@ax-hub/admin-sdk 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +324 -0
- package/LICENSE +201 -0
- package/README.md +120 -0
- package/dist/index.cjs +1 -0
- package/dist/index.d.cts +873 -0
- package/dist/index.d.ts +873 -0
- package/dist/index.js +1 -0
- package/package.json +57 -0
package/dist/index.d.cts
ADDED
|
@@ -0,0 +1,873 @@
|
|
|
1
|
+
interface FieldError {
|
|
2
|
+
name: string;
|
|
3
|
+
code: string;
|
|
4
|
+
message?: string;
|
|
5
|
+
}
|
|
6
|
+
interface RetryInfo {
|
|
7
|
+
afterMs: number;
|
|
8
|
+
}
|
|
9
|
+
interface AxHubErrorInit {
|
|
10
|
+
message: string;
|
|
11
|
+
code: string;
|
|
12
|
+
category: string;
|
|
13
|
+
httpStatus: number;
|
|
14
|
+
retryable: boolean;
|
|
15
|
+
requestId: string;
|
|
16
|
+
resource?: string;
|
|
17
|
+
fields?: FieldError[];
|
|
18
|
+
retry?: RetryInfo;
|
|
19
|
+
docUrl?: string;
|
|
20
|
+
cause?: unknown;
|
|
21
|
+
}
|
|
22
|
+
declare class AxHubError extends Error {
|
|
23
|
+
readonly code: string;
|
|
24
|
+
readonly category: string;
|
|
25
|
+
readonly httpStatus: number;
|
|
26
|
+
readonly retryable: boolean;
|
|
27
|
+
readonly requestId: string;
|
|
28
|
+
readonly resource?: string;
|
|
29
|
+
readonly fields?: FieldError[];
|
|
30
|
+
readonly retry?: RetryInfo;
|
|
31
|
+
readonly docUrl?: string;
|
|
32
|
+
constructor(init: AxHubErrorInit);
|
|
33
|
+
toJSON(): Record<string, unknown>;
|
|
34
|
+
toString(): string;
|
|
35
|
+
}
|
|
36
|
+
declare function formatErrorMessage(err: AxHubError): string;
|
|
37
|
+
declare class ValidationError extends AxHubError {
|
|
38
|
+
}
|
|
39
|
+
declare class UnauthenticatedError extends AxHubError {
|
|
40
|
+
}
|
|
41
|
+
declare class PermissionDeniedError extends AxHubError {
|
|
42
|
+
}
|
|
43
|
+
declare class NotFoundError extends AxHubError {
|
|
44
|
+
}
|
|
45
|
+
declare class ConflictError extends AxHubError {
|
|
46
|
+
}
|
|
47
|
+
declare class PreconditionFailedError extends AxHubError {
|
|
48
|
+
}
|
|
49
|
+
declare class RateLimitedError extends AxHubError {
|
|
50
|
+
}
|
|
51
|
+
declare class InternalServerError extends AxHubError {
|
|
52
|
+
}
|
|
53
|
+
declare class UnavailableError extends AxHubError {
|
|
54
|
+
}
|
|
55
|
+
declare class SlugTakenError extends ConflictError {
|
|
56
|
+
}
|
|
57
|
+
declare class AlreadyMemberError extends ConflictError {
|
|
58
|
+
}
|
|
59
|
+
declare class AlreadyDeletedError extends ConflictError {
|
|
60
|
+
}
|
|
61
|
+
declare class TokenMissingError extends UnauthenticatedError {
|
|
62
|
+
}
|
|
63
|
+
declare class TokenExpiredError extends UnauthenticatedError {
|
|
64
|
+
}
|
|
65
|
+
declare class TokenInvalidError extends UnauthenticatedError {
|
|
66
|
+
}
|
|
67
|
+
declare class NotAdminError extends PermissionDeniedError {
|
|
68
|
+
}
|
|
69
|
+
declare class ForbiddenError extends PermissionDeniedError {
|
|
70
|
+
}
|
|
71
|
+
declare class PermanentlyDeletedError extends NotFoundError {
|
|
72
|
+
}
|
|
73
|
+
declare class InvitationExpiredError extends NotFoundError {
|
|
74
|
+
}
|
|
75
|
+
declare class AlreadyRevokedError extends ConflictError {
|
|
76
|
+
}
|
|
77
|
+
declare class AlreadySettledError extends ConflictError {
|
|
78
|
+
}
|
|
79
|
+
declare class AlreadyActiveError extends ConflictError {
|
|
80
|
+
}
|
|
81
|
+
declare class AlreadyInactiveError extends ConflictError {
|
|
82
|
+
}
|
|
83
|
+
declare class AlreadyAccessedError extends ConflictError {
|
|
84
|
+
}
|
|
85
|
+
declare class NotDeletedError extends ConflictError {
|
|
86
|
+
}
|
|
87
|
+
declare class LastAdminError extends ConflictError {
|
|
88
|
+
}
|
|
89
|
+
declare class PendingExistsError extends ConflictError {
|
|
90
|
+
}
|
|
91
|
+
declare class InvalidStateTransitionError extends ConflictError {
|
|
92
|
+
}
|
|
93
|
+
declare class SchemaNameTakenError extends ConflictError {
|
|
94
|
+
}
|
|
95
|
+
declare class DomainTakenError extends ConflictError {
|
|
96
|
+
}
|
|
97
|
+
declare class DuplicateError extends ConflictError {
|
|
98
|
+
}
|
|
99
|
+
declare class InvalidValueError extends ValidationError {
|
|
100
|
+
}
|
|
101
|
+
declare class RequiredError extends ValidationError {
|
|
102
|
+
}
|
|
103
|
+
declare class EmptyError extends ValidationError {
|
|
104
|
+
}
|
|
105
|
+
declare class BadRequestError extends ValidationError {
|
|
106
|
+
}
|
|
107
|
+
declare class NotMemberError extends PermissionDeniedError {
|
|
108
|
+
}
|
|
109
|
+
declare class NotAllowedError extends PermissionDeniedError {
|
|
110
|
+
}
|
|
111
|
+
declare class AppUnavailableError extends UnavailableError {
|
|
112
|
+
}
|
|
113
|
+
declare class NetworkError extends AxHubError {
|
|
114
|
+
}
|
|
115
|
+
declare class TimeoutError extends AxHubError {
|
|
116
|
+
}
|
|
117
|
+
declare class DecodeError extends AxHubError {
|
|
118
|
+
}
|
|
119
|
+
declare class AbortError extends AxHubError {
|
|
120
|
+
}
|
|
121
|
+
declare class InvalidPathError extends AxHubError {
|
|
122
|
+
}
|
|
123
|
+
declare class StreamConsumedError extends AxHubError {
|
|
124
|
+
}
|
|
125
|
+
declare class TenantSlugRequiredError extends AxHubError {
|
|
126
|
+
}
|
|
127
|
+
/**
|
|
128
|
+
* SDK-self error: tenant-scoped app routes
|
|
129
|
+
* (`POST`/`GET /api/v1/tenants/{tenantID}/apps`) require a tenant **UUID** in
|
|
130
|
+
* the path. Thrown before any request when the SDK holds only a slug (or no
|
|
131
|
+
* tenant context). Mirrors {@link TenantSlugRequiredError}; constructed inline
|
|
132
|
+
* at call sites (crud.ts / scoped.ts), like TenantSlugRequiredError in client.ts.
