npm - @ax-hub/sdk - Versions diffs - 1.0.2 → 2.1.0 - Mend

@ax-hub/sdk 1.0.2 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -72,6 +72,8 @@ declare class PermanentlyDeletedError extends NotFoundError {
 }
 declare class InvitationExpiredError extends NotFoundError {
 }
+declare class LinkInvalidError extends NotFoundError {
+}
 declare class AlreadyRevokedError extends ConflictError {
 }
 declare class AlreadySettledError extends ConflictError {
@@ -98,6 +100,8 @@ declare class DuplicateError extends ConflictError {
 }
 declare class InvalidValueError extends ValidationError {
 }
+declare class InvalidExpiryError extends ValidationError {
+}
 declare class RequiredError extends ValidationError {
 }
 declare class EmptyError extends ValidationError {
@@ -291,8 +295,9 @@ interface HttpClientOptions {
 }
 interface RequestInit2 {
     ring: AuthRing;
-    query?: Record<string, string | number | boolean | undefined>;
+    query?: Record<string, string | number | boolean | undefined | ReadonlyArray<string | number | boolean>>;
     body?: unknown;
+    form?: Record<string, string | number | boolean | undefined>;
     parseBody?: boolean;
     signal?: AbortSignal;
     idempotent?: boolean;
@@ -319,6 +324,7 @@ declare class HttpClient {
     private buildUrl;
     private buildHeaders;
     private resolveIdempotencyKey;
+    private formBody;
     private withStableIdempotencyKey;
     private logRequest;
 }
@@ -346,15 +352,15 @@ declare class NoAuth implements AuthProvider {
 interface PaginatedList<T> {
     items: T[];
     nextCursor: string | null;
-    total: number;
+    total?: number;
     firstCursor?: string | null;
     hasNext?: boolean;
     hasPrev?: boolean;
     /**
-     * `true` when `total` reflects the full filtered result set the caller will
-     * see. `false` when SDK-side filtering (no backend `where` pushdown) means
-     * `total` is the backend's unfiltered total and the true filtered count
-     * requires walking remaining pages. Absent on plain unfiltered queries.
+     * `true` when `total` reflects the full filtered result set. `false` when
+     * the producer knows the list omits an exact total. When `total` is absent,
+     * callers should use the resource-specific `count()` method if they need an
+     * exact count.
      */
     totalIsExact?: boolean;
 }
@@ -664,6 +670,7 @@ interface AppResponse {
     suspendedAt?: string | null;
     resumedAt?: string | null;
     categoryId?: string;
+    costCenter?: string;
     category?: AppResponseCategory;
     owner?: AppResponseOwner;
     likeCount: number;
@@ -715,7 +722,12 @@ interface CreateAppInput {
     iconUrl?: string;
     /** Dark-mode icon. Wire: `icon_dark_url`. */
     iconDarkUrl?: string;
+    /** @deprecated Backend ignores create-time visibility; call update({ visibility }) after create. Not serialized. */
     visibility?: 'private' | 'tenant' | 'public';
+    /** Wire: `category_id`. */
+    categoryId?: string;
+    /** Wire: `cost_center`. */
+    costCenter?: string;
     /** Wire: `auth_mode`. */
     authMode?: string;
     /** Wire: `data_scopes`. */
@@ -744,6 +756,14 @@ interface UpdateAppInput {
     resourceTier?: string;
     /** Wire: `subdomain`. */
     subdomain?: string;
+    /** Wire: `category_id`. */
+    categoryId?: string;
+    /** Clear category assignment. Wire: `clear_category`. */
+    clearCategory?: boolean;
+    /** Wire: `cost_center`. */
+    costCenter?: string;
+    /** Clear cost center. Wire: `clear_cost_center`. */
+    clearCostCenter?: boolean;
     /** Clear the app's subdomain. Wire: `clear_subdomain`. */
     clearSubdomain?: boolean;
 }
@@ -1085,12 +1105,10 @@ declare class AppsDiscoverMixin {
 interface GitConnection {
     connected: true;
-    id: string;
-    appId: string;
+    provider?: string;
     repoFullName: string;
     branch: string;
-    installationId: string;
-    connectedAt: string;
+    installationId: number;
 }
 interface GitConnectionSetup {
     connected: false;
@@ -1100,7 +1118,8 @@ type GitConnectionStatus = GitConnection | GitConnectionSetup;
 interface ConnectGitInput {
     repoFullName: string;
     branch: string;
-    installationId: string;
+    installationId: number;
+    state: string;
 }
 interface UpdateGitConnectionInput {
     branch: string;
@@ -1127,11 +1146,12 @@ declare class AppsGitMixin {
      *   const conn = await sdk.apps.git.connect('app_abc', {
      *     repoFullName: 'my-org/my-repo',
      *     branch: 'main',
-     *     installationId: '12345',
+     *     installationId: 12345,
+     *     state: 'github-callback-state',
      *   })
      *
      * @example failure
-     *   try { await sdk.apps.git.connect('app_x', { repoFullName: 'invalid', branch: '', installationId: '' }) }
+     *   try { await sdk.apps.git.connect('app_x', { repoFullName: 'invalid', branch: '', installationId: 0, state: '' }) }
      *   catch (e) { if (e instanceof ValidationError) /* fix repo / branch *\/ }
      */
     connect(appId: string, input: ConnectGitInput): Promise<GitConnection>;
@@ -1385,16 +1405,16 @@ declare class AppsOAuthClientsMixin {
      */
     create(appId: string, input: CreateOAuthClientInput): Promise<OAuthClientWithSecret>;
     /**
-     * Delete an OAuth client by ID. Backend route is global (`/oauth-clients/{id}`).
