commerce-sdk-isomorphic 3.4.0 → 4.0.1-preview-shopper-test.0

package/lib/shopperLogin.cjs.d.ts

@@ -0,0 +1,3842 @@
+/*
+* Copyright (c) 2021, salesforce.com, inc.
+* All rights reserved.
+* SPDX-License-Identifier: BSD-3-Clause
+* For full license text, see the LICENSE file in the repo root or https://opensource.org/licenses/BSD-3-Clause
+*/
+import { RequestInit as NodeRequestInit } from "node-fetch";
+/*
+* Copyright (c) 2025, Salesforce, Inc.
+* All rights reserved.
+* SPDX-License-Identifier: BSD-3-Clause
+* For full license text, see the LICENSE file in the repo root or https://opensource.org/licenses/BSD-3-Clause
+*/
+declare const defaultBaseUri = "https://{shortCode}.api.commercecloud.salesforce.com/shopper/auth/v1";
+/**
+ * Makes a type easier to read.
+ */
+type Prettify<T> = NonNullable<{
+    [K in keyof T]: T[K];
+}>;
+/**
+ * Generates the types required on a method, based on those provided in the config.
+ */
+type CompositeParameters<MethodParameters extends Record<string, unknown>, ConfigParameters extends Record<string, unknown>> = Prettify<Omit<MethodParameters, keyof ConfigParameters> & Partial<MethodParameters>>;
+/**
+ * If an object has a `parameters` property, and the `parameters` object has required properties,
+ * then the `parameters` property on the root object is marked as required.
+ */
+type RequireParametersUnlessAllAreOptional<T extends {
+    parameters?: Record<string, unknown>;
+}> = Record<string, never> extends NonNullable<T["parameters"]> ? T : Prettify<T & Required<Pick<T, "parameters">>>;
+/**
+ * Template parameters used in the base URI of all API endpoints. `version` will default to `"v1"`
+ * if not specified.
+ */
+interface BaseUriParameters {
+    shortCode: string;
+}
+type LocaleCode = {
+    [key: string]: any;
+};
+/**
+ * Generic interface for path parameters.
+ */
+interface PathParameters {
+    [key: string]: string | number | boolean;
+}
+/**
+ * Generic interface for query parameters.
+ */
+interface QueryParameters {
+    [key: string]: string | number | boolean | string[] | number[] | LocaleCode;
+}
+/**
+ * Custom body request type with any string prefixed with `c_` as the key and the allowed
+ * types for the value.
+ */
+type CustomRequestBody = {
+    [key in `c_${string}`]: string | number | boolean | string[] | number[] | {
+        [key: string]: unknown;
+    };
+};
+/**
+ * Alias for `RequestInit` from TypeScript's DOM lib, to more clearly differentiate
+ * it from the `RequestInit` provided by node-fetch.
+ */
+type BrowserRequestInit = RequestInit;
+/**
+ * Any properties supported in either the browser or node are accepted.
+ * Using the right properties in the right context is left to the user.
+ */
+type FetchOptions = NodeRequestInit & BrowserRequestInit;
+/**
+ * Base options that can be passed to the `ClientConfig` class.
+ */
+interface ClientConfigInit<Params extends BaseUriParameters> {
+    baseUri?: string;
+    proxy?: string;
+    headers?: {
+        [key: string]: string;
+    };
+    parameters: Params;
+    fetchOptions?: FetchOptions;
+    transformRequest?: (data: unknown, headers: {
+        [key: string]: string;
+    }) => Required<FetchOptions>["body"];
+    throwOnBadResponse?: boolean;
+}
+/**
+ * Configuration parameters common to Commerce SDK clients
+ */
+declare class ClientConfig<Params extends BaseUriParameters> implements ClientConfigInit<Params> {
+    baseUri?: string;
+    proxy?: string;
+    headers: {
+        [key: string]: string;
+    };
+    parameters: Params;
+    fetchOptions: FetchOptions;
+    transformRequest: NonNullable<ClientConfigInit<Params>["transformRequest"]>;
+    throwOnBadResponse: boolean;
+    constructor(config: ClientConfigInit<Params>);
+    static readonly defaults: Pick<Required<ClientConfigInit<never>>, "transformRequest">;
+}
+/**
+ * Grant Type
+ */
+type GrantType = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+/**
+ * @type Oauth2ErrorResponse:
+ *
+ * @property error:
+ *
+ * @property error_uri:
+ *
+ * @property error_description:
+ *
+ */
+type Oauth2ErrorResponse = {
+    error: string;
+    error_uri?: string;
+    error_description?: string;
+} & {
+    [key: string]: any;
+};
+/**
+ * Response Type
+ */
+type ResponseType = "code";
+/**
+ * @type TokenActionRequest:
+ *
+ * @property token: Token to inspect or revoke.
+ *
+ * @property token_type_hint: Token Type Hint
+ *
+ */
+type TokenActionRequest = {
+    token: string;
+    token_type_hint?: TokenActionRequestTokenTypeHintEnum;
+} & {
+    [key: string]: any;
+};
+type TokenActionRequestTokenTypeHintEnum = "access_token" | "refresh_token";
+/**
+ * Token Type
+ */
+type TokenType = "Bearer";
+/**
+ * @type TokenResponse:
+ *
+ * @property access_token: Short term shopper JWT that can be used to access Shopper APIs. Valid for 30 minutes.  A trusted agent shopper JWT is valid for 15 min.
+ *
+ * @property id_token: User ID token. Valid for 30 minutes.
+ *
+ * @property refresh_token: Long term refresh token that can be used to refresh an access token. Valid for 30 days.   The refresh_token will not be returned for trusted agents JWTs. A JWT for trusted agents expires after 15 minutes and is not refreshable. When expired, then app must restart the authorization flow and make another request to the /trusted-agent/authorize endpoint.
+ *
+ * @property expires_in: Remaining access token expiry time, in seconds.
+ *
+ * @property refresh_token_expires_in: Remaining refresh token expiry time, in seconds.
+ *
+ * @property token_type:
+ *
+ * @property usid: The unique shopper ID. Returned when using the `client_credentials` grant type.
+ *
+ * @property customer_id: Customer\'s ID
+ *
+ * @property enc_user_id: MD5 Hashed B2C Commerce user ID in uppercase.
+ *
+ * @property idp_access_token: This is the access token that is returned from the IDP. The IDP access token is returned to be able to make calls into the IDP outside of SLAS.
+ * - **Max Length:** 8192
+ *
+ */
+type TokenResponse = {
+    access_token: string;
+    id_token: string;
+    refresh_token: string;
+    expires_in: number;
+    refresh_token_expires_in: number;
+    token_type: TokenType;
+    usid: string;
+    customer_id: string;
+    enc_user_id: string;
+    idp_access_token: string;
+} & {
+    [key: string]: any;
+};
+type AuthorizeCustomerResponseTypeEnum = "code";
+type AuthorizeCustomerScopeEnum = "openid" | "offline_access" | "email";
+type AuthorizePasswordlessCustomerModeEnum = "callback" | "sms";
+type GetPasswordLessAccessTokenGrantTypeEnum = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+type GetPasswordResetTokenModeEnum = "callback" | "sms";
+type GetSessionBridgeAccessTokenGrantTypeEnum = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+type GetTrustedAgentAccessTokenGrantTypeEnum = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+type GetTrustedAgentAuthorizationTokenResponseTypeEnum = "code";
+type GetTrustedSystemAccessTokenGrantTypeEnum = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+type GetTrustedSystemAccessTokenHintEnum = "ts_ext_on_behalf_of";
+type GetTrustedSystemAccessTokenIdpOriginEnum = "apple" | "auth0" | "azure" | "azure_adb2c" | "cognito" | "default" | "ecom" | "facebook" | "forgerock" | "gigya" | "gigya_socialize" | "google" | "okta" | "ping" | "salesforce";
+type IntrospectTokenTokenTypeHintEnum = "access_token" | "refresh_token";
+type LogoutCustomerHintEnum = "all-sessions";
+type RevokeTokenTokenTypeHintEnum = "access_token" | "refresh_token";
+type authenticateCustomerQueryParameters = {};
+type authenticateCustomerPathParameters = {
+    organizationId: string;
+};
+type authenticateCustomerBodyType = {
+    client_id?: string;
+    response_type?: ResponseType;
+    redirect_uri: string;
+    state?: string;
+    scope?: string;
+    usid?: string;
+    channel_id: string;
+    code_challenge?: string;
+};
+type authorizeCustomerQueryParameters = {
+    redirect_uri: string;
+    response_type: "code";
+    client_id: string;
+    scope?: "openid" | "offline_access" | "email";
+    state?: string;
+    usid?: string;
+    hint?: string;
+    channel_id?: string;
+    code_challenge?: string;
+    ui_locales?: string;
+};
+type authorizeCustomerPathParameters = {
+    organizationId: string;
+};
+type authorizePasswordlessCustomerQueryParameters = {};
+type authorizePasswordlessCustomerPathParameters = {
+    organizationId: string;
+};
+type authorizePasswordlessCustomerBodyType = {
+    user_id: string;
+    mode: string;
+    locale?: string;
+    usid?: string;
+    channel_id: string;
+    callback_uri?: string;
+};
+type getAccessTokenQueryParameters = {};
+type getAccessTokenPathParameters = {
+    organizationId: string;
+};
+type getAccessTokenBodyType = {
+    refresh_token?: string;
+    code?: string;
+    usid?: string;
+    grant_type: GrantType;
+    redirect_uri?: string;
+    code_verifier?: string;
+    client_id?: string;
+    channel_id?: string;
+    dnt?: string;
+};
+type getJwksUriQueryParameters = {};
+type getJwksUriPathParameters = {
+    organizationId: string;
+};
+type getPasswordLessAccessTokenQueryParameters = {};
+type getPasswordLessAccessTokenPathParameters = {
+    organizationId: string;
+};
+type getPasswordLessAccessTokenBodyType = {
+    grant_type: string;
+    hint: string;
+    pwdless_login_token: string;
+    client_id?: string;
+    code_verifier?: string;
+};
+type getPasswordResetTokenQueryParameters = {};
+type getPasswordResetTokenPathParameters = {
+    organizationId: string;
+};
+type getPasswordResetTokenBodyType = {
+    user_id: string;
+    mode: string;
+    channel_id: string;
+    locale?: string;
+    client_id?: string;
+    code_challenge?: string;
+    callback_uri?: string;
+    idp_name?: string;
+    hint?: string;
+};
+type getSessionBridgeAccessTokenQueryParameters = {};
+type getSessionBridgeAccessTokenPathParameters = {
+    organizationId: string;
+};
+type getSessionBridgeAccessTokenBodyType = {
+    code: string;
+    client_id: string;
+    channel_id: string;
+    code_verifier: string;
+    dwsid: string;
+    grant_type: string;
+    login_id: string;
+    dwsgst?: string;
+    dwsrst?: string;
+    usid?: string;
+    dnt?: string;
+};
+type getTrustedAgentAccessTokenQueryParameters = {};
+type getTrustedAgentAccessTokenPathParameters = {
+    organizationId: string;
+};
+type getTrustedAgentAccessTokenBodyType = {
+    agent_id?: string;
+    client_id: string;
+    channel_id: string;
+    code_verifier: string;
+    grant_type: string;
+    login_id: string;
+    idp_origin: string;
+    usid?: string;
+    dnt?: string;
+    state?: string;
+};
+type getTrustedAgentAuthorizationTokenQueryParameters = {
+    client_id: string;
+    channel_id: string;
+    code_challenge?: string;
+    login_id: string;
+    idp_origin: string;
+    redirect_uri: string;
+    response_type: "code";
+};
+type getTrustedAgentAuthorizationTokenPathParameters = {
+    organizationId: string;
+};
+type getTrustedSystemAccessTokenQueryParameters = {};
+type getTrustedSystemAccessTokenPathParameters = {
+    organizationId: string;
+};
+type getTrustedSystemAccessTokenBodyType = {
+    usid?: string;
+    grant_type: string;
+    hint: string;
+    login_id: string;
+    idp_origin: string;
+    client_id: string;
+    channel_id: string;
+    email_id?: string;
+    dnt?: string;
+};
+type getUserInfoQueryParameters = {
+    channel_id?: string;
+};
+type getUserInfoPathParameters = {
+    organizationId: string;
+};
+type getWellknownOpenidConfigurationQueryParameters = {};
+type getWellknownOpenidConfigurationPathParameters = {
+    organizationId: string;
+};
+type introspectTokenQueryParameters = {};
+type introspectTokenPathParameters = {
+    organizationId: string;
+};
+type introspectTokenBodyType = {
+    token: string;
+    token_type_hint?: string;
+};
+type logoutCustomerQueryParameters = {
+    client_id: string;
+    refresh_token: string;
+    channel_id?: string;
+    hint?: "all-sessions";
+};
+type logoutCustomerPathParameters = {
+    organizationId: string;
+};
+type resetPasswordQueryParameters = {};
+type resetPasswordPathParameters = {
+    organizationId: string;
+};
+type resetPasswordBodyType = {
+    client_id: string;
+    pwd_action_token: string;
+    code_verifier: string;
+    new_password?: string;
+    channel_id: string;
+    hint?: string;
+};
+type revokeTokenQueryParameters = {};
+type revokeTokenPathParameters = {
+    organizationId: string;
+};
+type revokeTokenBodyType = {
+    token: string;
+    token_type_hint?: string;
+};
+/**
+ * All path parameters that are used by at least one ShopperLogin method.
+ */
+type ShopperLoginPathParameters = Partial<authenticateCustomerPathParameters & authorizeCustomerPathParameters & authorizePasswordlessCustomerPathParameters & getAccessTokenPathParameters & getJwksUriPathParameters & getPasswordLessAccessTokenPathParameters & getPasswordResetTokenPathParameters & getSessionBridgeAccessTokenPathParameters & getTrustedAgentAccessTokenPathParameters & getTrustedAgentAuthorizationTokenPathParameters & getTrustedSystemAccessTokenPathParameters & getUserInfoPathParameters & getWellknownOpenidConfigurationPathParameters & introspectTokenPathParameters & logoutCustomerPathParameters & resetPasswordPathParameters & revokeTokenPathParameters & {}>;
+/**
+ * All query parameters that are used by at least one ShopperLogin method.
+ */
+type ShopperLoginQueryParameters = Partial<authenticateCustomerQueryParameters & authorizeCustomerQueryParameters & authorizePasswordlessCustomerQueryParameters & getAccessTokenQueryParameters & getJwksUriQueryParameters & getPasswordLessAccessTokenQueryParameters & getPasswordResetTokenQueryParameters & getSessionBridgeAccessTokenQueryParameters & getTrustedAgentAccessTokenQueryParameters & getTrustedAgentAuthorizationTokenQueryParameters & getTrustedSystemAccessTokenQueryParameters & getUserInfoQueryParameters & getWellknownOpenidConfigurationQueryParameters & introspectTokenQueryParameters & logoutCustomerQueryParameters & resetPasswordQueryParameters & revokeTokenQueryParameters & {}>;
+/**
+ * All parameters that are used by ShopperLogin.
+ */
+type ShopperLoginParameters = ShopperLoginPathParameters & BaseUriParameters & ShopperLoginQueryParameters;
+/**
+ * [Shopper Login](https://developer.salesforce.com/docs/commerce/commerce-api/references?meta=shopper-login:Summary)
+ * ==================================
+ *
+ * *# API Overview
+ 
+ The Shopper Login and API Access Service (SLAS) enables secure access to Commerce Cloud’s Shopper APIs for a wide range of headless commerce applications.
+ 
+ **Important:** Before using this API, see [Authorization for Shopper APIs](https://developer.salesforce.com/docs/commerce/commerce-api/guide/authorization-for-shopper-apis.html) in the Get Started guides and the more detailed [SLAS guides](https://developer.salesforce.com/docs/commerce/commerce-api/guide/slas.html) for instructions on setting up a SLAS client, obtaining credentials, as well as flow and use case information.
