@azerothian/infisical 0.1.0

package/dist/index.js

@@ -0,0 +1,2839 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  AdminResource: () => AdminResource,
+  AppConnectionsResource: () => AppConnectionsResource,
+  AuthManager: () => AuthManager,
+  AuthMethod: () => AuthMethod,
+  AuthState: () => AuthState,
+  AuthenticationError: () => AuthenticationError,
+  BadRequestError: () => BadRequestError,
+  CaType: () => CaType,
+  CertExtendedKeyUsage: () => CertExtendedKeyUsage,
+  CertKeyUsage: () => CertKeyUsage,
+  ForbiddenError: () => ForbiddenError,
+  HttpClient: () => HttpClient,
+  IdentitiesResource: () => IdentitiesResource,
+  IdentityAccessTokensResource: () => IdentityAccessTokensResource,
+  IdentityAlicloudAuthResource: () => IdentityAlicloudAuthResource,
+  IdentityAwsAuthResource: () => IdentityAwsAuthResource,
+  IdentityAzureAuthResource: () => IdentityAzureAuthResource,
+  IdentityGcpAuthResource: () => IdentityGcpAuthResource,
+  IdentityJwtAuthResource: () => IdentityJwtAuthResource,
+  IdentityKubernetesAuthResource: () => IdentityKubernetesAuthResource,
+  IdentityLdapAuthResource: () => IdentityLdapAuthResource,
+  IdentityOciAuthResource: () => IdentityOciAuthResource,
+  IdentityOidcAuthResource: () => IdentityOidcAuthResource,
+  IdentityTlsCertAuthResource: () => IdentityTlsCertAuthResource,
+  IdentityTokenAuthResource: () => IdentityTokenAuthResource,
+  IdentityUniversalAuthResource: () => IdentityUniversalAuthResource,
+  InfisicalApiError: () => InfisicalApiError,
+  InfisicalClient: () => InfisicalClient,
+  InfisicalNetworkError: () => InfisicalNetworkError,
+  IntegrationAuthResource: () => IntegrationAuthResource,
+  InternalServerError: () => InternalServerError,
+  JwtSignatureAlgorithm: () => JwtSignatureAlgorithm,
+  KmsResource: () => KmsResource,
+  MfaMethod: () => MfaMethod,
+  MfaResource: () => MfaResource,
+  MfaSessionStatus: () => MfaSessionStatus,
+  MfaSessionsResource: () => MfaSessionsResource,
+  NotFoundError: () => NotFoundError,
+  OrderByDirection: () => OrderByDirection,
+  OrgAdminResource: () => OrgAdminResource,
+  OrgIdentityOrderBy: () => OrgIdentityOrderBy,
+  OrgMembershipStatus: () => OrgMembershipStatus,
+  OrganizationIdentitiesResource: () => OrganizationIdentitiesResource,
+  OrganizationsResource: () => OrganizationsResource,
+  PasswordResource: () => PasswordResource,
+  PkiAlertChannelType: () => PkiAlertChannelType,
+  PkiAlertEventType: () => PkiAlertEventType,
+  PkiAlertsResource: () => PkiAlertsResource,
+  PkiCaResource: () => PkiCaResource,
+  PkiCertificatesResource: () => PkiCertificatesResource,
+  PkiTemplatesResource: () => PkiTemplatesResource,
+  ProjectsResource: () => ProjectsResource,
+  RESOURCE_AUTH_MODES: () => RESOURCE_AUTH_MODES,
+  RateLimitError: () => RateLimitError,
+  SecretFoldersResource: () => SecretFoldersResource,
+  SecretImportsResource: () => SecretImportsResource,
+  SecretSharingResource: () => SecretSharingResource,
+  SecretSyncsResource: () => SecretSyncsResource,
+  SecretTagsResource: () => SecretTagsResource,
+  SecretsResource: () => SecretsResource,
+  ServiceTokensResource: () => ServiceTokensResource,
+  UnauthorizedError: () => UnauthorizedError,
+  UsersResource: () => UsersResource,
+  ValidationError: () => ValidationError,
+  WebhooksResource: () => WebhooksResource
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/errors.ts
+var InfisicalApiError = class extends Error {
+  statusCode;
+  requestId;
+  errorType;
+  details;
+  constructor(message, options) {
+    super(message);
+    this.name = "InfisicalApiError";
+    this.statusCode = options.statusCode;
+    this.requestId = options.requestId;
+    this.errorType = options.errorType;
+    this.details = options.details;
+  }
+};
+var BadRequestError = class extends InfisicalApiError {
+  constructor(message, options) {
+    super(message, { statusCode: 400, ...options });
+    this.name = "BadRequestError";
+  }
+};
+var UnauthorizedError = class extends InfisicalApiError {
+  constructor(message, options) {
+    super(message, { statusCode: 401, ...options });
+    this.name = "UnauthorizedError";
+  }
+};
+var ForbiddenError = class extends InfisicalApiError {
+  constructor(message, options) {
+    super(message, { statusCode: 403, ...options });
+    this.name = "ForbiddenError";
+  }
+};
+var NotFoundError = class extends InfisicalApiError {
+  constructor(message, options) {
+    super(message, { statusCode: 404, ...options });
+    this.name = "NotFoundError";
+  }
+};
+var ValidationError = class extends InfisicalApiError {
+  constructor(message, options) {
+    super(message, { statusCode: 422, ...options });
+    this.name = "ValidationError";
+  }
+};
+var RateLimitError = class extends InfisicalApiError {
+  constructor(message, options) {
+    super(message, { statusCode: 429, ...options });
+    this.name = "RateLimitError";
+  }
+};
+var InternalServerError = class extends InfisicalApiError {
+  constructor(message, options) {
+    super(message, { statusCode: 500, ...options });
+    this.name = "InternalServerError";
+  }
+};
+var AuthenticationError = class extends Error {
+  currentMode;
+  allowedModes;
+  constructor(message, options) {
+    super(message);
+    this.name = "AuthenticationError";
+    this.currentMode = options.currentMode;
+    this.allowedModes = options.allowedModes;
+  }
+};
+var InfisicalNetworkError = class extends Error {
+  cause;
+  constructor(message, options) {
+    super(message);
+    this.name = "InfisicalNetworkError";
+    this.cause = options?.cause;
+  }
+};
+
+// src/http.ts
+function buildQueryString(params) {
+  if (!params) return "";
+  const entries = [];
+  for (const [key, value] of Object.entries(params)) {
+    if (value === void 0 || value === null) continue;
+    if (Array.isArray(value)) {
+      for (const item of value) {
+        entries.push(
+          `${encodeURIComponent(key)}=${encodeURIComponent(String(item))}`
+        );
+      }
+    } else {
+      entries.push(
+        `${encodeURIComponent(key)}=${encodeURIComponent(String(value))}`
+      );
+    }
+  }
+  return entries.length > 0 ? `?${entries.join("&")}` : "";
+}
+function getAuthHeader(auth) {
+  switch (auth.mode) {
+    case "jwt":
+      return { Authorization: `Bearer ${auth.token}` };
+    case "apiKey":
+      return { "X-API-KEY": auth.apiKey };
+    case "serviceToken":
+      return { Authorization: `Bearer ${auth.serviceToken}` };
+    case "identityAccessToken":
+      return { Authorization: `Bearer ${auth.accessToken}` };
+  }
+}
+function createApiError(statusCode, body, requestId) {
+  const message = body?.["message"] ?? body?.["error"] ?? `Request failed with status ${statusCode}`;
+  const opts = {
+    requestId,
+    errorType: body?.["type"],
+    details: body?.["details"] ?? body
+  };
+  switch (statusCode) {
+    case 400:
+      return new BadRequestError(message, opts);
+    case 401:
+      return new UnauthorizedError(message, opts);
+    case 403:
+      return new ForbiddenError(message, opts);
+    case 404:
+      return new NotFoundError(message, opts);
+    case 422:
