authhero 8.7.0 → 8.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/assets/u/js/client.js +5 -5
- package/dist/assets/u/widget/authhero-widget.esm.js +1 -1
- package/dist/assets/u/widget/index.esm.js +1 -1
- package/dist/assets/u/widget/p-52a70476.entry.js +1 -0
- package/dist/assets/u/widget/p-f6babd26.entry.js +1 -0
- package/dist/authhero.cjs +143 -132
- package/dist/authhero.d.ts +250 -100
- package/dist/authhero.mjs +13715 -13492
- package/dist/client.js +5 -5
- package/dist/stats.html +1 -1
- package/dist/tsconfig.types.tsbuildinfo +1 -1
- package/dist/types/authentication-flows/passwordless.d.ts +3 -3
- package/dist/types/client/client-bundle.d.ts +1 -1
- package/dist/types/index.d.ts +250 -100
- package/dist/types/routes/auth-api/index.d.ts +32 -32
- package/dist/types/routes/auth-api/passwordless.d.ts +14 -14
- package/dist/types/routes/auth-api/register/index.d.ts +2 -2
- package/dist/types/routes/auth-api/revoke.d.ts +6 -6
- package/dist/types/routes/auth-api/token.d.ts +10 -10
- package/dist/types/routes/management-api/authentication-methods.d.ts +1 -1
- package/dist/types/routes/management-api/branding.d.ts +13 -13
- package/dist/types/routes/management-api/clients.d.ts +7 -7
- package/dist/types/routes/management-api/connections.d.ts +1 -1
- package/dist/types/routes/management-api/custom-domains.d.ts +6 -6
- package/dist/types/routes/management-api/email-templates.d.ts +18 -18
- package/dist/types/routes/management-api/failed-events.d.ts +1 -1
- package/dist/types/routes/management-api/forms.d.ts +287 -119
- package/dist/types/routes/management-api/guardian.d.ts +5 -5
- package/dist/types/routes/management-api/index.d.ts +225 -57
- package/dist/types/routes/management-api/logs.d.ts +3 -3
- package/dist/types/routes/management-api/migration-sources.d.ts +6 -6
- package/dist/types/routes/management-api/organizations.d.ts +1 -1
- package/dist/types/routes/management-api/prompts.d.ts +4 -4
- package/dist/types/routes/management-api/users.d.ts +2 -2
- package/dist/types/routes/universal-login/common.d.ts +2 -2
- package/dist/types/routes/universal-login/flow-api.d.ts +8 -8
- package/dist/types/routes/universal-login/index.d.ts +2 -2
- package/dist/types/routes/universal-login/screens/connect-authz.d.ts +41 -0
- package/dist/types/routes/universal-login/u2-index.d.ts +5 -23
- package/dist/types/routes/universal-login/u2-routes.d.ts +5 -23
- package/dist/types/routes/universal-login/u2-widget-page.d.ts +6 -0
- package/dist/types/types/IdToken.d.ts +2 -2
- package/package.json +6 -6
- package/dist/assets/u/widget/p-1fc7fcdb.entry.js +0 -1
- package/dist/assets/u/widget/p-5a319adc.entry.js +0 -1
|
@@ -24,7 +24,7 @@ export declare const logRoutes: OpenAPIHono<{
|
|
|
24
24
|
};
|
|
25
25
|
};
|
|
26
26
|
output: {
|
|
27
|
-
type: "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "
|
|
27
|
+
type: "fn" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "i" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
|
|
28
28
|
date: string;
|
|
29
29
|
isMobile: boolean;
|
|
30
30
|
log_id: string;
|
|
@@ -63,7 +63,7 @@ export declare const logRoutes: OpenAPIHono<{
|
|
|
63
63
|
limit: number;
|
|
64
64
|
length: number;
|
|
65
65
|
logs: {
|
|
66
|
-
type: "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "
|
|
66
|
+
type: "fn" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "i" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
|
|
67
67
|
date: string;
|
|
68
68
|
isMobile: boolean;
