[{"data":1,"prerenderedAt":6634},["ShallowReactive",2],{"navLinks":3,"sidebar_docs_navigation_\u002Fdocs\u002Fauth-h3client":64,"navigation":217,"navLinks_footer":829,"\u002Fdocs\u002Fauth-h3client\u002Fapi\u002Fcontrollers_page":842,"\u002Fdocs\u002Fauth-h3client\u002Fapi\u002Fcontrollers_surround":4035,"\u002Fdocs\u002Fauth-h3client\u002Fapi\u002Fcontrollers":4038},{"id":4,"extension":5,"links":6,"meta":61,"stem":62,"__hash__":63},"navigationMenu\u002Fnavigation.json","json",[7,52,57],{"nested":8,"label":9,"icon":10,"to":11,"children":12},true,"Docs","i-lucide-book-open","\u002Fdocs\u002Fgetting-started",[13,19,26,32,39,45],{"label":14,"icon":15,"to":11,"description":16,"github":17,"badge":18},"Getting Started","i-lucide-rocket","An introduction to help you understand the core components.","https:\u002F\u002Fgithub.com\u002FSergo706\u002Fdocshub","Start Here",{"label":20,"icon":21,"to":22,"description":23,"github":24,"badge":25},"Auth H3 Client","i-lucide-key-round","\u002Fdocs\u002Fauth-h3client","Seamlessly enforce OAuth 2.0 authentication and session management integrated directly as the client of the IAM module.","https:\u002F\u002Fgithub.com\u002FSergo706\u002Fauth-h3client","Core",{"label":27,"icon":28,"to":29,"description":30,"github":31,"badge":25},"IAM","i-lucide-shield-check","\u002Fdocs\u002Fiam","Identity and Access Management featuring granular roles, permissions, and security policies.","https:\u002F\u002Fgithub.com\u002FSergo706\u002Fauth",{"label":33,"icon":34,"to":35,"description":36,"github":37,"badge":38},"Bot Detection","i-lucide-cpu","\u002Fdocs\u002Fbot-detection","Advanced behavioral analysis and request fingerprinting to stop malicious automated traffic.","https:\u002F\u002Fgithub.com\u002FSergo706\u002Fbot-detector","Security",{"label":40,"icon":41,"to":42,"description":43,"github":44,"badge":38},"Shield Base","i-lucide-database-zap","\u002Fdocs\u002Fshield-base","CLI and programmatic toolkit for compiling offline-ready IP intelligence databases from BGP, GeoIP, Tor, FireHOL, and other public threat feeds.","https:\u002F\u002Fgithub.com\u002FSergo706\u002Fshield-base-cli",{"label":46,"icon":47,"to":48,"description":49,"github":50,"badge":51},"Utils","i-lucide-wrench","\u002Fdocs\u002Futils","A standard library of highly optimized helpers for formatting, validation, and core logic.","https:\u002F\u002Fgithub.com\u002FSergo706\u002Futils","Library",{"nested":53,"label":54,"icon":55,"to":56},false,"Blog","i-lucide-pen-line","\u002Fblog",{"nested":53,"label":58,"icon":59,"to":60},"Website","lucide:app-window-mac","https:\u002F\u002Friavzon.com",{},"navigation","gkaQ0xRGxSLrLyM3kttLe0oBwkrR1EBjlepF8LSbwF8",[65],{"title":9,"path":66,"stem":67,"children":68,"page":53},"\u002Fdocs","docs",[69],{"title":20,"path":22,"stem":70,"children":71},"docs\u002Fauth-h3client\u002Findex",[72,73,82,119,145,167,170,191,195],{"title":20,"path":22,"stem":70},{"title":14,"path":74,"stem":75,"children":76},"\u002Fdocs\u002Fauth-h3client\u002Fgetting-started","docs\u002Fauth-h3client\u002F00.getting-started\u002Findex",[77,78],{"title":14,"path":74,"stem":75},{"title":79,"path":80,"stem":81},"Nuxt Module","\u002Fdocs\u002Fauth-h3client\u002Fgetting-started\u002Fnuxt","docs\u002Fauth-h3client\u002F00.getting-started\u002F00.nuxt",{"title":83,"path":84,"stem":85,"children":86},"Essentials","\u002Fdocs\u002Fauth-h3client\u002Fessentials","docs\u002Fauth-h3client\u002F01.essentials\u002Findex",[87,88,92,96,100,104,108,111,115],{"title":83,"path":84,"stem":85},{"title":89,"path":90,"stem":91},"Session Management","\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fsession","docs\u002Fauth-h3client\u002F01.essentials\u002F00.session",{"title":93,"path":94,"stem":95},"Route Protection","\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Froute-protection","docs\u002Fauth-h3client\u002F01.essentials\u002F01.route-protection",{"title":97,"path":98,"stem":99},"CSRF Protection","\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fcsrf","docs\u002Fauth-h3client\u002F01.essentials\u002F02.csrf",{"title":101,"path":102,"stem":103},"Auth Flows","\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fauth-flows","docs\u002Fauth-h3client\u002F01.essentials\u002F03.auth-flows",{"title":105,"path":106,"stem":107},"OAuth and OIDC","\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Foauth","docs\u002Fauth-h3client\u002F01.essentials\u002F04.oauth",{"title":33,"path":109,"stem":110},"\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fbot-detection","docs\u002Fauth-h3client\u002F01.essentials\u002F05.bot-detection",{"title":112,"path":113,"stem":114},"Cookies","\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fcookies","docs\u002Fauth-h3client\u002F01.essentials\u002F06.cookies",{"title":116,"path":117,"stem":118},"Logging","\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Flogging","docs\u002Fauth-h3client\u002F01.essentials\u002F07.logging",{"title":120,"path":121,"stem":122,"children":123},"MFA","\u002Fdocs\u002Fauth-h3client\u002Fmfa","docs\u002Fauth-h3client\u002F02.mfa\u002Findex",[124,125,129,133,137,141],{"title":120,"path":121,"stem":122},{"title":126,"path":127,"stem":128},"Built-in MFA","\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Fbuilt-in-flow","docs\u002Fauth-h3client\u002F02.mfa\u002F01.built-in-flow",{"title":130,"path":131,"stem":132},"Password Reset","\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Fpassword-reset","docs\u002Fauth-h3client\u002F02.mfa\u002F02.password-reset",{"title":134,"path":135,"stem":136},"Email Change","\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Femail-change","docs\u002Fauth-h3client\u002F02.mfa\u002F03.email-change",{"title":138,"path":139,"stem":140},"Custom MFA Flow","\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Fcustom-flow","docs\u002Fauth-h3client\u002F02.mfa\u002F04.custom-flow",{"title":142,"path":143,"stem":144},"Client-Side MFA","\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Fclient-side","docs\u002Fauth-h3client\u002F02.mfa\u002F05.client-side",{"title":146,"path":147,"stem":148,"children":149},"Client-side","\u002Fdocs\u002Fauth-h3client\u002Fclient","docs\u002Fauth-h3client\u002F03.client\u002Findex",[150,151,155,159,163],{"title":146,"path":147,"stem":148},{"title":152,"path":153,"stem":154},"useAuthData","\u002Fdocs\u002Fauth-h3client\u002Fclient\u002Fuse-auth-data","docs\u002Fauth-h3client\u002F03.client\u002F00.use-auth-data",{"title":156,"path":157,"stem":158},"useMagicLink","\u002Fdocs\u002Fauth-h3client\u002Fclient\u002Fuse-magic-link","docs\u002Fauth-h3client\u002F03.client\u002F01.use-magic-link",{"title":160,"path":161,"stem":162},"executeRequest","\u002Fdocs\u002Fauth-h3client\u002Fclient\u002Fexecute-request","docs\u002Fauth-h3client\u002F03.client\u002F02.execute-request",{"title":164,"path":165,"stem":166},"getCsrfToken","\u002Fdocs\u002Fauth-h3client\u002Fclient\u002Fget-csrf-token","docs\u002Fauth-h3client\u002F03.client\u002F03.get-csrf-token",{"title":38,"path":168,"stem":169},"\u002Fdocs\u002Fauth-h3client\u002Fsecurity","docs\u002Fauth-h3client\u002F04.security",{"title":171,"path":172,"stem":173,"children":174,"page":53},"Guides","\u002Fdocs\u002Fauth-h3client\u002Fguides","docs\u002Fauth-h3client\u002F05.guides",[175,179,183,187],{"title":176,"path":177,"stem":178},"H3 and Nitro Setup","\u002Fdocs\u002Fauth-h3client\u002Fguides\u002Fh3-nitro","docs\u002Fauth-h3client\u002F05.guides\u002F00.h3-nitro",{"title":180,"path":181,"stem":182},"HMAC Inter-service Auth","\u002Fdocs\u002Fauth-h3client\u002Fguides\u002Fhmac","docs\u002Fauth-h3client\u002F05.guides\u002Fhmac",{"title":184,"path":185,"stem":186},"Image Upload","\u002Fdocs\u002Fauth-h3client\u002Fguides\u002Fimage-upload","docs\u002Fauth-h3client\u002F05.guides\u002Fimage-upload",{"title":188,"path":189,"stem":190},"mTLS Configuration","\u002Fdocs\u002Fauth-h3client\u002Fguides\u002Fmtls","docs\u002Fauth-h3client\u002F05.guides\u002Fmtls",{"title":192,"path":193,"stem":194},"Configuration","\u002Fdocs\u002Fauth-h3client\u002Fconfiguration","docs\u002Fauth-h3client\u002F06.configuration",{"title":196,"path":197,"stem":198,"children":199},"API Reference","\u002Fdocs\u002Fauth-h3client\u002Fapi","docs\u002Fauth-h3client\u002F07.api\u002Findex",[200,201,205,209,213],{"title":196,"path":197,"stem":198},{"title":202,"path":203,"stem":204},"Routes Reference","\u002Fdocs\u002Fauth-h3client\u002Fapi\u002Fcontrollers","docs\u002Fauth-h3client\u002F07.api\u002F00.controllers",{"title":206,"path":207,"stem":208},"Middleware Reference","\u002Fdocs\u002Fauth-h3client\u002Fapi\u002Fmiddleware","docs\u002Fauth-h3client\u002F07.api\u002F01.middleware",{"title":210,"path":211,"stem":212},"Client-side Reference","\u002Fdocs\u002Fauth-h3client\u002Fapi\u002Fcomposables","docs\u002Fauth-h3client\u002F07.api\u002F02.composables",{"title":214,"path":215,"stem":216},"Utilities","\u002Fdocs\u002Fauth-h3client\u002Fapi\u002Futilities","docs\u002Fauth-h3client\u002F07.api\u002F03.utilities",[218],{"title":9,"path":66,"stem":67,"children":219,"page":53},[220,268,386,391,569,636],{"title":20,"path":22,"stem":70,"children":221},[222,223,227,238,246,253,254,260,261],{"title":20,"path":22,"stem":70},{"title":14,"path":74,"stem":75,"children":224},[225,226],{"title":14,"path":74,"stem":75},{"title":79,"path":80,"stem":81},{"title":83,"path":84,"stem":85,"children":228},[229,230,231,232,233,234,235,236,237],{"title":83,"path":84,"stem":85},{"title":89,"path":90,"stem":91},{"title":93,"path":94,"stem":95},{"title":97,"path":98,"stem":99},{"title":101,"path":102,"stem":103},{"title":105,"path":106,"stem":107},{"title":33,"path":109,"stem":110},{"title":112,"path":113,"stem":114},{"title":116,"path":117,"stem":118},{"title":120,"path":121,"stem":122,"children":239},[240,241,242,243,244,245],{"title":120,"path":121,"stem":122},{"title":126,"path":127,"stem":128},{"title":130,"path":131,"stem":132},{"title":134,"path":135,"stem":136},{"title":138,"path":139,"stem":140},{"title":142,"path":143,"stem":144},{"title":146,"path":147,"stem":148,"children":247},[248,249,250,251,252],{"title":146,"path":147,"stem":148},{"title":152,"path":153,"stem":154},{"title":156,"path":157,"stem":158},{"title":160,"path":161,"stem":162},{"title":164,"path":165,"stem":166},{"title":38,"path":168,"stem":169},{"title":171,"path":172,"stem":173,"children":255,"page":53},[256,257,258,259],{"title":176,"path":177,"stem":178},{"title":180,"path":181,"stem":182},{"title":184,"path":185,"stem":186},{"title":188,"path":189,"stem":190},{"title":192,"path":193,"stem":194},{"title":196,"path":197,"stem":198,"children":262},[263,264,265,266,267],{"title":196,"path":197,"stem":198},{"title":202,"path":203,"stem":204},{"title":206,"path":207,"stem":208},{"title":210,"path":211,"stem":212},{"title":214,"path":215,"stem":216},{"title":269,"path":35,"stem":270,"children":271},"Bot Detector","docs\u002Fbot-detection\u002Findex",[272,273,276,280,284,303,377,380,383],{"title":269,"path":35,"stem":270},{"title":14,"path":274,"stem":275},"\u002Fdocs\u002Fbot-detection\u002Fgetting-started","docs\u002Fbot-detection\u002F00.getting-started",{"title":277,"path":278,"stem":279},"CLI","\u002Fdocs\u002Fbot-detection\u002Fcli","docs\u002Fbot-detection\u002F01.cli",{"title":281,"path":282,"stem":283},"Data Sources","\u002Fdocs\u002Fbot-detection\u002Fdata-sources","docs\u002Fbot-detection\u002F02.data-sources",{"title":171,"path":285,"stem":286,"children":287,"page":53},"\u002Fdocs\u002Fbot-detection\u002Fguides","docs\u002Fbot-detection\u002F03.guides",[288,292,296,299],{"title":289,"path":290,"stem":291},"Custom Checkers","\u002Fdocs\u002Fbot-detection\u002Fguides\u002Fcustom","docs\u002Fbot-detection\u002F03.guides\u002FCUSTOM",{"title":293,"path":294,"stem":295},"Scheduling Database Generation","\u002Fdocs\u002Fbot-detection\u002Fguides\u002Fgenerate","docs\u002Fbot-detection\u002F03.guides\u002FGENERATE",{"title":116,"path":297,"stem":298},"\u002Fdocs\u002Fbot-detection\u002Fguides\u002Flogging","docs\u002Fbot-detection\u002F03.guides\u002FLOGGING",{"title":300,"path":301,"stem":302},"Score Modes and Reputation Healing","\u002Fdocs\u002Fbot-detection\u002Fguides\u002Fscore","docs\u002Fbot-detection\u002F03.guides\u002FSCORE",{"title":304,"path":305,"stem":306,"children":307},"Checkers","\u002Fdocs\u002Fbot-detection\u002Fcheckers","docs\u002Fbot-detection\u002F04.checkers\u002Findex",[308,309,313,317,321,325,329,333,337,341,345,349,353,357,361,365,369,373],{"title":304,"path":305,"stem":306},{"title":310,"path":311,"stem":312},"IP Validation","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fip-validation","docs\u002Fbot-detection\u002F04.checkers\u002F01.ip-validation",{"title":314,"path":315,"stem":316},"Good \u002F Bad Bot Verification","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fgood-bots","docs\u002Fbot-detection\u002F04.checkers\u002F02.good-bots",{"title":318,"path":319,"stem":320},"Browser & Device Fingerprint","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fbrowser-device","docs\u002Fbot-detection\u002F04.checkers\u002F03.browser-device",{"title":322,"path":323,"stem":324},"Locale Map","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Flocale-map","docs\u002Fbot-detection\u002F04.checkers\u002F04.locale-map",{"title":326,"path":327,"stem":328},"Known Threats","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fknown-threats","docs\u002Fbot-detection\u002F04.checkers\u002F05.known-threats",{"title":330,"path":331,"stem":332},"ASN Classification","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fasn-classification","docs\u002Fbot-detection\u002F04.checkers\u002F06.asn-classification",{"title":334,"path":335,"stem":336},"Tor Analysis","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Ftor-analysis","docs\u002Fbot-detection\u002F04.checkers\u002F07.tor-analysis",{"title":338,"path":339,"stem":340},"Timezone Consistency","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Ftimezone-consistency","docs\u002Fbot-detection\u002F04.checkers\u002F08.timezone-consistency",{"title":342,"path":343,"stem":344},"Honeypot","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fhoneypot","docs\u002Fbot-detection\u002F04.checkers\u002F09.honeypot",{"title":346,"path":347,"stem":348},"Known Bad IPs","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fknown-bad-ips","docs\u002Fbot-detection\u002F04.checkers\u002F10.known-bad-ips",{"title":350,"path":351,"stem":352},"Behavior Rate","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fbehavior-rate","docs\u002Fbot-detection\u002F04.checkers\u002F11.behavior-rate",{"title":354,"path":355,"stem":356},"Proxy \u002F ISP \u002F Cookie","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fproxy-isp-cookies","docs\u002Fbot-detection\u002F04.checkers\u002F12.proxy-isp-cookies",{"title":358,"path":359,"stem":360},"Session Coherence","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fsession-coherence","docs\u002Fbot-detection\u002F04.checkers\u002F13.session-coherence",{"title":362,"path":363,"stem":364},"Velocity Fingerprint","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fvelocity-fingerprint","docs\u002Fbot-detection\u002F04.checkers\u002F14.velocity-fingerprint",{"title":366,"path":367,"stem":368},"UA & Header Analysis","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fua-header","docs\u002Fbot-detection\u002F04.checkers\u002F15.ua-header",{"title":370,"path":371,"stem":372},"Geolocation","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fgeolocation","docs\u002Fbot-detection\u002F04.checkers\u002F16.geolocation",{"title":374,"path":375,"stem":376},"Known Bad User-Agents","\u002Fdocs\u002Fbot-detection\u002Fcheckers\u002Fknown-bad-ua","docs\u002Fbot-detection\u002F04.checkers\u002F17.known-bad-ua",{"title":38,"path":378,"stem":379},"\u002Fdocs\u002Fbot-detection\u002Fsecurity","docs\u002Fbot-detection\u002F04.security",{"title":196,"path":381,"stem":382},"\u002Fdocs\u002Fbot-detection\u002Fapi","docs\u002Fbot-detection\u002F05.api",{"title":192,"path":384,"stem":385},"\u002Fdocs\u002Fbot-detection\u002Fconfiguration","docs\u002Fbot-detection\u002F06.configuration",{"title":387,"path":11,"stem":388,"children":389},"Introduction","docs\u002Fgetting-started\u002Findex",[390],{"title":387,"path":11,"stem":388},{"title":27,"path":29,"stem":392,"children":393},"docs\u002Fiam\u002Findex",[394,395,398,533,536,552,555],{"title":27,"path":29,"stem":392},{"title":14,"path":396,"stem":397},"\u002Fdocs\u002Fiam\u002Fgetting-started","docs\u002Fiam\u002F00.getting-started",{"title":83,"path":399,"stem":400,"children":401},"\u002Fdocs\u002Fiam\u002Fessentials","docs\u002Fiam\u002F01.essentials\u002Findex",[402,403,407,411,415,419,423,427,431,435,439,443,446,450,454,458,462,465,469,473,476,480,483],{"title":83,"path":399,"stem":400},{"title":404,"path":405,"stem":406},"Tokens","\u002Fdocs\u002Fiam\u002Fessentials\u002Ftokens","docs\u002Fiam\u002F01.essentials\u002F00.tokens",{"title":408,"path":409,"stem":410},"Access Tokens","\u002Fdocs\u002Fiam\u002Fessentials\u002Faccess-tokens","docs\u002Fiam\u002F01.essentials\u002F01.access-tokens",{"title":412,"path":413,"stem":414},"Refresh Tokens","\u002Fdocs\u002Fiam\u002Fessentials\u002Frefresh-tokens","docs\u002Fiam\u002F01.essentials\u002F02.refresh-tokens",{"title":416,"path":417,"stem":418},"Anomaly Detection","\u002Fdocs\u002Fiam\u002Fessentials\u002Fanomalies","docs\u002Fiam\u002F01.essentials\u002F03.anomalies",{"title":420,"path":421,"stem":422},"Signup","\u002Fdocs\u002Fiam\u002Fessentials\u002Fsignup","docs\u002Fiam\u002F01.essentials\u002F04.signup",{"title":424,"path":425,"stem":426},"Login","\u002Fdocs\u002Fiam\u002Fessentials\u002Flogin","docs\u002Fiam\u002F01.essentials\u002F05.login",{"title":428,"path":429,"stem":430},"Logout","\u002Fdocs\u002Fiam\u002Fessentials\u002Flogout","docs\u002Fiam\u002F01.essentials\u002F06.logout",{"title":432,"path":433,"stem":434},"OAuth","\u002Fdocs\u002Fiam\u002Fessentials\u002Foauth","docs\u002Fiam\u002F01.essentials\u002F07.oauth",{"title":436,"path":437,"stem":438},"Magic Links","\u002Fdocs\u002Fiam\u002Fessentials\u002Fmagic-links","docs\u002Fiam\u002F01.essentials\u002F08.magic-links",{"title":440,"path":441,"stem":442},"Emails","\u002Fdocs\u002Fiam\u002Fessentials\u002Femails","docs\u002Fiam\u002F01.essentials\u002F09.emails",{"title":120,"path":444,"stem":445},"\u002Fdocs\u002Fiam\u002Fessentials\u002Fmfa","docs\u002Fiam\u002F01.essentials\u002F10.mfa",{"title":447,"path":448,"stem":449},"Fingerprinting","\u002Fdocs\u002Fiam\u002Fessentials\u002Ffingerprinting","docs\u002Fiam\u002F01.essentials\u002F11.fingerprinting",{"title":451,"path":452,"stem":453},"Backend