diff --git a/lib/index.d.ts b/lib/index.d.ts
new file mode 100644
index 0000000..22f2b7b
--- /dev/null
+++ b/lib/index.d.ts
@@ -0,0 +1,102 @@
+/// <reference types="node" />
+
+import {
+  Request,
+  Plugin,
+  AuthCredentials,
+  ServerStateCookieOptions,
+} from "@hapi/hapi";
+
+declare module "@hapi/hapi" {
+  interface ServerAuth {
+    strategy(
+      name: string,
+      scheme: "cookie",
+      options?: HapiCookie.Options
+    ): void;
+  }
+
+  interface PluginSpecificConfiguration {
+    cookie?:
+      | {
+          redirectTo?: boolean | undefined;
+        }
+      | undefined;
+  }
+
+  interface Request {
+    cookieAuth: {
+      set(session: object): void;
+      set(key: string, value: object | string): void;
+      clear(key?: string): void;
+      ttl(milliseconds: number): void;
+    };
+  }
+}
+
+export declare namespace HapiCookie {
+  interface ValidateResponse {
+    isValid: boolean;
+    credentials?: AuthCredentials | undefined;
+  }
+  type ValidateFunction = (
+    request?: Request,
+    session?: object
+  ) => Promise<ValidateResponse>;
+  type RedirectToFunction = (request?: Request) => string;
+
+  /**
+   * Options passed to 'hapi.auth.strategy' when this plugin is used
+   */
+  interface Options {
+    /**
+     * Cookie options.
+     *
+     * @default { name: 'sid', clearInvalid: false, isSameSite: 'Strict', isSecure: true, isHttpOnly: true }
+     */
+    cookie?: (ServerStateCookieOptions & { name: string }) | undefined;
+
+    /**
+     * Automatically sets the session cookie after validation to extend the current session for a new TTL duration.
+     *
+     * @default false
+     */
+    keepAlive?: boolean | undefined;
+
+    /**
+     * Login URI or function that returns a URI to redirect unauthenticated requests to.
+     * Note that it will only trigger when the authentication mode is 'required'.
+     * Defaults to no redirection.
+     */
+    redirectTo?: string | RedirectToFunction | undefined;
+
+    /**
+     * Only works if 'redirectTo' is true
+     * If set to true, a string, or an object, appends the current request path to the query component of the 'redirectTo' URI.
+     */
+    appendNext?: boolean | string | undefined;
+
+    /**
+     * An optional session validation function used to validate the content of the session cookie on each request.
+     * Used to verify that the internal session state is still valid (e.g. user account still exists).
+     */
+    validate?: ValidateFunction | undefined;
+
+    /**
+     * A name to use with decorating the request object.
+     * Using multiple decorator names for separate authentication strategies could allow a developer to call the methods for the wrong strategy.
+     * Potentially resulting in unintended authorized access.
+     *
+     * @default 'cookieAuth'
+     */
+    requestDecoratorName?: string | undefined;
+  }
+}
+
+export declare const plugin: Plugin<void>;
+
+declare const mod: {
+  plugin: Plugin<void>;
+};
+
+export default mod;
diff --git a/package.json b/package.json
index 3983174..a459535 100644
--- a/package.json
+++ b/package.json
@@ -4,6 +4,7 @@
   "version": "12.0.1",
   "repository": "git://github.com/hapijs/cookie",
   "main": "lib/index.js",
+  "types": "lib/index.d.ts",
   "files": [
     "lib"
   ],
@@ -29,7 +30,9 @@
     "@hapi/code": "^9.0.3",
     "@hapi/eslint-plugin": "*",
     "@hapi/hapi": "^21.2.1",
-    "@hapi/lab": "^25.1.2"
+    "@hapi/lab": "^25.1.2",
+    "@types/node": "^17.0.31",
+    "typescript": "~4.6.4"
   },
   "scripts": {
     "test": "lab -a @hapi/code -t 100 -L",