+ 
+ For load shedding and rate limiting information, see [Load Shedding and Rate Limiting.](https://developer.salesforce.com/docs/commerce/commerce-api/guide/throttle-rates.html)*<br />
+ *
+ * Simple example:
+ *
+ * ```typescript
+ *   import { ShopperLogin } from "commerce-sdk-isomorphic";
+ *
+ *   const clientConfig = {
+ *     parameters: {
+ *       clientId: "XXXXXX",
+ *       organizationId: "XXXX",
+ *       shortCode: "XXX",
+ *       siteId: "XX"
+ *     }
+ *   };
+ *   const shopperLoginClient = new ShopperLogin(clientConfig);
+ * ```
+ *
+ * <span style="font-size:.7em; display:block; text-align: right">
+ * API Version: 0.0.33<br />
+ * Last Updated: <br />
+ * </span>
+ *
+ *
+ */
+declare class ShopperLogin<ConfigParameters extends ShopperLoginParameters & Record<string, unknown>> {
+    // baseUri is not required on ClientConfig, but we know that we provide one in the class constructor
+    clientConfig: ClientConfig<ConfigParameters> & {
+        baseUri: string;
+    };
+    static readonly defaultBaseUri = "https://{shortCode}.api.commercecloud.salesforce.com/shopper/auth/v1";
+    static readonly apiPaths: {
+        authenticateCustomer: string;
+        authorizeCustomer: string;
+        authorizePasswordlessCustomer: string;
+        getAccessToken: string;
+        getJwksUri: string;
+        getPasswordLessAccessToken: string;
+        getPasswordResetToken: string;
+        getSessionBridgeAccessToken: string;
+        getTrustedAgentAccessToken: string;
+        getTrustedAgentAuthorizationToken: string;
+        getTrustedSystemAccessToken: string;
+        getUserInfo: string;
+        getWellknownOpenidConfiguration: string;
+        introspectToken: string;
+        logoutCustomer: string;
+        resetPassword: string;
+        revokeToken: string;
+    };
+    constructor(config: ClientConfigInit<ConfigParameters>);
+    static readonly paramKeys: {
+        readonly authenticateCustomer: readonly [
+            "organizationId",
+            "redirect_uri",
+            "channel_id",
+            "client_id",
+            "response_type",
+            "state",
+            "scope",
+            "usid",
+            "code_challenge"
+        ];
+        readonly authenticateCustomerRequired: readonly [
+            "organizationId",
+            "redirect_uri",
+            "channel_id"
+        ];
+        readonly authorizeCustomer: readonly [
+            "organizationId",
+            "redirect_uri",
+            "response_type",
+            "client_id",
+            "scope",
+            "state",
+            "usid",
+            "hint",
+            "channel_id",
+            "code_challenge",
+            "ui_locales"
+        ];
+        readonly authorizeCustomerRequired: readonly [
+            "organizationId",
+            "redirect_uri",
+            "response_type",
+            "client_id"
+        ];
+        readonly authorizePasswordlessCustomer: readonly [
+            "organizationId",
+            "user_id",
+            "mode",
+            "channel_id",
+            "locale",
+            "usid",
+            "callback_uri"
+        ];
+        readonly authorizePasswordlessCustomerRequired: readonly [
+            "organizationId",
+            "user_id",
+            "mode",
+            "channel_id"
+        ];
+        readonly getAccessToken: readonly [
+            "organizationId",
+            "grant_type",
+            "refresh_token",
+            "code",
+            "usid",
+            "redirect_uri",
+            "code_verifier",
+            "client_id",
+            "channel_id",
+            "dnt"
+        ];
+        readonly getAccessTokenRequired: readonly [
+            "organizationId",
+            "grant_type"
+        ];
+        readonly getJwksUri: readonly [
+            "organizationId"
+        ];
+        readonly getJwksUriRequired: readonly [
+            "organizationId"
+        ];
+        readonly getPasswordLessAccessToken: readonly [
+            "organizationId",
+            "grant_type",
+            "hint",
+            "pwdless_login_token",
+            "client_id",
+            "code_verifier"
+        ];
+        readonly getPasswordLessAccessTokenRequired: readonly [
+            "organizationId",
+            "grant_type",
+            "hint",
+            "pwdless_login_token"
+        ];
+        readonly getPasswordResetToken: readonly [
+            "organizationId",
+            "user_id",
+            "mode",
+            "channel_id",
+            "locale",
+            "client_id",
+            "code_challenge",
+            "callback_uri",
+            "idp_name",
+            "hint"
+        ];
+        readonly getPasswordResetTokenRequired: readonly [
+            "organizationId",
+            "user_id",
+            "mode",
+            "channel_id"
+        ];
+        readonly getSessionBridgeAccessToken: readonly [
+            "organizationId",
+            "code",
+            "client_id",
+            "channel_id",
+            "code_verifier",
+            "dwsid",
+            "grant_type",
+            "login_id",
+            "dwsgst",
+            "dwsrst",
+            "usid",
+            "dnt"
+        ];
+        readonly getSessionBridgeAccessTokenRequired: readonly [
+            "organizationId",
+            "code",
+            "client_id",
+            "channel_id",
+            "code_verifier",
+            "dwsid",
+            "grant_type",
+            "login_id"
+        ];
+        readonly getTrustedAgentAccessToken: readonly [
+            "organizationId",
+            "client_id",
+            "channel_id",
+            "code_verifier",
+            "grant_type",
+            "login_id",
+            "idp_origin",
+            "agent_id",
+            "usid",
+            "dnt",
+            "state"
+        ];
+        readonly getTrustedAgentAccessTokenRequired: readonly [
+            "organizationId",
+            "client_id",
+            "channel_id",
+            "code_verifier",
+            "grant_type",
+            "login_id",
+            "idp_origin"
+        ];
+        readonly getTrustedAgentAuthorizationToken: readonly [
+            "organizationId",
+            "client_id",
+            "channel_id",
+            "login_id",
+            "idp_origin",
+            "redirect_uri",
+            "response_type",
+            "code_challenge"
+        ];
+        readonly getTrustedAgentAuthorizationTokenRequired: readonly [
+            "organizationId",
+            "client_id",
+            "channel_id",
+            "login_id",
+            "idp_origin",
+            "redirect_uri",
+            "response_type"
+        ];
+        readonly getTrustedSystemAccessToken: readonly [
+            "organizationId",
+            "grant_type",
+            "hint",
+            "login_id",
+            "idp_origin",
+            "client_id",
+            "channel_id",
+            "usid",
+            "email_id",
+            "dnt"
+        ];
+        readonly getTrustedSystemAccessTokenRequired: readonly [
+            "organizationId",
+            "grant_type",
+            "hint",
+            "login_id",
+            "idp_origin",
+            "client_id",
+            "channel_id"
+        ];
+        readonly getUserInfo: readonly [
+            "organizationId",
+            "channel_id"
+        ];
+        readonly getUserInfoRequired: readonly [
+            "organizationId"
+        ];
+        readonly getWellknownOpenidConfiguration: readonly [
+            "organizationId"
+        ];
+        readonly getWellknownOpenidConfigurationRequired: readonly [
+            "organizationId"
+        ];
+        readonly introspectToken: readonly [
+            "organizationId",
+            "token",
+            "token_type_hint"
+        ];
+        readonly introspectTokenRequired: readonly [
+            "organizationId",
+            "token"
+        ];
+        readonly logoutCustomer: readonly [
+            "organizationId",
+            "client_id",
+            "refresh_token",
+            "channel_id",
+            "hint"
+        ];
+        readonly logoutCustomerRequired: readonly [
+            "organizationId",
+            "client_id",
+            "refresh_token"
+        ];
+        readonly resetPassword: readonly [
+            "organizationId",
+            "client_id",
+            "pwd_action_token",
+            "code_verifier",
+            "channel_id",
+            "new_password",
+            "hint"
+        ];
+        readonly resetPasswordRequired: readonly [
+            "organizationId",
+            "client_id",
+            "pwd_action_token",
+            "code_verifier",
+            "channel_id"
+        ];
+        readonly revokeToken: readonly [
+            "organizationId",
+            "token",
+            "token_type_hint"
+        ];
+        readonly revokeTokenRequired: readonly [
+            "organizationId",
+            "token"
+        ];
+    };
+    /**
+     * This follows the authorization code grant flow as defined by the OAuth 2.1 standard. It also uses a proof key for code exchange (PKCE).
+     
+     For PKCE values:
+     - The `code_verifier` string is a random string used for the `/token` endpoint request.
+     - The `code_challenge` is an encoded version of the `code_verifier` string using an SHA-256 hash.
+     
+     The request must include a basic authorization header that contains a Base64 encoded version of the following string: `<shopperUserID>:<shopperPassword>`.
+     Required parameters: `code_challenge`, `channel_id`, `client_id`, and `redirect_uri`.
+     
+     Optional parameters: `usid`.
+     The SLAS `/login` endpoint redirects back to the redirect URI and returns an authorization code.
+     Calls to `/login` made with the same loginId and tenantId within 1 second result in a conflict.
+     *
+     * If you would like to get a raw Response object use the other authenticateCustomer function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.client_id - SLAS client ID. Required when the grant type is `authorization_code_pkce`.
+     * @param options.body.response_type - Must be `code`. Indicates that the client wants an authorization code (when the grant type is `authorization_code`).
+     * @param options.body.redirect_uri - The URI to which the server redirects the browser after the user grants the authorization. The URI must be registered with the SLAS client. A variety of URI formats and wildcards for host are supported, but app links like airbnb:// or fb:// are not. Examples of supported URIs:   Examples of supported URIs:   - `http://localhost:3000/callback`   - `https://example.com/callback`   - `com.example.app:redirect_uri_path`   - ` *.subdomain.topleveldomain.com`
+     * @param options.body.state - Value to be sent by the client to determine the state between the authorization request and the server response. Optional, but strongly recommended.
+     * @param options.body.scope - Scopes to limit an application\'s access to a user\'s account.
+     * @param options.body.usid - The unique shopper ID.
+     * @param options.body.channel_id - The channel that the request is for. For a B2C Commerce request, this is angalous to the site ID.
+     * @param options.body.code_challenge - PKCE code verifier. Created by the client calling the `login` endpoint.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_challenge` is optional when using a private client id for the token request.
+     *
+     * @returns A promise of type void.
+     */
+    authenticateCustomer(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: authenticateCustomerBodyType & CustomRequestBody;
+    }>): Promise<void>;
+    /**
+     * This follows the authorization code grant flow as defined by the OAuth 2.1 standard. It also uses a proof key for code exchange (PKCE).
+     
+     For PKCE values:
+     - The `code_verifier` string is a random string used for the `/token` endpoint request.
+     - The `code_challenge` is an encoded version of the `code_verifier` string using an SHA-256 hash.
+     
+     The request must include a basic authorization header that contains a Base64 encoded version of the following string: `<shopperUserID>:<shopperPassword>`.
+     Required parameters: `code_challenge`, `channel_id`, `client_id`, and `redirect_uri`.
+     
+     Optional parameters: `usid`.
+     The SLAS `/login` endpoint redirects back to the redirect URI and returns an authorization code.
+     Calls to `/login` made with the same loginId and tenantId within 1 second result in a conflict.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.client_id - SLAS client ID. Required when the grant type is `authorization_code_pkce`.
+     * @param options.body.response_type - Must be `code`. Indicates that the client wants an authorization code (when the grant type is `authorization_code`).
+     * @param options.body.redirect_uri - The URI to which the server redirects the browser after the user grants the authorization. The URI must be registered with the SLAS client. A variety of URI formats and wildcards for host are supported, but app links like airbnb:// or fb:// are not. Examples of supported URIs:   Examples of supported URIs:   - `http://localhost:3000/callback`   - `https://example.com/callback`   - `com.example.app:redirect_uri_path`   - ` *.subdomain.topleveldomain.com`
+     * @param options.body.state - Value to be sent by the client to determine the state between the authorization request and the server response. Optional, but strongly recommended.
+     * @param options.body.scope - Scopes to limit an application\'s access to a user\'s account.
+     * @param options.body.usid - The unique shopper ID.
+     * @param options.body.channel_id - The channel that the request is for. For a B2C Commerce request, this is angalous to the site ID.
+     * @param options.body.code_challenge - PKCE code verifier. Created by the client calling the `login` endpoint.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_challenge` is optional when using a private client id for the token request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+     */
+    authenticateCustomer<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: authenticateCustomerBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+    /**
+     * This is the first step of the OAuth 2.1 authorization code flow, in which a user can log in via federation to the IDP configured for the client. After successfully logging in, the user gets an authorization code via a redirect URI.
+     
+     You can call this endpoint from the front channel (the browser).
+     *
+     * If you would like to get a raw Response object use the other authorizeCustomer function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.parameters.redirect_uri - The redirect for Account Manager to redirect to. A variety of URI formats and wildcard for host are supported, but app links like `airbnb://` or `fb://` are not. Examples of supported URIs:
+     - `http://localhost:3000/callback`
+     - `https://example.com/callback`
+     - `com.example.app:redirect_uri_path`
+     - ` *.subdomain.topleveldomain.com`
+     
+     * @param options.parameters.response_type - Must be `code`. Indicates that the caller wants an authorization code.
+     * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+     * @param options.parameters.scope -
+     * @param options.parameters.state - Value to send the client to determine the state between the authorization request and the server response. Optional, but strongly recommended.
+     * @param options.parameters.usid - A unique shopper identifier (USID). If not provided, a new USID is generated.
+     * @param options.parameters.hint - Name of an identity provider (IDP) to optionally redirect to, thereby skipping the IDP selection step.
+     
+     To use a public client, set `hint` to `guest` and use a public client ID to get an authorization code. If no `hint` is provided, the preferred IDP of the tenant is used by default.
+     
+     For session bridge authorization the `hint` should be set to `sb-user` for a registered customer and to `sb-guest` for a guest. For session bridge authorization the SLAS Client `sfcc.session_bridge` scope.
+     * @param options.parameters.channel_id - The channel that this request is for. For a B2C Commerce request, this is angalous to the site ID.
+     * @param options.parameters.code_challenge - PKCE code challenge. Created by the caller.
+     
+     The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.
+     
+     The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     
+     The *`code_challenge` and 'code_verifier'* are required if a using SLAS public `client_id`.
+     * @param options.parameters.ui_locales - End-User's preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference. For example, the value `fr-CA fr en` represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation).
+     
+     In most cases the IDP supports one language tag and has a default language set on the server. SLAS will support the space-separated list and pass them to the IDP.
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     *
+     * @returns A promise of type void.
+     */
+    authorizeCustomer(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+            redirect_uri: string;
+            response_type: AuthorizeCustomerResponseTypeEnum;
+            client_id: string;
+            scope?: AuthorizeCustomerScopeEnum;
+            state?: string;
+            usid?: string;
+            hint?: string;
+            channel_id?: string;
+            code_challenge?: string;
+            ui_locales?: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>): Promise<void>;
+    /**
+     * This is the first step of the OAuth 2.1 authorization code flow, in which a user can log in via federation to the IDP configured for the client. After successfully logging in, the user gets an authorization code via a redirect URI.
+     
+     You can call this endpoint from the front channel (the browser).
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.parameters.redirect_uri - The redirect for Account Manager to redirect to. A variety of URI formats and wildcard for host are supported, but app links like `airbnb://` or `fb://` are not. Examples of supported URIs:
+     - `http://localhost:3000/callback`
+     - `https://example.com/callback`
+     - `com.example.app:redirect_uri_path`
+     - ` *.subdomain.topleveldomain.com`
+     
+     * @param options.parameters.response_type - Must be `code`. Indicates that the caller wants an authorization code.
+     * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+     * @param options.parameters.scope -
+     * @param options.parameters.state - Value to send the client to determine the state between the authorization request and the server response. Optional, but strongly recommended.
+     * @param options.parameters.usid - A unique shopper identifier (USID). If not provided, a new USID is generated.
+     * @param options.parameters.hint - Name of an identity provider (IDP) to optionally redirect to, thereby skipping the IDP selection step.
+     
+     To use a public client, set `hint` to `guest` and use a public client ID to get an authorization code. If no `hint` is provided, the preferred IDP of the tenant is used by default.
+     
+     For session bridge authorization the `hint` should be set to `sb-user` for a registered customer and to `sb-guest` for a guest. For session bridge authorization the SLAS Client `sfcc.session_bridge` scope.
+     * @param options.parameters.channel_id - The channel that this request is for. For a B2C Commerce request, this is angalous to the site ID.
+     * @param options.parameters.code_challenge - PKCE code challenge. Created by the caller.
+     
+     The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.
+     
+     The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     
+     The *`code_challenge` and 'code_verifier'* are required if a using SLAS public `client_id`.
+     * @param options.parameters.ui_locales - End-User's preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference. For example, the value `fr-CA fr en` represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation).
+     
+     In most cases the IDP supports one language tag and has a default language set on the server. SLAS will support the space-separated list and pass them to the IDP.
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+     */
+    authorizeCustomer<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+            redirect_uri: string;
+            response_type: AuthorizeCustomerResponseTypeEnum;
+            client_id: string;
+            scope?: AuthorizeCustomerScopeEnum;
+            state?: string;
+            usid?: string;
+            hint?: string;
+            channel_id?: string;
+            code_challenge?: string;
+            ui_locales?: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+    /**
+     * This endpoint allows customers to authenticate when their configured identity provider is inaccessible. It provides an alternative authentication path through passwordless login methods like email or SMS verification.
+     *
+     * If you would like to get a raw Response object use the other authorizePasswordlessCustomer function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.user_id - User ID for logging in.
+     * @param options.body.mode - Password Action delivery modes
+     * @param options.body.locale - The locale of the template. Not needed for the `callback` mode
+     * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.body.callback_uri - The callback URI. Required when the mode is `callback`. The `callback_uri` property will be validated against the callback URIs that have been registered with the SLAS client. The callback URI _must_ be a `POST` endpoint because the token will be included in the body.  Wildcards are not allowed in the callback_uri because this is a security risk that can expose the token. This is not considered an OAuth2 callback_url.
+     *
+     * @returns A promise of type string.
+     */
+    authorizePasswordlessCustomer(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: authorizePasswordlessCustomerBodyType & CustomRequestBody;
+    }>): Promise<string>;
+    /**
+     * This endpoint allows customers to authenticate when their configured identity provider is inaccessible. It provides an alternative authentication path through passwordless login methods like email or SMS verification.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.user_id - User ID for logging in.
+     * @param options.body.mode - Password Action delivery modes
+     * @param options.body.locale - The locale of the template. Not needed for the `callback` mode
+     * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.body.callback_uri - The callback URI. Required when the mode is `callback`. The `callback_uri` property will be validated against the callback URIs that have been registered with the SLAS client. The callback URI _must_ be a `POST` endpoint because the token will be included in the body.  Wildcards are not allowed in the callback_uri because this is a security risk that can expose the token. This is not considered an OAuth2 callback_url.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type string otherwise.
+     */
+    authorizePasswordlessCustomer<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: authorizePasswordlessCustomerBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : string>;
+    /**
+     * This is the second step of the OAuth 2.1 authorization code flow.
+     
+     For a private client, an application is able to get an access token for the shopper through the back channel (a trusted server) by passing in the client credentials and the authorization code retrieved from the `authorize` endpoint.
+     
+     For a guest user, get the shopper JWT access token and a refresh token. This is where a client appplication is able to get an access token for the guest user through the back channel (a trusted server) by passing in the client credentials.
+     
+     For a public client using PKCE, an application passes a PKCE `code_verifier` that matches the `code_challenge` that was used to `authorize` the customer along with the authorization code.
+     
+     When refreshing the access token with a private client ID and client secret, the refresh token is _not_ regenerated. However, when refreshing the access token with a public client ID, the refresh token is _always_ regenerated. The old refresh token is voided with every refresh call, so the refresh token on the client must be replaced to always store the new refresh token.
+     
+     See the Body section for required parameters, including `grant_type` and others that depend on the value of `grant_type`.
+     
+     **Important**: As of July 31, 2024**, SLAS requires the `channel_id` query parameter in token requests.
+     *
+     * If you would like to get a raw Response object use the other getAccessToken function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.refresh_token - The long-term token used to refresh the short term access token. Required only with a grant type of `refresh_token`.
+     * @param options.body.code - Authorization code from the OAuth 2.1 service received in the front channel that is used to get access tokens and refresh tokens. Required with a grant type of `authorization_code` and `session_bridge`.
+     * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+     * @param options.body.grant_type -
+     * @param options.body.redirect_uri - The redirect URI that was used when getting the authorization code. A variety of URI formats and wildcards for host are supported, but app links like `airbnb://` or `fb://` are not.   Examples of supported URIs:   - `http://localhost:3000/callback`   - `https://example.com/callback`   - `com.example.app:redirect_uri_path`   - ` *.subdomain.topleveldomain.com`
+     * @param options.body.code_verifier - PKCE code verifier. Created by the client calling the `login` endpoint.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_verifier` is optional when using a private client id for the token request.
+     * @param options.body.client_id - The SLAS client ID. Required when the grant type is `authorization_code_pkce`.
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.  **Important: We strongly recommended using the channel_id query parameter because it will be required in the future.  **NOTE - As of July 31, 2024**, SLAS will be requiring the `channel_id` query parameter in token requests.
+     * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.
+     *
+     * @returns A promise of type TokenResponse.
+     */
+    getAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getAccessTokenBodyType & CustomRequestBody;
+    }>): Promise<TokenResponse>;
+    /**
+     * This is the second step of the OAuth 2.1 authorization code flow.
+     
+     For a private client, an application is able to get an access token for the shopper through the back channel (a trusted server) by passing in the client credentials and the authorization code retrieved from the `authorize` endpoint.
+     
+     For a guest user, get the shopper JWT access token and a refresh token. This is where a client appplication is able to get an access token for the guest user through the back channel (a trusted server) by passing in the client credentials.
+     
+     For a public client using PKCE, an application passes a PKCE `code_verifier` that matches the `code_challenge` that was used to `authorize` the customer along with the authorization code.
+     
+     When refreshing the access token with a private client ID and client secret, the refresh token is _not_ regenerated. However, when refreshing the access token with a public client ID, the refresh token is _always_ regenerated. The old refresh token is voided with every refresh call, so the refresh token on the client must be replaced to always store the new refresh token.
+     
+     See the Body section for required parameters, including `grant_type` and others that depend on the value of `grant_type`.
+     
+     **Important**: As of July 31, 2024**, SLAS requires the `channel_id` query parameter in token requests.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.refresh_token - The long-term token used to refresh the short term access token. Required only with a grant type of `refresh_token`.
+     * @param options.body.code - Authorization code from the OAuth 2.1 service received in the front channel that is used to get access tokens and refresh tokens. Required with a grant type of `authorization_code` and `session_bridge`.
