authhero 4.110.0 → 4.112.0

package/dist/authhero.d.ts

@@ -3063,7 +3063,9 @@ export declare const clientInsertSchema: z.ZodObject<{
 	token_endpoint_auth_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<[
 		"none",
 		"client_secret_post",
-		"client_secret_basic"
+		"client_secret_basic",
+		"client_secret_jwt",
+		"private_key_jwt"
 	]>>>;
 	client_metadata: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodString>>>;
 	mobile: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
@@ -3179,7 +3181,7 @@ export declare const clientInsertSchema: z.ZodObject<{
 	custom_login_page_preview?: string | undefined;
 	form_template?: string | undefined;
 	addons?: Record<string, any> | undefined;
-	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 	client_metadata?: Record<string, string> | undefined;
 	mobile?: Record<string, any> | undefined;
 	initiate_login_uri?: string | undefined;
@@ -3238,7 +3240,7 @@ export declare const clientInsertSchema: z.ZodObject<{
 	custom_login_page_preview?: string | undefined;
 	form_template?: string | undefined;
 	addons?: Record<string, any> | undefined;
-	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 	client_metadata?: Record<string, string> | undefined;
 	mobile?: Record<string, any> | undefined;
 	initiate_login_uri?: string | undefined;
@@ -3321,7 +3323,9 @@ export declare const clientSchema: z.ZodObject<{
 	token_endpoint_auth_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<[
 		"none",
 		"client_secret_post",
-		"client_secret_basic"
+		"client_secret_basic",
+		"client_secret_jwt",
+		"private_key_jwt"
 	]>>>;
 	client_metadata: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodString>>>;
 	mobile: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
@@ -3441,7 +3445,7 @@ export declare const clientSchema: z.ZodObject<{
 	custom_login_page_preview?: string | undefined;
 	form_template?: string | undefined;
 	addons?: Record<string, any> | undefined;
-	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 	client_metadata?: Record<string, string> | undefined;
 	mobile?: Record<string, any> | undefined;
 	initiate_login_uri?: string | undefined;
@@ -3502,7 +3506,7 @@ export declare const clientSchema: z.ZodObject<{
 	custom_login_page_preview?: string | undefined;
 	form_template?: string | undefined;
 	addons?: Record<string, any> | undefined;
-	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 	client_metadata?: Record<string, string> | undefined;
 	mobile?: Record<string, any> | undefined;
 	initiate_login_uri?: string | undefined;
@@ -11698,6 +11702,8 @@ export declare const connectionOptionsSchema: z.ZodObject<{
 	twilio_sid: z.ZodOptional<z.ZodString>;
 	twilio_token: z.ZodOptional<z.ZodString>;
 	icon_url: z.ZodOptional<z.ZodString>;
+	domain_aliases: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+	callback_url: z.ZodOptional<z.ZodString>;
 	passwordPolicy: z.ZodOptional<z.ZodEnum<[
 		"none",
 		"low",
@@ -12124,6 +12130,8 @@ export declare const connectionOptionsSchema: z.ZodObject<{
 	twilio_sid?: string | undefined;
 	twilio_token?: string | undefined;
 	icon_url?: string | undefined;
+	domain_aliases?: string[] | undefined;
+	callback_url?: string | undefined;
 	passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 	password_complexity_options?: {
 		min_length?: number | undefined;
@@ -12227,6 +12235,8 @@ export declare const connectionOptionsSchema: z.ZodObject<{
 	twilio_sid?: string | undefined;
 	twilio_token?: string | undefined;
 	icon_url?: string | undefined;
+	domain_aliases?: string[] | undefined;
+	callback_url?: string | undefined;
 	passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 	password_complexity_options?: {
 		min_length?: number | undefined;
@@ -12330,6 +12340,8 @@ export declare const connectionInsertSchema: z.ZodObject<{
 		twilio_sid: z.ZodOptional<z.ZodString>;
 		twilio_token: z.ZodOptional<z.ZodString>;
 		icon_url: z.ZodOptional<z.ZodString>;
+		domain_aliases: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+		callback_url: z.ZodOptional<z.ZodString>;
 		passwordPolicy: z.ZodOptional<z.ZodEnum<[
 			"none",
 			"low",
@@ -12756,6 +12768,8 @@ export declare const connectionInsertSchema: z.ZodObject<{
 		twilio_sid?: string | undefined;
 		twilio_token?: string | undefined;
 		icon_url?: string | undefined;
+		domain_aliases?: string[] | undefined;
+		callback_url?: string | undefined;
 		passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 		password_complexity_options?: {
 			min_length?: number | undefined;
@@ -12859,6 +12873,8 @@ export declare const connectionInsertSchema: z.ZodObject<{
 		twilio_sid?: string | undefined;
 		twilio_token?: string | undefined;
 		icon_url?: string | undefined;
+		domain_aliases?: string[] | undefined;
+		callback_url?: string | undefined;
 		passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 		password_complexity_options?: {
 			min_length?: number | undefined;
@@ -12962,6 +12978,8 @@ export declare const connectionInsertSchema: z.ZodObject<{