+      return new ValidationError(message, opts);
+    case 429:
+      return new RateLimitError(message, opts);
+    case 500:
+      return new InternalServerError(message, opts);
+    default:
+      return new InfisicalApiError(message, { statusCode, ...opts });
+  }
+}
+function isAbortError(error) {
+  return error instanceof Error && (error.name === "AbortError" || typeof DOMException !== "undefined" && error instanceof DOMException && error.name === "AbortError");
+}
+var HttpClient = class {
+  config;
+  constructor(config) {
+    this.config = config;
+  }
+  async request(method, path, options) {
+    if (!options?.skipAuth) {
+      await this.config.authState.ensureValid();
+    }
+    const prefix = path.startsWith("/api/") ? "" : "/api/v2";
+    const url = `${this.config.baseUrl}${prefix}${path}${buildQueryString(options?.query)}`;
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
+    const headers = {
+      "Content-Type": "application/json",
+      Accept: "application/json",
+      ...!options?.skipAuth && this.config.authState.current ? getAuthHeader(this.config.authState.current) : {},
+      ...this.config.headers,
+      ...options?.headers
+    };
+    let response;
+    try {
+      response = await this.config.fetch(url, {
+        method,
+        headers,
+        body: options?.body !== void 0 ? JSON.stringify(options.body) : void 0,
+        signal: controller.signal
+      });
+    } catch (error) {
+      if (isAbortError(error)) {
+        throw new InfisicalNetworkError(
+          `Request timed out after ${this.config.timeout}ms`,
+          { cause: error }
+        );
+      }
+      throw new InfisicalNetworkError("Network request failed", {
+        cause: error instanceof Error ? error : new Error(String(error))
+      });
+    } finally {
+      clearTimeout(timeoutId);
+    }
+    const requestId = response.headers.get("x-request-id") ?? void 0;
+    if (!response.ok) {
+      if (response.status === 401 && !options?.skipAuth && this.config.authState.canRenew) {
+        await this.config.authState.forceRenew();
+        const retryHeaders = {
+          "Content-Type": "application/json",
+          Accept: "application/json",
+          ...this.config.authState.current ? getAuthHeader(this.config.authState.current) : {},
+          ...this.config.headers,
+          ...options?.headers
+        };
+        const retryController = new AbortController();
+        const retryTimeoutId = setTimeout(
+          () => retryController.abort(),
+          this.config.timeout
+        );
+        let retryResponse;
+        try {
+          retryResponse = await this.config.fetch(url, {
+            method,
+            headers: retryHeaders,
+            body: options?.body !== void 0 ? JSON.stringify(options.body) : void 0,
+            signal: retryController.signal
+          });
+        } catch (error) {
+          if (isAbortError(error)) {
+            throw new InfisicalNetworkError(
+              `Request timed out after ${this.config.timeout}ms`,
+              { cause: error }
+            );
+          }
+          throw new InfisicalNetworkError("Network request failed", {
+            cause: error instanceof Error ? error : new Error(String(error))
+          });
+        } finally {
+          clearTimeout(retryTimeoutId);
+        }
+        const retryRequestId = retryResponse.headers.get("x-request-id") ?? void 0;
+        if (!retryResponse.ok) {
+          let retryBody = null;
+          try {
+            retryBody = await retryResponse.json();
+          } catch {
+            const text2 = await retryResponse.text().catch(() => "Unknown error");
+            retryBody = { message: text2 };
+          }
+          throw createApiError(retryResponse.status, retryBody, retryRequestId);
+        }
+        if (retryResponse.status === 204) {
+          return void 0;
+        }
+        const retryText = await retryResponse.text();
+        if (!retryText) return void 0;
+        return JSON.parse(retryText);
+      }
+      let body = null;
+      try {
+        body = await response.json();
+      } catch {
+        const text2 = await response.text().catch(() => "Unknown error");
+        body = { message: text2 };
+      }
+      throw createApiError(response.status, body, requestId);
+    }
+    if (response.status === 204) {
+      return void 0;
+    }
+    const text = await response.text();
+    if (!text) return void 0;
+    return JSON.parse(text);
+  }
+  async get(path, query) {
+    return this.request("GET", path, { query });
+  }
+  async post(path, body, query) {
+    return this.request("POST", path, { body, query });
+  }
+  async postNoAuth(path, body, query) {
+    return this.request("POST", path, { body, query, skipAuth: true });
+  }
+  async put(path, body, query) {
+    return this.request("PUT", path, { body, query });
+  }
+  async patch(path, body, query) {
+    return this.request("PATCH", path, { body, query });
+  }
+  async delete(path, body, query) {
+    return this.request("DELETE", path, { body, query });
+  }
+};
+
+// src/client.ts
+var import_cross_fetch = __toESM(require("cross-fetch"));
+
+// src/auth-state.ts
+var AuthState = class {
+  _auth = null;
+  _expiresAt = null;
+  _renewFn = null;
+  _renewPromise = null;
+  setAuth(auth, expiresIn) {
+    this._auth = auth;
+    this._expiresAt = expiresIn != null ? Date.now() + expiresIn * 1e3 : null;
+  }
+  clearAuth() {
+    this._auth = null;
+    this._expiresAt = null;
+    this._renewFn = null;
+    this._renewPromise = null;
+  }
+  setRenewFn(fn) {
+    this._renewFn = fn;
+  }
+  get current() {
+    return this._auth;
+  }
+  get isAuthenticated() {
+    return this._auth !== null;
+  }
+  get mode() {
+    return this._auth?.mode ?? null;
+  }
+  get canRenew() {
+    return this._renewFn !== null;
+  }
+  async forceRenew() {
+    if (!this._renewFn) return;
+    if (this._renewPromise) {
+      await this._renewPromise;
+      return;
+    }
+    this._renewPromise = this._renew();
+    try {
+      await this._renewPromise;
+    } finally {
+      this._renewPromise = null;
+    }
+  }
+  async ensureValid() {
+    if (!this._auth) return;
+    if (this._expiresAt === null || this._renewFn === null) return;
+    if (Date.now() >= this._expiresAt - 3e4) {
+      if (this._renewPromise) {
+        await this._renewPromise;
+        return;
+      }
+      this._renewPromise = this._renew();
+      try {
+        await this._renewPromise;
+      } finally {
+        this._renewPromise = null;
+      }
+    }
+  }
+  async _renew() {
+    const result = await this._renewFn();
+    this.setAuth(result.auth, result.expiresIn);
+  }
+};
+
+// src/auth-manager.ts
+var AuthManager = class {
+  authState;
+  resources;
+  constructor(authState, resources) {
+    this.authState = authState;
+    this.resources = resources;
+  }
+  async login(params) {
+    const resolvedParams = typeof params === "function" ? await params() : params;
+    const loginFn = this.resolveLoginFn(resolvedParams);
+    const response = await loginFn();
+    this.authState.setAuth(
