@01.software/sdk 0.30.1 → 0.32.0

package/dist/server.d.cts

@@ -1,10 +1,10 @@
-import { S as ServerCollectionClient } from './collection-client-QPbwimkU.cjs';
-export { C as CollectionClient } from './collection-client-QPbwimkU.cjs';
-import { B as BaseApi, aJ as ServerApiOptions, aM as StockCheckParams, aN as StockCheckResponse, Y as ListingGroupsParams, am as ProductListingGroupsResponse, ab as ProductDetailParams, a2 as ProductDetail, bc as ProductUpsertParams, bd as ProductUpsertResponse, k as AddItemParams, aQ as UpdateItemParams, aE as RemoveItemParams, l as ApplyDiscountParams, aD as RemoveDiscountParams, t as ClearCartParams, s as CheckoutParams, G as CreateOrderParams, aR as UpdateOrderParams, aU as UpdateTransactionParams, y as ConfirmPaymentParams, z as ConfirmPaymentResponse, F as CreateFulfillmentParams, aP as UpdateFulfillmentParams, m as BulkImportFulfillmentsParams, n as BulkImportFulfillmentsResponse, H as CreateReturnParams, aT as UpdateReturnParams, aI as ReturnWithRefundParams, aV as ValidateDiscountParams, aW as ValidateDiscountResult, o as CalculateShippingParams, p as CalculateShippingResult, a as CommunityClient, c as ClientState, be as ClientServerConfig } from './types-Dlb2mwpX.cjs';
-import { h as Cart, i as CartItem, O as Order, m as Transaction, n as Fulfillment, o as Return } from './payload-types-DPjO_IbQ.cjs';
+import { S as ServerCollectionClient } from './collection-client-CORhppPb.cjs';
+export { C as CollectionClient } from './collection-client-CORhppPb.cjs';
+import { B as BaseApi, aQ as ServerApiOptions, aT as StockCheckParams, aU as StockCheckResponse, _ as ListingGroupsParams, as as ProductListingGroupsResponse, ad as ProductDetailParams, a4 as ProductDetail, bk as ProductDetailPreviewParams, bl as ProductDetailPreviewOptions, bm as ProductUpsertParams, bn as ProductUpsertResponse, k as AddItemParams, aX as UpdateItemParams, aL as RemoveItemParams, l as ApplyDiscountParams, aK as RemoveDiscountParams, t as ClearCartParams, s as CheckoutParams, H as CreateOrderParams, aY as UpdateOrderParams, a$ as UpdateTransactionParams, y as ConfirmPaymentParams, z as ConfirmPaymentResponse, F as CreateFulfillmentParams, aW as UpdateFulfillmentParams, m as BulkImportFulfillmentsParams, n as BulkImportFulfillmentsResponse, I as CreateReturnParams, a_ as UpdateReturnParams, aP as ReturnWithRefundParams, b0 as ValidateDiscountParams, b1 as ValidateDiscountResult, o as CalculateShippingParams, p as CalculateShippingResult, a as CommunityClient, c as ClientState, bo as ClientServerConfig } from './types-CAkWqIr6.cjs';
+import { i as Cart, j as CartItem, O as Order, m as Transaction, n as Fulfillment, o as Return } from './payload-types-DVK1QCeU.cjs';
 import './metadata.cjs';
-import './const-VZuk2tWc.cjs';
-import './types-BwT0eeaz.cjs';
+import './const-Brk2Ff0q.cjs';
+import './types-ByMrR_Z_.cjs';
 
 type ModerationApiOptions = ServerApiOptions;
 interface CommunityBan {
@@ -45,6 +45,7 @@ declare class ServerCommerceClient {
         stockCheck: (params: StockCheckParams) => Promise<StockCheckResponse>;
         listingGroups: (params: ListingGroupsParams) => Promise<ProductListingGroupsResponse>;
         detail: (params: ProductDetailParams) => Promise<ProductDetail | null>;
+        previewDetail: (params: ProductDetailPreviewParams, options: ProductDetailPreviewOptions) => Promise<ProductDetail | null>;
         upsert: (params: ProductUpsertParams) => Promise<ProductUpsertResponse>;
     };
     readonly cart: {
@@ -85,8 +86,121 @@ declare class ServerCommerceClient {
     constructor(options: ServerCommerceClientOptions);
 }
 