 		twilio_sid?: string | undefined;
 		twilio_token?: string | undefined;
 		icon_url?: string | undefined;
+		domain_aliases?: string[] | undefined;
+		callback_url?: string | undefined;
 		passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 		password_complexity_options?: {
 			min_length?: number | undefined;
@@ -13074,6 +13092,8 @@ export declare const connectionInsertSchema: z.ZodObject<{
 		twilio_sid?: string | undefined;
 		twilio_token?: string | undefined;
 		icon_url?: string | undefined;
+		domain_aliases?: string[] | undefined;
+		callback_url?: string | undefined;
 		passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 		password_complexity_options?: {
 			min_length?: number | undefined;
@@ -13206,6 +13226,8 @@ export declare const connectionSchema: z.ZodObject<{
 		twilio_sid: z.ZodOptional<z.ZodString>;
 		twilio_token: z.ZodOptional<z.ZodString>;
 		icon_url: z.ZodOptional<z.ZodString>;
+		domain_aliases: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+		callback_url: z.ZodOptional<z.ZodString>;
 		passwordPolicy: z.ZodOptional<z.ZodEnum<[
 			"none",
 			"low",
@@ -13632,6 +13654,8 @@ export declare const connectionSchema: z.ZodObject<{
 		twilio_sid?: string | undefined;
 		twilio_token?: string | undefined;
 		icon_url?: string | undefined;
+		domain_aliases?: string[] | undefined;
+		callback_url?: string | undefined;
 		passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 		password_complexity_options?: {
 			min_length?: number | undefined;
@@ -13735,6 +13759,8 @@ export declare const connectionSchema: z.ZodObject<{
 		twilio_sid?: string | undefined;
 		twilio_token?: string | undefined;
 		icon_url?: string | undefined;
+		domain_aliases?: string[] | undefined;
+		callback_url?: string | undefined;
 		passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 		password_complexity_options?: {
 			min_length?: number | undefined;
@@ -13838,6 +13864,8 @@ export declare const connectionSchema: z.ZodObject<{
 		twilio_sid?: string | undefined;
 		twilio_token?: string | undefined;
 		icon_url?: string | undefined;
+		domain_aliases?: string[] | undefined;
+		callback_url?: string | undefined;
 		passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 		password_complexity_options?: {
 			min_length?: number | undefined;
@@ -13952,6 +13980,8 @@ export declare const connectionSchema: z.ZodObject<{
 		twilio_sid?: string | undefined;
 		twilio_token?: string | undefined;
 		icon_url?: string | undefined;
+		domain_aliases?: string[] | undefined;
+		callback_url?: string | undefined;
 		passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 		password_complexity_options?: {
 			min_length?: number | undefined;
@@ -43139,7 +43169,7 @@ export declare const inviteSchema: z.ZodObject<{
 	ticket_id?: string | undefined;
 }>;
 export type Invite = z.infer<typeof inviteSchema>;
-export declare const jwksSchema: z.ZodObject<{
+export declare const jwksSchema: z.ZodEffects<z.ZodObject<{
 	alg: z.ZodEnum<[
 		"RS256",
 		"RS384",
@@ -43151,41 +43181,74 @@ export declare const jwksSchema: z.ZodObject<{
 		"HS384",
 		"HS512"
 	]>;
-	e: z.ZodString;
 	kid: z.ZodString;
 	kty: z.ZodEnum<[
 		"RSA",
 		"EC",
 		"oct"
 	]>;
-	n: z.ZodString;
-	x5t: z.ZodOptional<z.ZodString>;
-	x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
 	use: z.ZodOptional<z.ZodEnum<[
 		"sig",
 		"enc"
 	]>>;
+	n: z.ZodOptional<z.ZodString>;
+	e: z.ZodOptional<z.ZodString>;
+	crv: z.ZodOptional<z.ZodString>;
+	x: z.ZodOptional<z.ZodString>;
+	y: z.ZodOptional<z.ZodString>;
+	x5t: z.ZodOptional<z.ZodString>;
+	x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
 }, "strip", z.ZodTypeAny, {
 	kid: string;
 	alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
-	e: string;
 	kty: "RSA" | "EC" | "oct";
-	n: string;
+	x?: string | undefined;
+	y?: string | undefined;
+	use?: "sig" | "enc" | undefined;
+	n?: string | undefined;
+	e?: string | undefined;
+	crv?: string | undefined;
 	x5t?: string | undefined;
 	x5c?: string[] | undefined;
-	use?: "sig" | "enc" | undefined;
 }, {
 	kid: string;
 	alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
-	e: string;
 	kty: "RSA" | "EC" | "oct";
-	n: string;
+	x?: string | undefined;
+	y?: string | undefined;
+	use?: "sig" | "enc" | undefined;
+	n?: string | undefined;
+	e?: string | undefined;
+	crv?: string | undefined;
 	x5t?: string | undefined;
 	x5c?: string[] | undefined;
+}>, {
+	kid: string;
+	alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
+	kty: "RSA" | "EC" | "oct";
+	x?: string | undefined;
+	y?: string | undefined;
 	use?: "sig" | "enc" | undefined;
+	n?: string | undefined;
+	e?: string | undefined;
+	crv?: string | undefined;
+	x5t?: string | undefined;
+	x5c?: string[] | undefined;
+}, {
+	kid: string;
+	alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
+	kty: "RSA" | "EC" | "oct";
+	x?: string | undefined;
+	y?: string | undefined;
+	use?: "sig" | "enc" | undefined;
+	n?: string | undefined;