+      { mode: "identityAccessToken", accessToken: response.accessToken },
+      response.expiresIn
+    );
+    this.authState.setRenewFn(async () => {
+      const renewParams = typeof params === "function" ? await params() : params;
+      const response2 = await this.resolveLoginFn(renewParams)();
+      return {
+        auth: { mode: "identityAccessToken", accessToken: response2.accessToken },
+        expiresIn: response2.expiresIn
+      };
+    });
+    return response;
+  }
+  resolveLoginFn(params) {
+    if ("universalAuth" in params) {
+      return () => this.resources.universal.login(params.universalAuth);
+    }
+    if ("tokenAuth" in params) {
+      return () => this.resources.token.login(params.tokenAuth);
+    }
+    if ("awsAuth" in params) {
+      return () => this.resources.aws.login(params.awsAuth);
+    }
+    if ("gcpAuth" in params) {
+      return () => this.resources.gcp.login(params.gcpAuth);
+    }
+    if ("azureAuth" in params) {
+      return () => this.resources.azure.login(params.azureAuth);
+    }
+    if ("kubernetesAuth" in params) {
+      return () => this.resources.kubernetes.login(params.kubernetesAuth);
+    }
+    if ("oidcAuth" in params) {
+      return () => this.resources.oidc.login(params.oidcAuth);
+    }
+    if ("jwtAuth" in params) {
+      return () => this.resources.jwt.login(params.jwtAuth);
+    }
+    if ("ldapAuth" in params) {
+      return () => this.resources.ldap.login(params.ldapAuth);
+    }
+    if ("tlsCertAuth" in params) {
+      return () => this.resources.tlsCert.login(params.tlsCertAuth);
+    }
+    if ("ociAuth" in params) {
+      return () => this.resources.oci.login(params.ociAuth);
+    }
+    if ("alicloudAuth" in params) {
+      return () => this.resources.alicloud.login(params.alicloudAuth);
+    }
+    throw new Error("Invalid login params: no recognized auth method key");
+  }
+};
+
+// src/types/auth-modes.ts
+var RESOURCE_AUTH_MODES = {
+  secrets: ["jwt", "serviceToken", "identityAccessToken"],
+  secretFolders: ["jwt", "serviceToken", "identityAccessToken"],
+  secretImports: ["jwt", "serviceToken", "identityAccessToken"],
+  projects: ["jwt", "identityAccessToken"],
+  organizations: ["jwt", "identityAccessToken"],
+  organizationIdentities: ["jwt", "identityAccessToken"],
+  identities: ["jwt", "identityAccessToken"],
+  identityAuth: ["jwt", "identityAccessToken"],
+  identityAccessTokens: ["jwt", "identityAccessToken"],
+  pki: ["jwt", "identityAccessToken"],
+  kms: ["jwt", "identityAccessToken"],
+  secretTags: ["jwt", "identityAccessToken"],
+  appConnections: ["jwt", "identityAccessToken"],
+  secretSyncs: ["jwt", "identityAccessToken"],
+  integrationAuth: ["jwt", "identityAccessToken"],
+  admin: ["jwt"],
+  orgAdmin: ["jwt"],
+  secretSharing: ["jwt"],
+  webhooks: ["jwt"],
+  users: ["jwt"],
+  mfa: ["jwt"],
+  mfaSessions: ["jwt"],
+  serviceTokens: ["jwt"],
+  password: ["jwt"]
+};
+
+// src/resources/base.ts
+var BaseResource = class {
+  http;
+  authState;
+  authCategory;
+  constructor(http, authState, authCategory) {
+    this.http = http;
+    this.authState = authState;
+    this.authCategory = authCategory;
+  }
+  requireAuth() {
+    const mode = this.authState.mode;
+    if (!mode) {
+      throw new AuthenticationError(
+        "Not authenticated. Call client.login() first.",
+        { currentMode: null, allowedModes: RESOURCE_AUTH_MODES[this.authCategory] }
+      );
+    }
+    const allowed = RESOURCE_AUTH_MODES[this.authCategory];
+    if (!allowed.includes(mode)) {
+      throw new AuthenticationError(
+        `Auth mode "${mode}" is not allowed for ${this.authCategory}. Allowed modes: ${allowed.join(", ")}`,
+        { currentMode: mode, allowedModes: allowed }
+      );
+    }
+  }
+};
+
+// src/resources/mfa.ts
+var MfaResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "mfa");
+  }
+  async resendToken() {
+    this.requireAuth();
+    return this.http.post("/auth/mfa/send");
+  }
+  async checkTotp() {
+    this.requireAuth();
+    return this.http.get("/auth/mfa/check/totp");
+  }
+  async checkWebAuthn() {
+    this.requireAuth();
+    return this.http.get("/auth/mfa/check/webauthn");
+  }
+  async verify(params) {
+    this.requireAuth();
+    return this.http.post("/auth/mfa/verify", params);
+  }
+  async verifyRecoveryCode(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/auth/mfa/verify/recovery-code",
+      params
+    );
+  }
+};
+
+// src/resources/mfa-sessions.ts
+var MfaSessionsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "mfaSessions");
+  }
+  async verify(params) {
+    this.requireAuth();
+    const { mfaSessionId, ...body } = params;
+    return this.http.post(
+      `/mfa-sessions/${encodeURIComponent(mfaSessionId)}/verify`,
+      body
+    );
+  }
+  async getStatus(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/mfa-sessions/${encodeURIComponent(params.mfaSessionId)}/status`
+    );
+  }
+};
+
+// src/resources/users.ts
+var UsersResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "users");
+  }
+  async sendEmailVerificationCode(params) {
+    this.requireAuth();
+    await this.http.post("/users/me/emails/code", params);
+  }
+  async verifyEmailVerificationCode(params) {
+    this.requireAuth();
+    await this.http.post("/users/me/emails/verify", params);
+  }
+  async updateMfa(params) {
+    this.requireAuth();
+    return this.http.patch("/users/me/mfa", params);
+  }
+  async updateName(params) {
+    this.requireAuth();
+    return this.http.patch("/users/me/name", params);
+  }
+  async updateAuthMethods(params) {
+    this.requireAuth();
+    return this.http.put(
+      "/users/me/auth-methods",
+      params
+    );
+  }
+  async requestEmailChangeOtp(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/users/me/email-change/otp",
+      params
+    );
+  }
+  async updateEmail(params) {
+    this.requireAuth();
+    return this.http.patch("/users/me/email", params);
+  }
+  async listOrganizations() {
+    this.requireAuth();
+    return this.http.get(
+      "/users/me/organizations"
+    );
+  }
+  async listApiKeys() {
+    this.requireAuth();
+    return this.http.get("/users/me/api-keys");
+  }
+  async createApiKey(params) {
+    this.requireAuth();
+    return this.http.post("/users/me/api-keys", params);
+  }
+  async deleteApiKey(apiKeyDataId) {
+    this.requireAuth();
+    return this.http.delete(
+      `/users/me/api-keys/${encodeURIComponent(apiKeyDataId)}`
+    );
+  }
+  async listSessions() {
+    this.requireAuth();
+    return this.http.get("/users/me/sessions");
+  }
+  async revokeAllSessions() {
+    this.requireAuth();
+    return this.http.delete("/users/me/sessions");
+  }
+  async revokeSession(sessionId) {
+    this.requireAuth();
+    return this.http.delete(
+      `/users/me/sessions/${encodeURIComponent(sessionId)}`
+    );
+  }
+  async getMe() {
+    this.requireAuth();
+    return this.http.get("/users/me");
+  }
+  async deleteMe() {
+    this.requireAuth();
+    return this.http.delete("/users/me");
+  }
+};
+
+// src/resources/password.ts
+var PasswordResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "password");