-     * After this, any tokens issued via this client become unusable.
+     * Fetch an OAuth client by ID. Backend exposes GET /api/v1/oauth-clients/{clientID};
+     * the raw client secret is never returned after create.
      *
      * @example happy
-     *   await sdk.apps.oauthClients.delete('oac_abc')
+     *   const c = await sdk.apps.oauthClients.get('oac_abc')
      */
-    delete(clientId: string): Promise<void>;
+    get(clientId: string): Promise<OAuthClient>;
 }
-type PublicationRequestStatus = 'pending' | 'approved' | 'rejected';
+type PublicationRequestStatus = 'pending' | 'approved' | 'rejected' | 'cancelled' | 'revoked';
 interface PublicationRequest {
     id: string;
     appId: string;
@@ -1405,7 +1425,6 @@ interface PublicationRequest {
     reviewerComment?: string;
     createdAt: string;
     updatedAt: string;
-    settledAt?: string | null;
 }
 interface SubmitPublicationInput {
     reason?: string;
@@ -1439,12 +1458,13 @@ declare class AppsPublicationMixin {
      */
     list(appId: string, opts?: ListOptions): Promise<PaginatedList<PublicationRequest>>;
     /**
-     * Take a published app off the public catalog. Owner / admin only. App must
-     * be in `approved` + `public` state; otherwise `InvalidStateTransitionError`.
+     * Take a published app off the public catalog by PATCHing app visibility to
+     * `private`. Owner / admin only; invalid transitions surface backend typed
+     * errors such as `InvalidStateTransitionError`.
      *
      * @example happy
      *   const app = await sdk.apps.publication.unpublish('app_abc', { comment: 'Maintenance' })
-     *   console.log(app.publicationStatus, app.visibility) // 'draft', 'tenant'
+     *   console.log(app.visibility) // 'private'
      *
      * @example failure
      *   try { await sdk.apps.publication.unpublish('app_x') }
@@ -1453,7 +1473,7 @@ declare class AppsPublicationMixin {
     unpublish(appId: string, input?: UnpublishInput): Promise<AppResponse>;
 }
-type ColumnType = 'text' | 'int' | 'bigint' | 'float' | 'numeric' | 'bool' | 'timestamp' | 'timestamptz' | 'json' | 'jsonb' | 'uuid';
+type ColumnType = 'text' | 'int' | 'bigint' | 'float' | 'bool' | 'timestamp' | 'timestamptz' | 'json' | 'jsonb' | 'uuid';
 interface TableColumn {
     name: string;
     type: ColumnType;
@@ -1485,7 +1505,7 @@ interface TableSchema extends AppTable {
     rowCount?: number;
     sizeBytes?: number;
 }
-type GrantPrincipalType = 'user' | 'tenant' | 'app';
+type GrantPrincipalType = 'user' | 'app';
 type GrantScope = 'read' | 'write' | 'delete' | 'admin';
 interface TableGrant {
     id: string;
@@ -1594,7 +1614,7 @@ declare class AppsTablesMixin {
      * @example happy
      *   await sdk.apps.tables.addColumn('app_abc', 'tasks', { name: 'priority', type: 'int', default: 0 })
      */
-    addColumn(appId: string, tableName: string, input: AddColumnInput): Promise<TableColumn>;
+    addColumn(appId: string, tableName: string, input: AddColumnInput): Promise<void>;
     /**
      * Drop a column. Cannot drop the `ownerColumn` — backend returns 409
      * `cannot_drop_owner_column`.
@@ -1806,7 +1826,8 @@ declare function defineSchema<const S extends SchemaShape>(input: {
 }, opts?: ValidationOptions): DataTableSchema<RowFromSchema<S>, S>;
 declare function defineSchema<Row extends Record<string, unknown>, S extends SchemaShape>(input: DataTableSchema<Row, S>, opts: ValidationOptions): DataTableSchema<Row, S>;
-type QueryExpr = {
+declare const NON_PUSHABLE_WHERE: unique symbol;
+type PushableAtomQueryExpr = {
     op: 'eq' | 'ne' | 'gt' | 'gte' | 'lt' | 'lte' | 'like';
     column: string;
     value: unknown;
@@ -1814,8 +1835,13 @@ type QueryExpr = {
     op: 'in';
     column: string;
     values: unknown[];
-} | {
-    op: 'and' | 'or';
+};
+type PushableQueryExpr = PushableAtomQueryExpr | {
+    op: 'and';
+    clauses: PushableAtomQueryExpr[];
+};
+type NonPushableQueryExpr = ({
+    op: 'or';
     clauses: QueryExpr[];
 } | {
     op: 'not';
@@ -1824,27 +1850,34 @@ type QueryExpr = {
     op: 'raw';
     sql: string;
     params?: unknown[];
+} | {
+    op: 'and';
+    clauses: QueryExpr[];
+}) & {
+    readonly [NON_PUSHABLE_WHERE]: true;
 };
+type QueryExpr = PushableQueryExpr | NonPushableQueryExpr;
 declare function escapeLike(value: string): string;
-declare function raw(sql: string, params?: unknown[]): QueryExpr;
-declare function and(...clauses: QueryExpr[]): QueryExpr;
-declare function or(...clauses: QueryExpr[]): QueryExpr;
-declare function not(clause: QueryExpr): QueryExpr;
+declare function raw(sql: string, params?: unknown[]): NonPushableQueryExpr;
+declare function and(...clauses: PushableAtomQueryExpr[]): PushableQueryExpr;
+declare function and(...clauses: QueryExpr[]): NonPushableQueryExpr;