+type TenantIntrospectionApiOptions = ServerApiOptions;
+type TenantFeatureProgressFeature = 'ecommerce';
+interface TenantFeatureProgressInput {
+    feature: TenantFeatureProgressFeature;
+    includeEvidence?: boolean;
+}
+type TenantFeatureProgressStatus = 'ready' | 'attention' | 'blocked';
+type TenantFeatureProgressItemState = 'complete' | 'incomplete' | 'blocked' | 'attention' | 'optional' | 'unknown' | 'manual' | 'not-applicable';
+type TenantFeatureProgressSeverity = 'required' | 'recommended' | 'optional';
+type TenantFeatureProgressEvidenceValue = string | number | boolean | null;
+interface TenantFeatureProgressItem {
+    id: string;
+    title: string;
+    state: TenantFeatureProgressItemState;
+    severity: TenantFeatureProgressSeverity;
+    summary: string;
+    evidence?: Record<string, TenantFeatureProgressEvidenceValue>;
+}
+interface TenantFeatureProgressGroup {
+    id: string;
+    title: string;
+    summary?: string;
+    items: TenantFeatureProgressItem[];
+}
+interface TenantFeatureProgressResponse {
+    schemaVersion: 1;
+    feature: TenantFeatureProgressFeature;
+    status: TenantFeatureProgressStatus;
+    generatedAt: string;
+    tenant: {
+        id: string;
+        name: string;
+        plan: string;
+    };
+    capability: {
+        effectiveFeatures: string[];
+        planBlocked: string[];
+        closureAdded: string[];
+    };
+    summary: {
+        complete: number;
+        total: number;
+        blocking: number;
+        manual: number;
+        unknown: number;
+    };
+    groups: TenantFeatureProgressGroup[];
+}
+interface CollectionFieldSchema {
+    name: string;
+    path: string;
+    type: string;
+    required?: true;
+    unique?: true;
+    hasMany?: true;
+    relationTo?: string | string[];
+    options?: Array<{
+        label: string;
+        value: string;
+    }>;
+    hidden?: true;
+    systemManaged?: true;
+    writable?: boolean;
+    fields?: CollectionFieldSchema[];
+}
+interface CollectionSchemaResponse {
+    contractVersion: 1;
+    mode: 'effective';
+    collection: {
+        slug: string;
+        timestamps: boolean;
+        alwaysActive: boolean;
+        feature: string | null;
+        systemFields: string[];
+        visibility: {
+            collectionHidden: boolean;
+            hiddenFields: string[];
+        };
+        fields: CollectionFieldSchema[];
+    };
+}
+interface TenantIntrospectionClient {
+    collectionSchema: (collection: string) => Promise<CollectionSchemaResponse>;
+    featureProgress: (params: TenantFeatureProgressInput) => Promise<TenantFeatureProgressResponse>;
+}
+declare class TenantIntrospectionApi extends BaseApi implements TenantIntrospectionClient {
+    constructor(options: TenantIntrospectionApiOptions);
+    collectionSchema(collection: string): Promise<CollectionSchemaResponse>;
+    featureProgress(params: TenantFeatureProgressInput): Promise<TenantFeatureProgressResponse>;
+}
+
+type PreviewDetailParams = {
+    collection: string;
+    id: string;
+};
+type PreviewDetailOptions = {
+    previewToken: string;
+};
+/**
+ * Server-side client for the generic preview detail endpoint
+ * (`POST /api/preview/detail`). Returns `null` on 404 so callers can
+ * branch on missing previews without try/catch noise.
+ *
+ * Auth uses the standard server credentials (`secretKey` +
+ * `publishableKey`) plus the short-lived `X-Preview-Token` header issued
+ * by the Console preview start endpoint.
+ */
+declare class ServerPreviewClient extends BaseApi {
+    constructor(options: ServerApiOptions);
+    detail<T = unknown>(params: PreviewDetailParams, options: PreviewDetailOptions): Promise<T | null>;
+}
+
 declare class ServerClient {
     commerce: ServerCommerceClient;
+    tenant: TenantIntrospectionClient;
     community: CommunityClient & {
         moderation: {
             banCustomer: (p: BanCustomerParams) => Promise<CommunityBan>;
@@ -95,6 +209,9 @@ declare class ServerClient {
             }>;
         };
     };
+    preview: {
+        detail: <T = unknown>(params: PreviewDetailParams, options: PreviewDetailOptions) => Promise<T | null>;
+    };
     collections: ServerCollectionClient;
     lastRequestId: string | null;
     protected state: ClientState;
@@ -109,4 +226,4 @@ declare class ServerClient {
  */
 declare function createServerClient(options: ClientServerConfig): ServerClient;
 