+  }
+  async reset(params) {
+    this.requireAuth();
+    await this.http.post("/password/password-reset", params);
+  }
+  async resetAuthenticated(params) {
+    this.requireAuth();
+    await this.http.post("/password/user/password-reset", params);
+  }
+};
+
+// src/resources/service-tokens.ts
+var ServiceTokensResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "serviceTokens");
+  }
+  async get() {
+    this.requireAuth();
+    return this.http.get("/service-token");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/service-token",
+      params
+    );
+  }
+  async delete(serviceTokenId) {
+    this.requireAuth();
+    return this.http.delete(
+      `/service-token/${encodeURIComponent(serviceTokenId)}`
+    );
+  }
+};
+
+// src/resources/organizations.ts
+var OrganizationsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "organizations");
+  }
+  async list() {
+    this.requireAuth();
+    return this.http.get("/api/v1/organization");
+  }
+  async listMemberships(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/organizations/${encodeURIComponent(params.orgId)}/memberships`
+    );
+  }
+  async listProjects(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/organizations/${encodeURIComponent(params.orgId)}/workspaces`
+    );
+  }
+  async getMembership(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/organizations/${encodeURIComponent(params.orgId)}/memberships/${encodeURIComponent(params.membershipId)}`
+    );
+  }
+  async updateMembership(params) {
+    this.requireAuth();
+    const { orgId, membershipId, ...body } = params;
+    return this.http.patch(
+      `/organizations/${encodeURIComponent(orgId)}/memberships/${encodeURIComponent(membershipId)}`,
+      body
+    );
+  }
+  async deleteMembership(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/organizations/${encodeURIComponent(params.orgId)}/memberships/${encodeURIComponent(params.membershipId)}`
+    );
+  }
+  async bulkDeleteMemberships(params) {
+    this.requireAuth();
+    const { orgId, ...body } = params;
+    return this.http.delete(
+      `/organizations/${encodeURIComponent(orgId)}/memberships`,
+      body
+    );
+  }
+  async listProjectMembershipsByOrgMembership(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/organizations/${encodeURIComponent(params.orgId)}/memberships/${encodeURIComponent(params.membershipId)}/project-memberships`
+    );
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/organizations",
+      params
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/organizations/${encodeURIComponent(params.orgId)}`
+    );
+  }
+  async upgradePrivilegeSystem() {
+    this.requireAuth();
+    return this.http.post(
+      "/organizations/privilege-system-upgrade"
+    );
+  }
+};
+
+// src/resources/organization-identities.ts
+var OrganizationIdentitiesResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "organizationIdentities");
+  }
+  async list(params) {
+    this.requireAuth();
+    const { orgId, ...query } = params;
+    return this.http.get(
+      `/organizations/${encodeURIComponent(orgId)}/identity-memberships`,
+      { ...query }
+    );
+  }
+};
+
+// src/resources/secret-folders.ts
+var SecretFoldersResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "secretFolders");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post("/folders", params);
+  }
+  async update(params) {
+    this.requireAuth();
+    const { folderId, ...body } = params;
+    return this.http.patch(
+      `/folders/${encodeURIComponent(folderId)}`,
+      body
+    );
+  }
+  async updateBatch(params) {
+    this.requireAuth();
+    return this.http.patch(
+      "/folders/batch",
+      params
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    const { folderIdOrName, ...body } = params;
+    return this.http.delete(
+      `/folders/${encodeURIComponent(folderIdOrName)}`,
+      body
+    );
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/folders",
+      { ...params }
+    );
+  }
+  async getById(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/folders/${encodeURIComponent(params.id)}`
+    );
+  }
+};
+
+// src/resources/secret-imports.ts
+var SecretImportsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "secretImports");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/secret-imports",
+      params
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { secretImportId, ...body } = params;
+    return this.http.patch(
+      `/secret-imports/${encodeURIComponent(secretImportId)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    const { secretImportId, ...body } = params;
+    return this.http.delete(
+      `/secret-imports/${encodeURIComponent(secretImportId)}`,
+      body
+    );
+  }
+  async resyncReplication(params) {
+    this.requireAuth();
+    const { secretImportId, ...body } = params;
+    return this.http.post(
+      `/secret-imports/${encodeURIComponent(secretImportId)}/replication-resync`,
+      body
+    );
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/secret-imports",
+      { ...params }
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/secret-imports/${encodeURIComponent(params.secretImportId)}`
+    );
+  }
+  async getRawSecrets(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/secret-imports/secrets",
+      { ...params }
+    );
+  }
+};
+
+// src/resources/pki-ca.ts
+var PkiCaResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "pki");
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/pki/ca",
+      { ...params }
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/pki/ca/${encodeURIComponent(params.caId)}`
+    );
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/pki/ca",
+      params
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { caId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/pki/ca/${encodeURIComponent(caId)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/pki/ca/${encodeURIComponent(params.caId)}`
+    );
+  }
+  async getCsr(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/pki/ca/${encodeURIComponent(params.caId)}/csr`
+    );
+  }
+  async getCertificate(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/pki/ca/${encodeURIComponent(params.caId)}/certificate`
+    );
+  }
+  async listCertificates(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/pki/ca/${encodeURIComponent(params.caId)}/ca-certificates`
+    );
+  }
+  async getCrls(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/pki/ca/${encodeURIComponent(params.caId)}/crls`
+    );
+  }
+  async renew(params) {
+    this.requireAuth();
+    const { caId, ...body } = params;
+    return this.http.post(
+      `/api/v1/pki/ca/${encodeURIComponent(caId)}/renew`,
+      body
+    );
+  }
+  async signIntermediate(params) {
+    this.requireAuth();
+    const { caId, ...body } = params;
+    return this.http.post(
+      `/api/v1/pki/ca/${encodeURIComponent(caId)}/sign-intermediate`,
+      body
+    );
+  }
+};
+
+// src/resources/pki-templates.ts
+var PkiTemplatesResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "pki");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/pki/certificate-templates",
+      params