for Frontend","\u002Fdocs\u002Fiam\u002Fessentials\u002Fbff","docs\u002Fiam\u002F01.essentials\u002F12.bff",{"title":455,"path":456,"stem":457},"HMAC Authentication","\u002Fdocs\u002Fiam\u002Fessentials\u002Fhmac","docs\u002Fiam\u002F01.essentials\u002F13.hmac",{"title":459,"path":460,"stem":461},"XSS Protection","\u002Fdocs\u002Fiam\u002Fessentials\u002Fxss","docs\u002Fiam\u002F01.essentials\u002F14.xss",{"title":116,"path":463,"stem":464},"\u002Fdocs\u002Fiam\u002Fessentials\u002Flogging","docs\u002Fiam\u002F01.essentials\u002F15.logging",{"title":466,"path":467,"stem":468},"Rate Limiting","\u002Fdocs\u002Fiam\u002Fessentials\u002Frate-limiting","docs\u002Fiam\u002F01.essentials\u002F16.rate-limiting",{"title":470,"path":471,"stem":472},"Database","\u002Fdocs\u002Fiam\u002Fessentials\u002Fdatabase","docs\u002Fiam\u002F01.essentials\u002F17.database",{"title":112,"path":474,"stem":475},"\u002Fdocs\u002Fiam\u002Fessentials\u002Fcookies","docs\u002Fiam\u002F01.essentials\u002F18.cookies",{"title":477,"path":478,"stem":479},"Service Startup","\u002Fdocs\u002Fiam\u002Fessentials\u002Fservice","docs\u002Fiam\u002F01.essentials\u002F19.service",{"title":130,"path":481,"stem":482},"\u002Fdocs\u002Fiam\u002Fessentials\u002Fpassword-reset","docs\u002Fiam\u002F01.essentials\u002F20.password-reset",{"title":484,"path":485,"stem":486,"children":487},"API Tokens","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi","docs\u002Fiam\u002F01.essentials\u002F21.api\u002Findex",[488,489,493,497,527,530],{"title":484,"path":485,"stem":486},{"title":490,"path":491,"stem":492},"Creating Tokens","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fcreation","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F00.creation",{"title":494,"path":495,"stem":496},"Verifying Tokens","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fverification","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F01.verification",{"title":498,"path":499,"stem":500,"children":501},"Manage Tokens","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fmanagement","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F02.management\u002Findex",[502,503,507,511,515,519,523],{"title":498,"path":499,"stem":500},{"title":504,"path":505,"stem":506},"Privileges","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fmanagement\u002Fprivilege","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F02.management\u002F00.privilege",{"title":508,"path":509,"stem":510},"Revocation","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fmanagement\u002Frevocation","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F02.management\u002F01.revocation",{"title":512,"path":513,"stem":514},"Rotation","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fmanagement\u002Frotation","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F02.management\u002F02.rotation",{"title":516,"path":517,"stem":518},"IP Restriction","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fmanagement\u002Fip-updates","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F02.management\u002F03.ip-updates",{"title":520,"path":521,"stem":522},"Metadata","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fmanagement\u002Fmetadata","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F02.management\u002F04.metadata",{"title":524,"path":525,"stem":526},"Token Listing","\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fmanagement\u002Flist","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F02.management\u002F05.list",{"title":466,"path":528,"stem":529},"\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Frate-limiting","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F03.rate-limiting",{"title":38,"path":531,"stem":532},"\u002Fdocs\u002Fiam\u002Fessentials\u002Fapi\u002Fsecurity","docs\u002Fiam\u002F01.essentials\u002F21.api\u002F04.security",{"title":38,"path":534,"stem":535},"\u002Fdocs\u002Fiam\u002Fsecurity","docs\u002Fiam\u002F02.security",{"title":171,"path":537,"stem":538,"children":539,"page":53},"\u002Fdocs\u002Fiam\u002Fguides","docs\u002Fiam\u002F03.guides",[540,544,548],{"title":541,"path":542,"stem":543},"Deployment","\u002Fdocs\u002Fiam\u002Fguides\u002Fdeployment","docs\u002Fiam\u002F03.guides\u002Fdeployment",{"title":545,"path":546,"stem":547},"Operation Scripts","\u002Fdocs\u002Fiam\u002Fguides\u002Foperation-scripts","docs\u002Fiam\u002F03.guides\u002Foperation-scripts",{"title":549,"path":550,"stem":551},"Role-Based Access Control","\u002Fdocs\u002Fiam\u002Fguides\u002Frbac","docs\u002Fiam\u002F03.guides\u002Frbac",{"title":192,"path":553,"stem":554},"\u002Fdocs\u002Fiam\u002Fconfiguration","docs\u002Fiam\u002F04.configuration",{"title":556,"path":557,"stem":558,"children":559,"page":53},"Api","\u002Fdocs\u002Fiam\u002Fapi","docs\u002Fiam\u002F05.API",[560,563,566],{"title":196,"path":561,"stem":562},"\u002Fdocs\u002Fiam\u002Fapi\u002Fapi","docs\u002Fiam\u002F05.API\u002F00.api",{"title":206,"path":564,"stem":565},"\u002Fdocs\u002Fiam\u002Fapi\u002Fmiddlewares","docs\u002Fiam\u002F05.API\u002F02.middlewares",{"title":202,"path":567,"stem":568},"\u002Fdocs\u002Fiam\u002Fapi\u002Froutes","docs\u002Fiam\u002F05.API\u002F03.routes",{"title":40,"path":42,"stem":570,"children":571},"docs\u002Fshield-base\u002Findex",[572,573,576,580,621,625,629,633],{"title":40,"path":42,"stem":570},{"title":14,"path":574,"stem":575},"\u002Fdocs\u002Fshield-base\u002Fgetting-started","docs\u002Fshield-base\u002F00.getting-started",{"title":577,"path":578,"stem":579},"CLI Reference","\u002Fdocs\u002Fshield-base\u002Fcli","docs\u002Fshield-base\u002F01.cli",{"title":281,"path":581,"stem":582,"children":583},"\u002Fdocs\u002Fshield-base\u002Fdata-sources","docs\u002Fshield-base\u002F02.data-sources\u002Findex",[584,585,589,593,597,601,605,609,613,617],{"title":281,"path":581,"stem":582},{"title":586,"path":587,"stem":588},"BGP \u002F ASN","\u002Fdocs\u002Fshield-base\u002Fdata-sources\u002Fbgp","docs\u002Fshield-base\u002F02.data-sources\u002Fbgp",{"title":590,"path":591,"stem":592},"City Geolocation","\u002Fdocs\u002Fshield-base\u002Fdata-sources\u002Fcity","docs\u002Fshield-base\u002F02.data-sources\u002Fcity",{"title":594,"path":595,"stem":596},"Country Geolocation","\u002Fdocs\u002Fshield-base\u002Fdata-sources\u002Fcountry","docs\u002Fshield-base\u002F02.data-sources\u002Fcountry",{"title":598,"path":599,"stem":600},"Verified Crawlers","\u002Fdocs\u002Fshield-base\u002Fdata-sources\u002Fcrawlers","docs\u002Fshield-base\u002F02.data-sources\u002Fcrawlers",{"title":602,"path":603,"stem":604},"Disposable Emails","\u002Fdocs\u002Fshield-base\u002Fdata-sources\u002Femail","docs\u002Fshield-base\u002F02.data-sources\u002Femail",{"title":606,"path":607,"stem":608},"FireHOL Threat Intelligence","\u002Fdocs\u002Fshield-base\u002Fdata-sources\u002Ffirehol","docs\u002Fshield-base\u002F02.data-sources\u002Ffirehol",{"title":610,"path":611,"stem":612},"Proxy Detection","\u002Fdocs\u002Fshield-base\u002Fdata-sources\u002Fproxy","docs\u002Fshield-base\u002F02.data-sources\u002Fproxy",{"title":614,"path":615,"stem":616},"Tor Nodes","\u002Fdocs\u002Fshield-base\u002Fdata-sources\u002Ftor","docs\u002Fshield-base\u002F02.data-sources\u002Ftor",{"title":618,"path":619,"stem":620},"Suspicious User-Agents","\u002Fdocs\u002Fshield-base\u002Fdata-sources\u002Fuseragent","docs\u002Fshield-base\u002F02.data-sources\u002Fuseragent",{"title":622,"path":623,"stem":624},"Programmatic Usage","\u002Fdocs\u002Fshield-base\u002Fusage","docs\u002Fshield-base\u002F03.usage",{"title":626,"path":627,"stem":628},"Custom Data Sources","\u002Fdocs\u002Fshield-base\u002Fcustom-data-sources","docs\u002Fshield-base\u002F04.custom-data-sources",{"title":630,"path":631,"stem":632},"TypeScript Types","\u002Fdocs\u002Fshield-base\u002Ftypes","docs\u002Fshield-base\u002F05.types",{"title":196,"path":634,"stem":635},"\u002Fdocs\u002Fshield-base\u002Fapi","docs\u002Fshield-base\u002F06.api",{"title":214,"path":48,"stem":637,"children":638},"docs\u002Futils\u002Findex",[639,640,657,690,787],{"title":214,"path":48,"stem":637},{"title":641,"path":642,"stem":643,"children":644,"page":53},"Eslint","\u002Fdocs\u002Futils\u002Feslint","docs\u002Futils\u002Feslint",[645,649,653],{"title":646,"path":647,"stem":648},"React Config","\u002Fdocs\u002Futils\u002Feslint\u002Freact","docs\u002Futils\u002Feslint\u002Freact",{"title":650,"path":651,"stem":652},"TypeScript Config","\u002Fdocs\u002Futils\u002Feslint\u002Ftypescript","docs\u002Futils\u002Feslint\u002Ftypescript",{"title":654,"path":655,"stem":656},"Vue Config","\u002Fdocs\u002Futils\u002Feslint\u002Fvue","docs\u002Futils\u002Feslint\u002Fvue",{"title":658,"path":659,"stem":660,"children":661,"page":53},"Server","\u002Fdocs\u002Futils\u002Fserver","docs\u002Futils\u002Fserver",[662,666,670,674,678,682,686],{"title":663,"path":664,"stem":665},"Encryption","\u002Fdocs\u002Futils\u002Fserver\u002Fencryption","docs\u002Futils\u002Fserver\u002Fencryption",{"title":667,"path":668,"stem":669},"Path Resolver","\u002Fdocs\u002Futils\u002Fserver\u002Fpathresolver","docs\u002Futils\u002Fserver\u002FpathResolver",{"title":671,"path":672,"stem":673},"File Replacements","\u002Fdocs\u002Futils\u002Fserver\u002Freplace","docs\u002Futils\u002Fserver\u002Freplace",{"title":675,"path":676,"stem":677},"run","\u002Fdocs\u002Futils\u002Fserver\u002Frun","docs\u002Futils\u002Fserver\u002Frun",{"title":679,"path":680,"stem":681},"scheduleTask","\u002Fdocs\u002Futils\u002Fserver\u002Fscheduletask","docs\u002Futils\u002Fserver\u002FscheduleTask",{"title":683,"path":684,"stem":685},"spawnRun","\u002Fdocs\u002Futils\u002Fserver\u002Fspawnrun","docs\u002Futils\u002Fserver\u002FspawnRun",{"title":687,"path":688,"stem":689},"uploadCsv","\u002Fdocs\u002Futils\u002Fserver\u002Fuploadcsv","docs\u002Futils\u002Fserver\u002FuploadCsv",{"title":691,"path":692,"stem":693,"children":694,"page":53},"Shared","\u002Fdocs\u002Futils\u002Fshared","docs\u002Futils\u002Fshared",[695,699,703,707,711,715,719,723,727,731,735,739,743,747,751,755,759,763,767,771,775,779,783],{"title":696,"path":697,"stem":698},"BatchQueue","\u002Fdocs\u002Futils\u002Fshared\u002Fbatchqueue","docs\u002Futils\u002Fshared\u002FbatchQueue",{"title":700,"path":701,"stem":702},"capitalize","\u002Fdocs\u002Futils\u002Fshared\u002Fcapitalize","docs\u002Futils\u002Fshared\u002Fcapitalize",{"title":704,"path":705,"stem":706},"chunkProcess","\u002Fdocs\u002Futils\u002Fshared\u002Fchunkprocess","docs\u002Futils\u002Fshared\u002FchunkProcess",{"title":708,"path":709,"stem":710},"cleanObject","\u002Fdocs\u002Futils\u002Fshared\u002Fcleanobject","docs\u002Futils\u002Fshared\u002FcleanObject",{"title":712,"path":713,"stem":714},"createConfigManager","\u002Fdocs\u002Futils\u002Fshared\u002Fconfigurationdefiner","docs\u002Futils\u002Fshared\u002FconfigurationDefiner",{"title":716,"path":717,"stem":718},"debounce","\u002Fdocs\u002Futils\u002Fshared\u002Fdebounce","docs\u002Futils\u002Fshared\u002Fdebounce",{"title":720,"path":721,"stem":722},"ensureArray","\u002Fdocs\u002Futils\u002Fshared\u002Fensurearray","docs\u002Futils\u002Fshared\u002FensureArray",{"title":724,"path":725,"stem":726},"fetchWithRetry","\u002Fdocs\u002Futils\u002Fshared\u002Ffetchwithretry","docs\u002Futils\u002Fshared\u002FfetchWithRetry",{"title":728,"path":729,"stem":730},"filterEmptyValues","\u002Fdocs\u002Futils\u002Fshared\u002Ffilteremptyvalues","docs\u002Futils\u002Fshared\u002FfilterEmptyValues",{"title":732,"path":733,"stem":734},"findStringsInObject","\u002Fdocs\u002Futils\u002Fshared\u002Ffindobjectvalues","docs\u002Futils\u002Fshared\u002FfindObjectValues",{"title":736,"path":737,"stem":738},"fisherYatesShuffle","\u002Fdocs\u002Futils\u002Fshared\u002Ffisheryatesshuffle","docs\u002Futils\u002Fshared\u002FfisherYatesShuffle",{"title":740,"path":741,"stem":742},"getRandomImage","\u002Fdocs\u002Futils\u002Fshared\u002Fgetrandomimage","docs\u002Futils\u002Fshared\u002FgetRandomImage",{"title":744,"path":745,"stem":746},"isObjectHasValues","\u002Fdocs\u002Futils\u002Fshared\u002Fisobjecthasvalues","docs\u002Futils\u002Fshared\u002FisObjectHasValues",{"title":748,"path":749,"stem":750},"isAsyncOrPromise","\u002Fdocs\u002Futils\u002Fshared\u002Fispromise","docs\u002Futils\u002Fshared\u002FisPromise",{"title":752,"path":753,"stem":754},"MiniCache","\u002Fdocs\u002Futils\u002Fshared\u002Fminicache","docs\u002Futils\u002Fshared\u002FminiCache",{"title":756,"path":757,"stem":758},"parseCookies","\u002Fdocs\u002Futils\u002Fshared\u002Fparserawcookies","docs\u002Futils\u002Fshared\u002FparseRawCookies",{"title":760,"path":761,"stem":762},"safeAction","\u002Fdocs\u002Futils\u002Fshared\u002Fpromiselocker","docs\u002Futils\u002Fshared\u002FpromiseLocker",{"title":764,"path":765,"stem":766},"Random","\u002Fdocs\u002Futils\u002Fshared\u002Frandom","docs\u002Futils\u002Fshared\u002Frandom",{"title":768,"path":769,"stem":770},"range","\u002Fdocs\u002Futils\u002Fshared\u002Frange","docs\u002Futils\u002Fshared\u002Frange",{"title":772,"path":773,"stem":774},"rateLimiters","\u002Fdocs\u002Futils\u002Fshared\u002Fratelimiters","docs\u002Futils\u002Fshared\u002FrateLimiters",{"title":776,"path":777,"stem":778},"safeObjectMerge","\u002Fdocs\u002Futils\u002Fshared\u002Fsafemerge","docs\u002Futils\u002Fshared\u002FsafeMerge",{"title":780,"path":781,"stem":782},"textTruncation","\u002Fdocs\u002Futils\u002Fshared\u002Ftexttruncation","docs\u002Futils\u002Fshared\u002FtextTruncation",{"title":784,"path":785,"stem":786},"validateZodSchema","\u002Fdocs\u002Futils\u002Fshared\u002Fvalidatezodschema","docs\u002Futils\u002Fshared\u002FvalidateZodSchema",{"title":788,"path":789,"stem":790,"children":791},"Utility Types","\u002Fdocs\u002Futils\u002Ftypes","docs\u002Futils\u002Ftypes\u002Findex",[792,793,797,801,805,809,813,817,821,825],{"title":788,"path":789,"stem":790},{"title":794,"path":795,"stem":796},"Brand","\u002Fdocs\u002Futils\u002Ftypes\u002Fbrand","docs\u002Futils\u002Ftypes\u002FBrand",{"title":798,"path":799,"stem":800},"DeepPartial","\u002Fdocs\u002Futils\u002Ftypes\u002Fdeeppartial","docs\u002Futils\u002Ftypes\u002FDeepPartial",{"title":802,"path":803,"stem":804},"Merge","\u002Fdocs\u002Futils\u002Ftypes\u002Fmerge","docs\u002Futils\u002Ftypes\u002FMerge",{"title":806,"path":807,"stem":808},"NonNullable","\u002Fdocs\u002Futils\u002Ftypes\u002Fnonnullable","docs\u002Futils\u002Ftypes\u002FNonNullable",{"title":810,"path":811,"stem":812},"Prettify","\u002Fdocs\u002Futils\u002Ftypes\u002Fprettify","docs\u002Futils\u002Ftypes\u002FPrettify",{"title":814,"path":815,"stem":816},"PromiseType","\u002Fdocs\u002Futils\u002Ftypes\u002Fpromisetype","docs\u002Futils\u002Ftypes\u002FPromiseType",{"title":818,"path":819,"stem":820},"RequireKeys","\u002Fdocs\u002Futils\u002Ftypes\u002Frequirekeys","docs\u002Futils\u002Ftypes\u002FRequireKeys",{"title":822,"path":823,"stem":824},"StandardResponse","\u002Fdocs\u002Futils\u002Ftypes\u002Fstandardresponse","docs\u002Futils\u002Ftypes\u002FStandardResponse",{"title":826,"path":827,"stem":828},"ValueOf","\u002Fdocs\u002Futils\u002Ftypes\u002Fvalueof","docs\u002Futils\u002Ftypes\u002FValueOf",{"id":4,"extension":5,"links":830,"meta":841,"stem":62,"__hash__":63},[831,839,840],{"nested":8,"label":9,"icon":10,"to":11,"children":832},[833,834,835,836,837,838],{"label":14,"icon":15,"to":11,"description":16,"github":17,"badge":18},{"label":20,"icon":21,"to":22,"description":23,"github":24,"badge":25},{"label":27,"icon":28,"to":29,"description":30,"github":31,"badge":25},{"label":33,"icon":34,"to":35,"description":36,"github":37,"badge":38},{"label":40,"icon":41,"to":42,"description":43,"github":44,"badge":38},{"label":46,"icon":47,"to":48,"description":49,"github":50,"badge":51},{"nested":53,"label":54,"icon":55,"to":56},{"nested":53,"label":58,"icon":59,"to":60},{},{"id":843,"title":202,"body":844,"description":4027,"extension":4028,"icon":4029,"meta":4030,"module":4031,"navigation":8,"path":203,"rawbody":4032,"seo":4033,"stem":204,"__hash__":4034},"docs\u002Fdocs\u002Fauth-h3client\u002F07.api\u002F00.controllers.md",{"type":845,"value":846,"toc":3995},"minimark",[847,873,1096,1109,1116,1119,1125,1128,1134,1156,1162,1217,1222,1274,1279,1331,1336,1414,1420,1422,1428,1431,1435,1476,1480,1491,1495,1533,1537,1617,1622,1624,1630,1637,1641,1676,1681,1711,1716,1727,1731,1783,1789,1791,1796,1802,1808,1818,1822,1829,1834,1852,1857,1899,1903,1935,1940,1942,1951,1961,1965,1988,1992,2002,2006,2043,2047,2090,2098,2100,2105,2119,2125,2138,2142,2161,2166,2193,2197,2238,2240,2246,2249,2253,2297,2301,2308,2312,2360,2365,2367,2373,2376,2380,2422,2426,2433,2437,2475,2479,2481,2487,2497,2501,2520,2524,2535,2539,2577,2579,2585,2588,2592,2634,2638,2651,2655,2702,2707,2709,2715,2722,2726,2779,2783,2795,2799,2852,2857,2859,2865,2875,2879,2905,2909,2919,2923,2960,2962,2968,2971,2975,3022,3026,3046,3050,3073,3077,3118,3122,3180,3185,3187,3192,3198,3205,3218,3222,3250,3254,3287,3294,3296,3300,3306,3324,3342,3346,3385,3389,3446,3454,3456,3460,3466,3479,3488,3498,3519,3523,3559,3563,3641,3675,3677,3681,3991],[848,849,850,851,855,856,859,860,864,865,868,869,872],"p",{},"The module ships four route registrars that mount authentication, OAuth,\nmagic link, and bounce routes on an H3 router or app. It also exports two\nstandalone handlers: ",[852,853,854],"code",{},"getAuthStatusHandler"," for session status checks and\n",[852,857,858],{},"getApiListsController"," for API token inventory routes. Register them\nexplicitly during startup by calling each registrar with your router or app\ninstance, as shown in the ",[861,862,863],"a",{"href":177},"H3 and Nitro\nsetup"," guide. When using the Nuxt\nmodule, the registrars are still configured in your Nitro plugin, while the\nmodule auto-registers the auth status route regardless of\n",[852,866,867],{},"enableMiddleware",", and can optionally auto-register the API token list route\nwhen ",[852,870,871],{},"registerApiRoute"," is configured.",[874,875,881],"pre",{"className":876,"code":877,"filename":878,"language":879,"meta":880,"style":880},"language-ts shiki shiki-themes light-plus light-plus dracula","import { H3 } from 'h3'\nimport {\n  configuration,\n  useAuthRoutes,\n  useOAuthRoutes,\n  bounceRouter,\n  magicLinksRouter,\n} from 'auth-h3client\u002Fv2'\n\nconfiguration({ \u002F* ... *\u002F })\n\nconst app = new H3()\nuseAuthRoutes(app)\nuseOAuthRoutes(app)\nbounceRouter(app)\nmagicLinksRouter(app, 'api')\n","H3 