Merge pull request #956 from nhost/changeset-release/main

chore: update versions

README.md

@@ -383,14 +383,21 @@ Here are some ways of contributing to making Nhost better:
             <sub><b>Hoang Do</b></sub>
         </a>
     </td>
+    <td align="center">
+        <a href="https://github.com/eltociear">
+            <img src="https://avatars.githubusercontent.com/u/22633385?v=4" width="100;" alt="eltociear"/>
+            <br />
+            <sub><b>Ikko Ashimine</b></sub>
+        </a>
+    </td></tr>
+<tr>
     <td align="center">
         <a href="https://github.com/jladuval">
             <img src="https://avatars.githubusercontent.com/u/1935359?v=4" width="100;" alt="jladuval"/>
             <br />
             <sub><b>Jacob Duval</b></sub>
         </a>
-    </td></tr>
-<tr>
+    </td>
     <td align="center">
         <a href="https://github.com/kylehayes">
             <img src="https://avatars.githubusercontent.com/u/509932?v=4" width="100;" alt="kylehayes"/>
@@ -425,15 +432,15 @@ Here are some ways of contributing to making Nhost better:
             <br />
             <sub><b>Nacho Aldama</b></sub>
         </a>
-    </td>
+    </td></tr>
+<tr>
     <td align="center">
         <a href="https://github.com/ghoshnirmalya">
             <img src="https://avatars.githubusercontent.com/u/6391763?v=4" width="100;" alt="ghoshnirmalya"/>
             <br />
             <sub><b>Nirmalya Ghosh</b></sub>
         </a>
-    </td></tr>
-<tr>
+    </td>
     <td align="center">
         <a href="https://github.com/quentin-decre">
             <img src="https://avatars.githubusercontent.com/u/1137511?v=4" width="100;" alt="quentin-decre"/>

docs/docs/platform/authentication/users.mdx

@@ -39,7 +39,7 @@ query {
 
 Users should be created using the sign-up or sign-in flows as described under [sign-in methods](/platform/authentication/sign-in-methods).
 
-- **Never** create users directly via GraphQL or database.
+- **Never** create users directly via GraphQL or database, unless you [import users](#import-users) from an external system.
 - **Never** modify the `auth.users` table.
 - **Never** modify the GraphQL root queries or fields for any of the tables in the `auth` schema.
 
@@ -136,3 +136,31 @@ await nhost.auth.signUp({
   }
 })
 ```
+
+## Import Users
+
+If you have users in a different system, you can import them into Nhost. When importing users you should insert the users directly into the database instead of using the authentication endpoints (`/signup/email-password`).
+
+It's possible to insert users via GraphQL or SQL.
+
+### GraphQL
+
+Make a GraphQL request to insert a user like this:
+
+```graphql
+mutation insertUser($user: users_insert_input!) {
+  insertUser(object: $user) {
+    id
+  }
+}
+```
+
+### SQL
+
+Connect directly to the database and insert a user like this:
+
+```sql
+INSERT INTO auth.users (id, email, display_name, password_hash, ..) VALUES ('<user-id>', '<email>', '<display-name>', '<password-hash>', ..);
+```
+
+User passwords are hashed using [bcrypt](https://en.wikipedia.org/wiki/Bcrypt) in Nhost.

docs/docs/reference/cli/init.mdx

@@ -3,7 +3,7 @@ title: 'init'
 sidebar_position: 1
 ---
 
-Intialize a local Nhost project in the current working directory.
+Initialize a local Nhost project in the current working directory.
 
 ```
 nhost init

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/01-sign-up.mdx

@@ -4,7 +4,7 @@ title: signUp()
 sidebar_label: signUp()
 slug: /reference/javascript/auth/sign-up
 description: Use `nhost.auth.signUp` to sign up a user using email and password. If you want to sign up a user using passwordless email (Magic Link), SMS, or an OAuth provider, use the `signIn` function instead.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L102
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L107
 ---
 
 # `signUp()`
@@ -22,12 +22,6 @@ nhost.auth.signUp({
 
 ---
 
-**<span className="parameter-name">\_\_namedParameters</span>** <span className="optional-status">required</span> [`SignUpEmailPasswordParams`](/reference/docgen/javascript/auth/types/sign-up-email-password-params)
-
-| Property                                                                                                 | Type            | Required | Notes |
-| :------------------------------------------------------------------------------------------------------- | :-------------- | :------: | :---- |
-| <span className="parameter-name"><span className="light-grey">\_\_namedParameters.</span>password</span> | `string`        |    ✔️    |       |
-| <span className="parameter-name"><span className="light-grey">\_\_namedParameters.</span>email</span>    | `string`        |    ✔️    |       |
-| <span className="parameter-name"><span className="light-grey">\_\_namedParameters.</span>options</span>  | `SignUpOptions` |          |       |
+**<span className="parameter-name">params</span>** <span className="optional-status">required</span> [`SignUpParams`](/reference/docgen/javascript/auth/types/sign-up-params)
 
 ---

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/02-sign-in.mdx

@@ -4,7 +4,7 @@ title: signIn()
 sidebar_label: signIn()
 slug: /reference/javascript/auth/sign-in
 description: Use `nhost.auth.signIn` to sign in a user using email and password, passwordless (email or sms) or an external provider. `signIn` can be used to sign in a user in various ways depending on the parameters.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L145
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L156
 ---
 
 # `signIn()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/03-sign-out.mdx

@@ -4,7 +4,7 @@ title: signOut()
 sidebar_label: signOut()
 slug: /reference/javascript/auth/sign-out
 description: Use `nhost.auth.signOut` to sign out the user.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L233
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L252
 ---
 
 # `signOut()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/04-reset-password.mdx

@@ -4,7 +4,7 @@ title: resetPassword()
 sidebar_label: resetPassword()
 slug: /reference/javascript/auth/reset-password
 description: Use `nhost.auth.resetPassword` to reset the password for a user. This will send a reset-password link in an email to the user. When the user clicks the reset-password link the user is automatically signed-in. Once signed-in, the user can change their password using `nhost.auth.changePassword()`.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L249
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L268
 ---
 
 # `resetPassword()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/05-change-password.mdx

@@ -4,7 +4,7 @@ title: changePassword()
 sidebar_label: changePassword()
 slug: /reference/javascript/auth/change-password
 description: Use `nhost.auth.changePassword` to change the password for the signed-in user. The old password is not needed. In case the user is not signed-in, a password reset ticket needs to be provided.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L265
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L284
 ---
 
 # `changePassword()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/06-send-verification-email.mdx

@@ -4,7 +4,7 @@ title: sendVerificationEmail()
 sidebar_label: sendVerificationEmail()
 slug: /reference/javascript/auth/send-verification-email
 description: Use `nhost.auth.sendVerificationEmail` to send a verification email to the specified email. The email contains a verification-email link. When the user clicks the verification-email link their email is verified.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L284
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L303
 ---
 
 # `sendVerificationEmail()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/07-change-email.mdx

@@ -4,7 +4,7 @@ title: changeEmail()
 sidebar_label: changeEmail()
 slug: /reference/javascript/auth/change-email
 description: Use `nhost.auth.changeEmail` to change a user's email. This will send a confirm-email-change link in an email to the new email. Once the user clicks on the confirm-email-change link the email will be change to the new email.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L303
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L322
 ---
 
 # `changeEmail()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/08-deanonymize.mdx

@@ -4,7 +4,7 @@ title: deanonymize()
 sidebar_label: deanonymize()
 slug: /reference/javascript/auth/deanonymize
 description: Use `nhost.auth.deanonymize` to deanonymize a user.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L319
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L338
 ---
 
 # `deanonymize()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/09-add-security-key.mdx

@@ -0,0 +1,22 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: addSecurityKey()
+sidebar_label: addSecurityKey()
+slug: /reference/javascript/auth/add-security-key
+description: Use `nhost.auth.addSecurityKey to add a security key to the user, using the WebAuthn API.
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L376
+---
+
+# `addSecurityKey()`
+
+Use `nhost.auth.addSecurityKey to add a security key to the user, using the WebAuthn API.
+
+## Parameters
+
+---
+
+**<span className="parameter-name">nickname</span>** <span className="optional-status">optional</span> `string`
+
+optional human-readable nickname for the security key
+
+---

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/10-on-token-changed.mdx

@@ -4,7 +4,7 @@ title: onTokenChanged()
 sidebar_label: onTokenChanged()
 slug: /reference/javascript/auth/on-token-changed
 description: Use `nhost.auth.onTokenChanged` to add a custom function that runs every time the access or refresh token is changed.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L362
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L394
 ---
 
 # `onTokenChanged()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/11-on-auth-state-changed.mdx

@@ -4,7 +4,7 @@ title: onAuthStateChanged()
 sidebar_label: onAuthStateChanged()
 slug: /reference/javascript/auth/on-auth-state-changed
 description: Use `nhost.auth.onAuthStateChanged` to add a custom function that runs every time the authentication status of the user changes. E.g. add a custom function that runs every time the authentication status changes from signed-in to signed-out.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L397
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L429
 ---
 
 # `onAuthStateChanged()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/12-is-authenticated.mdx

@@ -4,7 +4,7 @@ title: isAuthenticated()
 sidebar_label: isAuthenticated()
 slug: /reference/javascript/auth/is-authenticated
 description: Use `nhost.auth.isAuthenticated` to check if the user is authenticated or not.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L439
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L471
 ---
 
 # `isAuthenticated()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/13-is-authenticated-async.mdx

@@ -4,7 +4,7 @@ title: isAuthenticatedAsync()
 sidebar_label: isAuthenticatedAsync()
 slug: /reference/javascript/auth/is-authenticated-async
 description: Use `nhost.auth.isAuthenticatedAsync` to wait (await) for any internal authentication network requests to finish and then return the authentication status.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L457
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L489
 ---
 
 # `isAuthenticatedAsync()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/14-get-authentication-status.mdx

@@ -4,7 +4,7 @@ title: getAuthenticationStatus()
 sidebar_label: getAuthenticationStatus()
 slug: /reference/javascript/auth/get-authentication-status
 description: Use `nhost.auth.getAuthenticationStatus` to get the authentication status of the user.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L483
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L515
 ---
 
 # `getAuthenticationStatus()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/15-get-access-token.mdx

@@ -4,7 +4,7 @@ title: getAccessToken()
 sidebar_label: getAccessToken()
 slug: /reference/javascript/auth/get-access-token
 description: Use `nhost.auth.getAccessToken` to get the access token of the user.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L513
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L545
 ---
 
 # `getAccessToken()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/16-get-decoded-access-token.mdx

@@ -4,7 +4,7 @@ title: getDecodedAccessToken()
 sidebar_label: getDecodedAccessToken()
 slug: /reference/javascript/auth/get-decoded-access-token
 description: Use `nhost.auth.getDecodedAccessToken` to get the decoded access token of the user.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L528
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L560
 ---
 
 # `getDecodedAccessToken()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/17-get-hasura-claims.mdx

@@ -4,7 +4,7 @@ title: getHasuraClaims()
 sidebar_label: getHasuraClaims()
 slug: /reference/javascript/auth/get-hasura-claims
 description: Use `nhost.auth.getHasuraClaims` to get the Hasura claims of the user.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L545
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L577
 ---
 
 # `getHasuraClaims()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/18-get-hasura-claim.mdx

@@ -4,7 +4,7 @@ title: getHasuraClaim()
 sidebar_label: getHasuraClaim()
 slug: /reference/javascript/auth/get-hasura-claim
 description: Use `nhost.auth.getHasuraClaim` to get the value of a specific Hasura claim of the user.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L563
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L595
 ---
 
 # `getHasuraClaim()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/19-refresh-session.mdx

@@ -4,7 +4,7 @@ title: refreshSession()
 sidebar_label: refreshSession()
 slug: /reference/javascript/auth/refresh-session
 description: Use `nhost.auth.refreshSession` to refresh the session with either the current internal refresh token or an external refresh token.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L586
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L618
 ---
 
 # `refreshSession()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/20-get-session.mdx

@@ -4,7 +4,7 @@ title: getSession()
 sidebar_label: getSession()
 slug: /reference/javascript/auth/get-session
 description: Use `nhost.auth.getSession()` to get the session of the user.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L627
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L659
 ---
 