+declare function or(...clauses: QueryExpr[]): NonPushableQueryExpr;
+declare function not(clause: QueryExpr): NonPushableQueryExpr;
 declare function where<D extends ColumnDef>(column: DataColumn<string, D>): WhereBuilder<ColumnValue<D>>;
 declare function where<T = unknown>(column: string): WhereBuilder<T>;
 interface WhereBuilder<T> {
-    eq: (value: T) => QueryExpr;
-    ne: (value: T) => QueryExpr;
-    gt: (value: T) => QueryExpr;
-    gte: (value: T) => QueryExpr;
-    lt: (value: T) => QueryExpr;
-    lte: (value: T) => QueryExpr;
-    in: (values: T[]) => QueryExpr;
+    eq: (value: T) => PushableAtomQueryExpr;
+    ne: (value: T) => PushableAtomQueryExpr;
+    gt: (value: T) => PushableAtomQueryExpr;
+    gte: (value: T) => PushableAtomQueryExpr;
+    lt: (value: T) => PushableAtomQueryExpr;
+    lte: (value: T) => PushableAtomQueryExpr;
+    in: (values: T[]) => PushableAtomQueryExpr;
     like: {
-        contains: (value: string) => QueryExpr;
-        startsWith: (value: string) => QueryExpr;
-        endsWith: (value: string) => QueryExpr;
-        raw: (value: string) => QueryExpr;
+        contains: (value: string) => PushableAtomQueryExpr;
+        startsWith: (value: string) => PushableAtomQueryExpr;
+        endsWith: (value: string) => PushableAtomQueryExpr;
+        raw: (value: string) => PushableAtomQueryExpr;
     };
 }
@@ -1917,15 +1950,27 @@ interface DataClientOptions {
     schemaCache?: SchemaCacheOptions | SchemaCache;
     mockStore?: MockStore;
 }
-interface DataListOptions<Row extends Record<string, unknown> = Record<string, unknown>> extends ListOptions, RequestOptions {
-    where?: QueryExpr;
+interface DataListOptions<Row extends Record<string, unknown> = Record<string, unknown>> extends RequestOptions {
+    where?: PushableQueryExpr;
     orderBy?: DataOrderBy;
     select?: SelectColumns<Row>;
+    /** Alias for pageSize. Clamped to the backend max of 100. */
     limit?: number;
-    direction?: CursorDirection;
+    /** Backend offset page size. Clamped to 1..100. */
+    pageSize?: number;
+    /** 1-based offset page. */
+    page?: number;
+    /** Numeric page cursor returned by a previous data list call. */
+    cursor?: string;
+    /** @deprecated AX Hub data API is offset-only; use cursor/page instead. */
+    after?: never;
+    /** @deprecated AX Hub data API is offset-only; use cursor/page instead. */
+    before?: never;
+    /** @deprecated AX Hub data API is offset-only. */
+    direction?: never;
 }
 interface DataCountOptions extends RequestOptions {
-    where?: QueryExpr;
+    where?: PushableQueryExpr;
 }
 interface DataGetOptions<Row extends Record<string, unknown> = Record<string, unknown>> extends RequestOptions {
     select?: SelectColumns<Row>;
@@ -1966,7 +2011,6 @@ declare class DataTableClient<Row extends Record<string, unknown> = Record<strin
     private readonly tableName;
     readonly schema?: DataTableSchema<Row, S> | undefined;
     private readonly mockRuntime?;
-    private readonly contextFingerprint;
     constructor(http: HttpClient, tenantSlug: string, appSlug: string, tableName: string, schema?: DataTableSchema<Row, S> | undefined, mockRuntime?: MockRuntime<Row> | undefined);
     private path;
     list<const K extends keyof Row & string>(opts: DataListOptions<Row> & {
@@ -1985,10 +2029,144 @@ declare class DataTableClient<Row extends Record<string, unknown> = Record<strin
     delete(id: string, opts?: RequestOptions): Promise<void>;
 }
+interface CostQueryOptions extends RequestOptions {
+    month?: string;
+}
+interface CostSummary {
+    month: string;
+    currency: string;
+    total: number;
+    billedTotal: number;
+    forecastMonthEnd: number;
+    topDriver?: {
+        resourceKind: string;
+        share: number;
+    };
+    lastRolledUpAt?: string;
+    partialMonth: boolean;
+}
+interface CostCenterRow {
+    costCenter: string;
+    appCount: number;
+    cost: number;
+    budget?: number;
+    budgetPct?: number;
+    over?: boolean;
+    byResource: Record<string, number>;
+    byResourceQty: Record<string, number>;
+}
+interface CostByCostCenter {
+    rows: CostCenterRow[];
+    unassigned: {
+        appCount: number;
+        cost: number;
+    };
+}
+interface CostByAppRow {
+    appId: string;
+    name: string;
+    costCenter?: string;
+    cost: number;
+    byResource: Record<string, number>;
+    byResourceQty: Record<string, number>;
+}
+interface CostByApp {
+    rows: CostByAppRow[];
+}
+interface CostTimeseriesPoint {
+    date: string;
+    total: number;
+    byResource: Record<string, number>;
+}
+interface CostTimeseries {
+    series: CostTimeseriesPoint[];
+}
+interface CostByAppOptions extends CostQueryOptions {
