@alter-ai/alter-sdk 0.2.2 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +132 -51
- package/dist/index.cjs +543 -80
- package/dist/index.d.cts +100 -18
- package/dist/index.d.ts +100 -18
- package/dist/index.js +529 -80
- package/package.json +1 -1
package/dist/index.d.cts
CHANGED
|
@@ -9,6 +9,14 @@
|
|
|
9
9
|
* - TokenResponse: Object.freeze(this) prevents mutation after creation
|
|
10
10
|
* - toJSON() and toString() exclude access token from serialization
|
|
11
11
|
*/
|
|
12
|
+
/**
|
|
13
|
+
* Actor types for tracking SDK callers.
|
|
14
|
+
*/
|
|
15
|
+
declare enum ActorType {
|
|
16
|
+
BACKEND_SERVICE = "backend_service",
|
|
17
|
+
AI_AGENT = "ai_agent",
|
|
18
|
+
MCP_SERVER = "mcp_server"
|
|
19
|
+
}
|
|
12
20
|
/**
|
|
13
21
|
* OAuth token response from Alter Vault.
|
|
14
22
|
*
|
|
@@ -34,6 +42,14 @@ declare class TokenResponse {
|
|
|
34
42
|
readonly scopes: string[];
|
|
35
43
|
/** Connection ID that provided this token */
|
|
36
44
|
readonly connectionId: string;
|
|
45
|
+
/** Provider ID (google, github, etc.) */
|
|
46
|
+
readonly providerId: string;
|
|
47
|
+
/** HTTP header name for credential injection (e.g., "Authorization", "X-API-Key") */
|
|
48
|
+
readonly injectionHeader: string;
|
|
49
|
+
/** Header value format with {token} placeholder (e.g., "Bearer {token}", "{token}") */
|
|
50
|
+
readonly injectionFormat: string;
|
|
51
|
+
/** Extra credentials for multi-part auth (e.g. AWS SigV4 secret_key, region) */
|
|
52
|
+
readonly additionalCredentials: Record<string, string> | null;
|
|
37
53
|
constructor(data: {
|
|
38
54
|
access_token: string;
|
|
39
55
|
token_type?: string;
|
|
@@ -41,6 +57,10 @@ declare class TokenResponse {
|
|
|
41
57
|
expires_at?: string | null;
|
|
42
58
|
scopes?: string[];
|
|
43
59
|
connection_id: string;
|
|
60
|
+
provider_id?: string;
|
|
61
|
+
injection_header?: string;
|
|
62
|
+
injection_format?: string;
|
|
63
|
+
additional_credentials?: Record<string, string> | null;
|
|
44
64
|
});
|
|
45
65
|
/**
|
|
46
66
|
* Parse expires_at from ISO string.
|
|
@@ -80,7 +100,6 @@ declare class TokenResponse {
|
|
|
80
100
|
declare class ConnectionInfo {
|
|
81
101
|
readonly id: string;
|
|
82
102
|
readonly providerId: string;
|
|
83
|
-
readonly attributes: Record<string, unknown>;
|
|
84
103
|
readonly scopes: string[];
|
|
85
104
|
readonly accountIdentifier: string | null;
|
|
86
105
|
readonly accountDisplayName: string | null;
|
|
@@ -91,7 +110,6 @@ declare class ConnectionInfo {
|
|
|
91
110
|
constructor(data: {
|
|
92
111
|
id: string;
|
|
93
112
|
provider_id: string;
|
|
94
|
-
attributes?: Record<string, unknown>;
|
|
95
113
|
scopes?: string[];
|
|
96
114
|
account_identifier?: string | null;
|
|
97
115
|
account_display_name?: string | null;
|
|
@@ -142,6 +160,27 @@ declare class ConnectionListResult {
|
|
|
142
160
|
has_more: boolean;
|
|
143
161
|
});
|
|
144
162
|
}
|
|
163
|
+
/**
|
|
164
|
+
* Result of a headless connect() flow.
|
|
165
|
+
*
|
|
166
|
+
* Returned by connect() after the user completes OAuth in the browser.
|
|
167
|
+
* Contains the connection metadata (no tokens — use request() with
|
|
168
|
+
* the connectionId to make authenticated API calls).