 # `getSession()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/content/21-get-user.mdx

@@ -4,7 +4,7 @@ title: getUser()
 sidebar_label: getUser()
 slug: /reference/javascript/auth/get-user
 description: Use `nhost.auth.getUser()` to get the signed-in user.
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L642
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L674
 ---
 
 # `getUser()`

docs/docs/reference/docgen/javascript/auth/content/hasura-auth-client/index.mdx

@@ -4,7 +4,7 @@ title: HasuraAuthClient
 sidebar_label: Auth
 description: No description provided.
 slug: /reference/javascript/auth
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L59
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/hasura-auth-client.ts#L64
 ---
 
 # `HasuraAuthClient`

docs/docs/reference/docgen/javascript/auth/types/auth-change-event.mdx

@@ -4,7 +4,7 @@ title: AuthChangeEvent
 sidebar_label: AuthChangeEvent
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L100
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L118
 ---
 
 # `AuthChangeEvent`

docs/docs/reference/docgen/javascript/auth/types/auth-changed-function.mdx

@@ -4,7 +4,7 @@ title: AuthChangedFunction
 sidebar_label: AuthChangedFunction
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L102
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L120
 ---
 
 # `AuthChangedFunction`

docs/docs/reference/docgen/javascript/auth/types/change-email-params.mdx

@@ -4,7 +4,7 @@ title: ChangeEmailParams
 sidebar_label: ChangeEmailParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L82
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L99
 ---
 
 # `ChangeEmailParams`

docs/docs/reference/docgen/javascript/auth/types/change-password-params.mdx

@@ -4,7 +4,7 @@ title: ChangePasswordParams
 sidebar_label: ChangePasswordParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L72
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L89
 ---
 
 # `ChangePasswordParams`

docs/docs/reference/docgen/javascript/auth/types/common-sign-up-params.mdx

@@ -0,0 +1,18 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: CommonSignUpParams
+sidebar_label: CommonSignUpParams
+description: No description provided.
+displayed_sidebar: referenceSidebar
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L25
+---
+
+# `CommonSignUpParams`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">options</span>** <span className="optional-status">optional</span> `SignUpOptions`
+
+---

docs/docs/reference/docgen/javascript/auth/types/deanonymize-params.mdx

@@ -4,14 +4,14 @@ title: DeanonymizeParams
 sidebar_label: DeanonymizeParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L87
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L104
 ---
 
 # `DeanonymizeParams`
 
 ```ts
 type DeanonymizeParams =
-  | ({ signInMethod: 'email-password' } & SignUpParams)
+  | ({ signInMethod: 'email-password' } & SignUpEmailPasswordParams)
   | ({
       signInMethod: 'passwordless'
       connection: 'email'

docs/docs/reference/docgen/javascript/auth/types/nhost-auth-constructor-params.mdx

@@ -4,7 +4,7 @@ title: NhostAuthConstructorParams
 sidebar_label: NhostAuthConstructorParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L15
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L17
 ---
 
 # `NhostAuthConstructorParams`

docs/docs/reference/docgen/javascript/auth/types/on-token-changed-function.mdx

@@ -4,7 +4,7 @@ title: OnTokenChangedFunction
 sidebar_label: OnTokenChangedFunction
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L104
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L122
 ---
 
 # `OnTokenChangedFunction`

docs/docs/reference/docgen/javascript/auth/types/provider.mdx

@@ -4,7 +4,7 @@ title: Provider
 sidebar_label: Provider
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/core/src/types.ts#L141
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/core/src/types.ts#L153
 ---
 
 # `Provider`
@@ -24,4 +24,5 @@ type Provider =
   | 'bitbucket'
   | 'discord'
   | 'twitch'
+  | 'workos'
 ```

docs/docs/reference/docgen/javascript/auth/types/reset-password-params.mdx

@@ -4,7 +4,7 @@ title: ResetPasswordParams
 sidebar_label: ResetPasswordParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L67
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L84
 ---
 
 # `ResetPasswordParams`

docs/docs/reference/docgen/javascript/auth/types/send-verification-email-params.mdx

@@ -4,7 +4,7 @@ title: SendVerificationEmailParams
 sidebar_label: SendVerificationEmailParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L77
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L94
 ---
 
 # `SendVerificationEmailParams`

docs/docs/reference/docgen/javascript/auth/types/sign-in-email-password-otp-params.mdx

@@ -4,7 +4,7 @@ title: SignInEmailPasswordOtpParams
 sidebar_label: SignInEmailPasswordOtpParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L35
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L46
 ---
 
 # `SignInEmailPasswordOtpParams`

docs/docs/reference/docgen/javascript/auth/types/sign-in-email-password-params.mdx

@@ -4,7 +4,7 @@ title: SignInEmailPasswordParams
 sidebar_label: SignInEmailPasswordParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L30
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L41
 ---
 
 # `SignInEmailPasswordParams`

docs/docs/reference/docgen/javascript/auth/types/sign-in-params.mdx

@@ -4,7 +4,7 @@ title: SignInParams
 sidebar_label: SignInParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L59
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L75
 ---
 
 # `SignInParams`
@@ -14,6 +14,7 @@ type SignInParams =
   | SignInEmailPasswordParams
   | SignInEmailPasswordOtpParams
   | SignInPasswordlessEmailParams
+  | SignInPasswordlessSecurityKeyParams
   | SignInPasswordlessSmsOtpParams
   | SignInPasswordlessSmsParams
   | SignInWithProviderOptions

docs/docs/reference/docgen/javascript/auth/types/sign-in-passwordless-email-params.mdx

@@ -4,7 +4,7 @@ title: SignInPasswordlessEmailParams
 sidebar_label: SignInPasswordlessEmailParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L40
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L51
 ---
 
 # `SignInPasswordlessEmailParams`

docs/docs/reference/docgen/javascript/auth/types/sign-in-passwordless-security-key-params.mdx

@@ -0,0 +1,22 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: SignInPasswordlessSecurityKeyParams
+sidebar_label: SignInPasswordlessSecurityKeyParams
+description: No description provided.
+displayed_sidebar: referenceSidebar
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L56
+---
+
+# `SignInPasswordlessSecurityKeyParams`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">email</span>** <span className="optional-status">required</span> `string`
+
+---
+
+**<span className="parameter-name">securityKey</span>** <span className="optional-status">required</span> `"true"`
+
+---

docs/docs/reference/docgen/javascript/auth/types/sign-in-passwordless-sms-otp-params.mdx

@@ -4,7 +4,7 @@ title: SignInPasswordlessSmsOtpParams
 sidebar_label: SignInPasswordlessSmsOtpParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L50
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L66
 ---
 
 # `SignInPasswordlessSmsOtpParams`

docs/docs/reference/docgen/javascript/auth/types/sign-in-passwordless-sms-params.mdx

@@ -4,7 +4,7 @@ title: SignInPasswordlessSmsParams
 sidebar_label: SignInPasswordlessSmsParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L45
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L61
 ---
 
 # `SignInPasswordlessSmsParams`

docs/docs/reference/docgen/javascript/auth/types/sign-in-with-provider-options.mdx

@@ -4,19 +4,13 @@ title: SignInWithProviderOptions
 sidebar_label: SignInWithProviderOptions
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L54
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L71
 ---
 
 # `SignInWithProviderOptions`
 
-## Parameters
-
----
-
-**<span className="parameter-name">provider</span>** <span className="optional-status">required</span> [`Provider`](/reference/docgen/javascript/auth/types/provider)
-
----
-
-**<span className="parameter-name">options</span>** <span className="optional-status">optional</span> `ProviderOptions`
-
----
+```ts
+type SignInWithProviderOptions =
+  | { provider: Exclude<Provider, 'workos'>; options: CommonProviderOptions }
+  | { provider: 'workos'; options: WorkOsOptions }
+```

docs/docs/reference/docgen/javascript/auth/types/sign-up-email-password-params.mdx

@@ -4,7 +4,7 @@ title: SignUpEmailPasswordParams
 sidebar_label: SignUpEmailPasswordParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L23
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L29
 ---
 
 # `SignUpEmailPasswordParams`
@@ -13,7 +13,7 @@ custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-j
 
 ---
 
-**<span className="parameter-name">password</span>** <span className="optional-status">required</span> `string`
+**<span className="parameter-name">options</span>** <span className="optional-status">optional</span> `SignUpOptions`
 
 ---
 
@@ -21,6 +21,6 @@ custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-j
 
 ---
 
-**<span className="parameter-name">options</span>** <span className="optional-status">optional</span> `SignUpOptions`
+**<span className="parameter-name">password</span>** <span className="optional-status">required</span> `string`
 
 ---

docs/docs/reference/docgen/javascript/auth/types/sign-up-params.mdx

@@ -4,7 +4,11 @@ title: SignUpParams
 sidebar_label: SignUpParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L29
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L40
 ---
 
 # `SignUpParams`
+
+```ts
+type SignUpParams = SignUpEmailPasswordParams | SignUpSecurityKeyParams
+```

docs/docs/reference/docgen/javascript/auth/types/sign-up-security-key-params.mdx

@@ -0,0 +1,26 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: SignUpSecurityKeyParams
+sidebar_label: SignUpSecurityKeyParams
+description: No description provided.
+displayed_sidebar: referenceSidebar
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L34
+---
+
+# `SignUpSecurityKeyParams`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">email</span>** <span className="optional-status">required</span> `string`
+
+---
+
+**<span className="parameter-name">options</span>** <span className="optional-status">optional</span> `SignUpSecurityKeyOptions`
+
+---
+
+**<span className="parameter-name">securityKey</span>** <span className="optional-status">required</span> `"true"`
+
+---

docs/docs/reference/docgen/javascript/auth/types/user.mdx

@@ -4,7 +4,7 @@ title: User
 sidebar_label: User
 description: User information
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/core/src/types.ts#L94
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/core/src/types.ts#L106
 ---
 
 # `User`

docs/docs/reference/docgen/javascript/nhost-js/types/nhost-auth-constructor-params.mdx

@@ -4,7 +4,7 @@ title: NhostAuthConstructorParams
 sidebar_label: NhostAuthConstructorParams
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L15
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/hasura-auth-js/src/utils/types.ts#L17
 ---
 
 # `NhostAuthConstructorParams`

docs/docs/reference/docgen/nextjs/content/use-add-security-key.mdx

@@ -0,0 +1,22 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: useAddSecurityKey()
+sidebar_label: useAddSecurityKey()
+slug: /reference/nextjs/use-add-security-key
+description: Use the hook `useAddSecurityKey` to add a WebAuthn security key.
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useAddSecurityKey.ts#L45
+---
+
+# `useAddSecurityKey()`
+
+Use the hook `useAddSecurityKey` to add a WebAuthn security key.
+
+```tsx
+const { add, isLoading, isSuccess, isError, error } = useAddSecurityKey()
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await add('key nickname')
+}
+```

docs/docs/reference/docgen/nextjs/content/use-sign-in-email-security-key.mdx

@@ -0,0 +1,31 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: useSignInEmailSecurityKey()
+sidebar_label: useSignInEmailSecurityKey()
+slug: /reference/nextjs/use-sign-in-email-security-key
+description: Use the hook `useSignInEmailSecurityKey` to sign in a user using their email and a security key using the WebAuthn API.
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useSignInEmailSecurityKey.ts#L41
+---
+
+# `useSignInEmailSecurityKey()`
+
+Use the hook `useSignInEmailSecurityKey` to sign in a user using their email and a security key using the WebAuthn API.
+
+```tsx
+const {
+  signInEmailSecurityKey,
+  needsEmailVerification,
+  isLoading,
+  isSuccess,
+  isError,
+  error
+} = useSignInEmailSecurityKey()
+
+console.log({ needsEmailVerification, isLoading, isSuccess, isError, error })
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await signInEmailSecurityKey('joe@example.com')
+}
+```

docs/docs/reference/docgen/nextjs/content/use-sign-up-email-security-key-email.mdx