+    sort?: 'cost' | 'name';
+}
+interface CostTimeseriesOptions extends CostQueryOptions {
+    appId?: string;
+}
+interface CostExportOptions extends CostQueryOptions {
+    format?: 'csv';
+}
+declare class CostClient {
+    private readonly http;
+    private readonly defaultTenantId?;
+    private readonly tenantResolver?;
+    constructor(http: HttpClient, defaultTenantId?: string | undefined, tenantResolver?: TenantResolver | undefined);
+    tenant(tenantIdOrSlug: string): TenantCostClient;
+    summary(opts?: CostQueryOptions): Promise<CostSummary>;
+    byCostCenter(opts?: CostQueryOptions): Promise<CostByCostCenter>;
+    byApp(opts?: CostByAppOptions): Promise<CostByApp>;
+    timeseries(opts?: CostTimeseriesOptions): Promise<CostTimeseries>;
+    export(opts?: CostExportOptions): Promise<string>;
+    private defaultTenant;
+}
+declare class TenantCostClient {
+    private readonly http;
+    private readonly tenantIdOrSlug;
+    private readonly tenantResolver?;
+    constructor(http: HttpClient, tenantIdOrSlug: string, tenantResolver?: TenantResolver | undefined);
+    summary(opts?: CostQueryOptions): Promise<CostSummary>;
+    byCostCenter(opts?: CostQueryOptions): Promise<CostByCostCenter>;
+    byApp(opts?: CostByAppOptions): Promise<CostByApp>;
+    timeseries(opts?: CostTimeseriesOptions): Promise<CostTimeseries>;
+    export(opts?: CostExportOptions): Promise<string>;
+    private base;
+}
+interface InviteLink {
+    id: string;
+    tenantId: string;
+    url?: string;
+    role: string;
+    status: string;
+    expiresAt?: string;
+    joinCount: number;
+    createdAt: string;
+}
+interface CreateInviteLinkInput {
+    expiresAt?: string;
+}
+interface InviteLinkPreview {
+    valid: boolean;
+    tenant?: {
+        name: string;
+        iconUrl?: string;
+    };
+}
+interface InviteLinkAcceptResult {
+    tenantId: string;
+    tenantSlug: string;
+    joined: boolean;
+    alreadyMember: boolean;
+}
+declare class InviteLinksClient {
+    private readonly http;
+    private readonly tenantResolver?;
+    constructor(http: HttpClient, tenantResolver?: TenantResolver | undefined);
+    tenant(tenantIdOrSlug: string): TenantInviteLinksClient;
+    preview(token: string, opts?: RequestOptions): Promise<InviteLinkPreview>;
+    accept(token: string, opts?: RequestOptions): Promise<InviteLinkAcceptResult>;
+}
+declare class TenantInviteLinksClient {
+    private readonly http;
+    private readonly tenantIdOrSlug;
+    private readonly tenantResolver?;
+    constructor(http: HttpClient, tenantIdOrSlug: string, tenantResolver?: TenantResolver | undefined);
+    create(input?: CreateInviteLinkInput, opts?: RequestOptions): Promise<InviteLink>;
+    list(opts?: RequestOptions): Promise<PaginatedList<InviteLink>>;
+    revoke(linkId: string, opts?: RequestOptions): Promise<void>;
+    private base;
+}
 declare class TenantScopedClient {
     readonly slug: string;
     private readonly root;
     readonly apps: TenantScopedAppsClient;
+    readonly cost: TenantCostClient;
+    readonly inviteLinks: TenantInviteLinksClient;
     constructor(slug: string, scopedRoot: AxHubClient, root: AxHubClient, tenantResolver: TenantResolver);
     get gateway(): TenantGatewayClient;
     app(appSlug: string): AppScopedClient;
@@ -2010,7 +2188,6 @@ declare class AppScopedClient {
     readonly appSlug: string;
     private readonly root;
     readonly data: AppScopedDataClient;
-    readonly tables: AppScopedTablesClient;
     constructor(tenantSlug: string, appSlug: string, root: AxHubClient);
 }
 declare class AppScopedDataClient {
@@ -2022,14 +2199,6 @@ declare class AppScopedDataClient {
     discover<Row extends Record<string, unknown> = Record<string, unknown>>(table: string, opts?: DiscoverOptions): Promise<DataTableClient<Row, SchemaShapeFromRow<Row>>>;
     invalidateSchema(table?: string): void;
 }
-declare class AppScopedTablesClient {
-    private readonly tenantSlug;
-    private readonly appSlug;
-    private readonly http;
-    constructor(tenantSlug: string, appSlug: string, http: HttpClient);
-    create(input: unknown, opts?: RequestOptions): Promise<unknown>;
-    inspect(tableName: string, opts?: RequestOptions): Promise<unknown>;
-}
 type DeploymentStatus = 'pending' | 'building' | 'pushing' | 'deploying' | 'succeeded' | 'failed' | 'cancelled';
 interface DeploymentFailureReason {
@@ -2181,7 +2350,7 @@ declare class DeploymentsClient {
     /**
      * Cancel an in-progress deployment. Best-effort — if the deployment has
      * already transitioned to a terminal state when the request arrives, the
-     * route returns 204 on acceptance. Idempotent.
+     * route returns 409 for terminal deployments and 204 when cancellation is accepted.