|
|
133
|
+
*/
|
|
134
|
+
declare class TenantIdRequiredError extends AxHubError {
|
|
135
|
+
}
|
|
136
|
+
declare class ConfigurationError extends AxHubError {
|
|
137
|
+
}
|
|
138
|
+
declare class PoolStaleError extends UnauthenticatedError {
|
|
139
|
+
}
|
|
140
|
+
declare class WebhookVerificationError extends ValidationError {
|
|
141
|
+
}
|
|
142
|
+
declare class TableNotFoundError extends NotFoundError {
|
|
143
|
+
}
|
|
144
|
+
declare class IntrospectFailedError extends InternalServerError {
|
|
145
|
+
}
|
|
146
|
+
declare class InvalidCursorError extends ValidationError {
|
|
147
|
+
}
|
|
148
|
+
declare class LegacyCursorError extends ValidationError {
|
|
149
|
+
}
|
|
150
|
+
declare class MockInProductionError extends ConfigurationError {
|
|
151
|
+
}
|
|
152
|
+
declare class ScanLimitExceededError extends InternalServerError {
|
|
153
|
+
}
|
|
154
|
+
interface OAuthErrorInit {
|
|
155
|
+
code: string;
|
|
156
|
+
description?: string;
|
|
157
|
+
uri?: string;
|
|
158
|
+
httpStatus: number;
|
|
159
|
+
retryable: boolean;
|
|
160
|
+
requestId: string;
|
|
161
|
+
}
|
|
162
|
+
declare class OAuthError extends AxHubError {
|
|
163
|
+
readonly description?: string;
|
|
164
|
+
readonly uri?: string;
|
|
165
|
+
constructor(init: OAuthErrorInit);
|
|
166
|
+
}
|
|
167
|
+
declare class InvalidGrantError extends OAuthError {
|
|
168
|
+
}
|
|
169
|
+
declare class AccessDeniedError extends OAuthError {
|
|
170
|
+
}
|
|
171
|
+
declare class AuthorizationPendingError extends OAuthError {
|
|
172
|
+
}
|
|
173
|
+
declare class SlowDownError extends OAuthError {
|
|
174
|
+
}
|
|
175
|
+
declare class ExpiredTokenError extends OAuthError {
|
|
176
|
+
}
|
|
177
|
+
declare class DeviceFlowDeniedError extends AccessDeniedError {
|
|
178
|
+
}
|
|
179
|
+
declare class DeviceFlowTimeoutError extends ExpiredTokenError {
|
|
180
|
+
}
|
|
181
|
+
declare class InvalidTargetError extends OAuthError {
|
|
182
|
+
}
|
|
183
|
+
declare class InvalidClientError extends OAuthError {
|
|
184
|
+
}
|
|
185
|
+
declare class InvalidRequestError extends OAuthError {
|
|
186
|
+
}
|
|
187
|
+
declare class InvalidScopeError extends OAuthError {
|
|
188
|
+
}
|
|
189
|
+
declare class InvalidTokenError extends OAuthError {
|
|
190
|
+
}
|
|
191
|
+
declare class UnauthorizedClientError extends OAuthError {
|
|
192
|
+
}
|
|
193
|
+
declare class UnsupportedGrantTypeError extends OAuthError {
|
|
194
|
+
}
|
|
195
|
+
declare class OAuthServerError extends OAuthError {
|
|
196
|
+
}
|
|
197
|
+
declare class TemporarilyUnavailableError extends OAuthError {
|
|
198
|
+
}
|
|
199
|
+
|
|
200
|
+
declare const brand: unique symbol;
|
|
201
|
+
type Branded<T, B extends string> = T & {
|
|
202
|
+
readonly [brand]: B;
|
|
203
|
+
};
|
|
204
|
+
type AppId = Branded<string, 'AppId'>;
|
|
205
|
+
type AppID = AppId;
|
|
206
|
+
type DeploymentId = Branded<string, 'DeploymentId'>;
|
|
207
|
+
type DeploymentID = DeploymentId;
|
|
208
|
+
type TenantId = Branded<string, 'TenantId'>;
|
|
209
|
+
type TenantID = TenantId;
|
|
210
|
+
type TenantSlug = Branded<string, 'TenantSlug'>;
|
|
211
|
+
type AppSlug = Branded<string, 'AppSlug'>;
|
|
212
|
+
type PatId = Branded<string, 'PatId'>;
|
|
213
|
+
type PATID = PatId;
|
|
214
|
+
type UserId = Branded<string, 'UserId'>;
|
|
215
|
+
type UserID = UserId;
|
|
216
|
+
type RequestId = Branded<string, 'RequestId'>;
|
|
217
|
+
type ResourceID = Branded<string, 'ResourceID'>;
|
|
218
|
+
type ConnectorID = Branded<string, 'ConnectorID'>;
|
|
219
|
+
type SubjectID = Branded<string, 'SubjectID'>;
|
|
220
|
+
type GrantID = Branded<string, 'GrantID'>;
|
|
221
|
+
type TagID = Branded<string, 'TagID'>;
|
|
222
|
+
type AuditEventID = Branded<string, 'AuditEventID'>;
|
|
223
|
+
type TableID = Branded<string, 'TableID'>;
|
|
224
|
+
declare function asAppId(s: string): AppId;
|
|
225
|
+
declare function asDeploymentId(s: string): DeploymentId;
|
|
226
|
+
declare function asTenantId(s: string): TenantId;
|
|
227
|
+
declare function asTenantSlug(s: string): TenantSlug;
|
|
228
|
+
declare function asAppSlug(s: string): AppSlug;
|
|
229
|
+
declare function asPatId(s: string): PatId;
|
|
230
|
+
declare function asUserId(s: string): UserId;
|
|
231
|
+
declare function asRequestId(s: string): RequestId;
|
|
232
|
+
/**
|
|
233
|
+
* Runtime-validating branded ID factories. SDK methods still accept plain
|
|
234
|
+
* strings; these factories are for callers who want validation plus
|
|
235
|
+
* compile-time brand separation in their own code.