@@ -0,0 +1,39 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: useSignUpEmailSecurityKeyEmail()
+sidebar_label: useSignUpEmailSecurityKeyEmail()
+slug: /reference/nextjs/use-sign-up-email-security-key-email
+description: Use the hook `useSignUpEmailSecurityKey` to sign up a user with security key and an email using the WebAuthn API.
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useSignUpEmailSecurityKey.ts#L43
+---
+
+# `useSignUpEmailSecurityKeyEmail()`
+
+Use the hook `useSignUpEmailSecurityKey` to sign up a user with security key and an email using the WebAuthn API.
+
+```tsx
+const {
+  signUpEmailSecurityKey,
+  needsEmailVerification,
+  isLoading,
+  isSuccess,
+  isError,
+  error
+} = useSignUpEmailSecurityKey()
+
+console.log({ needsEmailVerification, isLoading, isSuccess, isError, error })
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await signUpEmailSecurityKey('joe@example.com')
+}
+```
+
+## Parameters
+
+---
+
+**<span className="parameter-name">options</span>** <span className="optional-status">optional</span> `SignUpSecurityKeyOptions`
+
+---

docs/docs/reference/docgen/nextjs/types/add-securit-key-hook-result.mdx

@@ -0,0 +1,44 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: AddSecuritKeyHookResult
+sidebar_label: AddSecuritKeyHookResult
+description: No description provided.
+displayed_sidebar: referenceSidebar
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useAddSecurityKey.ts#L20
+---
+
+# `AddSecuritKeyHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> `null` | `ErrorPayload`
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> `boolean`
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">add</span>** <span className="optional-status">required</span> `AddSecurityKeyHandler`
+
+Add a security key to the current user with the WebAuthn API
+
+---

docs/docs/reference/docgen/nextjs/types/nhost-session.mdx

@@ -4,7 +4,7 @@ title: NhostSession
 sidebar_label: NhostSession
 description: No description provided.
 displayed_sidebar: referenceSidebar
-custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/core/src/types.ts#L129
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/core/src/types.ts#L141
 ---
 
 # `NhostSession`

docs/docs/reference/docgen/nextjs/types/sign-in-security-key-passwordless-hook-result.mdx

@@ -0,0 +1,70 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: SignInSecurityKeyPasswordlessHookResult
+sidebar_label: SignInSecurityKeyPasswordlessHookResult
+description: No description provided.
+displayed_sidebar: referenceSidebar
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useSignInEmailSecurityKey.ts#L14
+---
+
+# `SignInSecurityKeyPasswordlessHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> `null` | `ErrorPayload`
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isLoading</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` when the action is executing, `false` when it finished its execution.
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> `boolean`
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> `null` | `User`
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> `null` | `string`
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">needsEmailVerification</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an email is required to complete the action, and that a verification email has been sent to complete the action.
+
+---
+
+**<span className="parameter-name">signInEmailSecurityKey</span>** <span className="optional-status">required</span> `SignInSecurityKeyPasswordlessHandler`
+
+---

docs/docs/reference/docgen/nextjs/types/sign-up-security-key-hook-result.mdx

@@ -0,0 +1,72 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: SignUpSecurityKeyHookResult
+sidebar_label: SignUpSecurityKeyHookResult
+description: No description provided.
+displayed_sidebar: referenceSidebar
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useSignUpEmailSecurityKey.ts#L16
+---
+
+# `SignUpSecurityKeyHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> `null` | `ErrorPayload`
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isLoading</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` when the action is executing, `false` when it finished its execution.
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> `boolean`
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> `null` | `User`
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> `null` | `string`
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">needsEmailVerification</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an email is required to complete the action, and that a verification email has been sent to complete the action.
+
+---
+
+**<span className="parameter-name">signUpEmailSecurityKey</span>** <span className="optional-status">required</span> `SignUpSecurityKeyHandler`
+
+Used for a new user to sign up with a security key. Returns a promise with the current context
+
+---

docs/docs/reference/docgen/react/content/use-add-security-key.mdx

@@ -0,0 +1,22 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: useAddSecurityKey()
+sidebar_label: useAddSecurityKey()
+slug: /reference/react/use-add-security-key
+description: Use the hook `useAddSecurityKey` to add a WebAuthn security key.
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useAddSecurityKey.ts#L45
+---
+
+# `useAddSecurityKey()`
+
+Use the hook `useAddSecurityKey` to add a WebAuthn security key.
+
+```tsx
+const { add, isLoading, isSuccess, isError, error } = useAddSecurityKey()
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await add('key nickname')
+}
+```

docs/docs/reference/docgen/react/content/use-sign-in-email-security-key.mdx

@@ -0,0 +1,31 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: useSignInEmailSecurityKey()
+sidebar_label: useSignInEmailSecurityKey()
+slug: /reference/react/use-sign-in-email-security-key
+description: Use the hook `useSignInEmailSecurityKey` to sign in a user using their email and a security key using the WebAuthn API.
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useSignInEmailSecurityKey.ts#L41
+---
+
+# `useSignInEmailSecurityKey()`
+
+Use the hook `useSignInEmailSecurityKey` to sign in a user using their email and a security key using the WebAuthn API.
+
+```tsx
+const {
+  signInEmailSecurityKey,
+  needsEmailVerification,
+  isLoading,
+  isSuccess,
+  isError,
+  error
+} = useSignInEmailSecurityKey()
+
+console.log({ needsEmailVerification, isLoading, isSuccess, isError, error })
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await signInEmailSecurityKey('joe@example.com')
+}
+```

docs/docs/reference/docgen/react/content/use-sign-up-email-security-key-email.mdx

@@ -0,0 +1,39 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: useSignUpEmailSecurityKeyEmail()
+sidebar_label: useSignUpEmailSecurityKeyEmail()
+slug: /reference/react/use-sign-up-email-security-key-email
+description: Use the hook `useSignUpEmailSecurityKey` to sign up a user with security key and an email using the WebAuthn API.
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useSignUpEmailSecurityKey.ts#L43
+---
+
+# `useSignUpEmailSecurityKeyEmail()`
+
+Use the hook `useSignUpEmailSecurityKey` to sign up a user with security key and an email using the WebAuthn API.
+
+```tsx
+const {
+  signUpEmailSecurityKey,
+  needsEmailVerification,
+  isLoading,
+  isSuccess,
+  isError,
+  error
+} = useSignUpEmailSecurityKey()
+
+console.log({ needsEmailVerification, isLoading, isSuccess, isError, error })
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await signUpEmailSecurityKey('joe@example.com')
+}
+```
+
+## Parameters
+
+---
+
+**<span className="parameter-name">options</span>** <span className="optional-status">optional</span> `SignUpSecurityKeyOptions`
+
+---

docs/docs/reference/docgen/react/types/add-securit-key-hook-result.mdx

@@ -0,0 +1,44 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: AddSecuritKeyHookResult
+sidebar_label: AddSecuritKeyHookResult
+description: No description provided.
+displayed_sidebar: referenceSidebar
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useAddSecurityKey.ts#L20
+---
+
+# `AddSecuritKeyHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> `null` | `ErrorPayload`
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> `boolean`
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">add</span>** <span className="optional-status">required</span> `AddSecurityKeyHandler`
+
+Add a security key to the current user with the WebAuthn API
+
+---

docs/docs/reference/docgen/react/types/sign-in-security-key-passwordless-hook-result.mdx

@@ -0,0 +1,70 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: SignInSecurityKeyPasswordlessHookResult
+sidebar_label: SignInSecurityKeyPasswordlessHookResult
+description: No description provided.
+displayed_sidebar: referenceSidebar
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useSignInEmailSecurityKey.ts#L14
+---
+
+# `SignInSecurityKeyPasswordlessHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> `null` | `ErrorPayload`
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isLoading</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` when the action is executing, `false` when it finished its execution.
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> `boolean`
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> `null` | `User`
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> `null` | `string`
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">needsEmailVerification</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an email is required to complete the action, and that a verification email has been sent to complete the action.
+
+---
+
+**<span className="parameter-name">signInEmailSecurityKey</span>** <span className="optional-status">required</span> `SignInSecurityKeyPasswordlessHandler`
+
+---

docs/docs/reference/docgen/react/types/sign-up-security-key-hook-result.mdx

@@ -0,0 +1,72 @@
+---
+# ⚠️ AUTO-GENERATED CONTENT. DO NOT EDIT THIS FILE DIRECTLY! ⚠️
+title: SignUpSecurityKeyHookResult
+sidebar_label: SignUpSecurityKeyHookResult
+description: No description provided.
+displayed_sidebar: referenceSidebar
+custom_edit_url: https://github.com/nhost/nhost/edit/main/packages/react/src/useSignUpEmailSecurityKey.ts#L16
+---
+
+# `SignUpSecurityKeyHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> `null` | `ErrorPayload`
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isLoading</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` when the action is executing, `false` when it finished its execution.
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> `boolean`
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> `null` | `User`
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> `null` | `string`
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">needsEmailVerification</span>** <span className="optional-status">required</span> `boolean`
+
+**`@returns`**
+
+`true` if an email is required to complete the action, and that a verification email has been sent to complete the action.
+
+---
+
+**<span className="parameter-name">signUpEmailSecurityKey</span>** <span className="optional-status">required</span> `SignUpSecurityKeyHandler`
+
+Used for a new user to sign up with a security key. Returns a promise with the current context
+
+---

examples/codegen-react-apollo/nhost/config.yaml

@@ -5,7 +5,7 @@ services:
     environment:
       hasura_graphql_enable_remote_schema_permissions: false
   auth:
-    image: nhost/hasura-auth:0.10.0
+    image: nhost/hasura-auth:0.13.0
   storage:
     image: nhost/hasura-storage:0.2.4
 auth:

examples/codegen-react-query/nhost/config.yaml

@@ -5,7 +5,7 @@ services:
     environment:
       hasura_graphql_enable_remote_schema_permissions: false
   auth:
-    image: nhost/hasura-auth:0.10.0
+    image: nhost/hasura-auth:0.13.0
   storage:
     image: nhost/hasura-storage:0.2.4
 auth:

examples/docker-compose/functions/package.json

@@ -0,0 +1,9 @@
+{
+  "name": "functions",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "keywords": [],
+  "author": "",
+  "license": "ISC"
+}

examples/docker-compose/functions/tsconfig.json

@@ -0,0 +1,11 @@
+{
+  "compilerOptions": {
+    "allowJs": true,
+    "skipLibCheck": true,
+    "noEmit": true,
+    "esModuleInterop": true,
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "strictNullChecks": false
+  }
+}

examples/multi-tenant-one-to-many/nhost/config.yaml

@@ -5,7 +5,7 @@ services:
     environment:
       hasura_graphql_enable_remote_schema_permissions: false
   auth:
-    image: nhost/hasura-auth:0.10.0
+    image: nhost/hasura-auth:0.13.0
   storage:
     image: nhost/hasura-storage:0.2.4
 auth:

examples/nextjs/nhost/config.yaml

@@ -5,7 +5,7 @@ services:
     environment:
       hasura_graphql_enable_remote_schema_permissions: false
   auth:
-    image: nhost/hasura-auth:0.10.0
+    image: nhost/hasura-auth:0.13.0
   storage:
     image: nhost/hasura-storage:0.2.4
 auth:

examples/react-apollo-crm/nhost/config.yaml

@@ -5,7 +5,7 @@ services:
     environment:
       hasura_graphql_enable_remote_schema_permissions: false
   auth:
-    image: nhost/hasura-auth:0.10.0
+    image: nhost/hasura-auth:0.13.0
   storage:
     image: nhost/hasura-storage:0.2.4
 auth:

examples/react-apollo/CHANGELOG.md

@@ -0,0 +1,34 @@
+# @nhost-examples/react-apollo
+
+## 0.1.0
+
+### Minor Changes
+
+- 739a3c45: Sign up with an email and a security key.
+
+  Use the hook `useSignUpEmailSecurityKey` to sign up a user with security key and an email using the WebAuthn API.
+
+  ```tsx
+  const {
+    signUpEmailSecurityKey,
+    needsEmailVerification,
+    isLoading,
+    isSuccess,
+    isError,
+    error
+  } = useSignUpEmailSecurityKey()
+
+  console.log({ needsEmailVerification, isLoading, isSuccess, isError, error })
+
+  const handleFormSubmit = async (e) => {
+    e.preventDefault()
+    await signUpEmailSecurityKey('joe@example.com')
+  }
+  ```
+
+### Patch Changes
+
+- Updated dependencies [739a3c45]
+- Updated dependencies [74758f2c]
+  - @nhost/react@0.13.0
+  - @nhost/react-apollo@5.0.0

examples/react-apollo/README.md

@@ -37,3 +37,4 @@ nhost dev
 ```sh
 pnpm run dev
 ```
+

examples/react-apollo/cypress/e2e/2-sign-up/anonymous.cy.ts

@@ -27,7 +27,7 @@ context('Anonymous users', () => {
       })
   })
 