-export { ClientServerConfig, CommunityClient, ModerationApi, ServerClient, ServerCollectionClient, ServerCommerceClient, createServerClient };
+export { ClientServerConfig, type CollectionFieldSchema, type CollectionSchemaResponse, CommunityClient, ModerationApi, type PreviewDetailOptions, type PreviewDetailParams, ServerClient, ServerCollectionClient, ServerCommerceClient, ServerPreviewClient, type TenantFeatureProgressEvidenceValue, type TenantFeatureProgressFeature, type TenantFeatureProgressGroup, type TenantFeatureProgressInput, type TenantFeatureProgressItem, type TenantFeatureProgressItemState, type TenantFeatureProgressResponse, type TenantFeatureProgressSeverity, type TenantFeatureProgressStatus, TenantIntrospectionApi, type TenantIntrospectionApiOptions, type TenantIntrospectionClient, createServerClient };

package/dist/server.d.ts

@@ -1,10 +1,10 @@
-import { S as ServerCollectionClient } from './collection-client-B9d9kr1d.js';
-export { C as CollectionClient } from './collection-client-B9d9kr1d.js';
-import { B as BaseApi, aJ as ServerApiOptions, aM as StockCheckParams, aN as StockCheckResponse, Y as ListingGroupsParams, am as ProductListingGroupsResponse, ab as ProductDetailParams, a2 as ProductDetail, bc as ProductUpsertParams, bd as ProductUpsertResponse, k as AddItemParams, aQ as UpdateItemParams, aE as RemoveItemParams, l as ApplyDiscountParams, aD as RemoveDiscountParams, t as ClearCartParams, s as CheckoutParams, G as CreateOrderParams, aR as UpdateOrderParams, aU as UpdateTransactionParams, y as ConfirmPaymentParams, z as ConfirmPaymentResponse, F as CreateFulfillmentParams, aP as UpdateFulfillmentParams, m as BulkImportFulfillmentsParams, n as BulkImportFulfillmentsResponse, H as CreateReturnParams, aT as UpdateReturnParams, aI as ReturnWithRefundParams, aV as ValidateDiscountParams, aW as ValidateDiscountResult, o as CalculateShippingParams, p as CalculateShippingResult, a as CommunityClient, c as ClientState, be as ClientServerConfig } from './types-DuSKPiY5.js';
-import { h as Cart, i as CartItem, O as Order, m as Transaction, n as Fulfillment, o as Return } from './payload-types-DPjO_IbQ.js';
+import { S as ServerCollectionClient } from './collection-client-DPGXnhoF.js';
+export { C as CollectionClient } from './collection-client-DPGXnhoF.js';
+import { B as BaseApi, aQ as ServerApiOptions, aT as StockCheckParams, aU as StockCheckResponse, _ as ListingGroupsParams, as as ProductListingGroupsResponse, ad as ProductDetailParams, a4 as ProductDetail, bk as ProductDetailPreviewParams, bl as ProductDetailPreviewOptions, bm as ProductUpsertParams, bn as ProductUpsertResponse, k as AddItemParams, aX as UpdateItemParams, aL as RemoveItemParams, l as ApplyDiscountParams, aK as RemoveDiscountParams, t as ClearCartParams, s as CheckoutParams, H as CreateOrderParams, aY as UpdateOrderParams, a$ as UpdateTransactionParams, y as ConfirmPaymentParams, z as ConfirmPaymentResponse, F as CreateFulfillmentParams, aW as UpdateFulfillmentParams, m as BulkImportFulfillmentsParams, n as BulkImportFulfillmentsResponse, I as CreateReturnParams, a_ as UpdateReturnParams, aP as ReturnWithRefundParams, b0 as ValidateDiscountParams, b1 as ValidateDiscountResult, o as CalculateShippingParams, p as CalculateShippingResult, a as CommunityClient, c as ClientState, bo as ClientServerConfig } from './types-CYMSBkJC.js';
+import { i as Cart, j as CartItem, O as Order, m as Transaction, n as Fulfillment, o as Return } from './payload-types-DVK1QCeU.js';
 import './metadata.js';
-import './const-B75IFDRi.js';
-import './types-1fBLrYU7.js';
+import './const-DcY2_z9O.js';
+import './types-DUPC7Xn6.js';
 