+     * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+     * @param options.body.grant_type -
+     * @param options.body.redirect_uri - The redirect URI that was used when getting the authorization code. A variety of URI formats and wildcards for host are supported, but app links like `airbnb://` or `fb://` are not.   Examples of supported URIs:   - `http://localhost:3000/callback`   - `https://example.com/callback`   - `com.example.app:redirect_uri_path`   - ` *.subdomain.topleveldomain.com`
+     * @param options.body.code_verifier - PKCE code verifier. Created by the client calling the `login` endpoint.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_verifier` is optional when using a private client id for the token request.
+     * @param options.body.client_id - The SLAS client ID. Required when the grant type is `authorization_code_pkce`.
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.  **Important: We strongly recommended using the channel_id query parameter because it will be required in the future.  **NOTE - As of July 31, 2024**, SLAS will be requiring the `channel_id` query parameter in token requests.
+     * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+     */
+    getAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getAccessTokenBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+    /**
+     * The `/jwks` endpoint provides a JSON Web Key Set (JWKS) that includes current, past, and future public keys. These keys allow clients to validate the Shopper JSON Web Token (JWT) issued by SLAS, ensuring that no tampering with the token has occurred. Every SLAS JWT that is passed into SLAS, SCAPI, or OCAPI is always validated and is rejected if the signature validation does not match.
+     
+     To optimize performance, the `/jwks` endpoint is limited to 25 calls per minute, so we recommended caching the JWKS keys and refresh them only when necessary, instead of making frequent requests. Typically, the JWKs endpoint can be used once per DAY.
+     
+     For additional information on using JWKS, see https://developer.salesforce.com/docs/commerce/commerce-api/guide/slas-validate-jwt-with-jwks.html.
+     
+     *
+     * If you would like to get a raw Response object use the other getJwksUri function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     *
+     * @returns A promise of type object.
+     */
+    getJwksUri(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>): Promise<object>;
+    /**
+     * The `/jwks` endpoint provides a JSON Web Key Set (JWKS) that includes current, past, and future public keys. These keys allow clients to validate the Shopper JSON Web Token (JWT) issued by SLAS, ensuring that no tampering with the token has occurred. Every SLAS JWT that is passed into SLAS, SCAPI, or OCAPI is always validated and is rejected if the signature validation does not match.
+     
+     To optimize performance, the `/jwks` endpoint is limited to 25 calls per minute, so we recommended caching the JWKS keys and refresh them only when necessary, instead of making frequent requests. Typically, the JWKs endpoint can be used once per DAY.
+     
+     For additional information on using JWKS, see https://developer.salesforce.com/docs/commerce/commerce-api/guide/slas-validate-jwt-with-jwks.html.
+     
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type object otherwise.
+     */
+    getJwksUri<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>, rawResponse?: T): Promise<T extends true ? Response : object>;
+    /**
+     * This endpoint issues a shopper JWT access token using a passwordless login token. It enables authentication flows where traditional username/password combinations are not required, supporting alternative authentication methods.
+     *
+     * If you would like to get a raw Response object use the other getPasswordLessAccessToken function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.grant_type - Grant Type
+     * @param options.body.hint - Passwordless hint. Use `pwdless_login`.
+     * @param options.body.pwdless_login_token - Passwordless login token that was created from the user ID.
+     * @param options.body.client_id - The public client ID.
+     * @param options.body.code_verifier - PKCE code verifier. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     *
+     * @returns A promise of type TokenResponse.
+     */
+    getPasswordLessAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getPasswordLessAccessTokenBodyType & CustomRequestBody;
+    }>): Promise<TokenResponse>;
+    /**
+     * This endpoint issues a shopper JWT access token using a passwordless login token. It enables authentication flows where traditional username/password combinations are not required, supporting alternative authentication methods.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.grant_type - Grant Type
+     * @param options.body.hint - Passwordless hint. Use `pwdless_login`.
+     * @param options.body.pwdless_login_token - Passwordless login token that was created from the user ID.
+     * @param options.body.client_id - The public client ID.
+     * @param options.body.code_verifier - PKCE code verifier. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+     */
+    getPasswordLessAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getPasswordLessAccessTokenBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+    /**
+     * This endpoint initiates the password reset process for a customer by requesting a password reset token. The token is delivered through the configured delivery mode (email, SMS, etc.) and can be used with the password/action endpoint to set a new password.
+     *
+     * If you would like to get a raw Response object use the other getPasswordResetToken function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.user_id - User ID for logging in. This is the id that is used to log into SFCC.
+     * @param options.body.mode - Password Action delivery modes
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.body.locale - The locale of the template.
+     * @param options.body.client_id - -| The public client ID. Requires setting `grant_type` to `passwordless_login_pkce`. When using the `hint` query parameter either a public or private client ID can be used.
+     * @param options.body.code_challenge - PKCE code challenge. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.    Requires setting `grant_type` to `passwordless_login_pkce`
+     * @param options.body.callback_uri - The callback uri. Required when the mode is `callback`. The `callback_uri` property will be validated against the callback URIs that have been registered with the SLAS client. The callback URI _must_ be a `POST` endpoint because the token will be included in the body.  Wildcards are not allowed in the callback_uri because this is a security risk that can expose the token. This is not considered an OAuth2 callback_url.
+     * @param options.body.idp_name - The name of the 3rd party identity provider for the user ID
+     * @param options.body.hint - Adding a `hint` query parameter with a value of `cross_device` will remove the need to have the code_challenge for password reset request. If the `hint` query parameter is used it must also be used in the password reset request.
+     *
+     * @returns A promise of type void.
+     */
+    getPasswordResetToken(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getPasswordResetTokenBodyType & CustomRequestBody;
+    }>): Promise<void>;
+    /**
+     * This endpoint initiates the password reset process for a customer by requesting a password reset token. The token is delivered through the configured delivery mode (email, SMS, etc.) and can be used with the password/action endpoint to set a new password.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.user_id - User ID for logging in. This is the id that is used to log into SFCC.
+     * @param options.body.mode - Password Action delivery modes
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.body.locale - The locale of the template.
+     * @param options.body.client_id - -| The public client ID. Requires setting `grant_type` to `passwordless_login_pkce`. When using the `hint` query parameter either a public or private client ID can be used.
+     * @param options.body.code_challenge - PKCE code challenge. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.    Requires setting `grant_type` to `passwordless_login_pkce`
+     * @param options.body.callback_uri - The callback uri. Required when the mode is `callback`. The `callback_uri` property will be validated against the callback URIs that have been registered with the SLAS client. The callback URI _must_ be a `POST` endpoint because the token will be included in the body.  Wildcards are not allowed in the callback_uri because this is a security risk that can expose the token. This is not considered an OAuth2 callback_url.
+     * @param options.body.idp_name - The name of the 3rd party identity provider for the user ID
+     * @param options.body.hint - Adding a `hint` query parameter with a value of `cross_device` will remove the need to have the code_challenge for password reset request. If the `hint` query parameter is used it must also be used in the password reset request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+     */
+    getPasswordResetToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getPasswordResetTokenBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+    /**
+     * For public client ID requests, you must set the grant_type to `session_bridge`.
+     
+     For private client_id and secret, you must set the grant_type to `client_credentials` along with a basic authorization header.
+     
+     **DEPRECATED** - As of January 31, 2024, SLAS no longer supports the SESB `dwsid` parameter for `guest` users for `session-bridge/token` calls. We recommended you transition to using a SESB `dwsgst` token.
+     
+     The `dwsid` is still needed for `registered` user `session-bridge/token` calls.
+     
+     **NOTE:** The registered customer Json Web Token (JWT) is available in B2C Commerce versions 25.4 and later.
+     *
+     * If you would like to get a raw Response object use the other getSessionBridgeAccessToken function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.code - Authorization code returned from session bridge authorization received in the front channel that is used to get session bridge access tokens and refresh tokens. Required with a grant type of `session_bridge`. The SLAS client must have the `sfcc.session_bridge` scope to request a session bridge token.
+     * @param options.body.client_id - The SLAS public client ID for use with PKCE requests. This is a required parameter when using a public client.
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.body.code_verifier - PKCE code verifier. Created by the caller. This is a required parameter when using a public client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     * @param options.body.dwsid - Cookie passed back from the \'/authorize\' endpoint call for session bridge. This parameter is optional and not needed if using the `dwsgst` parameter.  **DEPRECATED** - As of January 31, 2024, SLAS will no longer support the SESB `dwsid` parameter for `guest` users for `session-bridge/token` calls. It is recommended to transition over to using a SESB `dwsgst` token.   The `dwsid` will still be needed for `registered` user session-bridge/token calls.
+     * @param options.body.grant_type - Grant Type
+     * @param options.body.login_id - The ID of the shopper for session bridge access. If requesting a token for a guest user set login_id to `guest`.
+     * @param options.body.dwsgst - Signed guest Json Web Token (JWT) that was obtained from B2C Commerce. This parameter is optional and not needed if using the guest `dwsid` parameter.
+     * @param options.body.dwsrst - Signed registered customer Json Web Token (JWT) that was obtained from B2C Commerce. This parameter is optional and not needed if using the registered user `dwsid` parameter.   **NOTE:** The registered customer Json Web Token (JWT) will be available in ECOM versions 25.4 and higher.
+     * @param options.body.usid - The unique shopper ID. Returned when from session bridge authorization.
+     * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.
+     *
+     * @returns A promise of type TokenResponse.
+     */
+    getSessionBridgeAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getSessionBridgeAccessTokenBodyType & CustomRequestBody;
+    }>): Promise<TokenResponse>;
+    /**
+     * For public client ID requests, you must set the grant_type to `session_bridge`.
+     
+     For private client_id and secret, you must set the grant_type to `client_credentials` along with a basic authorization header.
+     
+     **DEPRECATED** - As of January 31, 2024, SLAS no longer supports the SESB `dwsid` parameter for `guest` users for `session-bridge/token` calls. We recommended you transition to using a SESB `dwsgst` token.
+     
+     The `dwsid` is still needed for `registered` user `session-bridge/token` calls.
+     
+     **NOTE:** The registered customer Json Web Token (JWT) is available in B2C Commerce versions 25.4 and later.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.code - Authorization code returned from session bridge authorization received in the front channel that is used to get session bridge access tokens and refresh tokens. Required with a grant type of `session_bridge`. The SLAS client must have the `sfcc.session_bridge` scope to request a session bridge token.
+     * @param options.body.client_id - The SLAS public client ID for use with PKCE requests. This is a required parameter when using a public client.
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.body.code_verifier - PKCE code verifier. Created by the caller. This is a required parameter when using a public client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     * @param options.body.dwsid - Cookie passed back from the \'/authorize\' endpoint call for session bridge. This parameter is optional and not needed if using the `dwsgst` parameter.  **DEPRECATED** - As of January 31, 2024, SLAS will no longer support the SESB `dwsid` parameter for `guest` users for `session-bridge/token` calls. It is recommended to transition over to using a SESB `dwsgst` token.   The `dwsid` will still be needed for `registered` user session-bridge/token calls.
+     * @param options.body.grant_type - Grant Type
+     * @param options.body.login_id - The ID of the shopper for session bridge access. If requesting a token for a guest user set login_id to `guest`.
+     * @param options.body.dwsgst - Signed guest Json Web Token (JWT) that was obtained from B2C Commerce. This parameter is optional and not needed if using the guest `dwsid` parameter.
+     * @param options.body.dwsrst - Signed registered customer Json Web Token (JWT) that was obtained from B2C Commerce. This parameter is optional and not needed if using the registered user `dwsid` parameter.   **NOTE:** The registered customer Json Web Token (JWT) will be available in ECOM versions 25.4 and higher.
+     * @param options.body.usid - The unique shopper ID. Returned when from session bridge authorization.
+     * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+     */
+    getSessionBridgeAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getSessionBridgeAccessTokenBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+    /**
+     * If using a SLAS private client ID, you must also use an `_sfdc_client_auth` header.
+     
+     The value of the `_sfdc_client_auth` header must be a Base64-encoded string. The string is composed of a SLAS private client ID and client secret, separated by a colon (`:`). For example, `privateClientId:privateClientsecret` becomes `cHJpdmF0ZUNsaWVudElkOnByaXZhdGVDbGllbnRzZWNyZXQ=` after Base64 encoding.
+     *
+     * If you would like to get a raw Response object use the other getTrustedAgentAccessToken function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.agent_id - The ID of the merchant. If passed in, the `agent_id` will be validated using the SUB claim in the response from Account Manager.  This is an optional parameter unless the request is for a Trusted Agent on Behalf then `agent_id` is required.
+     * @param options.body.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-system requests.  The `client_id` is not needed if a using a SLAS private `client_id` and the `_sfdc_client_auth` header.
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.body.code_verifier - PKCE code verifier. Created by the caller.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_verifier` is not needed if a using a SLAS private `client_id` and the `_sfdc_client_auth` header.
+     * @param options.body.grant_type - Grant Type
+     * @param options.body.login_id - The ID is the shopper for trusted agent access.  For TAOB Guest the `login_id` must be set to `Guest`.
+     * @param options.body.idp_origin - The IDP that the user is associated with.   For TAOB Guest the `idp_origin` parameter should be `slas`. If set to any other IDP origin a 400 Bad Request will be returned.
+     * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+     * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`    If not added the `dnt` value will default to `true`    Note: The default value for `dnt` is set to `true` for all TAOB flows. This is opposite from other SLAS token requests.
+     * @param options.body.state - This is an optional parameter to set state for the trusted agent session.   If the `state` parameter is used it will be validated and a 400 Bad Request will be returned if missing or invalid.  For TAOB Guest you must pass the `state` parameter to transfer the state from the TAOB Guest authorization call to the token call.  The `state` parameter value is returned with the authorization code in the response url from the TAOB guest authorization call,  for example: `.../taob/callback?code=HETXpvg5LKBNIHjDTWkRrf2MLVU&state=taob.gst.7bc7fb7f-e646-44fd-bc73-dfd5c3c9019b`.  You would use `taob.gst.7bc7fb7f-e646-44fd-bc73-dfd5c3c9019b` for the `state` value in the TAOB request.
+     *
+     * @returns A promise of type TokenResponse.
+     */
+    getTrustedAgentAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getTrustedAgentAccessTokenBodyType & CustomRequestBody;
+    }>): Promise<TokenResponse>;
+    /**
+     * If using a SLAS private client ID, you must also use an `_sfdc_client_auth` header.
+     
+     The value of the `_sfdc_client_auth` header must be a Base64-encoded string. The string is composed of a SLAS private client ID and client secret, separated by a colon (`:`). For example, `privateClientId:privateClientsecret` becomes `cHJpdmF0ZUNsaWVudElkOnByaXZhdGVDbGllbnRzZWNyZXQ=` after Base64 encoding.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.agent_id - The ID of the merchant. If passed in, the `agent_id` will be validated using the SUB claim in the response from Account Manager.  This is an optional parameter unless the request is for a Trusted Agent on Behalf then `agent_id` is required.
+     * @param options.body.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-system requests.  The `client_id` is not needed if a using a SLAS private `client_id` and the `_sfdc_client_auth` header.
+     * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.body.code_verifier - PKCE code verifier. Created by the caller.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_verifier` is not needed if a using a SLAS private `client_id` and the `_sfdc_client_auth` header.
+     * @param options.body.grant_type - Grant Type
+     * @param options.body.login_id - The ID is the shopper for trusted agent access.  For TAOB Guest the `login_id` must be set to `Guest`.
+     * @param options.body.idp_origin - The IDP that the user is associated with.   For TAOB Guest the `idp_origin` parameter should be `slas`. If set to any other IDP origin a 400 Bad Request will be returned.
+     * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+     * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`    If not added the `dnt` value will default to `true`    Note: The default value for `dnt` is set to `true` for all TAOB flows. This is opposite from other SLAS token requests.
+     * @param options.body.state - This is an optional parameter to set state for the trusted agent session.   If the `state` parameter is used it will be validated and a 400 Bad Request will be returned if missing or invalid.  For TAOB Guest you must pass the `state` parameter to transfer the state from the TAOB Guest authorization call to the token call.  The `state` parameter value is returned with the authorization code in the response url from the TAOB guest authorization call,  for example: `.../taob/callback?code=HETXpvg5LKBNIHjDTWkRrf2MLVU&state=taob.gst.7bc7fb7f-e646-44fd-bc73-dfd5c3c9019b`.  You would use `taob.gst.7bc7fb7f-e646-44fd-bc73-dfd5c3c9019b` for the `state` value in the TAOB request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+     */
+    getTrustedAgentAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getTrustedAgentAccessTokenBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+    /**
+     * This endpoint enables trusted agents (such as customer service representatives or merchants) to obtain authorization tokens that allow them to act on behalf of registered customers. This facilitates customer support scenarios where agents need secure access to customer accounts.
+     *
+     * If you would like to get a raw Response object use the other getTrustedAgentAuthorizationToken function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+     * @param options.parameters.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.parameters.login_id - The ID of the shopper for trusted agent access.
+     
+     For TAOB Guest the `login_id` must be set to `Guest`.
+     * @param options.parameters.idp_origin - The IDP that the shopper is associated with.
+     
+     For TAOB Guest the `idp_origin` must be set to `slas`. This is standard for SLAS Guest requests. If any other `idp_origin` value is used, SLAS returns a bad request.
+     * @param options.parameters.redirect_uri - The redirect for Account Manager to redirect to. A variety of URI formats and wildcard for host are supported, but app links like `airbnb://` or `fb://` are not. Examples of supported URIs:
+     - `http://localhost:3000/callback`
+     - `https://example.com/callback`
+     - `com.example.app:redirect_uri_path`
+     - ` *.subdomain.topleveldomain.com`
+     
+     * @param options.parameters.response_type - Must be `code`. Indicates that the caller wants an authorization code.
+     * @param options.parameters.code_challenge - PKCE code challenge. Created by the caller.
+     
+     The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.
+     
+     The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     
+     The *`code_challenge` and 'code_verifier'* are required if a using SLAS public `client_id`.
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     *
+     * @returns A promise of type void.
+     */
+    getTrustedAgentAuthorizationToken(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+            client_id: string;
+            channel_id: string;
+            login_id: string;
+            idp_origin: string;
+            redirect_uri: string;
+            response_type: GetTrustedAgentAuthorizationTokenResponseTypeEnum;
+            code_challenge?: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>): Promise<void>;
+    /**
+     * This endpoint enables trusted agents (such as customer service representatives or merchants) to obtain authorization tokens that allow them to act on behalf of registered customers. This facilitates customer support scenarios where agents need secure access to customer accounts.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+     * @param options.parameters.channel_id - The channel (B2C Commerce site) that the user is associated with.
+     * @param options.parameters.login_id - The ID of the shopper for trusted agent access.
+     
+     For TAOB Guest the `login_id` must be set to `Guest`.
+     * @param options.parameters.idp_origin - The IDP that the shopper is associated with.
+     
+     For TAOB Guest the `idp_origin` must be set to `slas`. This is standard for SLAS Guest requests. If any other `idp_origin` value is used, SLAS returns a bad request.
+     * @param options.parameters.redirect_uri - The redirect for Account Manager to redirect to. A variety of URI formats and wildcard for host are supported, but app links like `airbnb://` or `fb://` are not. Examples of supported URIs:
+     - `http://localhost:3000/callback`
+     - `https://example.com/callback`
+     - `com.example.app:redirect_uri_path`
+     - ` *.subdomain.topleveldomain.com`
+     
+     * @param options.parameters.response_type - Must be `code`. Indicates that the caller wants an authorization code.
+     * @param options.parameters.code_challenge - PKCE code challenge. Created by the caller.