      *
      * @example happy
      *   await sdk.deployments.cancel('app_abc', 'dep_123')
@@ -2276,7 +2445,7 @@ declare class DeploymentsClient {
 interface GatewayQueryInput {
     resourceId?: string;
     connectorId?: string;
-    path?: string;
+    path: string;
     sql: string;
     params?: unknown[];
     rowLimit?: number;
@@ -2402,8 +2571,9 @@ interface EngineCapability {
 }
 declare class GatewayClient {
     private readonly http;
-    constructor(http: HttpClient);
-    scoped(tenantSlug: string): TenantGatewayClient;
+    private readonly tenantResolver?;
+    constructor(http: HttpClient, tenantResolver?: TenantResolver | undefined);
+    scoped(tenantIdOrSlug: string): TenantGatewayClient;
     /**
      * List the gateway's engine capabilities (auth-only; no tenant membership
      * required). Each entry describes an engine + kind, its invokable actions,
@@ -2420,12 +2590,13 @@ declare class TenantGatewayClient {
     readonly query: GatewayQueryClient;
     /** Member-facing catalog: discover connectors/resources you can read + invoke. */
     readonly catalog: GatewayCatalogClient;
-    constructor(http: HttpClient, tenantSlug: string);
+    constructor(http: HttpClient, tenantIdOrSlug: string, tenantResolver?: TenantResolver);
 }
 declare class GatewayQueryClient {
     private readonly http;
-    private readonly base;
-    constructor(http: HttpClient, base: string);
+    private readonly tenantIdOrSlug;
+    private readonly tenantResolver?;
+    constructor(http: HttpClient, tenantIdOrSlug: string, tenantResolver?: TenantResolver | undefined);
     /**
      * Run a parameterized read query against a connector resource.
      *
@@ -2441,14 +2612,16 @@ declare class GatewayQueryClient {
      * @throws PoolStaleError 401 after a credential refresh retry.
      */
     run<Row extends Record<string, unknown> = Record<string, unknown>>(input: GatewayQueryInput, opts?: RequestOptions): Promise<GatewayQueryResult<Row>>;
+    private base;
 }
 /**
  * Member-facing gateway catalog: connectors/resources the caller can read, plus `invoke`.
  */
 declare class GatewayCatalogClient {
     private readonly http;
-    private readonly base;
-    constructor(http: HttpClient, tenantBase: string);
+    private readonly tenantIdOrSlug;
+    private readonly tenantResolver?;
+    constructor(http: HttpClient, tenantIdOrSlug: string, tenantResolver?: TenantResolver | undefined);
     /** ResourceKind capability catalog (global, tenant-independent). Member OK. */
     listKinds(opts?: RequestOptions): Promise<CatalogKind[]>;
     /** Connectors the caller has read access to (1+ readable resource). Member OK. */
@@ -2476,6 +2649,7 @@ declare class GatewayCatalogClient {
      * Catalog list + each resource's detail (with `allowedColumns`) in one call. Member OK.
      * Issues one detail request per resource (N+1) — avoid over large catalogs / in tight loops.
      */
+    private base;
     listResourcesWithDetail(filter?: CatalogResourceFilter, opts?: RequestOptions): Promise<CatalogResourceDetail[]>;
 }
 /** True when the response is allowed (typed narrowing convenience). */
@@ -2538,6 +2712,20 @@ interface OAuthTokenResponse {
     scope?: string;
     raw: Record<string, unknown>;
 }
+interface OAuthTenantSelectInput {
+    clientId: string;
+    redirectUri: string;
+    tenantId: string;
+    scope?: string;
+    state?: string;
+    codeChallenge?: string;
+    codeChallengeMethod?: string;
+    nonce?: string;
+    resource?: string;
+}
+interface OAuthTenantSelectResponse {
+    redirectTo: string;
+}
 interface DeviceAuthorizationResponse {
     deviceCode: string;
     userCode: string;
@@ -2602,6 +2790,7 @@ declare class IdentityClient {
     readonly oidc: IdentityOIDCClient;
     readonly deviceCode: IdentityDeviceCodeClient;
     readonly systemOAuthClients: IdentitySystemOAuthClientsClient;
+    readonly invitations: IdentityInvitationsClient;
     constructor(http: HttpClient, defaultTenantSlug?: string);
     /** @deprecated Use sdk.identity.pat.issue(). Kept until 1.0 RC migration. */
     issuePersonalAccessToken(input: IssuePersonalAccessTokenInput, opts?: RequestOptions): Promise<IssuePersonalAccessTokenResult>;
@@ -2682,9 +2871,23 @@ declare class IdentityOAuthClient {
      *   catch (e) { if (e instanceof OAuthError) /* invalid_redirect_uri / invalid_client_metadata *\/ }
      */
     registerMcpClient(input: RegisterMcpClientInput, opts?: RequestOptions): Promise<RegisterMcpClientResult>;
+    /**
+     * Complete the OAuth tenant picker step for multi-tenant users. The backend
+     * returns a JSON `redirect_to` URL; browser/SPAs should navigate there.
+     */
+    selectTenant(input: OAuthTenantSelectInput, opts?: RequestOptions): Promise<OAuthTenantSelectResponse>;
     getClient(clientId: string, opts?: RequestOptions): Promise<SystemOAuthClient>;
     revokeOwnGrant(clientId: string, opts?: RequestOptions): Promise<void>;
 }
+declare class IdentityInvitationsClient {
+    private readonly http;
+    constructor(http: HttpClient);
+    /**
+     * Accept a tenant invitation addressed to the current authenticated user.
+     * The backend returns 204 on success.