 type ModerationApiOptions = ServerApiOptions;
 interface CommunityBan {
@@ -45,6 +45,7 @@ declare class ServerCommerceClient {
         stockCheck: (params: StockCheckParams) => Promise<StockCheckResponse>;
         listingGroups: (params: ListingGroupsParams) => Promise<ProductListingGroupsResponse>;
         detail: (params: ProductDetailParams) => Promise<ProductDetail | null>;
+        previewDetail: (params: ProductDetailPreviewParams, options: ProductDetailPreviewOptions) => Promise<ProductDetail | null>;
         upsert: (params: ProductUpsertParams) => Promise<ProductUpsertResponse>;
     };
     readonly cart: {
@@ -85,8 +86,121 @@ declare class ServerCommerceClient {
     constructor(options: ServerCommerceClientOptions);
 }
 
+type TenantIntrospectionApiOptions = ServerApiOptions;
+type TenantFeatureProgressFeature = 'ecommerce';
+interface TenantFeatureProgressInput {
+    feature: TenantFeatureProgressFeature;
+    includeEvidence?: boolean;
+}
+type TenantFeatureProgressStatus = 'ready' | 'attention' | 'blocked';
+type TenantFeatureProgressItemState = 'complete' | 'incomplete' | 'blocked' | 'attention' | 'optional' | 'unknown' | 'manual' | 'not-applicable';
+type TenantFeatureProgressSeverity = 'required' | 'recommended' | 'optional';
+type TenantFeatureProgressEvidenceValue = string | number | boolean | null;
+interface TenantFeatureProgressItem {
+    id: string;
+    title: string;
+    state: TenantFeatureProgressItemState;
+    severity: TenantFeatureProgressSeverity;
+    summary: string;
+    evidence?: Record<string, TenantFeatureProgressEvidenceValue>;
+}
+interface TenantFeatureProgressGroup {
+    id: string;
+    title: string;
+    summary?: string;
+    items: TenantFeatureProgressItem[];
+}
+interface TenantFeatureProgressResponse {
+    schemaVersion: 1;
+    feature: TenantFeatureProgressFeature;
+    status: TenantFeatureProgressStatus;
+    generatedAt: string;
+    tenant: {
+        id: string;
+        name: string;
+        plan: string;
+    };
+    capability: {
+        effectiveFeatures: string[];
+        planBlocked: string[];
+        closureAdded: string[];
+    };
+    summary: {
+        complete: number;
+        total: number;
+        blocking: number;
+        manual: number;
+        unknown: number;
+    };
+    groups: TenantFeatureProgressGroup[];
+}
+interface CollectionFieldSchema {
+    name: string;
+    path: string;
+    type: string;
+    required?: true;
+    unique?: true;
+    hasMany?: true;
+    relationTo?: string | string[];
+    options?: Array<{
+        label: string;
+        value: string;
+    }>;
+    hidden?: true;
+    systemManaged?: true;
+    writable?: boolean;
+    fields?: CollectionFieldSchema[];
+}
+interface CollectionSchemaResponse {
+    contractVersion: 1;
+    mode: 'effective';
+    collection: {
+        slug: string;
+        timestamps: boolean;
+        alwaysActive: boolean;
+        feature: string | null;
+        systemFields: string[];