-  it('should deanonymise with passwordless email', () => {
+  it('should deanonymise with a magic link', () => {
     cy.fetchUserData()
       .its('id')
       .then((id) => {

examples/react-apollo/cypress/e2e/2-sign-up/email-passwordless.cy.ts

@@ -1,7 +1,7 @@
 import { faker } from '@faker-js/faker'
 
-context('Sign up with passwordless email', () => {
-  it('should sign-up with passwordless email', () => {
+context('Sign up with a magic link', () => {
+  it('should sign-up with a magic link', () => {
     const email = faker.internet.email()
     cy.signUpEmailPasswordless(email)
     cy.contains('Verification email sent').should('be.visible')

examples/react-apollo/cypress/e2e/3-sign-in/email-password.cy.ts

@@ -11,7 +11,7 @@ context('Sign in with email+password', () => {
     cy.contains('Verification email sent').should('be.visible')
     cy.confirmEmail(email)
     cy.signOut()
-    cy.contains('Log in to the Application').should('be.visible')
+    cy.contains('Sign in to the Application').should('be.visible')
     cy.signInEmailPassword(email, password)
 
     cy.contains('You are authenticated')

examples/react-apollo/cypress/e2e/3-sign-in/token.cy.ts

@@ -4,7 +4,7 @@ context('Sign in with a refresh token', () => {
     cy.contains('Profile page')
     cy.clearLocalStorage()
     cy.reload()
-    cy.contains('Log in to the Application')
+    cy.contains('Sign in to the Application')
     cy.visitPathWithRefreshToken('/profile')
     cy.contains('Profile page')
   })
@@ -15,7 +15,7 @@ context('Sign in with a refresh token', () => {
     cy.disconnectBackend()
     cy.clearLocalStorage()
     cy.reload()
-    cy.contains('Log in to the Application')
+    cy.contains('Sign in to the Application')
     cy.visitPathWithRefreshToken('/profile')
     cy.location('pathname').should('equal', '/sign-in')
   })

examples/react-apollo/cypress/e2e/4-authenticated/sign-out.cy.ts

@@ -8,6 +8,6 @@ context('Sign out', () => {
     cy.goToProfilePage()
     cy.contains('Profile page')
     cy.signOut()
-    cy.contains('Log in to the Application')
+    cy.contains('Sign in to the Application')
   })
 })

examples/react-apollo/cypress/support/e2e.ts

@@ -52,7 +52,7 @@ Cypress.Commands.add('signUpEmailPassword', (email, password) => {
 
 Cypress.Commands.add('signUpEmailPasswordless', (email) => {
   cy.visit('/sign-up')
-  cy.findByRole('button', { name: /Continue with passwordless email/i }).click()
+  cy.findByRole('button', { name: /Continue with a magic link/i }).click()
   cy.findByPlaceholderText('Email Address').type(email)
   cy.findByRole('button', { name: /Continue with email/i }).click()
 })

examples/react-apollo/graphql.config.yaml

@@ -10,6 +10,12 @@ generates:
       namingConvention:
         typeNames: change-case-all#pascalCase
         transformUnderscore: true
+      scalars:
+        uuid: string
+        bigint: number
+        citext: string
+        timestamptz: string
+
     plugins:
       - typescript
       - typescript-operations

examples/react-apollo/nhost/config.yaml

@@ -5,7 +5,7 @@ services:
     environment:
       hasura_graphql_enable_remote_schema_permissions: false
   auth:
-    image: nhost/hasura-auth:0.10.0
+    image: nhost/hasura-auth:0.13.0
   storage:
     image: nhost/hasura-storage:0.2.4
 auth:
@@ -127,6 +127,9 @@ auth:
   mfa:
     enabled: true
     issuer: nhost
+  webauthn:
+    enabled: true
+    rp_name: Nhost React Apollo Example
 storage:
   force_download_for_content_types: text/html,application/javascript
 version: 3

examples/react-apollo/nhost/metadata/databases/default/tables/auth_user_authenticators.yaml

@@ -1,30 +0,0 @@
-table:
-  name: user_authenticators
-  schema: auth
-configuration:
-  column_config:
-    credential_id:
-      custom_name: credentialId
-    credential_public_key:
-      custom_name: credentialPublicKey
-    user_id:
-      custom_name: userId
-  custom_column_names:
-    credential_id: credentialId
-    credential_public_key: credentialPublicKey
-    user_id: userId
-  custom_name: authUserAuthenticators
-  custom_root_fields:
-    delete: deleteAuthUserAuthenticators
-    delete_by_pk: deleteAuthUserAuthenticator
-    insert: insertAuthUserAuthenticators
-    insert_one: insertAuthUserAuthenticator
-    select: authUserAuthenticators
-    select_aggregate: authUserAuthenticatorsAggregate
-    select_by_pk: authUserAuthenticator
-    update: updateAuthUserAuthenticators
-    update_by_pk: updateAuthUserAuthenticator
-object_relationships:
-  - name: user
-    using:
-      foreign_key_constraint_on: user_id

examples/react-apollo/nhost/metadata/databases/default/tables/auth_user_security_keys.yaml

@@ -0,0 +1,47 @@
+table:
+  name: user_security_keys
+  schema: auth
+configuration:
+  column_config:
+    credential_id:
+      custom_name: credentialId
+    credential_public_key:
+      custom_name: credentialPublicKey
+    user_id:
+      custom_name: userId
+  custom_column_names:
+    credential_id: credentialId
+    credential_public_key: credentialPublicKey
+    user_id: userId
+  custom_name: authUserSecurityKeys
+  custom_root_fields:
+    delete: deleteAuthUserSecurityKeys
+    delete_by_pk: deleteAuthUserSecurityKey
+    insert: insertAuthUserSecurityKeys
+    insert_one: insertAuthUserSecurityKey
+    select: authUserSecurityKeys
+    select_aggregate: authUserSecurityKeysAggregate
+    select_by_pk: authUserSecurityKey
+    update: updateAuthUserSecurityKeys
+    update_by_pk: updateAuthUserSecurityKey
+object_relationships:
+  - name: user
+    using:
+      foreign_key_constraint_on: user_id
+select_permissions:
+  - role: user
+    permission:
+      columns:
+        - id
+        - nickname
+        - user_id
+      filter:
+        user_id:
+          _eq: X-Hasura-User-Id
+delete_permissions:
+  - role: user
+    permission:
+      backend_only: false
+      filter:
+        user_id:
+          _eq: X-Hasura-User-Id

examples/react-apollo/nhost/metadata/databases/default/tables/auth_users.yaml

@@ -77,13 +77,6 @@ object_relationships:
     using:
       foreign_key_constraint_on: default_role
 array_relationships:
-  - name: authenticators
-    using:
-      foreign_key_constraint_on:
-        column: user_id
-        table:
-          name: user_authenticators
-          schema: auth
   - name: refreshTokens
     using:
       foreign_key_constraint_on:
@@ -98,6 +91,13 @@ array_relationships:
         table:
           name: user_roles
           schema: auth
+  - name: securityKeys
+    using:
+      foreign_key_constraint_on:
+        column: user_id
+        table:
+          name: user_security_keys
+          schema: auth
   - name: userProviders
     using:
       foreign_key_constraint_on:
@@ -105,3 +105,29 @@ array_relationships:
         table:
           name: user_providers
           schema: auth
+select_permissions:
+  - role: user
+    permission:
+      columns:
+        - active_mfa_type
+        - avatar_url
+        - created_at
+        - default_role
+        - disabled
+        - display_name
+        - email
+        - email_verified
+        - id
+        - is_anonymous
+        - last_seen
+        - locale
+        - metadata
+        - otp_hash
+        - otp_method_last_used
+        - phone_number
+        - phone_number_verified
+        - updated_at
+        - webauthn_current_challenge
+      filter:
+        id:
+          _eq: X-Hasura-User-Id

examples/react-apollo/nhost/metadata/databases/default/tables/tables.yaml

@@ -2,9 +2,9 @@
 - "!include auth_providers.yaml"
 - "!include auth_refresh_tokens.yaml"
 - "!include auth_roles.yaml"
-- "!include auth_user_authenticators.yaml"
 - "!include auth_user_providers.yaml"
 - "!include auth_user_roles.yaml"
+- "!include auth_user_security_keys.yaml"
 - "!include auth_users.yaml"
 - "!include public_todos.yaml"
 - "!include storage_buckets.yaml"

examples/react-apollo/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/react-apollo",
-  "version": "0.0.1",
+  "version": "0.1.0",
   "private": true,
   "dependencies": {
     "@apollo/client": "^3.6.9",

examples/react-apollo/src/components/SignInPasswordlessForm.tsx

@@ -0,0 +1,72 @@
+import { FormEvent, useState } from 'react'
+
+import { Button, Modal, SimpleGrid, TextInput } from '@mantine/core'
+import { showNotification } from '@mantine/notifications'
+import { useSignInEmailPasswordless } from '@nhost/react'
+
+export const SignUpPasswordlessForm: React.FC = () => {
+  const { signInEmailPasswordless } = useSignInEmailPasswordless({ redirectTo: '/profile' })
+
+  const [emailVerificationToggle, setEmailVerificationToggle] = useState(false)
+  const [emailNeedsVerificationToggle, setEmailNeedsVerificationToggle] = useState(false)
+
+  const [email, setEmail] = useState('')
+
+  const signInEmail = async (e: FormEvent<HTMLFormElement>) => {
+    e.preventDefault()
+    const result = await signInEmailPasswordless(email)
+    if (result.isError) {
+      showNotification({
+        color: 'red',
+        title: 'Error',
+        message: result.error?.message || null
+      })
+    } else {
+      setEmailVerificationToggle(true)
+    }
+  }
+  return (
+    <SimpleGrid cols={1} spacing={6}>
+      <Modal
+        title="Verification email sent"
+        centered
+        opened={emailVerificationToggle}
+        onClose={() => {
+          setEmailVerificationToggle(false)
+        }}
+      >
+        A verification email has been sent. Please check your inbox and follow the link to complete
+        authentication. This page will automatically redirect you to the authenticated home page
+        once the email has been verified.
+      </Modal>
+      <Modal
+        title="Awaiting email verification"
+        transition="fade"
+        centered
+        transitionDuration={600}
+        opened={emailNeedsVerificationToggle}
+        onClose={() => {
+          setEmailNeedsVerificationToggle(false)
+        }}
+      >
+        You need to verify your email first. Please check your mailbox and follow the confirmation
+        link to complete the registration.
+      </Modal>
+      <form onSubmit={signInEmail}>
+        <TextInput
+          type="email"
+          placeholder="Email Address"
+          value={email}
+          onChange={(e) => setEmail(e.target.value)}
+          autoFocus
+          style={{ marginBottom: '0.5em' }}
+        />
+        <Button fullWidth type="submit">
+          Send a magic link
+        </Button>
+      </form>
+    </SimpleGrid>
+  )
+}
+
+export default SignUpPasswordlessForm

examples/react-apollo/src/generated.ts

@@ -10,8 +10,36 @@ export type Scalars = {
   Boolean: boolean;
   Int: number;
   Float: number;
-  timestamptz: any;
-  uuid: any;
+  citext: string;
+  jsonb: any;
+  timestamptz: string;
+  uuid: string;
+};
+
+/** Boolean expression to compare columns of type "Boolean". All fields are combined with logical 'AND'. */
+export type BooleanComparisonExp = {
+  _eq?: InputMaybe<Scalars['Boolean']>;
+  _gt?: InputMaybe<Scalars['Boolean']>;
+  _gte?: InputMaybe<Scalars['Boolean']>;
+  _in?: InputMaybe<Array<Scalars['Boolean']>>;
+  _is_null?: InputMaybe<Scalars['Boolean']>;
+  _lt?: InputMaybe<Scalars['Boolean']>;
+  _lte?: InputMaybe<Scalars['Boolean']>;
+  _neq?: InputMaybe<Scalars['Boolean']>;
+  _nin?: InputMaybe<Array<Scalars['Boolean']>>;
+};
+
+/** Boolean expression to compare columns of type "Int". All fields are combined with logical 'AND'. */
+export type IntComparisonExp = {
+  _eq?: InputMaybe<Scalars['Int']>;
+  _gt?: InputMaybe<Scalars['Int']>;
+  _gte?: InputMaybe<Scalars['Int']>;
+  _in?: InputMaybe<Array<Scalars['Int']>>;
+  _is_null?: InputMaybe<Scalars['Boolean']>;
+  _lt?: InputMaybe<Scalars['Int']>;
+  _lte?: InputMaybe<Scalars['Int']>;
+  _neq?: InputMaybe<Scalars['Int']>;
+  _nin?: InputMaybe<Array<Scalars['Int']>>;
 };
 