|
|
169
|
+
*/
|
|
170
|
+
declare class ConnectResult {
|
|
171
|
+
readonly connectionId: string;
|
|
172
|
+
readonly providerId: string;
|
|
173
|
+
readonly accountIdentifier: string | null;
|
|
174
|
+
readonly scopes: string[];
|
|
175
|
+
constructor(data: {
|
|
176
|
+
connection_id: string;
|
|
177
|
+
provider_id: string;
|
|
178
|
+
account_identifier?: string | null;
|
|
179
|
+
scopes?: string[];
|
|
180
|
+
});
|
|
181
|
+
toJSON(): Record<string, unknown>;
|
|
182
|
+
toString(): string;
|
|
183
|
+
}
|
|
145
184
|
/**
|
|
146
185
|
* Audit log entry for an API call to a provider.
|
|
147
186
|
*
|
|
@@ -231,8 +270,6 @@ declare enum Provider {
|
|
|
231
270
|
GOOGLE = "google",
|
|
232
271
|
GITHUB = "github",
|
|
233
272
|
SLACK = "slack",
|
|
234
|
-
MICROSOFT = "microsoft",
|
|
235
|
-
SALESFORCE = "salesforce",
|
|
236
273
|
SENTRY = "sentry"
|
|
237
274
|
}
|
|
238
275
|
/**
|
|
@@ -265,14 +302,12 @@ declare enum HttpMethod {
|
|
|
265
302
|
interface AlterVaultOptions {
|
|
266
303
|
/** Alter Vault API key (must start with "alter_key_") */
|
|
267
304
|
apiKey: string;
|
|
268
|
-
/** Base URL for Alter Vault API */
|
|
269
|
-
baseUrl?: string;
|
|
270
305
|
/** HTTP request timeout in milliseconds (default: 30000) */
|
|
271
306
|
timeout?: number;
|
|
272
|
-
/** Actor type (
|
|
273
|
-
actorType
|
|
307
|
+
/** Actor type (use ActorType enum: AI_AGENT, MCP_SERVER, BACKEND_SERVICE) */
|
|
308
|
+
actorType: ActorType | string;
|
|
274
309
|
/** Unique identifier for the actor (e.g., "email-assistant-v2") */
|
|
275
|
-
actorIdentifier
|
|
310
|
+
actorIdentifier: string;
|
|
276
311
|
/** Human-readable name for the actor */
|
|
277
312
|
actorName?: string;
|
|
278
313
|
/** Actor version string (e.g., "1.0.0") */
|
|
@@ -286,8 +321,6 @@ interface AlterVaultOptions {
|
|
|
286
321
|
* Options for the request() method.
|
|
287
322
|
*/
|
|
288
323
|
interface RequestOptions {
|
|
289
|
-
/** User attributes to match connection (e.g., { user_id: "alice" }) */
|
|
290
|
-
user: Record<string, unknown>;
|
|
291
324
|
/** Optional JSON request body */
|
|
292
325
|
json?: Record<string, unknown>;
|
|
293
326
|
/** Optional additional headers */
|
|
@@ -316,6 +349,25 @@ interface ListConnectionsOptions {
|
|
|
316
349
|
/** Offset for pagination (default 0) */
|
|
317
350
|
offset?: number;
|
|
318
351
|
}
|
|
352
|
+
/**
|
|
353
|
+
* Options for the connect() method.
|
|
354
|
+
*/
|
|
355
|
+
interface ConnectOptions {
|
|
356
|
+
/** End user to create session for (requires at least id) */
|
|
357
|
+
endUser: {
|
|
358
|
+
id: string;
|
|
359
|
+
email?: string;
|
|
360
|
+
name?: string;
|
|
361
|
+
};
|
|
362
|
+
/** Restrict to specific providers (e.g., ["google"]) */
|
|
363
|
+
providers?: string[];
|
|
364
|
+
/** Max seconds to wait for completion (default 300 = 5 min) */
|
|
365
|
+
timeout?: number;
|
|
366
|
+
/** Seconds between poll requests (default 2) */
|
|
367
|
+
pollInterval?: number;
|
|
368
|
+
/** If true, opens browser automatically. If false, prints URL. (default true) */
|
|
369
|
+
openBrowser?: boolean;
|
|
370
|
+
}
|
|
319
371
|
/**
|
|
320
372
|
* Options for the createConnectSession() method.
