npm - authhero - Versions diffs - 5.19.0 → 5.21.0 - Mend

authhero 5.19.0 → 5.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (53) hide show

package/dist/assets/u/widget/index.esm.js +1 -1
package/dist/authhero.cjs +2701 -107
package/dist/authhero.d.ts +310 -77
package/dist/authhero.mjs +7366 -7036
package/dist/stats.html +1 -1
package/dist/tsconfig.types.tsbuildinfo +1 -1
package/dist/types/authentication-flows/common.d.ts +8 -0
package/dist/types/authentication-flows/passwordless.d.ts +12 -3
package/dist/types/authentication-flows/token-exchange.d.ts +19 -0
package/dist/types/emails/defaults/BlockedAccount.d.ts +1 -0
package/dist/types/emails/defaults/ChangePassword.d.ts +6 -0
package/dist/types/emails/defaults/EnrollmentEmail.d.ts +1 -0
package/dist/types/emails/defaults/MfaOobCode.d.ts +1 -0
package/dist/types/emails/defaults/PasswordReset.d.ts +5 -0
package/dist/types/emails/defaults/StolenCredentials.d.ts +1 -0
package/dist/types/emails/index.d.ts +21 -1
package/dist/types/helpers/client.d.ts +20 -0
package/dist/types/helpers/dcr/metadata-mapping.d.ts +2 -2
package/dist/types/helpers/scopes-permissions.d.ts +1 -1
package/dist/types/index.d.ts +243 -74
package/dist/types/provisioning/index.d.ts +2 -0
package/dist/types/provisioning/noop-provisioner.d.ts +11 -0
package/dist/types/provisioning/provisioner.d.ts +25 -0
package/dist/types/routes/auth-api/index.d.ts +129 -19
package/dist/types/routes/auth-api/passwordless.d.ts +10 -10
package/dist/types/routes/auth-api/register/index.d.ts +2 -2
package/dist/types/routes/auth-api/revoke.d.ts +6 -6
package/dist/types/routes/auth-api/token.d.ts +110 -0
package/dist/types/routes/auth-api/well-known.d.ts +1 -1
package/dist/types/routes/management-api/action-executions.d.ts +1 -1
package/dist/types/routes/management-api/actions.d.ts +1 -1
package/dist/types/routes/management-api/authentication-methods.d.ts +1 -1
package/dist/types/routes/management-api/client-grants.d.ts +8 -8
package/dist/types/routes/management-api/clients.d.ts +7 -7
package/dist/types/routes/management-api/custom-domains.d.ts +7 -7
package/dist/types/routes/management-api/email-templates.d.ts +58 -1
package/dist/types/routes/management-api/failed-events.d.ts +1 -1
package/dist/types/routes/management-api/guardian.d.ts +5 -5
package/dist/types/routes/management-api/hook-code.d.ts +2 -2
package/dist/types/routes/management-api/index.d.ts +106 -49
package/dist/types/routes/management-api/logs.d.ts +3 -3
package/dist/types/routes/management-api/migration-sources.d.ts +6 -6
package/dist/types/routes/management-api/prompts.d.ts +4 -4
package/dist/types/routes/management-api/tenants.d.ts +27 -0
package/dist/types/routes/management-api/users.d.ts +2 -2
package/dist/types/routes/universal-login/common.d.ts +38 -2
package/dist/types/routes/universal-login/u2-index.d.ts +6 -6
package/dist/types/routes/universal-login/u2-routes.d.ts +6 -6
package/dist/types/types/AuthHeroConfig.d.ts +12 -0
package/dist/types/types/GrantFlowResult.d.ts +8 -0
package/dist/types/utils/jwks.d.ts +2 -2
package/dist/types/utils/jwt.d.ts +4 -0
package/package.json +5 -5