 /** Boolean expression to compare columns of type "String". All fields are combined with logical 'AND'. */
@@ -47,21 +75,357 @@ export type StringComparisonExp = {
   _similar?: InputMaybe<Scalars['String']>;
 };
 
+/** User webauthn security keys. Don't modify its structure as Hasura Auth relies on it to function properly. */
+export type AuthUserSecurityKeys = {
+  __typename?: 'authUserSecurityKeys';
+  id: Scalars['uuid'];
+  nickname?: Maybe<Scalars['String']>;
+  /** An object relationship */
+  user: Users;
+  userId: Scalars['uuid'];
+};
+
+/** order by aggregate values of table "auth.user_security_keys" */
+export type AuthUserSecurityKeysAggregateOrderBy = {
+  count?: InputMaybe<OrderBy>;
+  max?: InputMaybe<AuthUserSecurityKeysMaxOrderBy>;
+  min?: InputMaybe<AuthUserSecurityKeysMinOrderBy>;
+};
+
+/** Boolean expression to filter rows from the table "auth.user_security_keys". All fields are combined with a logical 'AND'. */
+export type AuthUserSecurityKeysBoolExp = {
+  _and?: InputMaybe<Array<AuthUserSecurityKeysBoolExp>>;
+  _not?: InputMaybe<AuthUserSecurityKeysBoolExp>;
+  _or?: InputMaybe<Array<AuthUserSecurityKeysBoolExp>>;
+  id?: InputMaybe<UuidComparisonExp>;
+  nickname?: InputMaybe<StringComparisonExp>;
+  user?: InputMaybe<UsersBoolExp>;
+  userId?: InputMaybe<UuidComparisonExp>;
+};
+
+/** order by max() on columns of table "auth.user_security_keys" */
+export type AuthUserSecurityKeysMaxOrderBy = {
+  id?: InputMaybe<OrderBy>;
+  nickname?: InputMaybe<OrderBy>;
+  userId?: InputMaybe<OrderBy>;
+};
+
+/** order by min() on columns of table "auth.user_security_keys" */
+export type AuthUserSecurityKeysMinOrderBy = {
+  id?: InputMaybe<OrderBy>;
+  nickname?: InputMaybe<OrderBy>;
+  userId?: InputMaybe<OrderBy>;
+};
+
+/** response of any mutation on the table "auth.user_security_keys" */
+export type AuthUserSecurityKeysMutationResponse = {
+  __typename?: 'authUserSecurityKeys_mutation_response';
+  /** number of rows affected by the mutation */
+  affected_rows: Scalars['Int'];
+  /** data from the rows affected by the mutation */
+  returning: Array<AuthUserSecurityKeys>;
+};
+
+/** Ordering options when selecting data from "auth.user_security_keys". */
+export type AuthUserSecurityKeysOrderBy = {
+  id?: InputMaybe<OrderBy>;
+  nickname?: InputMaybe<OrderBy>;
+  user?: InputMaybe<UsersOrderBy>;
+  userId?: InputMaybe<OrderBy>;
+};
+
+/** select columns of table "auth.user_security_keys" */
+export enum AuthUserSecurityKeysSelectColumn {
+  /** column name */
+  Id = 'id',
+  /** column name */
+  Nickname = 'nickname',
+  /** column name */
+  UserId = 'userId'
+}
+
+/** Boolean expression to compare columns of type "citext". All fields are combined with logical 'AND'. */
+export type CitextComparisonExp = {
+  _eq?: InputMaybe<Scalars['citext']>;
+  _gt?: InputMaybe<Scalars['citext']>;
+  _gte?: InputMaybe<Scalars['citext']>;
+  /** does the column match the given case-insensitive pattern */
+  _ilike?: InputMaybe<Scalars['citext']>;
+  _in?: InputMaybe<Array<Scalars['citext']>>;
+  /** does the column match the given POSIX regular expression, case insensitive */
+  _iregex?: InputMaybe<Scalars['citext']>;
+  _is_null?: InputMaybe<Scalars['Boolean']>;
+  /** does the column match the given pattern */
+  _like?: InputMaybe<Scalars['citext']>;
+  _lt?: InputMaybe<Scalars['citext']>;
+  _lte?: InputMaybe<Scalars['citext']>;
+  _neq?: InputMaybe<Scalars['citext']>;
+  /** does the column NOT match the given case-insensitive pattern */
+  _nilike?: InputMaybe<Scalars['citext']>;
+  _nin?: InputMaybe<Array<Scalars['citext']>>;
+  /** does the column NOT match the given POSIX regular expression, case insensitive */
+  _niregex?: InputMaybe<Scalars['citext']>;
+  /** does the column NOT match the given pattern */
+  _nlike?: InputMaybe<Scalars['citext']>;
+  /** does the column NOT match the given POSIX regular expression, case sensitive */
+  _nregex?: InputMaybe<Scalars['citext']>;
+  /** does the column NOT match the given SQL regular expression */
+  _nsimilar?: InputMaybe<Scalars['citext']>;
+  /** does the column match the given POSIX regular expression, case sensitive */
+  _regex?: InputMaybe<Scalars['citext']>;
+  /** does the column match the given SQL regular expression */
+  _similar?: InputMaybe<Scalars['citext']>;
+};
+
+/** columns and relationships of "storage.files" */
+export type Files = {
+  __typename?: 'files';
+  bucketId: Scalars['String'];
+  createdAt: Scalars['timestamptz'];
+  etag?: Maybe<Scalars['String']>;
+  id: Scalars['uuid'];
+  isUploaded?: Maybe<Scalars['Boolean']>;
+  mimeType?: Maybe<Scalars['String']>;
+  name?: Maybe<Scalars['String']>;
+  size?: Maybe<Scalars['Int']>;
+  updatedAt: Scalars['timestamptz'];
+  uploadedByUserId?: Maybe<Scalars['uuid']>;
+};
+
+/** Boolean expression to filter rows from the table "storage.files". All fields are combined with a logical 'AND'. */
+export type FilesBoolExp = {
+  _and?: InputMaybe<Array<FilesBoolExp>>;
+  _not?: InputMaybe<FilesBoolExp>;
+  _or?: InputMaybe<Array<FilesBoolExp>>;
+  bucketId?: InputMaybe<StringComparisonExp>;
+  createdAt?: InputMaybe<TimestamptzComparisonExp>;
+  etag?: InputMaybe<StringComparisonExp>;
+  id?: InputMaybe<UuidComparisonExp>;
+  isUploaded?: InputMaybe<BooleanComparisonExp>;
+  mimeType?: InputMaybe<StringComparisonExp>;
+  name?: InputMaybe<StringComparisonExp>;
+  size?: InputMaybe<IntComparisonExp>;
+  updatedAt?: InputMaybe<TimestamptzComparisonExp>;
+  uploadedByUserId?: InputMaybe<UuidComparisonExp>;
+};
+
+/** unique or primary key constraints on table "storage.files" */
+export enum FilesConstraint {
+  /** unique or primary key constraint on columns "id" */
+  FilesPkey = 'files_pkey'
+}
+
+/** input type for incrementing numeric columns in table "storage.files" */
+export type FilesIncInput = {
+  size?: InputMaybe<Scalars['Int']>;
+};
+
+/** input type for inserting data into table "storage.files" */
+export type FilesInsertInput = {
+  bucketId?: InputMaybe<Scalars['String']>;
+  createdAt?: InputMaybe<Scalars['timestamptz']>;
+  etag?: InputMaybe<Scalars['String']>;
+  id?: InputMaybe<Scalars['uuid']>;
+  isUploaded?: InputMaybe<Scalars['Boolean']>;
+  mimeType?: InputMaybe<Scalars['String']>;
+  name?: InputMaybe<Scalars['String']>;
+  size?: InputMaybe<Scalars['Int']>;
+  updatedAt?: InputMaybe<Scalars['timestamptz']>;
+  uploadedByUserId?: InputMaybe<Scalars['uuid']>;
+};
+
+/** response of any mutation on the table "storage.files" */
+export type FilesMutationResponse = {
+  __typename?: 'files_mutation_response';
+  /** number of rows affected by the mutation */
+  affected_rows: Scalars['Int'];
+  /** data from the rows affected by the mutation */
+  returning: Array<Files>;
+};
+
+/** on_conflict condition type for table "storage.files" */
+export type FilesOnConflict = {
+  constraint: FilesConstraint;
+  update_columns?: Array<FilesUpdateColumn>;
+  where?: InputMaybe<FilesBoolExp>;
+};
+
+/** Ordering options when selecting data from "storage.files". */
+export type FilesOrderBy = {
+  bucketId?: InputMaybe<OrderBy>;
+  createdAt?: InputMaybe<OrderBy>;
+  etag?: InputMaybe<OrderBy>;
+  id?: InputMaybe<OrderBy>;
+  isUploaded?: InputMaybe<OrderBy>;
+  mimeType?: InputMaybe<OrderBy>;
+  name?: InputMaybe<OrderBy>;
+  size?: InputMaybe<OrderBy>;
+  updatedAt?: InputMaybe<OrderBy>;
+  uploadedByUserId?: InputMaybe<OrderBy>;
+};
+
+/** primary key columns input for table: files */
+export type FilesPkColumnsInput = {
+  id: Scalars['uuid'];
+};
+
+/** select columns of table "storage.files" */
+export enum FilesSelectColumn {
+  /** column name */
+  BucketId = 'bucketId',
+  /** column name */
+  CreatedAt = 'createdAt',
+  /** column name */
+  Etag = 'etag',
+  /** column name */
+  Id = 'id',
+  /** column name */
+  IsUploaded = 'isUploaded',
+  /** column name */
+  MimeType = 'mimeType',
+  /** column name */
+  Name = 'name',
+  /** column name */
+  Size = 'size',
+  /** column name */
+  UpdatedAt = 'updatedAt',
+  /** column name */
+  UploadedByUserId = 'uploadedByUserId'
+}
+
+/** input type for updating data in table "storage.files" */
+export type FilesSetInput = {
+  bucketId?: InputMaybe<Scalars['String']>;
+  createdAt?: InputMaybe<Scalars['timestamptz']>;
+  etag?: InputMaybe<Scalars['String']>;
+  id?: InputMaybe<Scalars['uuid']>;
+  isUploaded?: InputMaybe<Scalars['Boolean']>;
+  mimeType?: InputMaybe<Scalars['String']>;
+  name?: InputMaybe<Scalars['String']>;
+  size?: InputMaybe<Scalars['Int']>;
+  updatedAt?: InputMaybe<Scalars['timestamptz']>;
+  uploadedByUserId?: InputMaybe<Scalars['uuid']>;
+};
+
+/** update columns of table "storage.files" */
+export enum FilesUpdateColumn {
+  /** column name */
+  BucketId = 'bucketId',
+  /** column name */
+  CreatedAt = 'createdAt',
+  /** column name */
+  Etag = 'etag',
+  /** column name */
+  Id = 'id',
+  /** column name */
+  IsUploaded = 'isUploaded',
+  /** column name */
+  MimeType = 'mimeType',
+  /** column name */
+  Name = 'name',
+  /** column name */
+  Size = 'size',
+  /** column name */
+  UpdatedAt = 'updatedAt',
+  /** column name */
+  UploadedByUserId = 'uploadedByUserId'
+}
+
+export type FilesUpdates = {
+  /** increments the numeric columns with given value of the filtered values */
+  _inc?: InputMaybe<FilesIncInput>;
+  /** sets the columns of the filtered rows to the given values */
+  _set?: InputMaybe<FilesSetInput>;
+  where: FilesBoolExp;
+};
+
+export type JsonbCastExp = {
+  String?: InputMaybe<StringComparisonExp>;
+};
+
+/** Boolean expression to compare columns of type "jsonb". All fields are combined with logical 'AND'. */
+export type JsonbComparisonExp = {
+  _cast?: InputMaybe<JsonbCastExp>;
+  /** is the column contained in the given json value */
+  _contained_in?: InputMaybe<Scalars['jsonb']>;
+  /** does the column contain the given json value at the top level */
+  _contains?: InputMaybe<Scalars['jsonb']>;
+  _eq?: InputMaybe<Scalars['jsonb']>;
+  _gt?: InputMaybe<Scalars['jsonb']>;
+  _gte?: InputMaybe<Scalars['jsonb']>;
+  /** does the string exist as a top-level key in the column */
+  _has_key?: InputMaybe<Scalars['String']>;
+  /** do all of these strings exist as top-level keys in the column */
+  _has_keys_all?: InputMaybe<Array<Scalars['String']>>;
+  /** do any of these strings exist as top-level keys in the column */
+  _has_keys_any?: InputMaybe<Array<Scalars['String']>>;
+  _in?: InputMaybe<Array<Scalars['jsonb']>>;
+  _is_null?: InputMaybe<Scalars['Boolean']>;
+  _lt?: InputMaybe<Scalars['jsonb']>;
+  _lte?: InputMaybe<Scalars['jsonb']>;
+  _neq?: InputMaybe<Scalars['jsonb']>;
+  _nin?: InputMaybe<Array<Scalars['jsonb']>>;
+};
+
 /** mutation root */
 export type MutationRoot = {
   __typename?: 'mutation_root';
+  /** delete single row from the table: "auth.user_security_keys" */
+  deleteAuthUserSecurityKey?: Maybe<AuthUserSecurityKeys>;
+  /** delete data from the table: "auth.user_security_keys" */
+  deleteAuthUserSecurityKeys?: Maybe<AuthUserSecurityKeysMutationResponse>;
+  /** delete single row from the table: "storage.files" */
+  deleteFile?: Maybe<Files>;
+  /** delete data from the table: "storage.files" */
+  deleteFiles?: Maybe<FilesMutationResponse>;
   /** delete single row from the table: "todos" */
   deleteTodo?: Maybe<Todos>;
   /** delete data from the table: "todos" */
   deleteTodos?: Maybe<TodosMutationResponse>;
+  /** insert a single row into the table: "storage.files" */
+  insertFile?: Maybe<Files>;
+  /** insert data into the table: "storage.files" */
+  insertFiles?: Maybe<FilesMutationResponse>;
   /** insert a single row into the table: "todos" */
   insertTodo?: Maybe<Todos>;
   /** insert data into the table: "todos" */
   insertTodos?: Maybe<TodosMutationResponse>;
+  /** update single row of the table: "storage.files" */
+  updateFile?: Maybe<Files>;
+  /** update data of the table: "storage.files" */
+  updateFiles?: Maybe<FilesMutationResponse>;
   /** update single row of the table: "todos" */
   updateTodo?: Maybe<Todos>;
   /** update data of the table: "todos" */
   updateTodos?: Maybe<TodosMutationResponse>;
+  /** update multiples rows of table: "storage.files" */
+  update_files_many?: Maybe<Array<Maybe<FilesMutationResponse>>>;
+  /** update multiples rows of table: "todos" */
+  update_todos_many?: Maybe<Array<Maybe<TodosMutationResponse>>>;
+};
+
+
+/** mutation root */
+export type MutationRootDeleteAuthUserSecurityKeyArgs = {
+  id: Scalars['uuid'];
+};
+
+
+/** mutation root */
+export type MutationRootDeleteAuthUserSecurityKeysArgs = {
+  where: AuthUserSecurityKeysBoolExp;
+};
+
+
+/** mutation root */
+export type MutationRootDeleteFileArgs = {
+  id: Scalars['uuid'];
+};
+
+
+/** mutation root */
+export type MutationRootDeleteFilesArgs = {
+  where: FilesBoolExp;
 };
 
