Comparing version 10.20.0 to 11.0.0
@@ -25,3 +25,3 @@ "use strict"; | ||
/** | ||
* Send a discovery magic link to an email address. | ||
* Send a discovery magic link to an email address. The magic link is valid for 60 minutes. | ||
* @param data {@link B2BMagicLinksEmailDiscoverySendRequest} | ||
@@ -28,0 +28,0 @@ * @returns {@link B2BMagicLinksEmailDiscoverySendResponse} |
@@ -34,2 +34,4 @@ "use strict"; | ||
* active Member will receive a login Email Magic Link. | ||
* | ||
* The magic link is valid for 60 minutes. | ||
* @param data {@link B2BMagicLinksEmailLoginOrSignupRequest} | ||
@@ -54,3 +56,5 @@ * @returns {@link B2BMagicLinksEmailLoginOrSignupResponse} | ||
* `invited` status until they successfully authenticate. Sending invites to `pending` Members will update | ||
* their status to `invited`. Sending invites to already `active` Members will return an error. /%} | ||
* their status to `invited`. Sending invites to already `active` Members will return an error. | ||
* | ||
* The magic link invite will be valid for 1 week. | ||
* @param data {@link B2BMagicLinksEmailInviteRequest} | ||
@@ -57,0 +61,0 @@ * @param options {@link B2BMagicLinksEmailInviteRequestOptions} |
@@ -50,2 +50,6 @@ "use strict"; | ||
// Request type for `organizations.members.unlinkRetiredEmail`. | ||
// Response type for `organizations.members.unlinkRetiredEmail`. | ||
// Request type for `organizations.members.update`. | ||
@@ -63,21 +67,2 @@ | ||
* Updates a Member specified by `organization_id` and `member_id`. | ||
* | ||
* Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you | ||
* pass in | ||
* a header containing a `session_token` or a `session_jwt` for an unexpired Member Session, we will check | ||
* that the | ||
* Member Session has the necessary permissions. The specific permissions needed depend on which of the | ||
* optional fields | ||
* are passed in the request. For example, if the `organization_name` argument is provided, the Member | ||
* Session must have | ||
* permission to perform the `update.info.name` action on the `stytch.organization` Resource. | ||
* | ||
* If the Member Session does not contain a Role that satisfies the requested permissions, or if the | ||
* Member's Organization | ||
* does not match the `organization_id` passed in the request, a 403 error will be thrown. Otherwise, the | ||
* request will | ||
* proceed as normal. | ||
* | ||
* To learn more about our RBAC implementation, see our | ||
* [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/overview). | ||
* @param data {@link B2BOrganizationsMembersUpdateRequest} | ||
@@ -115,3 +100,3 @@ * @param options {@link B2BOrganizationsMembersUpdateRequestOptions} | ||
/** | ||
* Deletes a Member specified by `organization_id` and `member_id`. /%} | ||
* Deletes a Member specified by `organization_id` and `member_id`. | ||
* @param data {@link B2BOrganizationsMembersDeleteRequest} | ||
@@ -139,3 +124,3 @@ * @param options {@link B2BOrganizationsMembersDeleteRequestOptions} | ||
* Reactivates a deleted Member's status and its associated email status (if applicable) to active, | ||
* specified by `organization_id` and `member_id`. /%} | ||
* specified by `organization_id` and `member_id`. | ||
* @param data {@link B2BOrganizationsMembersReactivateRequest} | ||
@@ -172,3 +157,2 @@ * @param options {@link B2BOrganizationsMembersReactivateRequestOptions} | ||
* [OTP SMS Authenticate](https://stytch.com/docs/b2b/api/authenticate-otp-sms) endpoint. | ||
* /%} | ||
* @param data {@link B2BOrganizationsMembersDeleteMFAPhoneNumberRequest} | ||
@@ -202,3 +186,2 @@ * @param options {@link B2BOrganizationsMembersDeleteMFAPhoneNumberRequestOptions} | ||
* registration is deleted, and MFA will not be enforced until the Member logs in again. | ||
* /%} | ||
* @param data {@link B2BOrganizationsMembersDeleteTOTPRequest} | ||
@@ -229,22 +212,2 @@ * @param options {@link B2BOrganizationsMembersDeleteTOTPRequestOptions} | ||
* *All fuzzy search filters require a minimum of three characters. | ||
* | ||
* Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you | ||
* pass in | ||
* a header containing a `session_token` or a `session_jwt` for an unexpired Member Session, we will check | ||
* that the | ||
* Member Session has permission to perform the `search` action on the `stytch.member` Resource. In | ||
* addition, enforcing | ||
* RBAC on this endpoint means that you may only search for Members within the calling Member's | ||
* Organization, so the | ||
* `organization_ids` argument may only contain the `organization_id` of the Member Session passed in the | ||
* header. | ||
* | ||
* If the Member Session does not contain a Role that satisfies the requested permission, or if the | ||
* `organization_ids` | ||
* argument contains an `organization_id` that the Member Session does not belong to, a 403 error will be | ||
* thrown. | ||
* Otherwise, the request will proceed as normal. | ||
* | ||
* To learn more about our RBAC implementation, see our | ||
* [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/overview). | ||
* @param data {@link B2BOrganizationsMembersSearchRequest} | ||
@@ -271,3 +234,3 @@ * @param options {@link B2BOrganizationsMembersSearchRequestOptions} | ||
/** | ||
* Delete a Member's password. /%} | ||
* Delete a Member's password. | ||
* @param data {@link B2BOrganizationsMembersDeletePasswordRequest} | ||
@@ -315,3 +278,46 @@ * @param options {@link B2BOrganizationsMembersDeletePasswordRequestOptions} | ||
/** | ||
* Creates a Member. An `organization_id` and `email_address` are required. /%} | ||
* Unlinks a retired email address from a Member specified by their `organization_id` and `member_id`. The | ||
* email address | ||
* to be retired can be identified in the request body by either its `email_id`, its `email_address`, or | ||
* both. If using | ||
* both identifiers they must refer to the same email. | ||
* | ||
* A previously active email address can be marked as retired in one of two ways: | ||
* | ||
* - It's replaced with a new primary email address during an explicit Member update. | ||
* - A new email address is surfaced by an OAuth, SAML or OIDC provider. In this case the new email address | ||
* becomes the | ||
* Member's primary email address and the old primary email address is retired. | ||
* | ||
* A retired email address cannot be used by other Members in the same Organization. However, unlinking | ||
* retired email | ||
* addresses allows then to be subsequently re-used by other Organization Members. Retired email addresses | ||
* can be viewed | ||
* on the [Member object](https://stytch.com/docs/b2b/api/member-object). | ||
* %} | ||
* @param data {@link B2BOrganizationsMembersUnlinkRetiredEmailRequest} | ||
* @param options {@link B2BOrganizationsMembersUnlinkRetiredEmailRequestOptions} | ||
* @returns {@link B2BOrganizationsMembersUnlinkRetiredEmailResponse} | ||
* @async | ||
* @throws A {@link StytchError} on a non-2xx response from the Stytch API | ||
* @throws A {@link RequestError} when the Stytch API cannot be reached | ||
*/ | ||
unlinkRetiredEmail(data, options) { | ||
const headers = {}; | ||
if (options?.authorization) { | ||
(0, _method_options.addAuthorizationHeaders)(headers, options.authorization); | ||
} | ||
return (0, _shared.request)(this.fetchConfig, { | ||
method: "POST", | ||
url: `/v1/b2b/organizations/${data.organization_id}/members/${data.member_id}/unlink_retired_email`, | ||
headers, | ||
data: { | ||
email_id: data.email_id, | ||
email_address: data.email_address | ||
} | ||
}); | ||
} | ||
/** | ||
* Creates a Member. An `organization_id` and `email_address` are required. | ||
* @param data {@link B2BOrganizationsMembersCreateRequest} | ||
@@ -318,0 +324,0 @@ * @param options {@link B2BOrganizationsMembersCreateRequestOptions} |
@@ -97,21 +97,2 @@ "use strict"; | ||
* `sso_jit_provisioning`, etc., and their behaviors. | ||
* | ||
* Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you | ||
* pass in | ||
* a header containing a `session_token` or a `session_jwt` for an unexpired Member Session, we will check | ||
* that the | ||
* Member Session has the necessary permissions. The specific permissions needed depend on which of the | ||
* optional fields | ||
* are passed in the request. For example, if the `organization_name` argument is provided, the Member | ||
* Session must have | ||
* permission to perform the `update.info.name` action on the `stytch.organization` Resource. | ||
* | ||
* If the Member Session does not contain a Role that satisfies the requested permissions, or if the | ||
* Member's Organization | ||
* does not match the `organization_id` passed in the request, a 403 error will be thrown. Otherwise, the | ||
* request will | ||
* proceed as normal. | ||
* | ||
* To learn more about our RBAC implementation, see our | ||
* [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/overview). | ||
* @param data {@link B2BOrganizationsUpdateRequest} | ||
@@ -156,3 +137,3 @@ * @param options {@link B2BOrganizationsUpdateRequestOptions} | ||
* Deletes an Organization specified by `organization_id`. All Members of the Organization will also be | ||
* deleted. /%} | ||
* deleted. | ||
* @param data {@link B2BOrganizationsDeleteRequest} | ||
@@ -159,0 +140,0 @@ * @param options {@link B2BOrganizationsDeleteRequestOptions} |
@@ -73,2 +73,4 @@ "use strict"; | ||
* MFA step. | ||
* | ||
* Note that a successful password reset by email will revoke all active sessions for the `member_id`. | ||
* @param data {@link B2BPasswordsEmailResetRequest} | ||
@@ -75,0 +77,0 @@ * @returns {@link B2BPasswordsEmailResetResponse} |
@@ -45,2 +45,5 @@ "use strict"; | ||
* MFA step. | ||
* | ||
* Note that a successful password reset via an existing password will revoke all active sessions for the | ||
* `member_id`. | ||
* @param data {@link B2BPasswordsExistingPasswordResetRequest} | ||
@@ -47,0 +50,0 @@ * @returns {@link B2BPasswordsExistingPasswordResetResponse} |
@@ -28,2 +28,5 @@ "use strict"; | ||
* `session_token` or `session_jwt` should be provided. | ||
* | ||
* Note that a successful password reset via an existing session will revoke all active sessions for the | ||
* `member_id`, except for the one used during the reset flow. | ||
* @param data {@link B2BPasswordsSessionResetRequest} | ||
@@ -30,0 +33,0 @@ * @returns {@link B2BPasswordsSessionResetResponse} |
@@ -81,2 +81,4 @@ "use strict"; | ||
* rate limit of 100 requests per second. | ||
* | ||
* The member's email will be marked as verified when you use this endpoint. | ||
* @param data {@link B2BPasswordsMigrateRequest} | ||
@@ -83,0 +85,0 @@ * @returns {@link B2BPasswordsMigrateResponse} |
@@ -23,2 +23,6 @@ "use strict"; | ||
// Request type for `scim.connection.getGroups`. | ||
// Response type for `scim.connection.getGroups`. | ||
// Request type for `scim.connection.get`. | ||
@@ -50,3 +54,3 @@ | ||
/** | ||
* Update a SCIM Connection. /%} | ||
* Update a SCIM Connection. | ||
* @param data {@link B2BSCIMConnectionUpdateRequest} | ||
@@ -77,3 +81,3 @@ * @param options {@link B2BSCIMConnectionUpdateRequestOptions} | ||
/** | ||
* Deletes a SCIM Connection. /%} | ||
* Deletes a SCIM Connection. | ||
* @param data {@link B2BSCIMConnectionDeleteRequest} | ||
@@ -100,3 +104,3 @@ * @param options {@link B2BSCIMConnectionDeleteRequestOptions} | ||
/** | ||
* Start a SCIM token rotation. /%} | ||
* Start a SCIM token rotation. | ||
* @param data {@link B2BSCIMConnectionRotateStartRequest} | ||
@@ -125,3 +129,3 @@ * @param options {@link B2BSCIMConnectionRotateStartRequestOptions} | ||
* active token to be the new token supplied in the | ||
* [start SCIM token rotation](https://stytch.com/docs/b2b/api/scim-rotate-token-start) response. /%} | ||
* [start SCIM token rotation](https://stytch.com/docs/b2b/api/scim-rotate-token-start) response. | ||
* @param data {@link B2BSCIMConnectionRotateCompleteRequest} | ||
@@ -149,3 +153,3 @@ * @param options {@link B2BSCIMConnectionRotateCompleteRequestOptions} | ||
* Cancel a SCIM token rotation. This will cancel the current token rotation process, keeping the original | ||
* token active. /%} | ||
* token active. | ||
* @param data {@link B2BSCIMConnectionRotateCancelRequest} | ||
@@ -172,3 +176,28 @@ * @param options {@link B2BSCIMConnectionRotateCancelRequestOptions} | ||
/** | ||
* Create a new SCIM Connection. /%} | ||
* Gets a paginated list of all SCIM Groups associated with a given Connection. | ||
* @param params {@link B2BSCIMConnectionGetGroupsRequest} | ||
* @param options {@link B2BSCIMConnectionGetGroupsRequestOptions} | ||
* @returns {@link B2BSCIMConnectionGetGroupsResponse} | ||
* @async | ||
* @throws A {@link StytchError} on a non-2xx response from the Stytch API | ||
* @throws A {@link RequestError} when the Stytch API cannot be reached | ||
*/ | ||
getGroups(params, options) { | ||
const headers = {}; | ||
if (options?.authorization) { | ||
(0, _method_options.addAuthorizationHeaders)(headers, options.authorization); | ||
} | ||
return (0, _shared.request)(this.fetchConfig, { | ||
method: "GET", | ||
url: `/v1/b2b/scim/${params.organization_id}/connection/${params.connection_id}`, | ||
headers, | ||
params: { | ||
cursor: params.cursor, | ||
limit: params.limit | ||
} | ||
}); | ||
} | ||
/** | ||
* Create a new SCIM Connection. | ||
* @param data {@link B2BSCIMConnectionCreateRequest} | ||
@@ -198,3 +227,3 @@ * @param options {@link B2BSCIMConnectionCreateRequestOptions} | ||
/** | ||
* Get SCIM Connections. /%} | ||
* Get SCIM Connections. | ||
* @param params {@link B2BSCIMConnectionGetRequest} | ||
@@ -201,0 +230,0 @@ * @param options {@link B2BSCIMConnectionGetRequestOptions} |
@@ -89,4 +89,4 @@ "use strict"; | ||
* will be returned if both the signature and the underlying Session are still valid. See our | ||
* [How to use Stytch Session JWTs](https://stytch.com/docs/b2b/guides/sessions/using-jwts) guide for more | ||
* information. | ||
* [How to use Stytch Session JWTs](https://stytch.com/docs/b2b/guides/sessions/resources/using-jwts) guide | ||
* for more information. | ||
* | ||
@@ -223,3 +223,4 @@ * If an `authorization_check` object is passed in, this method will also check if the Member is authorized | ||
* | ||
* See our [How to use Stytch Session JWTs](https://stytch.com/docs/b2b/guides/sessions/using-jwts) guide | ||
* See our | ||
* [How to use Stytch Session JWTs](https://stytch.com/docs/b2b/guides/sessions/resources/using-jwts) guide | ||
* for more information. | ||
@@ -226,0 +227,0 @@ * @param params {@link B2BSessionsGetJWKSRequest} |
@@ -29,3 +29,3 @@ "use strict"; | ||
/** | ||
* Create a new OIDC Connection. /%} | ||
* Create a new OIDC Connection. | ||
* @param data {@link B2BSSOOIDCCreateConnectionRequest} | ||
@@ -81,3 +81,2 @@ * @param options {@link B2BSSOOIDCCreateConnectionRequestOptions} | ||
* * `jwks_url` | ||
* /%} | ||
* @param data {@link B2BSSOOIDCUpdateConnectionRequest} | ||
@@ -84,0 +83,0 @@ * @param options {@link B2BSSOOIDCUpdateConnectionRequestOptions} |
@@ -37,3 +37,3 @@ "use strict"; | ||
/** | ||
* Create a new SAML Connection. /%} | ||
* Create a new SAML Connection. | ||
* @param data {@link B2BSSOSAMLCreateConnectionRequest} | ||
@@ -70,3 +70,2 @@ * @param options {@link B2BSSOSAMLCreateConnectionRequestOptions} | ||
* * `x509_certificate` | ||
* /%} | ||
* @param data {@link B2BSSOSAMLUpdateConnectionRequest} | ||
@@ -110,3 +109,2 @@ * @param options {@link B2BSSOSAMLUpdateConnectionRequestOptions} | ||
* * `attribute_mapping` (must be supplied using [Update SAML Connection](update-saml-connection)) | ||
* /%} | ||
* @param data {@link B2BSSOSAMLUpdateByURLRequest} | ||
@@ -139,3 +137,2 @@ * @param options {@link B2BSSOSAMLUpdateByURLRequestOptions} | ||
* certificates per connection. There must always be at least one certificate per active connection. | ||