|
|
69
69
|
log_id: string;
|
|
@@ -117,7 +117,7 @@ export declare const logRoutes: OpenAPIHono<{
|
|
|
117
117
|
};
|
|
118
118
|
};
|
|
119
119
|
output: {
|
|
120
|
-
type: "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "
|
|
120
|
+
type: "fn" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "i" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
|
|
121
121
|
date: string;
|
|
122
122
|
isMobile: boolean;
|
|
123
123
|
log_id: string;
|
|
@@ -15,7 +15,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
|
|
|
15
15
|
created_at: string;
|
|
16
16
|
updated_at: string;
|
|
17
17
|
name: string;
|
|
18
|
-
provider: "auth0" | "
|
|
18
|
+
provider: "auth0" | "oidc" | "okta" | "cognito";
|
|
19
19
|
connection: string;
|
|
20
20
|
enabled: boolean;
|
|
21
21
|
credentials: {
|
|
@@ -47,7 +47,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
|
|
|
47
47
|
created_at: string;
|
|
48
48
|
updated_at: string;
|
|
49
49
|
name: string;
|
|
50
|
-
provider: "auth0" | "
|
|
50
|
+
provider: "auth0" | "oidc" | "okta" | "cognito";
|
|
51
51
|
connection: string;
|
|
52
52
|
enabled: boolean;
|
|
53
53
|
credentials: {
|
|
@@ -73,7 +73,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
|
|
|
73
73
|
} & {
|
|
74
74
|
json: {
|
|
75
75
|
name: string;
|
|
76
|
-
provider: "auth0" | "
|
|
76
|
+
provider: "auth0" | "oidc" | "okta" | "cognito";
|
|
77
77
|
connection: string;
|
|
78
78
|
credentials: {
|
|
79
79
|
domain: string;
|
|
@@ -90,7 +90,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
|
|
|
90
90
|
created_at: string;
|
|
91
91
|
updated_at: string;
|
|
92
92
|
name: string;
|
|
93
|
-
provider: "auth0" | "
|
|
93
|
+
provider: "auth0" | "oidc" | "okta" | "cognito";
|
|
94
94
|
connection: string;
|
|
95
95
|
enabled: boolean;
|
|
96
96
|
credentials: {
|
|
@@ -121,7 +121,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
|
|
|
121
121
|
json: {
|
|
122
122
|
id?: string | undefined;
|
|
123
123
|
name?: string | undefined;
|
|
124
|
-
provider?: "auth0" | "
|
|
124
|
+
provider?: "auth0" | "oidc" | "okta" | "cognito" | undefined;
|
|
125
125
|
connection?: string | undefined;
|
|
126
126
|
enabled?: boolean | undefined;
|
|
127
127
|
credentials?: {
|
|
@@ -137,7 +137,7 @@ export declare const migrationSourcesRoutes: OpenAPIHono<{
|
|
|
137
137
|
created_at: string;
|
|
138
138
|
updated_at: string;
|
|
139
139
|
name: string;
|
|
140
|
-
provider: "auth0" | "
|
|
140
|
+
provider: "auth0" | "oidc" | "okta" | "cognito";
|
|
141
141
|
connection: string;
|
|
142
142
|
enabled: boolean;
|
|
143
143
|
credentials: {
|
|
@@ -703,9 +703,9 @@ export declare const organizationRoutes: OpenAPIHono<{
|
|
|
703
703
|
email?: string | undefined;
|
|
704
704
|
};
|
|
705
705
|
id?: string | undefined;
|
|
706
|
-
connection_id?: string | undefined;
|
|
707
706
|
app_metadata?: Record<string, any> | undefined;
|
|
708
707
|
user_metadata?: Record<string, any> | undefined;
|
|
708
|
+
connection_id?: string | undefined;
|
|
709
709
|
roles?: string[] | undefined;
|
|
710
710
|
ttl_sec?: number | undefined;
|
|
711
711
|
send_invitation_email?: boolean | undefined;
|
|
@@ -50,7 +50,7 @@ export declare const promptsRoutes: OpenAPIHono<{
|
|
|
50
50
|
};
|
|
51
51
|
};
|
|
52
52
|
output: {
|
|
53
|
-
prompt: "
|
|
53
|
+