+	e?: string | undefined;
+	crv?: string | undefined;
+	x5t?: string | undefined;
+	x5c?: string[] | undefined;
 }>;
 export declare const jwksKeySchema: z.ZodObject<{
-	keys: z.ZodArray<z.ZodObject<{
+	keys: z.ZodArray<z.ZodEffects<z.ZodObject<{
 		alg: z.ZodEnum<[
 			"RS256",
 			"RS384",
@@ -43197,62 +43260,103 @@ export declare const jwksKeySchema: z.ZodObject<{
 			"HS384",
 			"HS512"
 		]>;
-		e: z.ZodString;
 		kid: z.ZodString;
 		kty: z.ZodEnum<[
 			"RSA",
 			"EC",
 			"oct"
 		]>;
-		n: z.ZodString;
-		x5t: z.ZodOptional<z.ZodString>;
-		x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
 		use: z.ZodOptional<z.ZodEnum<[
 			"sig",
 			"enc"
 		]>>;
+		n: z.ZodOptional<z.ZodString>;
+		e: z.ZodOptional<z.ZodString>;
+		crv: z.ZodOptional<z.ZodString>;
+		x: z.ZodOptional<z.ZodString>;
+		y: z.ZodOptional<z.ZodString>;
+		x5t: z.ZodOptional<z.ZodString>;
+		x5c: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
 	}, "strip", z.ZodTypeAny, {
 		kid: string;
 		alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
-		e: string;
 		kty: "RSA" | "EC" | "oct";
-		n: string;
+		x?: string | undefined;
+		y?: string | undefined;
+		use?: "sig" | "enc" | undefined;
+		n?: string | undefined;
+		e?: string | undefined;
+		crv?: string | undefined;
 		x5t?: string | undefined;
 		x5c?: string[] | undefined;
-		use?: "sig" | "enc" | undefined;
 	}, {
 		kid: string;
 		alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
-		e: string;
 		kty: "RSA" | "EC" | "oct";
-		n: string;
+		x?: string | undefined;
+		y?: string | undefined;
+		use?: "sig" | "enc" | undefined;
+		n?: string | undefined;
+		e?: string | undefined;
+		crv?: string | undefined;
 		x5t?: string | undefined;
 		x5c?: string[] | undefined;
+	}>, {
+		kid: string;
+		alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
+		kty: "RSA" | "EC" | "oct";
+		x?: string | undefined;
+		y?: string | undefined;
 		use?: "sig" | "enc" | undefined;
+		n?: string | undefined;
+		e?: string | undefined;
+		crv?: string | undefined;
+		x5t?: string | undefined;
+		x5c?: string[] | undefined;
+	}, {
+		kid: string;
+		alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
+		kty: "RSA" | "EC" | "oct";
+		x?: string | undefined;
+		y?: string | undefined;
+		use?: "sig" | "enc" | undefined;
+		n?: string | undefined;
+		e?: string | undefined;
+		crv?: string | undefined;
+		x5t?: string | undefined;
+		x5c?: string[] | undefined;
 	}>, "many">;
 }, "strip", z.ZodTypeAny, {
 	keys: {
 		kid: string;
 		alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
-		e: string;
 		kty: "RSA" | "EC" | "oct";
-		n: string;
+		x?: string | undefined;
+		y?: string | undefined;
+		use?: "sig" | "enc" | undefined;
+		n?: string | undefined;
+		e?: string | undefined;
+		crv?: string | undefined;
 		x5t?: string | undefined;
 		x5c?: string[] | undefined;
-		use?: "sig" | "enc" | undefined;
 	}[];
 }, {
 	keys: {
 		kid: string;
 		alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
-		e: string;
 		kty: "RSA" | "EC" | "oct";
-		n: string;
+		x?: string | undefined;
+		y?: string | undefined;
+		use?: "sig" | "enc" | undefined;
+		n?: string | undefined;
+		e?: string | undefined;
+		crv?: string | undefined;
 		x5t?: string | undefined;
 		x5c?: string[] | undefined;
-		use?: "sig" | "enc" | undefined;
 	}[];
 }>;
+export type Jwk = z.infer<typeof jwksSchema>;
+export type Jwks = z.infer<typeof jwksKeySchema>;
 export declare const openIDConfigurationSchema: z.ZodObject<{
 	issuer: z.ZodString;
 	authorization_endpoint: z.ZodString;
@@ -43275,6 +43379,7 @@ export declare const openIDConfigurationSchema: z.ZodObject<{
 	claims_supported: z.ZodArray<z.ZodString, "many">;
 	request_uri_parameter_supported: z.ZodBoolean;
 	request_parameter_supported: z.ZodBoolean;
+	request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
 	token_endpoint_auth_signing_alg_values_supported: z.ZodArray<z.ZodString, "many">;
 }, "strip", z.ZodTypeAny, {
 	authorization_endpoint: string;
@@ -43299,6 +43404,7 @@ export declare const openIDConfigurationSchema: z.ZodObject<{
 	registration_endpoint?: string | undefined;
 	end_session_endpoint?: string | undefined;
 	grant_types_supported?: string[] | undefined;
+	request_object_signing_alg_values_supported?: string[] | undefined;
 }, {
 	authorization_endpoint: string;
 	token_endpoint: string;
@@ -43322,6 +43428,7 @@ export declare const openIDConfigurationSchema: z.ZodObject<{
 	registration_endpoint?: string | undefined;
 	end_session_endpoint?: string | undefined;
 	grant_types_supported?: string[] | undefined;
+	request_object_signing_alg_values_supported?: string[] | undefined;
 }>;
 export interface ListParams {
 	page?: number;
@@ -51108,6 +51215,7 @@ export type Variables = {
 	countryCode?: CountryCode;
 	outboxEventPromises?: Promise<string>[];
 	backgroundPromises?: Promise<void>[];
+	client_authenticated_via_assertion?: boolean;
 };
 /**
  * Interface for SAML signing implementations.
