From 7363566a9f215c42bd70b99ba5423bd12b609703 Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Thu, 20 Nov 2025 20:55:55 -0700 Subject: [PATCH 01/18] first lambda type --- src/FusionAuthClient.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 93753da..556bfdb 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -9049,7 +9049,8 @@ export enum LambdaType { SCIMServerUserResponseConverter = "SCIMServerUserResponseConverter", SelfServiceRegistrationValidation = "SelfServiceRegistrationValidation", UserInfoPopulate = "UserInfoPopulate", - LoginValidation = "LoginValidation" + LoginValidation = "LoginValidation", + MFARequirement = "MFARequirement" } /** From 224e7e8e1b6ad6595d990923071126f132c5369d Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Tue, 25 Nov 2025 07:33:41 -0700 Subject: [PATCH 02/18] reduce client blast radius (#204) --- src/FusionAuthClient.ts | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 556bfdb..b25588c 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -9408,6 +9408,15 @@ export interface MonthlyActiveUserReportResponse { total?: number; } +/** + * Communicate various contexts in which multi-factor authentication can be used. + */ +export enum MultiFactorContext { + changePassword = "changePassword", + login = "login", + stepUp = "stepUp" +} + /** * @author Daniel DeGroff */ From 82a75f5166222d651d2bcd925c64dc7b436f2b4b Mon Sep 17 00:00:00 2001 From: Jaret Hendrickson Date: Tue, 2 Dec 2025 20:33:48 -0600 Subject: [PATCH 03/18] MFA lambda configuration (#205) --- src/FusionAuthClient.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index b25588c..ac54981 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -5960,6 +5960,7 @@ export interface AuthenticationTokenConfiguration extends Enableable { export interface LambdaConfiguration { accessTokenPopulateId?: UUID; idTokenPopulateId?: UUID; + multiFactorRequirementId?: UUID; samlv2PopulateId?: UUID; selfServiceRegistrationValidationId?: UUID; userinfoPopulateId?: UUID; @@ -10865,6 +10866,7 @@ export interface TenantFormConfiguration { */ export interface TenantLambdaConfiguration { loginValidationId?: UUID; + multiFactorRequirementId?: UUID; scimEnterpriseUserRequestConverterId?: UUID; scimEnterpriseUserResponseConverterId?: UUID; scimGroupRequestConverterId?: UUID; From c5287f8d08bc0c46fcb474e5dd32d0a7351703ca Mon Sep 17 00:00:00 2001 From: Spencer Witt <3409780+spwitt@users.noreply.github.com> Date: Fri, 5 Dec 2025 12:14:56 -0600 Subject: [PATCH 04/18] ENG-3487: Tenant-scoped IdPs (#202) * update domain for tenantId on IdPs (#199) * add tenantId to IdP lookup by managed domain response (#201) --- src/FusionAuthClient.ts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index ac54981..7e40e1d 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -6504,6 +6504,7 @@ export interface BaseIdentityProvider; + tenantId?: UUID; type?: IdentityProviderType; } @@ -8474,6 +8475,7 @@ export interface IdentityProviderResponse { export interface IdentityProviderSearchCriteria extends BaseSearchCriteria { applicationId?: UUID; name?: string; + tenantId?: UUID; type?: IdentityProviderType; } @@ -9269,6 +9271,7 @@ export interface IdentityProviderDetails { idpEndpoint?: string; name?: string; oauth2?: IdentityProviderOauth2Configuration; + tenantId?: UUID; type?: IdentityProviderType; } From 4ded7d8c6f83045926b053e79b9a964ae86ed0a5 Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Mon, 8 Dec 2025 16:50:11 -0700 Subject: [PATCH 05/18] Merge wied03/ENG-3602/mfa-lambda-invocation (#206) * propagate client changes * client code update from Javadoc --- src/FusionAuthClient.ts | 50 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 48 insertions(+), 2 deletions(-) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 7e40e1d..5f21c63 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -9275,6 +9275,52 @@ export interface IdentityProviderDetails { type?: IdentityProviderType; } +/** + * Represents the inbound lambda parameter 'context' for MFA Required lambdas. + */ +export interface MFAContext { + authenticationThreats?: Array; + eventInfo?: EventInfo; + mfaTrust?: MFATrust; + registration?: UserRegistration; +} + +/** + * Represents the inbound lambda parameter 'policies' for MFA Required lambdas. + */ +export interface MFAPolicies { + applicationLoginPolicy?: MultiFactorLoginPolicy; + applicationMultiFactorTrustPolicy?: ApplicationMultiFactorTrustPolicy; + tenantLoginPolicy?: MultiFactorLoginPolicy; +} + +/** + * Represents the inbound lambda parameter 'result' for MFA Required lambdas. + */ +export interface MFARequiredLambdaResult { + required?: boolean; +} + +/** + * Represents the inbound lambda parameter 'mfaTrust' inside the 'context' parameter for MFA Required lambdas. + */ +export interface MFATrust { + applicationId?: UUID; + attributes?: Record; + expirationInstant?: number; + id?: string; + insertInstant?: number; + startInstants?: StartInstant; + state?: Record; + tenantId?: UUID; + userId?: UUID; +} + +export interface StartInstant { + applications?: Record; + tenant?: number; +} + /** * This class contains the managed fields that are also put into the database during FusionAuth setup. *