prompt: "mfa" | "organizations" | "signup" | "status" | "common" | "consent" | "device-flow" | "email-otp-challenge" | "email-verification" | "invitation" | "login" | "login-id" | "login-password" | "login-passwordless" | "mfa-email" | "mfa-otp" | "mfa-phone" | "mfa-login-options" | "mfa-push" | "mfa-recovery-code" | "mfa-voice" | "mfa-webauthn" | "passkeys" | "reset-password" | "signup-id" | "signup-password" | "captcha" | "custom-form";
|
|
54
54
|
language: string;
|
|
55
55
|
}[];
|
|
56
56
|
outputFormat: "json";
|
|
@@ -88,7 +88,7 @@ export declare const promptsRoutes: OpenAPIHono<{
|
|
|
88
88
|
$get: {
|
|
89
89
|
input: {
|
|
90
90
|
param: {
|
|
91
|
-
prompt: "
|
|
91
|
+
prompt: "mfa" | "organizations" | "signup" | "status" | "common" | "consent" | "device-flow" | "email-otp-challenge" | "email-verification" | "invitation" | "login" | "login-id" | "login-password" | "login-passwordless" | "mfa-email" | "mfa-otp" | "mfa-phone" | "mfa-login-options" | "mfa-push" | "mfa-recovery-code" | "mfa-voice" | "mfa-webauthn" | "passkeys" | "reset-password" | "signup-id" | "signup-password" | "captcha" | "custom-form";
|
|
92
92
|
language: string;
|
|
93
93
|
};
|
|
94
94
|
} & {
|
|
@@ -110,7 +110,7 @@ export declare const promptsRoutes: OpenAPIHono<{
|
|
|
110
110
|
$put: {
|
|
111
111
|
input: {
|
|
112
112
|
param: {
|
|
113
|
-
prompt: "
|
|
113
|
+
prompt: "mfa" | "organizations" | "signup" | "status" | "common" | "consent" | "device-flow" | "email-otp-challenge" | "email-verification" | "invitation" | "login" | "login-id" | "login-password" | "login-passwordless" | "mfa-email" | "mfa-otp" | "mfa-phone" | "mfa-login-options" | "mfa-push" | "mfa-recovery-code" | "mfa-voice" | "mfa-webauthn" | "passkeys" | "reset-password" | "signup-id" | "signup-password" | "captcha" | "custom-form";
|
|
114
114
|
language: string;
|
|
115
115
|
};
|
|
116
116
|
} & {
|
|
@@ -134,7 +134,7 @@ export declare const promptsRoutes: OpenAPIHono<{
|
|
|
134
134
|
$delete: {
|
|
135
135
|
input: {
|
|
136
136
|
param: {
|
|
137
|
-
prompt: "
|
|
137
|
+
prompt: "mfa" | "organizations" | "signup" | "status" | "common" | "consent" | "device-flow" | "email-otp-challenge" | "email-verification" | "invitation" | "login" | "login-id" | "login-password" | "login-passwordless" | "mfa-email" | "mfa-otp" | "mfa-phone" | "mfa-login-options" | "mfa-push" | "mfa-recovery-code" | "mfa-voice" | "mfa-webauthn" | "passkeys" | "reset-password" | "signup-id" | "signup-password" | "captcha" | "custom-form";
|
|
138
138
|
language: string;
|
|
139
139
|
};
|
|
140
140
|
} & {
|
|
@@ -737,7 +737,7 @@ export declare const userRoutes: OpenAPIHono<{
|
|
|
737
737
|
};
|
|
738
738
|
};
|
|
739
739
|
output: {
|
|
740
|
-
type: "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "
|
|
740
|
+
type: "fn" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "i" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
|
|
741
741
|
date: string;
|
|
742
742
|
isMobile: boolean;
|
|
743
743
|
log_id: string;
|
|
@@ -776,7 +776,7 @@ export declare const userRoutes: OpenAPIHono<{
|
|
|
776
776
|
limit: number;
|
|
777
777
|
length: number;
|
|
778
778
|
logs: {
|
|
779
|
-
type: "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "
|
|
779
|
+