@@ -52094,6 +52202,8 @@ declare const enrichedClientSchema: z.ZodObject<{
 			twilio_sid: z.ZodOptional<z.ZodString>;
 			twilio_token: z.ZodOptional<z.ZodString>;
 			icon_url: z.ZodOptional<z.ZodString>;
+			domain_aliases: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+			callback_url: z.ZodOptional<z.ZodString>;
 			passwordPolicy: z.ZodOptional<z.ZodEnum<[
 				"none",
 				"low",
@@ -52520,6 +52630,8 @@ declare const enrichedClientSchema: z.ZodObject<{
 			twilio_sid?: string | undefined;
 			twilio_token?: string | undefined;
 			icon_url?: string | undefined;
+			domain_aliases?: string[] | undefined;
+			callback_url?: string | undefined;
 			passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 			password_complexity_options?: {
 				min_length?: number | undefined;
@@ -52623,6 +52735,8 @@ declare const enrichedClientSchema: z.ZodObject<{
 			twilio_sid?: string | undefined;
 			twilio_token?: string | undefined;
 			icon_url?: string | undefined;
+			domain_aliases?: string[] | undefined;
+			callback_url?: string | undefined;
 			passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 			password_complexity_options?: {
 				min_length?: number | undefined;
@@ -52726,6 +52840,8 @@ declare const enrichedClientSchema: z.ZodObject<{
 			twilio_sid?: string | undefined;
 			twilio_token?: string | undefined;
 			icon_url?: string | undefined;
+			domain_aliases?: string[] | undefined;
+			callback_url?: string | undefined;
 			passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 			password_complexity_options?: {
 				min_length?: number | undefined;
@@ -52840,6 +52956,8 @@ declare const enrichedClientSchema: z.ZodObject<{
 			twilio_sid?: string | undefined;
 			twilio_token?: string | undefined;
 			icon_url?: string | undefined;
+			domain_aliases?: string[] | undefined;
+			callback_url?: string | undefined;
 			passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 			password_complexity_options?: {
 				min_length?: number | undefined;
@@ -53005,7 +53123,9 @@ declare const enrichedClientSchema: z.ZodObject<{
 	token_endpoint_auth_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<[
 		"none",
 		"client_secret_post",
-		"client_secret_basic"
+		"client_secret_basic",
+		"client_secret_jwt",
+		"private_key_jwt"
 	]>>>;
 	client_metadata: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodString>>>;
 	mobile: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>>;
@@ -53279,6 +53399,8 @@ declare const enrichedClientSchema: z.ZodObject<{
 			twilio_sid?: string | undefined;
 			twilio_token?: string | undefined;
 			icon_url?: string | undefined;
+			domain_aliases?: string[] | undefined;
+			callback_url?: string | undefined;
 			passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined;
 			password_complexity_options?: {
 				min_length?: number | undefined;
@@ -53403,7 +53525,7 @@ declare const enrichedClientSchema: z.ZodObject<{
 	custom_login_page_preview?: string | undefined;
 	form_template?: string | undefined;
 	addons?: Record<string, any> | undefined;
-	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 	client_metadata?: Record<string, string> | undefined;
 	mobile?: Record<string, any> | undefined;
 	initiate_login_uri?: string | undefined;
@@ -53648,7 +53770,7 @@ declare const enrichedClientSchema: z.ZodObject<{
 	custom_login_page_preview?: string | undefined;
 	form_template?: string | undefined;
 	addons?: Record<string, any> | undefined;
-	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+	token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 	client_metadata?: Record<string, string> | undefined;
 	mobile?: Record<string, any> | undefined;
 	initiate_login_uri?: string | undefined;
@@ -54041,6 +54163,16 @@ export interface OutboxConfig {
  * A per-client `user_linking_mode` overrides this service-level default.