|
|
236
|
+
*/
|
|
237
|
+
declare const id: {
|
|
238
|
+
tenant(value: string): TenantID;
|
|
239
|
+
tenantSlug(value: string): TenantSlug;
|
|
240
|
+
app(value: string): AppID;
|
|
241
|
+
appSlug(value: string): AppSlug;
|
|
242
|
+
user(value: string): UserID;
|
|
243
|
+
deployment(value: string): DeploymentID;
|
|
244
|
+
pat(value: string): PATID;
|
|
245
|
+
resource(value: string): ResourceID;
|
|
246
|
+
connector(value: string): ConnectorID;
|
|
247
|
+
subject(value: string): SubjectID;
|
|
248
|
+
grant(value: string): GrantID;
|
|
249
|
+
tag(value: string): TagID;
|
|
250
|
+
auditEvent(value: string): AuditEventID;
|
|
251
|
+
table(value: string): TableID;
|
|
252
|
+
};
|
|
253
|
+
|
|
254
|
+
interface Logger {
|
|
255
|
+
debug(obj: object, msg?: string): void;
|
|
256
|
+
info(obj: object, msg?: string): void;
|
|
257
|
+
warn(obj: object, msg?: string): void;
|
|
258
|
+
error(obj: object, msg?: string): void;
|
|
259
|
+
}
|
|
260
|
+
|
|
261
|
+
declare function parseRetryAfter(header: string | null | undefined): number;
|
|
262
|
+
type RateLimitStrategy = 'sleep' | 'throw';
|
|
263
|
+
|
|
264
|
+
interface RetryPolicy {
|
|
265
|
+
maxAttempts: number;
|
|
266
|
+
baseMs: number;
|
|
267
|
+
capMs: number;
|
|
268
|
+
jitter: () => number;
|
|
269
|
+
}
|
|
270
|
+
|
|
271
|
+
type FetchLike = typeof fetch;
|
|
272
|
+
type TokenType = 'pat' | 'jwt';
|
|
273
|
+
type AuthRing = 'admin' | 'data' | 'public';
|
|
274
|
+
interface AuthProvider {
|
|
275
|
+
headersFor(ring: AuthRing): Record<string, string>;
|
|
276
|
+
onUnauthorized(): Promise<boolean>;
|
|
277
|
+
}
|
|
278
|
+
interface HttpClientOptions {
|
|
279
|
+
baseUrl: string;
|
|
280
|
+
auth: AuthProvider;
|
|
281
|
+
fetch?: FetchLike;
|
|
282
|
+
logger?: Logger;
|
|
283
|
+
debug?: boolean;
|
|
284
|
+
timeoutMs?: number;
|
|
285
|
+
idempotencyKey?: {
|
|
286
|
+
autoGenerate?: boolean;
|
|
287
|
+
generator?: () => string;
|
|
288
|
+
};
|
|
289
|
+
retryPolicy?: RetryPolicy;
|
|
290
|
+
rateLimitStrategy?: RateLimitStrategy;
|
|
291
|
+
}
|
|
292
|
+
interface RequestInit2 {
|
|
293
|
+
ring: AuthRing;
|
|
294
|
+
query?: Record<string, string | number | boolean | undefined>;
|
|
295
|
+
body?: unknown;
|
|
296
|
+
parseBody?: boolean;
|
|
297
|
+
signal?: AbortSignal;
|
|
298
|
+
idempotent?: boolean;
|
|
299
|
+
rawResponse?: boolean;
|
|
300
|
+
headers?: Record<string, string>;
|
|
301
|
+
timeoutMs?: number;
|
|
302
|
+
idempotencyKey?: string | false;
|
|
303
|
+
}
|
|
304
|
+
declare class HttpClient {
|
|
305
|
+
readonly baseUrl: string;
|
|
306
|
+
readonly auth: AuthProvider;
|
|
307
|
+
readonly fetch: FetchLike;
|
|
308
|
+
readonly logger: Logger;
|
|
309
|
+
readonly debug: boolean;
|
|
310
|
+
readonly timeoutMs: number;
|
|
311
|
+
readonly idempotencyKey: Required<NonNullable<HttpClientOptions['idempotencyKey']>>;
|
|
312
|
+
readonly retryPolicy: RetryPolicy;
|
|
313
|
+
readonly rateLimitStrategy: RateLimitStrategy;
|
|
314
|
+
constructor(opts: HttpClientOptions);
|
|
315
|
+
request<T>(method: string, path: string, init: RequestInit2): Promise<T>;
|
|
316
|
+
private requestOnce;
|
|
317
|
+
private parseSuccess;
|
|
318
|
+
private safeParseJson;
|
|
319
|
+
private buildUrl;
|
|
320
|
+
private buildHeaders;
|
|
321
|
+
private resolveIdempotencyKey;
|
|
322
|
+
private withStableIdempotencyKey;
|
|
323
|
+
private logRequest;
|
|
324
|
+
}
|
|
325
|
+
|
|
326
|
+
interface StaticTokenAuthOptions {
|
|
327
|
+
token: string;
|
|
328
|
+
tokenType: TokenType;
|
|
329
|
+
onRefresh?: () => Promise<string>;
|
|
330
|
+
}
|
|
331
|
+
declare class StaticTokenAuth implements AuthProvider {
|
|
332
|
+
private token;
|
|
333
|
+
readonly tokenType: TokenType;
|
|
334
|
+
private readonly onRefresh?;
|
|
335
|
+
private refreshing;
|
|
336
|
+
constructor(opts: StaticTokenAuthOptions);
|
|
337
|
+
currentToken(): string;
|
|
338
|
+
headersFor(ring: AuthRing): Record<string, string>;
|
|
339
|
+
onUnauthorized(): Promise<boolean>;
|
|
340
|
+
}
|
|
341
|
+
declare class NoAuth implements AuthProvider {
|
|
342
|
+
headersFor(_ring: AuthRing): Record<string, string>;
|
|
343
|
+
onUnauthorized(): Promise<boolean>;
|
|
344
|
+
}
|
|
345
|
+
|
|
346
|
+
interface PaginatedList<T> {
|
|
347
|
+
items: T[];
|
|
348
|
+
nextCursor: string | null;
|
|
349
|
+
total: number;
|
|
350
|
+
firstCursor?: string | null;
|
|
351
|
+
hasNext?: boolean;
|
|
352
|
+
hasPrev?: boolean;
|
|
353
|
+
/**
|
|
354
|
+
* `true` when `total` reflects the full filtered result set the caller will
|
|
355
|
+
* see. `false` when SDK-side filtering (no backend `where` pushdown) means
|
|
356
|
+
* `total` is the backend's unfiltered total and the true filtered count
|
|
357
|
+
* requires walking remaining pages. Absent on plain unfiltered queries.