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { templateName, ...body } = params;
+    return this.http.patch(
+      `/pki/certificate-templates/${encodeURIComponent(templateName)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    const { templateName, ...body } = params;
+    return this.http.delete(
+      `/pki/certificate-templates/${encodeURIComponent(templateName)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    const { templateName, ...query } = params;
+    return this.http.get(
+      `/pki/certificate-templates/${encodeURIComponent(templateName)}`,
+      { ...query }
+    );
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/pki/certificate-templates",
+      { ...params }
+    );
+  }
+  async issueCertificate(params) {
+    this.requireAuth();
+    const { templateName, ...body } = params;
+    return this.http.post(
+      `/pki/certificate-templates/${encodeURIComponent(templateName)}/issue-certificate`,
+      body
+    );
+  }
+  async signCertificate(params) {
+    this.requireAuth();
+    const { templateName, ...body } = params;
+    return this.http.post(
+      `/pki/certificate-templates/${encodeURIComponent(templateName)}/sign-certificate`,
+      body
+    );
+  }
+};
+
+// src/resources/pki-alerts.ts
+var PkiAlertsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "pki");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post("/pki/alerts", params);
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/pki/alerts",
+      { ...params }
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/pki/alerts/${encodeURIComponent(params.alertId)}`
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { alertId, ...body } = params;
+    return this.http.patch(
+      `/pki/alerts/${encodeURIComponent(alertId)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/pki/alerts/${encodeURIComponent(params.alertId)}`
+    );
+  }
+  async listCertificates(params) {
+    this.requireAuth();
+    const { alertId, ...query } = params;
+    return this.http.get(
+      `/pki/alerts/${encodeURIComponent(alertId)}/certificates`,
+      { ...query }
+    );
+  }
+  async previewCertificates(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/pki/alerts/preview/certificates",
+      params
+    );
+  }
+};
+
+// src/resources/pki-certificates.ts
+var PkiCertificatesResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "pki");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/pki/certificates",
+      params
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/pki/certificates/${encodeURIComponent(params.certificateId)}`
+    );
+  }
+  async getBody(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/pki/certificates/${encodeURIComponent(params.certificateId)}/certificate`
+    );
+  }
+  async getBundle(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/pki/certificates/${encodeURIComponent(params.certificateId)}/bundle`
+    );
+  }
+  async getPrivateKey(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/pki/certificates/${encodeURIComponent(params.certificateId)}/private-key`
+    );
+  }
+  async renew(params) {
+    this.requireAuth();
+    const { certificateId, ...body } = params;
+    return this.http.post(
+      `/api/v1/pki/certificates/${encodeURIComponent(certificateId)}/renew`,
+      body
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    const { certificateId, ...body } = params;
+    return this.http.post(
+      `/api/v1/pki/certificates/${encodeURIComponent(certificateId)}/revoke`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/pki/certificates/${encodeURIComponent(params.certificateId)}`
+    );
+  }
+  async updateConfig(params) {
+    this.requireAuth();
+    const { certificateId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/pki/certificates/${encodeURIComponent(certificateId)}/config`,
+      body
+    );
+  }
+};
+
+// src/resources/secret-tags.ts
+var SecretTagsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "secretTags");
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/${encodeURIComponent(params.projectId)}/tags`
+    );
+  }
+  async getById(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/${encodeURIComponent(params.projectId)}/tags/${encodeURIComponent(params.tagId)}`
+    );
+  }
+  async getBySlug(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/${encodeURIComponent(params.projectId)}/tags/slug/${encodeURIComponent(params.tagSlug)}`
+    );
+  }
+  async create(params) {
+    this.requireAuth();
+    const { projectId, ...body } = params;
+    return this.http.post(
+      `/api/v1/${encodeURIComponent(projectId)}/tags`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { projectId, tagId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/${encodeURIComponent(projectId)}/tags/${encodeURIComponent(tagId)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/${encodeURIComponent(params.projectId)}/tags/${encodeURIComponent(params.tagId)}`
+    );
+  }
+};
+
+// src/resources/identities.ts
+var IdentitiesResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identities");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/identities",
+      params
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async listProjectMemberships(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/identities/${encodeURIComponent(params.identityId)}/identity-memberships`
+    );
+  }
+  async search(params) {
+    this.requireAuth();
+    const { organizationId, ...query } = params;
+    return this.http.get(
+      `/api/v1/organizations/${encodeURIComponent(organizationId)}/identities`,
+      { ...query }
+    );
+  }
+};
+
+// src/resources/identity-access-tokens.ts
+var IdentityAccessTokensResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAccessTokens");
+  }
+  async renew(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/auth/token/renew",
+      params
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/auth/token/revoke",
+      params
+    );
+  }
+};
+
+// src/resources/identity-universal-auth.ts
+var IdentityUniversalAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/universal-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/universal-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/universal-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/universal-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/universal-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async createClientSecret(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/universal-auth/identities/${encodeURIComponent(identityId)}/client-secrets`,
+      body
+    );
+  }
+  async listClientSecrets(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/universal-auth/identities/${encodeURIComponent(params.identityId)}/client-secrets`
+    );
+  }
+  async getClientSecret(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/universal-auth/identities/${encodeURIComponent(params.identityId)}/client-secrets/${encodeURIComponent(params.clientSecretId)}`
+    );
+  }
+  async revokeClientSecret(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/universal-auth/identities/${encodeURIComponent(params.identityId)}/client-secrets/${encodeURIComponent(params.clientSecretId)}`