  */
 export type UserLinkingMode = "builtin" | "off";
+/**
+ * Resolver form for the service-level user-linking mode. Receives the
+ * resolved `tenant_id` (and `client_id`, when the request has one) and
+ * returns the mode to use for that request. May be async.
+ */
+export type UserLinkingModeResolver = (params: {
+	tenant_id: string;
+	client_id?: string;
+}) => UserLinkingMode | Promise<UserLinkingMode>;
+export type UserLinkingModeOption = UserLinkingMode | UserLinkingModeResolver;
 export interface AuthHeroConfig {
 	dataAdapter: DataAdapters;
 	/**
@@ -54237,9 +54369,13 @@ export interface AuthHeroConfig {
 	 * lookup by verified email at user creation and email update. A per-client
 	 * `user_linking_mode` setting overrides this default.
 	 *
+	 * Accepts either a static value or a resolver function that receives
+	 * `{ tenant_id, client_id }` and returns the mode (sync or async). Use
+	 * the resolver form to disable built-in linking on a per-tenant basis.
+	 *
 	 * @default "builtin"
 	 */
-	userLinkingMode?: UserLinkingMode;
+	userLinkingMode?: UserLinkingModeOption;
 }
 export type UserInfo = {
 	sub: string;
@@ -54300,10 +54436,28 @@ export type Bindings = {
 	codeExecutor?: CodeExecutor;
 	webhookInvoker?: WebhookInvoker;
 	outbox?: OutboxConfig;
-	userLinkingMode?: UserLinkingMode;
+	userLinkingMode?: UserLinkingModeOption;
+	/**
+	 * Allow outbound fetches (jwks_uri, request_uri) to localhost / private IP
+	 * ranges and over plain http. Intended for tests and local development;
+	 * leave unset (or false) in production so SSRF protection stays on.
+	 */
+	ALLOW_PRIVATE_OUTBOUND_FETCH?: boolean;
 };
+/**
+ * Supported signing-key shapes. Note: `EC-P-521` is not supported on
+ * Cloudflare Workers (`workerd`) — `crypto.subtle.generateKey` will reject
+ * `{ name: "ECDSA", namedCurve: "P-521" }` there. Callers running on Workers
+ * must pick `RSA`, `EC-P-256`, or `EC-P-384`.
+ */
+export type SigningKeyType = "RSA" | "EC-P-256" | "EC-P-384" | "EC-P-521";
 export interface CreateX509CertificateParams {
 	name: string;
+	/**
+	 * The key type to generate. Defaults to "RSA" (RS256-compatible) for
+	 * backwards compatibility with existing tenants.
+	 */
+	keyType?: SigningKeyType;
 }
 declare function createX509Certificate(params: CreateX509CertificateParams): Promise<SigningKey>;
 export type AppLogoProps = {
@@ -54606,6 +54760,30 @@ export interface InMemoryCacheConfig {
  * Create an in-memory cache adapter
  */
 export declare function createInMemoryCache(config?: InMemoryCacheConfig): CacheAdapter;
+export declare const mailgunCredentialsSchema: z.ZodObject<{
+	api_key: z.ZodString;
+	domain: z.ZodString;
+	region: z.ZodOptional<z.ZodNullable<z.ZodEnum<[
+		"eu"
+	]>>>;
+}, "strip", z.ZodTypeAny, {
+	api_key: string;
+	domain: string;
+	region?: "eu" | null | undefined;
+}, {
+	api_key: string;
+	domain: string;
+	region?: "eu" | null | undefined;
+}>;
+export type MailgunCredentials = z.infer<typeof mailgunCredentialsSchema>;
+export interface MailgunEmailServiceOptions {
+	fetchImpl?: typeof fetch;
+}
+export declare class MailgunEmailService implements EmailServiceAdapter {
+	private readonly fetchImpl;
+	constructor(options?: MailgunEmailServiceOptions);
+	send(params: EmailServiceSendParams): Promise<void>;
+}
 /**
  * Register a background promise tied to the current request.