v2","ts","",[852,882,883,917,925,934,942,950,958,966,981,987,1004,1009,1034,1049,1061,1073],{"__ignoreMap":880},[884,885,888,892,896,900,903,906,910,914],"span",{"class":886,"line":887},"line",1,[884,889,891],{"class":890},"sZ328","import",[884,893,895],{"class":894},"sDd4n"," { ",[884,897,899],{"class":898},"sjsA6","H3",[884,901,902],{"class":894}," } ",[884,904,905],{"class":890},"from",[884,907,909],{"class":908},"sFkSl"," '",[884,911,913],{"class":912},"sFB1V","h3",[884,915,916],{"class":908},"'\n",[884,918,920,922],{"class":886,"line":919},2,[884,921,891],{"class":890},[884,923,924],{"class":894}," {\n",[884,926,928,931],{"class":886,"line":927},3,[884,929,930],{"class":898},"  configuration",[884,932,933],{"class":894},",\n",[884,935,937,940],{"class":886,"line":936},4,[884,938,939],{"class":898},"  useAuthRoutes",[884,941,933],{"class":894},[884,943,945,948],{"class":886,"line":944},5,[884,946,947],{"class":898},"  useOAuthRoutes",[884,949,933],{"class":894},[884,951,953,956],{"class":886,"line":952},6,[884,954,955],{"class":898},"  bounceRouter",[884,957,933],{"class":894},[884,959,961,964],{"class":886,"line":960},7,[884,962,963],{"class":898},"  magicLinksRouter",[884,965,933],{"class":894},[884,967,969,972,974,976,979],{"class":886,"line":968},8,[884,970,971],{"class":894},"} ",[884,973,905],{"class":890},[884,975,909],{"class":908},[884,977,978],{"class":912},"auth-h3client\u002Fv2",[884,980,916],{"class":908},[884,982,984],{"class":886,"line":983},9,[884,985,986],{"emptyLinePlaceholder":8},"\n",[884,988,990,994,997,1001],{"class":886,"line":989},10,[884,991,993],{"class":992},"sHOzp","configuration",[884,995,996],{"class":894},"({ ",[884,998,1000],{"class":999},"sghk6","\u002F* ... *\u002F",[884,1002,1003],{"class":894}," })\n",[884,1005,1007],{"class":886,"line":1006},11,[884,1008,986],{"emptyLinePlaceholder":8},[884,1010,1012,1016,1020,1024,1028,1031],{"class":886,"line":1011},12,[884,1013,1015],{"class":1014},"sl46w","const",[884,1017,1019],{"class":1018},"s3JHE"," app",[884,1021,1023],{"class":1022},"saOXh"," =",[884,1025,1027],{"class":1026},"sakC6"," new",[884,1029,1030],{"class":992}," H3",[884,1032,1033],{"class":894},"()\n",[884,1035,1037,1040,1043,1046],{"class":886,"line":1036},13,[884,1038,1039],{"class":992},"useAuthRoutes",[884,1041,1042],{"class":894},"(",[884,1044,1045],{"class":898},"app",[884,1047,1048],{"class":894},")\n",[884,1050,1052,1055,1057,1059],{"class":886,"line":1051},14,[884,1053,1054],{"class":992},"useOAuthRoutes",[884,1056,1042],{"class":894},[884,1058,1045],{"class":898},[884,1060,1048],{"class":894},[884,1062,1064,1067,1069,1071],{"class":886,"line":1063},15,[884,1065,1066],{"class":992},"bounceRouter",[884,1068,1042],{"class":894},[884,1070,1045],{"class":898},[884,1072,1048],{"class":894},[884,1074,1076,1079,1081,1083,1086,1089,1092,1094],{"class":886,"line":1075},16,[884,1077,1078],{"class":992},"magicLinksRouter",[884,1080,1042],{"class":894},[884,1082,1045],{"class":898},[884,1084,1085],{"class":894},", ",[884,1087,1088],{"class":908},"'",[884,1090,1091],{"class":912},"api",[884,1093,1088],{"class":908},[884,1095,1048],{"class":894},[1097,1098,1099],"note",{},[848,1100,1101,1102,1105,1106,1108],{},"All routes registered by this module are separate from your application's own API routes. They handle authentication flows and proxy to the ",[861,1103,1104],{"href":29},"IAM service",". Your own protected routes use the event handler wrappers described in the ",[861,1107,206],{"href":207},".",[848,1110,1111,1112,1108],{},"For the global middleware chain applied before any route handler runs, see ",[861,1113,1115],{"href":1114},"\u002Fdocs\u002Fauth-h3client\u002Fsecurity#request-lifecycle","Security: Request Lifecycle",[1117,1118],"hr",{},[1120,1121,1123],"h2",{"id":1122},"useauthroutes",[852,1124,1039],{},[848,1126,1127],{},"Core signup, login, and logout routes. Every route in this registrar verifies the CSRF cookie before the handler runs.",[913,1129,1131],{"id":1130},"post-signup",[852,1132,1133],{},"POST \u002Fsignup",[848,1135,1136,1137,1140,1141,1144,1145,1148,1149,1152,1153,1108],{},"Proxies the request body to the IAM ",[852,1138,1139],{},"\u002Fauth\u002Fsignup"," endpoint. On success, sets the ",[852,1142,1143],{},"__Secure-a"," and ",[852,1146,1147],{},"a-iat"," cookies and redirects to ",[852,1150,1151],{},"onSuccessRedirect",". Returns JSON for requests with ",[852,1154,1155],{},"Accept: application\u002Fjson",[848,1157,1158],{},[1159,1160,1161],"strong",{},"Middleware chain",[1163,1164,1166,1173,1184,1190,1193,1199,1206,1212],"steps",{"level":1165},"4",[1167,1168,1170],"h4",{"id":1169},"verifycsrfcookie",[852,1171,1172],{},"verifyCsrfCookie",[848,1174,1175,1176,1179,1180,1183],{},"Validates the ",[852,1177,1178],{},"__Host-csrf"," cookie signature and expiry, then checks that ",[852,1181,1182],{},"X-CSRF-Token"," matches the token in the cookie payload. Throws HTTP 403 on failure.",[1167,1185,1187],{"id":1186},"contenttypeapplicationjson",[852,1188,1189],{},"contentType('application\u002Fjson')",[848,1191,1192],{},"Rejects requests without a JSON content type. Throws HTTP 400.",[1167,1194,1196],{"id":1195},"limitbytes1024",[852,1197,1198],{},"limitBytes(1024)",[848,1200,1201,1202,1205],{},"Rejects request bodies larger than 1 KB. Throws HTTP 403 (",[852,1203,1204],{},"INVALID_CONTENT_TYPE",").",[1167,1207,1209],{"id":1208},"signuphandler",[852,1210,1211],{},"signUpHandler",[848,1213,1214,1215,1108],{},"The signup controller. Proxies to IAM ",[852,1216,1139],{},[848,1218,1219],{},[1159,1220,1221],{},"Request body",[1223,1224,1225,1234,1240,1249,1255,1265],"field-group",{},[1226,1227,1231],"field",{"name":1228,"type":1229,":required":1230},"email","string","true",[848,1232,1233],{},"The user's email address.",[1226,1235,1237],{"name":1236,"type":1229,":required":1230},"password",[848,1238,1239],{},"The user's password. Validated against the policy by the IAM service.",[1226,1241,1243],{"name":1242,"type":1229,":required":1230},"confirmedPassword",[848,1244,1245,1246,1248],{},"Must match ",[852,1247,1236],{}," exactly.",[1226,1250,1252],{"name":1251,"type":1229,":required":1230},"name",[848,1253,1254],{},"The user's display name.",[1226,1256,1258],{"name":1257,"type":1229,":required":1230},"termsConsent",[848,1259,1260,1261,1264],{},"Must be ",[852,1262,1263],{},"\"on\""," to indicate terms acceptance.",[1226,1266,1268],{"name":1267,"type":1229},"rememberUser",[848,1269,1270,1271,1273],{},"When ",[852,1272,1263],{},", issues a longer-lived refresh token.",[848,1275,1276],{},[1159,1277,1278],{},"Cookies set on success",[1280,1281,1282,1295],"table",{},[1283,1284,1285],"thead",{},[1286,1287,1288,1292],"tr",{},[1289,1290,1291],"th",{},"Cookie",[1289,1293,1294],{},"Purpose",[1296,1297,1298,1308,1317],"tbody",{},[1286,1299,1300,1305],{},[1301,1302,1303],"td",{},[852,1304,1143],{},[1301,1306,1307],{},"Access token",[1286,1309,1310,1314],{},[1301,1311,1312],{},[852,1313,1147],{},[1301,1315,1316],{},"Access token issued-at timestamp",[1286,1318,1319,1324],{},[1301,1320,1321],{},[852,1322,1323],{},"session",[1301,1325,1326,1327,1330],{},"Refresh token (forwarded from IAM ",[852,1328,1329],{},"Set-Cookie",")",[848,1332,1333],{},[1159,1334,1335],{},"Responses",[1280,1337,1338,1348],{},[1283,1339,1340],{},[1286,1341,1342,1345],{},[1289,1343,1344],{},"Status",[1289,1346,1347],{},"Meaning",[1296,1349,1350,1362,1374,1384,1394,1404],{},[1286,1351,1352,1357],{},[1301,1353,1354],{},[852,1355,1356],{},"303",[1301,1358,1359,1360],{},"Signup successful, redirects to ",[852,1361,1151],{},[1286,1363,1364,1369],{},[1301,1365,1366],{},[852,1367,1368],{},"201",[1301,1370,1371,1372,1330],{},"Signup successful, returns JSON (when ",[852,1373,1155],{},[1286,1375,1376,1381],{},[1301,1377,1378],{},[852,1379,1380],{},"400",[1301,1382,1383],{},"Validation error",[1286,1385,1386,1391],{},[1301,1387,1388],{},[852,1389,1390],{},"403",[1301,1392,1393],{},"Banned or XSS detected",[1286,1395,1396,1401],{},[1301,1397,1398],{},[852,1399,1400],{},"409",[1301,1402,1403],{},"Email already registered",[1286,1405,1406,1411],{},[1301,1407,1408],{},[852,1409,1410],{},"500",[1301,1412,1413],{},"IAM service error",[848,1415,1416,1417,1419],{},"See ",[861,1418,101],{"href":102}," for the full signup flow.",[1117,1421],{},[913,1423,1425],{"id":1424},"post-login",[852,1426,1427],{},"POST \u002Flogin",[848,1429,1430],{},"Authenticates a user with email and password. On success, sets the same cookies as signup and redirects or returns JSON.",[848,1432,1433],{},[1159,1434,1161],{},[1163,1436,1437,1442,1448,1453,1456,1461,1464,1470],{"level":1165},[1167,1438,1440],{"id":1439},"verifycsrfcookie-1",[852,1441,1172],{},[848,1443,1444,1445,1447],{},"Validates the CSRF cookie and ",[852,1446,1182],{}," header. Throws HTTP 403 on failure.",[1167,1449,1451],{"id":1450},"contenttypeapplicationjson-1",[852,1452,1189],{},[848,1454,1455],{},"Rejects requests without JSON content type.",[1167,1457,1459],{"id":1458},"limitbytes1024-1",[852,1460,1198],{},[848,1462,1463],{},"Rejects bodies larger than 1 KB.",[1167,1465,1467],{"id":1466},"loginhandler",[852,1468,1469],{},"loginHandler",[848,1471,1472,1473,1108],{},"The login controller. Proxies to IAM ",[852,1474,1475],{},"\u002Flogin",[848,1477,1478],{},[1159,1479,1221],{},[1223,1481,1482,1486],{},[1226,1483,1484],{"name":1228,"type":1229,":required":1230},[848,1485,1233],{},[1226,1487,1488],{"name":1236,"type":1229,":required":1230},[848,1489,1490],{},"The user's password.",[848,1492,1493],{},[1159,1494,1278],{},[1280,1496,1497,1505],{},[1283,1498,1499],{},[1286,1500,1501,1503],{},[1289,1502,1291],{},[1289,1504,1294],{},[1296,1506,1507,1515,1523],{},[1286,1508,1509,1513],{},[1301,1510,1511],{},[852,1512,1143],{},[1301,1514,1307],{},[1286,1516,1517,1521],{},[1301,1518,1519],{},[852,1520,1147],{},[1301,1522,1316],{},[1286,1524,1525,1529],{},[1301,1526,1527],{},[852,1528,1323],{},[1301,1530,1326,1531,1330],{},[852,1532,1329],{},[848,1534,1535],{},[1159,1536,1335],{},[1280,1538,1539,1547],{},[1283,1540,1541],{},[1286,1542,1543,1545],{},[1289,1544,1344],{},[1289,1546,1347],{},[1296,1548,1549,1560,1572,1580,1590,1599,1609],{},[1286,1550,1551,1555],{},[1301,1552,1553],{},[852,1554,1356],{},[1301,1556,1557,1558],{},"Login successful, redirects to ",[852,1559,1151],{},[1286,1561,1562,1567],{},[1301,1563,1564],{},[852,1565,1566],{},"200",[1301,1568,1569,1570,1330],{},"Login successful, returns JSON (when ",[852,1571,1155],{},[1286,1573,1574,1578],{},[1301,1575,1576],{},[852,1577,1380],{},[1301,1579,1383],{},[1286,1581,1582,1587],{},[1301,1583,1584],{},[852,1585,1586],{},"401",[1301,1588,1589],{},"Invalid credentials",[1286,1591,1592,1596],{},[1301,1593,1594],{},[852,1595,1390],{},[1301,1597,1598],{},"CSRF failure, XSS detected, or banned",[1286,1600,1601,1606],{},[1301,1602,1603],{},[852,1604,1605],{},"429",[1301,1607,1608],{},"Rate limited",[1286,1610,1611,1615],{},[1301,1612,1613],{},[852,1614,1410],{},[1301,1616,1413],{},[848,1618,1416,1619,1621],{},[861,1620,101],{"href":102}," for the login pipeline and cookie details.",[1117,1623],{},[913,1625,1627],{"id":1626},"post-logout",[852,1628,1629],{},"POST \u002Flogout",[848,1631,1632,1633,1636],{},"Sends the refresh token to the IAM ",[852,1634,1635],{},"\u002Fauth\u002Flogout"," endpoint, then clears the session cookies and removes the access token from the local LRU cache. Rejects any request body.",[848,1638,1639],{},[1159,1640,1161],{},[1163,1642,1643,1648,1652,1658,1664,1670],{"level":1165},[1167,1644,1646],{"id":1645},"verifycsrfcookie-2",[852,1647,1172],{},[848,1649,1444,1650,1447],{},[852,1651,1182],{},[1167,1653,1655],{"id":1654},"limitbytes0",[852,1656,1657],{},"limitBytes(0)",[848,1659,1660,1661,1663],{},"Rejects any request body. Throws HTTP 403 (",[852,1662,1204],{},") if a body is present.",[1167,1665,1667],{"id":1666},"logouthandler",[852,1668,1669],{},"logoutHandler",[848,1671,1672,1673,1675],{},"The logout controller. Proxies to IAM ",[852,1674,1635],{},", clears cookies, and removes the cached access token.",[848,1677,1678],{},[1159,1679,1680],{},"Cookies required",[1280,1682,1683,1691],{},[1283,1684,1685],{},[1286,1686,1687,1689],{},[1289,1688,1291],{},[1289,1690,1294],{},[1296,1692,1693,1702],{},[1286,1694,1695,1699],{},[1301,1696,1697],{},[852,1698,1323],{},[1301,1700,1701],{},"The current refresh token to revoke",[1286,1703,1704,1708],{},[1301,1705,1706],{},[852,1707,1178],{},[1301,1709,1710],{},"CSRF cookie",[848,1712,1713],{},[1159,1714,1715],{},"Cookies cleared on success",[848,1717,1718,1085,1720,1085,1722,1085,1724],{},[852,1719,1143],{},[852,1721,1147],{},[852,1723,1323],{},[852,1725,1726],{},"iat",[848,1728,1729],{},[1159,1730,1335],{},[1280,1732,1733,1741],{},[1283,1734,1735],{},[1286,1736,1737,1739],{},[1289,1738,1344],{},[1289,1740,1347],{},[1296,1742,1743,1752,1763,1772],{},[1286,1744,1745,1749],{},[1301,1746,1747],{},[852,1748,1356],{},[1301,1750,1751],{},"Logout successful, redirects to root domain",[1286,1753,1754,1758],{},[1301,1755,1756],{},[852,1757,1566],{},[1301,1759,1760,1761,1330],{},"Logout successful, returns JSON (when ",[852,1762,1155],{},[1286,1764,1765,1769],{},[1301,1766,1767],{},[852,1768,1390],{},[1301,1770,1771],{},"CSRF failure",[1286,1773,1774,1778],{},[1301,1775,1776],{},[852,1777,1390],{},[1301,1779,1780,1781,1330],{},"Request body present (error code: ",[852,1782,1204],{},[848,1784,1416,1785,1788],{},[861,1786,101],{"href":1787},"\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fauth-flows#logout"," for the full logout sequence.",[1117,1790],{},[1120,1792,1794],{"id":1793},"useoauthroutes",[852,1795,1054],{},[848,1797,1798,1799,1108],{},"OAuth and OIDC authorization code flows. Both GET and POST are registered on the callback route to support providers that use ",[852,1800,1801],{},"response_mode: form_post",[913,1803,1805],{"id":1804},"get-oauthprovider",[852,1806,1807],{},"GET \u002Foauth\u002F:provider",[848,1809,1810,1811,1814,1815,1108],{},"Looks up the provider by the ",[852,1812,1813],{},":provider"," parameter, generates a PKCE verifier and challenge pair, creates a signed state cookie, and redirects the user to the provider's authorization URL. For OIDC providers, discovers the authorization endpoint via ",[852,1816,1817],{},"{issuer}\u002F.well-known\u002Fopenid-configuration",[848,1819,1820],{},[1159,1821,1161],{},[848,1823,1824,1825,1828],{},"No pipeline middleware. The handler (",[852,1826,1827],{},"OAuthRedirect",") handles provider lookup and validation internally.",[848,1830,1831],{},[1159,1832,1833],{},"URL parameters",[1223,1835,1836],{},[1226,1837,1839],{"name":1838,"type":1229,":required":1230},"provider",[848,1840,1841,1842,1845,1846,1085,1849,1108],{},"The OAuth provider name as configured in ",[852,1843,1844],{},"oauth.providers",". For example, ",[852,1847,1848],{},"google",[852,1850,1851],{},"github",[848,1853,1854],{},[1159,1855,1856],{},"Cookies set",[1280,1858,1859,1867],{},[1283,1860,1861],{},[1286,1862,1863,1865],{},[1289,1864,1291],{},[1289,1866,1294],{},[1296,1868,1869,1879,1889],{},[1286,1870,1871,1876],{},[1301,1872,1873],{},[852,1874,1875],{},"state{provider}",[1301,1877,1878],{},"Signed state cookie for CSRF protection during the OAuth flow",[1286,1880,1881,1886],{},[1301,1882,1883],{},[852,1884,1885],{},"pkce_v{provider}",[1301,1887,1888],{},"PKCE code verifier for use at the callback",[1286,1890,1891,1896],{},[1301,1892,1893],{},[852,1894,1895],{},"nonce{provider}",[1301,1897,1898],{},"Nonce for OIDC ID token verification",[848,1900,1901],{},[1159,1902,1335],{},[1280,1904,1905,1913],{},[1283,1906,1907],{},[1286,1908,1909,1911],{},[1289,1910,1344],{},[1289,1912,1347],{},[1296,1914,1915,1925],{},[1286,1916,1917,1922],{},[1301,1918,1919],{},[852,1920,1921],{},"302",[1301,1923,1924],{},"Redirects to the provider authorization URL",[1286,1926,1927,1932],{},[1301,1928,1929],{},[852,1930,1931],{},"404",[1301,1933,1934],{},"Provider not found in configuration",[848,1936,1416,1937,1939],{},[861,1938,432],{"href":106}," for provider configuration and the PKCE flow.",[1117,1941],{},[913,1943,1945,1144,1948],{"id":1944},"get-oauthcallbackprovider-and-post-oauthcallbackprovider",[852,1946,1947],{},"GET \u002Foauth\u002Fcallback\u002F:provider",[852,1949,1950],{},"POST \u002Foauth\u002Fcallback\u002F:provider",[848,1952,1953,1954,1957,1958,1960],{},"Handles the provider callback. Verifies the state cookie, exchanges the authorization code for tokens, verifies the ID token signature against the provider's JWKS endpoint (OIDC), validates the ",[852,1955,1956],{},"at_hash"," claim (OIDC), fetches user info, merges the profile with ",[852,1959,776],{}," to protect reserved JWT fields, and proxies the result to the IAM service. On success, sets the access and session cookies.",[848,1962,1963],{},[1159,1964,1161],{},[1163,1966,1967,1973,1979,1985],{"level":1165},[1167,1968,1970],{"id":1969},"oauthtokensvalidations",[852,1971,1972],{},"OAuthTokensValidations",[848,1974,1975,1976,1978],{},"Validates the OAuth state cookie and, for OIDC providers, verifies the ID token signature and ",[852,1977,1956],{}," claim.",[1167,1980,1982],{"id":1981},"oauthsuccesscallback",[852,1983,1984],{},"OAuthSuccessCallBack",[848,1986,1987],{},"Exchanges the authorization code, fetches user info, merges profile data, and proxies to the IAM service.",[848,1989,1990],{},[1159,1991,1833],{},[1223,1993,1994],{},[1226,1995,1996],{"name":1838,"type":1229,":required":1230},[848,1997,1998,1999,2001],{},"The OAuth provider name. Must match the ",[852,2000,1813],{}," used to initiate the flow.",[848,2003,2004],{},[1159,2005,1278],{},[1280,2007,2008,2016],{},[1283,2009,2010],{},[1286,2011,2012,2014],{},[1289,2013,1291],{},[1289,2015,1294],{},[1296,2017,2018,2026,2034],{},[1286,2019,2020,2024],{},[1301,2021,2022],{},[852,2023,1143],{},[1301,2025,1307],{},[1286,2027,2028,2032],{},[1301,2029,2030],{},[852,2031,1147],{},[1301,2033,1316],{},[1286,2035,2036,2040],{},[1301,2037,2038],{},[852,2039,1323],{},[1301,2041,2042],{},"Refresh token (forwarded from IAM response)",[848,2044,2045],{},[1159,2046,1335],{},[1280,2048,2049,2057],{},[1283,2050,2051],{},[1286,2052,2053,2055],{},[1289,2054,1344],{},[1289,2056,1347],{},[1296,2058,2059,2078],{},[1286,2060,2061,2065],{},[1301,2062,2063],{},[852,2064,1566],{},[1301,2066,2067,2068,1144,2071,2074,2075],{},"Success, returns HTML page with ",[852,2069,2070],{},"\u003Cmeta http-equiv=\"refresh\">",[852,2072,2073],{},"window.location.replace()"," pointing to ",[852,2076,2077],{},"redirectUrlOnSuccess",[1286,2079,2080,2084],{},[1301,2081,2082],{},[852,2083,1921],{},[1301,2085,2086,2087],{},"Failure (provider error, missing code, token exchange failure), redirects to ",[852,2088,2089],{},"redirectUrlOnError",[848,2091,1416,2092,2094,2095,2097],{},[861,2093,432],{"href":106}," for the full OIDC verification flow and ",[852,2096,776],{}," behavior.",[1117,2099],{},[1120,2101,2103],{"id":2102},"magiclinksrouter",[852,2104,1078],{},[848,2106,2107,2108,2110,2111,2114,2115,2118],{},"Handles MFA verification, password reset, and email change flows. Registered with the ",[852,2109,1091],{}," prefix, so all paths are ",[852,2112,2113],{},"\u002Fapi\u002Fauth\u002F...",". GET routes set ",[852,2116,2117],{},"Cache-Control: no-store"," and generate a fresh CSRF cookie for the page that will be rendered. POST routes require CSRF verification.",[913,2120,2122],{"id":2121},"get-apiauthverify-mfa",[852,2123,2124],{},"GET \u002Fapi\u002Fauth\u002Fverify-mfa",[848,2126,2127,2128,2130,2131,2134,2135,1108],{},"Validates an MFA magic link and returns link metadata. Used by the ",[852,2129,156],{}," composable when the ",[852,2132,2133],{},"reason"," is ",[852,2136,2137],{},"MAGIC_LINK_MFA_CHECKS",[848,2139,2140],{},[1159,2141,1161],{},[1163,2143,2144,2149,2152,2158],{"level":1165},[1167,2145,2147],{"id":2146},"cache-control-no-store",[852,2148,2117],{},[848,2150,2151],{},"Prevents caching of the magic link response.",[1167,2153,2155],{"id":2154},"verifymfalink",[852,2156,2157],{},"verifyMfaLink",[848,2159,2160],{},"Validates the magic link query parameters, verifies the link with the IAM service, and returns link metadata.",[848,2162,2163],{},[1159,2164,2165],{},"Query parameters",[1223,2167,2168,2174,2180,2187],{},[1226,2169,2171],{"name":2170,"type":1229,":required":1230},"token",[848,2172,2173],{},"The temporary JWT token from the magic link URL.",[1226,2175,2177],{"name":2176,"type":1229,":required":1230},"random",[848,2178,2179],{},"The random hash for cryptographic verification.",[1226,2181,2182],{"name":2133,"type":1229,":required":1230},[848,2183,2184,2185,1108],{},"The link purpose. Must be ",[852,2186,2137],{},[1226,2188,2190],{"name":2189,"type":1229,":required":1230},"visitor",[848,2191,2192],{},"The visitor identifier.",[848,2194,2195],{},[1159,2196,1335],{},[1280,2198,2199,2210],{},[1283,2200,2201],{},[1286,2202,2203,2205,2208],{},[1289,2204,1344],{},[1289,2206,2207],{},"Body",[1289,2209,1347],{},[1296,2211,2212,2226],{},[1286,2213,2214,2218,2223],{},[1301,2215,2216],{},[852,2217,1566],{},[1301,2219,2220],{},[852,2221,2222],{},"{ ok: true, date, data: { link: 'MFA Code', reason } }",[1301,2224,2225],{},"Link is valid",[1286,2227,2228,2232,2235],{},[1301,2229,2230],{},[852,2231,1931],{},[1301,2233,2234],{},"Not found",[1301,2236,2237],{},"Invalid, expired, or already-used link",[1117,2239],{},[913,2241,2243],{"id":2242},"post-apiauthverify-mfa",[852,2244,2245],{},"POST \u002Fapi\u002Fauth\u002Fverify-mfa",[848,2247,2248],{},"Submits an MFA code after the magic link is verified. Verifies the link first, then validates and forwards the code to the IAM service.",[848,2250,2251],{},[1159,2252,1161],{},[1163,2254,2255,2260,2263,2268,2273,2278,2281,2286,2288,2294],{"level":1165},[1167,2256,2258],{"id":2257},"verifymfalink-1",[852,2259,2157],{},[848,2261,2262],{},"Validates and partially consumes the magic link.",[1167,2264,2266],{"id":2265},"verifycsrfcookie-3",[852,2267,1172],{},[848,2269,1444,2270,2272],{},[852,2271,1182],{}," header.",[1167,2274,2276],{"id":2275},"contenttypeapplicationjson-2",[852,2277,1189],{},[848,2279,2280],{},"Rejects non-JSON content types.",[1167,2282,2284],{"id":2283},"limitbytes1024-2",[852,2285,1198],{},[848,2287,1463],{},[1167,2289,2291],{"id":2290},"sendmfacodehandler",[852,2292,2293],{},"sendMfaCodeHandler",[848,2295,2296],{},"Forwards the code to the IAM service for verification.",[848,2298,2299],{},[1159,2300,1221],{},[1223,2302,2303],{},[1226,2304,2305],{"name":852,"type":1229,":required":1230},[848,2306,2307],{},"The 7-digit numeric OTP code from the MFA email.",[848,2309,2310],{},[1159,2311,1335],{},[1280,2313,2314,2322],{},[1283,2315,2316],{},[1286,2317,2318,2320],{},[1289,2319,1344],{},[1289,2321,1347],{},[1296,2323,2324,2333,2342,2351],{},[1286,2325,2326,2330],{},[1301,2327,2328],{},[852,2329,1566],{},[1301,2331,2332],{},"Code verified",[1286,2334,2335,2339],{},[1301,2336,2337],{},[852,2338,1380],{},[1301,2340,2341],{},"Malformed code or link parameter mismatch",[1286,2343,2344,2348],{},[1301,2345,2346],{},[852,2347,1586],{},[1301,2349,2350],{},"Invalid or expired code",[1286,2352,2353,2357],{},[1301,2354,2355],{},[852,2356,1390],{},[1301,2358,2359],{},"CSRF failure or user banned",[848,2361,1416,2362,2364],{},[861,2363,126],{"href":127}," for the full flow.",[1117,2366],{},[913,2368,2370],{"id":2369},"post-apiauthpassword-reset",[852,2371,2372],{},"POST \u002Fapi\u002Fauth\u002Fpassword-reset",[848,2374,2375],{},"Initiates a password reset by sending a signed magic link email to the provided address.",[848,2377,2378],{},[1159,2379,1161],{},[1163,2381,2382,2387,2391,2396,2398,2403,2405,2411],{"level":1165},[1167,2383,2385],{"id":2384},"verifycsrfcookie-4",[852,2386,1172],{},[848,2388,1444,2389,2272],{},[852,2390,1182],{},[1167,2392,2394],{"id":2393},"contenttypeapplicationjson-3",[852,2395,1189],{},[848,2397,2280],{},[1167,2399,2401],{"id":2400},"limitbytes1024-3",[852,2402,1198],{},[848,2404,1463],{},[1167,2406,2408],{"id":2407},"restartpasswordhandler",[852,2409,2410],{},"restartPasswordHandler",[848,2412,2413,2414,2417,2418,2421],{},"Forwards the email to IAM ",[852,2415,2416],{},"\u002Fauth\u002Fforgot-password",". Calls ",[852,2419,2420],{},"banIp"," when IAM returns 403.",[848,2423,2424],{},[1159,2425,1221],{},[1223,2427,2428],{},[1226,2429,2430],{"name":1228,"type":1229,":required":1230},[848,2431,2432],{},"The email address associated with the account.",[848,2434,2435],{},[1159,2436,1335],{},[1280,2438,2439,2447],{},[1283,2440,2441],{},[1286,2442,2443,2445],{},[1289,2444,1344],{},[1289,2446,1347],{},[1296,2448,2449,2458,2466],{},[1286,2450,2451,2455],{},[1301,2452,2453],{},[852,2454,1566],{},[1301,2456,2457],{},"Reset email sent (always returns success to prevent enumeration)",[1286,2459,2460,2464],{},[1301,2461,2462],{},[852,2463,1390],{},[1301,2465,2359],{},[1286,2467,2468,2472],{},[1301,2469,2470],{},[852,2471,1605],{},[1301,2473,2474],{},"Rate limit exceeded",[848,2476,1416,2477,2364],{},[861,2478,130],{"href":131},[1117,2480],{},[913,2482,2484],{"id":2483},"get-apiauthreset-password",[852,2485,2486],{},"GET \u002Fapi\u002Fauth\u002Freset-password",[848,2488,2489,2490,2130,2492,2134,2494,1108],{},"Validates a password reset magic link and returns link metadata. Used by the ",[852,2491,156],{},[852,2493,2133],{},[852,2495,2496],{},"PASSWORD_RESET",[848,2498,2499],{},[1159,2500,1161],{},[1163,2502,2503,2508,2511,2517],{"level":1165},[1167,2504,2506],{"id":2505},"cache-control-no-store-1",[852,2507,2117],{},[848,2509,2510],{},"Prevents caching.",[1167,2512,2514],{"id":2513},"verifytemppasswordlink",[852,2515,2516],{},"verifyTempPasswordLink",[848,2518,2519],{},"Validates the magic link query parameters and confirms the link with the IAM service.",[848,2521,2522],{},[1159,2523,2165],{},[848,2525,2526,2527,1085,2529,1085,2531,1085,2533,1108],{},"Same structure as the MFA GET route: ",[852,2528,2170],{},[852,2530,2176],{},[852,2532,2133],{},[852,2534,2189],{},[848,2536,2537],{},[1159,2538,1335],{},[1280,2540,2541,2551],{},[1283,2542,2543],{},[1286,2544,2545,2547,2549],{},[1289,2546,1344],{},[1289,2548,2207],{},[1289,2550,1347],{},[1296,2552,2553,2566],{},[1286,2554,2555,2559,2564],{},[1301,2556,2557],{},[852,2558,1566],{},[1301,2560,2561],{},[852,2562,2563],{},"{ ok: true, date, data: { link: 'Password Reset', reason } }",[1301,2565,2225],{},[1286,2567,2568,2572,2574],{},[1301,2569,2570],{},[852,2571,1931],{},[1301,2573,2234],{},[1301,2575,2576],{},"Invalid or expired link",[1117,2578],{},[913,2580,2582],{"id":2581},"post-apiauthreset-password",[852,2583,2584],{},"POST \u002Fapi\u002Fauth\u002Freset-password",[848,2586,2587],{},"Submits a new password to complete the reset flow after the magic link is verified.",[848,2589,2590],{},[1159,2591,1161],{},[1163,2593,2594,2599,2602,2607,2611,2616,2618,2623,2625,2631],{"level":1165},[1167,2595,2597],{"id":2596},"verifytemppasswordlink-1",[852,2598,2516],{},[848,2600,2601],{},"Validates and partially consumes the password reset magic link.",[1167,2603,2605],{"id":2604},"verifycsrfcookie-5",[852,2606,1172],{},[848,2608,1444,2609,2272],{},[852,2610,1182],{},[1167,2612,2614],{"id":2613},"contenttypeapplicationjson-4",[852,2615,1189],{},[848,2617,2280],{},[1167,2619,2621],{"id":2620},"limitbytes1024-4",[852,2622,1198],{},[848,2624,1463],{},[1167,2626,2628],{"id":2627},"sendnewpasswordhandler",[852,2629,2630],{},"sendNewPasswordHandler",[848,2632,2633],{},"Forwards the new password and link parameters to the IAM service, which validates the token and updates the password hash.",[848,2635,2636],{},[1159,2637,1221],{},[1223,2639,2640,2645],{},[1226,2641,2642],{"name":1236,"type":1229,":required":1230},[848,2643,2644],{},"The new password.",[1226,2646,2647],{"name":1242,"type":1229,":required":1230},[848,2648,1245,2649,1248],{},[852,2650,1236],{},[848,2652,2653],{},[1159,2654,1335],{},[1280,2656,2657,2665],{},[1283,2658,2659],{},[1286,2660,2661,2663],{},[1289,2662,1344],{},[1289,2664,1347],{},[1296,2666,2667,2676,2685,2694],{},[1286,2668,2669,2673],{},[1301,2670,2671],{},[852,2672,1566],{},[1301,2674,2675],{},"Password updated",[1286,2677,2678,2682],{},[1301,2679,2680],{},[852,2681,1380],{},[1301,2683,2684],{},"Validation error or password mismatch",[1286,2686,2687,2691],{},[1301,2688,2689],{},[852,2690,1390],{},[1301,2692,2693],{},"CSRF failure or XSS detected",[1286,2695,2696,2700],{},[1301,2697,2698],{},[852,2699,1605],{},[1301,2701,2474],{},[848,2703,1416,2704,2706],{},[861,2705,130],{"href":131}," for the complete three-step flow.",[1117,2708],{},[913,2710,2712],{"id":2711},"post-apiauthchange-email",[852,2713,2714],{},"POST \u002Fapi\u002Fauth\u002Fchange-email",[848,2716,2717,2718,2721],{},"Initiates the email change flow for an authenticated user. Validates the session, generates a 128-byte random token, and calls ",[852,2719,2720],{},"askForMfaFlow"," to send a verification email to the user's current address.",[848,2723,2724],{},[1159,2725,1161],{},[1163,2727,2728,2734,2741,2745,2748,2754,2757,2761,2767,2773],{"level":1165},[1167,2729,2731],{"id":2730},"defineverifiedcsrfhandler",[852,2732,2733],{},"defineVerifiedCsrfHandler",[848,2735,1175,2736,2738,2739,1447],{},[852,2737,1178],{}," cookie signature and ",[852,2740,1182],{},[1167,2742,2744],{"id":2743},"post-assertion","POST assertion",[848,2746,2747],{},"Rejects non-POST requests.",[1167,2749,2751],{"id":2750},"limitbytes1_000_000",[852,2752,2753],{},"limitBytes(1_000_000)",[848,2755,2756],{},"Rejects request bodies larger than 1 MB.",[1167,2758,2760],{"id":2759},"content-type-check","Content-Type check",[848,2762,2763,2764,1108],{},"Rejects requests without ",[852,2765,2766],{},"Content-Type: application\u002Fjson",[1167,2768,2770],{"id":2769},"initchangeemailflow",[852,2771,2772],{},"initChangeEmailFlow",[848,2774,2775,2776,2778],{},"Validates the body, generates the random token, calls ",[852,2777,2720],{},", and returns the result.",[848,2780,2781],{},[1159,2782,1221],{},[1223,2784,2785],{},[1226,2786,2788],{"name":2787,"type":1229,":required":1230},"init",[848,2789,2790,2791,2794],{},"Must be the string ",[852,2792,2793],{},"\"1\"",". Acts as an explicit trigger flag.",[848,2796,2797],{},[1159,2798,1335],{},[1280,2800,2801,2809],{},[1283,2802,2803],{},[1286,2804,2805,2807],{},[1289,2806,1344],{},[1289,2808,1347],{},[1296,2810,2811,2823,2835,2844],{},[1286,2812,2813,2817],{},[1301,2814,2815],{},[852,2816,1566],{},[1301,2818,2819,2820],{},"Verification email sent: ",[852,2821,2822],{},"{ ok: true, data: \"Please check your email...\" }",[1286,2824,2825,2829],{},[1301,2826,2827],{},[852,2828,1566],{},[1301,2830,2831,2832],{},"Session anomaly detected: ",[852,2833,2834],{},"{ ok: false, code: \"MFA_REQUIRED\", reason: \"...\" }",[1286,2836,2837,2841],{},[1301,2838,2839],{},[852,2840,1380],{},[1301,2842,2843],{},"Invalid Content-Type or body validation failure",[1286,2845,2846,2850],{},[1301,2847,2848],{},[852,2849,1390],{},[1301,2851,1771],{},[848,2853,1416,2854,2856],{},[861,2855,134],{"href":135}," for the three-step flow.",[1117,2858],{},[913,2860,2862],{"id":2861},"get-apiauthupdate-email",[852,2863,2864],{},"GET \u002Fapi\u002Fauth\u002Fupdate-email",[848,2866,2867,2868,2130,2870,2134,2872,1108],{},"Validates an email change magic link and returns link metadata. Used by the ",[852,2869,156],{},[852,2871,2133],{},[852,2873,2874],{},"change_email",[848,2876,2877],{},[1159,2878,1161],{},[1163,2880,2881,2886,2888,2894,2897,2903],{"level":1165},[1167,2882,2884],{"id":2883},"cache-control-no-store-2",[852,2885,2117],{},[848,2887,2510],{},[1167,2889,2891],{"id":2890},"generatecsrfcookie",[852,2892,2893],{},"generateCsrfCookie",[848,2895,2896],{},"Mints a fresh CSRF cookie for the page.",[1167,2898,2900],{"id":2899},"changeemailgetapi",[852,2901,2902],{},"changeEmailGetAPI",[848,2904,2519],{},[848,2906,2907],{},[1159,2908,2165],{},[848,2910,2526,2911,1085,2913,1085,2915,1085,2917,1108],{},[852,2912,2170],{},[852,2914,2176],{},[852,2916,2133],{},[852,2918,2189],{},[848,2920,2921],{},[1159,2922,1335],{},[1280,2924,2925,2935],{},[1283,2926,2927],{},[1286,2928,2929,2931,2933],{},[1289,2930,1344],{},[1289,2932,2207],{},[1289,2934,1347],{},[1296,2936,2937,2950],{},[1286,2938,2939,2943,2948],{},[1301,2940,2941],{},[852,2942,1566],{},[1301,2944,2945],{},[852,2946,2947],{},"{ ok: true, date, data: { link: 'Custom MFA', reason: 'change_email' } }",[1301,2949,2225],{},[1286,2951,2952,2956,2958],{},[1301,2953,2954],{},[852,2955,1931],{},[1301,2957,2234],{},[1301,2959,2576],{},[1117,2961],{},[913,2963,2965],{"id":2964},"post-apiauthupdate-email",[852,2966,2967],{},"POST \u002Fapi\u002Fauth\u002Fupdate-email",[848,2969,2970],{},"Submits the new email address with the magic link query parameters and verification code to complete the email change. Applies token rotation on success.",[848,2972,2973],{},[1159,2974,1161],{},[1163,2976,2977,2982,2988,2991,2993,2999,3002,3005,3009,3015],{"level":1165},[1167,2978,2980],{"id":2979},"defineverifiedcsrfhandler-1",[852,2981,2733],{},[848,2983,1175,2984,2738,2986,1447],{},[852,2985,1178],{},[852,2987,1182],{},[1167,2989,2744],{"id":2990},"post-assertion-1",[848,2992,2747],{},[1167,2994,2996],{"id":2995},"limitbytes8_000_000",[852,2997,2998],{},"limitBytes(8_000_000)",[848,3000,3001],{},"Rejects request bodies larger than 8 MB.",[1167,3003,2760],{"id":3004},"content-type-check-1",[848,3006,2763,3007,1108],{},[852,3008,2766],{},[1167,3010,3012],{"id":3011},"updatenewemail",[852,3013,3014],{},"updateNewEmail",[848,3016,3017,3018,3021],{},"Validates the query parameters and body, proxies to IAM ",[852,3019,3020],{},"\u002Fupdate\u002Femail",", and applies token rotation.",[848,3023,3024],{},[1159,3025,2165],{},[1223,3027,3028,3032,3036,3042],{},[1226,3029,3030],{"name":2170,"type":1229,":required":1230},[848,3031,2173],{},[1226,3033,3034],{"name":2176,"type":1229,":required":1230},[848,3035,2179],{},[1226,3037,3038],{"name":2133,"type":1229,":required":1230},[848,3039,1260,3040,1108],{},[852,3041,2874],{},[1226,3043,3044],{"name":2189,"type":1229,":required":1230},[848,3045,2192],{},[848,3047,3048],{},[1159,3049,1221],{},[1223,3051,3052,3057,3062,3068],{},[1226,3053,3054],{"name":852,"type":1229,":required":1230},[848,3055,3056],{},"The 7-digit numeric OTP code from the verification email.",[1226,3058,3059],{"name":1228,"type":1229,":required":1230},[848,3060,3061],{},"The user's current email address.",[1226,3063,3065],{"name":3064,"type":1229,":required":1230},"newEmail",[848,3066,3067],{},"The new email address to change to.",[1226,3069,3070],{"name":1236,"type":1229,":required":1230},[848,3071,3072],{},"The user's current password, confirmed before the change is applied.",[848,3074,3075],{},[1159,3076,1278],{},[1280,3078,3079,3087],{},[1283,3080,3081],{},[1286,3082,3083,3085],{},[1289,3084,1291],{},[1289,3086,1294],{},[1296,3088,3089,3098,3107],{},[1286,3090,3091,3095],{},[1301,3092,3093],{},[852,3094,1143],{},[1301,3096,3097],{},"New access token",[1286,3099,3100,3104],{},[1301,3101,3102],{},[852,3103,1147],{},[1301,3105,3106],{},"New access token issued-at timestamp",[1286,3108,3109,3113],{},[1301,3110,3111],{},[852,3112,1323],{},[1301,3114,3115,3116,1330],{},"New refresh token (forwarded from IAM ",[852,3117,1329],{},[848,3119,3120],{},[1159,3121,1335],{},[1280,3123,3124,3132],{},[1283,3125,3126],{},[1286,3127,3128,3130],{},[1289,3129,1344],{},[1289,3131,1347],{},[1296,3133,3134,3146,3155,3164,3172],{},[1286,3135,3136,3140],{},[1301,3137,3138],{},[852,3139,1566],{},[1301,3141,3142,3143],{},"Email updated, tokens rotated: ",[852,3144,3145],{},"{ ok: true, data: \"Your email has been successfully updated.