+    );
+  }
+};
+
+// src/resources/identity-token-auth.ts
+var IdentityTokenAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/token/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/token-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/token-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/token-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/token-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async createToken(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/token-auth/identities/${encodeURIComponent(identityId)}/tokens`,
+      body
+    );
+  }
+  async listTokens(params) {
+    this.requireAuth();
+    const { identityId, ...query } = params;
+    return this.http.get(
+      `/api/v1/auth/token-auth/identities/${encodeURIComponent(identityId)}/tokens`,
+      { ...query }
+    );
+  }
+  async getToken(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/token-auth/identities/${encodeURIComponent(params.identityId)}/tokens/${encodeURIComponent(params.tokenId)}`
+    );
+  }
+  async updateToken(params) {
+    this.requireAuth();
+    const { identityId, tokenId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/token-auth/identities/${encodeURIComponent(identityId)}/tokens/${encodeURIComponent(tokenId)}`,
+      body
+    );
+  }
+  async revokeToken(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/token-auth/identities/${encodeURIComponent(params.identityId)}/tokens/${encodeURIComponent(params.tokenId)}`
+    );
+  }
+};
+
+// src/resources/identity-aws-auth.ts
+var IdentityAwsAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/aws-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/aws-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/aws-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/aws-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/aws-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/identity-gcp-auth.ts
+var IdentityGcpAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/gcp-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/gcp-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/gcp-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/gcp-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/gcp-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/identity-azure-auth.ts
+var IdentityAzureAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/azure-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/azure-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/azure-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/azure-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/azure-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/identity-kubernetes-auth.ts
+var IdentityKubernetesAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/kubernetes-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/kubernetes-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/kubernetes-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/kubernetes-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/kubernetes-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/identity-oidc-auth.ts
+var IdentityOidcAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/oidc-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/oidc-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/oidc-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/oidc-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/oidc-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/identity-jwt-auth.ts
+var IdentityJwtAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/jwt-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/jwt-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/jwt-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/jwt-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/jwt-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/identity-ldap-auth.ts
+var IdentityLdapAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/ldap-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/ldap-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/ldap-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/ldap-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/ldap-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/identity-tls-cert-auth.ts
+var IdentityTlsCertAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/tls-cert-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/tls-cert-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/tls-cert-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/tls-cert-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/tls-cert-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/identity-oci-auth.ts
+var IdentityOciAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/oci-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/oci-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/oci-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/oci-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/oci-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/identity-alicloud-auth.ts
+var IdentityAlicloudAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "identityAuth");
+  }
+  async login(params) {
+    return this.http.postNoAuth(
+      "/api/v1/auth/alicloud-auth/login",
+      params
+    );
+  }
+  async attach(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.post(
+      `/api/v1/auth/alicloud-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { identityId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/auth/alicloud-auth/identities/${encodeURIComponent(identityId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/auth/alicloud-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+  async revoke(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/auth/alicloud-auth/identities/${encodeURIComponent(params.identityId)}`
+    );
+  }
+};
+
+// src/resources/projects.ts
+var ProjectsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "projects");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/projects",
+      params
+    );
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/projects",
+      { ...params }
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/workspace/${encodeURIComponent(params.projectId)}`
+    );
+  }
+  async getBySlug(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/projects/slug/${encodeURIComponent(params.slug)}`
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { projectId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/workspace/${encodeURIComponent(projectId)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/workspace/${encodeURIComponent(params.projectId)}`
+    );
+  }
+  async listMemberships(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/workspace/${encodeURIComponent(params.projectId)}/memberships`
+    );
+  }
+  async listEnvironments(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/workspace/${encodeURIComponent(params.projectId)}/environments`
+    );
+  }
+  async createEnvironment(params) {
+    this.requireAuth();
+    const { projectId, ...body } = params;