@@ -9413,9 +9459,9 @@ export interface MonthlyActiveUserReportResponse { } /** - * Communicate various contexts in which multi-factor authentication can be used. + * Communicate various actions/contexts in which multi-factor authentication can be used. */ -export enum MultiFactorContext { +export enum MultiFactorAction { changePassword = "changePassword", login = "login", stepUp = "stepUp" From 9fe42ebdaa6e34aec9c74f19ccb7d3a3dd930cac Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Mon, 8 Dec 2025 21:25:46 -0700 Subject: [PATCH 06/18] Merge wied03/ENG-3603/mfa-retrieve-status-post (#207) * propagate client changes * client code update from Javadoc * client generation/new method * better method name --- src/FusionAuthClient.ts | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 5f21c63..62fecd3 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -3839,6 +3839,24 @@ export class FusionAuthClient { .go(); } + /** + * Retrieve a user's two-factor status. + * + * This can be used to see if a user will need to complete a two-factor challenge to complete a login, + * and optionally identify the state of the two-factor trust across various applications. This operation + * provides more payload options than retrieveTwoFactorStatus. + * + * @param {TwoFactorStatusRequest} request The request object that contains all the information used to check the status. + * @returns {Promise>} + */ + retrieveTwoFactorStatusUsing(request: TwoFactorStatusRequest): Promise> { + return this.start() + .withUri('/api/two-factor/status') + .withJSONBody(request) + .withMethod("POST") + .go(); + } + /** * Retrieves the user for the given Id. * @@ -9281,6 +9299,7 @@ export interface IdentityProviderDetails { export interface MFAContext { authenticationThreats?: Array; eventInfo?: EventInfo; + jwt?: Record; mfaTrust?: MFATrust; registration?: UserRegistration; } @@ -11476,6 +11495,17 @@ export interface TwoFactorStartResponse { twoFactorId?: string; } +/** + * Check the status of two-factor authentication for a user, with more options than on a GET request. + */ +export interface TwoFactorStatusRequest extends BaseEventRequest { + action?: MultiFactorAction; + applicationId?: UUID; + token?: string; + twoFactorTrustId?: string; + userId?: UUID; +} + /** * @author Daniel DeGroff */ From d405c4b0adfef130cc15c2604069f20b631c740c Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Mon, 8 Dec 2025 22:39:24 -0700 Subject: [PATCH 07/18] missing client stuff --- src/FusionAuthClient.ts | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 5f21c63..4770c22 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -9281,6 +9281,7 @@ export interface IdentityProviderDetails { export interface MFAContext { authenticationThreats?: Array; eventInfo?: EventInfo; + jwt?: Record; mfaTrust?: MFATrust; registration?: UserRegistration; } @@ -9299,6 +9300,7 @@ export interface MFAPolicies { */ export interface MFARequiredLambdaResult { required?: boolean; + sendSuspiciousLoginEvent?: boolean; } /** @@ -11476,6 +11478,17 @@ export interface TwoFactorStartResponse { twoFactorId?: string; } +/** + * Check the status of two-factor authentication for a user, with more options than on a GET request. + */ +export interface TwoFactorStatusRequest extends BaseEventRequest { + action?: MultiFactorAction; + applicationId?: UUID; + token?: string; + twoFactorTrustId?: string; + userId?: UUID; +} + /** * @author Daniel DeGroff */ From dde173d39114cf3ce55d90f8dee44f8510038761 Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Tue, 9 Dec 2025 07:44:27 -0700 Subject: [PATCH 08/18] redo client again --- src/FusionAuthClient.ts | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 4770c22..eb8aee4 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -3839,6 +3839,24 @@ export class FusionAuthClient { .go(); } + /** + * Retrieve a user's two-factor status. + * + * This can be used to see if a user will need to complete a two-factor challenge to complete a login, + * and optionally identify the state of the two-factor trust across various applications. This operation + * provides more payload options than retrieveTwoFactorStatus. + * + * @param {TwoFactorStatusRequest} request The request object that contains all the information used to check the status. + * @returns {Promise>} + */ + retrieveTwoFactorStatusUsing(request: TwoFactorStatusRequest): Promise> { + return this.start() + .withUri('/api/two-factor/status') + .withJSONBody(request) + .withMethod("POST") + .go(); + } + /** * Retrieves the user for the given Id. * From 5734f3f12fba85b3f3e5a84f873af1e576a72c05 Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Tue, 9 Dec 2025 19:13:56 -0700 Subject: [PATCH 09/18] Merge wied03/ENG-3608/mfa-change-password (#210) * add IP address client overload * forgot to update method names --- src/FusionAuthClient.ts | 82 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index eb8aee4..e51f999 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -232,6 +232,26 @@ export class FusionAuthClient { .go(); } + /** + * Check to see if the user must obtain a Trust Token Id in order to complete a change password request. + * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication. + * + * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + * + * @param {string} changePasswordId The change password Id used to find the user. This value is generated by FusionAuth once the change password workflow has been initiated. + * @param {string} ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + * @returns {Promise>} + */ + checkChangePasswordUsingIdAndIPAddress(changePasswordId: string, ipAddress: string): Promise> { + return this.startAnonymous() + .withUri('/api/user/change-password') + .withUriSegment(changePasswordId) + .withParameter('ipAddress', ipAddress) + .withMethod("GET") + .go(); + } + /** * Check to see if the user must obtain a Trust Token Id in order to complete a change password request. * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change @@ -250,6 +270,26 @@ export class FusionAuthClient { .go(); } + /** + * Check to see if the user must obtain a Trust Token Id in order to complete a change password request. + * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication. + * + * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + * + * @param {string} encodedJWT The encoded JWT (access token). + * @param {string} ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + * @returns {Promise>} + */ + checkChangePasswordUsingJWTAndIPAddress(encodedJWT: string, ipAddress: string): Promise> { + return this.startAnonymous() + .withUri('/api/user/change-password') + .withAuthorization('Bearer ' + encodedJWT) + .withParameter('ipAddress', ipAddress) + .withMethod("GET") + .go(); + } + /** * Check to see if the user must obtain a Trust Request Id in order to complete a change password request. * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change @@ -268,6 +308,26 @@ export class FusionAuthClient { .go(); } + /** + * Check to see if the user must obtain a Trust Request Id in order to complete a change password request. + * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + * your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication. + * + * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + * + * @param {string} loginId The loginId (email or username) of the User that you intend to change the password for. + * @param {string} ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + * @returns {Promise>} + */ + checkChangePasswordUsingLoginIdAndIPAddress(loginId: string, ipAddress: string): Promise> { + return this.start() + .withUri('/api/user/change-password') + .withParameter('loginId', loginId) + .withParameter('ipAddress', ipAddress) + .withMethod("GET") + .go(); + } + /** * Check to see if the user must obtain a Trust Request Id in order to complete a change password request. * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change @@ -288,6 +348,28 @@ export class FusionAuthClient { .go(); } + /** + * Check to see if the user must obtain a Trust Request Id in order to complete a change password request. + * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + * your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication. + * + * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + * + * @param {string} loginId The loginId of the User that you intend to change the password for. + * @param {Array} loginIdTypes The identity types that FusionAuth will compare the loginId to. + * @param {string} ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + * @returns {Promise>} + */ + checkChangePasswordUsingLoginIdAndLoginIdTypesAndIPAddress(loginId: string, loginIdTypes: Array, ipAddress: string): Promise> { + return this.start() + .withUri('/api/user/change-password') + .withParameter('loginId', loginId) + .withParameter('loginIdTypes', loginIdTypes) + .withParameter('ipAddress', ipAddress) + .withMethod("GET") + .go(); + } + /** * Make a Client Credentials grant request to obtain an access token. * From 2616d4765d88f2bc14fac1b857676589eaef29cd Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Wed, 10 Dec 2025 16:53:32 -0700 Subject: [PATCH 10/18] naming advice --- src/FusionAuthClient.