type: "fn" | "sapi" | "acls_summary" | "actions_execution_failed" | "api_limit" | "api_limit_warning" | "appi" | "ciba_exchange_failed" | "ciba_exchange_succeeded" | "ciba_start_failed" | "ciba_start_succeeded" | "cls" | "cs" | "depnote" | "f" | "fc" | "fce" | "fco" | "fcoa" | "fcp" | "fcph" | "fcpn" | "fcpr" | "fcpro" | "fcu" | "fd" | "fdeac" | "fdeaz" | "fdecc" | "fdu" | "feacft" | "feccft" | "fecte" | "fede" | "federated_logout_failed" | "fens" | "feoobft" | "feotpft" | "fepft" | "fepotpft" | "fercft" | "ferrt" | "fertft" | "festft" | "fh" | "fimp" | "fi" | "flo" | "flows_execution_completed" | "flows_execution_failed" | "forms_submission_failed" | "forms_submission_succeeded" | "fp" | "fpar" | "fpurh" | "fs" | "fsa" | "fu" | "fui" | "fv" | "fvr" | "gd_auth_email_verification" | "gd_auth_fail_email_verification" | "gd_auth_failed" | "gd_auth_rejected" | "gd_auth_succeed" | "gd_enrollment_complete" | "gd_otp_rate_limit_exceed" | "gd_recovery_failed" | "gd_recovery_rate_limit_exceed" | "gd_recovery_succeed" | "gd_send_email" | "gd_send_email_verification" | "gd_send_email_verification_failure" | "gd_send_pn" | "gd_send_pn_failure" | "gd_send_sms" | "gd_send_sms_failure" | "gd_send_voice" | "gd_send_voice_failure" | "gd_start_auth" | "gd_start_enroll" | "gd_start_enroll_failed" | "gd_tenant_update" | "gd_unenroll" | "gd_update_device_account" | "gd_webauthn_challenge_failed" | "gd_webauthn_enrollment_failed" | "kms_key_management_failure" | "kms_key_management_success" | "kms_key_state_changed" | "limit_delegation" | "limit_mu" | "limit_sul" | "limit_wc" | "i" | "mfar" | "mgmt_api_read" | "my_account_authentication_method_failed" | "my_account_authentication_method_succeeded" | "oidc_backchannel_logout_failed" | "oidc_backchannel_logout_succeeded" | "organization_member_added" | "passkey_challenge_failed" | "passkey_challenge_started" | "pla" | "pwd_leak" | "reset_pwd_leak" | "resource_cleanup" | "rich_consents_access_error" | "s" | "fapi" | "sce" | "scoa" | "scp" | "scpn" | "scpr" | "scu" | "scv" | "sd" | "sdu" | "seacft" | "seccft" | "secte" | "sede" | "sens" | "seoobft" | "seotpft" | "sepotpft" | "sepft" | "sepkoobft" | "sepkotpft" | "sepkrcft" | "sercft" | "sertft" | "sestft" | "simp" | "si" | "signup_pwd_leak" | "slo" | "sh" | "spm" | "srrt" | "ss" | "ss_sso_failure" | "ss_sso_info" | "ss_sso_success" | "ssa" | "sscim" | "sui" | "sv" | "svr" | "too_many_records" | "ublkdu" | "universal_logout_failed" | "universal_logout_succeeded" | "w" | "wn" | "wum";
|
|
780
780
|
date: string;
|
|
781
781
|
isMobile: boolean;
|
|
782
782
|
log_id: string;
|
|
@@ -447,7 +447,7 @@ export declare function initJSXRoute(ctx: Context<{
|
|
|
447
447
|
custom_login_page_preview?: string | undefined;
|
|
448
448
|
form_template?: string | undefined;
|
|
449
449
|
addons?: Record<string, any> | undefined;
|
|
450
|
-
token_endpoint_auth_method?: "
|
|
450
|
+
token_endpoint_auth_method?: "none" | "private_key_jwt" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | undefined;
|
|
451
451
|
client_metadata?: Record<string, string> | undefined;
|
|
452
452
|
hide_sign_up_disabled_error?: boolean | undefined;
|
|
453
453
|
mobile?: Record<string, any> | undefined;
|
|
@@ -1166,7 +1166,7 @@ export declare function initJSXRouteWithSession(ctx: Context<{
|
|
|
1166
1166
|
custom_login_page_preview?: string | undefined;
|
|
1167
1167
|
form_template?: string | undefined;
|
|
1168
1168
|
addons?: Record<string, any> | undefined;
|
|
1169
|
-
token_endpoint_auth_method?: "
|
|
1169
|
+
token_endpoint_auth_method?: "none" | "private_key_jwt" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | undefined;
|
|
1170
1170
|
client_metadata?: Record<string, string> | undefined;
|
|
1171
1171
|
hide_sign_up_disabled_error?: boolean | undefined;
|
|
1172
1172
|
mobile?: Record<string, any> | undefined;
