import type { Logger } from "../common/Logging";
import type { Maybe } from "../common/Maybe";
import type { OrganizationId } from "../common/Models/Organization";
import type { JwtClaims, JwtValidationResult } from "./JwtValidator";
/**
 * The header name where a team name should be sent when sending a service request
 */
export declare const ALTO_TEAM_AUTH_HEADER = "x-alto-account";
export interface AuthenticatedAccount {
    jwtValidationResult: JwtValidationResult;
    altostraAccountId: OrganizationId;
    permissions?: string[];
    claims: JwtClaims;
    organizations: OrganizationId[];
}
/**
 * Authenticate jwt token using public keys from the environment variables `AUTH0_PUBLIC_KEY` and `KMS_PUBLIC_KEY`.
 * If not provided, authenticate using defaults.
 * @param bearerToken The bearer token to authenticate
 * @param selectedOrganization The team/organization to authenticate against
 * @param logger A logger to log errors. \
 * If not provided the console is being used.
 */
export declare function authenticator(bearerToken?: string, selectedOrganization?: OrganizationId, logger?: Logger): Maybe<AuthenticatedAccount>;