|
|
358
|
+
*/
|
|
359
|
+
totalIsExact?: boolean;
|
|
360
|
+
}
|
|
361
|
+
interface ListOptions {
|
|
362
|
+
pageSize?: number;
|
|
363
|
+
cursor?: string;
|
|
364
|
+
after?: string;
|
|
365
|
+
before?: string;
|
|
366
|
+
}
|
|
367
|
+
interface ListAllOptions extends ListOptions {
|
|
368
|
+
signal?: AbortSignal;
|
|
369
|
+
}
|
|
370
|
+
type ListAllItem<T> = {
|
|
371
|
+
type: 'item';
|
|
372
|
+
value: T;
|
|
373
|
+
} | {
|
|
374
|
+
type: 'drift';
|
|
375
|
+
addedSince: number;
|
|
376
|
+
};
|
|
377
|
+
type CursorDirection = 'forward' | 'backward';
|
|
378
|
+
type OrderDirection = 'asc' | 'desc';
|
|
379
|
+
interface OrderByField {
|
|
380
|
+
field: string;
|
|
381
|
+
dir?: OrderDirection;
|
|
382
|
+
}
|
|
383
|
+
type DataOrderBy = string | readonly OrderByField[];
|
|
384
|
+
interface KeysetCursor {
|
|
385
|
+
values: Record<string, string | number | boolean | null>;
|
|
386
|
+
direction: CursorDirection;
|
|
387
|
+
orderBy: OrderByField[];
|
|
388
|
+
orderByFingerprint: string;
|
|
389
|
+
tiebreaker?: {
|
|
390
|
+
field: string;
|
|
391
|
+
value: string | number;
|
|
392
|
+
};
|
|
393
|
+
/**
|
|
394
|
+
* Backend compatibility metadata. Current AX Hub data API exposes offset
|
|
395
|
+
* `page`/`per_page` pagination and treats unknown query keys as filters, so
|
|
396
|
+
* SDK-generated v2 cursors carry the next/previous page number instead of
|
|
397
|
+
* sending unsupported `after`/`before` query parameters to production.
|
|
398
|
+
*/
|
|
399
|
+
page?: number;
|
|
400
|
+
/**
|
|
401
|
+
* Scope binding. SDK-generated cursors carry a fingerprint of the
|
|
402
|
+
* `${tenant}/${app}/${table}` resource so a cursor minted on table A cannot
|
|
403
|
+
* be silently replayed against table B. Optional on decoded cursors for
|
|
404
|
+
* backward compatibility with backend-emitted cursors that omit it.
|
|
405
|
+
*/
|
|
406
|
+
contextFingerprint?: string;
|
|
407
|
+
}
|
|
408
|
+
interface CursorBuildOptions {
|
|
409
|
+
direction?: CursorDirection;
|
|
410
|
+
orderBy?: DataOrderBy;
|
|
411
|
+
page?: number;
|
|
412
|
+
contextFingerprint?: string;
|
|
413
|
+
}
|
|
414
|
+
declare function encodeCursor(cursor: KeysetCursor): string;
|
|
415
|
+
declare function decodeCursor(token: string): KeysetCursor;
|
|
416
|
+
declare function orderByFingerprint(orderBy?: DataOrderBy): string;
|
|
417
|
+
declare function cursorFromRow(row: Record<string, unknown> | undefined, opts?: CursorBuildOptions): string | null;
|
|
418
|
+
|
|
419
|
+
interface ParsedFrame {
|
|
420
|
+
id?: string;
|
|
421
|
+
event?: string;
|
|
422
|
+
data: string;
|
|
423
|
+
}
|
|
424
|
+
type StreamItem<T> = {
|
|
425
|
+
type: 'item';
|
|
426
|
+
value: T;
|
|
427
|
+
id: string | undefined;
|
|
428
|
+
} | {
|
|
429
|
+
type: 'gap';
|
|
430
|
+
sinceId: string | undefined;
|
|
431
|
+
missingCount?: number;
|
|
432
|
+
} | {
|
|
433
|
+
type: 'decode-skip';
|
|
434
|
+
frame: ParsedFrame;
|
|
435
|
+
error: AxHubError;
|
|
436
|
+
};
|
|
437
|
+
interface SSEStreamOptions<T> {
|
|
438
|
+
url: string;
|
|
439
|
+
http: HttpClient;
|
|
440
|
+
ring: AuthRing;
|
|
441
|
+
signal?: AbortSignal;
|
|
442
|
+
maxReconnects?: number;
|
|
443
|
+
parseEvent: (frame: ParsedFrame) => T;
|
|
444
|
+
}
|
|
445
|
+
interface SSEStream<T> extends AsyncIterable<StreamItem<T>> {
|
|
446
|
+
dispose(): void;
|
|
447
|
+
}
|
|
448
|
+
|
|
449
|
+
type WebhookVerifyReason = 'signature_mismatch' | 'timestamp_skew' | 'malformed_signature' | 'missing_secret' | 'replay';
|
|
450
|
+
interface VerifyWebhookInput {
|
|
451
|
+
rawBody: Buffer | Uint8Array | string;
|
|
452
|
+
signature: string;
|
|
453
|
+
secret: string;
|
|
454
|
+
tolerance?: number;
|
|
455
|
+
timestamp?: string;
|
|
456
|
+
replayCache?: Set<string>;
|
|
457
|
+
now?: () => number;
|
|
458
|
+
}
|
|
459
|
+
interface VerifyWebhookResult {
|
|
460
|
+
ok: boolean;
|
|
461
|
+
reason?: WebhookVerifyReason;
|
|
462
|
+
}
|
|
463
|
+
declare function signWebhook(rawBody: Buffer | Uint8Array | string, secret: string, timestamp?: string): string;
|
|
464
|
+
declare function verifyWebhook(input: VerifyWebhookInput): VerifyWebhookResult;
|
|
465
|
+
|
|
466
|
+
interface RequestOptions {
|
|
467
|
+
signal?: AbortSignal;
|
|
468
|
+
timeoutMs?: number;
|
|
469
|
+
idempotencyKey?: string | false;
|
|
470
|
+
}
|
|
471
|
+
interface PageRequestOptions extends ListOptions, RequestOptions {
|
|
472
|
+
}
|
|
473
|
+
|
|
474
|
+
interface AuditEvent {
|
|
475
|
+
id: string;
|
|
476
|
+
type?: string;
|
|
477
|
+
actorId?: string;
|
|
478
|
+
hash?: string;
|
|
479
|
+
prevHash?: string;
|
|
480
|
+
createdAt?: string;
|
|
481
|
+
[key: string]: unknown;
|
|
482
|
+
}
|
|
483
|
+
interface EmitAuditEventInput {
|
|
484
|
+
type: string;
|
|
485
|
+
actorId?: string;
|
|
486
|
+
resource?: string;
|
|
487
|
+
payload?: unknown;
|
|
488
|
+
}
|
|
489
|
+
interface IntegrityCheckResult {
|
|
490
|
+