|
|
@@ -43,7 +43,7 @@ export declare const flowApiRoutes: OpenAPIHono<{
|
|
|
43
43
|
hint?: string | undefined;
|
|
44
44
|
messages?: {
|
|
45
45
|
text: string;
|
|
46
|
-
type: "
|
|
46
|
+
type: "error" | "success" | "info" | "warning";
|
|
47
47
|
id?: number | undefined;
|
|
48
48
|
}[] | undefined;
|
|
49
49
|
}[];
|
|
@@ -51,7 +51,7 @@ export declare const flowApiRoutes: OpenAPIHono<{
|
|
|
51
51
|
description?: string | undefined;
|
|
52
52
|
messages?: {
|
|
53
53
|
text: string;
|
|
54
|
-
type: "
|
|
54
|
+
type: "error" | "success" | "info" | "warning";
|
|
55
55
|
id?: number | undefined;
|
|
56
56
|
}[] | undefined;
|
|
57
57
|
links?: {
|
|
@@ -123,7 +123,7 @@ export declare const flowApiRoutes: OpenAPIHono<{
|
|
|
123
123
|
hint?: string | undefined;
|
|
124
124
|
messages?: {
|
|
125
125
|
text: string;
|
|
126
|
-
type: "
|
|
126
|
+
type: "error" | "success" | "info" | "warning";
|
|
127
127
|
id?: number | undefined;
|
|
128
128
|
}[] | undefined;
|
|
129
129
|
}[];
|
|
@@ -131,7 +131,7 @@ export declare const flowApiRoutes: OpenAPIHono<{
|
|
|
131
131
|
description?: string | undefined;
|
|
132
132
|
messages?: {
|
|
133
133
|
text: string;
|
|
134
|
-
type: "
|
|
134
|
+
type: "error" | "success" | "info" | "warning";
|
|
135
135
|
id?: number | undefined;
|
|
136
136
|
}[] | undefined;
|
|
137
137
|
links?: {
|
|
@@ -220,7 +220,7 @@ export declare const flowApiRoutes: OpenAPIHono<{
|
|
|
220
220
|
hint?: string | undefined;
|
|
221
221
|
messages?: {
|
|
222
222
|
text: string;
|
|
223
|
-
type: "
|
|
223
|
+
type: "error" | "success" | "info" | "warning";
|
|
224
224
|
id?: number | undefined;
|
|
225
225
|
}[] | undefined;
|
|
226
226
|
}[];
|
|
@@ -228,7 +228,7 @@ export declare const flowApiRoutes: OpenAPIHono<{
|
|
|
228
228
|
description?: string | undefined;
|
|
229
229
|
messages?: {
|
|
230
230
|
text: string;
|
|
231
|
-
type: "
|
|
231
|
+
type: "error" | "success" | "info" | "warning";
|
|
232
232
|
id?: number | undefined;
|
|
233
233
|
}[] | undefined;
|
|
234
234
|
links?: {
|
|
@@ -335,7 +335,7 @@ export declare const flowApiRoutes: OpenAPIHono<{
|
|
|
335
335
|
hint?: string | undefined;
|
|
336
336
|
messages?: {
|
|
337
337
|
text: string;
|
|
338
|
-
type: "
|
|
338
|
+
type: "error" | "success" | "info" | "warning";
|
|
339
339
|
id?: number | undefined;
|
|
340
340
|
}[] | undefined;
|
|
341
341
|
}[];
|
|
@@ -343,7 +343,7 @@ export declare const flowApiRoutes: OpenAPIHono<{
|
|
|
343
343
|
description?: string | undefined;
|
|
344
344
|
messages?: {
|
|
345
345
|
text: string;
|
|
346
|
-
type: "
|
|
346
|
+
type: "error" | "success" | "info" | "warning";
|
|
347
347
|
id?: number | undefined;
|
|
348
348
|
}[] | undefined;
|
|
349
349
|
links?: {
|
|
@@ -515,7 +515,7 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
515
515
|
} & {
|
|
516
516
|
form: {
|
|
517
517
|
username: string;
|
|
518
|
-
login_selection?: "
|
|
518
|
+
login_selection?: "code" | "password" | undefined;
|
|
519
519
|
};
|
|
520
520
|
};
|
|
521
521
|
output: {};
|
|
@@ -529,7 +529,7 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
529
529
|
} & {
|
|
530
530
|
form: {
|
|
531
531
|
username: string;
|
|
532
|
-
login_selection?: "
|
|
532
|
+
login_selection?: "code" | "password" | undefined;
|
|
533
533
|
};
|
|
534
534
|
};
|
|
535
535
|
output: {};
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Shared authorization helpers for the DCR connect flow.