package/dist/types/routes/management-api/logs.d.ts CHANGED Viewed

@@ -24,7 +24,7 @@ export declare const logRoutes: OpenAPIHono<{
                 };
             };
             output: {
-                type: "fc" | "fd" | "fn" | "i" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
+                type: "fn" | "i" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "sapi" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
                 date: string;
                 isMobile: boolean;
                 log_id: string;
@@ -63,7 +63,7 @@ export declare const logRoutes: OpenAPIHono<{
                 limit: number;
                 length: number;
                 logs: {
-                    type: "fc" | "fd" | "fn" | "i" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
+                    type: "fn" | "i" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "sapi" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
                     date: string;
                     isMobile: boolean;
                     log_id: string;
@@ -117,7 +117,7 @@ export declare const logRoutes: OpenAPIHono<{
                 };
             };
             output: {
-                type: "fc" | "fd" | "fn" | "i" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
+                type: "fn" | "i" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "sapi" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
                 date: string;
                 isMobile: boolean;
                 log_id: string;

package/dist/types/routes/management-api/migration-sources.d.ts CHANGED Viewed

@@ -15,7 +15,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
                 created_at: string;
                 updated_at: string;
                 name: string;
-                provider: "auth0" | "oidc" | "cognito" | "okta";
+                provider: "auth0" | "cognito" | "okta" | "oidc";
                 connection: string;
                 enabled: boolean;
                 credentials: {
@@ -47,7 +47,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
                 created_at: string;
                 updated_at: string;
                 name: string;
-                provider: "auth0" | "oidc" | "cognito" | "okta";
+                provider: "auth0" | "cognito" | "okta" | "oidc";
                 connection: string;
                 enabled: boolean;
                 credentials: {
@@ -73,7 +73,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
             } & {
                 json: {
                     name: string;
-                    provider: "auth0" | "oidc" | "cognito" | "okta";
+                    provider: "auth0" | "cognito" | "okta" | "oidc";
                     connection: string;
                     credentials: {
                         domain: string;
@@ -90,7 +90,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
                 created_at: string;
                 updated_at: string;
                 name: string;
-                provider: "auth0" | "oidc" | "cognito" | "okta";
+                provider: "auth0" | "cognito" | "okta" | "oidc";
                 connection: string;
                 enabled: boolean;
                 credentials: {
@@ -121,7 +121,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
                 json: {
                     id?: string | undefined;
                     name?: string | undefined;
-                    provider?: "auth0" | "oidc" | "cognito" | "okta" | undefined;
+                    provider?: "auth0" | "cognito" | "okta" | "oidc" | undefined;
                     connection?: string | undefined;
                     enabled?: boolean | undefined;
                     credentials?: {
@@ -137,7 +137,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
                 created_at: string;
                 updated_at: string;
                 name: string;
-                provider: "auth0" | "oidc" | "cognito" | "okta";
+                provider: "auth0" | "cognito" | "okta" | "oidc";
                 connection: string;
                 enabled: boolean;
                 credentials: {