 
@@ -77,6 +441,20 @@ export type MutationRootDeleteTodosArgs = {
 };
 
 
+/** mutation root */
+export type MutationRootInsertFileArgs = {
+  object: FilesInsertInput;
+  on_conflict?: InputMaybe<FilesOnConflict>;
+};
+
+
+/** mutation root */
+export type MutationRootInsertFilesArgs = {
+  objects: Array<FilesInsertInput>;
+  on_conflict?: InputMaybe<FilesOnConflict>;
+};
+
+
 /** mutation root */
 export type MutationRootInsertTodoArgs = {
   object: TodosInsertInput;
@@ -91,6 +469,22 @@ export type MutationRootInsertTodosArgs = {
 };
 
 
+/** mutation root */
+export type MutationRootUpdateFileArgs = {
+  _inc?: InputMaybe<FilesIncInput>;
+  _set?: InputMaybe<FilesSetInput>;
+  pk_columns: FilesPkColumnsInput;
+};
+
+
+/** mutation root */
+export type MutationRootUpdateFilesArgs = {
+  _inc?: InputMaybe<FilesIncInput>;
+  _set?: InputMaybe<FilesSetInput>;
+  where: FilesBoolExp;
+};
+
+
 /** mutation root */
 export type MutationRootUpdateTodoArgs = {
   _set?: InputMaybe<TodosSetInput>;
@@ -104,6 +498,18 @@ export type MutationRootUpdateTodosArgs = {
   where: TodosBoolExp;
 };
 
+
+/** mutation root */
+export type MutationRootUpdateFilesManyArgs = {
+  updates: Array<FilesUpdates>;
+};
+
+
+/** mutation root */
+export type MutationRootUpdateTodosManyArgs = {
+  updates: Array<TodosUpdates>;
+};
+
 /** column ordering options */
 export enum OrderBy {
   /** in ascending order, nulls last */
@@ -122,12 +528,52 @@ export enum OrderBy {
 
 export type QueryRoot = {
   __typename?: 'query_root';
+  /** fetch data from the table: "auth.user_security_keys" using primary key columns */
+  authUserSecurityKey?: Maybe<AuthUserSecurityKeys>;
+  /** fetch data from the table: "auth.user_security_keys" */
+  authUserSecurityKeys: Array<AuthUserSecurityKeys>;
+  /** fetch data from the table: "storage.files" using primary key columns */
+  file?: Maybe<Files>;
+  /** fetch data from the table: "storage.files" */
+  files: Array<Files>;
   /** fetch data from the table: "todos" using primary key columns */
   todo?: Maybe<Todos>;
   /** fetch data from the table: "todos" */
   todos: Array<Todos>;
   /** fetch aggregated fields from the table: "todos" */
   todosAggregate: TodosAggregate;
+  /** fetch data from the table: "auth.users" using primary key columns */
+  user?: Maybe<Users>;
+  /** fetch data from the table: "auth.users" */
+  users: Array<Users>;
+};
+
+
+export type QueryRootAuthUserSecurityKeyArgs = {
+  id: Scalars['uuid'];
+};
+
+
+export type QueryRootAuthUserSecurityKeysArgs = {
+  distinct_on?: InputMaybe<Array<AuthUserSecurityKeysSelectColumn>>;
+  limit?: InputMaybe<Scalars['Int']>;
+  offset?: InputMaybe<Scalars['Int']>;
+  order_by?: InputMaybe<Array<AuthUserSecurityKeysOrderBy>>;
+  where?: InputMaybe<AuthUserSecurityKeysBoolExp>;
+};
+
+
+export type QueryRootFileArgs = {
+  id: Scalars['uuid'];
+};
+
+
+export type QueryRootFilesArgs = {
+  distinct_on?: InputMaybe<Array<FilesSelectColumn>>;
+  limit?: InputMaybe<Scalars['Int']>;
+  offset?: InputMaybe<Scalars['Int']>;
+  order_by?: InputMaybe<Array<FilesOrderBy>>;
+  where?: InputMaybe<FilesBoolExp>;
 };
 
 
@@ -153,14 +599,68 @@ export type QueryRootTodosAggregateArgs = {
   where?: InputMaybe<TodosBoolExp>;
 };
 
+
+export type QueryRootUserArgs = {
+  id: Scalars['uuid'];
+};
+
+
+export type QueryRootUsersArgs = {
+  distinct_on?: InputMaybe<Array<UsersSelectColumn>>;
+  limit?: InputMaybe<Scalars['Int']>;
+  offset?: InputMaybe<Scalars['Int']>;
+  order_by?: InputMaybe<Array<UsersOrderBy>>;
+  where?: InputMaybe<UsersBoolExp>;
+};
+
 export type SubscriptionRoot = {
   __typename?: 'subscription_root';
+  /** fetch data from the table: "auth.user_security_keys" using primary key columns */
+  authUserSecurityKey?: Maybe<AuthUserSecurityKeys>;
+  /** fetch data from the table: "auth.user_security_keys" */
+  authUserSecurityKeys: Array<AuthUserSecurityKeys>;
+  /** fetch data from the table: "storage.files" using primary key columns */
+  file?: Maybe<Files>;
+  /** fetch data from the table: "storage.files" */
+  files: Array<Files>;
   /** fetch data from the table: "todos" using primary key columns */
   todo?: Maybe<Todos>;
   /** fetch data from the table: "todos" */
   todos: Array<Todos>;
   /** fetch aggregated fields from the table: "todos" */
   todosAggregate: TodosAggregate;
+  /** fetch data from the table: "auth.users" using primary key columns */
+  user?: Maybe<Users>;
+  /** fetch data from the table: "auth.users" */
+  users: Array<Users>;
+};
+
+
+export type SubscriptionRootAuthUserSecurityKeyArgs = {
+  id: Scalars['uuid'];
+};
+
+
+export type SubscriptionRootAuthUserSecurityKeysArgs = {
+  distinct_on?: InputMaybe<Array<AuthUserSecurityKeysSelectColumn>>;
+  limit?: InputMaybe<Scalars['Int']>;
+  offset?: InputMaybe<Scalars['Int']>;
+  order_by?: InputMaybe<Array<AuthUserSecurityKeysOrderBy>>;
+  where?: InputMaybe<AuthUserSecurityKeysBoolExp>;
+};
+
+
+export type SubscriptionRootFileArgs = {
+  id: Scalars['uuid'];
+};
+
+
+export type SubscriptionRootFilesArgs = {
+  distinct_on?: InputMaybe<Array<FilesSelectColumn>>;
+  limit?: InputMaybe<Scalars['Int']>;
+  offset?: InputMaybe<Scalars['Int']>;
+  order_by?: InputMaybe<Array<FilesOrderBy>>;
+  where?: InputMaybe<FilesBoolExp>;
 };
 
 
@@ -186,6 +686,20 @@ export type SubscriptionRootTodosAggregateArgs = {
   where?: InputMaybe<TodosBoolExp>;
 };
 