\" }",[1286,3147,3148,3152],{},[1301,3149,3150],{},[852,3151,1380],{},[1301,3153,3154],{},"Validation error, invalid code, or link parameter mismatch",[1286,3156,3157,3161],{},[1301,3158,3159],{},[852,3160,1586],{},[1301,3162,3163],{},"Missing session cookies",[1286,3165,3166,3170],{},[1301,3167,3168],{},[852,3169,1390],{},[1301,3171,1771],{},[1286,3173,3174,3178],{},[1301,3175,3176],{},[852,3177,1410],{},[1301,3179,1413],{},[848,3181,1416,3182,3184],{},[861,3183,134],{"href":135}," for the complete flow.",[1117,3186],{},[1120,3188,3190],{"id":3189},"bouncerouter",[852,3191,1066],{},[913,3193,3195],{"id":3194},"get-authbounce",[852,3196,3197],{},"GET \u002Fauth\u002Fbounce",[848,3199,3200,3201,3204],{},"Reads the magic link query parameters from the incoming email URL and redirects to ",[852,3202,3203],{},"magicLinkRedirectPath"," with the parameters re-encoded in the query string. This converts an externally-deliverable bounce URL into an internal client-side route.",[848,3206,3207,3208,3211,3212,3215,3216,1108],{},"The bounce path is configurable via ",[852,3209,3210],{},"magicLinkBouncePath"," (default ",[852,3213,3214],{},"\u002Fauth\u002Fbounce","). The destination is controlled by ",[852,3217,3203],{},[848,3219,3220],{},[1159,3221,2165],{},[1223,3223,3224,3229,3234,3246],{},[1226,3225,3226],{"name":2170,"type":1229,":required":1230},[848,3227,3228],{},"The temporary JWT token.",[1226,3230,3231],{"name":2176,"type":1229,":required":1230},[848,3232,3233],{},"The random hash.",[1226,3235,3236],{"name":2133,"type":1229,":required":1230},[848,3237,3238,3239,1085,3241,1085,3243,3245],{},"The link purpose, for example ",[852,3240,2137],{},[852,3242,2496],{},[852,3244,2874],{},", or a custom reason string.",[1226,3247,3248],{"name":2189,"type":1229,":required":1230},[848,3249,2192],{},[848,3251,3252],{},[1159,3253,1335],{},[1280,3255,3256,3264],{},[1283,3257,3258],{},[1286,3259,3260,3262],{},[1289,3261,1344],{},[1289,3263,1347],{},[1296,3265,3266,3278],{},[1286,3267,3268,3272],{},[1301,3269,3270],{},[852,3271,1921],{},[1301,3273,3274,3275,3277],{},"Redirects to ",[852,3276,3203],{}," with parameters",[1286,3279,3280,3284],{},[1301,3281,3282],{},[852,3283,1380],{},[1301,3285,3286],{},"Invalid redirect URL",[848,3288,1416,3289,1144,3291,3293],{},[861,3290,126],{"href":127},[861,3292,130],{"href":131}," for the full magic link flows that use this bounce route.",[1117,3295],{},[1120,3297,3299],{"id":3298},"auth-status-endpoint","Auth status endpoint",[913,3301,3303],{"id":3302},"get-authusersauthstatus",[852,3304,3305],{},"GET \u002Fauth\u002Fusers\u002FauthStatus",[848,3307,3308,3309,3312,3313,3316,3317,3320,3321,1108],{},"Returns the current session state by proxying to the IAM ",[852,3310,3311],{},"\u002Fsecret\u002Fdata","\nendpoint. In manual H3 and Nitro setups, ",[852,3314,3315],{},"\u002Fauth\u002Fusers\u002FauthStatus"," is the most\ncommon path. When using the Nuxt module, the handler is registered\nautomatically at ",[852,3318,3319],{},"authStatusUrl",", whose default value is\n",[852,3322,3323],{},"\u002Fapi\u002Fauth\u002Fusers\u002FauthStatus",[848,3325,3326,3327,3330,3331,3334,3335,3337,3338,3341],{},"If you want to register the same handler with ",[852,3328,3329],{},"addServerHandler()"," instead of\nimporting it from ",[852,3332,3333],{},"auth-h3client\u002Fv1"," or ",[852,3336,978],{},", use the\n",[852,3339,3340],{},"auth-h3client\u002Fserver\u002Fauth-status"," export.",[848,3343,3344],{},[1159,3345,1680],{},[1280,3347,3348,3356],{},[1283,3349,3350],{},[1286,3351,3352,3354],{},[1289,3353,1291],{},[1289,3355,1294],{},[1296,3357,3358,3366,3375],{},[1286,3359,3360,3364],{},[1301,3361,3362],{},[852,3363,1143],{},[1301,3365,1307],{},[1286,3367,3368,3372],{},[1301,3369,3370],{},[852,3371,1323],{},[1301,3373,3374],{},"Refresh token",[1286,3376,3377,3382],{},[1301,3378,3379],{},[852,3380,3381],{},"canary_id",[1301,3383,3384],{},"Visitor fingerprint",[848,3386,3387],{},[1159,3388,1335],{},[1280,3390,3391,3401],{},[1283,3392,3393],{},[1286,3394,3395,3397,3399],{},[1289,3396,1344],{},[1289,3398,2207],{},[1289,3400,1347],{},[1296,3402,3403,3417,3432],{},[1286,3404,3405,3409,3414],{},[1301,3406,3407],{},[852,3408,1566],{},[1301,3410,3411],{},[852,3412,3413],{},"{ authorized: true, userId, roles, ipAddress, userAgent, date }",[1301,3415,3416],{},"Authenticated",[1286,3418,3419,3424,3429],{},[1301,3420,3421],{},[852,3422,3423],{},"202",[1301,3425,3426],{},[852,3427,3428],{},"{ mfaRequired: 'MFA required', message }",[1301,3430,3431],{},"MFA challenge pending",[1286,3433,3434,3438,3443],{},[1301,3435,3436],{},[852,3437,1586],{},[1301,3439,3440],{},[852,3441,3442],{},"{ authorized: false }",[1301,3444,3445],{},"Not authenticated",[848,3447,1416,3448,3450,3451,3453],{},[861,3449,89],{"href":90}," for how ",[852,3452,152],{}," reads this endpoint.",[1117,3455],{},[1120,3457,3459],{"id":3458},"api-token-inventory-endpoint","API token inventory endpoint",[913,3461,3463],{"id":3462},"get-registerapiroutepath",[852,3464,3465],{},"GET \u003CregisterApiRoute.path>",[848,3467,3468,3469,3472,3473,3475,3476,1108],{},"Returns the authenticated user's API token inventory by proxying to the IAM\n",[852,3470,3471],{},"\u002Fapi\u002Fmanage\u002Flist-metadata"," endpoint. This handler is exported as\n",[852,3474,858],{},". Register it manually on any GET route, or let the\nNuxt module register it automatically by setting ",[852,3477,3478],{},"registerApiRoute.path",[848,3480,3481,3482,3484,3485,3341],{},"For Nuxt module wiring and manual ",[852,3483,3329],{}," setups, use the\n",[852,3486,3487],{},"auth-h3client\u002Fserver\u002Fapi-lists",[848,3489,3490,3491,3493,3494,3497],{},"The handler runs the same authenticated session pipeline as\n",[852,3492,854],{},", then removes ",[852,3495,3496],{},"public_identifier"," from every token\nentry before returning the response. The response includes token IDs, names,\nprivilege levels, expiry timestamps, usage counts, and optional IP\nrestrictions.",[3499,3500,3501],"tip",{},[848,3502,3503,3504,3507,3508,3511,3512,3515,3516,3518],{},"This route is read-only. If you need to create, revoke, rotate, etc, register your own POST\nroute with ",[852,3505,3506],{},"defineApiManagementHandler",". That wrapper keeps the full IAM token\nlist private on the server, resolves ",[852,3509,3510],{},"tokenId"," to ",[852,3513,3514],{},"publicIdentifier"," and\n",[852,3517,1251],{},", and only exposes the browser-safe fields to your frontend.",[848,3520,3521],{},[1159,3522,1680],{},[1280,3524,3525,3533],{},[1283,3526,3527],{},[1286,3528,3529,3531],{},[1289,3530,1291],{},[1289,3532,1294],{},[1296,3534,3535,3543,3551],{},[1286,3536,3537,3541],{},[1301,3538,3539],{},[852,3540,1143],{},[1301,3542,1307],{},[1286,3544,3545,3549],{},[1301,3546,3547],{},[852,3548,1323],{},[1301,3550,3374],{},[1286,3552,3553,3557],{},[1301,3554,3555],{},[852,3556,3381],{},[1301,3558,3384],{},[848,3560,3561],{},[1159,3562,1335],{},[1280,3564,3565,3575],{},[1283,3566,3567],{},[1286,3568,3569,3571,3573],{},[1289,3570,1344],{},[1289,3572,2207],{},[1289,3574,1347],{},[1296,3576,3577,3591,3603,3615,3629],{},[1286,3578,3579,3583,3588],{},[1301,3580,3581],{},[852,3582,1566],{},[1301,3584,3585],{},[852,3586,3587],{},"{ ok: true, date, data: { total, totalInvalidTokens, totalValidTokens, tokenList? } }",[1301,3589,3590],{},"Authenticated token inventory",[1286,3592,3593,3597,3601],{},[1301,3594,3595],{},[852,3596,3423],{},[1301,3598,3599],{},[852,3600,3428],{},[1301,3602,3431],{},[1286,3604,3605,3609,3613],{},[1301,3606,3607],{},[852,3608,1586],{},[1301,3610,3611],{},[852,3612,3442],{},[1301,3614,3445],{},[1286,3616,3617,3621,3626],{},[1301,3618,3619],{},[852,3620,1605],{},[1301,3622,3623],{},[852,3624,3625],{},"{ ok: false, reason }",[1301,3627,3628],{},"Rate limited by IAM",[1286,3630,3631,3635,3639],{},[1301,3632,3633],{},[852,3634,1410],{},[1301,3636,3637],{},[852,3638,3625],{},[1301,3640,1413],{},[848,3642,3643,3644,3647,3648,1085,3651,1085,3653,933,3656,1085,3659,1085,3662,1085,3665,3668,3669,3672,3673,1108],{},"Each ",[852,3645,3646],{},"tokenList"," entry includes the token ",[852,3649,3650],{},"id",[852,3652,1251],{},[852,3654,3655],{},"created_at",[852,3657,3658],{},"expires_at",[852,3660,3661],{},"restricted_to_ip_address",[852,3663,3664],{},"last_used",[852,3666,3667],{},"usage_count",", and\n",[852,3670,3671],{},"privilege_type",". The response omits ",[852,3674,3496],{},[1117,3676],{},[1120,3678,3680],{"id":3679},"route-summary","Route summary",[1280,3682,3683,3699],{},[1283,3684,3685],{},[1286,3686,3687,3690,3693,3696],{},[1289,3688,3689],{},"Method",[1289,3691,3692],{},"Path",[1289,3694,3695],{},"Registrar",[1289,3697,3698],{},"Description",[1296,3700,3701,3720,3737,3755,3774,3793,3811,3828,3846,3864,3881,3899,3917,3934,3951,3971],{},[1286,3702,3703,3708,3713,3717],{},[1301,3704,3705],{},[852,3706,3707],{},"POST",[1301,3709,3710],{},[852,3711,3712],{},"\u002Fsignup",[1301,3714,3715],{},[852,3716,1039],{},[1301,3718,3719],{},"Register a new user account",[1286,3721,3722,3726,3730,3734],{},[1301,3723,3724],{},[852,3725,3707],{},[1301,3727,3728],{},[852,3729,1475],{},[1301,3731,3732],{},[852,3733,1039],{},[1301,3735,3736],{},"Authenticate with email and password",[1286,3738,3739,3743,3748,3752],{},[1301,3740,3741],{},[852,3742,3707],{},[1301,3744,3745],{},[852,3746,3747],{},"\u002Flogout",[1301,3749,3750],{},[852,3751,1039],{},[1301,3753,3754],{},"Revoke the refresh token and clear cookies",[1286,3756,3757,3762,3767,3771],{},[1301,3758,3759],{},[852,3760,3761],{},"GET",[1301,3763,3764],{},[852,3765,3766],{},"\u002Foauth\u002F:provider",[1301,3768,3769],{},[852,3770,1054],{},[1301,3772,3773],{},"Initiate an OAuth authorization code flow",[1286,3775,3776,3781,3786,3790],{},[1301,3777,3778],{},[852,3779,3780],{},"GET\u002FPOST",[1301,3782,3783],{},[852,3784,3785],{},"\u002Foauth\u002Fcallback\u002F:provider",[1301,3787,3788],{},[852,3789,1054],{},[1301,3791,3792],{},"Handle the OAuth provider callback",[1286,3794,3795,3799,3804,3808],{},[1301,3796,3797],{},[852,3798,3761],{},[1301,3800,3801],{},[852,3802,3803],{},"\u002Fapi\u002Fauth\u002Fverify-mfa",[1301,3805,3806],{},[852,3807,1078],{},[1301,3809,3810],{},"Validate an MFA magic link",[1286,3812,3813,3817,3821,3825],{},[1301,3814,3815],{},[852,3816,3707],{},[1301,3818,3819],{},[852,3820,3803],{},[1301,3822,3823],{},[852,3824,1078],{},[1301,3826,3827],{},"Submit the MFA code",[1286,3829,3830,3834,3839,3843],{},[1301,3831,3832],{},[852,3833,3707],{},[1301,3835,3836],{},[852,3837,3838],{},"\u002Fapi\u002Fauth\u002Fpassword-reset",[1301,3840,3841],{},[852,3842,1078],{},[1301,3844,3845],{},"Initiate a password reset",[1286,3847,3848,3852,3857,3861],{},[1301,3849,3850],{},[852,3851,3761],{},[1301,3853,3854],{},[852,3855,3856],{},"\u002Fapi\u002Fauth\u002Freset-password",[1301,3858,3859],{},[852,3860,1078],{},[1301,3862,3863],{},"Validate a password reset magic link",[1286,3865,3866,3870,3874,3878],{},[1301,3867,3868],{},[852,3869,3707],{},[1301,3871,3872],{},[852,3873,3856],{},[1301,3875,3876],{},[852,3877,1078],{},[1301,3879,3880],{},"Submit the new password",[1286,3882,3883,3887,3892,3896],{},[1301,3884,3885],{},[852,3886,3707],{},[1301,3888,3889],{},[852,3890,3891],{},"\u002Fapi\u002Fauth\u002Fchange-email",[1301,3893,3894],{},[852,3895,1078],{},[1301,3897,3898],{},"Initiate an email change flow",[1286,3900,3901,3905,3910,3914],{},[1301,3902,3903],{},[852,3904,3761],{},[1301,3906,3907],{},[852,3908,3909],{},"\u002Fapi\u002Fauth\u002Fupdate-email",[1301,3911,3912],{},[852,3913,1078],{},[1301,3915,3916],{},"Validate an email change magic link",[1286,3918,3919,3923,3927,3931],{},[1301,3920,3921],{},[852,3922,3707],{},[1301,3924,3925],{},[852,3926,3909],{},[1301,3928,3929],{},[852,3930,1078],{},[1301,3932,3933],{},"Submit the new email address",[1286,3935,3936,3940,3944,3948],{},[1301,3937,3938],{},[852,3939,3761],{},[1301,3941,3942],{},[852,3943,3214],{},[1301,3945,3946],{},[852,3947,1066],{},[1301,3949,3950],{},"Redirect incoming magic link email to client route",[1286,3952,3953,3957,3963,3968],{},[1301,3954,3955],{},[852,3956,3761],{},[1301,3958,3959,3211,3961,1330],{},[852,3960,3319],{},[852,3962,3323],{},[1301,3964,3965,3967],{},[852,3966,854],{}," \u002F Module (auto)",[1301,3969,3970],{},"Check session state",[1286,3972,3973,3977,3981,3986],{},[1301,3974,3975],{},[852,3976,3761],{},[1301,3978,3979],{},[852,3980,3478],{},[1301,3982,3983,3985],{},[852,3984,858],{}," \u002F Module (optional auto)",[1301,3987,3988,3989],{},"Return the authenticated API token list without ",[852,3990,3496],{},[3992,3993,3994],"style",{},"html pre.shiki code .sZ328, html code.shiki .sZ328{--shiki-light:#AF00DB;--shiki-default:#AF00DB;--shiki-dark:#FF79C6}html pre.shiki code .sDd4n, html code.shiki .sDd4n{--shiki-light:#000000;--shiki-default:#000000;--shiki-dark:#F8F8F2}html pre.shiki code .sjsA6, html code.shiki .sjsA6{--shiki-light:#001080;--shiki-default:#001080;--shiki-dark:#F8F8F2}html pre.shiki code .sFkSl, html code.shiki .sFkSl{--shiki-light:#A31515;--shiki-default:#A31515;--shiki-dark:#E9F284}html pre.shiki code .sFB1V, html code.shiki .sFB1V{--shiki-light:#A31515;--shiki-default:#A31515;--shiki-dark:#F1FA8C}html pre.shiki code .sHOzp, html code.shiki .sHOzp{--shiki-light:#795E26;--shiki-default:#795E26;--shiki-dark:#50FA7B}html pre.shiki code .sghk6, html code.shiki .sghk6{--shiki-light:#008000;--shiki-default:#008000;--shiki-dark:#6272A4}html pre.shiki code .sl46w, html code.shiki .sl46w{--shiki-light:#0000FF;--shiki-default:#0000FF;--shiki-dark:#FF79C6}html pre.shiki code .s3JHE, html code.shiki .s3JHE{--shiki-light:#0070C1;--shiki-default:#0070C1;--shiki-dark:#F8F8F2}html pre.shiki code .saOXh, html code.shiki .saOXh{--shiki-light:#000000;--shiki-default:#000000;--shiki-dark:#FF79C6}html pre.shiki code .sakC6, html code.shiki .sakC6{--shiki-light:#0000FF;--shiki-light-font-weight:inherit;--shiki-default:#0000FF;--shiki-default-font-weight:inherit;--shiki-dark:#FF79C6;--shiki-dark-font-weight:bold}html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":880,"searchDepth":919,"depth":919,"links":3996},[3997,4002,4007,4017,4020,4023,4026],{"id":1122,"depth":919,"text":1039,"children":3998},[3999,4000,4001],{"id":1130,"depth":927,"text":1133},{"id":1424,"depth":927,"text":1427},{"id":1626,"depth":927,"text":1629},{"id":1793,"depth":919,"text":1054,"children":4003},[4004,4005],{"id":1804,"depth":927,"text":1807},{"id":1944,"depth":927,"text":4006},"GET \u002Foauth\u002Fcallback\u002F:provider and POST \u002Foauth\u002Fcallback\u002F:provider",{"id":2102,"depth":919,"text":1078,"children":4008},[4009,4010,4011,4012,4013,4014,4015,4016],{"id":2121,"depth":927,"text":2124},{"id":2242,"depth":927,"text":2245},{"id":2369,"depth":927,"text":2372},{"id":2483,"depth":927,"text":2486},{"id":2581,"depth":927,"text":2584},{"id":2711,"depth":927,"text":2714},{"id":2861,"depth":927,"text":2864},{"id":2964,"depth":927,"text":2967},{"id":3189,"depth":919,"text":1066,"children":4018},[4019],{"id":3194,"depth":927,"text":3197},{"id":3298,"depth":919,"text":3299,"children":4021},[4022],{"id":3302,"depth":927,"text":3305},{"id":3458,"depth":919,"text":3459,"children":4024},[4025],{"id":3462,"depth":927,"text":3465},{"id":3679,"depth":919,"text":3680},"Complete reference for every HTTP route registered by Auth H3 Client. Covers all four route registrars, middleware chains, request bodies, query parameters, cookies, and response shapes.","md","i-lucide-route",{},null,"---\ntitle: Routes Reference\ndescription: Complete reference for every HTTP route registered by Auth H3 Client. Covers all four route registrars, middleware chains, request bodies, query parameters, cookies, and response shapes.\nicon: i-lucide-route\n---\n\nThe module ships four route registrars that mount authentication, OAuth,\nmagic link, and bounce routes on an H3 router or app. It also exports two\nstandalone handlers: `getAuthStatusHandler` for session status checks and\n`getApiListsController` for API token inventory routes. Register them\nexplicitly during startup by calling each registrar with your router or app\ninstance, as shown in the [H3 and Nitro\nsetup](\u002Fdocs\u002Fauth-h3client\u002Fguides\u002Fh3-nitro) guide. When using the Nuxt\nmodule, the registrars are still configured in your Nitro plugin, while the\nmodule auto-registers the auth status route regardless of\n`enableMiddleware`, and can optionally auto-register the API token list route\nwhen `registerApiRoute` is configured.\n\n```ts [H3 v2]\nimport { H3 } from 'h3'\nimport {\n  configuration,\n  useAuthRoutes,\n  useOAuthRoutes,\n  bounceRouter,\n  magicLinksRouter,\n} from 'auth-h3client\u002Fv2'\n\nconfiguration({ \u002F* ... *\u002F })\n\nconst app = new H3()\nuseAuthRoutes(app)\nuseOAuthRoutes(app)\nbounceRouter(app)\nmagicLinksRouter(app, 'api')\n```\n\n::note\nAll routes registered by this module are separate from your application's own API routes. They handle authentication flows and proxy to the [IAM service](\u002Fdocs\u002Fiam). Your own protected routes use the event handler wrappers described in the [Middleware Reference](\u002Fdocs\u002Fauth-h3client\u002Fapi\u002Fmiddleware).\n::\n\nFor the global middleware chain applied before any route handler runs, see [Security: Request Lifecycle](\u002Fdocs\u002Fauth-h3client\u002Fsecurity#request-lifecycle).\n\n---\n\n## `useAuthRoutes`\n\nCore signup, login, and logout routes. Every route in this registrar verifies the CSRF cookie before the handler runs.\n\n### `POST \u002Fsignup`\n\nProxies the request body to the IAM `\u002Fauth\u002Fsignup` endpoint. On success, sets the `__Secure-a` and `a-iat` cookies and redirects to `onSuccessRedirect`. Returns JSON for requests with `Accept: application\u002Fjson`.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `verifyCsrfCookie`\nValidates the `__Host-csrf` cookie signature and expiry, then checks that `X-CSRF-Token` matches the token in the cookie payload. Throws HTTP 403 on failure.\n\n#### `contentType('application\u002Fjson')`\nRejects requests without a JSON content type. Throws HTTP 400.\n\n#### `limitBytes(1024)`\nRejects request bodies larger than 1 KB. Throws HTTP 403 (`INVALID_CONTENT_TYPE`).\n\n#### `signUpHandler`\nThe signup controller. Proxies to IAM `\u002Fauth\u002Fsignup`.\n\n::\n\n**Request body**\n\n::field-group\n  ::field{name=\"email\" type=\"string\" required}\n  The user's email address.\n  ::\n  ::field{name=\"password\" type=\"string\" required}\n  The user's password. Validated against the policy by the IAM service.\n  ::\n  ::field{name=\"confirmedPassword\" type=\"string\" required}\n  Must match `password` exactly.\n  ::\n  ::field{name=\"name\" type=\"string\" required}\n  The user's display name.\n  ::\n  ::field{name=\"termsConsent\" type=\"string\" required}\n  Must be `\"on\"` to indicate terms acceptance.\n  ::\n  ::field{name=\"rememberUser\" type=\"string\"}\n  When `\"on\"`, issues a longer-lived refresh token.\n  ::\n::\n\n**Cookies set on success**\n\n| Cookie | Purpose |\n|---|---|\n| `__Secure-a` | Access token |\n| `a-iat` | Access token issued-at timestamp |\n| `session` | Refresh token (forwarded from IAM `Set-Cookie`) |\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `303` | Signup successful, redirects to `onSuccessRedirect` |\n| `201` | Signup successful, returns JSON (when `Accept: application\u002Fjson`) |\n| `400` | Validation error |\n| `403` | Banned or XSS detected |\n| `409` | Email already registered |\n| `500` | IAM service error |\n\nSee [Auth Flows](\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fauth-flows) for the full signup flow.\n\n---\n\n### `POST \u002Flogin`\n\nAuthenticates a user with email and password. On success, sets the same cookies as signup and redirects or returns JSON.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `verifyCsrfCookie`\nValidates the CSRF cookie and `X-CSRF-Token` header. Throws HTTP 403 on failure.\n\n#### `contentType('application\u002Fjson')`\nRejects requests without JSON content type.\n\n#### `limitBytes(1024)`\nRejects bodies larger than 1 KB.\n\n#### `loginHandler`\nThe login controller. Proxies to IAM `\u002Flogin`.\n\n::\n\n**Request body**\n\n::field-group\n  ::field{name=\"email\" type=\"string\" required}\n  The user's email address.