package/dist/types/routes/management-api/prompts.d.ts CHANGED Viewed

@@ -50,7 +50,7 @@ export declare const promptsRoutes: OpenAPIHono<{
                 };
             };
             output: {
-                prompt: "status" | "mfa" | "organizations" | "signup" | "common" | "consent" | "device-flow" | "email-otp-challenge" | "email-verification" | "invitation" | "login" | "login-id" | "login-password" | "login-passwordless" | "mfa-email" | "mfa-otp" | "mfa-phone" | "mfa-login-options" | "mfa-push" | "mfa-recovery-code" | "mfa-voice" | "mfa-webauthn" | "passkeys" | "reset-password" | "signup-id" | "signup-password" | "captcha" | "custom-form";
+                prompt: "mfa" | "organizations" | "signup" | "status" | "login" | "login-id" | "login-password" | "signup-id" | "signup-password" | "reset-password" | "consent" | "mfa-push" | "mfa-otp" | "mfa-voice" | "mfa-phone" | "mfa-webauthn" | "mfa-email" | "mfa-recovery-code" | "device-flow" | "email-verification" | "email-otp-challenge" | "invitation" | "common" | "passkeys" | "captcha" | "custom-form" | "login-passwordless" | "mfa-login-options";
                 language: string;
             }[];
             outputFormat: "json";
@@ -88,7 +88,7 @@ export declare const promptsRoutes: OpenAPIHono<{
         $get: {
             input: {
                 param: {
-                    prompt: "status" | "mfa" | "organizations" | "signup" | "common" | "consent" | "device-flow" | "email-otp-challenge" | "email-verification" | "invitation" | "login" | "login-id" | "login-password" | "login-passwordless" | "mfa-email" | "mfa-otp" | "mfa-phone" | "mfa-login-options" | "mfa-push" | "mfa-recovery-code" | "mfa-voice" | "mfa-webauthn" | "passkeys" | "reset-password" | "signup-id" | "signup-password" | "captcha" | "custom-form";
+                    prompt: "mfa" | "organizations" | "signup" | "status" | "login" | "login-id" | "login-password" | "signup-id" | "signup-password" | "reset-password" | "consent" | "mfa-push" | "mfa-otp" | "mfa-voice" | "mfa-phone" | "mfa-webauthn" | "mfa-email" | "mfa-recovery-code" | "device-flow" | "email-verification" | "email-otp-challenge" | "invitation" | "common" | "passkeys" | "captcha" | "custom-form" | "login-passwordless" | "mfa-login-options";
                     language: string;
                 };
             } & {
@@ -110,7 +110,7 @@ export declare const promptsRoutes: OpenAPIHono<{
         $put: {
             input: {
                 param: {
-                    prompt: "status" | "mfa" | "organizations" | "signup" | "common" | "consent" | "device-flow" | "email-otp-challenge" | "email-verification" | "invitation" | "login" | "login-id" | "login-password" | "login-passwordless" | "mfa-email" | "mfa-otp" | "mfa-phone" | "mfa-login-options" | "mfa-push" | "mfa-recovery-code" | "mfa-voice" | "mfa-webauthn" | "passkeys" | "reset-password" | "signup-id" | "signup-password" | "captcha" | "custom-form";
+                    prompt: "mfa" | "organizations" | "signup" | "status" | "login" | "login-id" | "login-password" | "signup-id" | "signup-password" | "reset-password" | "consent" | "mfa-push" | "mfa-otp" | "mfa-voice" | "mfa-phone" | "mfa-webauthn" | "mfa-email" | "mfa-recovery-code" | "device-flow" | "email-verification" | "email-otp-challenge" | "invitation" | "common" | "passkeys" | "captcha" | "custom-form" | "login-passwordless" | "mfa-login-options";
                     language: string;
                 };
             } & {
@@ -134,7 +134,7 @@ export declare const promptsRoutes: OpenAPIHono<{
         $delete: {
             input: {
                 param: {
-                    prompt: "status" | "mfa" | "organizations" | "signup" | "common" | "consent" | "device-flow" | "email-otp-challenge" | "email-verification" | "invitation" | "login" | "login-id" | "login-password" | "login-passwordless" | "mfa-email" | "mfa-otp" | "mfa-phone" | "mfa-login-options" | "mfa-push" | "mfa-recovery-code" | "mfa-voice" | "mfa-webauthn" | "passkeys" | "reset-password" | "signup-id" | "signup-password" | "captcha" | "custom-form";
+                    prompt: "mfa" | "organizations" | "signup" | "status" | "login" | "login-id" | "login-password" | "signup-id" | "signup-password" | "reset-password" | "consent" | "mfa-push" | "mfa-otp" | "mfa-voice" | "mfa-phone" | "mfa-webauthn" | "mfa-email" | "mfa-recovery-code" | "device-flow" | "email-verification" | "email-otp-challenge" | "invitation" | "common" | "passkeys" | "captcha" | "custom-form" | "login-passwordless" | "mfa-login-options";
                     language: string;
                 };
             } & {