+     
+     The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.
+     
+     The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     
+     The *`code_challenge` and 'code_verifier'* are required if a using SLAS public `client_id`.
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+     */
+    getTrustedAgentAuthorizationToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+            client_id: string;
+            channel_id: string;
+            login_id: string;
+            idp_origin: string;
+            redirect_uri: string;
+            response_type: GetTrustedAgentAuthorizationTokenResponseTypeEnum;
+            code_challenge?: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+    /**
+     * The SLAS client must have the `sfcc.ts_ext_on_behalf_of` scope to access this endpoint.
+     
+     
+     For trusted-system requests, you can use a basic authorization header that includes a SLAS private client ID and SLAS private client secret instead of the bearer token.
+     
+     
+     For trusted-system requests, you cannot use SLAS public client_ids.
+     *
+     * If you would like to get a raw Response object use the other getTrustedSystemAccessToken function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+     * @param options.body.grant_type - Grant Type
+     * @param options.body.hint - Type of system used for Trusted System On Behalf of requests.
+     * @param options.body.login_id - The ID used by the shopper for trusted system access.   If set to `guest`, a token is returned for a guest user.
+     * @param options.body.idp_origin - IDPs that work with SLAS. Use `ecom` when using B2C Commerce is the identity provider.
+     * @param options.body.client_id - The SLAS public client ID for use with trusted-system requests.
+     * @param options.body.channel_id - The channel (ECOM site) that the user is associated with.
+     * @param options.body.email_id - The email address for the shopper that is used for trusted-system requests. If not provided, `login_id` is used instead.
+     * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.  SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.  Note: The default value for `dnt` is set to `false` for SLAS token requests except for Trusted Agent token request. For Trusted Agent token requests the default value for `dnt` is `true`.
+     *
+     * @returns A promise of type TokenResponse.
+     */
+    getTrustedSystemAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getTrustedSystemAccessTokenBodyType & CustomRequestBody;
+    }>): Promise<TokenResponse>;
+    /**
+     * The SLAS client must have the `sfcc.ts_ext_on_behalf_of` scope to access this endpoint.
+     
+     
+     For trusted-system requests, you can use a basic authorization header that includes a SLAS private client ID and SLAS private client secret instead of the bearer token.
+     
+     
+     For trusted-system requests, you cannot use SLAS public client_ids.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+     * @param options.body.grant_type - Grant Type
+     * @param options.body.hint - Type of system used for Trusted System On Behalf of requests.
+     * @param options.body.login_id - The ID used by the shopper for trusted system access.   If set to `guest`, a token is returned for a guest user.
+     * @param options.body.idp_origin - IDPs that work with SLAS. Use `ecom` when using B2C Commerce is the identity provider.
+     * @param options.body.client_id - The SLAS public client ID for use with trusted-system requests.
+     * @param options.body.channel_id - The channel (ECOM site) that the user is associated with.
+     * @param options.body.email_id - The email address for the shopper that is used for trusted-system requests. If not provided, `login_id` is used instead.
+     * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.  SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.  Note: The default value for `dnt` is set to `false` for SLAS token requests except for Trusted Agent token request. For Trusted Agent token requests the default value for `dnt` is `true`.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+     */
+    getTrustedSystemAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: getTrustedSystemAccessTokenBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+    /**
+     * This endpoint returns identity information about the authenticated user in the form of OpenID Connect claims. It requires a valid access token and returns information such as user ID, name, email, and other identity attributes based on the scopes granted during authentication.
+     *
+     * If you would like to get a raw Response object use the other getUserInfo function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.parameters.channel_id - Used when getting user information for a SFCC login. For an B2C Commerce customer, this is angalous to the site ID. Required when getting user information for an B2C Commerce customer.
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     *
+     * @returns A promise of type string.
+     */
+    getUserInfo(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+            channel_id?: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>): Promise<string>;
+    /**
+     * This endpoint returns identity information about the authenticated user in the form of OpenID Connect claims. It requires a valid access token and returns information such as user ID, name, email, and other identity attributes based on the scopes granted during authentication.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.parameters.channel_id - Used when getting user information for a SFCC login. For an B2C Commerce customer, this is angalous to the site ID. Required when getting user information for an B2C Commerce customer.
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type string otherwise.
+     */
+    getUserInfo<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+            channel_id?: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>, rawResponse?: T): Promise<T extends true ? Response : string>;
+    /**
+     * This endpoint provides OpenID Connect discovery information in a standardized format. It allows clients to programmatically discover SLAS capabilities, including available endpoints, supported authentication flows, token signing algorithms, and other configuration details. This information helps clients integrate with the authentication service with minimal manual configuration.
+     *
+     * If you would like to get a raw Response object use the other getWellknownOpenidConfiguration function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     *
+     * @returns A promise of type string.
+     */
+    getWellknownOpenidConfiguration(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>): Promise<string>;
+    /**
+     * This endpoint provides OpenID Connect discovery information in a standardized format. It allows clients to programmatically discover SLAS capabilities, including available endpoints, supported authentication flows, token signing algorithms, and other configuration details. This information helps clients integrate with the authentication service with minimal manual configuration.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type string otherwise.
+     */
+    getWellknownOpenidConfiguration<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>, rawResponse?: T): Promise<T extends true ? Response : string>;
+    /**
+     * A basic auth header with Base64-encoded `clientId:secret` is required in the Authorization header, as well as an access token or refresh token. Use `token_type_hint` to help identify the token.
+     *
+     * If you would like to get a raw Response object use the other introspectToken function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.token - Token to inspect or revoke.
+     * @param options.body.token_type_hint - Token Type Hint
+     *
+     * @returns A promise of type TokenActionRequest.
+     */
+    introspectToken(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: introspectTokenBodyType & CustomRequestBody;
+    }>): Promise<TokenActionRequest>;
+    /**
+     * A basic auth header with Base64-encoded `clientId:secret` is required in the Authorization header, as well as an access token or refresh token. Use `token_type_hint` to help identify the token.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.token - Token to inspect or revoke.
+     * @param options.body.token_type_hint - Token Type Hint
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type TokenActionRequest otherwise.
+     */
+    introspectToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: introspectTokenBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : TokenActionRequest>;
+    /**
+     * The shopper's access token and refresh token are revoked. If the shopper authenticated with a B2C Commerce (B2C Commerce) instance, the OCAPI JWT is also revoked. Call this endpoint for registered users that have logged in using SLAS. Do not use this endpoint for guest users.
+     
+     Required header: Authorization header bearer token of the Shopper access token to log out.
+     
+     Required parameters: `refresh token`, `channel_id`, and `client`.
+     *
+     * If you would like to get a raw Response object use the other logoutCustomer function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+     * @param options.parameters.refresh_token - Refresh token that was given during the access token request.
+     * @param options.parameters.channel_id - The `channel_id` parameter must be provided if the shopper authenticated using the `login` endpoint with B2C Commerce.
+     * @param options.parameters.hint - `hint=all-sessions` logs out all sessions of the shopper and invalidates all active refresh tokens for the shopper.
+     
+     If this query parameter is not provided, the default behavior is to log out only the current session that matches the refresh token in the request.
+     
+     If an incorrect value is provided for the hint other than `all-sessions`, the request fails.
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     *
+     * @returns A promise of type TokenResponse.
+     */
+    logoutCustomer(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+            client_id: string;
+            refresh_token: string;
+            channel_id?: string;
+            hint?: LogoutCustomerHintEnum;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>): Promise<TokenResponse>;
+    /**
+     * The shopper's access token and refresh token are revoked. If the shopper authenticated with a B2C Commerce (B2C Commerce) instance, the OCAPI JWT is also revoked. Call this endpoint for registered users that have logged in using SLAS. Do not use this endpoint for guest users.
+     
+     Required header: Authorization header bearer token of the Shopper access token to log out.
+     
+     Required parameters: `refresh token`, `channel_id`, and `client`.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+     * @param options.parameters.refresh_token - Refresh token that was given during the access token request.
+     * @param options.parameters.channel_id - The `channel_id` parameter must be provided if the shopper authenticated using the `login` endpoint with B2C Commerce.
+     * @param options.parameters.hint - `hint=all-sessions` logs out all sessions of the shopper and invalidates all active refresh tokens for the shopper.
+     
+     If this query parameter is not provided, the default behavior is to log out only the current session that matches the refresh token in the request.
+     
+     If an incorrect value is provided for the hint other than `all-sessions`, the request fails.
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+     */
+    logoutCustomer<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+            client_id: string;
+            refresh_token: string;
+            channel_id?: string;
+            hint?: LogoutCustomerHintEnum;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+    }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+    /**
+     * This endpoint allows a customer to set a new password using a valid password reset token. The customer must provide the token received from the password/reset endpoint along with the desired new password.
+     *
+     * If you would like to get a raw Response object use the other resetPassword function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.client_id - -| The public client ID. When using the `hint` query parameter either a public or private client ID can be used.
+     * @param options.body.pwd_action_token - Password action token that was returned from the `/password/reset` endpoint.
+     * @param options.body.code_verifier - PKCE code verifier. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     * @param options.body.new_password - The new password to set for the shopper associated with the password action token.
+     * @param options.body.channel_id - The channel that the request is for. For a B2C Commerce request, this is angalous to the site ID.
+     * @param options.body.hint - Adding a `hint` query parameter with a value of `cross_device` will remove the need to have the code_verifier for password reset request. If the `hint` query parameter is used it must also have been used in the password action request.
+     *
+     * @returns A promise of type void.
+     */
+    resetPassword(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: resetPasswordBodyType & CustomRequestBody;
+    }>): Promise<void>;
+    /**
+     * This endpoint allows a customer to set a new password using a valid password reset token. The customer must provide the token received from the password/reset endpoint along with the desired new password.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.client_id - -| The public client ID. When using the `hint` query parameter either a public or private client ID can be used.
+     * @param options.body.pwd_action_token - Password action token that was returned from the `/password/reset` endpoint.
+     * @param options.body.code_verifier - PKCE code verifier. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+     * @param options.body.new_password - The new password to set for the shopper associated with the password action token.
+     * @param options.body.channel_id - The channel that the request is for. For a B2C Commerce request, this is angalous to the site ID.
+     * @param options.body.hint - Adding a `hint` query parameter with a value of `cross_device` will remove the need to have the code_verifier for password reset request. If the `hint` query parameter is used it must also have been used in the password action request.
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+     */
+    resetPassword<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: resetPasswordBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+    /**
+     * A basic auth header with Base64-encoded `clientId:secret` is required in the Authorization header, and the refresh token to be revoked is required in the body.
+     *
+     * If you would like to get a raw Response object use the other revokeToken function.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.token - Token to inspect or revoke.
+     * @param options.body.token_type_hint - Token Type Hint
+     *
+     * @returns A promise of type TokenActionRequest.
+     */
+    revokeToken(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: revokeTokenBodyType & CustomRequestBody;
+    }>): Promise<TokenActionRequest>;
+    /**
+     * A basic auth header with Base64-encoded `clientId:secret` is required in the Authorization header, and the refresh token to be revoked is required in the body.
+     *
+     * @param options - An object containing the options for this method.
+     * @param options.parameters - An object containing the parameters for this method.
+     * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+     * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+     * @param options.body - The data to send as the request body.
+     * @param options.body.token - Token to inspect or revoke.
+     * @param options.body.token_type_hint - Token Type Hint
+     * @param rawResponse - Set to true to return entire Response object instead of DTO.
+     *
+     * @returns A promise of type Response if rawResponse is true, a promise of type TokenActionRequest otherwise.
+     */
+    revokeToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+        parameters?: CompositeParameters<{
+            organizationId: string;
+        } & QueryParameters, ConfigParameters>;
+        headers?: {
+            [key: string]: string;
+        };
+        body: revokeTokenBodyType & CustomRequestBody;
+    }>, rawResponse?: T): Promise<T extends true ? Response : TokenActionRequest>;
+}
+declare namespace ShopperLoginApiTypes {
+    /*
+    * Copyright (c) 2023, Salesforce, Inc.
+    * All rights reserved.
+    * SPDX-License-Identifier: BSD-3-Clause
+    * For full license text, see the LICENSE file in the repo root or https://opensource.org/licenses/BSD-3-Clause
+    */
+    /**
+     * Makes a type easier to read.
+     */
+    type Prettify<T> = NonNullable<{
+        [K in keyof T]: T[K];
+    }>;
+    /**
+     * Generates the types required on a method, based on those provided in the config.
+     */
+    type CompositeParameters<MethodParameters extends Record<string, unknown>, ConfigParameters extends Record<string, unknown>> = Prettify<Omit<MethodParameters, keyof ConfigParameters> & Partial<MethodParameters>>;
+    /**
+     * If an object has a `parameters` property, and the `parameters` object has required properties,
+     * then the `parameters` property on the root object is marked as required.
+     */
+    type RequireParametersUnlessAllAreOptional<T extends {
+        parameters?: Record<string, unknown>;
+    }> = Record<string, never> extends NonNullable<T["parameters"]> ? T : Prettify<T & Required<Pick<T, "parameters">>>;
+    /**
+     * Template parameters used in the base URI of all API endpoints. `version` will default to `"v1"`
+     * if not specified.
+     */
+    interface BaseUriParameters {
+        shortCode: string;
+    }
+    type LocaleCode = {
+        [key: string]: any;
+    };
+    /**
+     * Generic interface for path parameters.
+     */
+    interface PathParameters {
+        [key: string]: string | number | boolean;
+    }
+    /**
+     * Generic interface for query parameters.
+     */
+    interface QueryParameters {
+        [key: string]: string | number | boolean | string[] | number[] | LocaleCode;
+    }
+    /**
+     * Generic interface for all parameter types.
+     */
+    type UrlParameters = PathParameters | QueryParameters;
+    /**
+     * Custom query parameter type with any string prefixed with `c_` as the key and the allowed
+     * types for query parameters for the value.
+     */
+    type CustomQueryParameters = {
+        [key in `c_${string}`]: string | number | boolean | string[] | number[];
+    };
+    /**
+     * Custom body request type with any string prefixed with `c_` as the key and the allowed
+     * types for the value.
+     */
+    type CustomRequestBody = {
+        [key in `c_${string}`]: string | number | boolean | string[] | number[] | {
+            [key: string]: unknown;
+        };
+    };
+    /**
+     * Alias for `RequestInit` from TypeScript's DOM lib, to more clearly differentiate
+     * it from the `RequestInit` provided by node-fetch.
+     */
+    type BrowserRequestInit = RequestInit;
+    /**
+     * Any properties supported in either the browser or node are accepted.
+     * Using the right properties in the right context is left to the user.
+     */
+    type FetchOptions = NodeRequestInit & BrowserRequestInit;
+    /**
+     * Base options that can be passed to the `ClientConfig` class.
+     */
+    interface ClientConfigInit<Params extends BaseUriParameters> {
+        baseUri?: string;
+        proxy?: string;
+        headers?: {
+            [key: string]: string;
+        };
+        parameters: Params;
+        fetchOptions?: FetchOptions;
+        transformRequest?: (data: unknown, headers: {
+            [key: string]: string;
+        }) => Required<FetchOptions>["body"];
+        throwOnBadResponse?: boolean;
+    }
+    type FetchFunction = (input: RequestInfo, init?: FetchOptions | undefined) => Promise<Response>;
+    /**
+     * Configuration parameters common to Commerce SDK clients
+     */
+    class ClientConfig<Params extends BaseUriParameters> implements ClientConfigInit<Params> {
+        baseUri?: string;
+        proxy?: string;
+        headers: {
+            [key: string]: string;
+        };
+        parameters: Params;
+        fetchOptions: FetchOptions;
+        transformRequest: NonNullable<ClientConfigInit<Params>["transformRequest"]>;
+        throwOnBadResponse: boolean;
+        constructor(config: ClientConfigInit<Params>);
+        static readonly defaults: Pick<Required<ClientConfigInit<never>>, "transformRequest">;
+    }
+    /**
+     * Grant Type
+     */
+    type GrantType = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+    /**
+     * @type Oauth2ErrorResponse:
+     *
+     * @property error:
+     *
+     * @property error_uri:
+     *
+     * @property error_description:
+     *
+     */
+    type Oauth2ErrorResponse = {
+        error: string;
+        error_uri?: string;
+        error_description?: string;
+    } & {
+        [key: string]: any;
+    };
+    /**
+     * Response Type
+     */
+    type ResponseType = "code";
+    /**
+     * @type TokenActionRequest:
+     *
+     * @property token: Token to inspect or revoke.
+     *
+     * @property token_type_hint: Token Type Hint
+     *
+     */
+    type TokenActionRequest = {
+        token: string;
+        token_type_hint?: TokenActionRequestTokenTypeHintEnum;
+    } & {
+        [key: string]: any;
+    };
+    type TokenActionRequestTokenTypeHintEnum = "access_token" | "refresh_token";
+    /**
+     * Token Type
+     */
+    type TokenType = "Bearer";
+    /**
+     * @type TokenResponse:
+     *
+     * @property access_token: Short term shopper JWT that can be used to access Shopper APIs. Valid for 30 minutes.  A trusted agent shopper JWT is valid for 15 min.
+     *
+     * @property id_token: User ID token. Valid for 30 minutes.
+     *
+     * @property refresh_token: Long term refresh token that can be used to refresh an access token. Valid for 30 days.   The refresh_token will not be returned for trusted agents JWTs. A JWT for trusted agents expires after 15 minutes and is not refreshable. When expired, then app must restart the authorization flow and make another request to the /trusted-agent/authorize endpoint.
+     *
+     * @property expires_in: Remaining access token expiry time, in seconds.
+     *
+     * @property refresh_token_expires_in: Remaining refresh token expiry time, in seconds.
+     *
+     * @property token_type:
+     *
+     * @property usid: The unique shopper ID. Returned when using the `client_credentials` grant type.
+     *
+     * @property customer_id: Customer\'s ID
+     *
+     * @property enc_user_id: MD5 Hashed B2C Commerce user ID in uppercase.
+     *
+     * @property idp_access_token: This is the access token that is returned from the IDP. The IDP access token is returned to be able to make calls into the IDP outside of SLAS.