|
|
3
|
+
*
|
|
4
|
+
* Both the tenant picker (`connect-tenant-select`) and the consent step
|
|
5
|
+
* (`connect-consent`) must agree on whether a user is allowed to mint an
|
|
6
|
+
* Initial Access Token against a given child tenant. Keeping the logic here
|
|
7
|
+
* — instead of duplicating it per screen — prevents the two from drifting
|
|
8
|
+
* (e.g. the picker honoring the global-admin escape hatch while the consent
|
|
9
|
+
* step only checks plain org membership).
|
|
10
|
+
*
|
|
11
|
+
* Each child tenant is represented on the control plane by an organization
|
|
12
|
+
* whose `name` matches the child tenant id (see @authhero/multi-tenancy
|
|
13
|
+
* provisioning hooks).
|
|
14
|
+
*/
|
|
15
|
+
import type { ScreenContext } from "./types";
|
|
16
|
+
export declare const DCR_REGISTER_PERMISSION = "create:clients";
|
|
17
|
+
/**
|
|
18
|
+
* Mirrors @authhero/multi-tenancy's escape hatch: a user holding
|
|
19
|
+
* `admin:organizations` on a global (non-org-scoped) role can act on any
|
|
20
|
+
* tenant without being a member of its control-plane org. Scoped to the
|
|
21
|
+
* Management API audience so unrelated API permissions can't satisfy it.
|
|
22
|
+
*/
|
|
23
|
+
export declare function userHasGlobalOrgAdmin(context: ScreenContext, userId: string): Promise<boolean>;
|
|
24
|
+
/**
|
|
25
|
+
* True when the user holds the DCR register permission on the given
|
|
26
|
+
* control-plane organization (scoped to the Management API audience).
|
|
27
|
+
*/
|
|
28
|
+
export declare function userCanRegisterOnOrg(context: ScreenContext, userId: string, organizationId: string): Promise<boolean>;
|
|
29
|
+
/**
|
|
30
|
+
* Single source of truth for "may this user mint an IAT against this child
|
|
31
|
+
* tenant?". Used both to build the picker's option list and to re-validate
|
|
32
|
+
* the user's pick at consent time, so the two can never disagree.
|
|
33
|
+
*
|
|
34
|
+
* Access is granted when either:
|
|
35
|
+
* - the user holds the global `admin:organizations` escape hatch, or
|
|
36
|
+
* - the user is a member of the control-plane org whose `name` equals the
|
|
37
|
+
* target tenant id AND holds `create:clients` on their role for that org.
|
|
38
|
+
*
|
|
39
|
+
* The control plane itself is never a valid DCR target.