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index f4e347b..e2a5368 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -3945,7 +3945,7 @@ export class FusionAuthClient { * @param {TwoFactorStatusRequest} request The request object that contains all the information used to check the status. * @returns {Promise>} */ - retrieveTwoFactorStatusUsing(request: TwoFactorStatusRequest): Promise> { + retrieveTwoFactorStatusWithRequest(request: TwoFactorStatusRequest): Promise> { return this.start() .withUri('/api/two-factor/status') .withJSONBody(request) From e4da26c9943305312019846dd961738ead814101 Mon Sep 17 00:00:00 2001 From: Jaret Hendrickson Date: Fri, 12 Dec 2025 12:50:35 -0600 Subject: [PATCH 11/18] mfa lambda --- src/FusionAuthClient.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index e2a5368..84fe79a 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -10258,6 +10258,7 @@ export interface ReactorStatus { expiration?: string; licenseAttributes?: Record; licensed?: boolean; + multiFactorLambdas?: ReactorFeatureStatus; scimServer?: ReactorFeatureStatus; tenantManagerApplication?: ReactorFeatureStatus; threatDetection?: ReactorFeatureStatus; From d1ed8aa1b56b019ba2216ca692cb94d78a4d76aa Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Mon, 15 Dec 2025 21:41:00 -0700 Subject: [PATCH 12/18] Change function name and parameters --- src/FusionAuthClient.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 84fe79a..47cdf16 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -9397,6 +9397,7 @@ export interface MFAContext { eventInfo?: EventInfo; jwt?: Record; mfaTrust?: MFATrust; + policies?: MFAPolicies; registration?: UserRegistration; } From 850178f86d6e454c56bf22147a54a56dbb4d7d0d Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Tue, 16 Dec 2025 10:26:44 -0700 Subject: [PATCH 13/18] PR feedback - lambda classses - new package and names --- src/FusionAuthClient.ts | 98 ++++++++++++++++++++--------------------- 1 file changed, 49 insertions(+), 49 deletions(-) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 47cdf16..300b8b9 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -6941,6 +6941,18 @@ export enum ContentStatus { REJECTED = "REJECTED" } +/** + * Represents the inbound lambda parameter 'context' for MFA Required lambdas. + */ +export interface Context { + authenticationThreats?: Array; + eventInfo?: EventInfo; + jwt?: Record; + policies?: Policies; + registration?: UserRegistration; + trust?: Trust; +} + /** * A number identifying a cryptographic algorithm. Values should be registered with the IANA COSE Algorithms registry @@ -9389,55 +9401,6 @@ export interface IdentityProviderDetails { type?: IdentityProviderType; } -/** - * Represents the inbound lambda parameter 'context' for MFA Required lambdas. - */ -export interface MFAContext { - authenticationThreats?: Array; - eventInfo?: EventInfo; - jwt?: Record; - mfaTrust?: MFATrust; - policies?: MFAPolicies; - registration?: UserRegistration; -} - -/** - * Represents the inbound lambda parameter 'policies' for MFA Required lambdas. - */ -export interface MFAPolicies { - applicationLoginPolicy?: MultiFactorLoginPolicy; - applicationMultiFactorTrustPolicy?: ApplicationMultiFactorTrustPolicy; - tenantLoginPolicy?: MultiFactorLoginPolicy; -} - -/** - * Represents the inbound lambda parameter 'result' for MFA Required lambdas. - */ -export interface MFARequiredLambdaResult { - required?: boolean; - sendSuspiciousLoginEvent?: boolean; -} - -/** - * Represents the inbound lambda parameter 'mfaTrust' inside the 'context' parameter for MFA Required lambdas. - */ -export interface MFATrust { - applicationId?: UUID; - attributes?: Record; - expirationInstant?: number; - id?: string; - insertInstant?: number; - startInstants?: StartInstant; - state?: Record; - tenantId?: UUID; - userId?: UUID; -} - -export interface StartInstant { - applications?: Record; - tenant?: number; -} - /** * This class contains the managed fields that are also put into the database during FusionAuth setup. *