* /%} | ||
* @param data {@link B2BSSOSAMLDeleteVerificationCertificateRequest} | ||
@@ -142,0 +139,0 @@ * @param options {@link B2BSSOSAMLDeleteVerificationCertificateRequestOptions} |
@@ -37,3 +37,3 @@ "use strict"; | ||
/** | ||
* Get all SSO Connections owned by the organization. /%} | ||
* Get all SSO Connections owned by the organization. | ||
* @param params {@link B2BSSOGetConnectionsRequest} | ||
@@ -60,3 +60,3 @@ * @param options {@link B2BSSOGetConnectionsRequestOptions} | ||
/** | ||
* Delete an existing SSO connection. /%} | ||
* Delete an existing SSO connection. | ||
* @param data {@link B2BSSODeleteConnectionRequest} | ||
@@ -63,0 +63,0 @@ * @param options {@link B2BSSODeleteConnectionRequestOptions} |
@@ -9,6 +9,6 @@ "use strict"; | ||
var _m2m_clients = require("./m2m_clients"); | ||
var _sessions = require("../shared/sessions"); | ||
var _errors = require("../shared/errors"); | ||
var _m2m_local = require("./m2m_local"); | ||
var _sessions = require("../shared/sessions"); | ||
var _shared = require("../shared"); | ||
var _errors = require("../shared/errors"); | ||
// !!! | ||
@@ -101,15 +101,15 @@ // WARNING: This file is autogenerated | ||
/** | ||
* Authenticate an access token issued by Stytch from the Token endpoint. | ||
* M2M access tokens are JWTs signed with the project's JWKs, and can be validated locally using any Stytch client library. | ||
* You may pass in an optional set of scopes that the JWT must contain in order to enforce permissions. | ||
* You may also override the default scope authorization function to implement custom authorization logic. | ||
* | ||
* @param data {@link AuthenticateTokenRequest} | ||
* @param scopeAuthorizationFunc {@link ScopeAuthorizationFunc} - A function that checks if the token has the required scopes. | ||
The default function assumes scopes are either direct string matches or written in the form "action:resource". See the | ||
documentation for {@link performAuthorizationCheck} for more information. | ||
* @async | ||
* @returns {@link AuthenticateTokenResponse} | ||
* @throws {ClientError} when token can not be authenticated | ||
*/ | ||
* Authenticate an access token issued by Stytch from the Token endpoint. | ||
* M2M access tokens are JWTs signed with the project's JWKs, and can be validated locally using any Stytch client library. | ||
* You may pass in an optional set of scopes that the JWT must contain in order to enforce permissions. | ||
* You may also override the default scope authorization function to implement custom authorization logic. | ||
* | ||
* @param data {@link AuthenticateTokenRequest} | ||
* @param scopeAuthorizationFunc {@link ScopeAuthorizationFunc} - A function that checks if the token has the required scopes. | ||
The default function assumes scopes are either direct string matches or written in the form "action:resource". See the | ||
documentation for {@link performAuthorizationCheck} for more information. | ||
* @async | ||
* @returns {@link AuthenticateTokenResponse} | ||
* @throws {ClientError} when token can not be authenticated | ||
*/ | ||
async authenticateToken(data, scopeAuthorizationFunc = _m2m_local.performAuthorizationCheck) { | ||
@@ -116,0 +116,0 @@ const { |
{ | ||
"name": "stytch", | ||
"version": "10.20.0", | ||
"version": "11.0.0", | ||
"description": "A wrapper for the Stytch API", | ||
@@ -5,0 +5,0 @@ "types": "./types/lib/index.d.ts", |
@@ -7,9 +7,9 @@ export type { SearchQueryOperand } from "./organizations"; | ||
export type { MemberOptions, MfaRequired } from "./mfa"; | ||
export type { ActiveSCIMConnection, ActiveSSOConnection, EmailImplicitRoleAssignment, Member, MemberRole, MemberRoleSource, OAuthRegistration, Organization, B2BOrganizationsResultsMetadata, SCIMRegistration, SSORegistration, SearchQuery, B2BOrganizationsCreateRequest, B2BOrganizationsCreateResponse, B2BOrganizationsDeleteRequest, B2BOrganizationsDeleteResponse, B2BOrganizationsGetRequest, B2BOrganizationsGetResponse, B2BOrganizationsMetricsRequest, B2BOrganizationsMetricsResponse, B2BOrganizationsSearchRequest, B2BOrganizationsSearchResponse, B2BOrganizationsUpdateRequest, B2BOrganizationsUpdateResponse, B2BOrganizationsUpdateRequestOptions, B2BOrganizationsDeleteRequestOptions, } from "./organizations"; | ||
export type { B2BOrganizationsMembersCreateRequest, B2BOrganizationsMembersCreateResponse, B2BOrganizationsMembersDangerouslyGetRequest, B2BOrganizationsMembersDeleteMFAPhoneNumberRequest, B2BOrganizationsMembersDeleteMFAPhoneNumberResponse, B2BOrganizationsMembersDeletePasswordRequest, B2BOrganizationsMembersDeletePasswordResponse, B2BOrganizationsMembersDeleteRequest, B2BOrganizationsMembersDeleteResponse, B2BOrganizationsMembersDeleteTOTPRequest, B2BOrganizationsMembersDeleteTOTPResponse, B2BOrganizationsMembersGetRequest, B2BOrganizationsMembersGetResponse, B2BOrganizationsMembersReactivateRequest, B2BOrganizationsMembersReactivateResponse, B2BOrganizationsMembersSearchRequest, B2BOrganizationsMembersSearchResponse, B2BOrganizationsMembersUpdateRequest, B2BOrganizationsMembersUpdateResponse, B2BOrganizationsMembersUpdateRequestOptions, B2BOrganizationsMembersDeleteRequestOptions, B2BOrganizationsMembersReactivateRequestOptions, B2BOrganizationsMembersDeleteMFAPhoneNumberRequestOptions, B2BOrganizationsMembersDeleteTOTPRequestOptions, B2BOrganizationsMembersSearchRequestOptions, B2BOrganizationsMembersDeletePasswordRequestOptions, B2BOrganizationsMembersCreateRequestOptions, } from "./organizations_members"; | ||
export type { Address, B2BSCIMEmail, EnterpriseExtension, Group, Manager, B2BSCIMName, B2BSCIMPhoneNumber, SCIMAttributes, SCIMConnection, SCIMConnectionWithNextToken, SCIMConnectionWithToken, SCIMGroup, SCIMGroupImplicitRoleAssignments, } from "./scim"; | ||
export type { B2BSCIMConnectionCreateRequest, B2BSCIMConnectionCreateResponse, B2BSCIMConnectionDeleteRequest, B2BSCIMConnectionDeleteResponse, B2BSCIMConnectionGetGroupsRequest, B2BSCIMConnectionGetGroupsResponse, B2BSCIMConnectionGetRequest, B2BSCIMConnectionGetResponse, B2BSCIMConnectionRotateCancelRequest, B2BSCIMConnectionRotateCancelResponse, B2BSCIMConnectionRotateCompleteRequest, B2BSCIMConnectionRotateCompleteResponse, B2BSCIMConnectionRotateStartRequest, B2BSCIMConnectionRotateStartResponse, B2BSCIMConnectionUpdateRequest, B2BSCIMConnectionUpdateResponse, B2BSCIMConnectionUpdateRequestOptions, B2BSCIMConnectionDeleteRequestOptions, B2BSCIMConnectionRotateStartRequestOptions, B2BSCIMConnectionRotateCompleteRequestOptions, B2BSCIMConnectionRotateCancelRequestOptions, B2BSCIMConnectionGetGroupsRequestOptions, B2BSCIMConnectionCreateRequestOptions, B2BSCIMConnectionGetRequestOptions, } from "./scim_connection"; | ||
export type { ActiveSCIMConnection, ActiveSSOConnection, EmailImplicitRoleAssignment, Member, MemberRole, MemberRoleSource, OAuthRegistration, Organization, B2BOrganizationsResultsMetadata, RetiredEmail, SCIMRegistration, SSORegistration, SearchQuery, B2BOrganizationsCreateRequest, B2BOrganizationsCreateResponse, B2BOrganizationsDeleteRequest, B2BOrganizationsDeleteResponse, B2BOrganizationsGetRequest, B2BOrganizationsGetResponse, B2BOrganizationsMetricsRequest, B2BOrganizationsMetricsResponse, B2BOrganizationsSearchRequest, B2BOrganizationsSearchResponse, B2BOrganizationsUpdateRequest, B2BOrganizationsUpdateResponse, B2BOrganizationsUpdateRequestOptions, B2BOrganizationsDeleteRequestOptions, } from "./organizations"; | ||