+     */
+    accept(invitationId: string, opts?: RequestOptions): Promise<void>;
+}
 declare class IdentityOIDCClient {
     private readonly http;
     private readonly defaultTenantSlug?;
@@ -2833,14 +3036,14 @@ declare class PublicationRequestsClient {
      * only — non-admins get `PermissionDeniedError`.
      *
      * @example happy
-     *   const page = await sdk.publicationRequests.listPending({ pageSize: 20 })
+     *   const page = await sdk.publicationRequests.listPending('tenant_uuid', { pageSize: 20 })
      *   for (const pr of page.items) console.log(pr.appId, pr.requesterId, pr.reason)
      *
      * @example failure
-     *   try { await sdk.publicationRequests.listPending() }
+     *   try { await sdk.publicationRequests.listPending('', {}) }
      *   catch (e) { if (e instanceof NotAdminError) /* not platform admin *\/ }
      */
-    listPending(opts?: ListOptions): Promise<PaginatedList<PublicationRequest>>;
+    listPending(tenantId: string, opts?: ListOptions): Promise<PaginatedList<PublicationRequest>>;
     /**
      * List settled (approved/rejected) publication requests for a tenant
      * (reviewer-gated). `tenantId` is required by the backend route — passing it
@@ -2962,6 +3165,8 @@ declare class AxHubClient {
     private _publicationRequests?;
     private _tenants?;
     private _config?;
+    private _cost?;
+    private _inviteLinks?;
     constructor(opts: AxHubClientOptions | AxHubInternalOptions);
     resolveTenantSlug(perCall?: string): string;
     get apps(): AppsClient;
@@ -2975,6 +3180,8 @@ declare class AxHubClient {
     get gateway(): GatewayClient;
     get identity(): IdentityClient;
     get tenants(): TenantsClient;
+    get cost(): CostClient;
+    get inviteLinks(): InviteLinksClient;
     /**
      * Admin namespace for publication-request review workflow. Separated from
      * `sdk.apps.publication` (which is owner-scoped: submit/list/unpublish own
@@ -3017,4 +3224,4 @@ declare class AxHubClient {
     tenant(tenantSlug: string): TenantScopedClient;
 }
-export { AbortError, AccessDeniedError, type AddColumnInput, type AddCommentInput, type AddGrantInput, AlreadyAccessedError, AlreadyActiveError, AlreadyDeletedError, AlreadyInactiveError, AlreadyMemberError, AlreadyRevokedError, AlreadySettledError, type AppAccess, type AppAvailability, type AppCategory, type AppID, type AppId, type AppInvitation, type AppMember, type AppPublicationStatus, type AppResponse, type AppResponseCategory, type AppResponseOwner, type AppReviewStatus, AppScopedClient, AppScopedDataClient, type AppSlug, type AppSort, type AppStatus, type AppTable, type AppTemplate, AppUnavailableError, type AppVisibility, AppsClient, type AuditEventID, type AuthProvider, type AuthRing, AuthorizationPendingError, AxHubClient, type AxHubClientOptions, AxHubError, type AxHubErrorInit, BadRequestError, type BootstrapAccepted, type BootstrapStage, type BootstrapStatus, type BootstrapStatusValue, type Branded, type BrowseRowsOptions, type CatalogAncestor, type CatalogConnector, type CatalogKind, type CatalogKindAction, type CatalogPermissionsReadDetail, type CatalogPermissionsReadList, type CatalogResourceDetail, type CatalogResourceFilter, type CatalogResourceView, type CatalogTag, type CheckAvailabilityInput, type ColumnType, type ColumnTypeOption, type Comment, ConfigClient, ConfigurationError, ConflictError, type ConnectGitInput, type ConnectorID, type CreateAppInput, type CreateDeploymentInput, type CreateOAuthClientInput, type CreateTableInput, type CursorBuildOptions, type CursorDirection, DEFAULT_BASE_URL, type DataBulkResult, DataClient, type DataCountOptions, type DataGetOptions, type DataListOptions, type DataOrderBy, DataTableClient, type DataTableSchema, DecodeError, type DeploymentFailureReason, type DeploymentID, type DeploymentId, type DeploymentResponse, type DeploymentStatus, DeploymentsClient, type DeviceAuthorizationResponse, DeviceFlowDeniedError, DeviceFlowTimeoutError, type DiscoverAppsOptions, type DiscoverFeedOptions, type DiscoverOptions, DomainTakenError, DuplicateError, EmptyError, type EngineCapability, type EnvVar, ExpiredTokenError, type FetchLike, type FetchLogsOptions, type FieldAvailability, type FieldError, ForbiddenError, GatewayCatalogClient, GatewayClient, type GatewayQueryColumn, type GatewayQueryInput, type GatewayQueryResult, type GitConnection, type GitConnectionSetup, type GitConnectionStatus, type GithubAccount, type GithubInstallStart, type GithubRepo, type GithubReposPage, type GrantID, type GrantPrincipalType, type GrantScope, type IconPreCreateInput, type IconPreCreateResult, IdentityClient, IdentityDeviceCodeClient, IdentityMeClient, IdentityOAuthClient, IdentityOIDCClient, IdentityPATClient, type IdentityProvider, IdentitySystemOAuthClientsClient, type InferRow, type