+
+export type SubscriptionRootUserArgs = {
+  id: Scalars['uuid'];
+};
+
+
+export type SubscriptionRootUsersArgs = {
+  distinct_on?: InputMaybe<Array<UsersSelectColumn>>;
+  limit?: InputMaybe<Scalars['Int']>;
+  offset?: InputMaybe<Scalars['Int']>;
+  order_by?: InputMaybe<Array<UsersOrderBy>>;
+  where?: InputMaybe<UsersBoolExp>;
+};
+
 /** Boolean expression to compare columns of type "timestamptz". All fields are combined with logical 'AND'. */
 export type TimestamptzComparisonExp = {
   _eq?: InputMaybe<Scalars['timestamptz']>;
@@ -206,6 +720,8 @@ export type Todos = {
   createdAt: Scalars['timestamptz'];
   id: Scalars['uuid'];
   updatedAt: Scalars['timestamptz'];
+  /** An object relationship */
+  user: Users;
   userId: Scalars['uuid'];
 };
 
@@ -240,12 +756,13 @@ export type TodosBoolExp = {
   createdAt?: InputMaybe<TimestamptzComparisonExp>;
   id?: InputMaybe<UuidComparisonExp>;
   updatedAt?: InputMaybe<TimestamptzComparisonExp>;
+  user?: InputMaybe<UsersBoolExp>;
   userId?: InputMaybe<UuidComparisonExp>;
 };
 
 /** unique or primary key constraints on table "todos" */
 export enum TodosConstraint {
-  /** unique or primary key constraint */
+  /** unique or primary key constraint on columns "id" */
   TodosPkey = 'todos_pkey'
 }
 
@@ -297,6 +814,7 @@ export type TodosOrderBy = {
   createdAt?: InputMaybe<OrderBy>;
   id?: InputMaybe<OrderBy>;
   updatedAt?: InputMaybe<OrderBy>;
+  user?: InputMaybe<UsersOrderBy>;
   userId?: InputMaybe<OrderBy>;
 };
 
@@ -330,6 +848,147 @@ export enum TodosUpdateColumn {
   Contents = 'contents'
 }
 
+export type TodosUpdates = {
+  /** sets the columns of the filtered rows to the given values */
+  _set?: InputMaybe<TodosSetInput>;
+  where: TodosBoolExp;
+};
+
+/** User account information. Don't modify its structure as Hasura Auth relies on it to function properly. */
+export type Users = {
+  __typename?: 'users';
+  activeMfaType?: Maybe<Scalars['String']>;
+  avatarUrl: Scalars['String'];
+  createdAt: Scalars['timestamptz'];
+  currentChallenge?: Maybe<Scalars['String']>;
+  defaultRole: Scalars['String'];
+  disabled: Scalars['Boolean'];
+  displayName: Scalars['String'];
+  email?: Maybe<Scalars['citext']>;
+  emailVerified: Scalars['Boolean'];
+  id: Scalars['uuid'];
+  isAnonymous: Scalars['Boolean'];
+  lastSeen?: Maybe<Scalars['timestamptz']>;
+  locale: Scalars['String'];
+  metadata?: Maybe<Scalars['jsonb']>;
+  otpHash?: Maybe<Scalars['String']>;
+  otpMethodLastUsed?: Maybe<Scalars['String']>;
+  phoneNumber?: Maybe<Scalars['String']>;
+  phoneNumberVerified: Scalars['Boolean'];
+  /** An array relationship */
+  securityKeys: Array<AuthUserSecurityKeys>;
+  updatedAt: Scalars['timestamptz'];
+};
+
+
+/** User account information. Don't modify its structure as Hasura Auth relies on it to function properly. */
+export type UsersMetadataArgs = {
+  path?: InputMaybe<Scalars['String']>;
+};
+
+
+/** User account information. Don't modify its structure as Hasura Auth relies on it to function properly. */
+export type UsersSecurityKeysArgs = {
+  distinct_on?: InputMaybe<Array<AuthUserSecurityKeysSelectColumn>>;
+  limit?: InputMaybe<Scalars['Int']>;
+  offset?: InputMaybe<Scalars['Int']>;
+  order_by?: InputMaybe<Array<AuthUserSecurityKeysOrderBy>>;
+  where?: InputMaybe<AuthUserSecurityKeysBoolExp>;
+};
+
+/** Boolean expression to filter rows from the table "auth.users". All fields are combined with a logical 'AND'. */
+export type UsersBoolExp = {
+  _and?: InputMaybe<Array<UsersBoolExp>>;
+  _not?: InputMaybe<UsersBoolExp>;
+  _or?: InputMaybe<Array<UsersBoolExp>>;
+  activeMfaType?: InputMaybe<StringComparisonExp>;
+  avatarUrl?: InputMaybe<StringComparisonExp>;
+  createdAt?: InputMaybe<TimestamptzComparisonExp>;
+  currentChallenge?: InputMaybe<StringComparisonExp>;
+  defaultRole?: InputMaybe<StringComparisonExp>;
+  disabled?: InputMaybe<BooleanComparisonExp>;
+  displayName?: InputMaybe<StringComparisonExp>;
+  email?: InputMaybe<CitextComparisonExp>;
+  emailVerified?: InputMaybe<BooleanComparisonExp>;
+  id?: InputMaybe<UuidComparisonExp>;
+  isAnonymous?: InputMaybe<BooleanComparisonExp>;
+  lastSeen?: InputMaybe<TimestamptzComparisonExp>;
+  locale?: InputMaybe<StringComparisonExp>;
+  metadata?: InputMaybe<JsonbComparisonExp>;
+  otpHash?: InputMaybe<StringComparisonExp>;
+  otpMethodLastUsed?: InputMaybe<StringComparisonExp>;
+  phoneNumber?: InputMaybe<StringComparisonExp>;
+  phoneNumberVerified?: InputMaybe<BooleanComparisonExp>;
+  securityKeys?: InputMaybe<AuthUserSecurityKeysBoolExp>;
+  updatedAt?: InputMaybe<TimestamptzComparisonExp>;
+};
+
+/** Ordering options when selecting data from "auth.users". */
+export type UsersOrderBy = {
+  activeMfaType?: InputMaybe<OrderBy>;
+  avatarUrl?: InputMaybe<OrderBy>;
+  createdAt?: InputMaybe<OrderBy>;
+  currentChallenge?: InputMaybe<OrderBy>;
+  defaultRole?: InputMaybe<OrderBy>;
+  disabled?: InputMaybe<OrderBy>;
+  displayName?: InputMaybe<OrderBy>;
+  email?: InputMaybe<OrderBy>;
+  emailVerified?: InputMaybe<OrderBy>;
+  id?: InputMaybe<OrderBy>;
+  isAnonymous?: InputMaybe<OrderBy>;
+  lastSeen?: InputMaybe<OrderBy>;
+  locale?: InputMaybe<OrderBy>;
+  metadata?: InputMaybe<OrderBy>;
+  otpHash?: InputMaybe<OrderBy>;
+  otpMethodLastUsed?: InputMaybe<OrderBy>;
+  phoneNumber?: InputMaybe<OrderBy>;
+  phoneNumberVerified?: InputMaybe<OrderBy>;
+  securityKeys_aggregate?: InputMaybe<AuthUserSecurityKeysAggregateOrderBy>;
+  updatedAt?: InputMaybe<OrderBy>;
+};
+
+/** select columns of table "auth.users" */
+export enum UsersSelectColumn {
+  /** column name */
+  ActiveMfaType = 'activeMfaType',
+  /** column name */
+  AvatarUrl = 'avatarUrl',
+  /** column name */
+  CreatedAt = 'createdAt',
+  /** column name */
+  CurrentChallenge = 'currentChallenge',
+  /** column name */
+  DefaultRole = 'defaultRole',
+  /** column name */
+  Disabled = 'disabled',
+  /** column name */
+  DisplayName = 'displayName',
+  /** column name */
+  Email = 'email',
+  /** column name */
+  EmailVerified = 'emailVerified',
+  /** column name */
+  Id = 'id',
+  /** column name */
+  IsAnonymous = 'isAnonymous',
+  /** column name */
+  LastSeen = 'lastSeen',
+  /** column name */
+  Locale = 'locale',
+  /** column name */
+  Metadata = 'metadata',
+  /** column name */
+  OtpHash = 'otpHash',
+  /** column name */
+  OtpMethodLastUsed = 'otpMethodLastUsed',
+  /** column name */
+  PhoneNumber = 'phoneNumber',
+  /** column name */
+  PhoneNumberVerified = 'phoneNumberVerified',
+  /** column name */
+  UpdatedAt = 'updatedAt'
+}
+
 /** Boolean expression to compare columns of type "uuid". All fields are combined with logical 'AND'. */
 export type UuidComparisonExp = {
   _eq?: InputMaybe<Scalars['uuid']>;
@@ -346,11 +1005,27 @@ export type UuidComparisonExp = {
 export type TodoListQueryVariables = Exact<{ [key: string]: never; }>;
 
 
-export type TodoListQuery = { __typename?: 'query_root', todos: Array<{ __typename?: 'todos', id: any, contents: string }> };
+export type TodoListQuery = { __typename?: 'query_root', todos: Array<{ __typename?: 'todos', id: string, contents: string }> };
 
 export type AddItemMutationVariables = Exact<{
   contents: Scalars['String'];
 }>;
 
 
-export type AddItemMutation = { __typename?: 'mutation_root', insertTodo?: { __typename?: 'todos', id: any } | null };
+export type AddItemMutation = { __typename?: 'mutation_root', insertTodo?: { __typename?: 'todos', id: string, contents: string } | null };
+
+export type NewTodoFragment = { __typename?: 'todos', id: string, contents: string };
+
+export type SecurityKeysQueryVariables = Exact<{
+  userId: Scalars['uuid'];
+}>;
+
+
+export type SecurityKeysQuery = { __typename?: 'query_root', authUserSecurityKeys: Array<{ __typename?: 'authUserSecurityKeys', id: string, nickname?: string | null }> };
+
+export type RemoveSecurityKeyMutationVariables = Exact<{
+  id: Scalars['uuid'];
+}>;
+
+
+export type RemoveSecurityKeyMutation = { __typename?: 'mutation_root', deleteAuthUserSecurityKey?: { __typename?: 'authUserSecurityKeys', id: string } | null };

examples/react-apollo/src/profile/index.tsx

@@ -5,6 +5,7 @@ import { useHasuraClaims, useNhostClient, useUserData } from '@nhost/react'
 import { ChangeEmail } from './change-email'
 import { ChangePassword } from './change-password'
 import { Mfa } from './mfa'
+import { SecurityKeys } from './security-keys'
 
 export const ProfilePage: React.FC = () => {
   const claims = useHasuraClaims()
@@ -13,6 +14,7 @@ export const ProfilePage: React.FC = () => {
   return (
     <Container>
       <Title>Profile page</Title>
+      <SecurityKeys />
       <Mfa />
       <ChangeEmail />
       <ChangePassword />