|
|
321
373
|
*/
|
|
@@ -326,8 +378,6 @@ interface CreateConnectSessionOptions {
|
|
|
326
378
|
email?: string;
|
|
327
379
|
name?: string;
|
|
328
380
|
};
|
|
329
|
-
/** User attributes for connection matching */
|
|
330
|
-
attributes?: Record<string, unknown>;
|
|
331
381
|
/** Restrict to specific providers (e.g., ["google", "github"]) */
|
|
332
382
|
allowedProviders?: string[];
|
|
333
383
|
/** URL to redirect after OAuth completion */
|
|
@@ -358,9 +408,8 @@ interface CreateConnectSessionOptions {
|
|
|
358
408
|
*
|
|
359
409
|
* // Make API request (token injected automatically)
|
|
360
410
|
* const response = await vault.request(
|
|
361
|
-
*
|
|
411
|
+
* "connection-uuid-here", HttpMethod.GET,
|
|
362
412
|
* "https://www.googleapis.com/calendar/v3/calendars/primary/events",
|
|
363
|
-
* { user: { user_id: "alice" } },
|
|
364
413
|
* );
|
|
365
414
|
* const events = await response.json();
|
|
366
415
|
*
|
|
@@ -382,7 +431,7 @@ declare class AlterVault {
|
|
|
382
431
|
* 4. Logs the call for audit (fire-and-forget)
|
|
383
432
|
* 5. Returns the raw response
|
|
384
433
|
*/
|
|
385
|
-
request(
|
|
434
|
+
request(connectionId: string, method: HttpMethod | string, url: string, options?: RequestOptions): Promise<Response>;
|
|
386
435
|
/**
|
|
387
436
|
* List OAuth connections for this app.
|
|
388
437
|
*
|
|
@@ -396,6 +445,20 @@ declare class AlterVault {
|
|
|
396
445
|
* Returns a URL the user can open in their browser to authorize access.
|
|
397
446
|
*/
|
|
398
447
|
createConnectSession(options: CreateConnectSessionOptions): Promise<ConnectSession>;
|
|
448
|
+
/**
|
|
449
|
+
* Open OAuth in the user's browser and wait for completion.
|
|
450
|
+
*
|
|
451
|
+
* This is the headless connect flow for CLI tools, scripts, and
|
|
452
|
+
* server-side applications. It creates a Connect session, opens the
|
|
453
|
+
* browser, and polls until the user completes OAuth.
|
|
454
|
+
*
|
|
455
|
+
* @param options - Connect options (endUser is required)
|
|
456
|
+
* @returns Array of ConnectResult objects (one per connected provider)
|
|
457
|
+
* @throws ConnectTimeoutError if the user doesn't complete within timeout
|
|
458
|
+
* @throws ConnectFlowError if the user denies or provider returns error
|
|
459
|
+
* @throws AlterSDKError if SDK is closed or session creation fails
|
|
460
|
+
*/
|
|
461
|
+
connect(options: ConnectOptions): Promise<ConnectResult[]>;
|
|
399
462
|
/**
|
|
400
463
|
* Close HTTP clients and release resources.
|
|
401
464
|
* Waits for any pending audit tasks before closing.
|
|
@@ -440,7 +503,7 @@ declare class PolicyViolationError extends TokenRetrievalError {
|
|
|
440
503
|
/**
|
|
441
504
|
* Raised when OAuth connection not found.
|
|
442
505
|
*
|
|
443
|
-
* This indicates no connection exists for the given
|
|
506
|
+
* This indicates no connection exists for the given connection_id.
|
|
444
507
|
*/
|
|
445
508
|
declare class ConnectionNotFoundError extends TokenRetrievalError {
|
|
446
509
|
constructor(message: string, details?: Record<string, unknown>);
|
|
@@ -455,6 +518,25 @@ declare class TokenExpiredError extends TokenRetrievalError {
|
|
|
455
518
|
readonly connectionId: string | undefined;
|
|
456
519
|
constructor(message: string, connectionId?: string, details?: Record<string, unknown>);
|
|
457
520
|
}
|
|
521
|
+
/**
|
|
522
|
+
* Raised when the headless connect() flow fails.
