import * as jose from "jose";
import { LetsMFARequest, LetsMFAResponse } from "./request-response";
import { AuthPolicy } from "./auth-policy";
export interface EnrollRequest extends LetsMFARequest {
    /** A signed JWT from another provider, or self generated. This value will be included in the response
     * id_token JWT from LetsMFA. This is useful for "chaining" JWTs from multiple identity providers
     * to validate the user's identity and reverify MFA with a single JWT.
     */
    nestedJWT: string;
    /** Options that are provided by the Service Provider. */
    authPolicy: AuthPolicy;
    /** Supply an exisiting accountVault to allow a user to update/change their methods of authentication */
    accountVault?: string;
}
export interface EnrollResponse extends LetsMFAResponse {
    /** The JWT returned by LetsMFA after the user has successfully authenticated. */
    idToken: string;
    /** This value must be persisted by the Service Provider and associated with the
     * user's account. For example, it can be base 64 encoded and stored in a database
     */
    accountVault: jose.FlattenedJWE;
}
/** Returned by the LetsMFA server after an enroll start request */
export interface EnrollStartResponse extends LetsMFAResponse {
    /** The URL to which the client's browser should be redirected to begin their
     * enrollment flow.
     */
    url: string;
}
/** Returned by the LetsMFA server after an enroll start request */
export interface AuthStartResponse extends LetsMFAResponse {
    /** The URL to which the client's browser should be redirected to begin their
     * authentication flow.
     */
    url: string;
}
//# sourceMappingURL=enroll.d.ts.map