+     * - **Max Length:** 8192
+     *
+     */
+    type TokenResponse = {
+        access_token: string;
+        id_token: string;
+        refresh_token: string;
+        expires_in: number;
+        refresh_token_expires_in: number;
+        token_type: TokenType;
+        usid: string;
+        customer_id: string;
+        enc_user_id: string;
+        idp_access_token: string;
+    } & {
+        [key: string]: any;
+    };
+    type AuthorizeCustomerResponseTypeEnum = "code";
+    type AuthorizeCustomerScopeEnum = "openid" | "offline_access" | "email";
+    type AuthorizePasswordlessCustomerModeEnum = "callback" | "sms";
+    type GetPasswordLessAccessTokenGrantTypeEnum = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+    type GetPasswordResetTokenModeEnum = "callback" | "sms";
+    type GetSessionBridgeAccessTokenGrantTypeEnum = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+    type GetTrustedAgentAccessTokenGrantTypeEnum = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+    type GetTrustedAgentAuthorizationTokenResponseTypeEnum = "code";
+    type GetTrustedSystemAccessTokenGrantTypeEnum = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+    type GetTrustedSystemAccessTokenHintEnum = "ts_ext_on_behalf_of";
+    type GetTrustedSystemAccessTokenIdpOriginEnum = "apple" | "auth0" | "azure" | "azure_adb2c" | "cognito" | "default" | "ecom" | "facebook" | "forgerock" | "gigya" | "gigya_socialize" | "google" | "okta" | "ping" | "salesforce";
+    type IntrospectTokenTokenTypeHintEnum = "access_token" | "refresh_token";
+    type LogoutCustomerHintEnum = "all-sessions";
+    type RevokeTokenTokenTypeHintEnum = "access_token" | "refresh_token";
+    type authenticateCustomerQueryParameters = {};
+    type authenticateCustomerPathParameters = {
+        organizationId: string;
+    };
+    type authenticateCustomerBodyType = {
+        client_id?: string;
+        response_type?: ResponseType;
+        redirect_uri: string;
+        state?: string;
+        scope?: string;
+        usid?: string;
+        channel_id: string;
+        code_challenge?: string;
+    };
+    type authorizeCustomerQueryParameters = {
+        redirect_uri: string;
+        response_type: "code";
+        client_id: string;
+        scope?: "openid" | "offline_access" | "email";
+        state?: string;
+        usid?: string;
+        hint?: string;
+        channel_id?: string;
+        code_challenge?: string;
+        ui_locales?: string;
+    };
+    type authorizeCustomerPathParameters = {
+        organizationId: string;
+    };
+    type authorizePasswordlessCustomerQueryParameters = {};
+    type authorizePasswordlessCustomerPathParameters = {
+        organizationId: string;
+    };
+    type authorizePasswordlessCustomerBodyType = {
+        user_id: string;
+        mode: string;
+        locale?: string;
+        usid?: string;
+        channel_id: string;
+        callback_uri?: string;
+    };
+    type getAccessTokenQueryParameters = {};
+    type getAccessTokenPathParameters = {
+        organizationId: string;
+    };
+    type getAccessTokenBodyType = {
+        refresh_token?: string;
+        code?: string;
+        usid?: string;
+        grant_type: GrantType;
+        redirect_uri?: string;
+        code_verifier?: string;
+        client_id?: string;
+        channel_id?: string;
+        dnt?: string;
+    };
+    type getJwksUriQueryParameters = {};
+    type getJwksUriPathParameters = {
+        organizationId: string;
+    };
+    type getPasswordLessAccessTokenQueryParameters = {};
+    type getPasswordLessAccessTokenPathParameters = {
+        organizationId: string;
+    };
+    type getPasswordLessAccessTokenBodyType = {
+        grant_type: string;
+        hint: string;
+        pwdless_login_token: string;
+        client_id?: string;
+        code_verifier?: string;
+    };
+    type getPasswordResetTokenQueryParameters = {};
+    type getPasswordResetTokenPathParameters = {
+        organizationId: string;
+    };
+    type getPasswordResetTokenBodyType = {
+        user_id: string;
+        mode: string;
+        channel_id: string;
+        locale?: string;
+        client_id?: string;
+        code_challenge?: string;
+        callback_uri?: string;
+        idp_name?: string;
+        hint?: string;
+    };
+    type getSessionBridgeAccessTokenQueryParameters = {};
+    type getSessionBridgeAccessTokenPathParameters = {
+        organizationId: string;
+    };
+    type getSessionBridgeAccessTokenBodyType = {
+        code: string;
+        client_id: string;
+        channel_id: string;
+        code_verifier: string;
+        dwsid: string;
+        grant_type: string;
+        login_id: string;
+        dwsgst?: string;
+        dwsrst?: string;
+        usid?: string;
+        dnt?: string;
+    };
+    type getTrustedAgentAccessTokenQueryParameters = {};
+    type getTrustedAgentAccessTokenPathParameters = {
+        organizationId: string;
+    };
+    type getTrustedAgentAccessTokenBodyType = {
+        agent_id?: string;
+        client_id: string;
+        channel_id: string;
+        code_verifier: string;
+        grant_type: string;
+        login_id: string;
+        idp_origin: string;
+        usid?: string;
+        dnt?: string;
+        state?: string;
+    };
+    type getTrustedAgentAuthorizationTokenQueryParameters = {
+        client_id: string;
+        channel_id: string;
+        code_challenge?: string;
+        login_id: string;
+        idp_origin: string;
+        redirect_uri: string;
+        response_type: "code";
+    };
+    type getTrustedAgentAuthorizationTokenPathParameters = {
+        organizationId: string;
+    };
+    type getTrustedSystemAccessTokenQueryParameters = {};
+    type getTrustedSystemAccessTokenPathParameters = {
+        organizationId: string;
+    };
+    type getTrustedSystemAccessTokenBodyType = {
+        usid?: string;
+        grant_type: string;
+        hint: string;
+        login_id: string;
+        idp_origin: string;
+        client_id: string;
+        channel_id: string;
+        email_id?: string;
+        dnt?: string;
+    };
+    type getUserInfoQueryParameters = {
+        channel_id?: string;
+    };
+    type getUserInfoPathParameters = {
+        organizationId: string;
+    };
+    type getWellknownOpenidConfigurationQueryParameters = {};
+    type getWellknownOpenidConfigurationPathParameters = {
+        organizationId: string;
+    };
+    type introspectTokenQueryParameters = {};
+    type introspectTokenPathParameters = {
+        organizationId: string;
+    };
+    type introspectTokenBodyType = {
+        token: string;
+        token_type_hint?: string;
+    };
+    type logoutCustomerQueryParameters = {
+        client_id: string;
+        refresh_token: string;
+        channel_id?: string;
+        hint?: "all-sessions";
+    };
+    type logoutCustomerPathParameters = {
+        organizationId: string;
+    };
+    type resetPasswordQueryParameters = {};
+    type resetPasswordPathParameters = {
+        organizationId: string;
+    };
+    type resetPasswordBodyType = {
+        client_id: string;
+        pwd_action_token: string;
+        code_verifier: string;
+        new_password?: string;
+        channel_id: string;
+        hint?: string;
+    };
+    type revokeTokenQueryParameters = {};
+    type revokeTokenPathParameters = {
+        organizationId: string;
+    };
+    type revokeTokenBodyType = {
+        token: string;
+        token_type_hint?: string;
+    };
+    /**
+     * All path parameters that are used by at least one ShopperLogin method.
+     */
+    type ShopperLoginPathParameters = Partial<authenticateCustomerPathParameters & authorizeCustomerPathParameters & authorizePasswordlessCustomerPathParameters & getAccessTokenPathParameters & getJwksUriPathParameters & getPasswordLessAccessTokenPathParameters & getPasswordResetTokenPathParameters & getSessionBridgeAccessTokenPathParameters & getTrustedAgentAccessTokenPathParameters & getTrustedAgentAuthorizationTokenPathParameters & getTrustedSystemAccessTokenPathParameters & getUserInfoPathParameters & getWellknownOpenidConfigurationPathParameters & introspectTokenPathParameters & logoutCustomerPathParameters & resetPasswordPathParameters & revokeTokenPathParameters & {}>;
+    /**
+     * All query parameters that are used by at least one ShopperLogin method.
+     */
+    type ShopperLoginQueryParameters = Partial<authenticateCustomerQueryParameters & authorizeCustomerQueryParameters & authorizePasswordlessCustomerQueryParameters & getAccessTokenQueryParameters & getJwksUriQueryParameters & getPasswordLessAccessTokenQueryParameters & getPasswordResetTokenQueryParameters & getSessionBridgeAccessTokenQueryParameters & getTrustedAgentAccessTokenQueryParameters & getTrustedAgentAuthorizationTokenQueryParameters & getTrustedSystemAccessTokenQueryParameters & getUserInfoQueryParameters & getWellknownOpenidConfigurationQueryParameters & introspectTokenQueryParameters & logoutCustomerQueryParameters & resetPasswordQueryParameters & revokeTokenQueryParameters & {}>;
+    /**
+     * All parameters that are used by ShopperLogin.
+     */
+    type ShopperLoginParameters = ShopperLoginPathParameters & BaseUriParameters & ShopperLoginQueryParameters;
+    /**
+     * [Shopper Login](https://developer.salesforce.com/docs/commerce/commerce-api/references?meta=shopper-login:Summary)
+     * ==================================
+     *
+     * *# API Overview
+     
+     The Shopper Login and API Access Service (SLAS) enables secure access to Commerce Cloud’s Shopper APIs for a wide range of headless commerce applications.
+     
+     **Important:** Before using this API, see [Authorization for Shopper APIs](https://developer.salesforce.com/docs/commerce/commerce-api/guide/authorization-for-shopper-apis.html) in the Get Started guides and the more detailed [SLAS guides](https://developer.salesforce.com/docs/commerce/commerce-api/guide/slas.html) for instructions on setting up a SLAS client, obtaining credentials, as well as flow and use case information.
+     
+     For load shedding and rate limiting information, see [Load Shedding and Rate Limiting.](https://developer.salesforce.com/docs/commerce/commerce-api/guide/throttle-rates.html)*<br />
+     *
+     * Simple example:
+     *
+     * ```typescript
+     *   import { ShopperLogin } from "commerce-sdk-isomorphic";
+     *
+     *   const clientConfig = {
+     *     parameters: {
+     *       clientId: "XXXXXX",
+     *       organizationId: "XXXX",
+     *       shortCode: "XXX",
+     *       siteId: "XX"
+     *     }
+     *   };
+     *   const shopperLoginClient = new ShopperLogin(clientConfig);
+     * ```
+     *
+     * <span style="font-size:.7em; display:block; text-align: right">
+     * API Version: 0.0.33<br />
+     * Last Updated: <br />
+     * </span>
+     *
+     *
+     */
+    class ShopperLogin<ConfigParameters extends ShopperLoginParameters & Record<string, unknown>> {
+        // baseUri is not required on ClientConfig, but we know that we provide one in the class constructor
+        clientConfig: ClientConfig<ConfigParameters> & {
+            baseUri: string;
+        };
+        static readonly defaultBaseUri = "https://{shortCode}.api.commercecloud.salesforce.com/shopper/auth/v1";
+        static readonly apiPaths: {
+            authenticateCustomer: string;
+            authorizeCustomer: string;
+            authorizePasswordlessCustomer: string;
+            getAccessToken: string;
+            getJwksUri: string;
+            getPasswordLessAccessToken: string;
+            getPasswordResetToken: string;
+            getSessionBridgeAccessToken: string;
+            getTrustedAgentAccessToken: string;
+            getTrustedAgentAuthorizationToken: string;
+            getTrustedSystemAccessToken: string;
+            getUserInfo: string;
+            getWellknownOpenidConfiguration: string;
+            introspectToken: string;
+            logoutCustomer: string;
+            resetPassword: string;
+            revokeToken: string;
+        };
+        constructor(config: ClientConfigInit<ConfigParameters>);
+        static readonly paramKeys: {
+            readonly authenticateCustomer: readonly [
+                "organizationId",
+                "redirect_uri",
+                "channel_id",
+                "client_id",
+                "response_type",
+                "state",
+                "scope",
+                "usid",
+                "code_challenge"
+            ];
+            readonly authenticateCustomerRequired: readonly [
+                "organizationId",
+                "redirect_uri",
+                "channel_id"
+            ];
+            readonly authorizeCustomer: readonly [
+                "organizationId",
+                "redirect_uri",
+                "response_type",
+                "client_id",
+                "scope",
+                "state",
+                "usid",
+                "hint",
+                "channel_id",
+                "code_challenge",
+                "ui_locales"
+            ];
+            readonly authorizeCustomerRequired: readonly [
+                "organizationId",
+                "redirect_uri",
+                "response_type",
+                "client_id"
+            ];
+            readonly authorizePasswordlessCustomer: readonly [
+                "organizationId",
+                "user_id",
+                "mode",
+                "channel_id",
+                "locale",
+                "usid",
+                "callback_uri"
+            ];
+            readonly authorizePasswordlessCustomerRequired: readonly [
+                "organizationId",
+                "user_id",
+                "mode",
+                "channel_id"
+            ];
+            readonly getAccessToken: readonly [
+                "organizationId",
+                "grant_type",
+                "refresh_token",
+                "code",
+                "usid",
+                "redirect_uri",
+                "code_verifier",
+                "client_id",
+                "channel_id",
+                "dnt"
+            ];
+            readonly getAccessTokenRequired: readonly [
+                "organizationId",
+                "grant_type"
+            ];
+            readonly getJwksUri: readonly [
+                "organizationId"
+            ];
+            readonly getJwksUriRequired: readonly [
+                "organizationId"
+            ];
+            readonly getPasswordLessAccessToken: readonly [
+                "organizationId",
+                "grant_type",
+                "hint",
+                "pwdless_login_token",
+                "client_id",
+                "code_verifier"
+            ];
+            readonly getPasswordLessAccessTokenRequired: readonly [
+                "organizationId",
+                "grant_type",
+                "hint",
+                "pwdless_login_token"
+            ];
+            readonly getPasswordResetToken: readonly [
+                "organizationId",
+                "user_id",
+                "mode",
+                "channel_id",
+                "locale",
+                "client_id",
+                "code_challenge",
+                "callback_uri",
+                "idp_name",
+                "hint"
+            ];
+            readonly getPasswordResetTokenRequired: readonly [
+                "organizationId",
+                "user_id",
+                "mode",
+                "channel_id"
+            ];
+            readonly getSessionBridgeAccessToken: readonly [
+                "organizationId",
+                "code",
+                "client_id",
+                "channel_id",
+                "code_verifier",
+                "dwsid",
+                "grant_type",
+                "login_id",
+                "dwsgst",
+                "dwsrst",
+                "usid",
+                "dnt"
+            ];
+            readonly getSessionBridgeAccessTokenRequired: readonly [
+                "organizationId",
+                "code",
+                "client_id",
+                "channel_id",
+                "code_verifier",
+                "dwsid",
+                "grant_type",
+                "login_id"
+            ];
+            readonly getTrustedAgentAccessToken: readonly [
+                "organizationId",
+                "client_id",
+                "channel_id",
+                "code_verifier",
+                "grant_type",
+                "login_id",
+                "idp_origin",
+                "agent_id",
+                "usid",
+                "dnt",
+                "state"
+            ];
+            readonly getTrustedAgentAccessTokenRequired: readonly [
+                "organizationId",
+                "client_id",
+                "channel_id",
+                "code_verifier",
+                "grant_type",
+                "login_id",
+                "idp_origin"
+            ];
+            readonly getTrustedAgentAuthorizationToken: readonly [
+                "organizationId",
+                "client_id",
+                "channel_id",
+                "login_id",
+                "idp_origin",
+                "redirect_uri",
+                "response_type",
+                "code_challenge"
+            ];
+            readonly getTrustedAgentAuthorizationTokenRequired: readonly [
+                "organizationId",
+                "client_id",
+                "channel_id",
+                "login_id",
+                "idp_origin",
+                "redirect_uri",
+                "response_type"
+            ];
+            readonly getTrustedSystemAccessToken: readonly [
+                "organizationId",
+                "grant_type",
+                "hint",
+                "login_id",
+                "idp_origin",
+                "client_id",
+                "channel_id",
+                "usid",
+                "email_id",
+                "dnt"
+            ];
+            readonly getTrustedSystemAccessTokenRequired: readonly [
+                "organizationId",
+                "grant_type",
+                "hint",
+                "login_id",
+                "idp_origin",
+                "client_id",
+                "channel_id"
+            ];
+            readonly getUserInfo: readonly [
+                "organizationId",
+                "channel_id"
+            ];
+            readonly getUserInfoRequired: readonly [
+                "organizationId"
+            ];
+            readonly getWellknownOpenidConfiguration: readonly [
+                "organizationId"
+            ];
+            readonly getWellknownOpenidConfigurationRequired: readonly [
+                "organizationId"
+            ];
+            readonly introspectToken: readonly [
+                "organizationId",
+                "token",
+                "token_type_hint"
+            ];
+            readonly introspectTokenRequired: readonly [
+                "organizationId",
+                "token"
+            ];
+            readonly logoutCustomer: readonly [
+                "organizationId",
+                "client_id",
+                "refresh_token",
+                "channel_id",
+                "hint"
+            ];
+            readonly logoutCustomerRequired: readonly [
+                "organizationId",
+                "client_id",
+                "refresh_token"
+            ];
+            readonly resetPassword: readonly [
+                "organizationId",
+                "client_id",
+                "pwd_action_token",
+                "code_verifier",
+                "channel_id",
+                "new_password",
+                "hint"
+            ];
+            readonly resetPasswordRequired: readonly [
+                "organizationId",
+                "client_id",
+                "pwd_action_token",
+                "code_verifier",
+                "channel_id"
+            ];
+            readonly revokeToken: readonly [
+                "organizationId",
+                "token",
+                "token_type_hint"
+            ];
+            readonly revokeTokenRequired: readonly [
+                "organizationId",
+                "token"
+            ];
+        };
+        /**
+         * This follows the authorization code grant flow as defined by the OAuth 2.1 standard. It also uses a proof key for code exchange (PKCE).
+         
+         For PKCE values:
+         - The `code_verifier` string is a random string used for the `/token` endpoint request.
+         - The `code_challenge` is an encoded version of the `code_verifier` string using an SHA-256 hash.
+         
+         The request must include a basic authorization header that contains a Base64 encoded version of the following string: `<shopperUserID>:<shopperPassword>`.
+         Required parameters: `code_challenge`, `channel_id`, `client_id`, and `redirect_uri`.
+         
+         Optional parameters: `usid`.
+         The SLAS `/login` endpoint redirects back to the redirect URI and returns an authorization code.
+         Calls to `/login` made with the same loginId and tenantId within 1 second result in a conflict.
+         *
+         * If you would like to get a raw Response object use the other authenticateCustomer function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.client_id - SLAS client ID. Required when the grant type is `authorization_code_pkce`.
+         * @param options.body.response_type - Must be `code`. Indicates that the client wants an authorization code (when the grant type is `authorization_code`).
+         * @param options.body.redirect_uri - The URI to which the server redirects the browser after the user grants the authorization. The URI must be registered with the SLAS client. A variety of URI formats and wildcards for host are supported, but app links like airbnb:// or fb:// are not. Examples of supported URIs:   Examples of supported URIs:   - `http://localhost:3000/callback`   - `https://example.com/callback`   - `com.example.app:redirect_uri_path`   - ` *.subdomain.topleveldomain.com`
+         * @param options.body.state - Value to be sent by the client to determine the state between the authorization request and the server response. Optional, but strongly recommended.
+         * @param options.body.scope - Scopes to limit an application\'s access to a user\'s account.
+         * @param options.body.usid - The unique shopper ID.
+         * @param options.body.channel_id - The channel that the request is for. For a B2C Commerce request, this is angalous to the site ID.
+         * @param options.body.code_challenge - PKCE code verifier. Created by the client calling the `login` endpoint.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_challenge` is optional when using a private client id for the token request.
+         *
+         * @returns A promise of type void.
+         */
+        authenticateCustomer(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: authenticateCustomerBodyType & CustomRequestBody;
+        }>): Promise<void>;
+        /**
+         * This follows the authorization code grant flow as defined by the OAuth 2.1 standard. It also uses a proof key for code exchange (PKCE).
+         
+         For PKCE values:
+         - The `code_verifier` string is a random string used for the `/token` endpoint request.
+         - The `code_challenge` is an encoded version of the `code_verifier` string using an SHA-256 hash.
+         
+         The request must include a basic authorization header that contains a Base64 encoded version of the following string: `<shopperUserID>:<shopperPassword>`.
+         Required parameters: `code_challenge`, `channel_id`, `client_id`, and `redirect_uri`.
+         
+         Optional parameters: `usid`.