export type { B2BOrganizationsMembersCreateRequest, B2BOrganizationsMembersCreateResponse, B2BOrganizationsMembersDangerouslyGetRequest, B2BOrganizationsMembersDeleteMFAPhoneNumberRequest, B2BOrganizationsMembersDeleteMFAPhoneNumberResponse, B2BOrganizationsMembersDeletePasswordRequest, B2BOrganizationsMembersDeletePasswordResponse, B2BOrganizationsMembersDeleteRequest, B2BOrganizationsMembersDeleteResponse, B2BOrganizationsMembersDeleteTOTPRequest, B2BOrganizationsMembersDeleteTOTPResponse, B2BOrganizationsMembersGetRequest, B2BOrganizationsMembersGetResponse, B2BOrganizationsMembersReactivateRequest, B2BOrganizationsMembersReactivateResponse, B2BOrganizationsMembersSearchRequest, B2BOrganizationsMembersSearchResponse, B2BOrganizationsMembersUnlinkRetiredEmailRequest, B2BOrganizationsMembersUnlinkRetiredEmailResponse, B2BOrganizationsMembersUpdateRequest, B2BOrganizationsMembersUpdateResponse, B2BOrganizationsMembersUpdateRequestOptions, B2BOrganizationsMembersDeleteRequestOptions, B2BOrganizationsMembersReactivateRequestOptions, B2BOrganizationsMembersDeleteMFAPhoneNumberRequestOptions, B2BOrganizationsMembersDeleteTOTPRequestOptions, B2BOrganizationsMembersSearchRequestOptions, B2BOrganizationsMembersDeletePasswordRequestOptions, B2BOrganizationsMembersUnlinkRetiredEmailRequestOptions, B2BOrganizationsMembersCreateRequestOptions, } from "./organizations_members"; | ||
export type { B2BOrganizationsMembersOAuthProvidersGoogleResponse, B2BOrganizationsMembersOAuthProvidersMicrosoftResponse, B2BOrganizationsMembersOAuthProvidersProviderInformationRequest, } from "./organizations_members_oauth_providers"; | ||
export type { AuthorizationCheck, AuthorizationVerdict, MemberSession, PrimaryRequired, B2BSessionsAuthenticateRequest, B2BSessionsAuthenticateResponse, B2BSessionsExchangeRequest, B2BSessionsExchangeResponse, B2BSessionsGetJWKSRequest, B2BSessionsGetJWKSResponse, B2BSessionsGetRequest, B2BSessionsGetResponse, B2BSessionsMigrateRequest, B2BSessionsMigrateResponse, B2BSessionsRevokeRequest, B2BSessionsRevokeResponse, } from "./sessions"; | ||
export type { AuthorizationCheck, AuthorizationVerdict, MemberSession, PrimaryRequired, B2BSessionsAuthenticateRequest, B2BSessionsAuthenticateResponse, B2BSessionsExchangeRequest, B2BSessionsExchangeResponse, B2BSessionsGetJWKSRequest, B2BSessionsGetJWKSResponse, B2BSessionsGetRequest, B2BSessionsGetResponse, B2BSessionsMigrateRequest, B2BSessionsMigrateResponse, B2BSessionsRevokeRequest, B2BSessionsRevokeResponse, B2BSessionsRevokeRequestOptions, } from "./sessions"; | ||
export type { B2BRecoveryCodesGetRequest, B2BRecoveryCodesGetResponse, B2BRecoveryCodesRecoverRequest, B2BRecoveryCodesRecoverResponse, B2BRecoveryCodesRotateRequest, B2BRecoveryCodesRotateResponse, } from "./recovery_codes"; | ||
export type { SCIMConnection, SCIMConnectionWithNextToken, SCIMConnectionWithToken, SCIMGroupImplicitRoleAssignments, } from "./scim"; | ||
export type { B2BSCIMConnectionCreateRequest, B2BSCIMConnectionCreateResponse, B2BSCIMConnectionDeleteRequest, B2BSCIMConnectionDeleteResponse, B2BSCIMConnectionGetRequest, B2BSCIMConnectionGetResponse, B2BSCIMConnectionRotateCancelRequest, B2BSCIMConnectionRotateCancelResponse, B2BSCIMConnectionRotateCompleteRequest, B2BSCIMConnectionRotateCompleteResponse, B2BSCIMConnectionRotateStartRequest, B2BSCIMConnectionRotateStartResponse, B2BSCIMConnectionUpdateRequest, B2BSCIMConnectionUpdateResponse, B2BSCIMConnectionUpdateRequestOptions, B2BSCIMConnectionDeleteRequestOptions, B2BSCIMConnectionRotateStartRequestOptions, B2BSCIMConnectionRotateCompleteRequestOptions, B2BSCIMConnectionRotateCancelRequestOptions, B2BSCIMConnectionCreateRequestOptions, B2BSCIMConnectionGetRequestOptions, } from "./scim_connection"; | ||
export type { B2BTOTPsAuthenticateRequest, B2BTOTPsAuthenticateResponse, B2BTOTPsCreateRequest, B2BTOTPsCreateResponse, B2BTOTPsMigrateRequest, B2BTOTPsMigrateResponse, } from "./totps"; | ||
@@ -16,0 +16,0 @@ export type { DiscoveredOrganization, Membership } from "./discovery"; |
@@ -53,3 +53,3 @@ import { fetchConfig } from "../shared"; | ||
/** | ||
* Send a discovery magic link to an email address. | ||
* Send a discovery magic link to an email address. The magic link is valid for 60 minutes. | ||
* @param data {@link B2BMagicLinksEmailDiscoverySendRequest} | ||
@@ -56,0 +56,0 @@ * @returns {@link B2BMagicLinksEmailDiscoverySendResponse} |
@@ -162,2 +162,4 @@ import { Authorization } from "../shared/method_options"; | ||
* active Member will receive a login Email Magic Link. | ||
* | ||
* The magic link is valid for 60 minutes. | ||
* @param data {@link B2BMagicLinksEmailLoginOrSignupRequest} | ||
@@ -173,3 +175,5 @@ * @returns {@link B2BMagicLinksEmailLoginOrSignupResponse} | ||
* `invited` status until they successfully authenticate. Sending invites to `pending` Members will update | ||
* their status to `invited`. Sending invites to already `active` Members will return an error. /%} | ||
* their status to `invited`. Sending invites to already `active` Members will return an error. | ||
* | ||
* The magic link invite will be valid for 1 week. | ||
* @param data {@link B2BMagicLinksEmailInviteRequest} | ||
@@ -176,0 +180,0 @@ * @param options {@link B2BMagicLinksEmailInviteRequestOptions} |
@@ -61,2 +61,10 @@ import { Authorization } from "../shared/method_options"; | ||
} | ||
export interface B2BOrganizationsMembersUnlinkRetiredEmailRequestOptions { | ||
/** | ||
* Optional authorization object. | ||
* Pass in an active Stytch Member session token or session JWT and the request | ||
* will be run using that member's permissions. | ||
*/ | ||
authorization?: Authorization; | ||
} | ||
export interface B2BOrganizationsMembersUpdateRequestOptions { | ||
@@ -341,2 +349,36 @@ /** | ||
} | ||
export interface B2BOrganizationsMembersUnlinkRetiredEmailRequest { | ||
/** | ||
* Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to | ||
* perform operations on an Organization, so be sure to preserve this value. | ||
*/ | ||
organization_id: string; | ||
/** | ||
* Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform | ||
* operations on a Member, so be sure to preserve this value. | ||
*/ | ||
member_id: string; | ||
email_id?: string; | ||
email_address?: string; | ||
} | ||
export interface B2BOrganizationsMembersUnlinkRetiredEmailResponse { | ||
/** | ||
* Globally unique UUID that is returned with every API call. This value is important to log for debugging | ||
* purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. | ||
*/ | ||
request_id: string; | ||
member_id: string; | ||
/** | ||
* Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to | ||
* perform operations on an Organization, so be sure to preserve this value. | ||
*/ | ||
organization_id: string; | ||
member: Member; | ||
organization: Organization; | ||
/** | ||
* The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. | ||
* 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. | ||
*/ | ||
status_code: number; | ||
} | ||
export interface B2BOrganizationsMembersUpdateRequest { | ||
@@ -488,21 +530,2 @@ /** | ||
* Updates a Member specified by `organization_id` and `member_id`. | ||
* | ||
* Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you | ||
* pass in | ||
* a header containing a `session_token` or a `session_jwt` for an unexpired Member Session, we will check | ||
* that the | ||
* Member Session has the necessary permissions. The specific permissions needed depend on which of the | ||
* optional fields | ||
* are passed in the request. For example, if the `organization_name` argument is provided, the Member | ||
* Session must have | ||
* permission to perform the `update.info.name` action on the `stytch.organization` Resource. | ||
* | ||
* If the Member Session does not contain a Role that satisfies the requested permissions, or if the | ||
* Member's Organization | ||
* does not match the `organization_id` passed in the request, a 403 error will be thrown. Otherwise, the | ||
* request will | ||
* proceed as normal. | ||
* | ||
* To learn more about our RBAC implementation, see our | ||
* [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/overview). | ||
* @param data {@link B2BOrganizationsMembersUpdateRequest} | ||
@@ -517,3 +540,3 @@ * @param options {@link B2BOrganizationsMembersUpdateRequestOptions} | ||
/** | ||
* Deletes a Member specified by `organization_id` and `member_id`. /%} | ||