ok: boolean;
|
|
491
|
+
checked: number;
|
|
492
|
+
firstBadSeq?: number;
|
|
493
|
+
reason?: string;
|
|
494
|
+
}
|
|
495
|
+
interface AnonymizeInput {
|
|
496
|
+
subjectId?: string;
|
|
497
|
+
actorId?: string;
|
|
498
|
+
anonymizedId?: string;
|
|
499
|
+
reason?: string;
|
|
500
|
+
}
|
|
501
|
+
declare class AuditClient {
|
|
502
|
+
private readonly http;
|
|
503
|
+
readonly events: AuditEventsClient;
|
|
504
|
+
readonly server: AuditServerClient;
|
|
505
|
+
constructor(http: HttpClient);
|
|
506
|
+
scoped(tenantSlug: string): TenantAuditClient;
|
|
507
|
+
integrityCheck(tenantSlug: string, opts?: RequestOptions): Promise<IntegrityCheckResult>;
|
|
508
|
+
anonymize(tenantSlug: string, input: AnonymizeInput, opts?: RequestOptions): Promise<AuditEvent | void>;
|
|
509
|
+
}
|
|
510
|
+
declare class TenantAuditClient {
|
|
511
|
+
private readonly http;
|
|
512
|
+
private readonly tenantSlug;
|
|
513
|
+
readonly events: AuditEventsForTenantClient;
|
|
514
|
+
readonly server: AuditServerForTenantClient;
|
|
515
|
+
constructor(http: HttpClient, tenantSlug: string);
|
|
516
|
+
integrityCheck(opts?: RequestOptions): Promise<IntegrityCheckResult>;
|
|
517
|
+
anonymize(input: AnonymizeInput, opts?: RequestOptions): Promise<AuditEvent | void>;
|
|
518
|
+
}
|
|
519
|
+
declare class AuditEventsClient {
|
|
520
|
+
private readonly http;
|
|
521
|
+
constructor(http: HttpClient);
|
|
522
|
+
forTenant(tenantSlug: string): AuditEventsForTenantClient;
|
|
523
|
+
}
|
|
524
|
+
declare class AuditEventsForTenantClient {
|
|
525
|
+
private readonly http;
|
|
526
|
+
private readonly tenantSlug;
|
|
527
|
+
constructor(http: HttpClient, tenantSlug: string);
|
|
528
|
+
list(opts?: PageRequestOptions & {
|
|
529
|
+
type?: string;
|
|
530
|
+
}): Promise<PaginatedList<AuditEvent>>;
|
|
531
|
+
get(eventId: string, opts?: RequestOptions): Promise<AuditEvent>;
|
|
532
|
+
}
|
|
533
|
+
declare class AuditServerClient {
|
|
534
|
+
private readonly http;
|
|
535
|
+
constructor(http: HttpClient);
|
|
536
|
+
forTenant(tenantSlug: string): AuditServerForTenantClient;
|
|
537
|
+
}
|
|
538
|
+
declare class AuditServerForTenantClient {
|
|
539
|
+
private readonly http;
|
|
540
|
+
private readonly tenantSlug;
|
|
541
|
+
constructor(http: HttpClient, tenantSlug: string);
|
|
542
|
+
/**
|
|
543
|
+
* Emit a server-side audit event.
|
|
544
|
+
*
|
|
545
|
+
* @remarks The backend route `POST /audit-events/server` is not yet
|
|
546
|
+
* implemented (currently 404). Retained ahead of backend support — see
|
|
547
|
+
* ADR-0040. Do not rely on this in production until the route ships.
|
|
548
|
+
*/
|
|
549
|
+
emit(input: EmitAuditEventInput, opts?: RequestOptions): Promise<AuditEvent>;
|
|
550
|
+
}
|
|
551
|
+
|
|
552
|
+
interface AuthzTag {
|
|
553
|
+
id: string;
|
|
554
|
+
name: string;
|
|
555
|
+
parentId?: string;
|
|
556
|
+
[key: string]: unknown;
|
|
557
|
+
}
|
|
558
|
+
interface AuthzSubject {
|
|
559
|
+
id: string;
|
|
560
|
+
type: string;
|
|
561
|
+
externalId?: string;
|
|
562
|
+
[key: string]: unknown;
|
|
563
|
+
}
|
|
564
|
+
interface AuthzGrant {
|
|
565
|
+
id: string;
|
|
566
|
+
subjectId: string;
|
|
567
|
+
resource: string;
|
|
568
|
+
action: string;
|
|
569
|
+
effect: 'allow' | 'deny';
|
|
570
|
+
[key: string]: unknown;
|
|
571
|
+
}
|
|
572
|
+
declare class AuthzClient {
|
|
573
|
+
private readonly http;
|
|
574
|
+
constructor(http: HttpClient);
|
|
575
|
+
scoped(tenantSlug: string): TenantAuthzClient;
|
|
576
|
+
}
|
|
577
|
+
declare class TenantAuthzClient {
|
|
578
|
+
/** @adminOnly Tag governance (tenant_admin). list/create/update/delete. */
|
|
579
|
+
readonly tags: AuthzTagsClient;
|
|
580
|
+
/** @adminOnly Subject governance (tenant_admin). list/create/update/delete. */
|
|
581
|
+
readonly subjects: AuthzSubjectsClient;
|
|
582
|
+
/** @adminOnly Grant governance (tenant_admin). list only — backend exposes no REST create/update/delete. */
|
|
583
|
+
readonly grants: AuthzGrantsClient;
|
|
584
|
+
constructor(http: HttpClient, tenantSlug: string);
|
|
585
|
+
}
|
|
586
|
+
declare class AuthzTagsClient {
|
|
587
|
+
private readonly http;
|
|
588
|
+
private readonly base;
|
|
589
|
+
constructor(http: HttpClient, base: string);
|
|
590
|
+
list(opts?: RequestOptions): Promise<AuthzTag[]>;
|
|
591
|
+
create(input: Record<string, unknown>, opts?: RequestOptions): Promise<AuthzTag>;
|
|
592
|
+
update(id: string, patch: Record<string, unknown>, opts?: RequestOptions): Promise<AuthzTag>;
|
|
593
|
+
delete(id: string, opts?: RequestOptions): Promise<void>;
|
|
594
|
+
}
|
|
595
|
+
declare class AuthzSubjectsClient {
|
|
596
|
+
private readonly http;
|
|
597
|
+
private readonly base;
|
|
598
|
+
constructor(http: HttpClient, base: string);
|
|
599
|
+
list(opts?: RequestOptions): Promise<AuthzSubject[]>;
|
|
600
|
+
create(input: Record<string, unknown>, opts?: RequestOptions): Promise<AuthzSubject>;