\n  ::\n  ::field{name=\"password\" type=\"string\" required}\n  The user's password.\n  ::\n::\n\n**Cookies set on success**\n\n| Cookie | Purpose |\n|---|---|\n| `__Secure-a` | Access token |\n| `a-iat` | Access token issued-at timestamp |\n| `session` | Refresh token (forwarded from IAM `Set-Cookie`) |\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `303` | Login successful, redirects to `onSuccessRedirect` |\n| `200` | Login successful, returns JSON (when `Accept: application\u002Fjson`) |\n| `400` | Validation error |\n| `401` | Invalid credentials |\n| `403` | CSRF failure, XSS detected, or banned |\n| `429` | Rate limited |\n| `500` | IAM service error |\n\nSee [Auth Flows](\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fauth-flows) for the login pipeline and cookie details.\n\n---\n\n### `POST \u002Flogout`\n\nSends the refresh token to the IAM `\u002Fauth\u002Flogout` endpoint, then clears the session cookies and removes the access token from the local LRU cache. Rejects any request body.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `verifyCsrfCookie`\nValidates the CSRF cookie and `X-CSRF-Token` header. Throws HTTP 403 on failure.\n\n#### `limitBytes(0)`\nRejects any request body. Throws HTTP 403 (`INVALID_CONTENT_TYPE`) if a body is present.\n\n#### `logoutHandler`\nThe logout controller. Proxies to IAM `\u002Fauth\u002Flogout`, clears cookies, and removes the cached access token.\n\n::\n\n**Cookies required**\n\n| Cookie | Purpose |\n|---|---|\n| `session` | The current refresh token to revoke |\n| `__Host-csrf` | CSRF cookie |\n\n**Cookies cleared on success**\n\n`__Secure-a`, `a-iat`, `session`, `iat`\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `303` | Logout successful, redirects to root domain |\n| `200` | Logout successful, returns JSON (when `Accept: application\u002Fjson`) |\n| `403` | CSRF failure |\n| `403` | Request body present (error code: `INVALID_CONTENT_TYPE`) |\n\nSee [Auth Flows](\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fauth-flows#logout) for the full logout sequence.\n\n---\n\n## `useOAuthRoutes`\n\nOAuth and OIDC authorization code flows. Both GET and POST are registered on the callback route to support providers that use `response_mode: form_post`.\n\n### `GET \u002Foauth\u002F:provider`\n\nLooks up the provider by the `:provider` parameter, generates a PKCE verifier and challenge pair, creates a signed state cookie, and redirects the user to the provider's authorization URL. For OIDC providers, discovers the authorization endpoint via `{issuer}\u002F.well-known\u002Fopenid-configuration`.\n\n**Middleware chain**\n\nNo pipeline middleware. The handler (`OAuthRedirect`) handles provider lookup and validation internally.\n\n**URL parameters**\n\n::field-group\n  ::field{name=\"provider\" type=\"string\" required}\n  The OAuth provider name as configured in `oauth.providers`. For example, `google`, `github`.\n  ::\n::\n\n**Cookies set**\n\n| Cookie | Purpose |\n|---|---|\n| `state{provider}` | Signed state cookie for CSRF protection during the OAuth flow |\n| `pkce_v{provider}` | PKCE code verifier for use at the callback |\n| `nonce{provider}` | Nonce for OIDC ID token verification |\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `302` | Redirects to the provider authorization URL |\n| `404` | Provider not found in configuration |\n\nSee [OAuth](\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Foauth) for provider configuration and the PKCE flow.\n\n---\n\n### `GET \u002Foauth\u002Fcallback\u002F:provider` and `POST \u002Foauth\u002Fcallback\u002F:provider`\n\nHandles the provider callback. Verifies the state cookie, exchanges the authorization code for tokens, verifies the ID token signature against the provider's JWKS endpoint (OIDC), validates the `at_hash` claim (OIDC), fetches user info, merges the profile with `safeObjectMerge` to protect reserved JWT fields, and proxies the result to the IAM service. On success, sets the access and session cookies.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `OAuthTokensValidations`\nValidates the OAuth state cookie and, for OIDC providers, verifies the ID token signature and `at_hash` claim.\n\n#### `OAuthSuccessCallBack`\nExchanges the authorization code, fetches user info, merges profile data, and proxies to the IAM service.\n\n::\n\n**URL parameters**\n\n::field-group\n  ::field{name=\"provider\" type=\"string\" required}\n  The OAuth provider name. Must match the `:provider` used to initiate the flow.\n  ::\n::\n\n**Cookies set on success**\n\n| Cookie | Purpose |\n|---|---|\n| `__Secure-a` | Access token |\n| `a-iat` | Access token issued-at timestamp |\n| `session` | Refresh token (forwarded from IAM response) |\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `200` | Success, returns HTML page with `\u003Cmeta http-equiv=\"refresh\">` and `window.location.replace()` pointing to `redirectUrlOnSuccess` |\n| `302` | Failure (provider error, missing code, token exchange failure), redirects to `redirectUrlOnError` |\n\nSee [OAuth](\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Foauth) for the full OIDC verification flow and `safeObjectMerge` behavior.\n\n---\n\n## `magicLinksRouter`\n\nHandles MFA verification, password reset, and email change flows. Registered with the `api` prefix, so all paths are `\u002Fapi\u002Fauth\u002F...`. GET routes set `Cache-Control: no-store` and generate a fresh CSRF cookie for the page that will be rendered. POST routes require CSRF verification.\n\n### `GET \u002Fapi\u002Fauth\u002Fverify-mfa`\n\nValidates an MFA magic link and returns link metadata. Used by the `useMagicLink` composable when the `reason` is `MAGIC_LINK_MFA_CHECKS`.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `Cache-Control: no-store`\nPrevents caching of the magic link response.\n\n#### `verifyMfaLink`\nValidates the magic link query parameters, verifies the link with the IAM service, and returns link metadata.\n\n::\n\n**Query parameters**\n\n::field-group\n  ::field{name=\"token\" type=\"string\" required}\n  The temporary JWT token from the magic link URL.\n  ::\n  ::field{name=\"random\" type=\"string\" required}\n  The random hash for cryptographic verification.\n  ::\n  ::field{name=\"reason\" type=\"string\" required}\n  The link purpose. Must be `MAGIC_LINK_MFA_CHECKS`.\n  ::\n  ::field{name=\"visitor\" type=\"string\" required}\n  The visitor identifier.\n  ::\n::\n\n**Responses**\n\n| Status | Body | Meaning |\n|---|---|---|\n| `200` | `{ ok: true, date, data: { link: 'MFA Code', reason } }` | Link is valid |\n| `404` | Not found | Invalid, expired, or already-used link |\n\n---\n\n### `POST \u002Fapi\u002Fauth\u002Fverify-mfa`\n\nSubmits an MFA code after the magic link is verified. Verifies the link first, then validates and forwards the code to the IAM service.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `verifyMfaLink`\nValidates and partially consumes the magic link.\n\n#### `verifyCsrfCookie`\nValidates the CSRF cookie and `X-CSRF-Token` header.\n\n#### `contentType('application\u002Fjson')`\nRejects non-JSON content types.\n\n#### `limitBytes(1024)`\nRejects bodies larger than 1 KB.\n\n#### `sendMfaCodeHandler`\nForwards the code to the IAM service for verification.\n\n::\n\n**Request body**\n\n::field-group\n  ::field{name=\"code\" type=\"string\" required}\n  The 7-digit numeric OTP code from the MFA email.\n  ::\n::\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `200` | Code verified |\n| `400` | Malformed code or link parameter mismatch |\n| `401` | Invalid or expired code |\n| `403` | CSRF failure or user banned |\n\nSee [Built-in MFA](\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Fbuilt-in-flow) for the full flow.\n\n---\n\n### `POST \u002Fapi\u002Fauth\u002Fpassword-reset`\n\nInitiates a password reset by sending a signed magic link email to the provided address.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `verifyCsrfCookie`\nValidates the CSRF cookie and `X-CSRF-Token` header.\n\n#### `contentType('application\u002Fjson')`\nRejects non-JSON content types.\n\n#### `limitBytes(1024)`\nRejects bodies larger than 1 KB.\n\n#### `restartPasswordHandler`\nForwards the email to IAM `\u002Fauth\u002Fforgot-password`. Calls `banIp` when IAM returns 403.\n\n::\n\n**Request body**\n\n::field-group\n  ::field{name=\"email\" type=\"string\" required}\n  The email address associated with the account.\n  ::\n::\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `200` | Reset email sent (always returns success to prevent enumeration) |\n| `403` | CSRF failure or user banned |\n| `429` | Rate limit exceeded |\n\nSee [Password Reset](\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Fpassword-reset) for the full flow.\n\n---\n\n### `GET \u002Fapi\u002Fauth\u002Freset-password`\n\nValidates a password reset magic link and returns link metadata. Used by the `useMagicLink` composable when the `reason` is `PASSWORD_RESET`.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `Cache-Control: no-store`\nPrevents caching.\n\n#### `verifyTempPasswordLink`\nValidates the magic link query parameters and confirms the link with the IAM service.\n\n::\n\n**Query parameters**\n\nSame structure as the MFA GET route: `token`, `random`, `reason`, `visitor`.\n\n**Responses**\n\n| Status | Body | Meaning |\n|---|---|---|\n| `200` | `{ ok: true, date, data: { link: 'Password Reset', reason } }` | Link is valid |\n| `404` | Not found | Invalid or expired link |\n\n---\n\n### `POST \u002Fapi\u002Fauth\u002Freset-password`\n\nSubmits a new password to complete the reset flow after the magic link is verified.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `verifyTempPasswordLink`\nValidates and partially consumes the password reset magic link.\n\n#### `verifyCsrfCookie`\nValidates the CSRF cookie and `X-CSRF-Token` header.\n\n#### `contentType('application\u002Fjson')`\nRejects non-JSON content types.\n\n#### `limitBytes(1024)`\nRejects bodies larger than 1 KB.\n\n#### `sendNewPasswordHandler`\nForwards the new password and link parameters to the IAM service, which validates the token and updates the password hash.\n\n::\n\n**Request body**\n\n::field-group\n  ::field{name=\"password\" type=\"string\" required}\n  The new password.\n  ::\n  ::field{name=\"confirmedPassword\" type=\"string\" required}\n  Must match `password` exactly.\n  ::\n::\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `200` | Password updated |\n| `400` | Validation error or password mismatch |\n| `403` | CSRF failure or XSS detected |\n| `429` | Rate limit exceeded |\n\nSee [Password Reset](\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Fpassword-reset) for the complete three-step flow.\n\n---\n\n### `POST \u002Fapi\u002Fauth\u002Fchange-email`\n\nInitiates the email change flow for an authenticated user. Validates the session, generates a 128-byte random token, and calls `askForMfaFlow` to send a verification email to the user's current address.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `defineVerifiedCsrfHandler`\nValidates the `__Host-csrf` cookie signature and `X-CSRF-Token` header. Throws HTTP 403 on failure.\n\n#### POST assertion\nRejects non-POST requests.\n\n#### `limitBytes(1_000_000)`\nRejects request bodies larger than 1 MB.\n\n#### Content-Type check\nRejects requests without `Content-Type: application\u002Fjson`.\n\n#### `initChangeEmailFlow`\nValidates the body, generates the random token, calls `askForMfaFlow`, and returns the result.\n\n::\n\n**Request body**\n\n::field-group\n  ::field{name=\"init\" type=\"string\" required}\n  Must be the string `\"1\"`. Acts as an explicit trigger flag.\n  ::\n::\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `200` | Verification email sent: `{ ok: true, data: \"Please check your email...\" }` |\n| `200` | Session anomaly detected: `{ ok: false, code: \"MFA_REQUIRED\", reason: \"...\" }` |\n| `400` | Invalid Content-Type or body validation failure |\n| `403` | CSRF failure |\n\nSee [Email Change](\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Femail-change) for the three-step flow.\n\n---\n\n### `GET \u002Fapi\u002Fauth\u002Fupdate-email`\n\nValidates an email change magic link and returns link metadata. Used by the `useMagicLink` composable when the `reason` is `change_email`.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `Cache-Control: no-store`\nPrevents caching.\n\n#### `generateCsrfCookie`\nMints a fresh CSRF cookie for the page.\n\n#### `changeEmailGetAPI`\nValidates the magic link query parameters and confirms the link with the IAM service.\n\n::\n\n**Query parameters**\n\nSame structure as the MFA GET route: `token`, `random`, `reason`, `visitor`.\n\n**Responses**\n\n| Status | Body | Meaning |\n|---|---|---|\n| `200` | `{ ok: true, date, data: { link: 'Custom MFA', reason: 'change_email' } }` | Link is valid |\n| `404` | Not found | Invalid or expired link |\n\n---\n\n### `POST \u002Fapi\u002Fauth\u002Fupdate-email`\n\nSubmits the new email address with the magic link query parameters and verification code to complete the email change. Applies token rotation on success.\n\n**Middleware chain**\n\n::steps{level=\"4\"}\n\n#### `defineVerifiedCsrfHandler`\nValidates the `__Host-csrf` cookie signature and `X-CSRF-Token` header. Throws HTTP 403 on failure.\n\n#### POST assertion\nRejects non-POST requests.\n\n#### `limitBytes(8_000_000)`\nRejects request bodies larger than 8 MB.\n\n#### Content-Type check\nRejects requests without `Content-Type: application\u002Fjson`.\n\n#### `updateNewEmail`\nValidates the query parameters and body, proxies to IAM `\u002Fupdate\u002Femail`, and applies token rotation.\n\n::\n\n**Query parameters**\n\n::field-group\n  ::field{name=\"token\" type=\"string\" required}\n  The temporary JWT token from the magic link URL.\n  ::\n  ::field{name=\"random\" type=\"string\" required}\n  The random hash for cryptographic verification.\n  ::\n  ::field{name=\"reason\" type=\"string\" required}\n  Must be `change_email`.\n  ::\n  ::field{name=\"visitor\" type=\"string\" required}\n  The visitor identifier.\n  ::\n::\n\n**Request body**\n\n::field-group\n  ::field{name=\"code\" type=\"string\" required}\n  The 7-digit numeric OTP code from the verification email.\n  ::\n  ::field{name=\"email\" type=\"string\" required}\n  The user's current email address.\n  ::\n  ::field{name=\"newEmail\" type=\"string\" required}\n  The new email address to change to.\n  ::\n  ::field{name=\"password\" type=\"string\" required}\n  The user's current password, confirmed before the change is applied.\n  ::\n::\n\n**Cookies set on success**\n\n| Cookie | Purpose |\n|---|---|\n| `__Secure-a` | New access token |\n| `a-iat` | New access token issued-at timestamp |\n| `session` | New refresh token (forwarded from IAM `Set-Cookie`) |\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `200` | Email updated, tokens rotated: `{ ok: true, data: \"Your email has been successfully updated.\" }` |\n| `400` | Validation error, invalid code, or link parameter mismatch |\n| `401` | Missing session cookies |\n| `403` | CSRF failure |\n| `500` | IAM service error |\n\nSee [Email Change](\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Femail-change) for the complete flow.\n\n---\n\n## `bounceRouter`\n\n### `GET \u002Fauth\u002Fbounce`\n\nReads the magic link query parameters from the incoming email URL and redirects to `magicLinkRedirectPath` with the parameters re-encoded in the query string. This converts an externally-deliverable bounce URL into an internal client-side route.\n\nThe bounce path is configurable via `magicLinkBouncePath` (default `\u002Fauth\u002Fbounce`). The destination is controlled by `magicLinkRedirectPath`.\n\n**Query parameters**\n\n::field-group\n  ::field{name=\"token\" type=\"string\" required}\n  The temporary JWT token.\n  ::\n  ::field{name=\"random\" type=\"string\" required}\n  The random hash.\n  ::\n  ::field{name=\"reason\" type=\"string\" required}\n  The link purpose, for example `MAGIC_LINK_MFA_CHECKS`, `PASSWORD_RESET`, `change_email`, or a custom reason string.\n  ::\n  ::field{name=\"visitor\" type=\"string\" required}\n  The visitor identifier.\n  ::\n::\n\n**Responses**\n\n| Status | Meaning |\n|---|---|\n| `302` | Redirects to `magicLinkRedirectPath` with parameters |\n| `400` | Invalid redirect URL |\n\nSee [Built-in MFA](\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Fbuilt-in-flow) and [Password Reset](\u002Fdocs\u002Fauth-h3client\u002Fmfa\u002Fpassword-reset) for the full magic link flows that use this bounce route.\n\n---\n\n## Auth status endpoint\n\n### `GET \u002Fauth\u002Fusers\u002FauthStatus`\n\nReturns the current session state by proxying to the IAM `\u002Fsecret\u002Fdata`\nendpoint. In manual H3 and Nitro setups, `\u002Fauth\u002Fusers\u002FauthStatus` is the most\ncommon path. When using the Nuxt module, the handler is registered\nautomatically at `authStatusUrl`, whose default value is\n`\u002Fapi\u002Fauth\u002Fusers\u002FauthStatus`.\n\nIf you want to register the same handler with `addServerHandler()` instead of\nimporting it from `auth-h3client\u002Fv1` or `auth-h3client\u002Fv2`, use the\n`auth-h3client\u002Fserver\u002Fauth-status` export.\n\n**Cookies required**\n\n| Cookie | Purpose |\n|---|---|\n| `__Secure-a` | Access token |\n| `session` | Refresh token |\n| `canary_id` | Visitor fingerprint |\n\n**Responses**\n\n| Status | Body | Meaning |\n|---|---|---|\n| `200` | `{ authorized: true, userId, roles, ipAddress, userAgent, date }` | Authenticated |\n| `202` | `{ mfaRequired: 'MFA required', message }` | MFA challenge pending |\n| `401` | `{ authorized: false }` | Not authenticated |\n\nSee [Session Management](\u002Fdocs\u002Fauth-h3client\u002Fessentials\u002Fsession) for how `useAuthData` reads this endpoint.\n\n---\n\n## API token inventory endpoint\n\n### `GET \u003CregisterApiRoute.path>`\n\nReturns the authenticated user's API token inventory by proxying to the IAM\n`\u002Fapi\u002Fmanage\u002Flist-metadata` endpoint. This handler is exported as\n`getApiListsController`. Register it manually on any GET route, or let the\nNuxt module register it automatically by setting `registerApiRoute.path`.\n\nFor Nuxt module wiring and manual `addServerHandler()` setups, use the\n`auth-h3client\u002Fserver\u002Fapi-lists` export.\n\nThe handler runs the same authenticated session pipeline as\n`getAuthStatusHandler`, then removes `public_identifier` from every token\nentry before returning the response. The response includes token IDs, names,\nprivilege levels, expiry timestamps, usage counts, and optional IP\nrestrictions.