* Deletes a Member specified by `organization_id` and `member_id`. | ||
* @param data {@link B2BOrganizationsMembersDeleteRequest} | ||
@@ -529,3 +552,3 @@ * @param options {@link B2BOrganizationsMembersDeleteRequestOptions} | ||
* Reactivates a deleted Member's status and its associated email status (if applicable) to active, | ||
* specified by `organization_id` and `member_id`. /%} | ||
* specified by `organization_id` and `member_id`. | ||
* @param data {@link B2BOrganizationsMembersReactivateRequest} | ||
@@ -550,3 +573,2 @@ * @param options {@link B2BOrganizationsMembersReactivateRequestOptions} | ||
* [OTP SMS Authenticate](https://stytch.com/docs/b2b/api/authenticate-otp-sms) endpoint. | ||
* /%} | ||
* @param data {@link B2BOrganizationsMembersDeleteMFAPhoneNumberRequest} | ||
@@ -568,3 +590,2 @@ * @param options {@link B2BOrganizationsMembersDeleteMFAPhoneNumberRequestOptions} | ||
* registration is deleted, and MFA will not be enforced until the Member logs in again. | ||
* /%} | ||
* @param data {@link B2BOrganizationsMembersDeleteTOTPRequest} | ||
@@ -583,22 +604,2 @@ * @param options {@link B2BOrganizationsMembersDeleteTOTPRequestOptions} | ||
* *All fuzzy search filters require a minimum of three characters. | ||
* | ||
* Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you | ||
* pass in | ||
* a header containing a `session_token` or a `session_jwt` for an unexpired Member Session, we will check | ||
* that the | ||
* Member Session has permission to perform the `search` action on the `stytch.member` Resource. In | ||
* addition, enforcing | ||
* RBAC on this endpoint means that you may only search for Members within the calling Member's | ||
* Organization, so the | ||
* `organization_ids` argument may only contain the `organization_id` of the Member Session passed in the | ||
* header. | ||
* | ||
* If the Member Session does not contain a Role that satisfies the requested permission, or if the | ||
* `organization_ids` | ||
* argument contains an `organization_id` that the Member Session does not belong to, a 403 error will be | ||
* thrown. | ||
* Otherwise, the request will proceed as normal. | ||
* | ||
* To learn more about our RBAC implementation, see our | ||
* [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/overview). | ||
* @param data {@link B2BOrganizationsMembersSearchRequest} | ||
@@ -613,3 +614,3 @@ * @param options {@link B2BOrganizationsMembersSearchRequestOptions} | ||
/** | ||
* Delete a Member's password. /%} | ||
* Delete a Member's password. | ||
* @param data {@link B2BOrganizationsMembersDeletePasswordRequest} | ||
@@ -636,3 +637,31 @@ * @param options {@link B2BOrganizationsMembersDeletePasswordRequestOptions} | ||
/** | ||
* Creates a Member. An `organization_id` and `email_address` are required. /%} | ||
* Unlinks a retired email address from a Member specified by their `organization_id` and `member_id`. The | ||
* email address | ||
* to be retired can be identified in the request body by either its `email_id`, its `email_address`, or | ||
* both. If using | ||
* both identifiers they must refer to the same email. | ||
* | ||
* A previously active email address can be marked as retired in one of two ways: | ||
* | ||
* - It's replaced with a new primary email address during an explicit Member update. | ||
* - A new email address is surfaced by an OAuth, SAML or OIDC provider. In this case the new email address | ||
* becomes the | ||
* Member's primary email address and the old primary email address is retired. | ||
* | ||
* A retired email address cannot be used by other Members in the same Organization. However, unlinking | ||
* retired email | ||
* addresses allows then to be subsequently re-used by other Organization Members. Retired email addresses | ||
* can be viewed | ||
* on the [Member object](https://stytch.com/docs/b2b/api/member-object). | ||
* %} | ||
* @param data {@link B2BOrganizationsMembersUnlinkRetiredEmailRequest} | ||
* @param options {@link B2BOrganizationsMembersUnlinkRetiredEmailRequestOptions} | ||
* @returns {@link B2BOrganizationsMembersUnlinkRetiredEmailResponse} | ||
* @async | ||
* @throws A {@link StytchError} on a non-2xx response from the Stytch API | ||
* @throws A {@link RequestError} when the Stytch API cannot be reached | ||
*/ | ||
unlinkRetiredEmail(data: B2BOrganizationsMembersUnlinkRetiredEmailRequest, options?: B2BOrganizationsMembersUnlinkRetiredEmailRequestOptions): Promise<B2BOrganizationsMembersUnlinkRetiredEmailResponse>; | ||
/** | ||
* Creates a Member. An `organization_id` and `email_address` are required. | ||
* @param data {@link B2BOrganizationsMembersCreateRequest} | ||
@@ -639,0 +668,0 @@ * @param options {@link B2BOrganizationsMembersCreateRequestOptions} |
import { Authorization } from "../shared/method_options"; | ||
import { fetchConfig } from "../shared"; | ||
import { Members } from "./organizations_members"; | ||
import { SCIMAttributes } from "./scim"; | ||
export interface ActiveSCIMConnection { | ||
@@ -94,2 +95,3 @@ connection_id: string; | ||
totp_registration_id: string; | ||
retired_email_addresses: RetiredEmail[]; | ||
/** | ||
@@ -377,2 +379,6 @@ * Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they | ||
} | ||
export interface RetiredEmail { | ||
email_id: string; | ||
email_address: string; | ||
} | ||
export interface SCIMRegistration { | ||
@@ -382,3 +388,3 @@ connection_id: string; | ||
external_id?: string; | ||
scim_attributes?: Record<string, any>; | ||
scim_attributes?: SCIMAttributes; | ||
} | ||
@@ -917,21 +923,2 @@ export interface SSORegistration { | ||
* `sso_jit_provisioning`, etc., and their behaviors. | ||
* | ||
* Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you | ||
* pass in | ||
* a header containing a `session_token` or a `session_jwt` for an unexpired Member Session, we will check | ||
* that the | ||
* Member Session has the necessary permissions. The specific permissions needed depend on which of the | ||
* optional fields | ||
* are passed in the request. For example, if the `organization_name` argument is provided, the Member | ||
* Session must have | ||
* permission to perform the `update.info.name` action on the `stytch.organization` Resource. | ||
* | ||
* If the Member Session does not contain a Role that satisfies the requested permissions, or if the | ||
* Member's Organization | ||
* does not match the `organization_id` passed in the request, a 403 error will be thrown. Otherwise, the | ||
* request will | ||
* proceed as normal. | ||
* | ||
* To learn more about our RBAC implementation, see our | ||
* [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/overview). | ||
* @param data {@link B2BOrganizationsUpdateRequest} | ||
@@ -947,3 +934,3 @@ * @param options {@link B2BOrganizationsUpdateRequestOptions} | ||
* Deletes an Organization specified by `organization_id`. All Members of the Organization will also be | ||
* deleted. /%} | ||
* deleted. | ||
* @param data {@link B2BOrganizationsDeleteRequest} | ||
@@ -950,0 +937,0 @@ * @param options {@link B2BOrganizationsDeleteRequestOptions} |
@@ -7,2 +7,6 @@ import { fetchConfig } from "../shared"; | ||
password_reset_token: string; | ||
/** | ||
* The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed, e.g. | ||
* spaces, emojis, non-English characers, etc. | ||
*/ | ||
password: string; | ||
@@ -223,2 +227,4 @@ /** | ||
* MFA step. | ||
* | ||
* Note that a successful password reset by email will revoke all active sessions for the `member_id`. | ||
* @param data {@link B2BPasswordsEmailResetRequest} | ||
@@ -225,0 +231,0 @@ * @returns {@link B2BPasswordsEmailResetResponse} |
@@ -119,2 +119,5 @@ import { fetchConfig } from "../shared"; | ||
* MFA step. | ||
* | ||
* Note that a successful password reset via an existing password will revoke all active sessions for the | ||
* `member_id`. | ||
* @param data {@link B2BPasswordsExistingPasswordResetRequest} | ||