examples/react-apollo/src/profile/security-keys.tsx

@@ -0,0 +1,97 @@
+import { useState } from 'react'
+import { FaMinus } from 'react-icons/fa'
+import { RemoveSecurityKeyMutation, SecurityKeysQuery } from 'src/generated'
+
+import { gql, useMutation } from '@apollo/client'
+import { ActionIcon, Button, Card, SimpleGrid, Table, TextInput, Title } from '@mantine/core'
+import { useInputState } from '@mantine/hooks'
+import { useAddSecurityKey, useUserId } from '@nhost/react'
+import { useAuthQuery } from '@nhost/react-apollo'
+
+const SECURITY_KEYS_LIST = gql`
+  query securityKeys($userId: uuid!) {
+    authUserSecurityKeys(where: { userId: { _eq: $userId } }) {
+      id
+      nickname
+    }
+  }
+`
+
+const REMOVE_SECURITY_KEY = gql`
+  mutation removeSecurityKey($id: uuid!) {
+    deleteAuthUserSecurityKey(id: $id) {
+      id
+    }
+  }
+`
+
+export const SecurityKeys: React.FC = () => {
+  const { add } = useAddSecurityKey()
+  const userId = useUserId()
+  // Nickname of the security key
+  const [nickname, setNickname] = useInputState('')
+  const [list, setList] = useState<{ id: string; nickname?: string | null }[]>([])
+  useAuthQuery<SecurityKeysQuery>(SECURITY_KEYS_LIST, {
+    variables: { userId },
+    onCompleted: ({ authUserSecurityKeys }) => {
+      if (authUserSecurityKeys) {
+        setList(authUserSecurityKeys || [])
+      }
+    }
+  })
+
+  const addKey = async (e: React.FormEvent<HTMLFormElement>) => {
+    e.preventDefault()
+    const { key, error } = await add(nickname)
+    if (error) {
+      console.log(error)
+    } else {
+      setNickname('')
+    }
+    if (key) {
+      setList([...list, key])
+    }
+  }
+  const [removeKey] = useMutation<RemoveSecurityKeyMutation>(REMOVE_SECURITY_KEY, {
+    onCompleted: ({ deleteAuthUserSecurityKey }) => {
+      if (deleteAuthUserSecurityKey?.id) {
+        setList(list.filter((item) => item.id !== deleteAuthUserSecurityKey.id))
+      }
+    }
+  })
+
+  return (
+    <Card shadow="sm" p="lg" m="sm">
+      <Title>Security keys</Title>
+      <Table style={{ width: '100%', maxWidth: '100%' }}>
+        <colgroup>
+          <col />
+          <col width="20%" />
+        </colgroup>
+        <tbody>
+          {list.map(({ id, nickname }) => (
+            <tr key={id}>
+              <td>{nickname || id}</td>
+              <td>
+                <ActionIcon onClick={() => removeKey({ variables: { id } })} color="red">
+                  <FaMinus />
+                </ActionIcon>
+              </td>
+            </tr>
+          ))}
+        </tbody>
+      </Table>
+      <form onSubmit={addKey}>
+        <SimpleGrid cols={2}>
+          <TextInput
+            autoFocus
+            value={nickname}
+            onChange={setNickname}
+            placeholder="Nickname for the device (optional)"
+          />
+          <Button type="submit">Add a new device</Button>
+        </SimpleGrid>
+      </form>
+    </Card>
+  )
+}

examples/react-apollo/src/sign-in/email-password.tsx

@@ -90,7 +90,6 @@ export const EmailPassword: React.FC = () => {
           size="lg"
           style={{ marginBottom: '0.5em' }}
         />
-
         <Button fullWidth onClick={signIn}>
           Sign in
         </Button>

examples/react-apollo/src/sign-in/email-passwordless.tsx

@@ -1,12 +1,12 @@
 import { Divider } from '@mantine/core'
 
 import AuthLink from '../components/AuthLink'
-import EmailPasswordlessForm from '../components/SignUpServerlessForm'
+import PasswordlessForm from '../components/SignInPasswordlessForm'
 
 export const EmailPasswordless: React.FC = () => {
   return (
     <>
-      <EmailPasswordlessForm />
+      <PasswordlessForm />
       <Divider />
       <AuthLink link="/sign-up" variant="white">
         &#8592; Other Login Options

examples/react-apollo/src/sign-in/index.tsx

@@ -1,4 +1,4 @@
-import { FaLock } from 'react-icons/fa'
+import { FaFingerprint, FaLock } from 'react-icons/fa'
 import { Link, Route, Routes, useNavigate } from 'react-router-dom'
 
 import { Anchor, Center, Divider, Text } from '@mantine/core'
@@ -11,13 +11,17 @@ import OAuthLinks from '../components/OauthLinks'
 import { EmailPassword } from './email-password'
 import { EmailPasswordless } from './email-passwordless'
 import { ForgotPassword } from './forgot-password'
+import { SecurityKeySignIn } from './security-key'
 
 const Index: React.FC = () => (
   <>
     <OAuthLinks />
     <Divider my="sm" />
+    <AuthLink leftIcon={<FaFingerprint />} variant="outline" link="/sign-in/security-key">
+      Continue with a security key
+    </AuthLink>
     <AuthLink leftIcon={<FaLock />} variant="outline" link="/sign-in/email-passwordless">
-      Continue with passwordless email
+      Continue with a magic link
     </AuthLink>
     <AuthLink variant="subtle" link="/sign-in/email-password">
       Continue with email + password
@@ -36,7 +40,7 @@ export const SignInPage: React.FC = () => {
 
   return (
     <AuthLayout
-      title="Log in to the Application"
+      title="Sign in to the Application"
       footer={
         <Center>
           <Text>
@@ -57,6 +61,7 @@ export const SignInPage: React.FC = () => {
         <Route path="/email-password" element={<EmailPassword />} />
         <Route path="/forgot-password" element={<ForgotPassword />} />
         <Route path="/email-passwordless" element={<EmailPasswordless />} />
+        <Route path="/security-key" element={<SecurityKeySignIn />} />
       </Routes>
     </AuthLayout>
   )

examples/react-apollo/src/sign-in/security-key.tsx

@@ -0,0 +1,61 @@
+import { FormEvent, useState } from 'react'
+import { useNavigate } from 'react-router-dom'
+
+import { Button, Modal, SimpleGrid, TextInput } from '@mantine/core'
+import { showNotification } from '@mantine/notifications'
+import { useSignInEmailSecurityKey } from '@nhost/react'
+
+export const SecurityKeySignIn: React.FC = () => {
+  const { signInEmailSecurityKey } = useSignInEmailSecurityKey()
+  const [email, setEmail] = useState('')
+  const navigate = useNavigate()
+  const [emailVerificationToggle, setEmailVerificationToggle] = useState(false)
+
+  const signIn = async (e: FormEvent<HTMLFormElement>) => {
+    e.preventDefault()
+    const { isError, isSuccess, needsEmailVerification, error } = await signInEmailSecurityKey(
+      email
+    )
+    if (isError) {
+      showNotification({
+        color: 'red',
+        title: 'Error',
+        message: error?.message
+      })
+    } else if (needsEmailVerification) {
+      setEmailVerificationToggle(true)
+    } else if (isSuccess) {
+      navigate('/', { replace: true })
+    }
+  }
+
+  return (
+    <SimpleGrid cols={1} spacing={6}>
+      <Modal
+        title="Awaiting email verification"
+        transition="fade"
+        centered
+        transitionDuration={600}
+        opened={emailVerificationToggle}
+        onClose={() => {
+          setEmailVerificationToggle(false)
+        }}
+      >
+        You need to verify your email first. Please check your mailbox and follow the confirmation
+        link to complete the registration.
+      </Modal>
+      <form onSubmit={signIn}>
+        <TextInput
+          value={email}
+          onChange={(e) => setEmail(e.target.value)}
+          placeholder="Email Address"
+          autoFocus
+          style={{ marginBottom: '0.5em' }}
+        />
+        <Button fullWidth type="submit">
+          Sign in with a security key
+        </Button>
+      </form>
+    </SimpleGrid>
+  )
+}

examples/react-apollo/src/sign-up/email-passwordless.tsx

@@ -1,7 +1,7 @@
 import { Divider } from '@mantine/core'
 
 import AuthLink from '../components/AuthLink'
-import EmailPasswordlessForm from '../components/SignUpServerlessForm'
+import EmailPasswordlessForm from '../components/SignUpPasswordlessForm'
 
 export const EmailPasswordless: React.FC = () => {
   return (

examples/react-apollo/src/sign-up/index.tsx

@@ -1,4 +1,4 @@
-import { FaLock } from 'react-icons/fa'
+import { FaFingerprint, FaLock } from 'react-icons/fa'
 import { Link, Route, Routes } from 'react-router-dom'
 
 import { Anchor, Center, Divider, Text } from '@mantine/core'
@@ -10,6 +10,7 @@ import OAuthLinks from '../components/OauthLinks'
 
 import { EmailPassword } from './email-password'
 import { EmailPasswordless } from './email-passwordless'
+import { SecurityKeySignUp } from './security-key'
 
 const Index: React.FC = () => {
   const isAnonymous = useUserIsAnonymous()
@@ -21,8 +22,11 @@ const Index: React.FC = () => {
           <Divider my="sm" />
         </>
       )}
+      <AuthLink leftIcon={<FaFingerprint />} variant="outline" link="/sign-up/security-key">
+        Continue with a security key
+      </AuthLink>
       <AuthLink leftIcon={<FaLock />} variant="outline" link="/sign-up/email-passwordless">
-        Continue with passwordless email
+        Continue with a magic link
       </AuthLink>
       <AuthLink variant="subtle" link="/sign-up/email-password">
         Continue with email + password
@@ -33,13 +37,13 @@ const Index: React.FC = () => {
 export const SignUpPage: React.FC = () => {
   return (
     <AuthLayout
-      title="Sign up"
+      title="Sign up to the application"
       footer={
         <Center>
           <Text>
             Already have an account?{' '}
             <Anchor component={Link} to="/sign-in">
-              Log in
+              Sign in
             </Anchor>
           </Text>
         </Center>
@@ -49,6 +53,7 @@ export const SignUpPage: React.FC = () => {
         <Route path="/" element={<Index />} />
         <Route path="/email-password" element={<EmailPassword />} />
         <Route path="/email-passwordless" element={<EmailPasswordless />} />
+        <Route path="/security-key" element={<SecurityKeySignUp />} />
       </Routes>
     </AuthLayout>
   )

examples/react-apollo/src/sign-up/security-key.tsx

@@ -0,0 +1,61 @@
+import { FormEvent, useState } from 'react'
+import { useNavigate } from 'react-router-dom'
+
+import { Button, Modal, SimpleGrid, TextInput } from '@mantine/core'
+import { showNotification } from '@mantine/notifications'
+import { useSignUpEmailSecurityKeyEmail } from '@nhost/react'
+
+export const SecurityKeySignUp: React.FC = () => {
+  const { signUpEmailSecurityKey } = useSignUpEmailSecurityKeyEmail()
+  const [email, setEmail] = useState('')
+  const navigate = useNavigate()
+  const [emailVerificationToggle, setEmailVerificationToggle] = useState(false)
+
+  const signIn = async (e: FormEvent<HTMLFormElement>) => {
+    e.preventDefault()
+    const { isError, isSuccess, needsEmailVerification, error } = await signUpEmailSecurityKey(
+      email
+    )
+    if (isError) {
+      showNotification({
+        color: 'red',
+        title: 'Error',
+        message: error?.message
+      })
+    } else if (needsEmailVerification) {
+      setEmailVerificationToggle(true)
+    } else if (isSuccess) {
+      navigate('/', { replace: true })
+    }
+  }
+
+  return (
+    <SimpleGrid cols={1} spacing={6}>
+      <Modal
+        title="Awaiting email verification"
+        transition="fade"
+        centered
+        transitionDuration={600}
+        opened={emailVerificationToggle}
+        onClose={() => {
+          setEmailVerificationToggle(false)
+        }}
+      >
+        A email has been sent to {email}. Please follow the link to verify your email address and to
+        complete your registration.
+      </Modal>
+      <form onSubmit={signIn}>
+        <TextInput
+          value={email}
+          onChange={(e) => setEmail(e.target.value)}
+          placeholder="Email Address"
+          autoFocus
+          style={{ marginBottom: '0.5em' }}
+        />
+        <Button fullWidth type="submit">
+          Sign up with a security key
+        </Button>
+      </form>
+    </SimpleGrid>
+  )
+}

examples/vue-apollo/nhost/config.yaml

@@ -5,7 +5,7 @@ services:
     environment:
       hasura_graphql_enable_remote_schema_permissions: false
   auth:
-    image: nhost/hasura-auth:0.10.0
+    image: nhost/hasura-auth:0.13.0
   storage:
     image: nhost/hasura-storage:0.2.4
 auth:

nhost-cloud.yaml

@@ -1,4 +1,4 @@
 # Docker image versions used in the cloud
 hasura: v2.10.1
-auth: 0.10.0
+auth: 0.13.0
 storage: 0.2.4

packages/apollo/CHANGELOG.md

@@ -1,5 +1,18 @@
 # @nhost/apollo
 
+## 0.5.30
+
+### Patch Changes
+
+- Updated dependencies [739a3c45]
+  - @nhost/nhost-js@1.5.0
+
+## 0.5.29
+
+### Patch Changes
+
+- @nhost/nhost-js@1.4.12
+
 ## 0.5.28
 
 ### Patch Changes