|
|
601
|
+
update(id: string, patch: Record<string, unknown>, opts?: RequestOptions): Promise<AuthzSubject>;
|
|
602
|
+
delete(id: string, opts?: RequestOptions): Promise<void>;
|
|
603
|
+
}
|
|
604
|
+
declare class AuthzGrantsClient {
|
|
605
|
+
private readonly http;
|
|
606
|
+
private readonly base;
|
|
607
|
+
constructor(http: HttpClient, base: string);
|
|
608
|
+
list(opts?: RequestOptions): Promise<AuthzGrant[]>;
|
|
609
|
+
}
|
|
610
|
+
|
|
611
|
+
type AdminMockFixtures = {
|
|
612
|
+
tenants?: Tenant[];
|
|
613
|
+
};
|
|
614
|
+
declare class AdminMockStore {
|
|
615
|
+
private tenants;
|
|
616
|
+
private nextId;
|
|
617
|
+
constructor(fixtures?: AdminMockFixtures);
|
|
618
|
+
createTenant(input: CreateTenantInput): Tenant;
|
|
619
|
+
getTenant(id: string): Tenant;
|
|
620
|
+
listTenants(): PaginatedList<Tenant>;
|
|
621
|
+
updateTenant(id: string, patch: UpdateTenantInput): Tenant;
|
|
622
|
+
deleteTenant(id: string): void;
|
|
623
|
+
}
|
|
624
|
+
|
|
625
|
+
interface Tenant {
|
|
626
|
+
id: string;
|
|
627
|
+
slug: string;
|
|
628
|
+
name: string;
|
|
629
|
+
plan?: string;
|
|
630
|
+
createdAt?: string;
|
|
631
|
+
updatedAt?: string;
|
|
632
|
+
[key: string]: unknown;
|
|
633
|
+
}
|
|
634
|
+
interface CreateTenantInput {
|
|
635
|
+
slug: string;
|
|
636
|
+
name: string;
|
|
637
|
+
plan?: string;
|
|
638
|
+
}
|
|
639
|
+
interface UpdateTenantInput {
|
|
640
|
+
name?: string;
|
|
641
|
+
plan?: string;
|
|
642
|
+
}
|
|
643
|
+
interface TenantMember {
|
|
644
|
+
id: string;
|
|
645
|
+
userId: string;
|
|
646
|
+
role: string;
|
|
647
|
+
status?: string;
|
|
648
|
+
[key: string]: unknown;
|
|
649
|
+
}
|
|
650
|
+
interface TenantInvitation {
|
|
651
|
+
id: string;
|
|
652
|
+
email: string;
|
|
653
|
+
role: string;
|
|
654
|
+
status: string;
|
|
655
|
+
reason?: string;
|
|
656
|
+
[key: string]: unknown;
|
|
657
|
+
}
|
|
658
|
+
interface InviteTenantMemberInput {
|
|
659
|
+
email: string;
|
|
660
|
+
role: string;
|
|
661
|
+
reason?: string;
|
|
662
|
+
}
|
|
663
|
+
interface BulkInviteResult {
|
|
664
|
+
accepted: TenantInvitation[];
|
|
665
|
+
rejected: Array<{
|
|
666
|
+
email: string;
|
|
667
|
+
reason: string;
|
|
668
|
+
message?: string;
|
|
669
|
+
}>;
|
|
670
|
+
}
|
|
671
|
+
interface EmailDomain {
|
|
672
|
+
domain: string;
|
|
673
|
+
verified?: boolean;
|
|
674
|
+
[key: string]: unknown;
|
|
675
|
+
}
|
|
676
|
+
interface TenantIconUploadResult {
|
|
677
|
+
uploadUrl: string;
|
|
678
|
+
getUrl: string;
|
|
679
|
+
expiresAt?: string;
|
|
680
|
+
}
|
|
681
|
+
declare class TenantsAdminClient {
|
|
682
|
+
private readonly http;
|
|
683
|
+
private readonly mockStore?;
|
|
684
|
+
constructor(http: HttpClient, mockStore?: AdminMockStore | undefined);
|
|
685
|
+
scoped(tenantIdOrSlug: string): TenantScopedTenantsAdminClient;
|
|
686
|
+
create(input: CreateTenantInput, opts?: RequestOptions): Promise<Tenant>;
|
|
687
|
+
get(tenantIdOrSlug: string, opts?: RequestOptions): Promise<Tenant>;
|
|
688
|
+
list(opts?: PageRequestOptions): Promise<PaginatedList<Tenant>>;
|
|
689
|
+
update(tenantIdOrSlug: string, patch: UpdateTenantInput, opts?: RequestOptions): Promise<Tenant>;
|
|
690
|
+
delete(tenantIdOrSlug: string, opts?: RequestOptions): Promise<void>;
|
|
691
|
+
signIconUploadURL(tenantIdOrSlug: string, input: {
|
|
692
|
+
contentType: string;
|
|
693
|
+
}, opts?: RequestOptions): Promise<TenantIconUploadResult>;
|
|
694
|
+
get members(): TenantMembersClient;
|
|
695
|
+
get invitations(): TenantInvitationsClient;
|
|
696
|
+
get emailDomains(): TenantEmailDomainsClient;
|
|
697
|
+
}
|
|
698
|
+
declare class TenantScopedTenantsAdminClient {
|
|
699
|
+
readonly members: TenantMembersForTenantClient;
|
|
700
|
+
readonly invitations: TenantInvitationsForTenantClient;
|
|
701
|
+
readonly emailDomains: TenantEmailDomainsForTenantClient;
|
|
702
|
+
constructor(http: HttpClient, tenantIdOrSlug: string);
|
|
703
|
+
}
|
|
704
|
+
declare class TenantMembersClient {
|
|
705
|
+
private readonly http;
|
|
706
|
+
constructor(http: HttpClient);
|
|
707
|
+
forTenant(tenantIdOrSlug: string): TenantMembersForTenantClient;
|
|
708
|
+
}
|
|
709
|
+
declare class TenantMembersForTenantClient {
|
|
710
|
+
private readonly http;
|
|
711
|
+
private readonly tenant;
|
|
712
|
+
constructor(http: HttpClient, tenant: string);
|
|
713
|
+
list(opts?: PageRequestOptions): Promise<PaginatedList<TenantMember>>;
|
|
714
|
+
update(membershipId: string, patch: {
|
|
715
|
+
role?: string;
|
|
716
|
+
}, opts?: RequestOptions): Promise<void>;
|
|
717
|
+
deactivate(membershipId: string, opts?: RequestOptions): Promise<void>;
|
|
718
|
+
reactivate(membershipId: string, opts?: RequestOptions): Promise<void>;
|
|
719
|
+
}
|
|
720
|
+
declare class TenantInvitationsClient {
|
|
721
|
+
private readonly http;
|
|
722
|
+
constructor(http: HttpClient);
|
|
723
|
+