+         The SLAS `/login` endpoint redirects back to the redirect URI and returns an authorization code.
+         Calls to `/login` made with the same loginId and tenantId within 1 second result in a conflict.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.client_id - SLAS client ID. Required when the grant type is `authorization_code_pkce`.
+         * @param options.body.response_type - Must be `code`. Indicates that the client wants an authorization code (when the grant type is `authorization_code`).
+         * @param options.body.redirect_uri - The URI to which the server redirects the browser after the user grants the authorization. The URI must be registered with the SLAS client. A variety of URI formats and wildcards for host are supported, but app links like airbnb:// or fb:// are not. Examples of supported URIs:   Examples of supported URIs:   - `http://localhost:3000/callback`   - `https://example.com/callback`   - `com.example.app:redirect_uri_path`   - ` *.subdomain.topleveldomain.com`
+         * @param options.body.state - Value to be sent by the client to determine the state between the authorization request and the server response. Optional, but strongly recommended.
+         * @param options.body.scope - Scopes to limit an application\'s access to a user\'s account.
+         * @param options.body.usid - The unique shopper ID.
+         * @param options.body.channel_id - The channel that the request is for. For a B2C Commerce request, this is angalous to the site ID.
+         * @param options.body.code_challenge - PKCE code verifier. Created by the client calling the `login` endpoint.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_challenge` is optional when using a private client id for the token request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+         */
+        authenticateCustomer<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: authenticateCustomerBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+        /**
+         * This is the first step of the OAuth 2.1 authorization code flow, in which a user can log in via federation to the IDP configured for the client. After successfully logging in, the user gets an authorization code via a redirect URI.
+         
+         You can call this endpoint from the front channel (the browser).
+         *
+         * If you would like to get a raw Response object use the other authorizeCustomer function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.parameters.redirect_uri - The redirect for Account Manager to redirect to. A variety of URI formats and wildcard for host are supported, but app links like `airbnb://` or `fb://` are not. Examples of supported URIs:
+         - `http://localhost:3000/callback`
+         - `https://example.com/callback`
+         - `com.example.app:redirect_uri_path`
+         - ` *.subdomain.topleveldomain.com`
+         
+         * @param options.parameters.response_type - Must be `code`. Indicates that the caller wants an authorization code.
+         * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+         * @param options.parameters.scope -
+         * @param options.parameters.state - Value to send the client to determine the state between the authorization request and the server response. Optional, but strongly recommended.
+         * @param options.parameters.usid - A unique shopper identifier (USID). If not provided, a new USID is generated.
+         * @param options.parameters.hint - Name of an identity provider (IDP) to optionally redirect to, thereby skipping the IDP selection step.
+         
+         To use a public client, set `hint` to `guest` and use a public client ID to get an authorization code. If no `hint` is provided, the preferred IDP of the tenant is used by default.
+         
+         For session bridge authorization the `hint` should be set to `sb-user` for a registered customer and to `sb-guest` for a guest. For session bridge authorization the SLAS Client `sfcc.session_bridge` scope.
+         * @param options.parameters.channel_id - The channel that this request is for. For a B2C Commerce request, this is angalous to the site ID.
+         * @param options.parameters.code_challenge - PKCE code challenge. Created by the caller.
+         
+         The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.
+         
+         The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         
+         The *`code_challenge` and 'code_verifier'* are required if a using SLAS public `client_id`.
+         * @param options.parameters.ui_locales - End-User's preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference. For example, the value `fr-CA fr en` represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation).
+         
+         In most cases the IDP supports one language tag and has a default language set on the server. SLAS will support the space-separated list and pass them to the IDP.
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         *
+         * @returns A promise of type void.
+         */
+        authorizeCustomer(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+                redirect_uri: string;
+                response_type: AuthorizeCustomerResponseTypeEnum;
+                client_id: string;
+                scope?: AuthorizeCustomerScopeEnum;
+                state?: string;
+                usid?: string;
+                hint?: string;
+                channel_id?: string;
+                code_challenge?: string;
+                ui_locales?: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>): Promise<void>;
+        /**
+         * This is the first step of the OAuth 2.1 authorization code flow, in which a user can log in via federation to the IDP configured for the client. After successfully logging in, the user gets an authorization code via a redirect URI.
+         
+         You can call this endpoint from the front channel (the browser).
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.parameters.redirect_uri - The redirect for Account Manager to redirect to. A variety of URI formats and wildcard for host are supported, but app links like `airbnb://` or `fb://` are not. Examples of supported URIs:
+         - `http://localhost:3000/callback`
+         - `https://example.com/callback`
+         - `com.example.app:redirect_uri_path`
+         - ` *.subdomain.topleveldomain.com`
+         
+         * @param options.parameters.response_type - Must be `code`. Indicates that the caller wants an authorization code.
+         * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+         * @param options.parameters.scope -
+         * @param options.parameters.state - Value to send the client to determine the state between the authorization request and the server response. Optional, but strongly recommended.
+         * @param options.parameters.usid - A unique shopper identifier (USID). If not provided, a new USID is generated.
+         * @param options.parameters.hint - Name of an identity provider (IDP) to optionally redirect to, thereby skipping the IDP selection step.
+         
+         To use a public client, set `hint` to `guest` and use a public client ID to get an authorization code. If no `hint` is provided, the preferred IDP of the tenant is used by default.
+         
+         For session bridge authorization the `hint` should be set to `sb-user` for a registered customer and to `sb-guest` for a guest. For session bridge authorization the SLAS Client `sfcc.session_bridge` scope.
+         * @param options.parameters.channel_id - The channel that this request is for. For a B2C Commerce request, this is angalous to the site ID.
+         * @param options.parameters.code_challenge - PKCE code challenge. Created by the caller.
+         
+         The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.
+         
+         The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         
+         The *`code_challenge` and 'code_verifier'* are required if a using SLAS public `client_id`.
+         * @param options.parameters.ui_locales - End-User's preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference. For example, the value `fr-CA fr en` represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation).
+         
+         In most cases the IDP supports one language tag and has a default language set on the server. SLAS will support the space-separated list and pass them to the IDP.
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+         */
+        authorizeCustomer<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+                redirect_uri: string;
+                response_type: AuthorizeCustomerResponseTypeEnum;
+                client_id: string;
+                scope?: AuthorizeCustomerScopeEnum;
+                state?: string;
+                usid?: string;
+                hint?: string;
+                channel_id?: string;
+                code_challenge?: string;
+                ui_locales?: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+        /**
+         * This endpoint allows customers to authenticate when their configured identity provider is inaccessible. It provides an alternative authentication path through passwordless login methods like email or SMS verification.
+         *
+         * If you would like to get a raw Response object use the other authorizePasswordlessCustomer function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.user_id - User ID for logging in.
+         * @param options.body.mode - Password Action delivery modes
+         * @param options.body.locale - The locale of the template. Not needed for the `callback` mode
+         * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.body.callback_uri - The callback URI. Required when the mode is `callback`. The `callback_uri` property will be validated against the callback URIs that have been registered with the SLAS client. The callback URI _must_ be a `POST` endpoint because the token will be included in the body.  Wildcards are not allowed in the callback_uri because this is a security risk that can expose the token. This is not considered an OAuth2 callback_url.
+         *
+         * @returns A promise of type string.
+         */
+        authorizePasswordlessCustomer(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: authorizePasswordlessCustomerBodyType & CustomRequestBody;
+        }>): Promise<string>;
+        /**
+         * This endpoint allows customers to authenticate when their configured identity provider is inaccessible. It provides an alternative authentication path through passwordless login methods like email or SMS verification.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.user_id - User ID for logging in.
+         * @param options.body.mode - Password Action delivery modes
+         * @param options.body.locale - The locale of the template. Not needed for the `callback` mode
+         * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.body.callback_uri - The callback URI. Required when the mode is `callback`. The `callback_uri` property will be validated against the callback URIs that have been registered with the SLAS client. The callback URI _must_ be a `POST` endpoint because the token will be included in the body.  Wildcards are not allowed in the callback_uri because this is a security risk that can expose the token. This is not considered an OAuth2 callback_url.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type string otherwise.
+         */
+        authorizePasswordlessCustomer<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: authorizePasswordlessCustomerBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : string>;
+        /**
+         * This is the second step of the OAuth 2.1 authorization code flow.
+         
+         For a private client, an application is able to get an access token for the shopper through the back channel (a trusted server) by passing in the client credentials and the authorization code retrieved from the `authorize` endpoint.
+         
+         For a guest user, get the shopper JWT access token and a refresh token. This is where a client appplication is able to get an access token for the guest user through the back channel (a trusted server) by passing in the client credentials.
+         
+         For a public client using PKCE, an application passes a PKCE `code_verifier` that matches the `code_challenge` that was used to `authorize` the customer along with the authorization code.
+         
+         When refreshing the access token with a private client ID and client secret, the refresh token is _not_ regenerated. However, when refreshing the access token with a public client ID, the refresh token is _always_ regenerated. The old refresh token is voided with every refresh call, so the refresh token on the client must be replaced to always store the new refresh token.
+         
+         See the Body section for required parameters, including `grant_type` and others that depend on the value of `grant_type`.
+         
+         **Important**: As of July 31, 2024**, SLAS requires the `channel_id` query parameter in token requests.
+         *
+         * If you would like to get a raw Response object use the other getAccessToken function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.refresh_token - The long-term token used to refresh the short term access token. Required only with a grant type of `refresh_token`.
+         * @param options.body.code - Authorization code from the OAuth 2.1 service received in the front channel that is used to get access tokens and refresh tokens. Required with a grant type of `authorization_code` and `session_bridge`.
+         * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+         * @param options.body.grant_type -
+         * @param options.body.redirect_uri - The redirect URI that was used when getting the authorization code. A variety of URI formats and wildcards for host are supported, but app links like `airbnb://` or `fb://` are not.   Examples of supported URIs:   - `http://localhost:3000/callback`   - `https://example.com/callback`   - `com.example.app:redirect_uri_path`   - ` *.subdomain.topleveldomain.com`
+         * @param options.body.code_verifier - PKCE code verifier. Created by the client calling the `login` endpoint.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_verifier` is optional when using a private client id for the token request.
+         * @param options.body.client_id - The SLAS client ID. Required when the grant type is `authorization_code_pkce`.
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.  **Important: We strongly recommended using the channel_id query parameter because it will be required in the future.  **NOTE - As of July 31, 2024**, SLAS will be requiring the `channel_id` query parameter in token requests.
+         * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.
+         *
+         * @returns A promise of type TokenResponse.
+         */
+        getAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getAccessTokenBodyType & CustomRequestBody;
+        }>): Promise<TokenResponse>;
+        /**
+         * This is the second step of the OAuth 2.1 authorization code flow.
+         
+         For a private client, an application is able to get an access token for the shopper through the back channel (a trusted server) by passing in the client credentials and the authorization code retrieved from the `authorize` endpoint.
+         
+         For a guest user, get the shopper JWT access token and a refresh token. This is where a client appplication is able to get an access token for the guest user through the back channel (a trusted server) by passing in the client credentials.
+         
+         For a public client using PKCE, an application passes a PKCE `code_verifier` that matches the `code_challenge` that was used to `authorize` the customer along with the authorization code.
+         
+         When refreshing the access token with a private client ID and client secret, the refresh token is _not_ regenerated. However, when refreshing the access token with a public client ID, the refresh token is _always_ regenerated. The old refresh token is voided with every refresh call, so the refresh token on the client must be replaced to always store the new refresh token.
+         
+         See the Body section for required parameters, including `grant_type` and others that depend on the value of `grant_type`.
+         
+         **Important**: As of July 31, 2024**, SLAS requires the `channel_id` query parameter in token requests.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.refresh_token - The long-term token used to refresh the short term access token. Required only with a grant type of `refresh_token`.
+         * @param options.body.code - Authorization code from the OAuth 2.1 service received in the front channel that is used to get access tokens and refresh tokens. Required with a grant type of `authorization_code` and `session_bridge`.
+         * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+         * @param options.body.grant_type -
+         * @param options.body.redirect_uri - The redirect URI that was used when getting the authorization code. A variety of URI formats and wildcards for host are supported, but app links like `airbnb://` or `fb://` are not.   Examples of supported URIs:   - `http://localhost:3000/callback`   - `https://example.com/callback`   - `com.example.app:redirect_uri_path`   - ` *.subdomain.topleveldomain.com`
+         * @param options.body.code_verifier - PKCE code verifier. Created by the client calling the `login` endpoint.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_verifier` is optional when using a private client id for the token request.
+         * @param options.body.client_id - The SLAS client ID. Required when the grant type is `authorization_code_pkce`.
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.  **Important: We strongly recommended using the channel_id query parameter because it will be required in the future.  **NOTE - As of July 31, 2024**, SLAS will be requiring the `channel_id` query parameter in token requests.
+         * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+         */
+        getAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getAccessTokenBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+        /**
+         * The `/jwks` endpoint provides a JSON Web Key Set (JWKS) that includes current, past, and future public keys. These keys allow clients to validate the Shopper JSON Web Token (JWT) issued by SLAS, ensuring that no tampering with the token has occurred. Every SLAS JWT that is passed into SLAS, SCAPI, or OCAPI is always validated and is rejected if the signature validation does not match.
+         
+         To optimize performance, the `/jwks` endpoint is limited to 25 calls per minute, so we recommended caching the JWKS keys and refresh them only when necessary, instead of making frequent requests. Typically, the JWKs endpoint can be used once per DAY.
+         
+         For additional information on using JWKS, see https://developer.salesforce.com/docs/commerce/commerce-api/guide/slas-validate-jwt-with-jwks.html.
+         
+         *
+         * If you would like to get a raw Response object use the other getJwksUri function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         *
+         * @returns A promise of type object.
+         */
+        getJwksUri(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>): Promise<object>;
+        /**
+         * The `/jwks` endpoint provides a JSON Web Key Set (JWKS) that includes current, past, and future public keys. These keys allow clients to validate the Shopper JSON Web Token (JWT) issued by SLAS, ensuring that no tampering with the token has occurred. Every SLAS JWT that is passed into SLAS, SCAPI, or OCAPI is always validated and is rejected if the signature validation does not match.
+         
+         To optimize performance, the `/jwks` endpoint is limited to 25 calls per minute, so we recommended caching the JWKS keys and refresh them only when necessary, instead of making frequent requests. Typically, the JWKs endpoint can be used once per DAY.
+         
+         For additional information on using JWKS, see https://developer.salesforce.com/docs/commerce/commerce-api/guide/slas-validate-jwt-with-jwks.html.
+         
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type object otherwise.
+         */
+        getJwksUri<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>, rawResponse?: T): Promise<T extends true ? Response : object>;
+        /**
+         * This endpoint issues a shopper JWT access token using a passwordless login token. It enables authentication flows where traditional username/password combinations are not required, supporting alternative authentication methods.
+         *
+         * If you would like to get a raw Response object use the other getPasswordLessAccessToken function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.grant_type - Grant Type
+         * @param options.body.hint - Passwordless hint. Use `pwdless_login`.
+         * @param options.body.pwdless_login_token - Passwordless login token that was created from the user ID.
+         * @param options.body.client_id - The public client ID.
+         * @param options.body.code_verifier - PKCE code verifier. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         *
+         * @returns A promise of type TokenResponse.
+         */
+        getPasswordLessAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getPasswordLessAccessTokenBodyType & CustomRequestBody;
+        }>): Promise<TokenResponse>;
+        /**
+         * This endpoint issues a shopper JWT access token using a passwordless login token. It enables authentication flows where traditional username/password combinations are not required, supporting alternative authentication methods.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.grant_type - Grant Type
+         * @param options.body.hint - Passwordless hint. Use `pwdless_login`.
+         * @param options.body.pwdless_login_token - Passwordless login token that was created from the user ID.
+         * @param options.body.client_id - The public client ID.
+         * @param options.body.code_verifier - PKCE code verifier. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+         */
+        getPasswordLessAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getPasswordLessAccessTokenBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+        /**
+         * This endpoint initiates the password reset process for a customer by requesting a password reset token. The token is delivered through the configured delivery mode (email, SMS, etc.) and can be used with the password/action endpoint to set a new password.
+         *
+         * If you would like to get a raw Response object use the other getPasswordResetToken function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.user_id - User ID for logging in. This is the id that is used to log into SFCC.
+         * @param options.body.mode - Password Action delivery modes
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.body.locale - The locale of the template.
+         * @param options.body.client_id - -| The public client ID. Requires setting `grant_type` to `passwordless_login_pkce`. When using the `hint` query parameter either a public or private client ID can be used.
+         * @param options.body.code_challenge - PKCE code challenge. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.    Requires setting `grant_type` to `passwordless_login_pkce`
+         * @param options.body.callback_uri - The callback uri. Required when the mode is `callback`. The `callback_uri` property will be validated against the callback URIs that have been registered with the SLAS client. The callback URI _must_ be a `POST` endpoint because the token will be included in the body.  Wildcards are not allowed in the callback_uri because this is a security risk that can expose the token. This is not considered an OAuth2 callback_url.
+         * @param options.body.idp_name - The name of the 3rd party identity provider for the user ID
+         * @param options.body.hint - Adding a `hint` query parameter with a value of `cross_device` will remove the need to have the code_challenge for password reset request. If the `hint` query parameter is used it must also be used in the password reset request.
+         *
+         * @returns A promise of type void.
+         */
+        getPasswordResetToken(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getPasswordResetTokenBodyType & CustomRequestBody;
+        }>): Promise<void>;
+        /**
+         * This endpoint initiates the password reset process for a customer by requesting a password reset token. The token is delivered through the configured delivery mode (email, SMS, etc.) and can be used with the password/action endpoint to set a new password.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.user_id - User ID for logging in. This is the id that is used to log into SFCC.
+         * @param options.body.mode - Password Action delivery modes
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.body.locale - The locale of the template.
+         * @param options.body.client_id - -| The public client ID. Requires setting `grant_type` to `passwordless_login_pkce`. When using the `hint` query parameter either a public or private client ID can be used.
+         * @param options.body.code_challenge - PKCE code challenge. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.    Requires setting `grant_type` to `passwordless_login_pkce`
+         * @param options.body.callback_uri - The callback uri. Required when the mode is `callback`. The `callback_uri` property will be validated against the callback URIs that have been registered with the SLAS client. The callback URI _must_ be a `POST` endpoint because the token will be included in the body.  Wildcards are not allowed in the callback_uri because this is a security risk that can expose the token. This is not considered an OAuth2 callback_url.
+         * @param options.body.idp_name - The name of the 3rd party identity provider for the user ID
+         * @param options.body.hint - Adding a `hint` query parameter with a value of `cross_device` will remove the need to have the code_challenge for password reset request. If the `hint` query parameter is used it must also be used in the password reset request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+         */
+        getPasswordResetToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getPasswordResetTokenBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+        /**
+         * For public client ID requests, you must set the grant_type to `session_bridge`.
+         
+         For private client_id and secret, you must set the grant_type to `client_credentials` along with a basic authorization header.
+         
+         **DEPRECATED** - As of January 31, 2024, SLAS no longer supports the SESB `dwsid` parameter for `guest` users for `session-bridge/token` calls. We recommended you transition to using a SESB `dwsgst` token.
+         
+         The `dwsid` is still needed for `registered` user `session-bridge/token` calls.
+         
+         **NOTE:** The registered customer Json Web Token (JWT) is available in B2C Commerce versions 25.4 and later.