InstallStartInput, InternalServerError, IntrospectFailedError, InvalidClientError, InvalidCursorError, InvalidGrantError, InvalidPathError, InvalidRequestError, InvalidScopeError, InvalidStateTransitionError, InvalidTargetError, InvalidTokenError, InvalidValueError, InvitationExpiredError, type InviteUserInput, type InvokeInput, type InvokeResult, type IssuePersonalAccessTokenInput, type IssuePersonalAccessTokenResult, type KeysetCursor, LastAdminError, LegacyCursorError, type LikeResult, type LikeStatus, type ListAllItem, type ListAllOptions, type ListAppsOptions, type ListMembersOptions, type ListOptions, type ListReposOptions, type LogLine, type Logger, type LogsPage, type MeResponse, type MockClientOptions, type MockFixtures, MockInProductionError, type MockRow, type MockSchemas, MockStore, NetworkError, NoAuth, NotAdminError, NotAllowedError, NotDeletedError, NotFoundError, NotMemberError, type OAuthClient, type OAuthClientWithSecret, OAuthError, type OAuthErrorInit, OAuthServerError, type OAuthTokenResponse, type OrderByField, type OrderDirection, type PATID, type PATSummary, type PageRequestOptions, type PaginatedList, type ParsedFrame, type PatId, PendingExistsError, PermanentlyDeletedError, PermissionDeniedError, PoolStaleError, PreconditionFailedError, type PublicConfig, type PublicationRequest, type PublicationRequestStatus, PublicationRequestsClient, type QueryExpr, type RateLimitStrategy, RateLimitedError, type RegisterMcpClientInput, type RegisterMcpClientResult, type RequestId, type RequestOptions, RequiredError, type ResourceID, type RetryInfo, type SSEStream, type SSEStreamOptions, ScanLimitExceededError, SchemaCache, type SchemaCacheOptions, SchemaNameTakenError, type SchemaShapeFromRow, type SelectColumns, type SettlePublicationInput, type SignIconUploadInput, type SignIconUploadResult, SlowDownError, SlugTakenError, type StartBootstrapInput, StaticTokenAuth, type StaticTokenAuthOptions, StreamConsumedError, type StreamItem, type SubjectID, type SubmitPublicationInput, type SystemOAuthClient, type TableAvailability, type TableColumn, type TableConstraint, type TableGrant, type TableID, type TableIndex, TableNotFoundError, type TableRowColumn, type TableRowsMeta, type TableRowsPage, type TableSchema, type TagID, TemporarilyUnavailableError, type Tenant, TenantGatewayClient, type TenantID, type TenantId, TenantIdRequiredError, TenantScopedAppsClient, TenantScopedClient, type TenantSlug, TenantSlugRequiredError, TenantsClient, TimeoutError, TokenExpiredError, TokenInvalidError, TokenMissingError, type TokenType, UnauthenticatedError, UnauthorizedClientError, UnavailableError, type UnlikeResult, type UnpublishInput, UnsupportedGrantTypeError, type UpdateAppInput, type UpdateGitConnectionInput, type UserID, type UserId, ValidationError, type VerifyWebhookInput, type VerifyWebhookResult, WebhookVerificationError, type WebhookVerifyReason, and, asAppId, asAppSlug, asDeploymentId, asPatId, asRequestId, asTenantId, asTenantSlug, asUserId, assertMockModeAllowed, createMockStore, cursorFromRow, decodeCursor, defineSchema, encodeCursor, escapeLike, formatErrorMessage, getAccessibleColumns, getMaskHint, id, isAllowed, isPolicyDeny, isSqlFormatError, not, or, orderByFingerprint, parseRetryAfter, raw, schemaCacheKey, signWebhook, tableFromPath, verifyWebhook, where };
+export { AbortError, AccessDeniedError, type AddColumnInput, type AddCommentInput, type AddGrantInput, AlreadyAccessedError, AlreadyActiveError, AlreadyDeletedError, AlreadyInactiveError, AlreadyMemberError, AlreadyRevokedError, AlreadySettledError, type AppAccess, type AppAvailability, type AppCategory, type AppID, type AppId, type AppInvitation, type AppMember, type AppPublicationStatus, type AppResponse, type AppResponseCategory, type AppResponseOwner, type AppReviewStatus, AppScopedClient, AppScopedDataClient, type AppSlug, type AppSort, type AppStatus, type AppTable, type AppTemplate, AppUnavailableError, type AppVisibility, AppsClient, type AuditEventID, type AuthProvider, type AuthRing, AuthorizationPendingError, AxHubClient, type AxHubClientOptions, AxHubError, type AxHubErrorInit, BadRequestError, type BootstrapAccepted, type BootstrapStage, type BootstrapStatus, type BootstrapStatusValue, type Branded, type BrowseRowsOptions, type CatalogAncestor, type CatalogConnector, type CatalogKind, type CatalogKindAction, type CatalogPermissionsReadDetail, type CatalogPermissionsReadList, type CatalogResourceDetail, type CatalogResourceFilter, type CatalogResourceView, type CatalogTag, type CheckAvailabilityInput, type ColumnType, type ColumnTypeOption, type Comment, ConfigClient, ConfigurationError, ConflictError, type ConnectGitInput, type ConnectorID, type CostByApp, type CostByAppOptions, type CostByAppRow, type CostByCostCenter, type CostCenterRow, CostClient, type CostExportOptions, type CostQueryOptions, type CostSummary, type CostTimeseries, type CostTimeseriesOptions, type CostTimeseriesPoint, type CreateAppInput, type CreateDeploymentInput, type CreateInviteLinkInput, type CreateOAuthClientInput, type