From db03de51ec9b3a1c8a097e061d2b72dea9373d43 Mon Sep 17 00:00:00 2001
From: Doron Sharon <dorsha@descope.com>
Date: Thu, 11 Jun 2026 18:48:50 +0000
Subject: [PATCH] feat(user): add password and hashed password fields to create
 user options

The API supports passing password/hashedPassword/seed when creating a user,
but the SDK's UserOptions interface was missing these fields. This adds them
so create, createTestUser, update, and invite all support password fields.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 lib/management/types.ts     |  3 ++
 lib/management/user.test.ts | 55 +++++++++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+)

diff --git a/lib/management/types.ts b/lib/management/types.ts
index 9d7c0cee9..7b0315037 100644
--- a/lib/management/types.ts
+++ b/lib/management/types.ts
@@ -971,6 +971,9 @@ export interface UserOptions {
   familyName?: string;
   additionalLoginIds?: string[];
   ssoAppIds?: string[];
+  password?: string;
+  hashedPassword?: UserPasswordHashed;
+  seed?: string;
 }
 
 export type MgmtUserOptions = Omit<
diff --git a/lib/management/user.test.ts b/lib/management/user.test.ts
index c716272e4..7fdfa8dce 100644
--- a/lib/management/user.test.ts
+++ b/lib/management/user.test.ts
@@ -181,6 +181,61 @@ describe('Management User', () => {
         response: httpResponse,
       });
     });
+
+    it('should send password and hashed password with options argument', async () => {
+      const httpResponse = {
+        ok: true,
+        json: () => mockMgmtUserResponse,
+        clone: () => ({
+          json: () => Promise.resolve(mockMgmtUserResponse),
+        }),
+        status: 200,
+      };
+      mockHttpClient.post.mockResolvedValue(httpResponse);
+
+      const hashed: UserPasswordHashed = {
+        firebase: {
+          hash: 'h',
+          salt: 's',
+          saltSeparator: 'ss',
+          signerKey: 'sk',
+          memory: 14,
+          rounds: 8,
+        },
+      };
+
+      const resp: SdkResponse<UserResponse> = await management.user.create('loginId', {
+        email: 'a@b.c',
+        password: 'cleartext',
+        hashedPassword: hashed,
+        seed: 'totp-seed',
+      });
+
+      expect(mockHttpClient.post).toHaveBeenCalledWith(apiPaths.user.create, {
+        loginId: 'loginId',
+        email: 'a@b.c',
+        password: 'cleartext',
+        hashedPassword: {
+          firebase: {
+            hash: 'h',
+            salt: 's',
+            saltSeparator: 'ss',
+            signerKey: 'sk',
+            memory: 14,
+            rounds: 8,
+          },
+        },
+        seed: 'totp-seed',
+        roleNames: undefined,
+      });
+
+      expect(resp).toEqual({
+        code: 200,
+        data: mockUserResponse,
+        ok: true,
+        response: httpResponse,
+      });
+    });
   });
 
   describe('createTestUser', () => {