  *
@@ -61820,6 +61998,8 @@ export declare function init(config: AuthHeroConfig): {
 						twilio_sid?: string | undefined | undefined;
 						twilio_token?: string | undefined | undefined;
 						icon_url?: string | undefined | undefined;
+						domain_aliases?: string[] | undefined | undefined;
+						callback_url?: string | undefined | undefined;
 						passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined | undefined;
 						password_complexity_options?: {
 							min_length?: number | undefined | undefined;
@@ -61942,6 +62122,8 @@ export declare function init(config: AuthHeroConfig): {
 							twilio_sid?: string | undefined | undefined;
 							twilio_token?: string | undefined | undefined;
 							icon_url?: string | undefined | undefined;
+							domain_aliases?: string[] | undefined | undefined;
+							callback_url?: string | undefined | undefined;
 							passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined | undefined;
 							password_complexity_options?: {
 								min_length?: number | undefined | undefined;
@@ -62083,6 +62265,8 @@ export declare function init(config: AuthHeroConfig): {
 						twilio_sid?: string | undefined | undefined;
 						twilio_token?: string | undefined | undefined;
 						icon_url?: string | undefined | undefined;
+						domain_aliases?: string[] | undefined | undefined;
+						callback_url?: string | undefined | undefined;
 						passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined | undefined;
 						password_complexity_options?: {
 							min_length?: number | undefined | undefined;
@@ -62252,6 +62436,8 @@ export declare function init(config: AuthHeroConfig): {
 						twilio_sid?: string | undefined | undefined;
 						twilio_token?: string | undefined | undefined;
 						icon_url?: string | undefined | undefined;
+						domain_aliases?: string[] | undefined | undefined;
+						callback_url?: string | undefined | undefined;
 						passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined | undefined;
 						password_complexity_options?: {
 							min_length?: number | undefined | undefined;
@@ -62400,6 +62586,8 @@ export declare function init(config: AuthHeroConfig): {
 						twilio_sid?: string | undefined | undefined;
 						twilio_token?: string | undefined | undefined;
 						icon_url?: string | undefined | undefined;
+						domain_aliases?: string[] | undefined | undefined;
+						callback_url?: string | undefined | undefined;
 						passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined | undefined;
 						password_complexity_options?: {
 							min_length?: number | undefined | undefined;
@@ -63991,7 +64179,7 @@ export declare function init(config: AuthHeroConfig): {
 					addons?: {
 						[x: string]: any;
 					} | undefined;
-					token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined | undefined;
+					token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined | undefined;
 					client_metadata?: {
 						[x: string]: string;
 					} | undefined;
@@ -64086,7 +64274,7 @@ export declare function init(config: AuthHeroConfig): {
 						addons?: {
 							[x: string]: any;
 						} | undefined;
-						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined | undefined;
+						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined | undefined;
 						client_metadata?: {
 							[x: string]: string;
 						} | undefined;
@@ -64196,7 +64384,7 @@ export declare function init(config: AuthHeroConfig): {
 					addons?: {
 						[x: string]: any;
 					} | undefined;
-					token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined | undefined;
+					token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined | undefined;
 					client_metadata?: {
 						[x: string]: string;
 					} | undefined;
@@ -64296,7 +64484,7 @@ export declare function init(config: AuthHeroConfig): {
 						custom_login_page_preview?: string | undefined;
 						form_template?: string | undefined;
 						addons?: Record<string, any> | undefined;
-						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 						client_metadata?: Record<string, string> | undefined;
 						mobile?: Record<string, any> | undefined;
 						initiate_login_uri?: string | undefined;
@@ -64384,7 +64572,7 @@ export declare function init(config: AuthHeroConfig): {
 					addons?: {
 						[x: string]: any;
 					} | undefined;
-					token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined | undefined;
+					token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined | undefined;
 					client_metadata?: {
 						[x: string]: string;
 					} | undefined;
@@ -64463,7 +64651,7 @@ export declare function init(config: AuthHeroConfig): {
 						custom_login_page_preview?: string | undefined;
 						form_template?: string | undefined;
 						addons?: Record<string, any> | undefined;
-						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 						client_metadata?: Record<string, string> | undefined;
 						mobile?: Record<string, any> | undefined;
 						initiate_login_uri?: string | undefined;
@@ -64542,7 +64730,7 @@ export declare function init(config: AuthHeroConfig): {
 					addons?: {
 						[x: string]: any;
 					} | undefined;
-					token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+					token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 					client_metadata?: {
 						[x: string]: string;
 					} | undefined;
@@ -64633,6 +64821,8 @@ export declare function init(config: AuthHeroConfig): {
 								twilio_sid?: string | undefined | undefined;
 								twilio_token?: string | undefined | undefined;
 								icon_url?: string | undefined | undefined;
+								domain_aliases?: string[] | undefined | undefined;
+								callback_url?: string | undefined | undefined;
 								passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined | undefined;
 								password_complexity_options?: {
 									min_length?: number | undefined | undefined;
@@ -64777,6 +64967,8 @@ export declare function init(config: AuthHeroConfig): {
 								twilio_sid?: string | undefined | undefined;
 								twilio_token?: string | undefined | undefined;
 								icon_url?: string | undefined | undefined;
+								domain_aliases?: string[] | undefined | undefined;