CreateTableInput, type CursorBuildOptions, type CursorDirection, DEFAULT_BASE_URL, type DataBulkResult, DataClient, type DataCountOptions, type DataGetOptions, type DataListOptions, type DataOrderBy, DataTableClient, type DataTableSchema, DecodeError, type DeploymentFailureReason, type DeploymentID, type DeploymentId, type DeploymentResponse, type DeploymentStatus, DeploymentsClient, type DeviceAuthorizationResponse, DeviceFlowDeniedError, DeviceFlowTimeoutError, type DiscoverAppsOptions, type DiscoverFeedOptions, type DiscoverOptions, DomainTakenError, DuplicateError, EmptyError, type EngineCapability, type EnvVar, ExpiredTokenError, type FetchLike, type FetchLogsOptions, type FieldAvailability, type FieldError, ForbiddenError, GatewayCatalogClient, GatewayClient, type GatewayQueryColumn, type GatewayQueryInput, type GatewayQueryResult, type GitConnection, type GitConnectionSetup, type GitConnectionStatus, type GithubAccount, type GithubInstallStart, type GithubRepo, type GithubReposPage, type GrantID, type GrantPrincipalType, type GrantScope, type IconPreCreateInput, type IconPreCreateResult, IdentityClient, IdentityDeviceCodeClient, IdentityInvitationsClient, IdentityMeClient, IdentityOAuthClient, IdentityOIDCClient, IdentityPATClient, type IdentityProvider, IdentitySystemOAuthClientsClient, type InferRow, type InstallStartInput, InternalServerError, IntrospectFailedError, InvalidClientError, InvalidCursorError, InvalidExpiryError, InvalidGrantError, InvalidPathError, InvalidRequestError, InvalidScopeError, InvalidStateTransitionError, InvalidTargetError, InvalidTokenError, InvalidValueError, InvitationExpiredError, type InviteLink, type InviteLinkAcceptResult, type InviteLinkPreview, InviteLinksClient, type InviteUserInput, type InvokeInput, type InvokeResult, type IssuePersonalAccessTokenInput, type IssuePersonalAccessTokenResult, type KeysetCursor, LastAdminError, LegacyCursorError, type LikeResult, type LikeStatus, LinkInvalidError, type ListAllItem, type ListAllOptions, type ListAppsOptions, type ListMembersOptions, type ListOptions, type ListReposOptions, type LogLine, type Logger, type LogsPage, type MeResponse, type MockClientOptions, type MockFixtures, MockInProductionError, type MockRow, type MockSchemas, MockStore, NetworkError, NoAuth, NotAdminError, NotAllowedError, NotDeletedError, NotFoundError, NotMemberError, type OAuthClient, type OAuthClientWithSecret, OAuthError, type OAuthErrorInit, OAuthServerError, type OAuthTenantSelectInput, type OAuthTenantSelectResponse, type OAuthTokenResponse, type OrderByField, type OrderDirection, type PATID, type PATSummary, type PageRequestOptions, type PaginatedList, type ParsedFrame, type PatId, PendingExistsError, PermanentlyDeletedError, PermissionDeniedError, PoolStaleError, PreconditionFailedError, type PublicConfig, type PublicationRequest, type PublicationRequestStatus, PublicationRequestsClient, type PushableAtomQueryExpr, type PushableQueryExpr, type QueryExpr, type RateLimitStrategy, RateLimitedError, type RegisterMcpClientInput, type RegisterMcpClientResult, type RequestId, type RequestOptions, RequiredError, type ResourceID, type RetryInfo, type SSEStream, type SSEStreamOptions, ScanLimitExceededError, SchemaCache, type SchemaCacheOptions, SchemaNameTakenError, type SchemaShapeFromRow, type SelectColumns, type SettlePublicationInput, type SignIconUploadInput, type SignIconUploadResult, SlowDownError, SlugTakenError, type StartBootstrapInput, StaticTokenAuth, type StaticTokenAuthOptions, StreamConsumedError, type StreamItem, type SubjectID, type SubmitPublicationInput, type SystemOAuthClient, type TableAvailability, type TableColumn, type TableConstraint, type TableGrant, type TableID, type TableIndex, TableNotFoundError, type TableRowColumn, type TableRowsMeta, type TableRowsPage, type TableSchema, type TagID, TemporarilyUnavailableError, type Tenant, TenantCostClient, TenantGatewayClient, type TenantID, type TenantId, TenantIdRequiredError, TenantInviteLinksClient, TenantScopedAppsClient, TenantScopedClient, type TenantSlug, TenantSlugRequiredError, TenantsClient, TimeoutError, TokenExpiredError, TokenInvalidError, TokenMissingError, type TokenType, UnauthenticatedError, UnauthorizedClientError, UnavailableError, type UnlikeResult, type UnpublishInput, UnsupportedGrantTypeError, type UpdateAppInput, type UpdateGitConnectionInput, type UserID, type UserId, ValidationError, type VerifyWebhookInput, type VerifyWebhookResult, WebhookVerificationError, type WebhookVerifyReason, and, asAppId, asAppSlug, asDeploymentId, asPatId, asRequestId, asTenantId, asTenantSlug, asUserId, assertMockModeAllowed, createMockStore, cursorFromRow, decodeCursor, defineSchema, encodeCursor, escapeLike, formatErrorMessage, getAccessibleColumns, getMaskHint, id, isAllowed, isPolicyDeny, isSqlFormatError, not, or, orderByFingerprint, parseRetryAfter, raw, schemaCacheKey, signWebhook, tableFromPath, verifyWebhook, where };