|
|
40
|
+
*/
|
|
41
|
+
export declare function userCanRegisterOnTenant(context: ScreenContext, userId: string, targetTenantId: string): Promise<boolean>;
|
|
@@ -165,7 +165,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
165
165
|
$get: {
|
|
166
166
|
input: {
|
|
167
167
|
param: {
|
|
168
|
-
screen: "
|
|
168
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
169
169
|
};
|
|
170
170
|
} & {
|
|
171
171
|
query: {
|
|
@@ -181,7 +181,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
181
181
|
} | {
|
|
182
182
|
input: {
|
|
183
183
|
param: {
|
|
184
|
-
screen: "
|
|
184
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
185
185
|
};
|
|
186
186
|
} & {
|
|
187
187
|
query: {
|
|
@@ -197,7 +197,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
197
197
|
} | {
|
|
198
198
|
input: {
|
|
199
199
|
param: {
|
|
200
|
-
screen: "
|
|
200
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
201
201
|
};
|
|
202
202
|
} & {
|
|
203
203
|
query: {
|
|
@@ -217,7 +217,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
217
217
|
$post: {
|
|
218
218
|
input: {
|
|
219
219
|
param: {
|
|
220
|
-
screen: "
|
|
220
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
221
221
|
};
|
|
222
222
|
} & {
|
|
223
223
|
query: {
|
|
@@ -235,7 +235,7 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
235
235
|
} | {
|
|
236
236
|
input: {
|
|
237
237
|
param: {
|
|
238
|
-
screen: "
|
|
238
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
239
239
|
};
|
|
240
240
|
} & {
|
|
241
241
|
query: {
|
|
@@ -250,24 +250,6 @@ export default function createU2App(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
250
250
|
output: {};
|
|
251
251
|
outputFormat: string;
|
|
252
252
|
status: 302;
|
|
253
|
-
} | {
|
|
254
|
-
input: {
|
|
255
|
-
param: {
|
|
256
|
-
screen: "login" | "signup" | "reset-password" | "consent" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
257
|
-
};
|
|
258
|
-
} & {
|
|
259
|
-
query: {
|
|
260
|
-
state: string;
|
|
261
|
-
error?: string | undefined;
|
|
262
|
-
error_description?: string | undefined;
|
|
263
|
-
ui_locales?: string | undefined;
|
|
264
|
-
};
|
|
265
|
-
} & {
|
|
266
|
-
form: Record<string, string>;
|
|
267
|
-
};
|
|
268
|
-
output: {};
|
|
269
|
-
outputFormat: string;
|
|
270
|
-
status: 400;
|
|
271
253
|
};
|
|
272
254
|
};
|
|
273
255
|
}, "/"> & import("hono/types").MergeSchemaPath<{
|
|
@@ -170,7 +170,7 @@ export declare const u2Routes: OpenAPIHono<{
|
|
|
170
170
|
$get: {
|
|
171
171
|
input: {
|
|
172
172
|
param: {
|
|
173
|
-
screen: "
|
|
173
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
174
174
|
};
|
|
175
175
|
} & {
|
|
176
176
|
query: {
|
|
@@ -186,7 +186,7 @@ export declare const u2Routes: OpenAPIHono<{
|
|
|
186
186
|
} | {
|
|
187
187
|
input: {
|
|
188
188
|
param: {
|
|
189
|
-
screen: "
|
|
189
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
190
190
|
};
|
|
191
191
|
} & {
|
|
192
192
|
query: {
|
|
@@ -202,7 +202,7 @@ export declare const u2Routes: OpenAPIHono<{
|
|
|
202
202
|
} | {
|
|
203
203
|
input: {
|
|
204
204
|
param: {
|
|
205
|
-
screen: "
|
|
205
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "account" | "enter-password" | "impersonate" | "try-connection-result" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
206
206
|
};
|
|
207
207
|
} & {
|
|
208
208
|
query: {
|
|
@@ -222,7 +222,7 @@ export declare const u2Routes: OpenAPIHono<{
|
|
|
222
222
|
$post: {
|