+        visibility: {
+            collectionHidden: boolean;
+            hiddenFields: string[];
+        };
+        fields: CollectionFieldSchema[];
+    };
+}
+interface TenantIntrospectionClient {
+    collectionSchema: (collection: string) => Promise<CollectionSchemaResponse>;
+    featureProgress: (params: TenantFeatureProgressInput) => Promise<TenantFeatureProgressResponse>;
+}
+declare class TenantIntrospectionApi extends BaseApi implements TenantIntrospectionClient {
+    constructor(options: TenantIntrospectionApiOptions);
+    collectionSchema(collection: string): Promise<CollectionSchemaResponse>;
+    featureProgress(params: TenantFeatureProgressInput): Promise<TenantFeatureProgressResponse>;
+}
+
+type PreviewDetailParams = {
+    collection: string;
+    id: string;
+};
+type PreviewDetailOptions = {
+    previewToken: string;
+};
+/**
+ * Server-side client for the generic preview detail endpoint
+ * (`POST /api/preview/detail`). Returns `null` on 404 so callers can
+ * branch on missing previews without try/catch noise.
+ *
+ * Auth uses the standard server credentials (`secretKey` +
+ * `publishableKey`) plus the short-lived `X-Preview-Token` header issued
+ * by the Console preview start endpoint.
+ */
+declare class ServerPreviewClient extends BaseApi {
+    constructor(options: ServerApiOptions);
+    detail<T = unknown>(params: PreviewDetailParams, options: PreviewDetailOptions): Promise<T | null>;
+}
+
 declare class ServerClient {
     commerce: ServerCommerceClient;
+    tenant: TenantIntrospectionClient;
     community: CommunityClient & {
         moderation: {
             banCustomer: (p: BanCustomerParams) => Promise<CommunityBan>;
@@ -95,6 +209,9 @@ declare class ServerClient {
             }>;
         };
     };
+    preview: {
+        detail: <T = unknown>(params: PreviewDetailParams, options: PreviewDetailOptions) => Promise<T | null>;
+    };
     collections: ServerCollectionClient;
     lastRequestId: string | null;
     protected state: ClientState;
@@ -109,4 +226,4 @@ declare class ServerClient {
  */
 declare function createServerClient(options: ClientServerConfig): ServerClient;
 
-export { ClientServerConfig, CommunityClient, ModerationApi, ServerClient, ServerCollectionClient, ServerCommerceClient, createServerClient };
+export { ClientServerConfig, type CollectionFieldSchema, type CollectionSchemaResponse, CommunityClient, ModerationApi, type PreviewDetailOptions, type PreviewDetailParams, ServerClient, ServerCollectionClient, ServerCommerceClient, ServerPreviewClient, type TenantFeatureProgressEvidenceValue, type TenantFeatureProgressFeature, type TenantFeatureProgressGroup, type TenantFeatureProgressInput, type TenantFeatureProgressItem, type TenantFeatureProgressItemState, type TenantFeatureProgressResponse, type TenantFeatureProgressSeverity, type TenantFeatureProgressStatus, TenantIntrospectionApi, type TenantIntrospectionApiOptions, type TenantIntrospectionClient, createServerClient };