package/dist/types/routes/management-api/tenants.d.ts CHANGED Viewed

@@ -122,6 +122,15 @@ export declare const tenantRoutes: OpenAPIHono<{
                 } | null | undefined;
                 pushed_authorization_requests_supported?: boolean | undefined;
                 authorization_response_iss_parameter_supported?: boolean | undefined;
+                deployment_type?: "shared" | "wfp" | undefined;
+                provisioning_state?: "pending" | "ready" | "failed" | undefined;
+                provisioning_error?: string | undefined;
+                provisioning_state_changed_at?: string | undefined;
+                bundle_configuration?: string | undefined;
+                worker_version?: string | undefined;
+                worker_script_name?: string | undefined;
+                storage_kind?: "own_d1" | "existing_d1" | "shared_planetscale" | undefined;
+                d1_database_id?: string | undefined;
                 attack_protection?: {
                     breached_password_detection?: {
                         enabled?: boolean | undefined;
@@ -304,6 +313,15 @@ export declare const tenantRoutes: OpenAPIHono<{
                     } | null | undefined;
                     pushed_authorization_requests_supported?: boolean | undefined;
                     authorization_response_iss_parameter_supported?: boolean | undefined;
+                    deployment_type?: "shared" | "wfp" | undefined;
+                    provisioning_state?: "pending" | "ready" | "failed" | undefined;
+                    provisioning_error?: string | undefined;
+                    provisioning_state_changed_at?: string | undefined;
+                    bundle_configuration?: string | undefined;
+                    worker_version?: string | undefined;
+                    worker_script_name?: string | undefined;
+                    storage_kind?: "own_d1" | "existing_d1" | "shared_planetscale" | undefined;
+                    d1_database_id?: string | undefined;
                     attack_protection?: {
                         breached_password_detection?: {
                             enabled?: boolean | undefined;
@@ -480,6 +498,15 @@ export declare const tenantRoutes: OpenAPIHono<{
                 } | null | undefined;
                 pushed_authorization_requests_supported?: boolean | undefined;
                 authorization_response_iss_parameter_supported?: boolean | undefined;
+                deployment_type?: "shared" | "wfp" | undefined;
+                provisioning_state?: "pending" | "ready" | "failed" | undefined;
+                provisioning_error?: string | undefined;
+                provisioning_state_changed_at?: string | undefined;
+                bundle_configuration?: string | undefined;
+                worker_version?: string | undefined;
+                worker_script_name?: string | undefined;
+                storage_kind?: "own_d1" | "existing_d1" | "shared_planetscale" | undefined;
+                d1_database_id?: string | undefined;
                 attack_protection?: {
                     breached_password_detection?: {
                         enabled?: boolean | undefined;

package/dist/types/routes/management-api/users.d.ts CHANGED Viewed

@@ -737,7 +737,7 @@ export declare const userRoutes: OpenAPIHono<{
                 };
             };
             output: {
-                type: "fc" | "fd" | "fn" | "i" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
+                type: "fn" | "i" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "sapi" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
                 date: string;
                 isMobile: boolean;
                 log_id: string;
@@ -776,7 +776,7 @@ export declare const userRoutes: OpenAPIHono<{
                 limit: number;
                 length: number;
                 logs: {
-                    type: "fc" | "fd" | "fn" | "i" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
+                    type: "fn" | "i" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "sapi" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
                     date: string;
                     isMobile: boolean;
                     log_id: string;