+         *
+         * If you would like to get a raw Response object use the other getSessionBridgeAccessToken function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.code - Authorization code returned from session bridge authorization received in the front channel that is used to get session bridge access tokens and refresh tokens. Required with a grant type of `session_bridge`. The SLAS client must have the `sfcc.session_bridge` scope to request a session bridge token.
+         * @param options.body.client_id - The SLAS public client ID for use with PKCE requests. This is a required parameter when using a public client.
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.body.code_verifier - PKCE code verifier. Created by the caller. This is a required parameter when using a public client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         * @param options.body.dwsid - Cookie passed back from the \'/authorize\' endpoint call for session bridge. This parameter is optional and not needed if using the `dwsgst` parameter.  **DEPRECATED** - As of January 31, 2024, SLAS will no longer support the SESB `dwsid` parameter for `guest` users for `session-bridge/token` calls. It is recommended to transition over to using a SESB `dwsgst` token.   The `dwsid` will still be needed for `registered` user session-bridge/token calls.
+         * @param options.body.grant_type - Grant Type
+         * @param options.body.login_id - The ID of the shopper for session bridge access. If requesting a token for a guest user set login_id to `guest`.
+         * @param options.body.dwsgst - Signed guest Json Web Token (JWT) that was obtained from B2C Commerce. This parameter is optional and not needed if using the guest `dwsid` parameter.
+         * @param options.body.dwsrst - Signed registered customer Json Web Token (JWT) that was obtained from B2C Commerce. This parameter is optional and not needed if using the registered user `dwsid` parameter.   **NOTE:** The registered customer Json Web Token (JWT) will be available in ECOM versions 25.4 and higher.
+         * @param options.body.usid - The unique shopper ID. Returned when from session bridge authorization.
+         * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.
+         *
+         * @returns A promise of type TokenResponse.
+         */
+        getSessionBridgeAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getSessionBridgeAccessTokenBodyType & CustomRequestBody;
+        }>): Promise<TokenResponse>;
+        /**
+         * For public client ID requests, you must set the grant_type to `session_bridge`.
+         
+         For private client_id and secret, you must set the grant_type to `client_credentials` along with a basic authorization header.
+         
+         **DEPRECATED** - As of January 31, 2024, SLAS no longer supports the SESB `dwsid` parameter for `guest` users for `session-bridge/token` calls. We recommended you transition to using a SESB `dwsgst` token.
+         
+         The `dwsid` is still needed for `registered` user `session-bridge/token` calls.
+         
+         **NOTE:** The registered customer Json Web Token (JWT) is available in B2C Commerce versions 25.4 and later.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.code - Authorization code returned from session bridge authorization received in the front channel that is used to get session bridge access tokens and refresh tokens. Required with a grant type of `session_bridge`. The SLAS client must have the `sfcc.session_bridge` scope to request a session bridge token.
+         * @param options.body.client_id - The SLAS public client ID for use with PKCE requests. This is a required parameter when using a public client.
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.body.code_verifier - PKCE code verifier. Created by the caller. This is a required parameter when using a public client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         * @param options.body.dwsid - Cookie passed back from the \'/authorize\' endpoint call for session bridge. This parameter is optional and not needed if using the `dwsgst` parameter.  **DEPRECATED** - As of January 31, 2024, SLAS will no longer support the SESB `dwsid` parameter for `guest` users for `session-bridge/token` calls. It is recommended to transition over to using a SESB `dwsgst` token.   The `dwsid` will still be needed for `registered` user session-bridge/token calls.
+         * @param options.body.grant_type - Grant Type
+         * @param options.body.login_id - The ID of the shopper for session bridge access. If requesting a token for a guest user set login_id to `guest`.
+         * @param options.body.dwsgst - Signed guest Json Web Token (JWT) that was obtained from B2C Commerce. This parameter is optional and not needed if using the guest `dwsid` parameter.
+         * @param options.body.dwsrst - Signed registered customer Json Web Token (JWT) that was obtained from B2C Commerce. This parameter is optional and not needed if using the registered user `dwsid` parameter.   **NOTE:** The registered customer Json Web Token (JWT) will be available in ECOM versions 25.4 and higher.
+         * @param options.body.usid - The unique shopper ID. Returned when from session bridge authorization.
+         * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+         */
+        getSessionBridgeAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getSessionBridgeAccessTokenBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+        /**
+         * If using a SLAS private client ID, you must also use an `_sfdc_client_auth` header.
+         
+         The value of the `_sfdc_client_auth` header must be a Base64-encoded string. The string is composed of a SLAS private client ID and client secret, separated by a colon (`:`). For example, `privateClientId:privateClientsecret` becomes `cHJpdmF0ZUNsaWVudElkOnByaXZhdGVDbGllbnRzZWNyZXQ=` after Base64 encoding.
+         *
+         * If you would like to get a raw Response object use the other getTrustedAgentAccessToken function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.agent_id - The ID of the merchant. If passed in, the `agent_id` will be validated using the SUB claim in the response from Account Manager.  This is an optional parameter unless the request is for a Trusted Agent on Behalf then `agent_id` is required.
+         * @param options.body.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-system requests.  The `client_id` is not needed if a using a SLAS private `client_id` and the `_sfdc_client_auth` header.
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.body.code_verifier - PKCE code verifier. Created by the caller.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_verifier` is not needed if a using a SLAS private `client_id` and the `_sfdc_client_auth` header.
+         * @param options.body.grant_type - Grant Type
+         * @param options.body.login_id - The ID is the shopper for trusted agent access.  For TAOB Guest the `login_id` must be set to `Guest`.
+         * @param options.body.idp_origin - The IDP that the user is associated with.   For TAOB Guest the `idp_origin` parameter should be `slas`. If set to any other IDP origin a 400 Bad Request will be returned.
+         * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+         * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`    If not added the `dnt` value will default to `true`    Note: The default value for `dnt` is set to `true` for all TAOB flows. This is opposite from other SLAS token requests.
+         * @param options.body.state - This is an optional parameter to set state for the trusted agent session.   If the `state` parameter is used it will be validated and a 400 Bad Request will be returned if missing or invalid.  For TAOB Guest you must pass the `state` parameter to transfer the state from the TAOB Guest authorization call to the token call.  The `state` parameter value is returned with the authorization code in the response url from the TAOB guest authorization call,  for example: `.../taob/callback?code=HETXpvg5LKBNIHjDTWkRrf2MLVU&state=taob.gst.7bc7fb7f-e646-44fd-bc73-dfd5c3c9019b`.  You would use `taob.gst.7bc7fb7f-e646-44fd-bc73-dfd5c3c9019b` for the `state` value in the TAOB request.
+         *
+         * @returns A promise of type TokenResponse.
+         */
+        getTrustedAgentAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getTrustedAgentAccessTokenBodyType & CustomRequestBody;
+        }>): Promise<TokenResponse>;
+        /**
+         * If using a SLAS private client ID, you must also use an `_sfdc_client_auth` header.
+         
+         The value of the `_sfdc_client_auth` header must be a Base64-encoded string. The string is composed of a SLAS private client ID and client secret, separated by a colon (`:`). For example, `privateClientId:privateClientsecret` becomes `cHJpdmF0ZUNsaWVudElkOnByaXZhdGVDbGllbnRzZWNyZXQ=` after Base64 encoding.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.agent_id - The ID of the merchant. If passed in, the `agent_id` will be validated using the SUB claim in the response from Account Manager.  This is an optional parameter unless the request is for a Trusted Agent on Behalf then `agent_id` is required.
+         * @param options.body.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-system requests.  The `client_id` is not needed if a using a SLAS private `client_id` and the `_sfdc_client_auth` header.
+         * @param options.body.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.body.code_verifier - PKCE code verifier. Created by the caller.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.  The `code_verifier` is not needed if a using a SLAS private `client_id` and the `_sfdc_client_auth` header.
+         * @param options.body.grant_type - Grant Type
+         * @param options.body.login_id - The ID is the shopper for trusted agent access.  For TAOB Guest the `login_id` must be set to `Guest`.
+         * @param options.body.idp_origin - The IDP that the user is associated with.   For TAOB Guest the `idp_origin` parameter should be `slas`. If set to any other IDP origin a 400 Bad Request will be returned.
+         * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+         * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.   SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`    If not added the `dnt` value will default to `true`    Note: The default value for `dnt` is set to `true` for all TAOB flows. This is opposite from other SLAS token requests.
+         * @param options.body.state - This is an optional parameter to set state for the trusted agent session.   If the `state` parameter is used it will be validated and a 400 Bad Request will be returned if missing or invalid.  For TAOB Guest you must pass the `state` parameter to transfer the state from the TAOB Guest authorization call to the token call.  The `state` parameter value is returned with the authorization code in the response url from the TAOB guest authorization call,  for example: `.../taob/callback?code=HETXpvg5LKBNIHjDTWkRrf2MLVU&state=taob.gst.7bc7fb7f-e646-44fd-bc73-dfd5c3c9019b`.  You would use `taob.gst.7bc7fb7f-e646-44fd-bc73-dfd5c3c9019b` for the `state` value in the TAOB request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+         */
+        getTrustedAgentAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getTrustedAgentAccessTokenBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+        /**
+         * This endpoint enables trusted agents (such as customer service representatives or merchants) to obtain authorization tokens that allow them to act on behalf of registered customers. This facilitates customer support scenarios where agents need secure access to customer accounts.
+         *
+         * If you would like to get a raw Response object use the other getTrustedAgentAuthorizationToken function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+         * @param options.parameters.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.parameters.login_id - The ID of the shopper for trusted agent access.
+         
+         For TAOB Guest the `login_id` must be set to `Guest`.
+         * @param options.parameters.idp_origin - The IDP that the shopper is associated with.
+         
+         For TAOB Guest the `idp_origin` must be set to `slas`. This is standard for SLAS Guest requests. If any other `idp_origin` value is used, SLAS returns a bad request.
+         * @param options.parameters.redirect_uri - The redirect for Account Manager to redirect to. A variety of URI formats and wildcard for host are supported, but app links like `airbnb://` or `fb://` are not. Examples of supported URIs:
+         - `http://localhost:3000/callback`
+         - `https://example.com/callback`
+         - `com.example.app:redirect_uri_path`
+         - ` *.subdomain.topleveldomain.com`
+         
+         * @param options.parameters.response_type - Must be `code`. Indicates that the caller wants an authorization code.
+         * @param options.parameters.code_challenge - PKCE code challenge. Created by the caller.
+         
+         The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.
+         
+         The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         
+         The *`code_challenge` and 'code_verifier'* are required if a using SLAS public `client_id`.
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         *
+         * @returns A promise of type void.
+         */
+        getTrustedAgentAuthorizationToken(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+                client_id: string;
+                channel_id: string;
+                login_id: string;
+                idp_origin: string;
+                redirect_uri: string;
+                response_type: GetTrustedAgentAuthorizationTokenResponseTypeEnum;
+                code_challenge?: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>): Promise<void>;
+        /**
+         * This endpoint enables trusted agents (such as customer service representatives or merchants) to obtain authorization tokens that allow them to act on behalf of registered customers. This facilitates customer support scenarios where agents need secure access to customer accounts.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+         * @param options.parameters.channel_id - The channel (B2C Commerce site) that the user is associated with.
+         * @param options.parameters.login_id - The ID of the shopper for trusted agent access.
+         
+         For TAOB Guest the `login_id` must be set to `Guest`.
+         * @param options.parameters.idp_origin - The IDP that the shopper is associated with.
+         
+         For TAOB Guest the `idp_origin` must be set to `slas`. This is standard for SLAS Guest requests. If any other `idp_origin` value is used, SLAS returns a bad request.
+         * @param options.parameters.redirect_uri - The redirect for Account Manager to redirect to. A variety of URI formats and wildcard for host are supported, but app links like `airbnb://` or `fb://` are not. Examples of supported URIs:
+         - `http://localhost:3000/callback`
+         - `https://example.com/callback`
+         - `com.example.app:redirect_uri_path`
+         - ` *.subdomain.topleveldomain.com`
+         
+         * @param options.parameters.response_type - Must be `code`. Indicates that the caller wants an authorization code.
+         * @param options.parameters.code_challenge - PKCE code challenge. Created by the caller.
+         
+         The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.
+         
+         The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         
+         The *`code_challenge` and 'code_verifier'* are required if a using SLAS public `client_id`.
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+         */
+        getTrustedAgentAuthorizationToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+                client_id: string;
+                channel_id: string;
+                login_id: string;
+                idp_origin: string;
+                redirect_uri: string;
+                response_type: GetTrustedAgentAuthorizationTokenResponseTypeEnum;
+                code_challenge?: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+        /**
+         * The SLAS client must have the `sfcc.ts_ext_on_behalf_of` scope to access this endpoint.
+         
+         
+         For trusted-system requests, you can use a basic authorization header that includes a SLAS private client ID and SLAS private client secret instead of the bearer token.
+         
+         
+         For trusted-system requests, you cannot use SLAS public client_ids.
+         *
+         * If you would like to get a raw Response object use the other getTrustedSystemAccessToken function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+         * @param options.body.grant_type - Grant Type
+         * @param options.body.hint - Type of system used for Trusted System On Behalf of requests.
+         * @param options.body.login_id - The ID used by the shopper for trusted system access.   If set to `guest`, a token is returned for a guest user.
+         * @param options.body.idp_origin - IDPs that work with SLAS. Use `ecom` when using B2C Commerce is the identity provider.
+         * @param options.body.client_id - The SLAS public client ID for use with trusted-system requests.
+         * @param options.body.channel_id - The channel (ECOM site) that the user is associated with.
+         * @param options.body.email_id - The email address for the shopper that is used for trusted-system requests. If not provided, `login_id` is used instead.
+         * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.  SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.  Note: The default value for `dnt` is set to `false` for SLAS token requests except for Trusted Agent token request. For Trusted Agent token requests the default value for `dnt` is `true`.
+         *
+         * @returns A promise of type TokenResponse.
+         */
+        getTrustedSystemAccessToken(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getTrustedSystemAccessTokenBodyType & CustomRequestBody;
+        }>): Promise<TokenResponse>;
+        /**
+         * The SLAS client must have the `sfcc.ts_ext_on_behalf_of` scope to access this endpoint.
+         
+         
+         For trusted-system requests, you can use a basic authorization header that includes a SLAS private client ID and SLAS private client secret instead of the bearer token.
+         
+         
+         For trusted-system requests, you cannot use SLAS public client_ids.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.usid - The shopper\'s unique identifier, if known. If not provided, a new USID is generated.
+         * @param options.body.grant_type - Grant Type
+         * @param options.body.hint - Type of system used for Trusted System On Behalf of requests.
+         * @param options.body.login_id - The ID used by the shopper for trusted system access.   If set to `guest`, a token is returned for a guest user.
+         * @param options.body.idp_origin - IDPs that work with SLAS. Use `ecom` when using B2C Commerce is the identity provider.
+         * @param options.body.client_id - The SLAS public client ID for use with trusted-system requests.
+         * @param options.body.channel_id - The channel (ECOM site) that the user is associated with.
+         * @param options.body.email_id - The email address for the shopper that is used for trusted-system requests. If not provided, `login_id` is used instead.
+         * @param options.body.dnt - This is an optional parameter to set `Do Not Track` for the session.  SLAS is making this available, but will not be used by B2C Commerce until after the 24.4 release.  Values are:   * `false`   * `true`  If not added the `dnt` value will default to `false`.  Note: The default value for `dnt` is set to `false` for SLAS token requests except for Trusted Agent token request. For Trusted Agent token requests the default value for `dnt` is `true`.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+         */
+        getTrustedSystemAccessToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: getTrustedSystemAccessTokenBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+        /**
+         * This endpoint returns identity information about the authenticated user in the form of OpenID Connect claims. It requires a valid access token and returns information such as user ID, name, email, and other identity attributes based on the scopes granted during authentication.
+         *
+         * If you would like to get a raw Response object use the other getUserInfo function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.parameters.channel_id - Used when getting user information for a SFCC login. For an B2C Commerce customer, this is angalous to the site ID. Required when getting user information for an B2C Commerce customer.
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         *
+         * @returns A promise of type string.
+         */
+        getUserInfo(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+                channel_id?: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>): Promise<string>;
+        /**
+         * This endpoint returns identity information about the authenticated user in the form of OpenID Connect claims. It requires a valid access token and returns information such as user ID, name, email, and other identity attributes based on the scopes granted during authentication.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.parameters.channel_id - Used when getting user information for a SFCC login. For an B2C Commerce customer, this is angalous to the site ID. Required when getting user information for an B2C Commerce customer.
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type string otherwise.
+         */
+        getUserInfo<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+                channel_id?: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>, rawResponse?: T): Promise<T extends true ? Response : string>;
+        /**
+         * This endpoint provides OpenID Connect discovery information in a standardized format. It allows clients to programmatically discover SLAS capabilities, including available endpoints, supported authentication flows, token signing algorithms, and other configuration details. This information helps clients integrate with the authentication service with minimal manual configuration.
+         *
+         * If you would like to get a raw Response object use the other getWellknownOpenidConfiguration function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         *
+         * @returns A promise of type string.
+         */
+        getWellknownOpenidConfiguration(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>): Promise<string>;
+        /**
+         * This endpoint provides OpenID Connect discovery information in a standardized format. It allows clients to programmatically discover SLAS capabilities, including available endpoints, supported authentication flows, token signing algorithms, and other configuration details. This information helps clients integrate with the authentication service with minimal manual configuration.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type string otherwise.
+         */
+        getWellknownOpenidConfiguration<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>, rawResponse?: T): Promise<T extends true ? Response : string>;
+        /**
+         * A basic auth header with Base64-encoded `clientId:secret` is required in the Authorization header, as well as an access token or refresh token. Use `token_type_hint` to help identify the token.
+         *
+         * If you would like to get a raw Response object use the other introspectToken function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.token - Token to inspect or revoke.
+         * @param options.body.token_type_hint - Token Type Hint
+         *
+         * @returns A promise of type TokenActionRequest.
+         */
+        introspectToken(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: introspectTokenBodyType & CustomRequestBody;
+        }>): Promise<TokenActionRequest>;
+        /**
+         * A basic auth header with Base64-encoded `clientId:secret` is required in the Authorization header, as well as an access token or refresh token. Use `token_type_hint` to help identify the token.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.token - Token to inspect or revoke.
+         * @param options.body.token_type_hint - Token Type Hint
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type TokenActionRequest otherwise.
+         */
+        introspectToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: introspectTokenBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : TokenActionRequest>;
+        /**
+         * The shopper's access token and refresh token are revoked. If the shopper authenticated with a B2C Commerce (B2C Commerce) instance, the OCAPI JWT is also revoked. Call this endpoint for registered users that have logged in using SLAS. Do not use this endpoint for guest users.
+         
+         Required header: Authorization header bearer token of the Shopper access token to log out.
+         
+         Required parameters: `refresh token`, `channel_id`, and `client`.
+         *
+         * If you would like to get a raw Response object use the other logoutCustomer function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+         * @param options.parameters.refresh_token - Refresh token that was given during the access token request.
+         * @param options.parameters.channel_id - The `channel_id` parameter must be provided if the shopper authenticated using the `login` endpoint with B2C Commerce.
+         * @param options.parameters.hint - `hint=all-sessions` logs out all sessions of the shopper and invalidates all active refresh tokens for the shopper.
+         
+         If this query parameter is not provided, the default behavior is to log out only the current session that matches the refresh token in the request.