+								callback_url?: string | undefined | undefined;
 								passwordPolicy?: "none" | "low" | "fair" | "good" | "excellent" | undefined | undefined;
 								password_complexity_options?: {
 									min_length?: number | undefined | undefined;
@@ -66073,6 +66265,23 @@ export declare function init(config: AuthHeroConfig): {
 	} & {
 		"/": {
 			$post: {
+				input: {
+					header: {
+						"tenant-id"?: string | undefined;
+					};
+				} & {
+					json: {
+						name: string;
+						credentials: Record<string, unknown>;
+						settings?: {} | undefined;
+						enabled?: boolean | undefined;
+						default_from_address?: string | undefined;
+					};
+				};
+				output: {};
+				outputFormat: string;
+				status: 409;
+			} | {
 				input: {
 					header: {
 						"tenant-id"?: string | undefined;
@@ -66128,6 +66337,28 @@ export declare function init(config: AuthHeroConfig): {
 				status: 200;
 			};
 		};
+	} & {
+		"/": {
+			$delete: {
+				input: {
+					header: {
+						"tenant-id"?: string | undefined;
+					};
+				};
+				output: {};
+				outputFormat: string;
+				status: 204;
+			} | {
+				input: {
+					header: {
+						"tenant-id"?: string | undefined;
+					};
+				};
+				output: {};
+				outputFormat: string;
+				status: 404;
+			};
+		};
 	}, "/emails/provider"> & import("hono/types").MergeSchemaPath<{
 		"/": {
 			$get: {
@@ -66152,6 +66383,23 @@ export declare function init(config: AuthHeroConfig): {
 	} & {
 		"/": {
 			$post: {
+				input: {
+					header: {
+						"tenant-id"?: string | undefined;
+					};
+				} & {
+					json: {
+						name: string;
+						credentials: Record<string, unknown>;
+						settings?: {} | undefined;
+						enabled?: boolean | undefined;
+						default_from_address?: string | undefined;
+					};
+				};
+				output: {};
+				outputFormat: string;
+				status: 409;
+			} | {
 				input: {
 					header: {
 						"tenant-id"?: string | undefined;
@@ -66207,6 +66455,28 @@ export declare function init(config: AuthHeroConfig): {
 				status: 200;
 			};
 		};
+	} & {
+		"/": {
+			$delete: {
+				input: {
+					header: {
+						"tenant-id"?: string | undefined;
+					};
+				};
+				output: {};
+				outputFormat: string;
+				status: 204;
+			} | {
+				input: {
+					header: {
+						"tenant-id"?: string | undefined;
+					};
+				};
+				output: {};
+				outputFormat: string;
+				status: 404;
+			};
+		};
 	}, "/email/providers"> & import("hono/types").MergeSchemaPath<{
 		"/": {
 			$get: {
@@ -67452,6 +67722,118 @@ export declare function init(config: AuthHeroConfig): {
 				status: 500;
 			};
 		};
+	}, "/login/callback"> & import("hono/types").MergeSchemaPath<{
+		"/": {
+			$get: {
+				input: {
+					query: {
+						state: string;
+						code?: string | undefined;
+						scope?: string | undefined;
+						error?: string | undefined;
+						error_description?: string | undefined;
+						error_code?: string | undefined;
+						hd?: string | undefined;
+						error_reason?: string | undefined;
+					};
+				};
+				output: {};
+				outputFormat: string;
+				status: 302;
+			} | {
+				input: {
+					query: {
+						state: string;
+						code?: string | undefined;
+						scope?: string | undefined;
+						error?: string | undefined;
+						error_description?: string | undefined;
+						error_code?: string | undefined;
+						hd?: string | undefined;
+						error_reason?: string | undefined;
+					};
+				};
+				output: {
+					message: string;
+				};
+				outputFormat: "json";
+				status: 400;
+			} | {
+				input: {
+					query: {
+						state: string;
+						code?: string | undefined;
+						scope?: string | undefined;
+						error?: string | undefined;
+						error_description?: string | undefined;
+						error_code?: string | undefined;
+						hd?: string | undefined;
+						error_reason?: string | undefined;
+					};
+				};
+				output: {
+					message: string;
+				};
+				outputFormat: "json";
+				status: 500;
+			};
+		};
+	} & {
+		"/": {
+			$post: {
+				input: {
+					form: {
+						state: string;
+						code?: string | undefined;
+						scope?: string | undefined;
+						error?: string | undefined;
+						error_description?: string | undefined;
+						error_code?: string | undefined;
+						hd?: string | undefined;
+						error_reason?: string | undefined;
+					};
+				};
+				output: {};
+				outputFormat: string;
+				status: 302;
+			} | {
+				input: {
+					form: {
+						state: string;
+						code?: string | undefined;
+						scope?: string | undefined;
+						error?: string | undefined;
+						error_description?: string | undefined;
+						error_code?: string | undefined;
+						hd?: string | undefined;
+						error_reason?: string | undefined;
+					};
+				};
+				output: {
+					message: string;
+				};
+				outputFormat: "json";
+				status: 400;
+			} | {
+				input: {
+					form: {
+						state: string;
+						code?: string | undefined;
+						scope?: string | undefined;
+						error?: string | undefined;
+						error_description?: string | undefined;
+						error_code?: string | undefined;
+						hd?: string | undefined;
+						error_reason?: string | undefined;
+					};
+				};
+				output: {
+					message: string;
+				};
+				outputFormat: "json";
+				status: 500;
+			};
+		};
 	}, "/callback"> & import("hono/types").MergeSchemaPath<{
 		"/": {
 			$get: {
@@ -67507,18 +67889,18 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						logo_uri?: string | undefined;
 						grant_types?: string[] | undefined;
-						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 						scope?: string | undefined;
 						audience?: string | undefined;
 						client_name?: string | undefined;
 						jwks_uri?: string | undefined;
+						jwks?: Record<string, unknown> | undefined;
 						redirect_uris?: string[] | undefined;
 						client_uri?: string | undefined;
 						tos_uri?: string | undefined;
 						policy_uri?: string | undefined;
 						contacts?: string[] | undefined;
 						response_types?: string[] | undefined;
-						jwks?: Record<string, unknown> | undefined;
 						software_id?: string | undefined;
 						software_version?: string | undefined;
 					};