@@ -121,0 +124,0 @@ * @returns {@link B2BPasswordsExistingPasswordResetResponse} |
@@ -11,2 +11,6 @@ import { fetchConfig } from "../shared"; | ||
organization_id: string; | ||
/** | ||
* The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed, e.g. | ||
* spaces, emojis, non-English characers, etc. | ||
*/ | ||
password: string; | ||
@@ -99,2 +103,5 @@ session_token?: string; | ||
* `session_token` or `session_jwt` should be provided. | ||
* | ||
* Note that a successful password reset via an existing session will revoke all active sessions for the | ||
* `member_id`, except for the one used during the reset flow. | ||
* @param data {@link B2BPasswordsSessionResetRequest} | ||
@@ -101,0 +108,0 @@ * @returns {@link B2BPasswordsSessionResetResponse} |
@@ -49,2 +49,6 @@ import { Argon2Config, MD5Config, PBKDF2Config, SHA1Config, ScryptConfig } from "../b2c/passwords"; | ||
email_address: string; | ||
/** | ||
* The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed, e.g. | ||
* spaces, emojis, non-English characers, etc. | ||
*/ | ||
password: string; | ||
@@ -218,2 +222,6 @@ session_token?: string; | ||
export interface B2BPasswordsStrengthCheckRequest { | ||
/** | ||
* The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed, e.g. | ||
* spaces, emojis, non-English characers, etc. | ||
*/ | ||
password: string; | ||
@@ -312,2 +320,4 @@ email_address?: string; | ||
* rate limit of 100 requests per second. | ||
* | ||
* The member's email will be marked as verified when you use this endpoint. | ||
* @param data {@link B2BPasswordsMigrateRequest} | ||
@@ -314,0 +324,0 @@ * @returns {@link B2BPasswordsMigrateResponse} |
import { Authorization } from "../shared/method_options"; | ||
import { fetchConfig } from "../shared"; | ||
import { SCIMConnection, SCIMConnectionWithNextToken, SCIMConnectionWithToken, SCIMGroupImplicitRoleAssignments } from "./scim"; | ||
import { SCIMConnection, SCIMConnectionWithNextToken, SCIMConnectionWithToken, SCIMGroup, SCIMGroupImplicitRoleAssignments } from "./scim"; | ||
export interface B2BSCIMConnectionCreateRequestOptions { | ||
@@ -20,2 +20,10 @@ /** | ||
} | ||
export interface B2BSCIMConnectionGetGroupsRequestOptions { | ||
/** | ||
* Optional authorization object. | ||
* Pass in an active Stytch Member session token or session JWT and the request | ||
* will be run using that member's permissions. | ||
*/ | ||
authorization?: Authorization; | ||
} | ||
export interface B2BSCIMConnectionGetRequestOptions { | ||
@@ -109,2 +117,33 @@ /** | ||
} | ||
export interface B2BSCIMConnectionGetGroupsRequest { | ||
/** | ||
* Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to | ||
* perform operations on an Organization, so be sure to preserve this value. | ||
*/ | ||
organization_id: string; | ||
connection_id: string; | ||
/** | ||
* The `cursor` field allows you to paginate through your results. Each result array is limited to 1000 | ||
* results. If your query returns more than 1000 results, you will need to paginate the responses using the | ||
* `cursor`. If you receive a response that includes a non-null `next_cursor` in the `results_metadata` | ||
* object, repeat the search call with the `next_cursor` value set to the `cursor` field to retrieve the | ||
* next page of results. Continue to make search calls until the `next_cursor` in the response is null. | ||
*/ | ||
cursor?: string; | ||
/** | ||
* The number of search results to return per page. The default limit is 100. A maximum of 1000 results can | ||
* be returned by a single search request. If the total size of your result set is greater than one page | ||
* size, you must paginate the response. See the `cursor` field. | ||
*/ | ||
limit?: number; | ||
} | ||
export interface B2BSCIMConnectionGetGroupsResponse { | ||
scim_groups: SCIMGroup[]; | ||
status_code: number; | ||
/** | ||
* The `next_cursor` string is returned when your search result contains more than one page of results. | ||
* This value is passed into your next search call in the `cursor` field. | ||
*/ | ||
next_cursor?: string; | ||
} | ||
export interface B2BSCIMConnectionGetRequest { | ||
@@ -241,3 +280,3 @@ /** | ||
/** | ||
* Update a SCIM Connection. /%} | ||
* Update a SCIM Connection. | ||
* @param data {@link B2BSCIMConnectionUpdateRequest} | ||
@@ -252,3 +291,3 @@ * @param options {@link B2BSCIMConnectionUpdateRequestOptions} | ||
/** | ||
* Deletes a SCIM Connection. /%} | ||
* Deletes a SCIM Connection. | ||
* @param data {@link B2BSCIMConnectionDeleteRequest} | ||
@@ -263,3 +302,3 @@ * @param options {@link B2BSCIMConnectionDeleteRequestOptions} | ||
/** | ||
* Start a SCIM token rotation. /%} | ||
* Start a SCIM token rotation. | ||
* @param data {@link B2BSCIMConnectionRotateStartRequest} | ||
@@ -276,3 +315,3 @@ * @param options {@link B2BSCIMConnectionRotateStartRequestOptions} | ||
* active token to be the new token supplied in the | ||
* [start SCIM token rotation](https://stytch.com/docs/b2b/api/scim-rotate-token-start) response. /%} | ||
* [start SCIM token rotation](https://stytch.com/docs/b2b/api/scim-rotate-token-start) response. | ||
* @param data {@link B2BSCIMConnectionRotateCompleteRequest} | ||
@@ -288,3 +327,3 @@ * @param options {@link B2BSCIMConnectionRotateCompleteRequestOptions} | ||
* Cancel a SCIM token rotation. This will cancel the current token rotation process, keeping the original | ||
* token active. /%} | ||
* token active. | ||
* @param data {@link B2BSCIMConnectionRotateCancelRequest} | ||
@@ -299,3 +338,13 @@ * @param options {@link B2BSCIMConnectionRotateCancelRequestOptions} | ||
/** | ||
* Create a new SCIM Connection. /%} | ||
* Gets a paginated list of all SCIM Groups associated with a given Connection. | ||
* @param params {@link B2BSCIMConnectionGetGroupsRequest} | ||
* @param options {@link B2BSCIMConnectionGetGroupsRequestOptions} | ||
* @returns {@link B2BSCIMConnectionGetGroupsResponse} | ||
* @async | ||
* @throws A {@link StytchError} on a non-2xx response from the Stytch API | ||
* @throws A {@link RequestError} when the Stytch API cannot be reached | ||
*/ | ||
getGroups(params: B2BSCIMConnectionGetGroupsRequest, options?: B2BSCIMConnectionGetGroupsRequestOptions): Promise<B2BSCIMConnectionGetGroupsResponse>; | ||
/** | ||
* Create a new SCIM Connection. | ||
* @param data {@link B2BSCIMConnectionCreateRequest} | ||
@@ -310,3 +359,3 @@ * @param options {@link B2BSCIMConnectionCreateRequestOptions} | ||
/** | ||
* Get SCIM Connections. /%} | ||
* Get SCIM Connections. | ||
* @param params {@link B2BSCIMConnectionGetRequest} | ||
@@ -313,0 +362,0 @@ * @param options {@link B2BSCIMConnectionGetRequestOptions} |
import { Connection } from "./scim_connection"; | ||
import { fetchConfig } from "../shared"; | ||
export interface Address { | ||
formatted: string; | ||
street_address: string; | ||
locality: string; | ||
region: string; | ||
postal_code: string; | ||
country: string; | ||
type: string; | ||
primary: boolean; | ||
} | ||
export interface B2BSCIMEmail { | ||
value: string; | ||
type: string; | ||
primary: boolean; | ||
} | ||
export interface B2BSCIMName { | ||
formatted: string; | ||
family_name: string; | ||
given_name: string; | ||
middle_name: string; | ||
honorific_prefix: string; | ||
honorific_suffix: string; | ||
} | ||
export interface B2BSCIMPhoneNumber { | ||
value: string; | ||
type: string; | ||
primary: boolean; | ||
} | ||
export interface EnterpriseExtension { | ||
employee_number: string; | ||
cost_center: string; | ||
division: string; | ||
department: string; | ||
organization: string; | ||
manager?: Manager; | ||
} | ||
export interface Group { | ||
value: string; | ||
display: string; | ||
} | ||
export interface Manager { | ||
value: string; | ||
ref: string; | ||
display_name: string; | ||
} | ||
export interface SCIMAttributes { | ||
user_name: string; | ||
id: string; | ||
external_id: string; | ||
