import { RoleType, type CreateResource, type CreateRole, type CreateScope } from '../db-entries/index.js'; import { PredefinedScope, InternalRole, AdminTenantRole } from '../types/index.js'; /** * The Management API data for a tenant. Usually used for creating a new tenant in the admin * tenant. */ export type AdminData = { resource: CreateResource; scopes: CreateScope[]; role: CreateRole; }; export type UpdateAdminData = Omit & { /** Attach to an existing role instead of creating one. */ role: Pick; }; /** The fixed Management API Resource for `default` tenant. */ export declare const defaultManagementApi: Readonly<{ resource: { tenantId: string; /** @deprecated You should not rely on this constant. Change to something else. */ id: string; /** * The fixed resource indicator for Management APIs. * * Admin Console requires the access token of this resource to be functional. */ indicator: string; name: string; }; scopes: { tenantId: string; /** @deprecated You should not rely on this constant. Change to something else. */ id: string; name: PredefinedScope; description: string; /** @deprecated You should not rely on this constant. Change to something else. */ resourceId: string; }[]; /** * An internal user role for Management API of the `default` tenant. * @deprecated This role will be removed soon. */ role: { tenantId: string; /** @deprecated You should not rely on this constant. Change to something else. */ id: string; name: InternalRole; description: string; type: RoleType.MachineToMachine; }; }>; export declare function getManagementApiResourceIndicator(tenantId: TenantId): `https://${TenantId}.logto.app/api`; export declare function getManagementApiResourceIndicator(tenantId: TenantId, path: Path): `https://${TenantId}.logto.app/${Path}`; /** * The fixed Management API user role for `default` tenant in the admin tenant. It is used for * OSS only. */ export declare const defaultManagementApiAdminName: "default:admin"; /** Create a set of admin data for Management API of the given tenant ID. */ export declare const createAdminData: (tenantId: string) => Readonly<{ resource: { tenantId: string; id: string; indicator: `https://${string}.logto.app/api`; name: string; }; scopes: { tenantId: string; id: string; name: PredefinedScope; description: string; resourceId: string; }[]; /** @deprecated This role will be removed soon. */ role: { tenantId: string; id: string; name: InternalRole; description: string; type: RoleType.MachineToMachine; }; }>; /** Create a set of admin data for Management API of the given tenant ID for the admin tenant. */ export declare const createAdminDataInAdminTenant: (tenantId: string) => Readonly<{ resource: { tenantId: string; id: string; indicator: `https://${string}.logto.app/api`; name: string; }; scopes: { tenantId: string; id: string; name: PredefinedScope; description: string; resourceId: string; }[]; /** The machine-to-machine role for the Management API proxy of the given tenant ID. */ role: Readonly; }>; export declare const createMeApiInAdminTenant: () => Readonly<{ resource: { tenantId: string; id: string; indicator: "https://admin.logto.app/me"; name: string; }; scopes: { tenantId: string; id: string; name: PredefinedScope; description: string; resourceId: string; }[]; role: { tenantId: string; id: string; name: AdminTenantRole; description: string; type: RoleType.User; }; }>; /** * Create a pre-configured M2M role for Management API access. */ export declare const createPreConfiguredManagementApiAccessRole: (tenantId: string) => CreateRole;