+         
+         If an incorrect value is provided for the hint other than `all-sessions`, the request fails.
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         *
+         * @returns A promise of type TokenResponse.
+         */
+        logoutCustomer(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+                client_id: string;
+                refresh_token: string;
+                channel_id?: string;
+                hint?: LogoutCustomerHintEnum;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>): Promise<TokenResponse>;
+        /**
+         * The shopper's access token and refresh token are revoked. If the shopper authenticated with a B2C Commerce (B2C Commerce) instance, the OCAPI JWT is also revoked. Call this endpoint for registered users that have logged in using SLAS. Do not use this endpoint for guest users.
+         
+         Required header: Authorization header bearer token of the Shopper access token to log out.
+         
+         Required parameters: `refresh token`, `channel_id`, and `client`.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.parameters.client_id - The SLAS public client ID or SLAS private client ID for use with trusted-agent requests. When using a private client ID a PKCE code challenge is not required.
+         * @param options.parameters.refresh_token - Refresh token that was given during the access token request.
+         * @param options.parameters.channel_id - The `channel_id` parameter must be provided if the shopper authenticated using the `login` endpoint with B2C Commerce.
+         * @param options.parameters.hint - `hint=all-sessions` logs out all sessions of the shopper and invalidates all active refresh tokens for the shopper.
+         
+         If this query parameter is not provided, the default behavior is to log out only the current session that matches the refresh token in the request.
+         
+         If an incorrect value is provided for the hint other than `all-sessions`, the request fails.
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type TokenResponse otherwise.
+         */
+        logoutCustomer<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+                client_id: string;
+                refresh_token: string;
+                channel_id?: string;
+                hint?: LogoutCustomerHintEnum;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+        }>, rawResponse?: T): Promise<T extends true ? Response : TokenResponse>;
+        /**
+         * This endpoint allows a customer to set a new password using a valid password reset token. The customer must provide the token received from the password/reset endpoint along with the desired new password.
+         *
+         * If you would like to get a raw Response object use the other resetPassword function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.client_id - -| The public client ID. When using the `hint` query parameter either a public or private client ID can be used.
+         * @param options.body.pwd_action_token - Password action token that was returned from the `/password/reset` endpoint.
+         * @param options.body.code_verifier - PKCE code verifier. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         * @param options.body.new_password - The new password to set for the shopper associated with the password action token.
+         * @param options.body.channel_id - The channel that the request is for. For a B2C Commerce request, this is angalous to the site ID.
+         * @param options.body.hint - Adding a `hint` query parameter with a value of `cross_device` will remove the need to have the code_verifier for password reset request. If the `hint` query parameter is used it must also have been used in the password action request.
+         *
+         * @returns A promise of type void.
+         */
+        resetPassword(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: resetPasswordBodyType & CustomRequestBody;
+        }>): Promise<void>;
+        /**
+         * This endpoint allows a customer to set a new password using a valid password reset token. The customer must provide the token received from the password/reset endpoint along with the desired new password.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.client_id - -| The public client ID. When using the `hint` query parameter either a public or private client ID can be used.
+         * @param options.body.pwd_action_token - Password action token that was returned from the `/password/reset` endpoint.
+         * @param options.body.code_verifier - PKCE code verifier. Created by the client.  The `code_challenge` is created by SHA256 hashing the `code_verifier` and Base64 encoding the resulting hash.  The `code_verifier` should be a high entropy cryptographically random string with a minimum of 43 characters and a maximum of 128 characters.
+         * @param options.body.new_password - The new password to set for the shopper associated with the password action token.
+         * @param options.body.channel_id - The channel that the request is for. For a B2C Commerce request, this is angalous to the site ID.
+         * @param options.body.hint - Adding a `hint` query parameter with a value of `cross_device` will remove the need to have the code_verifier for password reset request. If the `hint` query parameter is used it must also have been used in the password action request.
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type void otherwise.
+         */
+        resetPassword<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: resetPasswordBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : void>;
+        /**
+         * A basic auth header with Base64-encoded `clientId:secret` is required in the Authorization header, and the refresh token to be revoked is required in the body.
+         *
+         * If you would like to get a raw Response object use the other revokeToken function.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.token - Token to inspect or revoke.
+         * @param options.body.token_type_hint - Token Type Hint
+         *
+         * @returns A promise of type TokenActionRequest.
+         */
+        revokeToken(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: revokeTokenBodyType & CustomRequestBody;
+        }>): Promise<TokenActionRequest>;
+        /**
+         * A basic auth header with Base64-encoded `clientId:secret` is required in the Authorization header, and the refresh token to be revoked is required in the body.
+         *
+         * @param options - An object containing the options for this method.
+         * @param options.parameters - An object containing the parameters for this method.
+         * @param options.parameters.organizationId - An identifier for the organization the request is being made by
+         * @param options.headers - An object literal of key value pairs of the headers to be sent with this request.
+         * @param options.body - The data to send as the request body.
+         * @param options.body.token - Token to inspect or revoke.
+         * @param options.body.token_type_hint - Token Type Hint
+         * @param rawResponse - Set to true to return entire Response object instead of DTO.
+         *
+         * @returns A promise of type Response if rawResponse is true, a promise of type TokenActionRequest otherwise.
+         */
+        revokeToken<T extends boolean>(options?: RequireParametersUnlessAllAreOptional<{
+            parameters?: CompositeParameters<{
+                organizationId: string;
+            } & QueryParameters, ConfigParameters>;
+            headers?: {
+                [key: string]: string;
+            };
+            body: revokeTokenBodyType & CustomRequestBody;
+        }>, rawResponse?: T): Promise<T extends true ? Response : TokenActionRequest>;
+    }
+}
+declare namespace ShopperLoginModelTypes {
+    /**
+     * Grant Type
+     */
+    type GrantType = "authorization_code" | "refresh_token" | "client_credentials" | "authorization_code_pkce" | "session_bridge";
+    /**
+     * @type Oauth2ErrorResponse:
+     *
+     * @property error:
+     *
+     * @property error_uri:
+     *
+     * @property error_description:
+     *
+     */
+    type Oauth2ErrorResponse = {
+        error: string;
+        error_uri?: string;
+        error_description?: string;
+    } & {
+        [key: string]: any;
+    };
+    /**
+     * Response Type
+     */
+    type ResponseType = "code";
+    /**
+     * @type TokenActionRequest:
+     *
+     * @property token: Token to inspect or revoke.
+     *
+     * @property token_type_hint: Token Type Hint
+     *
+     */
+    type TokenActionRequest = {
+        token: string;
+        token_type_hint?: TokenActionRequestTokenTypeHintEnum;
+    } & {
+        [key: string]: any;
+    };
+    type TokenActionRequestTokenTypeHintEnum = "access_token" | "refresh_token";
+    /**
+     * Token Type
+     */
+    type TokenType = "Bearer";
+    /**
+     * @type TokenResponse:
+     *
+     * @property access_token: Short term shopper JWT that can be used to access Shopper APIs. Valid for 30 minutes.  A trusted agent shopper JWT is valid for 15 min.
+     *
+     * @property id_token: User ID token. Valid for 30 minutes.
+     *
+     * @property refresh_token: Long term refresh token that can be used to refresh an access token. Valid for 30 days.   The refresh_token will not be returned for trusted agents JWTs. A JWT for trusted agents expires after 15 minutes and is not refreshable. When expired, then app must restart the authorization flow and make another request to the /trusted-agent/authorize endpoint.
+     *
+     * @property expires_in: Remaining access token expiry time, in seconds.
+     *
+     * @property refresh_token_expires_in: Remaining refresh token expiry time, in seconds.
+     *
+     * @property token_type:
+     *
+     * @property usid: The unique shopper ID. Returned when using the `client_credentials` grant type.
+     *
+     * @property customer_id: Customer\'s ID
+     *
+     * @property enc_user_id: MD5 Hashed B2C Commerce user ID in uppercase.
+     *
+     * @property idp_access_token: This is the access token that is returned from the IDP. The IDP access token is returned to be able to make calls into the IDP outside of SLAS.
+     * - **Max Length:** 8192
+     *
+     */
+    type TokenResponse = {
+        access_token: string;
+        id_token: string;
+        refresh_token: string;
+        expires_in: number;
+        refresh_token_expires_in: number;
+        token_type: TokenType;
+        usid: string;
+        customer_id: string;
+        enc_user_id: string;
+        idp_access_token: string;
+    } & {
+        [key: string]: any;
+    };
+}
+declare namespace ShopperLoginTypes {
+    type ShopperLoginPathParameters = ShopperLoginApiTypes.ShopperLoginPathParameters;
+    type ShopperLoginQueryParameters = ShopperLoginApiTypes.ShopperLoginQueryParameters;
+    type authenticateCustomerBodyType = ShopperLoginApiTypes.authenticateCustomerBodyType;
+    type authenticateCustomerQueryParameters = ShopperLoginApiTypes.authenticateCustomerQueryParameters;
+    type authenticateCustomerPathParameters = ShopperLoginApiTypes.authenticateCustomerPathParameters;
+    type AuthorizeCustomerResponseTypeEnum = ShopperLoginApiTypes.AuthorizeCustomerResponseTypeEnum;
+    type AuthorizeCustomerScopeEnum = ShopperLoginApiTypes.AuthorizeCustomerScopeEnum;
+    type authorizeCustomerQueryParameters = ShopperLoginApiTypes.authorizeCustomerQueryParameters;
+    type authorizeCustomerPathParameters = ShopperLoginApiTypes.authorizeCustomerPathParameters;
+    type AuthorizePasswordlessCustomerModeEnum = ShopperLoginApiTypes.AuthorizePasswordlessCustomerModeEnum;
+    type authorizePasswordlessCustomerBodyType = ShopperLoginApiTypes.authorizePasswordlessCustomerBodyType;
+    type authorizePasswordlessCustomerQueryParameters = ShopperLoginApiTypes.authorizePasswordlessCustomerQueryParameters;
+    type authorizePasswordlessCustomerPathParameters = ShopperLoginApiTypes.authorizePasswordlessCustomerPathParameters;
+    type getAccessTokenBodyType = ShopperLoginApiTypes.getAccessTokenBodyType;
+    type getAccessTokenQueryParameters = ShopperLoginApiTypes.getAccessTokenQueryParameters;
+    type getAccessTokenPathParameters = ShopperLoginApiTypes.getAccessTokenPathParameters;
+    type getJwksUriQueryParameters = ShopperLoginApiTypes.getJwksUriQueryParameters;
+    type getJwksUriPathParameters = ShopperLoginApiTypes.getJwksUriPathParameters;
+    type GetPasswordLessAccessTokenGrantTypeEnum = ShopperLoginApiTypes.GetPasswordLessAccessTokenGrantTypeEnum;
+    type getPasswordLessAccessTokenBodyType = ShopperLoginApiTypes.getPasswordLessAccessTokenBodyType;
+    type getPasswordLessAccessTokenQueryParameters = ShopperLoginApiTypes.getPasswordLessAccessTokenQueryParameters;
+    type getPasswordLessAccessTokenPathParameters = ShopperLoginApiTypes.getPasswordLessAccessTokenPathParameters;
+    type GetPasswordResetTokenModeEnum = ShopperLoginApiTypes.GetPasswordResetTokenModeEnum;
+    type getPasswordResetTokenBodyType = ShopperLoginApiTypes.getPasswordResetTokenBodyType;
+    type getPasswordResetTokenQueryParameters = ShopperLoginApiTypes.getPasswordResetTokenQueryParameters;
+    type getPasswordResetTokenPathParameters = ShopperLoginApiTypes.getPasswordResetTokenPathParameters;
+    type GetSessionBridgeAccessTokenGrantTypeEnum = ShopperLoginApiTypes.GetSessionBridgeAccessTokenGrantTypeEnum;
+    type getSessionBridgeAccessTokenBodyType = ShopperLoginApiTypes.getSessionBridgeAccessTokenBodyType;
+    type getSessionBridgeAccessTokenQueryParameters = ShopperLoginApiTypes.getSessionBridgeAccessTokenQueryParameters;
+    type getSessionBridgeAccessTokenPathParameters = ShopperLoginApiTypes.getSessionBridgeAccessTokenPathParameters;
+    type GetTrustedAgentAccessTokenGrantTypeEnum = ShopperLoginApiTypes.GetTrustedAgentAccessTokenGrantTypeEnum;
+    type getTrustedAgentAccessTokenBodyType = ShopperLoginApiTypes.getTrustedAgentAccessTokenBodyType;
+    type getTrustedAgentAccessTokenQueryParameters = ShopperLoginApiTypes.getTrustedAgentAccessTokenQueryParameters;
+    type getTrustedAgentAccessTokenPathParameters = ShopperLoginApiTypes.getTrustedAgentAccessTokenPathParameters;
+    type GetTrustedAgentAuthorizationTokenResponseTypeEnum = ShopperLoginApiTypes.GetTrustedAgentAuthorizationTokenResponseTypeEnum;
+    type getTrustedAgentAuthorizationTokenQueryParameters = ShopperLoginApiTypes.getTrustedAgentAuthorizationTokenQueryParameters;
+    type getTrustedAgentAuthorizationTokenPathParameters = ShopperLoginApiTypes.getTrustedAgentAuthorizationTokenPathParameters;
+    type GetTrustedSystemAccessTokenGrantTypeEnum = ShopperLoginApiTypes.GetTrustedSystemAccessTokenGrantTypeEnum;
+    type GetTrustedSystemAccessTokenHintEnum = ShopperLoginApiTypes.GetTrustedSystemAccessTokenHintEnum;
+    type GetTrustedSystemAccessTokenIdpOriginEnum = ShopperLoginApiTypes.GetTrustedSystemAccessTokenIdpOriginEnum;
+    type getTrustedSystemAccessTokenBodyType = ShopperLoginApiTypes.getTrustedSystemAccessTokenBodyType;
+    type getTrustedSystemAccessTokenQueryParameters = ShopperLoginApiTypes.getTrustedSystemAccessTokenQueryParameters;
+    type getTrustedSystemAccessTokenPathParameters = ShopperLoginApiTypes.getTrustedSystemAccessTokenPathParameters;
+    type getUserInfoQueryParameters = ShopperLoginApiTypes.getUserInfoQueryParameters;
+    type getUserInfoPathParameters = ShopperLoginApiTypes.getUserInfoPathParameters;
+    type getWellknownOpenidConfigurationQueryParameters = ShopperLoginApiTypes.getWellknownOpenidConfigurationQueryParameters;
+    type getWellknownOpenidConfigurationPathParameters = ShopperLoginApiTypes.getWellknownOpenidConfigurationPathParameters;
+    type IntrospectTokenTokenTypeHintEnum = ShopperLoginApiTypes.IntrospectTokenTokenTypeHintEnum;
+    type introspectTokenBodyType = ShopperLoginApiTypes.introspectTokenBodyType;
+    type introspectTokenQueryParameters = ShopperLoginApiTypes.introspectTokenQueryParameters;
+    type introspectTokenPathParameters = ShopperLoginApiTypes.introspectTokenPathParameters;
+    type LogoutCustomerHintEnum = ShopperLoginApiTypes.LogoutCustomerHintEnum;
+    type logoutCustomerQueryParameters = ShopperLoginApiTypes.logoutCustomerQueryParameters;
+    type logoutCustomerPathParameters = ShopperLoginApiTypes.logoutCustomerPathParameters;
+    type resetPasswordBodyType = ShopperLoginApiTypes.resetPasswordBodyType;
+    type resetPasswordQueryParameters = ShopperLoginApiTypes.resetPasswordQueryParameters;
+    type resetPasswordPathParameters = ShopperLoginApiTypes.resetPasswordPathParameters;
+    type RevokeTokenTokenTypeHintEnum = ShopperLoginApiTypes.RevokeTokenTokenTypeHintEnum;
+    type revokeTokenBodyType = ShopperLoginApiTypes.revokeTokenBodyType;
+    type revokeTokenQueryParameters = ShopperLoginApiTypes.revokeTokenQueryParameters;
+    type revokeTokenPathParameters = ShopperLoginApiTypes.revokeTokenPathParameters;
+    type GrantType = ShopperLoginModelTypes.GrantType;
+    type Oauth2ErrorResponse = ShopperLoginModelTypes.Oauth2ErrorResponse;
+    type ResponseType = ShopperLoginModelTypes.ResponseType;
+    type TokenActionRequest = ShopperLoginModelTypes.TokenActionRequest;
+    type TokenActionRequestTokenTypeHintEnum = ShopperLoginModelTypes.TokenActionRequestTokenTypeHintEnum;
+    type TokenResponse = ShopperLoginModelTypes.TokenResponse;
+    type TokenType = ShopperLoginModelTypes.TokenType;
+}
+export { defaultBaseUri, AuthorizeCustomerResponseTypeEnum, AuthorizeCustomerScopeEnum, AuthorizePasswordlessCustomerModeEnum, GetPasswordLessAccessTokenGrantTypeEnum, GetPasswordResetTokenModeEnum, GetSessionBridgeAccessTokenGrantTypeEnum, GetTrustedAgentAccessTokenGrantTypeEnum, GetTrustedAgentAuthorizationTokenResponseTypeEnum, GetTrustedSystemAccessTokenGrantTypeEnum, GetTrustedSystemAccessTokenHintEnum, GetTrustedSystemAccessTokenIdpOriginEnum, IntrospectTokenTokenTypeHintEnum, LogoutCustomerHintEnum, RevokeTokenTokenTypeHintEnum, authenticateCustomerQueryParameters, authenticateCustomerPathParameters, authenticateCustomerBodyType, authorizeCustomerQueryParameters, authorizeCustomerPathParameters, authorizePasswordlessCustomerQueryParameters, authorizePasswordlessCustomerPathParameters, authorizePasswordlessCustomerBodyType, getAccessTokenQueryParameters, getAccessTokenPathParameters, getAccessTokenBodyType, getJwksUriQueryParameters, getJwksUriPathParameters, getPasswordLessAccessTokenQueryParameters, getPasswordLessAccessTokenPathParameters, getPasswordLessAccessTokenBodyType, getPasswordResetTokenQueryParameters, getPasswordResetTokenPathParameters, getPasswordResetTokenBodyType, getSessionBridgeAccessTokenQueryParameters, getSessionBridgeAccessTokenPathParameters, getSessionBridgeAccessTokenBodyType, getTrustedAgentAccessTokenQueryParameters, getTrustedAgentAccessTokenPathParameters, getTrustedAgentAccessTokenBodyType, getTrustedAgentAuthorizationTokenQueryParameters, getTrustedAgentAuthorizationTokenPathParameters, getTrustedSystemAccessTokenQueryParameters, getTrustedSystemAccessTokenPathParameters, getTrustedSystemAccessTokenBodyType, getUserInfoQueryParameters, getUserInfoPathParameters, getWellknownOpenidConfigurationQueryParameters, getWellknownOpenidConfigurationPathParameters, introspectTokenQueryParameters, introspectTokenPathParameters, introspectTokenBodyType, logoutCustomerQueryParameters, logoutCustomerPathParameters, resetPasswordQueryParameters, resetPasswordPathParameters, resetPasswordBodyType, revokeTokenQueryParameters, revokeTokenPathParameters, revokeTokenBodyType, ShopperLoginPathParameters, ShopperLoginQueryParameters, ShopperLoginParameters, ShopperLogin, GrantType, Oauth2ErrorResponse, ResponseType, TokenActionRequest, TokenActionRequestTokenTypeHintEnum, TokenResponse, TokenType, ShopperLoginTypes };