active: boolean; | ||
groups: Group[]; | ||
display_name: string; | ||
nick_name: string; | ||
profile_url: string; | ||
user_type: string; | ||
title: string; | ||
preferred_language: string; | ||
locale: string; | ||
timezone: string; | ||
emails: B2BSCIMEmail[]; | ||
phone_numbers: B2BSCIMPhoneNumber[]; | ||
addresses: Address[]; | ||
name?: B2BSCIMName; | ||
enterprise_extension?: EnterpriseExtension; | ||
} | ||
export interface SCIMConnection { | ||
@@ -40,2 +105,12 @@ organization_id: string; | ||
} | ||
export interface SCIMGroup { | ||
group_id: string; | ||
group_name: string; | ||
/** | ||
* Globally unique UUID that identifies a specific Organization. The organization_id is critical to perform | ||
* operations on an Organization, so be sure to preserve this value. | ||
*/ | ||
organization_id: string; | ||
connection_id: string; | ||
} | ||
export interface SCIMGroupImplicitRoleAssignments { | ||
@@ -42,0 +117,0 @@ role_id: string; |
@@ -428,4 +428,4 @@ import { AuthenticationFactor, JWK } from "../b2c/sessions"; | ||
* will be returned if both the signature and the underlying Session are still valid. See our | ||
* [How to use Stytch Session JWTs](https://stytch.com/docs/b2b/guides/sessions/using-jwts) guide for more | ||
* information. | ||
* [How to use Stytch Session JWTs](https://stytch.com/docs/b2b/guides/sessions/resources/using-jwts) guide | ||
* for more information. | ||
* | ||
@@ -523,3 +523,4 @@ * If an `authorization_check` object is passed in, this method will also check if the Member is authorized | ||
* | ||
* See our [How to use Stytch Session JWTs](https://stytch.com/docs/b2b/guides/sessions/using-jwts) guide | ||
* See our | ||
* [How to use Stytch Session JWTs](https://stytch.com/docs/b2b/guides/sessions/resources/using-jwts) guide | ||
* for more information. | ||
@@ -526,0 +527,0 @@ * @param params {@link B2BSessionsGetJWKSRequest} |
@@ -119,3 +119,3 @@ import { Authorization } from "../shared/method_options"; | ||
/** | ||
* Create a new OIDC Connection. /%} | ||
* Create a new OIDC Connection. | ||
* @param data {@link B2BSSOOIDCCreateConnectionRequest} | ||
@@ -156,3 +156,2 @@ * @param options {@link B2BSSOOIDCCreateConnectionRequestOptions} | ||
* * `jwks_url` | ||
* /%} | ||
* @param data {@link B2BSSOOIDCUpdateConnectionRequest} | ||
@@ -159,0 +158,0 @@ * @param options {@link B2BSSOOIDCUpdateConnectionRequestOptions} |
@@ -188,3 +188,3 @@ import { Authorization } from "../shared/method_options"; | ||
/** | ||
* Create a new SAML Connection. /%} | ||
* Create a new SAML Connection. | ||
* @param data {@link B2BSSOSAMLCreateConnectionRequest} | ||
@@ -206,3 +206,2 @@ * @param options {@link B2BSSOSAMLCreateConnectionRequestOptions} | ||
* * `x509_certificate` | ||
* /%} | ||
* @param data {@link B2BSSOSAMLUpdateConnectionRequest} | ||
@@ -224,3 +223,2 @@ * @param options {@link B2BSSOSAMLUpdateConnectionRequestOptions} | ||
* * `attribute_mapping` (must be supplied using [Update SAML Connection](update-saml-connection)) | ||
* /%} | ||
* @param data {@link B2BSSOSAMLUpdateByURLRequest} | ||
@@ -239,3 +237,2 @@ * @param options {@link B2BSSOSAMLUpdateByURLRequestOptions} | ||
* certificates per connection. There must always be at least one certificate per active connection. | ||
* /%} | ||
* @param data {@link B2BSSOSAMLDeleteVerificationCertificateRequest} | ||
@@ -242,0 +239,0 @@ * @param options {@link B2BSSOSAMLDeleteVerificationCertificateRequestOptions} |
@@ -260,3 +260,3 @@ import { Authorization } from "../shared/method_options"; | ||
/** | ||
* Get all SSO Connections owned by the organization. /%} | ||
* Get all SSO Connections owned by the organization. | ||
* @param params {@link B2BSSOGetConnectionsRequest} | ||
@@ -271,3 +271,3 @@ * @param options {@link B2BSSOGetConnectionsRequestOptions} | ||
/** | ||
* Delete an existing SSO connection. /%} | ||
* Delete an existing SSO connection. | ||
* @param data {@link B2BSSODeleteConnectionRequest} | ||
@@ -274,0 +274,0 @@ * @param options {@link B2BSSODeleteConnectionRequestOptions} |
@@ -5,3 +5,3 @@ export type { SearchUsersQueryOperand } from "./users"; | ||
export type { Attributes } from "./attribute"; | ||
export type { BiometricRegistration, CryptoWallet, Email, Name, OAuthProvider, Password, PhoneNumber, UsersResultsMetadata, SearchUsersQuery, TOTP, User, WebAuthnRegistration, UsersCreateRequest, UsersCreateResponse, UsersDeleteBiometricRegistrationRequest, UsersDeleteBiometricRegistrationResponse, UsersDeleteCryptoWalletRequest, UsersDeleteCryptoWalletResponse, UsersDeleteEmailRequest, UsersDeleteEmailResponse, UsersDeleteOAuthRegistrationRequest, UsersDeleteOAuthRegistrationResponse, UsersDeletePasswordRequest, UsersDeletePasswordResponse, UsersDeletePhoneNumberRequest, UsersDeletePhoneNumberResponse, UsersDeleteRequest, UsersDeleteResponse, UsersDeleteTOTPRequest, UsersDeleteTOTPResponse, UsersDeleteWebAuthnRegistrationRequest, UsersDeleteWebAuthnRegistrationResponse, UsersExchangePrimaryFactorRequest, UsersExchangePrimaryFactorResponse, UsersGetRequest, UsersGetResponse, UsersSearchRequest, UsersSearchResponse, UsersUpdateRequest, UsersUpdateResponse, } from "./users"; | ||
export type { BiometricRegistration, CryptoWallet, UsersEmail, UsersName, OAuthProvider, Password, UsersPhoneNumber, UsersResultsMetadata, SearchUsersQuery, TOTP, User, WebAuthnRegistration, UsersCreateRequest, UsersCreateResponse, UsersDeleteBiometricRegistrationRequest, UsersDeleteBiometricRegistrationResponse, UsersDeleteCryptoWalletRequest, UsersDeleteCryptoWalletResponse, UsersDeleteEmailRequest, UsersDeleteEmailResponse, UsersDeleteOAuthRegistrationRequest, UsersDeleteOAuthRegistrationResponse, UsersDeletePasswordRequest, UsersDeletePasswordResponse, UsersDeletePhoneNumberRequest, UsersDeletePhoneNumberResponse, UsersDeleteRequest, UsersDeleteResponse, UsersDeleteTOTPRequest, UsersDeleteTOTPResponse, UsersDeleteWebAuthnRegistrationRequest, UsersDeleteWebAuthnRegistrationResponse, UsersExchangePrimaryFactorRequest, UsersExchangePrimaryFactorResponse, UsersGetRequest, UsersGetResponse, UsersSearchRequest, UsersSearchResponse, UsersUpdateRequest, UsersUpdateResponse, } from "./users"; | ||
export type { AmazonOAuthFactor, AppleOAuthFactor, AuthenticationFactor, AuthenticatorAppFactor, BiometricFactor, BitbucketOAuthFactor, CoinbaseOAuthFactor, CryptoWalletFactor, DiscordOAuthFactor, EmailFactor, EmbeddableMagicLinkFactor, FacebookOAuthFactor, FigmaOAuthFactor, GitLabOAuthFactor, GithubOAuthFactor, GoogleOAuthFactor, HubspotOAuthExchangeFactor, HubspotOAuthFactor, InstagramOAuthFactor, JWK, LinkedInOAuthFactor, MicrosoftOAuthFactor, OIDCSSOFactor, PhoneNumberFactor, RecoveryCodeFactor, SAMLSSOFactor, SalesforceOAuthFactor, Session, ShopifyOAuthFactor, SlackOAuthExchangeFactor, SlackOAuthFactor, SnapchatOAuthFactor, SpotifyOAuthFactor, SteamOAuthFactor, TikTokOAuthFactor, TwitchOAuthFactor, TwitterOAuthFactor, WebAuthnFactor, YahooOAuthFactor, SessionsAuthenticateRequest, SessionsAuthenticateResponse, SessionsGetJWKSRequest, SessionsGetJWKSResponse, SessionsGetRequest, SessionsGetResponse, SessionsRevokeRequest, SessionsRevokeResponse, } from "./sessions"; | ||
@@ -8,0 +8,0 @@ export type { CryptoWalletsAuthenticateRequest, CryptoWalletsAuthenticateResponse, CryptoWalletsAuthenticateStartRequest, CryptoWalletsAuthenticateStartResponse, } from "./crypto_wallets"; |
import { Clients } from "./m2m_clients"; | ||
import { fetchConfig } from "../shared"; | ||
import { JwtConfig } from "../shared/sessions"; | ||
import { ScopeAuthorizationFunc } from "./m2m_local"; | ||
import { JwtConfig } from "../shared/sessions"; | ||
export interface M2MClient { | ||
@@ -136,16 +136,16 @@ client_id: string; | ||
/** | ||
* Authenticate an access token issued by Stytch from the Token endpoint. | ||
* M2M access tokens are JWTs signed with the project's JWKs, and can be validated locally using any Stytch client library. | ||
