auth-shared
@rw3iss/auth-shared — source-only TS types shared by the browser SDK and every backend SDK. Grouped by feature so DTOs sit next to their domain.
Core wire types
User, AuthResponse, JWT payloads — the load-bearing shapes for every auth call.
Interfaces
AuthenticatedUserAuthResponseLoginRequestRefreshRequestRegisterRequestUserValidateTokenRequestValidateTokenResponse
JWT claims & tokens
Decoded claims, refresh / service token payloads.
Interfaces
BaseJwtClaimsRefreshJwtPayloadServiceJwtPayloadServicePrincipalServiceTokenResponseTokenPairUserJwtPayload
Type aliases
Sessions
Active session records + logout payloads.
Password lifecycle
Change-password + reset-password DTOs and claims.
Two-factor & email verification
TOTP enrollment/disable and email-verification DTOs.
Interfaces
EmailVerificationClaimsResendVerificationEmailRequestTwoFactorDisableRequestTwoFactorEnableRequestTwoFactorSetupResponseVerifyEmailRequest
SSO & magic link
SSO start/callback/exchange + magic-link payloads.
Organizations
Org records, memberships, roles, invitations.
Interfaces
AdminUserOrgMembershipCreateInvitationRequestCreateOrgRequestCreateOrgRoleRequestInvitationRecordMyOrgRecordOrganizationOrgMemberOrgMemberRecordOrgRoleOrgRoleRecordUpdateMemberStatusRequestUpdateOrgRequestUpdateOrgRoleRequest
Admin & impersonation
User lookup, hard delete, impersonation, assignable permissions.
Interfaces
AssignablePermissionAssignablePermissionRecordHardDeleteUserRequestImpersonateRequestImpersonationClaimsLookupUserRecord
Audit log
Audit-log entries, queries, and results.
Error envelopes
Wire-shape error payloads + typed envelopes.
Permissions & policies
Permission manifests, registration-policy payloads.
Constants & misc
Re-exported constants and one-off types.
Functions
Interfaces
AppRecordAppWebhookCreateAppRequestCreateM2MClientRequestCreateM2MClientResponseListNamespacesResponseM2MClientRecordNamespaceInfoPasswordResetClaimsRoleLabelOptionsRoleLikeUpdateAppRequestUserNamespacesResponseUserRoleSummary
Type aliases
Variables
ACCOUNT\_LOCKEDAPP\_WEBHOOK\_EVENTSBASE\_USERBUYERCONFLICTFORBIDDENINVALID\_CLIENTINVALID\_CREDENTIALSINVALID\_GRANTINVALID\_SCOPEKNOWN\_BASE\_ROLE\_LABELSNOT\_FOUNDORG\_ADMINORG\_MANAGERORG\_MEMBERRATE\_LIMITEDREQUIRES\_2FASELLERSERVER\_ERRORSUPER\_ADMINSYSTEM\_ADMINTOKEN\_EXPIREDTOKEN\_INVALIDTOKEN\_REVOKEDTOKEN\_TYPE\_ACCESSTOKEN\_TYPE\_REFRESHTOKEN\_TYPE\_SERVICEUNAUTHORIZEDUNSUPPORTED\_GRANT\_TYPEVALIDATION