forTenant(tenantIdOrSlug: string): TenantInvitationsForTenantClient;
|
|
724
|
+
}
|
|
725
|
+
declare class TenantInvitationsForTenantClient {
|
|
726
|
+
private readonly http;
|
|
727
|
+
private readonly tenant;
|
|
728
|
+
constructor(http: HttpClient, tenant: string);
|
|
729
|
+
list(opts?: PageRequestOptions): Promise<PaginatedList<TenantInvitation>>;
|
|
730
|
+
create(input: InviteTenantMemberInput, opts?: RequestOptions): Promise<TenantInvitation>;
|
|
731
|
+
bulkCreate(inputs: InviteTenantMemberInput[], opts?: RequestOptions): Promise<BulkInviteResult>;
|
|
732
|
+
delete(invitationId: string, opts?: RequestOptions): Promise<void>;
|
|
733
|
+
}
|
|
734
|
+
declare class TenantEmailDomainsClient {
|
|
735
|
+
private readonly http;
|
|
736
|
+
constructor(http: HttpClient);
|
|
737
|
+
forTenant(tenantIdOrSlug: string): TenantEmailDomainsForTenantClient;
|
|
738
|
+
}
|
|
739
|
+
declare class TenantEmailDomainsForTenantClient {
|
|
740
|
+
private readonly http;
|
|
741
|
+
private readonly tenant;
|
|
742
|
+
constructor(http: HttpClient, tenant: string);
|
|
743
|
+
list(opts?: RequestOptions): Promise<EmailDomain[]>;
|
|
744
|
+
create(input: {
|
|
745
|
+
domain: string;
|
|
746
|
+
}, opts?: RequestOptions): Promise<EmailDomain>;
|
|
747
|
+
delete(domain: string, opts?: RequestOptions): Promise<void>;
|
|
748
|
+
}
|
|
749
|
+
|
|
750
|
+
interface IdentityProvider {
|
|
751
|
+
id: string;
|
|
752
|
+
tenantId?: string;
|
|
753
|
+
provider: string;
|
|
754
|
+
type: 'oidc' | 'oauth2' | 'saml' | string;
|
|
755
|
+
enabled?: boolean;
|
|
756
|
+
[key: string]: unknown;
|
|
757
|
+
}
|
|
758
|
+
declare class IdentityProviderClient {
|
|
759
|
+
private readonly http;
|
|
760
|
+
constructor(http: HttpClient);
|
|
761
|
+
list(tenantId: string, opts?: RequestOptions): Promise<IdentityProvider[]>;
|
|
762
|
+
create(tenantId: string, input: Record<string, unknown>, opts?: RequestOptions): Promise<IdentityProvider>;
|
|
763
|
+
enable(tenantId: string, providerId: string, opts?: RequestOptions): Promise<IdentityProvider>;
|
|
764
|
+
disable(tenantId: string, providerId: string, opts?: RequestOptions): Promise<IdentityProvider>;
|
|
765
|
+
}
|
|
766
|
+
|
|
767
|
+
interface AppCategory {
|
|
768
|
+
id: string;
|
|
769
|
+
tenantId?: string;
|
|
770
|
+
slug: string;
|
|
771
|
+
name: string;
|
|
772
|
+
description?: string;
|
|
773
|
+
[key: string]: unknown;
|
|
774
|
+
}
|
|
775
|
+
interface CreateCategoryInput {
|
|
776
|
+
slug: string;
|
|
777
|
+
name: string;
|
|
778
|
+
description?: string;
|
|
779
|
+
}
|
|
780
|
+
declare class CategoriesAdminClient {
|
|
781
|
+
private readonly http;
|
|
782
|
+
constructor(http: HttpClient);
|
|
783
|
+
create(tenantIdOrSlug: string, input: CreateCategoryInput, opts?: RequestOptions): Promise<AppCategory>;
|
|
784
|
+
update(tenantIdOrSlug: string, categoryId: string, patch: Partial<CreateCategoryInput>, opts?: RequestOptions): Promise<AppCategory>;
|
|
785
|
+
delete(tenantIdOrSlug: string, categoryId: string, opts?: RequestOptions): Promise<void>;
|
|
786
|
+
}
|
|
787
|
+
|
|
788
|
+
interface AdminMockClientOptions {
|
|
789
|
+
mode?: 'live' | 'mock';
|
|
790
|
+
fixtures?: AdminMockFixtures;
|
|
791
|
+
}
|
|
792
|
+
|
|
793
|
+
/**
|
|
794
|
+
* Default production base URL for AX Hub. Override via `baseUrl` for staging,
|
|
795
|
+
* local dev, or self-hosted environments.
|
|
796
|
+
*/
|
|
797
|
+
declare const DEFAULT_BASE_URL = "https://axhub-api.jocodingax.ai";
|
|
798
|
+
interface AdminClientOptions extends AdminMockClientOptions {
|
|
799
|
+
/**
|
|
800
|
+
* Backend root URL. Defaults to {@link DEFAULT_BASE_URL}. Override for
|
|
801
|
+
* staging / self-hosted / local dev.
|
|
802
|
+
*/
|
|
803
|
+
baseUrl?: string;
|
|
804
|
+
token?: string;
|
|
805
|
+
tokenType?: TokenType;
|
|
806
|
+
/**
|
|
807
|
+
* JWT refresh callback. Called when an admin-ring request returns 401.
|
|
808
|
+
* Should return the new JWT, or throw to surface the 401 to the caller.
|
|
809
|
+
*/
|
|
810
|
+
onRefresh?: () => Promise<string>;
|
|
811
|
+
logger?: Logger;
|
|
812
|
+
debug?: boolean;
|
|
813
|
+
fetch?: FetchLike;
|
|
814
|
+
timeoutMs?: number;
|
|
815
|
+
idempotencyKey?: {
|
|
816
|
+
autoGenerate?: boolean;
|
|
817
|
+
generator?: () => string;
|
|
818
|
+
};
|
|
819
|
+
retryPolicy?: RetryPolicy;
|
|
820
|
+
rateLimitStrategy?: RateLimitStrategy;
|
|
821
|
+
}
|
|
822
|
+
interface AdminInternalOptions {
|
|
823
|
+
'__sharedHttp': HttpClient;
|
|
824
|
+
logger: Logger;
|
|
825
|
+
}
|
|
826
|
+
/**
|
|
827
|
+
* Governance entrypoint for AX Hub's platform/tenant admin surface. Mirrors
|
|
828
|
+
* {@link https://www.npmjs.com/package/@ax-hub/sdk | AxHubClient}'s construction
|
|
829
|
+
* and lazy-getter pattern, but exposes ONLY admin-gated resources
|
|
830
|
+
* (tenants CRUD, authz, audit, identity-providers, category CUD). The
|
|
831
|
+
* app-developer surface lives in `@ax-hub/sdk`.