* You may pass in an optional set of scopes that the JWT must contain in order to enforce permissions. | ||
* You may also override the default scope authorization function to implement custom authorization logic. | ||
* | ||
* @param data {@link AuthenticateTokenRequest} | ||
* @param scopeAuthorizationFunc {@link ScopeAuthorizationFunc} - A function that checks if the token has the required scopes. | ||
The default function assumes scopes are either direct string matches or written in the form "action:resource". See the | ||
documentation for {@link performAuthorizationCheck} for more information. | ||
* @async | ||
* @returns {@link AuthenticateTokenResponse} | ||
* @throws {ClientError} when token can not be authenticated | ||
*/ | ||
* Authenticate an access token issued by Stytch from the Token endpoint. | ||
* M2M access tokens are JWTs signed with the project's JWKs, and can be validated locally using any Stytch client library. | ||
* You may pass in an optional set of scopes that the JWT must contain in order to enforce permissions. | ||
* You may also override the default scope authorization function to implement custom authorization logic. | ||
* | ||
* @param data {@link AuthenticateTokenRequest} | ||
* @param scopeAuthorizationFunc {@link ScopeAuthorizationFunc} - A function that checks if the token has the required scopes. | ||
The default function assumes scopes are either direct string matches or written in the form "action:resource". See the | ||
documentation for {@link performAuthorizationCheck} for more information. | ||
* @async | ||
* @returns {@link AuthenticateTokenResponse} | ||
* @throws {ClientError} when token can not be authenticated | ||
*/ | ||
authenticateToken(data: AuthenticateTokenRequest, scopeAuthorizationFunc?: ScopeAuthorizationFunc): Promise<AuthenticateTokenResponse>; | ||
} |
import { Attributes } from "./attribute"; | ||
import { fetchConfig } from "../shared"; | ||
import { Name } from "./users"; | ||
import { UsersName } from "./users"; | ||
export interface MagicLinksEmailInviteRequest { | ||
@@ -13,3 +13,3 @@ email: string; | ||
attributes?: Attributes; | ||
name?: Name; | ||
name?: UsersName; | ||
/** | ||
@@ -16,0 +16,0 @@ * The URL the end user clicks from the Email Magic Link. This should be a URL that your app receives and |
@@ -16,2 +16,6 @@ import { Attributes } from "./attribute"; | ||
token: string; | ||
/** | ||
* The password for the user. Any UTF8 character is allowed, e.g. spaces, emojis, non-English characers, | ||
* etc. | ||
*/ | ||
password: string; | ||
@@ -18,0 +22,0 @@ session_token?: string; |
@@ -5,2 +5,6 @@ import { fetchConfig } from "../shared"; | ||
export interface PasswordsSessionResetRequest { | ||
/** | ||
* The password for the user. Any UTF8 character is allowed, e.g. spaces, emojis, non-English characers, | ||
* etc. | ||
*/ | ||
password: string; | ||
@@ -7,0 +11,0 @@ session_token?: string; |
import { Email } from "./passwords_email"; | ||
import { ExistingPassword } from "./passwords_existing_password"; | ||
import { fetchConfig } from "../shared"; | ||
import { Name, User } from "./users"; | ||
import { Session } from "./sessions"; | ||
import { Sessions } from "./passwords_session"; | ||
import { User, UsersName } from "./users"; | ||
export interface Argon2Config { | ||
@@ -70,3 +70,3 @@ salt: string; | ||
* 262,145. | ||
* If your applicaiton's N parameter is larger than 262,144, please reach out to | ||
* If your application's N parameter is larger than 262,144, please reach out to | ||
* [support@stytch.com](mailto:support@stytch.com) | ||
@@ -81,2 +81,6 @@ */ | ||
email: string; | ||
/** | ||
* The password for the user. Any UTF8 character is allowed, e.g. spaces, emojis, non-English characers, | ||
* etc. | ||
*/ | ||
password: string; | ||
@@ -141,2 +145,6 @@ session_token?: string; | ||
email: string; | ||
/** | ||
* The password for the user. Any UTF8 character is allowed, e.g. spaces, emojis, non-English characers, | ||
* etc. | ||
*/ | ||
password: string; | ||
@@ -180,3 +188,3 @@ /** | ||
untrusted_metadata?: Record<string, any>; | ||
name?: Name; | ||
name?: UsersName; | ||
} | ||
@@ -250,3 +258,3 @@ export interface PasswordsCreateResponse { | ||
set_email_verified?: boolean; | ||
name?: Name; | ||
name?: UsersName; | ||
} | ||
@@ -274,2 +282,6 @@ export interface PasswordsMigrateResponse { | ||
export interface PasswordsStrengthCheckRequest { | ||
/** | ||
* The password for the user. Any UTF8 character is allowed, e.g. spaces, emojis, non-English characers, | ||
* etc. | ||
*/ | ||
password: string; | ||
@@ -276,0 +288,0 @@ email?: string; |
@@ -21,16 +21,2 @@ import { Attributes } from "./attribute"; | ||
} | ||
export interface Email { | ||
email_id: string; | ||
email: string; | ||
/** | ||
* The verified boolean denotes whether or not this send method, e.g. phone number, email address, etc., | ||
* has been successfully authenticated by the User. | ||
*/ | ||
verified: boolean; | ||
} | ||
export interface Name { | ||
first_name?: string; | ||
middle_name?: string; | ||
last_name?: string; | ||
} | ||
export interface OAuthProvider { | ||
@@ -63,11 +49,2 @@ /** | ||
} | ||
export interface PhoneNumber { | ||
phone_id: string; | ||
phone_number: string; | ||
/** | ||
* The verified boolean denotes whether or not this send method, e.g. phone number, email address, etc., | ||
* has been successfully authenticated by the User. | ||
*/ | ||
verified: boolean; | ||
} | ||
export interface SearchUsersQuery { | ||
@@ -98,5 +75,5 @@ /** | ||
user_id: string; | ||
emails: Email[]; | ||
emails: UsersEmail[]; | ||
status: string; | ||
phone_numbers: PhoneNumber[]; | ||
phone_numbers: UsersPhoneNumber[]; | ||
/** | ||
@@ -111,3 +88,3 @@ * An array that contains a list of all Passkey or WebAuthn registrations for a given User in the Stytch | ||
biometric_registrations: BiometricRegistration[]; | ||
name?: Name; | ||
name?: UsersName; | ||
/** | ||
@@ -132,2 +109,25 @@ * The timestamp of the User's creation. Values conform to the RFC 3339 standard and are expressed in UTC, | ||
} | ||
export interface UsersEmail { | ||
email_id: string; | ||
email: string; | ||
/** | ||
* The verified boolean denotes whether or not this send method, e.g. phone number, email address, etc., | ||
* has been successfully authenticated by the User. | ||
*/ | ||
verified: boolean; | ||
} | ||
export interface UsersName { | ||
first_name?: string; | ||
middle_name?: string; | ||
last_name?: string; | ||
} | ||
export interface UsersPhoneNumber { | ||
phone_id: string; | ||
phone_number: string; | ||
/** | ||
* The verified boolean denotes whether or not this send method, e.g. phone number, email address, etc., | ||
* has been successfully authenticated by the User. | ||
*/ | ||
verified: boolean; | ||
} | ||
export interface UsersResultsMetadata { | ||
@@ -160,3 +160,3 @@ total: number; | ||
email?: string; | ||
name?: Name; | ||
name?: UsersName; | ||
attributes?: Attributes; | ||
@@ -429,5 +429,5 @@ /** | ||
user_id: string; | ||
emails: Email[]; | ||
emails: UsersEmail[]; | ||
status: string; | ||
phone_numbers: PhoneNumber[]; | ||
phone_numbers: UsersPhoneNumber[]; | ||
/** | ||
@@ -447,3 +447,3 @@ * An array that contains a list of all Passkey or WebAuthn registrations for a given User in the Stytch | ||
status_code: number; | ||
name?: Name; | ||
name?: UsersName; | ||
/** | ||
@@ -510,3 +510,3 @@ * The timestamp of the User's creation. Values conform to the RFC 3339 standard and are expressed in UTC, | ||
user_id: string; | ||
name?: Name; | ||
name?: UsersName; | ||
attributes?: Attributes; | ||
@@ -533,4 +533,4 @@ /** | ||
user_id: string; | ||
emails: Email[]; | ||
phone_numbers: PhoneNumber[]; | ||
emails: UsersEmail[]; | ||
phone_numbers: UsersPhoneNumber[]; | ||
crypto_wallets: CryptoWallet[]; | ||
@@ -537,0 +537,0 @@ /** |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
759559
16375