package/dist/types/routes/universal-login/common.d.ts CHANGED Viewed

@@ -223,6 +223,15 @@ export declare function initJSXRoute(ctx: Context<{
             } | null | undefined;
             pushed_authorization_requests_supported?: boolean | undefined;
             authorization_response_iss_parameter_supported?: boolean | undefined;
+            deployment_type?: "shared" | "wfp" | undefined;
+            provisioning_state?: "pending" | "ready" | "failed" | undefined;
+            provisioning_error?: string | undefined;
+            provisioning_state_changed_at?: string | undefined;
+            bundle_configuration?: string | undefined;
+            worker_version?: string | undefined;
+            worker_script_name?: string | undefined;
+            storage_kind?: "own_d1" | "existing_d1" | "shared_planetscale" | undefined;
+            d1_database_id?: string | undefined;
             attack_protection?: {
                 breached_password_detection?: {
                     enabled?: boolean | undefined;
@@ -438,7 +447,7 @@ export declare function initJSXRoute(ctx: Context<{
         custom_login_page_preview?: string | undefined;
         form_template?: string | undefined;
         addons?: Record<string, any> | undefined;
-        token_endpoint_auth_method?: "none" | "private_key_jwt" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | undefined;
+        token_endpoint_auth_method?: "client_secret_post" | "client_secret_basic" | "none" | "client_secret_jwt" | "private_key_jwt" | undefined;
         client_metadata?: Record<string, string> | undefined;
         hide_sign_up_disabled_error?: boolean | undefined;
         mobile?: Record<string, any> | undefined;
@@ -573,6 +582,15 @@ export declare function initJSXRoute(ctx: Context<{
         } | null | undefined;
         pushed_authorization_requests_supported?: boolean | undefined;
         authorization_response_iss_parameter_supported?: boolean | undefined;
+        deployment_type?: "shared" | "wfp" | undefined;
+        provisioning_state?: "pending" | "ready" | "failed" | undefined;
+        provisioning_error?: string | undefined;
+        provisioning_state_changed_at?: string | undefined;
+        bundle_configuration?: string | undefined;
+        worker_version?: string | undefined;
+        worker_script_name?: string | undefined;
+        storage_kind?: "own_d1" | "existing_d1" | "shared_planetscale" | undefined;
+        d1_database_id?: string | undefined;
         attack_protection?: {
             breached_password_detection?: {
                 enabled?: boolean | undefined;
@@ -924,6 +942,15 @@ export declare function initJSXRouteWithSession(ctx: Context<{
             } | null | undefined;
             pushed_authorization_requests_supported?: boolean | undefined;
             authorization_response_iss_parameter_supported?: boolean | undefined;
+            deployment_type?: "shared" | "wfp" | undefined;
+            provisioning_state?: "pending" | "ready" | "failed" | undefined;
+            provisioning_error?: string | undefined;
+            provisioning_state_changed_at?: string | undefined;
+            bundle_configuration?: string | undefined;
+            worker_version?: string | undefined;
+            worker_script_name?: string | undefined;
+            storage_kind?: "own_d1" | "existing_d1" | "shared_planetscale" | undefined;
+            d1_database_id?: string | undefined;
             attack_protection?: {
                 breached_password_detection?: {
                     enabled?: boolean | undefined;
@@ -1139,7 +1166,7 @@ export declare function initJSXRouteWithSession(ctx: Context<{
         custom_login_page_preview?: string | undefined;
         form_template?: string | undefined;
         addons?: Record<string, any> | undefined;
-        token_endpoint_auth_method?: "none" | "private_key_jwt" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | undefined;
+        token_endpoint_auth_method?: "client_secret_post" | "client_secret_basic" | "none" | "client_secret_jwt" | "private_key_jwt" | undefined;
         client_metadata?: Record<string, string> | undefined;
         hide_sign_up_disabled_error?: boolean | undefined;
         mobile?: Record<string, any> | undefined;
@@ -1342,6 +1369,15 @@ export declare function initJSXRouteWithSession(ctx: Context<{
         } | null | undefined;
         pushed_authorization_requests_supported?: boolean | undefined;
         authorization_response_iss_parameter_supported?: boolean | undefined;
+        deployment_type?: "shared" | "wfp" | undefined;
+        provisioning_state?: "pending" | "ready" | "failed" | undefined;
+        provisioning_error?: string | undefined;
+        provisioning_state_changed_at?: string | undefined;
+        bundle_configuration?: string | undefined;
+        worker_version?: string | undefined;
+        worker_script_name?: string | undefined;
+        storage_kind?: "own_d1" | "existing_d1" | "shared_planetscale" | undefined;
+        d1_database_id?: string | undefined;
         attack_protection?: {
             breached_password_detection?: {
                 enabled?: boolean | undefined;

package/dist/types/routes/universal-login/u2-index.d.ts CHANGED Viewed

@@ -165,7 +165,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
         $get: {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -181,7 +181,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
         } | {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -197,7 +197,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
         } | {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -217,7 +217,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
         $post: {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "enter-password" | "impersonate" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -235,7 +235,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
         } | {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "enter-password" | "impersonate" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -253,7 +253,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
         } | {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "enter-password" | "impersonate" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {

package/dist/types/routes/universal-login/u2-routes.d.ts CHANGED Viewed

@@ -170,7 +170,7 @@ export declare const u2Routes: OpenAPIHono<{
         $get: {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -186,7 +186,7 @@ export declare const u2Routes: OpenAPIHono<{
         } | {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -202,7 +202,7 @@ export declare const u2Routes: OpenAPIHono<{
         } | {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -222,7 +222,7 @@ export declare const u2Routes: OpenAPIHono<{
         $post: {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "enter-password" | "impersonate" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -240,7 +240,7 @@ export declare const u2Routes: OpenAPIHono<{
         } | {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "enter-password" | "impersonate" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {
@@ -258,7 +258,7 @@ export declare const u2Routes: OpenAPIHono<{
         } | {
             input: {
                 param: {
-                    screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
+                    screen: "signup" | "login" | "reset-password" | "consent" | "enter-password" | "impersonate" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "reset-password/code" | "reset-password/request" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
                 };
             } & {
                 query: {

package/dist/types/types/AuthHeroConfig.d.ts CHANGED Viewed

@@ -5,6 +5,7 @@ import type { OpenAPIHono } from "@hono/zod-openapi";
 import type { Handler } from "hono";
 import type { ManagementAudienceResolver } from "../middlewares/authentication";
 import { EntityHooks } from "./Hooks";
+import type { TenantProvisioner } from "../provisioning";
 /**
  * Parameters passed to a custom webhook invoker function.
  */
@@ -317,6 +318,17 @@ export interface AuthHeroConfig {
         /** Per-request timeout for the sync POST (default: 10_000ms). */
         timeoutMs?: number;
     };
+    /**
+     * Optional tenant provisioner. Drives a tenant from
+     * `provisioning_state: "pending"` to `"ready"` or `"failed"` whenever a
+     * tenant is created or re-provisioned via the management API. For shared
+     * tenants this is effectively a no-op; for `wfp` tenants the provisioner
+     * uploads the worker to a Cloudflare dispatch namespace, creates any
+     * per-tenant D1, and wires bindings. When omitted, `NoopTenantProvisioner`
+     * is used — adequate for single-deployment installs where every tenant is
+     * `shared`.
+     */
+    provisioner?: TenantProvisioner;
     /**
      * Optional powered-by logo to display at the bottom left of the login widget.
      * This is only configurable in code, not stored in the database.

package/dist/types/types/GrantFlowResult.d.ts CHANGED Viewed

@@ -13,6 +13,14 @@ export interface GrantFlowResult {
         name: string;
     };
     impersonatingUser?: User;
+    /**
+     * RFC 8693 §4.1 — client acting on behalf of the user via a delegated flow
+     * (e.g. token-exchange). Carries through to the access token's `act` claim
+     * as `{ sub: client_id, client_id }`.
+     */
+    actClient?: {
+        client_id: string;
+    };
     auth_time?: number;
     /** The connection name used for authentication (e.g., "email", "google-oauth2") */
     authConnection?: string;

package/dist/types/utils/jwks.d.ts CHANGED Viewed

@@ -9,8 +9,8 @@ import { SigningKeyModeOption } from "../types/AuthHeroConfig";
  */
 export declare function getJwksFromDatabase(data: DataAdapters): Promise<{
     alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
-    kid: string;
     kty: "EC" | "RSA" | "oct";
+    kid?: string | undefined;
     use?: "sig" | "enc" | undefined;
     n?: string | undefined;
     e?: string | undefined;
@@ -28,8 +28,8 @@ export declare function getJwksFromDatabase(data: DataAdapters): Promise<{
  */
 export declare function getJwksForPublication(data: DataAdapters, tenantId: string, modeOption: SigningKeyModeOption | undefined): Promise<{
     alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
-    kid: string;
     kty: "EC" | "RSA" | "oct";
+    kid?: string | undefined;
     use?: "sig" | "enc" | undefined;
     n?: string | undefined;
     e?: string | undefined;

package/dist/types/utils/jwt.d.ts CHANGED Viewed

@@ -11,5 +11,9 @@ export interface JwtPayload {
     tenant_id?: string;
     org_id?: string;
     org_name?: string;
+    act?: {
+        sub: string;
+        client_id?: string;
+    };
 }
 export declare function validateJwtToken(ctx: Context, token: string): Promise<JwtPayload>;