package/dist/server.js

@@ -45,8 +45,16 @@ var ValidationError = class extends SDKError {
   }
 };
 var ApiError = class extends SDKError {
-  constructor(message, status, details, userMessage, suggestion) {
-    super("API_ERROR", message, status, details, userMessage, suggestion);
+  constructor(message, status, details, userMessage, suggestion, requestId) {
+    super(
+      "API_ERROR",
+      message,
+      status,
+      details,
+      userMessage,
+      suggestion,
+      requestId
+    );
     this.name = "ApiError";
   }
 };
@@ -77,19 +85,43 @@ var UsageLimitError = class extends SDKError {
 };
 var AuthError = class extends SDKError {
   constructor(message, details, userMessage, suggestion, requestId) {
-    super("auth_error", message, 401, details, userMessage, suggestion, requestId);
+    super(
+      "auth_error",
+      message,
+      401,
+      details,
+      userMessage,
+      suggestion,
+      requestId
+    );
     this.name = "AuthError";
   }
 };
 var PermissionError = class extends SDKError {
   constructor(message, details, userMessage, suggestion, requestId) {
-    super("permission_error", message, 403, details, userMessage, suggestion, requestId);
+    super(
+      "permission_error",
+      message,
+      403,
+      details,
+      userMessage,
+      suggestion,
+      requestId
+    );
     this.name = "PermissionError";
   }
 };
 var NotFoundError = class extends SDKError {
   constructor(message, details, userMessage, suggestion, requestId) {
-    super("not_found", message, 404, details, userMessage, suggestion, requestId);
+    super(
+      "not_found",
+      message,
+      404,
+      details,
+      userMessage,
+      suggestion,
+      requestId
+    );
     this.name = "NotFoundError";
   }
 };
@@ -101,14 +133,22 @@ var ConflictError = class extends SDKError {
 };
 var RateLimitError = class extends SDKError {
   constructor(message, retryAfter, details, userMessage, suggestion, requestId) {
-    super("rate_limit_exceeded", message, 429, details, userMessage, suggestion, requestId);
+    super(
+      "rate_limit_exceeded",
+      message,
+      429,
+      details,
+      userMessage,
+      suggestion,
+      requestId
+    );
     this.name = "RateLimitError";
     this.retryAfter = retryAfter;
   }
 };
 var createNetworkError = (message, status, details, userMessage, suggestion) => new NetworkError(message, status, details, userMessage, suggestion);
 var createValidationError = (message, details, userMessage, suggestion, status) => new ValidationError(message, details, userMessage, suggestion, status);
-var createApiError = (message, status, details, userMessage, suggestion) => new ApiError(message, status, details, userMessage, suggestion);
+var createApiError = (message, status, details, userMessage, suggestion, requestId) => new ApiError(message, status, details, userMessage, suggestion, requestId);
 var createConfigError = (message, details, userMessage, suggestion) => new ConfigError(message, details, userMessage, suggestion);
 var createTimeoutError = (message, details, userMessage, suggestion) => new TimeoutError(message, details, userMessage, suggestion);
 var createUsageLimitError = (message, usage, details, userMessage, suggestion) => new UsageLimitError(message, usage, details, userMessage, suggestion);
@@ -116,7 +156,14 @@ var createAuthError = (message, details, userMessage, suggestion, requestId) =>
 var createPermissionError = (message, details, userMessage, suggestion, requestId) => new PermissionError(message, details, userMessage, suggestion, requestId);
 var createNotFoundError = (message, details, userMessage, suggestion, requestId) => new NotFoundError(message, details, userMessage, suggestion, requestId);
 var createConflictError = (message, details, userMessage, suggestion, requestId) => new ConflictError(message, details, userMessage, suggestion, requestId);
-var createRateLimitError = (message, retryAfter, details, userMessage, suggestion, requestId) => new RateLimitError(message, retryAfter, details, userMessage, suggestion, requestId);
+var createRateLimitError = (message, retryAfter, details, userMessage, suggestion, requestId) => new RateLimitError(
+  message,
+  retryAfter,
+  details,
+  userMessage,
+  suggestion,
+  requestId
+);
 