+    return this.http.post(
+      `/api/v1/workspace/${encodeURIComponent(projectId)}/environments`,
+      body
+    );
+  }
+  async updateEnvironment(params) {
+    this.requireAuth();
+    const { projectId, environmentId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/workspace/${encodeURIComponent(projectId)}/environments/${encodeURIComponent(environmentId)}`,
+      body
+    );
+  }
+  async deleteEnvironment(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/workspace/${encodeURIComponent(params.projectId)}/environments/${encodeURIComponent(params.environmentId)}`
+    );
+  }
+  async listRoles(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/workspace/${encodeURIComponent(params.projectId)}/roles`
+    );
+  }
+  async listTags(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/workspace/${encodeURIComponent(params.projectId)}/tags`
+    );
+  }
+};
+
+// src/resources/webhooks.ts
+var WebhooksResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "webhooks");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/webhooks",
+      params
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { webhookId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/webhooks/${encodeURIComponent(webhookId)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/webhooks/${encodeURIComponent(params.webhookId)}`
+    );
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/webhooks",
+      { ...params }
+    );
+  }
+  async test(params) {
+    this.requireAuth();
+    return this.http.post(
+      `/api/v1/webhooks/${encodeURIComponent(params.webhookId)}/test`
+    );
+  }
+};
+
+// src/resources/secret-sharing.ts
+var SecretSharingResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "secretSharing");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/secret-sharing",
+      params
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/secret-sharing/${encodeURIComponent(params.sharedSecretId)}`,
+      { hashedHex: params.hashedHex }
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/secret-sharing/${encodeURIComponent(params.sharedSecretId)}`
+    );
+  }
+  async list() {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/secret-sharing"
+    );
+  }
+};
+
+// src/resources/secrets.ts
+var SecretsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "secrets");
+  }
+  async getAccessList(params) {
+    this.requireAuth();
+    const { secretName, ...query } = params;
+    return this.http.get(
+      `/api/v1/secrets/${encodeURIComponent(secretName)}/access-list`,
+      { ...query }
+    );
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v4/secrets",
+      { ...params }
+    );
+  }
+  async getByName(params) {
+    this.requireAuth();
+    const { secretName, ...query } = params;
+    return this.http.get(
+      `/api/v4/secrets/${encodeURIComponent(secretName)}`,
+      { ...query }
+    );
+  }
+  async getById(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v4/secrets/id/${encodeURIComponent(params.secretId)}`
+    );
+  }
+  async create(params) {
+    this.requireAuth();
+    const { secretName, ...body } = params;
+    return this.http.post(
+      `/api/v4/secrets/${encodeURIComponent(secretName)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { secretName, ...body } = params;
+    return this.http.patch(
+      `/api/v4/secrets/${encodeURIComponent(secretName)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    const { secretName, ...body } = params;
+    return this.http.delete(
+      `/api/v4/secrets/${encodeURIComponent(secretName)}`,
+      body
+    );
+  }
+  async batchCreate(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v4/secrets/batch",
+      params
+    );
+  }
+  async batchUpdate(params) {
+    this.requireAuth();
+    return this.http.patch(
+      "/api/v4/secrets/batch",
+      params
+    );
+  }
+  async batchDelete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      "/api/v4/secrets/batch",
+      params
+    );
+  }
+  async move(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v4/secrets/move",
+      params
+    );
+  }
+};
+
+// src/resources/kms.ts
+var KmsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "kms");
+  }
+  async createKey(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/kms/keys",
+      params
+    );
+  }
+  async updateKey(params) {
+    this.requireAuth();
+    const { keyId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/kms/keys/${encodeURIComponent(keyId)}`,
+      body
+    );
+  }
+  async deleteKey(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/kms/keys/${encodeURIComponent(params.keyId)}`
+    );
+  }
+  async getKey(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/kms/keys/${encodeURIComponent(params.keyId)}`
+    );
+  }
+  async listKeys(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/kms/keys",
+      { ...params }
+    );
+  }
+  async encrypt(params) {
+    this.requireAuth();
+    const { keyId, ...body } = params;
+    return this.http.post(
+      `/api/v1/kms/keys/${encodeURIComponent(keyId)}/encrypt`,
+      body
+    );
+  }
+  async decrypt(params) {
+    this.requireAuth();
+    const { keyId, ...body } = params;
+    return this.http.post(
+      `/api/v1/kms/keys/${encodeURIComponent(keyId)}/decrypt`,
+      body
+    );
+  }
+  async getKeyByName(params) {
+    this.requireAuth();
+    const { keyName, ...query } = params;
+    return this.http.get(
+      `/api/v1/kms/keys/key-name/${encodeURIComponent(keyName)}`,
+      { ...query }
+    );
+  }
+  async getPublicKey(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/kms/keys/${encodeURIComponent(params.keyId)}/public-key`
+    );
+  }
+  async getPrivateKey(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/kms/keys/${encodeURIComponent(params.keyId)}/private-key`
+    );
+  }
+  async listSigningAlgorithms(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/kms/keys/${encodeURIComponent(params.keyId)}/signing-algorithms`
+    );
+  }
+  async sign(params) {
+    this.requireAuth();
+    const { keyId, ...body } = params;
+    return this.http.post(
+      `/api/v1/kms/keys/${encodeURIComponent(keyId)}/sign`,
+      body
+    );
+  }
+  async verify(params) {
+    this.requireAuth();
+    const { keyId, ...body } = params;
+    return this.http.post(
+      `/api/v1/kms/keys/${encodeURIComponent(keyId)}/verify`,
+      body
+    );
+  }
+};
+
+// src/resources/integration-auth.ts
+var IntegrationAuthResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "integrationAuth");
+  }
+  async create(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/integration-auth/access-token",
+      params
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/integration-auth/${encodeURIComponent(params.integrationAuthId)}`
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/integration-auth/${encodeURIComponent(params.integrationAuthId)}`
+    );
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/integration-auth",
+      { ...params }
+    );
+  }
+};
+
+// src/resources/app-connections.ts
+var AppConnectionsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "appConnections");
+  }
+  async create(params) {
+    this.requireAuth();
