate(values: Partial<ModelFormValues<TModel, 'empty-string' | 'undefined' | 'null'>>, options?: ToModelPayloadOptions): Partial<UpdateOf<TModel>>;
1278
+ }
1279
+ /**
1280
+ * Creates a small model-aware adapter for form defaults and payload normalization.
1281
+ */
1282
+ declare function createModelFormAdapter<TModel extends AnyModelDef>(model: TModel): ModelFormAdapter<TModel>;
1283
+
1284
+ export { type ModelFormNullishMode as $, type AthenaAuthBindings as A, type AthenaAuthSignInResponse as B, type AthenaAuthSignOutResponse as C, type AthenaAuthSocialRedirectResponse as D, type AthenaAuthStatusResponse as E, type AthenaAuthUser as F, type AthenaChangeEmailRequest as G, type AthenaChangePasswordRequest as H, type AthenaDeleteUserCallbackRequest as I, type AthenaDeleteUserRequest as J, type AthenaDeleteUserResponse as K, type AthenaEmailSignInRequest as L, type AthenaEmailSignUpRequest as M, type AthenaForgetPasswordRequest as N, AthenaGatewayError as O, type AthenaLinkSocialRequest as P, type AthenaOAuthAccountTokenRequest as Q, type AthenaOAuthTokenBundle as R, type AthenaResetPasswordRequest as S, type AthenaSendVerificationEmailRequest as T, type AthenaSocialSignInRequest as U, type AthenaUnlinkAccountRequest as V, type AthenaUpdateUserRequest as W, type AthenaUsernameSignInRequest as X, type AthenaVerifyEmailRequest as Y, type ModelFormAdapter as Z, type ModelFormDefaults as _, type AthenaAuthClientConfig as a, type ModelFormValues as a0, type ToModelFormDefaultsOptions as a1, type ToModelPayloadOptions as a2, createModelFormAdapter as a3, isAthenaGatewayError as a4, toModelFormDefaults as a5, toModelPayload as a6, type AthenaAuthFetchCompatibleInput as a7, type AthenaAuthSdkClient as b, type AthenaAuthAdminUserSessionRevokeBinding as c, type AthenaAuthCallOptions as d, type AthenaAuthCredentials as e, type AthenaAuthEmailChangeResponse as f, type AthenaAuthEndpointPath as g, type AthenaAuthErrorCode as h, type AthenaAuthErrorDetails as i, type AthenaAuthGenericInput as j, type AthenaAuthGenericQueryInput as k, type AthenaAuthLinkedAccount as l, type AthenaAuthMethod as m, type AthenaAuthOrganization as n, type AthenaAuthOrganizationBindings as o, type AthenaAuthOrganizationInvitation as p, type AthenaAuthOrganizationMember as q, type AthenaAuthQueryPrimitive as r, type AthenaAuthQueryValue as s, type AthenaAuthRequestInput as t, type AthenaAuthResetPasswordBinding as u, type AthenaAuthResult as v, type AthenaAuthRevokeSessionRequest as w, type AthenaAuthSession as x, type AthenaAuthSessionResponse as y, type AthenaAuthSessionRevokeBinding as z };