\n\n::tip\nThis route is read-only. If you need to create, revoke, rotate, etc, register your own POST\nroute with `defineApiManagementHandler`. That wrapper keeps the full IAM token\nlist private on the server, resolves `tokenId` to `publicIdentifier` and\n`name`, and only exposes the browser-safe fields to your frontend.\n::\n\n**Cookies required**\n\n| Cookie | Purpose |\n|---|---|\n| `__Secure-a` | Access token |\n| `session` | Refresh token |\n| `canary_id` | Visitor fingerprint |\n\n**Responses**\n\n| Status | Body | Meaning |\n|---|---|---|\n| `200` | `{ ok: true, date, data: { total, totalInvalidTokens, totalValidTokens, tokenList? } }` | Authenticated token inventory |\n| `202` | `{ mfaRequired: 'MFA required', message }` | MFA challenge pending |\n| `401` | `{ authorized: false }` | Not authenticated |\n| `429` | `{ ok: false, reason }` | Rate limited by IAM |\n| `500` | `{ ok: false, reason }` | IAM service error |\n\nEach `tokenList` entry includes the token `id`, `name`, `created_at`,\n`expires_at`, `restricted_to_ip_address`, `last_used`, `usage_count`, and\n`privilege_type`. The response omits `public_identifier`.\n\n---\n\n## Route summary\n\n| Method | Path | Registrar | Description |\n|---|---|---|---|\n| `POST` | `\u002Fsignup` | `useAuthRoutes` | Register a new user account |\n| `POST` | `\u002Flogin` | `useAuthRoutes` | Authenticate with email and password |\n| `POST` | `\u002Flogout` | `useAuthRoutes` | Revoke the refresh token and clear cookies |\n| `GET` | `\u002Foauth\u002F:provider` | `useOAuthRoutes` | Initiate an OAuth authorization code flow |\n| `GET\u002FPOST` | `\u002Foauth\u002Fcallback\u002F:provider` | `useOAuthRoutes` | Handle the OAuth provider callback |\n| `GET` | `\u002Fapi\u002Fauth\u002Fverify-mfa` | `magicLinksRouter` | Validate an MFA magic link |\n| `POST` | `\u002Fapi\u002Fauth\u002Fverify-mfa` | `magicLinksRouter` | Submit the MFA code |\n| `POST` | `\u002Fapi\u002Fauth\u002Fpassword-reset` | `magicLinksRouter` | Initiate a password reset |\n| `GET` | `\u002Fapi\u002Fauth\u002Freset-password` | `magicLinksRouter` | Validate a password reset magic link |\n| `POST` | `\u002Fapi\u002Fauth\u002Freset-password` | `magicLinksRouter` | Submit the new password |\n| `POST` | `\u002Fapi\u002Fauth\u002Fchange-email` | `magicLinksRouter` | Initiate an email change flow |\n| `GET` | `\u002Fapi\u002Fauth\u002Fupdate-email` | `magicLinksRouter` | Validate an email change magic link |\n| `POST` | `\u002Fapi\u002Fauth\u002Fupdate-email` | `magicLinksRouter` | Submit the new email address |\n| `GET` | `\u002Fauth\u002Fbounce` | `bounceRouter` | Redirect incoming magic link email to client route |\n| `GET` | `authStatusUrl` (default `\u002Fapi\u002Fauth\u002Fusers\u002FauthStatus`) | `getAuthStatusHandler` \u002F Module (auto) | Check session state |\n| `GET` | `registerApiRoute.path` | `getApiListsController` \u002F Module (optional auto) | Return the authenticated API token list without `public_identifier` |\n",{"title":202,"description":4027},"d_M5Ia5HdGjBA8t8QDIdHDJJlrQMDJPc1sLBOUX5ArI",[4036,4037],{"title":196,"path":197,"stem":198,"children":-1},{"title":206,"path":207,"stem":208,"children":-1},{"id":843,"title":202,"body":4039,"description":4027,"extension":4028,"icon":4029,"meta":6632,"module":4031,"navigation":8,"path":203,"rawbody":4032,"seo":6633,"stem":204,"__hash__":4034},{"type":845,"value":4040,"toc":6601},[4041,4053,4203,4211,4215,4217,4221,4223,4227,4239,4243,4277,4281,4313,4317,4355,4359,4423,4427,4429,4433,4435,4439,4469,4473,4483,4487,4525,4529,4601,4605,4607,4611,4615,4619,4645,4649,4677,4681,4691,4695,4743,4747,4749,4753,4757,4761,4767,4771,4775,4779,4791,4795,4831,4835,4863,4867,4869,4875,4881,4885,4901,4905,4913,4917,4953,4957,4993,4999,5001,5005,5013,5017,5025,5029,5043,5047,5067,5071,5107,5109,5113,5115,5119,5153,5157,5163,5167,5211,5215,5217,5221,5223,5227,5259,5263,5269,5273,5309,5313,5315,5319,5327,5331,5345,5349,5359,5363,5399,5401,5405,5407,5411,5445,5449,5461,5465,5509,5513,5515,5519,5523,5527,5563,5567,5575,5579,5627,5631,5633,5637,5645,5649,5669,5673,5683,5687,5723,5725,5729,5731,5735,5771,5775,5795,5799,5817,5821,5859,5863,5917,5921,5923,5927,5931,5935,5943,5947,5971,5975,6005,6011,6013,6015,6019,6029,6039,6043,6079,6083,6133,6139,6141,6143,6147,6155,6161,6167,6179,6183,6219,6223,6297,6319,6321,6323,6599],[848,4042,850,4043,855,4045,859,4047,864,4049,868,4051,872],{},[852,4044,854],{},[852,4046,858],{},[861,4048,863],{"href":177},[852,4050,867],{},[852,4052,871],{},[874,4054,4055],{"className":876,"code":877,"filename":878,"language":879,"meta":880,"style":880},[852,4056,4057,4075,4081,4087,4093,4099,4105,4111,4123,4127,4137,4141,4155,4165,4175,4185],{"__ignoreMap":880},[884,4058,4059,4061,4063,4065,4067,4069,4071,4073],{"class":886,"line":887},[884,4060,891],{"class":890},[884,4062,895],{"class":894},[884,4064,899],{"class":898},[884,4066,902],{"class":894},[884,4068,905],{"class":890},[884,4070,909],{"class":908},[884,4072,913],{"class":912},[884,4074,916],{"class":908},[884,4076,4077,4079],{"class":886,"line":919},[884,4078,891],{"class":890},[884,4080,924],{"class":894},[884,4082,4083,4085],{"class":886,"line":927},[884,4084,930],{"class":898},[884,4086,933],{"class":894},[884,4088,4089,4091],{"class":886,"line":936},[884,4090,939],{"class":898},[884,4092,933],{"class":894},[884,4094,4095,4097],{"class":886,"line":944},[884,4096,947],{"class":898},[884,4098,933],{"class":894},[884,4100,4101,4103],{"class":886,"line":952},[884,4102,955],{"class":898},[884,4104,933],{"class":894},[884,4106,4107,4109],{"class":886,"line":960},[884,4108,963],{"class":898},[884,4110,933],{"class":894},[884,4112,4113,4115,4117,4119,4121],{"class":886,"line":968},[884,4114,971],{"class":894},[884,4116,905],{"class":890},[884,4118,909],{"class":908},[884,4120,978],{"class":912},[884,4122,916],{"class":908},[884,4124,4125],{"class":886,"line":983},[884,4126,986],{"emptyLinePlaceholder":8},[884,4128,4129,4131,4133,4135],{"class":886,"line":989},[884,4130,993],{"class":992},[884,4132,996],{"class":894},[884,4134,1000],{"class":999},[884,4136,1003],{"class":894},[884,4138,4139],{"class":886,"line":1006},[884,4140,986],{"emptyLinePlaceholder":8},[884,4142,4143,4145,4147,4149,4151,4153],{"class":886,"line":1011},[884,4144,1015],{"class":1014},[884,4146,1019],{"class":1018},[884,4148,1023],{"class":1022},[884,4150,1027],{"class":1026},[884,4152,1030],{"class":992},[884,4154,1033],{"class":894},[884,4156,4157,4159,4161,4163],{"class":886,"line":1036},[884,4158,1039],{"class":992},[884,4160,1042],{"class":894},[884,4162,1045],{"class":898},[884,4164,1048],{"class":894},[884,4166,4167,4169,4171,4173],{"class":886,"line":1051},[884,4168,1054],{"class":992},[884,4170,1042],{"class":894},[884,4172,1045],{"class":898},[884,4174,1048],{"class":894},[884,4176,4177,4179,4181,4183],{"class":886,"line":1063},[884,4178,1066],{"class":992},[884,4180,1042],{"class":894},[884,4182,1045],{"class":898},[884,4184,1048],{"class":894},[884,4186,4187,4189,4191,4193,4195,4197,4199,4201],{"class":886,"line":1075},[884,4188,1078],{"class":992},[884,4190,1042],{"class":894},[884,4192,1045],{"class":898},[884,4194,1085],{"class":894},[884,4196,1088],{"class":908},[884,4198,1091],{"class":912},[884,4200,1088],{"class":908},[884,4202,1048],{"class":894},[1097,4204,4205],{},[848,4206,1101,4207,1105,4209,1108],{},[861,4208,1104],{"href":29},[861,4210,206],{"href":207},[848,4212,1111,4213,1108],{},[861,4214,1115],{"href":1114},[1117,4216],{},[1120,4218,4219],{"id":1122},[852,4220,1039],{},[848,4222,1127],{},[913,4224,4225],{"id":1130},[852,4226,1133],{},[848,4228,1136,4229,1140,4231,1144,4233,1148,4235,1152,4237,1108],{},[852,4230,1139],{},[852,4232,1143],{},[852,4234,1147],{},[852,4236,1151],{},[852,4238,1155],{},[848,4240,4241],{},[1159,4242,1161],{},[1163,4244,4245,4249,4255,4259,4261,4265,4269,4273],{"level":1165},[1167,4246,4247],{"id":1169},[852,4248,1172],{},[848,4250,1175,4251,1179,4253,1183],{},[852,4252,1178],{},[852,4254,1182],{},[1167,4256,4257],{"id":1186},[852,4258,1189],{},[848,4260,1192],{},[1167,4262,4263],{"id":1195},[852,4264,1198],{},[848,4266,1201,4267,1205],{},[852,4268,1204],{},[1167,4270,4271],{"id":1208},[852,4272,1211],{},[848,4274,1214,4275,1108],{},[852,4276,1139],{},[848,4278,4279],{},[1159,4280,1221],{},[1223,4282,4283,4287,4291,4297,4301,4307],{},[1226,4284,4285],{"name":1228,"type":1229,":required":1230},[848,4286,1233],{},[1226,4288,4289],{"name":1236,"type":1229,":required":1230},[848,4290,1239],{},[1226,4292,4293],{"name":1242,"type":1229,":required":1230},[848,4294,1245,4295,1248],{},[852,4296,1236],{},[1226,4298,4299],{"name":1251,"type":1229,":required":1230},[848,4300,1254],{},[1226,4302,4303],{"name":1257,"type":1229,":required":1230},[848,4304,1260,4305,1264],{},[852,4306,1263],{},[1226,4308,4309],{"name":1267,"type":1229},[848,4310,1270,4311,1273],{},[852,4312,1263],{},[848,4314,4315],{},[1159,4316,1278],{},[1280,4318,4319,4327],{},[1283,4320,4321],{},[1286,4322,4323,4325],{},[1289,4324,1291],{},[1289,4326,1294],{},[1296,4328,4329,4337,4345],{},[1286,4330,4331,4335],{},[1301,4332,4333],{},[852,4334,1143],{},[1301,4336,1307],{},[1286,4338,4339,4343],{},[1301,4340,4341],{},[852,4342,1147],{},[1301,4344,1316],{},[1286,4346,4347,4351],{},[1301,4348,4349],{},[852,4350,1323],{},[1301,4352,1326,4353,1330],{},[852,4354,1329],{},[848,4356,4357],{},[1159,4358,1335],{},[1280,4360,4361,4369],{},[1283,4362,4363],{},[1286,4364,4365,4367],{},[1289,4366,1344],{},[1289,4368,1347],{},[1296,4370,4371,4381,4391,4399,4407,4415],{},[1286,4372,4373,4377],{},[1301,4374,4375],{},[852,4376,1356],{},[1301,4378,1359,4379],{},[852,4380,1151],{},[1286,4382,4383,4387],{},[1301,4384,4385],{},[852,4386,1368],{},[1301,4388,1371,4389,1330],{},[852,4390,1155],{},[1286,4392,4393,4397],{},[1301,4394,4395],{},[852,4396,1380],{},[1301,4398,1383],{},[1286,4400,4401,4405],{},[1301,4402,4403],{},[852,4404,1390],{},[1301,4406,1393],{},[1286,4408,4409,4413],{},[1301,4410,4411],{},[852,4412,1400],{},[1301,4414,1403],{},[1286,4416,4417,4421],{},[1301,4418,4419],{},[852,4420,1410],{},[1301,4422,1413],{},[848,4424,1416,4425,1419],{},[861,4426,101],{"href":102},[1117,4428],{},[913,4430,4431],{"id":1424},[852,4432,1427],{},[848,4434,1430],{},[848,4436,4437],{},[1159,4438,1161],{},[1163,4440,4441,4445,4449,4453,4455,4459,4461,4465],{"level":1165},[1167,4442,4443],{"id":1439},[852,4444,1172],{},[848,4446,1444,4447,1447],{},[852,4448,1182],{},[1167,4450,4451],{"id":1450},[852,4452,1189],{},[848,4454,1455],{},[1167,4456,4457],{"id":1458},[852,4458,1198],{},[848,4460,1463],{},[1167,4462,4463],{"id":1466},[852,4464,1469],{},[848,4466,1472,4467,1108],{},[852,4468,1475],{},[848,4470,4471],{},[1159,4472,1221],{},[1223,4474,4475,4479],{},[1226,4476,4477],{"name":1228,"type":1229,":required":1230},[848,4478,1233],{},[1226,4480,4481],{"name":1236,"type":1229,":required":1230},[848,4482,1490],{},[848,4484,4485],{},[1159,4486,1278],{},[1280,4488,4489,4497],{},[1283,4490,4491],{},[1286,4492,4493,4495],{},[1289,4494,1291],{},[1289,4496,1294],{},[1296,4498,4499,4507,4515],{},[1286,4500,4501,4505],{},[1301,4502,4503],{},[852,4504,1143],{},[1301,4506,1307],{},[1286,4508,4509,4513],{},[1301,4510,4511],{},[852,4512,1147],{},[1301,4514,1316],{},[1286,4516,4517,4521],{},[1301,4518,4519],{},[852,4520,1323],{},[1301,4522,1326,4523,1330],{},[852,4524,1329],{},[848,4526,4527],{},[1159,4528,1335],{},[1280,4530,4531,4539],{},[1283,4532,4533],{},[1286,4534,4535,4537],{},[1289,4536,1344],{},[1289,4538,1347],{},[1296,4540,4541,4551,4561,4569,4577,4585,4593],{},[1286,4542,4543,4547],{},[1301,4544,4545],{},[852,4546,1356],{},[1301,4548,1557,4549],{},[852,4550,1151],{},[1286,4552,4553,4557],{},[1301,4554,4555],{},[852,4556,1566],{},[1301,4558,1569,4559,1330],{},[852,4560,1155],{},[1286,4562,4563,4567],{},[1301,4564,4565],{},[852,4566,1380],{},[1301,4568,1383],{},[1286,4570,4571,4575],{},[1301,4572,4573],{},[852,4574,1586],{},[1301,4576,1589],{},[1286,4578,4579,4583],{},[1301,4580,4581],{},[852,4582,1390],{},[1301,4584,1598],{},[1286,4586,4587,4591],{},[1301,4588,4589],{},[852,4590,1605],{},[1301,4592,1608],{},[1286,4594,4595,4599],{},[1301,4596,4597],{},[852,4598,1410],{},[1301,4600,1413],{},[848,4602,1416,4603,1621],{},[861,4604,101],{"href":102},[1117,4606],{},[913,4608,4609],{"id":1626},[852,4610,1629],{},[848,4612,1632,4613,1636],{},[852,4614,1635],{},[848,4616,4617],{},[1159,4618,1161],{},[1163,4620,4621,4625,4629,4633,4637,4641],{"level":1165},[1167,4622,4623],{"id":1645},[852,4624,1172],{},[848,4626,1444,4627,1447],{},[852,4628,1182],{},[1167,4630,4631],{"id":1654},[852,4632,1657],{},[848,4634,1660,4635,1663],{},[852,4636,1204],{},[1167,4638,4639],{"id":1666},[852,4640,1669],{},[848,4642,1672,4643,1675],{},[852,4644,1635],{},[848,4646,4647],{},[1159,4648,1680],{},[1280,4650,4651,4659],{},[1283,4652,4653],{},[1286,4654,4655,4657],{},[1289,4656,1291],{},[1289,4658,1294],{},[1296,4660,4661,4669],{},[1286,4662,4663,4667],{},[1301,4664,4665],{},[852,4666,1323],{},[1301,4668,1701],{},[1286,4670,4671,4675],{},[1301,4672,4673],{},[852,4674,1178],{},[1301,4676,1710],{},[848,4678,4679],{},[1159,4680,1715],{},[848,4682,4683,1085,4685,1085,4687,1085,4689],{},[852,4684,1143],{},[852,4686,1147],{},[852,4688,1323],{},[852,4690,1726],{},[848,4692,4693],{},[1159,4694,1335],{},[1280,4696,4697,4705],{},[1283,4698,4699],{},[1286,4700,4701,4703],{},[1289,4702,1344],{},[1289,4704,1347],{},[1296,4706,4707,4715,4725,4733],{},[1286,4708,4709,4713],{},[1301,4710,4711],{},[852,4712,1356],{},[1301,4714,1751],{},[1286,4716,4717,4721],{},[1301,4718,4719],{},[852,4720,1566],{},[1301,4722,1760,4723,1330],{},[852,4724,1155],{},[1286,4726,4727,4731],{},[1301,4728,4729],{},[852,4730,1390],{},[1301,4732,1771],{},[1286,4734,4735,4739],{},[1301,4736,4737],{},[852,4738,1390],{},[1301,4740,1780,4741,1330],{},[852,4742,1204],{},[848,4744,1416,4745,1788],{},[861,4746,101],{"href":1787},[1117,4748],{},[1120,4750,4751],{"id":1793},[852,4752,1054],{},[848,4754,1798,4755,1108],{},[852,4756,1801],{},[913,4758,4759],{"id":1804},[852,4760,1807],{},[848,4762,1810,4763,1814,4765,1108],{},[852,4764,1813],{},[852,4766,1817],{},[848,4768,4769],{},[1159,4770,1161],{},[848,4772,1824,4773,1828],{},[852,4774,1827],{},[848,4776,4777],{},[1159,4778,1833],{},[1223,4780,4781],{},[1226,4782,4783],{"name":1838,"type":1229,":required":1230},[848,4784,1841,4785,1845,4787,1085,4789,1108],{},[852,4786,1844],{},[852,4788,1848],{},[852,4790,1851],{},[848,4792,4793],{},[1159,4794,1856],{},[1280,4796,4797,4805],{},[1283,4798,4799],{},[1286,4800,4801,4803],{},[1289,4802,1291],{},[1289,4804,1294],{},[1296,4806,4807,4815,4823],{},[1286,4808,4809,4813],{},[1301,4810,4811],{},[852,4812,1875],{},[1301,4814,1878],{},[1286,4816,4817,4821],{},[1301,4818,4819],{},[852,4820,1885],{},[1301,4822,1888],{},[1286,4824,4825,4829],{},[1301,4826,4827],{},[852,4828,1895],{},[1301,4830,1898],{},[848,4832,4833],{},[1159,4834,1335],{},[1280,4836,4837,4845],{},[1283,4838,4839],{},[1286,4840,4841,4843],{},[1289,4842,1344],{},[1289,4844,1347],{},[1296,4846,4847,4855],{},[1286,4848,4849,4853],{},[1301,4850,4851],{},[852,4852,1921],{},[1301,4854,1924],{},[1286,4856,4857,4861],{},[1301,4858,4859],{},[852,4860,1931],{},[1301,4862,1934],{},[848,4864,1416,4865,1939],{},[861,4866,432],{"href":106},[1117,4868],{},[913,4870,4871,1144,4873],{"id":1944},[852,4872,1947],{},[852,4874,1950],{},[848,4876,1953,4877,1957,4879,1960],{},[852,4878,1956],{},[852,4880,776],{},[848,4882,4883],{},[1159,4884,1161],{},[1163,4886,4887,4891,4895,4899],{"level":1165},[1167,4888,4889],{"id":1969},[852,4890,1972],{},[848,4892,1975,4893,1978],{},[852,4894,1956],{},[1167,4896,4897],{"id":1981},[852,4898,1984],{},[848,4900,1987],{},[848,4902,4903],{},[1159,4904,1833],{},[1223,4906,4907],{},[1226,4908,4909],{"name":1838,"type":1229,":required":1230},[848,4910,1998,4911,2001],{},[852,4912,1813],{},[848,4914,4915],{},[1159,4916,1278],{},[1280,4918,4919,4927],{},[1283,4920,4921],{},[1286,4922,4923,4925],{},[1289,4924,1291],{},[1289,4926,1294],{},[1296,4928,4929,4937,4945],{},[1286,4930,4931,4935],{},[1301,4932,4933],{},[852,4934,1143],{},[1301,4936,1307],{},[1286,4938,4939,4943],{},[1301,4940,4941],{},[852,4942,1147],{},[1301,4944,1316],{},[1286,4946,4947,4951],{},[1301,4948,4949],{},[852,4950,1323],{},[1301,4952,2042],{},[848,4954,4955],{},[1159,4956,1335],{},[1280,4958,4959,4967],{},[1283,4960,4961],{},[1286,4962,4963,4965],{},[1289,4964,1344],{},[1289,4966,1347],{},[1296,4968,4969,4983],{},[1286,4970,4971,4975],{},[1301,4972,4973],{},[852,4974,1566],{},[1301,4976,2067,4977,1144,4979,2074,4981],{},[852,4978,2070],{},[852,4980,2073],{},[852,4982,2077],{},[1286,4984,4985,4989],{},[1301,4986,4987],{},[852,4988,1921],{},[1301,4990,2086,4991],{},[852,4992,2089],{},[848,4994,1416,4995,2094,4997,2097],{},[861,4996,432],{"href":106},[852,4998,776],{},[1117,5000],{},[1120,5002,5003],{"id":2102},[852,5004,1078],{},[848,5006,2107,5007,2110,5009,2114,5011,2118],{},[852,5008,1091],{},[852,5010,2113],{},[852,5012,2117],{},[913,5014,5015],{"id":2121},[852,5016,2124],{},[848,5018,2127,5019,2130,5021,2134,5023,1108],{},[852,5020,156],{},[852,5022,2133],{},[852,5024,2137],{},[848,5026,5027],{},[1159,5028,1161],{},[1163,5030,5031,5035,5037,5041],{"level":1165},[1167,5032,5033],{"id":2146},[852,5034,2117],{},[848,5036,2151],{},[1167,5038,5039],{"id":2154},[852,5040,2157],{},[848,5042,2160],{},[848,5044,5045],{},[1159,5046,2165],{},[1223,5048,5049,5053,5057,5063],{},[1226,5050,5051],{"name":2170,"type":1229,":required":1230},[848,5052,2173],{},[1226,5054,5055],{"name":2176,"type":1229,":required":1230},[848,5056,2179],{},[1226,5058,5059],{"name":2133,"type":1229,":required":1230},[848,5060,2184,5061,1108],{},[852,5062,2137],{},[1226,5064,5065],{"name":2189,"type":1229,":required":1230},[848,5066,2192],{},[848,5068,5069],{},[1159,5070,1335],{},[1280,5072,5073,5083],{},[1283,5074,5075],{},[1286,5076,5077,5079,5081],{},[1289,5078,1344],{},[1289,5080,2207],{},[1289,5082,1347],{},[1296,5084,5085,5097],{},[1286,5086,5087,5091,5095],{},[1301,5088,5089],{},[852,5090,1566],{},[1301,5092,5093],{},[852,5094,2222],{},[1301,5096,2225],{},[1286,5098,5099,5103,5105],{},[1301,5100,5101],{},[852,5102,1931],{},[1301,5104,2234],{},[1301,5106,2237],{},[1117,5108],{},[913,5110,5111],{"id":2242},[852,5112,2245],{},[848,5114,2248],{},[848,5116,5117],{},[1159,5118,1161],{},[1163,5120,5121,5125,5127,5131,5135,5139,5141,5145,5147,5151],{"level":1165},[1167,5122,5123],{"id":2257},[852,5124,2157],{},[848,5126,2262],{},[1167,5128,5129],{"id":2265},[852,5130,1172],{},[848,5132,1444,5133,2272],{},[852,5134,1182