|
|
523
|
+
*
|
|
524
|
+
* This can happen when:
|
|
525
|
+
* - The user denies authorization
|
|
526
|
+
* - The provider returns an error
|
|
527
|
+
* - The session expires before completion
|
|
528
|
+
*/
|
|
529
|
+
declare class ConnectFlowError extends AlterSDKError {
|
|
530
|
+
constructor(message: string, details?: Record<string, unknown>);
|
|
531
|
+
}
|
|
532
|
+
/**
|
|
533
|
+
* Raised when the connect() flow times out.
|
|
534
|
+
*
|
|
535
|
+
* The user did not complete OAuth within the specified timeout period.
|
|
536
|
+
*/
|
|
537
|
+
declare class ConnectTimeoutError extends ConnectFlowError {
|
|
538
|
+
constructor(message: string, details?: Record<string, unknown>);
|
|
539
|
+
}
|
|
458
540
|
/**
|
|
459
541
|
* Raised when provider API call fails.
|
|
460
542
|
*
|
|
@@ -487,4 +569,4 @@ declare class TimeoutError extends NetworkError {
|
|
|
487
569
|
constructor(message: string, details?: Record<string, unknown>);
|
|
488
570
|
}
|
|
489
571
|
|
|
490
|
-
export { APICallAuditLog, AlterSDKError, AlterVault, type AlterVaultOptions, ConnectSession, ConnectionInfo, ConnectionListResult, ConnectionNotFoundError, type CreateConnectSessionOptions, HttpMethod, type ListConnectionsOptions, NetworkError, PolicyViolationError, Provider, ProviderAPIError, type RequestOptions, TimeoutError, TokenExpiredError, TokenResponse, TokenRetrievalError };
|
|
572
|
+
export { APICallAuditLog, ActorType, AlterSDKError, AlterVault, type AlterVaultOptions, ConnectFlowError, type ConnectOptions, ConnectResult, ConnectSession, ConnectTimeoutError, ConnectionInfo, ConnectionListResult, ConnectionNotFoundError, type CreateConnectSessionOptions, HttpMethod, type ListConnectionsOptions, NetworkError, PolicyViolationError, Provider, ProviderAPIError, type RequestOptions, TimeoutError, TokenExpiredError, TokenResponse, TokenRetrievalError };
|
package/dist/index.d.ts
CHANGED
|
@@ -9,6 +9,14 @@
|
|
|
9
9
|
* - TokenResponse: Object.freeze(this) prevents mutation after creation
|
|
10
10
|
* - toJSON() and toString() exclude access token from serialization
|
|
11
11
|
*/
|
|
12
|
+
/**
|
|
13
|
+
* Actor types for tracking SDK callers.
|
|
14
|
+
*/
|
|
15
|
+
declare enum ActorType {
|
|
16
|
+
BACKEND_SERVICE = "backend_service",
|
|
17
|
+
AI_AGENT = "ai_agent",
|
|
18
|
+
MCP_SERVER = "mcp_server"
|
|
19
|
+
}
|
|
12
20
|
/**
|
|
13
21
|
* OAuth token response from Alter Vault.
|
|
14
22
|
*
|
|
@@ -34,6 +42,14 @@ declare class TokenResponse {
|
|
|
34
42
|
readonly scopes: string[];
|
|
35
43
|
/** Connection ID that provided this token */
|
|
36
44
|
readonly connectionId: string;
|
|
45
|
+
/** Provider ID (google, github, etc.) */
|
|
46
|
+
readonly providerId: string;
|
|
47
|
+
/** HTTP header name for credential injection (e.g., "Authorization", "X-API-Key") */
|
|
48
|
+
readonly injectionHeader: string;
|
|
49
|
+
/** Header value format with {token} placeholder (e.g., "Bearer {token}", "{token}") */
|
|
50
|
+
readonly injectionFormat: string;
|
|
51
|
+
/** Extra credentials for multi-part auth (e.g. AWS SigV4 secret_key, region) */
|
|
52
|
+
readonly additionalCredentials: Record<string, string> | null;
|
|
37
53
|
constructor(data: {
|
|
38
54
|
access_token: string;
|
|
39
55
|
token_type?: string;
|
|
@@ -41,6 +57,10 @@ declare class TokenResponse {
|
|
|
41
57
|
expires_at?: string | null;
|
|
42
58
|
scopes?: string[];
|
|
43
59
|
connection_id: string;
|
|
60
|
+
provider_id?: string;
|
|
61
|
+
injection_header?: string;
|
|
62
|
+
injection_format?: string;
|
|
63
|
+
additional_credentials?: Record<string, string> | null;
|
|
44
64
|
});
|
|
45
65
|
/**
|
|
46
66
|
* Parse expires_at from ISO string.