@@ -67596,18 +67978,18 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						logo_uri?: string | undefined;
 						grant_types?: string[] | undefined;
-						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | undefined;
+						token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
 						scope?: string | undefined;
 						audience?: string | undefined;
 						client_name?: string | undefined;
 						jwks_uri?: string | undefined;
+						jwks?: Record<string, unknown> | undefined;
 						redirect_uris?: string[] | undefined;
 						client_uri?: string | undefined;
 						tos_uri?: string | undefined;
 						policy_uri?: string | undefined;
 						contacts?: string[] | undefined;
 						response_types?: string[] | undefined;
-						jwks?: Record<string, unknown> | undefined;
 						software_id?: string | undefined;
 						software_version?: string | undefined;
 					};
@@ -67710,6 +68092,7 @@ export declare function init(config: AuthHeroConfig): {
 						acr_values?: string | undefined;
 						vendor_id?: string | undefined;
 						login_hint?: string | undefined;
+						request_uri?: string | undefined;
 					};
 				};
 				output: Response;
@@ -67742,6 +68125,7 @@ export declare function init(config: AuthHeroConfig): {
 						acr_values?: string | undefined;
 						vendor_id?: string | undefined;
 						login_hint?: string | undefined;
+						request_uri?: string | undefined;
 					};
 				};
 				output: {};
@@ -67774,6 +68158,7 @@ export declare function init(config: AuthHeroConfig): {
 						acr_values?: string | undefined;
 						vendor_id?: string | undefined;
 						login_hint?: string | undefined;
+						request_uri?: string | undefined;
 					};
 				};
 				output: string | {
@@ -67814,6 +68199,7 @@ export declare function init(config: AuthHeroConfig): {
 						acr_values?: string | undefined;
 						vendor_id?: string | undefined;
 						login_hint?: string | undefined;
+						request_uri?: string | undefined;
 					};
 				};
 				output: {
@@ -67848,6 +68234,7 @@ export declare function init(config: AuthHeroConfig): {
 						acr_values?: string | undefined;
 						vendor_id?: string | undefined;
 						login_hint?: string | undefined;
+						request_uri?: string | undefined;
 					};
 				};
 				output: {
@@ -68166,6 +68553,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68174,6 +68563,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68181,6 +68572,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68196,6 +68589,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68204,6 +68599,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68211,6 +68608,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68231,6 +68630,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68239,6 +68640,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68246,6 +68649,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68261,6 +68666,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68269,6 +68676,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68276,6 +68685,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68304,6 +68715,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68312,6 +68725,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68319,6 +68734,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68334,6 +68751,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68342,6 +68761,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68349,6 +68770,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68372,6 +68795,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68380,6 +68805,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68387,6 +68814,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68402,6 +68831,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68410,6 +68841,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68417,6 +68850,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68440,6 +68875,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68448,6 +68885,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68455,6 +68894,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68470,6 +68911,8 @@ export declare function init(config: AuthHeroConfig): {
 						scope?: string | undefined;
 						audience?: string | undefined;
 						organization?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						code: string;
 						grant_type: "authorization_code";
@@ -68478,6 +68921,8 @@ export declare function init(config: AuthHeroConfig): {
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
 						code_verifier?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						refresh_token: string;
 						grant_type: "refresh_token";
@@ -68485,6 +68930,8 @@ export declare function init(config: AuthHeroConfig): {
 						client_secret?: string | undefined;
 						organization?: string | undefined;
 						redirect_uri?: string | undefined;
+						client_assertion?: string | undefined;
+						client_assertion_type?: string | undefined;
 					} | {
 						client_id: string;
 						grant_type: "http://auth0.com/oauth/grant-type/passwordless/otp";
@@ -68509,12 +68956,15 @@ export declare function init(config: AuthHeroConfig): {
 					keys: {
 						kid: string;
 						alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
-						e: string;
 						kty: "RSA" | "EC" | "oct";
-						n: string;
+						x?: string | undefined | undefined;
+						y?: string | undefined | undefined;
+						use?: "sig" | "enc" | undefined | undefined;
+						n?: string | undefined | undefined;
+						e?: string | undefined | undefined;
+						crv?: string | undefined | undefined;
 						x5t?: string | undefined | undefined;
 						x5c?: string[] | undefined | undefined;
-						use?: "sig" | "enc" | undefined | undefined;
 					}[];
 				};
 				outputFormat: "json";
@@ -68548,6 +68998,7 @@ export declare function init(config: AuthHeroConfig): {
 					registration_endpoint?: string | undefined | undefined;
 					end_session_endpoint?: string | undefined | undefined;
 					grant_types_supported?: string[] | undefined | undefined;
+					request_object_signing_alg_values_supported?: string[] | undefined | undefined;
 				};
 				outputFormat: "json";
 				status: 200;