@@ -10029,6 +9992,15 @@ export interface PhoneUnverifiedOptions { behavior?: UnverifiedBehavior; } +/** + * Represents the inbound lambda parameter 'policies' for MFA Required lambdas. + */ +export interface Policies { + applicationLoginPolicy?: MultiFactorLoginPolicy; + applicationMultiFactorTrustPolicy?: ApplicationMultiFactorTrustPolicy; + tenantLoginPolicy?: MultiFactorLoginPolicy; +} + /** * @author Michael Sleevi */ @@ -10481,6 +10453,14 @@ export interface Requirable extends Enableable { required?: boolean; } +/** + * Represents the inbound lambda parameter 'result' for MFA Required lambdas. + */ +export interface RequiredLambdaResult { + required?: boolean; + sendSuspiciousLoginEvent?: boolean; +} + /** * Interface describing the need for CORS configuration. * @@ -11435,6 +11415,26 @@ export enum TransactionType { AbsoluteMajority = "AbsoluteMajority" } +/** + * Represents the inbound lambda parameter 'mfaTrust' inside the 'context' parameter for MFA Required lambdas. + */ +export interface Trust { + applicationId?: UUID; + attributes?: Record; + expirationInstant?: number; + id?: string; + insertInstant?: number; + startInstants?: StartInstant; + state?: Record; + tenantId?: UUID; + userId?: UUID; +} + +export interface StartInstant { + applications?: Record; + tenant?: number; +} + /** * @author Brett Guy */ From b3b8c0bb73493be83bed52a63e425e34d466d726 Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Tue, 16 Dec 2025 11:18:01 -0700 Subject: [PATCH 14/18] keep value as mfaTrust within lambda --- src/FusionAuthClient.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 300b8b9..e2ed524 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -6948,9 +6948,9 @@ export interface Context { authenticationThreats?: Array; eventInfo?: EventInfo; jwt?: Record; + mfaTrust?: Trust; policies?: Policies; registration?: UserRegistration; - trust?: Trust; } /** From a3ba7c3ef31e9a473e69516497c9e15180e6a044 Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Tue, 16 Dec 2025 11:57:27 -0700 Subject: [PATCH 15/18] pass raw JWT all the way in --- src/FusionAuthClient.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index e2ed524..4c075dc 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -6946,8 +6946,8 @@ export enum ContentStatus { */ export interface Context { authenticationThreats?: Array; + encodedJWT?: string; eventInfo?: EventInfo; - jwt?: Record; mfaTrust?: Trust; policies?: Policies; registration?: UserRegistration; From 7e0aab2e1f2c392e37cd0a5a2a4fe6059749bc5f Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Wed, 17 Dec 2025 11:03:35 -0700 Subject: [PATCH 16/18] Lambda signature - registration out of context, action and app in --- src/FusionAuthClient.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 4c075dc..f848424 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -6945,12 +6945,13 @@ export enum ContentStatus { * Represents the inbound lambda parameter 'context' for MFA Required lambdas. */ export interface Context { + action?: MultiFactorAction; + application?: Application; authenticationThreats?: Array; encodedJWT?: string; eventInfo?: EventInfo; mfaTrust?: Trust; policies?: Policies; - registration?: UserRegistration; } /** From f2fcd04f7a278bb80aaa18c800cefe577b4e7837 Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Wed, 17 Dec 2025 11:55:56 -0700 Subject: [PATCH 17/18] Change context.encodedJWT to context.accessToken --- src/FusionAuthClient.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index f848424..4d66e9e 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -6945,10 +6945,10 @@ export enum ContentStatus { * Represents the inbound lambda parameter 'context' for MFA Required lambdas. */ export interface Context { + accessToken?: string; action?: MultiFactorAction; application?: Application; authenticationThreats?: Array; - encodedJWT?: string; eventInfo?: EventInfo; mfaTrust?: Trust; policies?: Policies; From 7cf0c14403fe8839c57702d2de42c2cc41acc291 Mon Sep 17 00:00:00 2001 From: Brady Wied Date: Wed, 17 Dec 2025 12:01:28 -0700 Subject: [PATCH 18/18] rename token to accessToken on status API --- src/FusionAuthClient.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/FusionAuthClient.ts b/src/FusionAuthClient.ts index 4d66e9e..97d3681 100644 --- a/src/FusionAuthClient.ts +++ b/src/FusionAuthClient.ts @@ -11599,9 +11599,9 @@ export interface TwoFactorStartResponse { * Check the status of two-factor authentication for a user, with more options than on a GET request. */ export interface TwoFactorStatusRequest extends BaseEventRequest { + accessToken?: string; action?: MultiFactorAction; applicationId?: UUID; - token?: string; twoFactorTrustId?: string; userId?: UUID; }