|
|
@@ -80,7 +100,6 @@ declare class TokenResponse {
|
|
|
80
100
|
declare class ConnectionInfo {
|
|
81
101
|
readonly id: string;
|
|
82
102
|
readonly providerId: string;
|
|
83
|
-
readonly attributes: Record<string, unknown>;
|
|
84
103
|
readonly scopes: string[];
|
|
85
104
|
readonly accountIdentifier: string | null;
|
|
86
105
|
readonly accountDisplayName: string | null;
|
|
@@ -91,7 +110,6 @@ declare class ConnectionInfo {
|
|
|
91
110
|
constructor(data: {
|
|
92
111
|
id: string;
|
|
93
112
|
provider_id: string;
|
|
94
|
-
attributes?: Record<string, unknown>;
|
|
95
113
|
scopes?: string[];
|
|
96
114
|
account_identifier?: string | null;
|
|
97
115
|
account_display_name?: string | null;
|
|
@@ -142,6 +160,27 @@ declare class ConnectionListResult {
|
|
|
142
160
|
has_more: boolean;
|
|
143
161
|
});
|
|
144
162
|
}
|
|
163
|
+
/**
|
|
164
|
+
* Result of a headless connect() flow.
|
|
165
|
+
*
|
|
166
|
+
* Returned by connect() after the user completes OAuth in the browser.
|
|
167
|
+
* Contains the connection metadata (no tokens — use request() with
|
|
168
|
+
* the connectionId to make authenticated API calls).
|
|
169
|
+
*/
|
|
170
|
+
declare class ConnectResult {
|
|
171
|
+
readonly connectionId: string;
|
|
172
|
+
readonly providerId: string;
|
|
173
|
+
readonly accountIdentifier: string | null;
|
|
174
|
+
readonly scopes: string[];
|
|
175
|
+
constructor(data: {
|
|
176
|
+
connection_id: string;
|
|
177
|
+
provider_id: string;
|
|
178
|
+
account_identifier?: string | null;
|
|
179
|
+
scopes?: string[];
|
|
180
|
+
});
|
|
181
|
+
toJSON(): Record<string, unknown>;
|
|
182
|
+
toString(): string;
|
|
183
|
+
}
|
|
145
184
|
/**
|
|
146
185
|
* Audit log entry for an API call to a provider.
|
|
147
186
|
*
|
|
@@ -231,8 +270,6 @@ declare enum Provider {
|
|
|
231
270
|
GOOGLE = "google",
|
|
232
271
|
GITHUB = "github",
|
|
233
272
|
SLACK = "slack",
|
|
234
|
-
MICROSOFT = "microsoft",
|
|
235
|
-
SALESFORCE = "salesforce",
|
|
236
273
|
SENTRY = "sentry"
|
|
237
274
|
}
|
|
238
275
|
/**
|
|
@@ -265,14 +302,12 @@ declare enum HttpMethod {
|
|
|
265
302
|
interface AlterVaultOptions {
|
|
266
303
|
/** Alter Vault API key (must start with "alter_key_") */
|
|
267
304
|
apiKey: string;
|
|
268
|
-
/** Base URL for Alter Vault API */
|
|
269
|
-
baseUrl?: string;
|
|
270
305
|
/** HTTP request timeout in milliseconds (default: 30000) */
|
|
271
306
|
timeout?: number;
|
|
272
|
-
/** Actor type (
|
|
273
|
-
actorType
|
|
307
|
+
/** Actor type (use ActorType enum: AI_AGENT, MCP_SERVER, BACKEND_SERVICE) */
|
|
308
|
+
actorType: ActorType | string;
|
|
274
309
|
/** Unique identifier for the actor (e.g., "email-assistant-v2") */
|
|
275
|
-
actorIdentifier
|
|
310
|
+
actorIdentifier: string;
|
|
276
311
|
/** Human-readable name for the actor */
|
|
277
312
|
actorName?: string;
|
|
278
313
|
/** Actor version string (e.g., "1.0.0") */
|
|
@@ -286,8 +321,6 @@ interface AlterVaultOptions {
|
|
|
286
321
|
* Options for the request() method.