|
|
832
|
+
*
|
|
833
|
+
* Constructor validates token/tokenType pairing eagerly — bad input dies at
|
|
834
|
+
* construction, not on first call.
|
|
835
|
+
*/
|
|
836
|
+
declare class AdminClient {
|
|
837
|
+
readonly http: HttpClient;
|
|
838
|
+
readonly logger: Logger;
|
|
839
|
+
readonly mock?: AdminMockStore;
|
|
840
|
+
private _tenants?;
|
|
841
|
+
private _authz?;
|
|
842
|
+
private _audit?;
|
|
843
|
+
private _identityProviders?;
|
|
844
|
+
private _categories?;
|
|
845
|
+
constructor(opts: AdminClientOptions | AdminInternalOptions);
|
|
846
|
+
get tenants(): TenantsAdminClient;
|
|
847
|
+
get authz(): AuthzClient;
|
|
848
|
+
get audit(): AuditClient;
|
|
849
|
+
get identityProviders(): IdentityProviderClient;
|
|
850
|
+
get categories(): CategoriesAdminClient;
|
|
851
|
+
/**
|
|
852
|
+
* Tenant-scoped governance surface. Path-tenant routes receive the
|
|
853
|
+
* tenant id/slug automatically.
|
|
854
|
+
*
|
|
855
|
+
* @example happy
|
|
856
|
+
* const acme = admin.tenant('acme')
|
|
857
|
+
* await acme.authz.tags.list()
|
|
858
|
+
* await acme.audit.integrityCheck()
|
|
859
|
+
*/
|
|
860
|
+
tenant(tenantIdOrSlug: string): TenantScopedAdminClient;
|
|
861
|
+
}
|
|
862
|
+
declare class TenantScopedAdminClient {
|
|
863
|
+
readonly tenant: string;
|
|
864
|
+
private readonly http;
|
|
865
|
+
constructor(tenant: string, http: HttpClient);
|
|
866
|
+
get tenants(): TenantScopedTenantsAdminClient;
|
|
867
|
+
get authz(): TenantAuthzClient;
|
|
868
|
+
get audit(): TenantAuditClient;
|
|
869
|
+
get identityProviders(): IdentityProviderClient;
|
|
870
|
+
get categories(): CategoriesAdminClient;
|
|
871
|
+
}
|
|
872
|
+
|
|
873
|
+
export { AbortError, AccessDeniedError, AdminClient, type AdminClientOptions, AlreadyAccessedError, AlreadyActiveError, AlreadyDeletedError, AlreadyInactiveError, AlreadyMemberError, AlreadyRevokedError, AlreadySettledError, type AnonymizeInput, type AppCategory, type AppID, type AppId, type AppSlug, AppUnavailableError, AuditClient, type AuditEvent, type AuditEventID, AuditEventsClient, AuditEventsForTenantClient, AuditServerClient, AuditServerForTenantClient, type AuthProvider, type AuthRing, AuthorizationPendingError, AuthzClient, type AuthzGrant, AuthzGrantsClient, type AuthzSubject, AuthzSubjectsClient, type AuthzTag, AuthzTagsClient, AxHubError, type AxHubErrorInit, BadRequestError, type Branded, type BulkInviteResult, CategoriesAdminClient, ConfigurationError, ConflictError, type ConnectorID, type CreateCategoryInput, type CreateTenantInput, type CursorBuildOptions, type CursorDirection, DEFAULT_BASE_URL, type DataOrderBy, DecodeError, type DeploymentID, type DeploymentId, DeviceFlowDeniedError, DeviceFlowTimeoutError, DomainTakenError, DuplicateError, type EmailDomain, type EmitAuditEventInput, EmptyError, ExpiredTokenError, type FetchLike, type FieldError, ForbiddenError, type GrantID, type IdentityProvider, IdentityProviderClient, type IntegrityCheckResult, InternalServerError, IntrospectFailedError, InvalidClientError, InvalidCursorError, InvalidGrantError, InvalidPathError, InvalidRequestError, InvalidScopeError, InvalidStateTransitionError, InvalidTargetError, InvalidTokenError, InvalidValueError, InvitationExpiredError, type InviteTenantMemberInput, type KeysetCursor, LastAdminError, LegacyCursorError, type ListAllItem, type ListAllOptions, type ListOptions, type Logger, MockInProductionError, NetworkError, NoAuth, NotAdminError, NotAllowedError, NotDeletedError, NotFoundError, NotMemberError, OAuthError, type OAuthErrorInit, OAuthServerError, type OrderByField, type OrderDirection, type PATID, type PageRequestOptions, type PaginatedList, type ParsedFrame, type PatId, PendingExistsError, PermanentlyDeletedError, PermissionDeniedError, PoolStaleError, PreconditionFailedError, type RateLimitStrategy, RateLimitedError, type RequestId, type RequestOptions, RequiredError, type ResourceID, type RetryInfo, type SSEStream, type SSEStreamOptions, ScanLimitExceededError, SchemaNameTakenError, SlowDownError, SlugTakenError, StaticTokenAuth, type StaticTokenAuthOptions, StreamConsumedError, type StreamItem, type SubjectID, type TableID, TableNotFoundError, type TagID, TemporarilyUnavailableError, type Tenant, TenantAuditClient, TenantAuthzClient, TenantEmailDomainsClient, TenantEmailDomainsForTenantClient, type TenantID, type TenantIconUploadResult, type TenantId, TenantIdRequiredError, type TenantInvitation, TenantInvitationsClient, TenantInvitationsForTenantClient, type TenantMember, TenantMembersClient, TenantMembersForTenantClient, TenantScopedAdminClient, TenantScopedTenantsAdminClient, type TenantSlug, TenantSlugRequiredError, TenantsAdminClient, TimeoutError, TokenExpiredError, TokenInvalidError, TokenMissingError, type TokenType, UnauthenticatedError, UnauthorizedClientError, UnavailableError, UnsupportedGrantTypeError, type UpdateTenantInput, type UserID, type UserId, ValidationError, type VerifyWebhookInput, type VerifyWebhookResult, WebhookVerificationError, type WebhookVerifyReason, asAppId, asAppSlug, asDeploymentId, asPatId, asRequestId, asTenantId, asTenantSlug, asUserId, cursorFromRow, decodeCursor, encodeCursor, formatErrorMessage, id, orderByFingerprint, parseRetryAfter, signWebhook, verifyWebhook };
|