],{},[1167,5136,5137],{"id":2275},[852,5138,1189],{},[848,5140,2280],{},[1167,5142,5143],{"id":2283},[852,5144,1198],{},[848,5146,1463],{},[1167,5148,5149],{"id":2290},[852,5150,2293],{},[848,5152,2296],{},[848,5154,5155],{},[1159,5156,1221],{},[1223,5158,5159],{},[1226,5160,5161],{"name":852,"type":1229,":required":1230},[848,5162,2307],{},[848,5164,5165],{},[1159,5166,1335],{},[1280,5168,5169,5177],{},[1283,5170,5171],{},[1286,5172,5173,5175],{},[1289,5174,1344],{},[1289,5176,1347],{},[1296,5178,5179,5187,5195,5203],{},[1286,5180,5181,5185],{},[1301,5182,5183],{},[852,5184,1566],{},[1301,5186,2332],{},[1286,5188,5189,5193],{},[1301,5190,5191],{},[852,5192,1380],{},[1301,5194,2341],{},[1286,5196,5197,5201],{},[1301,5198,5199],{},[852,5200,1586],{},[1301,5202,2350],{},[1286,5204,5205,5209],{},[1301,5206,5207],{},[852,5208,1390],{},[1301,5210,2359],{},[848,5212,1416,5213,2364],{},[861,5214,126],{"href":127},[1117,5216],{},[913,5218,5219],{"id":2369},[852,5220,2372],{},[848,5222,2375],{},[848,5224,5225],{},[1159,5226,1161],{},[1163,5228,5229,5233,5237,5241,5243,5247,5249,5253],{"level":1165},[1167,5230,5231],{"id":2384},[852,5232,1172],{},[848,5234,1444,5235,2272],{},[852,5236,1182],{},[1167,5238,5239],{"id":2393},[852,5240,1189],{},[848,5242,2280],{},[1167,5244,5245],{"id":2400},[852,5246,1198],{},[848,5248,1463],{},[1167,5250,5251],{"id":2407},[852,5252,2410],{},[848,5254,2413,5255,2417,5257,2421],{},[852,5256,2416],{},[852,5258,2420],{},[848,5260,5261],{},[1159,5262,1221],{},[1223,5264,5265],{},[1226,5266,5267],{"name":1228,"type":1229,":required":1230},[848,5268,2432],{},[848,5270,5271],{},[1159,5272,1335],{},[1280,5274,5275,5283],{},[1283,5276,5277],{},[1286,5278,5279,5281],{},[1289,5280,1344],{},[1289,5282,1347],{},[1296,5284,5285,5293,5301],{},[1286,5286,5287,5291],{},[1301,5288,5289],{},[852,5290,1566],{},[1301,5292,2457],{},[1286,5294,5295,5299],{},[1301,5296,5297],{},[852,5298,1390],{},[1301,5300,2359],{},[1286,5302,5303,5307],{},[1301,5304,5305],{},[852,5306,1605],{},[1301,5308,2474],{},[848,5310,1416,5311,2364],{},[861,5312,130],{"href":131},[1117,5314],{},[913,5316,5317],{"id":2483},[852,5318,2486],{},[848,5320,2489,5321,2130,5323,2134,5325,1108],{},[852,5322,156],{},[852,5324,2133],{},[852,5326,2496],{},[848,5328,5329],{},[1159,5330,1161],{},[1163,5332,5333,5337,5339,5343],{"level":1165},[1167,5334,5335],{"id":2505},[852,5336,2117],{},[848,5338,2510],{},[1167,5340,5341],{"id":2513},[852,5342,2516],{},[848,5344,2519],{},[848,5346,5347],{},[1159,5348,2165],{},[848,5350,2526,5351,1085,5353,1085,5355,1085,5357,1108],{},[852,5352,2170],{},[852,5354,2176],{},[852,5356,2133],{},[852,5358,2189],{},[848,5360,5361],{},[1159,5362,1335],{},[1280,5364,5365,5375],{},[1283,5366,5367],{},[1286,5368,5369,5371,5373],{},[1289,5370,1344],{},[1289,5372,2207],{},[1289,5374,1347],{},[1296,5376,5377,5389],{},[1286,5378,5379,5383,5387],{},[1301,5380,5381],{},[852,5382,1566],{},[1301,5384,5385],{},[852,5386,2563],{},[1301,5388,2225],{},[1286,5390,5391,5395,5397],{},[1301,5392,5393],{},[852,5394,1931],{},[1301,5396,2234],{},[1301,5398,2576],{},[1117,5400],{},[913,5402,5403],{"id":2581},[852,5404,2584],{},[848,5406,2587],{},[848,5408,5409],{},[1159,5410,1161],{},[1163,5412,5413,5417,5419,5423,5427,5431,5433,5437,5439,5443],{"level":1165},[1167,5414,5415],{"id":2596},[852,5416,2516],{},[848,5418,2601],{},[1167,5420,5421],{"id":2604},[852,5422,1172],{},[848,5424,1444,5425,2272],{},[852,5426,1182],{},[1167,5428,5429],{"id":2613},[852,5430,1189],{},[848,5432,2280],{},[1167,5434,5435],{"id":2620},[852,5436,1198],{},[848,5438,1463],{},[1167,5440,5441],{"id":2627},[852,5442,2630],{},[848,5444,2633],{},[848,5446,5447],{},[1159,5448,1221],{},[1223,5450,5451,5455],{},[1226,5452,5453],{"name":1236,"type":1229,":required":1230},[848,5454,2644],{},[1226,5456,5457],{"name":1242,"type":1229,":required":1230},[848,5458,1245,5459,1248],{},[852,5460,1236],{},[848,5462,5463],{},[1159,5464,1335],{},[1280,5466,5467,5475],{},[1283,5468,5469],{},[1286,5470,5471,5473],{},[1289,5472,1344],{},[1289,5474,1347],{},[1296,5476,5477,5485,5493,5501],{},[1286,5478,5479,5483],{},[1301,5480,5481],{},[852,5482,1566],{},[1301,5484,2675],{},[1286,5486,5487,5491],{},[1301,5488,5489],{},[852,5490,1380],{},[1301,5492,2684],{},[1286,5494,5495,5499],{},[1301,5496,5497],{},[852,5498,1390],{},[1301,5500,2693],{},[1286,5502,5503,5507],{},[1301,5504,5505],{},[852,5506,1605],{},[1301,5508,2474],{},[848,5510,1416,5511,2706],{},[861,5512,130],{"href":131},[1117,5514],{},[913,5516,5517],{"id":2711},[852,5518,2714],{},[848,5520,2717,5521,2721],{},[852,5522,2720],{},[848,5524,5525],{},[1159,5526,1161],{},[1163,5528,5529,5533,5539,5541,5543,5547,5549,5551,5555,5559],{"level":1165},[1167,5530,5531],{"id":2730},[852,5532,2733],{},[848,5534,1175,5535,2738,5537,1447],{},[852,5536,1178],{},[852,5538,1182],{},[1167,5540,2744],{"id":2743},[848,5542,2747],{},[1167,5544,5545],{"id":2750},[852,5546,2753],{},[848,5548,2756],{},[1167,5550,2760],{"id":2759},[848,5552,2763,5553,1108],{},[852,5554,2766],{},[1167,5556,5557],{"id":2769},[852,5558,2772],{},[848,5560,2775,5561,2778],{},[852,5562,2720],{},[848,5564,5565],{},[1159,5566,1221],{},[1223,5568,5569],{},[1226,5570,5571],{"name":2787,"type":1229,":required":1230},[848,5572,2790,5573,2794],{},[852,5574,2793],{},[848,5576,5577],{},[1159,5578,1335],{},[1280,5580,5581,5589],{},[1283,5582,5583],{},[1286,5584,5585,5587],{},[1289,5586,1344],{},[1289,5588,1347],{},[1296,5590,5591,5601,5611,5619],{},[1286,5592,5593,5597],{},[1301,5594,5595],{},[852,5596,1566],{},[1301,5598,2819,5599],{},[852,5600,2822],{},[1286,5602,5603,5607],{},[1301,5604,5605],{},[852,5606,1566],{},[1301,5608,2831,5609],{},[852,5610,2834],{},[1286,5612,5613,5617],{},[1301,5614,5615],{},[852,5616,1380],{},[1301,5618,2843],{},[1286,5620,5621,5625],{},[1301,5622,5623],{},[852,5624,1390],{},[1301,5626,1771],{},[848,5628,1416,5629,2856],{},[861,5630,134],{"href":135},[1117,5632],{},[913,5634,5635],{"id":2861},[852,5636,2864],{},[848,5638,2867,5639,2130,5641,2134,5643,1108],{},[852,5640,156],{},[852,5642,2133],{},[852,5644,2874],{},[848,5646,5647],{},[1159,5648,1161],{},[1163,5650,5651,5655,5657,5661,5663,5667],{"level":1165},[1167,5652,5653],{"id":2883},[852,5654,2117],{},[848,5656,2510],{},[1167,5658,5659],{"id":2890},[852,5660,2893],{},[848,5662,2896],{},[1167,5664,5665],{"id":2899},[852,5666,2902],{},[848,5668,2519],{},[848,5670,5671],{},[1159,5672,2165],{},[848,5674,2526,5675,1085,5677,1085,5679,1085,5681,1108],{},[852,5676,2170],{},[852,5678,2176],{},[852,5680,2133],{},[852,5682,2189],{},[848,5684,5685],{},[1159,5686,1335],{},[1280,5688,5689,5699],{},[1283,5690,5691],{},[1286,5692,5693,5695,5697],{},[1289,5694,1344],{},[1289,5696,2207],{},[1289,5698,1347],{},[1296,5700,5701,5713],{},[1286,5702,5703,5707,5711],{},[1301,5704,5705],{},[852,5706,1566],{},[1301,5708,5709],{},[852,5710,2947],{},[1301,5712,2225],{},[1286,5714,5715,5719,5721],{},[1301,5716,5717],{},[852,5718,1931],{},[1301,5720,2234],{},[1301,5722,2576],{},[1117,5724],{},[913,5726,5727],{"id":2964},[852,5728,2967],{},[848,5730,2970],{},[848,5732,5733],{},[1159,5734,1161],{},[1163,5736,5737,5741,5747,5749,5751,5755,5757,5759,5763,5767],{"level":1165},[1167,5738,5739],{"id":2979},[852,5740,2733],{},[848,5742,1175,5743,2738,5745,1447],{},[852,5744,1178],{},[852,5746,1182],{},[1167,5748,2744],{"id":2990},[848,5750,2747],{},[1167,5752,5753],{"id":2995},[852,5754,2998],{},[848,5756,3001],{},[1167,5758,2760],{"id":3004},[848,5760,2763,5761,1108],{},[852,5762,2766],{},[1167,5764,5765],{"id":3011},[852,5766,3014],{},[848,5768,3017,5769,3021],{},[852,5770,3020],{},[848,5772,5773],{},[1159,5774,2165],{},[1223,5776,5777,5781,5785,5791],{},[1226,5778,5779],{"name":2170,"type":1229,":required":1230},[848,5780,2173],{},[1226,5782,5783],{"name":2176,"type":1229,":required":1230},[848,5784,2179],{},[1226,5786,5787],{"name":2133,"type":1229,":required":1230},[848,5788,1260,5789,1108],{},[852,5790,2874],{},[1226,5792,5793],{"name":2189,"type":1229,":required":1230},[848,5794,2192],{},[848,5796,5797],{},[1159,5798,1221],{},[1223,5800,5801,5805,5809,5813],{},[1226,5802,5803],{"name":852,"type":1229,":required":1230},[848,5804,3056],{},[1226,5806,5807],{"name":1228,"type":1229,":required":1230},[848,5808,3061],{},[1226,5810,5811],{"name":3064,"type":1229,":required":1230},[848,5812,3067],{},[1226,5814,5815],{"name":1236,"type":1229,":required":1230},[848,5816,3072],{},[848,5818,5819],{},[1159,5820,1278],{},[1280,5822,5823,5831],{},[1283,5824,5825],{},[1286,5826,5827,5829],{},[1289,5828,1291],{},[1289,5830,1294],{},[1296,5832,5833,5841,5849],{},[1286,5834,5835,5839],{},[1301,5836,5837],{},[852,5838,1143],{},[1301,5840,3097],{},[1286,5842,5843,5847],{},[1301,5844,5845],{},[852,5846,1147],{},[1301,5848,3106],{},[1286,5850,5851,5855],{},[1301,5852,5853],{},[852,5854,1323],{},[1301,5856,3115,5857,1330],{},[852,5858,1329],{},[848,5860,5861],{},[1159,5862,1335],{},[1280,5864,5865,5873],{},[1283,5866,5867],{},[1286,5868,5869,5871],{},[1289,5870,1344],{},[1289,5872,1347],{},[1296,5874,5875,5885,5893,5901,5909],{},[1286,5876,5877,5881],{},[1301,5878,5879],{},[852,5880,1566],{},[1301,5882,3142,5883],{},[852,5884,3145],{},[1286,5886,5887,5891],{},[1301,5888,5889],{},[852,5890,1380],{},[1301,5892,3154],{},[1286,5894,5895,5899],{},[1301,5896,5897],{},[852,5898,1586],{},[1301,5900,3163],{},[1286,5902,5903,5907],{},[1301,5904,5905],{},[852,5906,1390],{},[1301,5908,1771],{},[1286,5910,5911,5915],{},[1301,5912,5913],{},[852,5914,1410],{},[1301,5916,1413],{},[848,5918,1416,5919,3184],{},[861,5920,134],{"href":135},[1117,5922],{},[1120,5924,5925],{"id":3189},[852,5926,1066],{},[913,5928,5929],{"id":3194},[852,5930,3197],{},[848,5932,3200,5933,3204],{},[852,5934,3203],{},[848,5936,3207,5937,3211,5939,3215,5941,1108],{},[852,5938,3210],{},[852,5940,3214],{},[852,5942,3203],{},[848,5944,5945],{},[1159,5946,2165],{},[1223,5948,5949,5953,5957,5967],{},[1226,5950,5951],{"name":2170,"type":1229,":required":1230},[848,5952,3228],{},[1226,5954,5955],{"name":2176,"type":1229,":required":1230},[848,5956,3233],{},[1226,5958,5959],{"name":2133,"type":1229,":required":1230},[848,5960,3238,5961,1085,5963,1085,5965,3245],{},[852,5962,2137],{},[852,5964,2496],{},[852,5966,2874],{},[1226,5968,5969],{"name":2189,"type":1229,":required":1230},[848,5970,2192],{},[848,5972,5973],{},[1159,5974,1335],{},[1280,5976,5977,5985],{},[1283,5978,5979],{},[1286,5980,5981,5983],{},[1289,5982,1344],{},[1289,5984,1347],{},[1296,5986,5987,5997],{},[1286,5988,5989,5993],{},[1301,5990,5991],{},[852,5992,1921],{},[1301,5994,3274,5995,3277],{},[852,5996,3203],{},[1286,5998,5999,6003],{},[1301,6000,6001],{},[852,6002,1380],{},[1301,6004,3286],{},[848,6006,1416,6007,1144,6009,3293],{},[861,6008,126],{"href":127},[861,6010,130],{"href":131},[1117,6012],{},[1120,6014,3299],{"id":3298},[913,6016,6017],{"id":3302},[852,6018,3305],{},[848,6020,3308,6021,3312,6023,3316,6025,3320,6027,1108],{},[852,6022,3311],{},[852,6024,3315],{},[852,6026,3319],{},[852,6028,3323],{},[848,6030,3326,6031,3330,6033,3334,6035,3337,6037,3341],{},[852,6032,3329],{},[852,6034,3333],{},[852,6036,978],{},[852,6038,3340],{},[848,6040,6041],{},[1159,6042,1680],{},[1280,6044,6045,6053],{},[1283,6046,6047],{},[1286,6048,6049,6051],{},[1289,6050,1291],{},[1289,6052,1294],{},[1296,6054,6055,6063,6071],{},[1286,6056,6057,6061],{},[1301,6058,6059],{},[852,6060,1143],{},[1301,6062,1307],{},[1286,6064,6065,6069],{},[1301,6066,6067],{},[852,6068,1323],{},[1301,6070,3374],{},[1286,6072,6073,6077],{},[1301,6074,6075],{},[852,6076,3381],{},[1301,6078,3384],{},[848,6080,6081],{},[1159,6082,1335],{},[1280,6084,6085,6095],{},[1283,6086,6087],{},[1286,6088,6089,6091,6093],{},[1289,6090,1344],{},[1289,6092,2207],{},[1289,6094,1347],{},[1296,6096,6097,6109,6121],{},[1286,6098,6099,6103,6107],{},[1301,6100,6101],{},[852,6102,1566],{},[1301,6104,6105],{},[852,6106,3413],{},[1301,6108,3416],{},[1286,6110,6111,6115,6119],{},[1301,6112,6113],{},[852,6114,3423],{},[1301,6116,6117],{},[852,6118,3428],{},[1301,6120,3431],{},[1286,6122,6123,6127,6131],{},[1301,6124,6125],{},[852,6126,1586],{},[1301,6128,6129],{},[852,6130,3442],{},[1301,6132,3445],{},[848,6134,1416,6135,3450,6137,3453],{},[861,6136,89],{"href":90},[852,6138,152],{},[1117,6140],{},[1120,6142,3459],{"id":3458},[913,6144,6145],{"id":3462},[852,6146,3465],{},[848,6148,3468,6149,3472,6151,3475,6153,1108],{},[852,6150,3471],{},[852,6152,858],{},[852,6154,3478],{},[848,6156,3481,6157,3484,6159,3341],{},[852,6158,3329],{},[852,6160,3487],{},[848,6162,3490,6163,3493,6165,3497],{},[852,6164,854],{},[852,6166,3496],{},[3499,6168,6169],{},[848,6170,3503,6171,3507,6173,3511,6175,3515,6177,3518],{},[852,6172,3506],{},[852,6174,3510],{},[852,6176,3514],{},[852,6178,1251],{},[848,6180,6181],{},[1159,6182,1680],{},[1280,6184,6185,6193],{},[1283,6186,6187],{},[1286,6188,6189,6191],{},[1289,6190,1291],{},[1289,6192,1294],{},[1296,6194,6195,6203,6211],{},[1286,6196,6197,6201],{},[1301,6198,6199],{},[852,6200,1143],{},[1301,6202,1307],{},[1286,6204,6205,6209],{},[1301,6206,6207],{},[852,6208,1323],{},[1301,6210,3374],{},[1286,6212,6213,6217],{},[1301,6214,6215],{},[852,6216,3381],{},[1301,6218,3384],{},[848,6220,6221],{},[1159,6222,1335],{},[1280,6224,6225,6235],{},[1283,6226,6227],{},[1286,6228,6229,6231,6233],{},[1289,6230,1344],{},[1289,6232,2207],{},[1289,6234,1347],{},[1296,6236,6237,6249,6261,6273,6285],{},[1286,6238,6239,6243,6247],{},[1301,6240,6241],{},[852,6242,1566],{},[1301,6244,6245],{},[852,6246,3587],{},[1301,6248,3590],{},[1286,6250,6251,6255,6259],{},[1301,6252,6253],{},[852,6254,3423],{},[1301,6256,6257],{},[852,6258,3428],{},[1301,6260,3431],{},[1286,6262,6263,6267,6271],{},[1301,6264,6265],{},[852,6266,1586],{},[1301,6268,6269],{},[852,6270,3442],{},[1301,6272,3445],{},[1286,6274,6275,6279,6283],{},[1301,6276,6277],{},[852,6278,1605],{},[1301,6280,6281],{},[852,6282,3625],{},[1301,6284,3628],{},[1286,6286,6287,6291,6295],{},[1301,6288,6289],{},[852,6290,1410],{},[1301,6292,6293],{},[852,6294,3625],{},[1301,6296,1413],{},[848,6298,3643,6299,3647,6301,1085,6303,1085,6305,933,6307,1085,6309,1085,6311,1085,6313,3668,6315,3672,6317,1108],{},[852,6300,3646],{},[852,6302,3650],{},[852,6304,1251],{},[852,6306,3655],{},[852,6308,3658],{},[852,6310,3661],{},[852,6312,3664],{},[852,6314,3667],{},[852,6316,3671],{},[852,6318,3496],{},[1117,6320],{},[1120,6322,3680],{"id":3679},[1280,6324,6325,6337],{},[1283,6326,6327],{},[1286,6328,6329,6331,6333,6335],{},[1289,6330,3689],{},[1289,6332,3692],{},[1289,6334,3695],{},[1289,6336,3698],{},[1296,6338,6339,6355,6371,6387,6403,6419,6435,6451,6467,6483,6499,6515,6531,6547,6563,6581],{},[1286,6340,6341,6345,6349,6353],{},[1301,6342,6343],{},[852,6344,3707],{},[1301,6346,6347],{},[852,6348,3712],{},[1301,6350,6351],{},[852,6352,1039],{},[1301,6354,3719],{},[1286,6356,6357,6361,6365,6369],{},[1301,6358,6359],{},[852,6360,3707],{},[1301,6362,6363],{},[852,6364,1475],{},[1301,6366,6367],{},[852,6368,1039],{},[1301,6370,3736],{},[1286,6372,6373,6377,6381,6385],{},[1301,6374,6375],{},[852,6376,3707],{},[1301,6378,6379],{},[852,6380,3747],{},[1301,6382,6383],{},[852,6384,1039],{},[1301,6386,3754],{},[1286,6388,6389,6393,6397,6401],{},[1301,6390,6391],{},[852,6392,3761],{},[1301,6394,6395],{},[852,6396,3766],{},[1301,6398,6399],{},[852,6400,1054],{},[1301,6402,3773],{},[1286,6404,6405,6409,6413,6417],{},[1301,6406,6407],{},[852,6408,3780],{},[1301,6410,6411],{},[852,6412,3785],{},[1301,6414,6415],{},[852,6416,1054],{},[1301,6418,3792],{},[1286,6420,6421,6425,6429,6433],{},[1301,6422,6423],{},[852,6424,3761],{},[1301,6426,6427],{},[852,6428,3803],{},[1301,6430,6431],{},[852,6432,1078],{},[1301,6434,3810],{},[1286,6436,6437,6441,6445,6449],{},[1301,6438,6439],{},[852,6440,3707],{},[1301,6442,6443],{},[852,6444,3803],{},[1301,6446,6447],{},[852,6448,1078],{},[1301,6450,3827],{},[1286,6452,6453,6457,6461,6465],{},[1301,6454,6455],{},[852,6456,3707],{},[1301,6458,6459],{},[852,6460,3838],{},[1301,6462,6463],{},[852,6464,1078],{},[1301,6466,3845],{},[1286,6468,6469,6473,6477,6481],{},[1301,6470,6471],{},[852,6472,3761],{},[1301,6474,6475],{},[852,6476,3856],{},[1301,6478,6479],{},[852,6480,1078],{},[1301,6482,3863],{},[1286,6484,6485,6489,6493,6497],{},[1301,6486,6487],{},[852,6488,3707],{},[1301,6490,6491],{},[852,6492,3856],{},[1301,6494,6495],{},[852,6496,1078],{},[1301,6498,3880],{},[1286,6500,6501,6505,6509,6513],{},[1301,6502,6503],{},[852,6504,3707],{},[1301,6506,6507],{},[852,6508,3891],{},[1301,6510,6511],{},[852,6512,1078],{},[1301,6514,3898],{},[1286,6516,6517,6521,6525,6529],{},[1301,6518,6519],{},[852,6520,3761],{},[1301,6522,6523],{},[852,6524,3909],{},[1301,6526,6527],{},[852,6528,1078],{},[1301,6530,3916],{},[1286,6532,6533,6537,6541,6545],{},[1301,6534,6535],{},[852,6536,3707],{},[1301,6538,6539],{},[852,6540,3909],{},[1301,6542,6543],{},[852,6544,1078],{},[1301,6546,3933],{},[1286,6548,6549,6553,6557,6561],{},[1301,6550,6551],{},[852,6552,3761],{},[1301,6554,6555],{},[852,6556,3214],{},[1301,6558,6559],{},[852,6560,1066],{},[1301,6562,3950],{},[1286,6564,6565,6569,6575,6579],{},[1301,6566,6567],{},[852,6568,3761],{},[1301,6570,6571,3211,6573,1330],{},[852,6572,3319],{},[852,6574,3323],{},[1301,6576,6577,3967],{},[852,6578,854],{},[1301,6580,3970],{},[1286,6582,6583,6587,6591,6595],{},[1301,6584,6585],{},[852,6586,3761],{},[1301,6588,6589],{},[852,6590,3478],{},[1301,6592,6593,3985],{},[852,6594,858],{},[1301,6596,3988,6597],{},[852,6598,3496],{},[3992,6600,3994],{},{"title":880,"searchDepth":919,"depth":919,"links":6602},[6603,6608,6612,6622,6625,6628,6631],{"id":1122,"depth":919,"text":1039,"children":6604},[6605,6606,6607],{"id":1130,"depth":927,"text":1133},{"id":1424,"depth":927,"text":1427},{"id":1626,"depth":927,"text":1629},{"id":1793,"depth":919,"text":1054,"children":6609},[6610,6611],{"id":1804,"depth":927,"text":1807},{"id":1944,"depth":927,"text":4006},{"id":2102,"depth":919,"text":1078,"children":6613},[6614,6615,6616,6617,6618,6619,6620,6621],{"id":2121,"depth":927,"text":2124},{"id":2242,"depth":927,"text":2245},{"id":2369,"depth":927,"text":2372},{"id":2483,"depth":927,"text":2486},{"id":2581,"depth":927,"text":2584},{"id":2711,"depth":927,"text":2714},{"id":2861,"depth":927,"text":2864},{"id":2964,"depth":927,"text":2967},{"id":3189,"depth":919,"text":1066,"children":6623},[6624],{"id":3194,"depth":927,"text":3197},{"id":3298,"depth":919,"text":3299,"children":6626},[6627],{"id":3302,"depth":927,"text":3305},{"id":3458,"depth":919,"text":3459,"children":6629},[6630],{"id":3462,"depth":927,"text":3465},{"id":3679,"depth":919,"text":3680},{},{"title":202,"description":4027},1780436293224]