|
223
223
|
input: {
|
|
224
224
|
param: {
|
|
225
|
-
screen: "
|
|
225
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
226
226
|
};
|
|
227
227
|
} & {
|
|
228
228
|
query: {
|
|
@@ -240,7 +240,7 @@ export declare const u2Routes: OpenAPIHono<{
|
|
|
240
240
|
} | {
|
|
241
241
|
input: {
|
|
242
242
|
param: {
|
|
243
|
-
screen: "
|
|
243
|
+
screen: "signup" | "consent" | "login" | "reset-password" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
244
244
|
};
|
|
245
245
|
} & {
|
|
246
246
|
query: {
|
|
@@ -255,24 +255,6 @@ export declare const u2Routes: OpenAPIHono<{
|
|
|
255
255
|
output: {};
|
|
256
256
|
outputFormat: string;
|
|
257
257
|
status: 302;
|
|
258
|
-
} | {
|
|
259
|
-
input: {
|
|
260
|
-
param: {
|
|
261
|
-
screen: "login" | "signup" | "reset-password" | "consent" | "enter-password" | "impersonate" | "reset-password/request" | "reset-password/code" | "login/identifier" | "login/email-otp-challenge" | "login/sms-otp-challenge" | "login/login-passwordless-identifier" | "mfa/login-options" | "mfa/totp-challenge" | "mfa/totp-enrollment" | "mfa/phone-challenge" | "mfa/phone-enrollment" | "passkey/challenge" | "passkey/enrollment" | "passkey/enrollment-nudge" | "account/profile" | "account/security" | "account/security/totp-enrollment" | "account/security/phone-enrollment" | "account/linked" | "account/delete" | "account/passkeys" | "connect/start" | "connect/select-tenant";
|
|
262
|
-
};
|
|
263
|
-
} & {
|
|
264
|
-
query: {
|
|
265
|
-
state: string;
|
|
266
|
-
error?: string | undefined;
|
|
267
|
-
error_description?: string | undefined;
|
|
268
|
-
ui_locales?: string | undefined;
|
|
269
|
-
};
|
|
270
|
-
} & {
|
|
271
|
-
form: Record<string, string>;
|
|
272
|
-
};
|
|
273
|
-
output: {};
|
|
274
|
-
outputFormat: string;
|
|
275
|
-
status: 400;
|
|
276
258
|
};
|
|
277
259
|
};
|
|
278
260
|
}, "/">;
|
|
@@ -32,6 +32,7 @@
|
|
|
32
32
|
* `logoPosition` is the prop-level shortcut for the most common override.
|
|
33
33
|
*/
|
|
34
34
|
import type { Branding, Theme } from "@authhero/adapter-interfaces";
|
|
35
|
+
import type { ContentfulStatusCode } from "hono/utils/http-status";
|
|
35
36
|
export type DarkModePreference = "auto" | "light" | "dark";
|
|
36
37
|
export type LogoPosition = "widget" | "chip" | "none";
|
|
37
38
|
/**
|
|
@@ -213,4 +214,9 @@ export declare function renderWidgetPageResponse(ctx: any, opts: {
|
|
|
213
214
|
* bg tint) is unchanged.
|
|
214
215
|
*/
|
|
215
216
|
customTemplateBody?: string;
|
|
217
|
+
/**
|
|
218
|
+
* HTTP status for the response. Defaults to 200; pass 400 when
|
|
219
|
+
* re-rendering a screen after a failed submission.
|
|
220
|
+
*/
|
|
221
|
+
status?: ContentfulStatusCode;
|
|
216
222
|
}): Promise<Response>;
|
|
@@ -20,11 +20,11 @@ export declare const idTokenSchema: z.ZodObject<{
|
|
|
20
20
|
export declare const userInfoSchema: z.ZodObject<{
|
|
21
21
|
name: z.ZodOptional<z.ZodString>;
|
|
22
22
|
email: z.ZodOptional<z.ZodString>;
|
|
23
|
-
given_name: z.ZodOptional<z.ZodString>;
|
|
24
|
-
family_name: z.ZodOptional<z.ZodString>;
|
|
25
23
|
iss: z.ZodString;
|
|
26
24
|
sub: z.ZodString;
|
|
27
25
|
aud: z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>;
|
|
28
26
|
exp: z.ZodNumber;
|
|
27
|
+
given_name: z.ZodOptional<z.ZodString>;
|
|
28
|
+
family_name: z.ZodOptional<z.ZodString>;
|
|
29
29
|
}, z.core.$loose>;
|
|
30
30
|
export type IdToken = z.infer<typeof idTokenSchema>;
|