 // src/core/internal/utils/credentials.ts
 function requirePublishableKeyForSecret(apiName, publishableKey, secretKey) {
@@ -156,6 +203,22 @@ function debugLog(debug, type, message, data) {
     console.groupEnd();
   }
 }
+function redactSensitiveHeader(value) {
+  const prefix = value.toLowerCase().startsWith("bearer ") ? "Bearer " : "";
+  return value.length > 20 ? `${prefix}...****${value.slice(-8)}` : "****";
+}
+function redactSensitiveHeaders(headers) {
+  const redacted = Object.fromEntries(headers.entries());
+  if (redacted.authorization) {
+    redacted.authorization = redactSensitiveHeader(redacted.authorization);
+  }
+  if (redacted["x-preview-token"]) {
+    redacted["x-preview-token"] = redactSensitiveHeader(
+      redacted["x-preview-token"]
+    );
+  }
+  return redacted;
+}
 function getErrorSuggestion(status) {
   if (status === 400)
     return "The request data failed validation. Check field values and types.";
@@ -230,6 +293,12 @@ async function parseErrorBody(response) {
     return fallback;
   }
 }
+function getParsedErrorSuggestion(status, parsed) {
+  if (status === 403 && parsed.reason === "origin_not_allowed") {
+    return "Add the request origin to the tenant Browser API origins, then retry the browser request.";
+  }
+  return getErrorSuggestion(status);
+}
 async function delay(ms) {
   return new Promise((resolve) => setTimeout(resolve, ms));
 }
@@ -243,7 +312,7 @@ function createHttpStatusError(status, parsed, details, requestId) {
     ...parsed.errors && { errors: parsed.errors },
     ...parsed.body && { body: parsed.body }
   };
-  const suggestion = getErrorSuggestion(status);
+  const suggestion = getParsedErrorSuggestion(status, parsed);
   if (status === 400 || status === 422) {
     return attachRequestId(
       createValidationError(
@@ -349,11 +418,7 @@ async function httpFetch(url, options) {
       if (!headers.has("Content-Type") && requestInit.body && !(requestInit.body instanceof FormData)) {
         headers.set("Content-Type", "application/json");
       }
-      const redactedHeaders = Object.fromEntries(headers.entries());
-      if (redactedHeaders["authorization"]) {
-        const token = redactedHeaders["authorization"];
-        redactedHeaders["authorization"] = token.length > 20 ? `Bearer ...****${token.slice(-8)}` : "****";
-      }
+      const redactedHeaders = redactSensitiveHeaders(headers);
       debugLog(debug, "request", url, {
         method: requestInit.method || "GET",
         headers: redactedHeaders,
@@ -371,7 +436,7 @@ async function httpFetch(url, options) {
       debugLog(debug, "response", url, {
         status: response.status,
         statusText: response.statusText,
-        headers: Object.fromEntries(response.headers.entries())
+        headers: redactSensitiveHeaders(response.headers)
       });
       if (!response.ok) {
         if (isUsageLimitExceededResponse(response)) {
@@ -1020,7 +1085,7 @@ async function parseApiResponse(response, endpoint) {
     if (reason === "validation_failed") {
       throw attachRequestId(createValidationError(errorMessage, data, errorMessage), requestId);
     }
-    if (reason === "token_expired" || reason === "token_invalid" || reason === "key_invalid" || reason === "key_revoked") {
+    if (reason === "token_expired" || reason === "token_invalid" || reason === "preview_token_invalid" || reason === "preview_token_required" || reason === "key_invalid" || reason === "key_revoked") {
       throw attachRequestId(createAuthError(errorMessage, data, errorMessage), requestId);
     }
     if (reason === "forbidden") {
@@ -1357,7 +1422,7 @@ var ProductApi = class extends BaseApi {
   /**
    * Fetch full product detail by slug or id.
    * Returns `null` on 404 regardless of reason (`not_found` / `not_published` /
-   * `tenant_mismatch` / `feature_disabled`). For the reason behind a null,
+   * `feature_disabled`). For the reason behind a null,
    * inspect `client.lastRequestId` against backend logs.
    */
   async detail(params) {
@@ -1449,7 +1514,61 @@ var OrderApi = class extends BaseApi {
   }
 };
 