|
|
287
322
|
*/
|
|
288
323
|
interface RequestOptions {
|
|
289
|
-
/** User attributes to match connection (e.g., { user_id: "alice" }) */
|
|
290
|
-
user: Record<string, unknown>;
|
|
291
324
|
/** Optional JSON request body */
|
|
292
325
|
json?: Record<string, unknown>;
|
|
293
326
|
/** Optional additional headers */
|
|
@@ -316,6 +349,25 @@ interface ListConnectionsOptions {
|
|
|
316
349
|
/** Offset for pagination (default 0) */
|
|
317
350
|
offset?: number;
|
|
318
351
|
}
|
|
352
|
+
/**
|
|
353
|
+
* Options for the connect() method.
|
|
354
|
+
*/
|
|
355
|
+
interface ConnectOptions {
|
|
356
|
+
/** End user to create session for (requires at least id) */
|
|
357
|
+
endUser: {
|
|
358
|
+
id: string;
|
|
359
|
+
email?: string;
|
|
360
|
+
name?: string;
|
|
361
|
+
};
|
|
362
|
+
/** Restrict to specific providers (e.g., ["google"]) */
|
|
363
|
+
providers?: string[];
|
|
364
|
+
/** Max seconds to wait for completion (default 300 = 5 min) */
|
|
365
|
+
timeout?: number;
|
|
366
|
+
/** Seconds between poll requests (default 2) */
|
|
367
|
+
pollInterval?: number;
|
|
368
|
+
/** If true, opens browser automatically. If false, prints URL. (default true) */
|
|
369
|
+
openBrowser?: boolean;
|
|
370
|
+
}
|
|
319
371
|
/**
|
|
320
372
|
* Options for the createConnectSession() method.
|
|
321
373
|
*/
|
|
@@ -326,8 +378,6 @@ interface CreateConnectSessionOptions {
|
|
|
326
378
|
email?: string;
|
|
327
379
|
name?: string;
|
|
328
380
|
};
|
|
329
|
-
/** User attributes for connection matching */
|
|
330
|
-
attributes?: Record<string, unknown>;
|
|
331
381
|
/** Restrict to specific providers (e.g., ["google", "github"]) */
|
|
332
382
|
allowedProviders?: string[];
|
|
333
383
|
/** URL to redirect after OAuth completion */
|
|
@@ -358,9 +408,8 @@ interface CreateConnectSessionOptions {
|
|
|
358
408
|
*
|
|
359
409
|
* // Make API request (token injected automatically)
|
|
360
410
|
* const response = await vault.request(
|
|
361
|
-
*
|
|
411
|
+
* "connection-uuid-here", HttpMethod.GET,
|
|
362
412
|
* "https://www.googleapis.com/calendar/v3/calendars/primary/events",
|
|
363
|
-
* { user: { user_id: "alice" } },
|
|
364
413
|
* );
|
|
365
414
|
* const events = await response.json();
|
|
366
415
|
*
|
|
@@ -382,7 +431,7 @@ declare class AlterVault {
|
|
|
382
431
|
* 4. Logs the call for audit (fire-and-forget)
|
|
383
432
|
* 5. Returns the raw response
|
|
384
433
|
*/
|
|
385
|
-
request(
|
|
434
|
+
request(connectionId: string, method: HttpMethod | string, url: string, options?: RequestOptions): Promise<Response>;
|
|
386
435
|
/**
|
|
387
436
|
* List OAuth connections for this app.
|
|
388
437
|
*
|
|
@@ -396,6 +445,20 @@ declare class AlterVault {
|
|
|
396
445
|
* Returns a URL the user can open in their browser to authorize access.
|
|
397
446
|
*/
|
|
398
447
|
createConnectSession(options: CreateConnectSessionOptions): Promise<ConnectSession>;
|
|
448
|
+
/**
|
|
449
|
+
* Open OAuth in the user's browser and wait for completion.