+// src/core/preview/server-preview-client.ts
+var ServerPreviewClient = class extends BaseApi {
+  constructor(options) {
+    super("ServerPreviewClient", options);
+  }
+  async detail(params, options) {
+    let response;
+    try {
+      response = await httpFetch("/api/preview/detail", {
+        method: "POST",
+        apiUrl: this.apiUrl,
+        publishableKey: this.publishableKey,
+        secretKey: this.secretKey,
+        body: JSON.stringify(params),
+        headers: { "X-Preview-Token": options.previewToken }
+      });
+    } catch (err) {
+      const id = err instanceof SDKError ? err.requestId ?? null : null;
+      this.onRequestId?.(id);
+      if (err instanceof NotFoundError) return null;
+      throw err;
+    }
+    const requestId = response.headers.get("x-request-id") ?? null;
+    this.onRequestId?.(requestId);
+    try {
+      return await response.json();
+    } catch (err) {
+      if (err instanceof SyntaxError) {
+        throw createApiError(
+          "Invalid JSON response from /api/preview/detail",
+          200,
+          void 0,
+          "Server returned an invalid response.",
+          "Check if the API endpoint is available.",
+          requestId ?? void 0
+        );
+      }
+      throw err;
+    }
+  }
+};
+
 // src/core/commerce/server-commerce-client.ts
+var PreviewProductApi = class extends ProductApi {
+  constructor(options) {
+    super(options);
+    this.previewApi = new ServerPreviewClient(options);
+  }
+  async previewDetail(params, options) {
+    return this.previewApi.detail(
+      { collection: "products", id: params.id },
+      options
+    );
+  }
+};
 var ServerCommerceClient = class {
   constructor(options) {
     const publishableKey = requirePublishableKeyForSecret(
@@ -1463,7 +1582,7 @@ var ServerCommerceClient = class {
       apiUrl: options.apiUrl,
       onRequestId: options.onRequestId
     };
-    const productApi = new ProductApi(serverOptions);
+    const productApi = new PreviewProductApi(serverOptions);
     const cartApi = new CartApi(serverOptions);
     const discountApi = new DiscountApi(serverOptions);
     const shippingApi = new ShippingApi(serverOptions);
@@ -1472,6 +1591,7 @@ var ServerCommerceClient = class {
       stockCheck: productApi.stockCheck.bind(productApi),
       listingGroups: productApi.listingGroups.bind(productApi),
       detail: productApi.detail.bind(productApi),
+      previewDetail: productApi.previewDetail.bind(productApi),
       upsert: productApi.upsert.bind(productApi)
     };
     this.cart = {
@@ -1505,6 +1625,29 @@ var ServerCommerceClient = class {
   }
 };
 
+// src/core/api/tenant-introspection-api.ts
+var TenantIntrospectionApi = class extends BaseApi {
+  constructor(options) {
+    super("TenantIntrospectionApi", options);
+  }
+  collectionSchema(collection) {
+    return this.request(
+      `/api/tenants/schema/${encodeURIComponent(collection)}`,
+      void 0,
+      { method: "GET" }
+    );
+  }
+  featureProgress(params) {
+    const search = new URLSearchParams({ feature: params.feature });
+    if (params.includeEvidence) search.set("includeEvidence", "true");
+    return this.request(
+      `/api/tenants/feature-progress?${search.toString()}`,
+      void 0,
+      { method: "GET" }
+    );
+  }
+};
+
 // src/core/client/client.server.ts
 var ServerClient = class {
   constructor(options) {
@@ -1538,6 +1681,19 @@ var ServerClient = class {
       onRequestId
     };
     this.commerce = new ServerCommerceClient(serverOptions);
+    const tenantIntrospectionApi = new TenantIntrospectionApi(serverOptions);
+    this.tenant = {
+      collectionSchema: tenantIntrospectionApi.collectionSchema.bind(
+        tenantIntrospectionApi
+      ),
+      featureProgress: tenantIntrospectionApi.featureProgress.bind(
+        tenantIntrospectionApi
+      )
+    };
+    const previewApi = new ServerPreviewClient(serverOptions);
+    this.preview = {
+      detail: previewApi.detail.bind(previewApi)
+    };
     const communityClient = new CommunityClient(serverOptions);
     const moderationApi = new ModerationApi(serverOptions);
     this.community = Object.assign(communityClient, {
@@ -1573,6 +1729,8 @@ export {
   ServerClient,
   ServerCollectionClient,
   ServerCommerceClient,
+  ServerPreviewClient,
+  TenantIntrospectionApi,
   createServerClient
 };
 //# sourceMappingURL=server.js.map