|
|
450
|
+
*
|
|
451
|
+
* This is the headless connect flow for CLI tools, scripts, and
|
|
452
|
+
* server-side applications. It creates a Connect session, opens the
|
|
453
|
+
* browser, and polls until the user completes OAuth.
|
|
454
|
+
*
|
|
455
|
+
* @param options - Connect options (endUser is required)
|
|
456
|
+
* @returns Array of ConnectResult objects (one per connected provider)
|
|
457
|
+
* @throws ConnectTimeoutError if the user doesn't complete within timeout
|
|
458
|
+
* @throws ConnectFlowError if the user denies or provider returns error
|
|
459
|
+
* @throws AlterSDKError if SDK is closed or session creation fails
|
|
460
|
+
*/
|
|
461
|
+
connect(options: ConnectOptions): Promise<ConnectResult[]>;
|
|
399
462
|
/**
|
|
400
463
|
* Close HTTP clients and release resources.
|
|
401
464
|
* Waits for any pending audit tasks before closing.
|
|
@@ -440,7 +503,7 @@ declare class PolicyViolationError extends TokenRetrievalError {
|
|
|
440
503
|
/**
|
|
441
504
|
* Raised when OAuth connection not found.
|
|
442
505
|
*
|
|
443
|
-
* This indicates no connection exists for the given
|
|
506
|
+
* This indicates no connection exists for the given connection_id.
|
|
444
507
|
*/
|
|
445
508
|
declare class ConnectionNotFoundError extends TokenRetrievalError {
|
|
446
509
|
constructor(message: string, details?: Record<string, unknown>);
|
|
@@ -455,6 +518,25 @@ declare class TokenExpiredError extends TokenRetrievalError {
|
|
|
455
518
|
readonly connectionId: string | undefined;
|
|
456
519
|
constructor(message: string, connectionId?: string, details?: Record<string, unknown>);
|
|
457
520
|
}
|
|
521
|
+
/**
|
|
522
|
+
* Raised when the headless connect() flow fails.
|
|
523
|
+
*
|
|
524
|
+
* This can happen when:
|
|
525
|
+
* - The user denies authorization
|
|
526
|
+
* - The provider returns an error
|
|
527
|
+
* - The session expires before completion
|
|
528
|
+
*/
|
|
529
|
+
declare class ConnectFlowError extends AlterSDKError {
|
|
530
|
+
constructor(message: string, details?: Record<string, unknown>);
|
|
531
|
+
}
|
|
532
|
+
/**
|
|
533
|
+
* Raised when the connect() flow times out.
|
|
534
|
+
*
|
|
535
|
+
* The user did not complete OAuth within the specified timeout period.
|
|
536
|
+
*/
|
|
537
|
+
declare class ConnectTimeoutError extends ConnectFlowError {
|
|
538
|
+
constructor(message: string, details?: Record<string, unknown>);
|
|
539
|
+
}
|
|
458
540
|
/**
|
|
459
541
|
* Raised when provider API call fails.
|
|
460
542
|
*
|
|
@@ -487,4 +569,4 @@ declare class TimeoutError extends NetworkError {
|
|
|
487
569
|
constructor(message: string, details?: Record<string, unknown>);
|
|
488
570
|
}
|
|
489
571
|
|
|
490
|
-
export { APICallAuditLog, AlterSDKError, AlterVault, type AlterVaultOptions, ConnectSession, ConnectionInfo, ConnectionListResult, ConnectionNotFoundError, type CreateConnectSessionOptions, HttpMethod, type ListConnectionsOptions, NetworkError, PolicyViolationError, Provider, ProviderAPIError, type RequestOptions, TimeoutError, TokenExpiredError, TokenResponse, TokenRetrievalError };
|
|
572
|
+
export { APICallAuditLog, ActorType, AlterSDKError, AlterVault, type AlterVaultOptions, ConnectFlowError, type ConnectOptions, ConnectResult, ConnectSession, ConnectTimeoutError, ConnectionInfo, ConnectionListResult, ConnectionNotFoundError, type CreateConnectSessionOptions, HttpMethod, type ListConnectionsOptions, NetworkError, PolicyViolationError, Provider, ProviderAPIError, type RequestOptions, TimeoutError, TokenExpiredError, TokenResponse, TokenRetrievalError };
|