+    const { app, ...body } = params;
+    return this.http.post(
+      `/api/v1/app-connections/${encodeURIComponent(app)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { app, connectionId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/app-connections/${encodeURIComponent(app)}/${encodeURIComponent(connectionId)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/app-connections/${encodeURIComponent(params.app)}/${encodeURIComponent(params.connectionId)}`
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/app-connections/${encodeURIComponent(params.app)}/${encodeURIComponent(params.connectionId)}`
+    );
+  }
+  async list(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/app-connections/${encodeURIComponent(params.app)}`
+    );
+  }
+  async getByName(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/app-connections/${encodeURIComponent(params.app)}/connection-name/${encodeURIComponent(params.connectionName)}`
+    );
+  }
+  async checkAvailability(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/app-connections/${encodeURIComponent(params.app)}/available`
+    );
+  }
+  async listAll() {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/app-connections/list"
+    );
+  }
+};
+
+// src/resources/secret-syncs.ts
+var SecretSyncsResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "secretSyncs");
+  }
+  async create(params) {
+    this.requireAuth();
+    const { destination, ...body } = params;
+    return this.http.post(
+      `/api/v1/secret-syncs/${encodeURIComponent(destination)}`,
+      body
+    );
+  }
+  async update(params) {
+    this.requireAuth();
+    const { destination, syncId, ...body } = params;
+    return this.http.patch(
+      `/api/v1/secret-syncs/${encodeURIComponent(destination)}/${encodeURIComponent(syncId)}`,
+      body
+    );
+  }
+  async delete(params) {
+    this.requireAuth();
+    const { destination, syncId, ...body } = params;
+    return this.http.delete(
+      `/api/v1/secret-syncs/${encodeURIComponent(destination)}/${encodeURIComponent(syncId)}`,
+      body
+    );
+  }
+  async get(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/secret-syncs/${encodeURIComponent(params.destination)}/${encodeURIComponent(params.syncId)}`
+    );
+  }
+  async list(params) {
+    this.requireAuth();
+    const { destination, ...query } = params;
+    return this.http.get(
+      `/api/v1/secret-syncs/${encodeURIComponent(destination)}`,
+      { ...query }
+    );
+  }
+  async trigger(params) {
+    this.requireAuth();
+    return this.http.post(
+      `/api/v1/secret-syncs/${encodeURIComponent(params.destination)}/${encodeURIComponent(params.syncId)}/sync`
+    );
+  }
+  async importSecrets(params) {
+    this.requireAuth();
+    return this.http.post(
+      `/api/v1/secret-syncs/${encodeURIComponent(params.destination)}/${encodeURIComponent(params.syncId)}/import-secrets`
+    );
+  }
+  async removeSecrets(params) {
+    this.requireAuth();
+    return this.http.post(
+      `/api/v1/secret-syncs/${encodeURIComponent(params.destination)}/${encodeURIComponent(params.syncId)}/remove-secrets`
+    );
+  }
+  async getByName(params) {
+    this.requireAuth();
+    return this.http.get(
+      `/api/v1/secret-syncs/${encodeURIComponent(params.destination)}/sync-name/${encodeURIComponent(params.syncName)}`
+    );
+  }
+};
+
+// src/resources/admin.ts
+var AdminResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "admin");
+  }
+  // Bootstrap & Signup
+  async bootstrap(params) {
+    return this.http.postNoAuth("/api/v1/admin/bootstrap", params);
+  }
+  async signup(params) {
+    this.requireAuth();
+    return this.http.post("/api/v1/admin/signup", params);
+  }
+  // Config
+  async getConfig() {
+    this.requireAuth();
+    return this.http.get("/api/v1/admin/config");
+  }
+  async updateConfig(params) {
+    this.requireAuth();
+    return this.http.patch("/api/v1/admin/config", params);
+  }
+  // User Management
+  async listUsers(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/admin/user-management/users",
+      { ...params }
+    );
+  }
+  async deleteUser(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/admin/user-management/users/${encodeURIComponent(params.userId)}`
+    );
+  }
+  async deleteUsers(params) {
+    this.requireAuth();
+    return this.http.delete(
+      "/api/v1/admin/user-management/users",
+      params
+    );
+  }
+  async grantAdminAccess(params) {
+    this.requireAuth();
+    return this.http.patch(
+      `/api/v1/admin/user-management/users/${encodeURIComponent(params.userId)}/admin-access`
+    );
+  }
+  async revokeAdminAccess(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/admin/user-management/users/${encodeURIComponent(params.userId)}/admin-access`
+    );
+  }
+  // Organization Management
+  async listOrganizations(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/admin/organization-management/organizations",
+      { ...params }
+    );
+  }
+  async createOrganization(params) {
+    this.requireAuth();
+    return this.http.post(
+      "/api/v1/admin/organization-management/organizations",
+      params
+    );
+  }
+  async deleteOrganization(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/admin/organization-management/organizations/${encodeURIComponent(params.organizationId)}`
+    );
+  }
+  async deleteOrgMembership(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/admin/organization-management/organizations/${encodeURIComponent(params.organizationId)}/memberships/${encodeURIComponent(params.membershipId)}`
+    );
+  }
+  async resendOrgInvite(params) {
+    this.requireAuth();
+    return this.http.post(
+      `/api/v1/admin/organization-management/organizations/${encodeURIComponent(params.organizationId)}/memberships/${encodeURIComponent(params.membershipId)}/resend-invite`
+    );
+  }
+  async joinOrganization(params) {
+    this.requireAuth();
+    return this.http.post(
+      `/api/v1/admin/organization-management/organizations/${encodeURIComponent(params.organizationId)}/access`
+    );
+  }
+  // Identity Management
+  async listIdentities(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/admin/identity-management/identities",
+      { ...params }
+    );
+  }
+  async grantIdentitySuperAdmin(params) {
+    this.requireAuth();
+    return this.http.patch(
+      `/api/v1/admin/identity-management/identities/${encodeURIComponent(params.identityId)}/super-admin-access`
+    );
+  }
+  async revokeIdentitySuperAdmin(params) {
+    this.requireAuth();
+    return this.http.delete(
+      `/api/v1/admin/identity-management/identities/${encodeURIComponent(params.identityId)}/super-admin-access`
+    );
+  }
+  // Integrations
+  async getIntegrations() {
+    this.requireAuth();
+    return this.http.get("/api/v1/admin/integrations");
+  }
+  // Encryption
+  async getEncryptionStrategies() {
+    this.requireAuth();
+    return this.http.get("/api/v1/admin/encryption-strategies");
+  }
+  async updateEncryptionStrategy(params) {
+    this.requireAuth();
+    return this.http.patch(
+      "/api/v1/admin/encryption-strategies",
+      params
+    );
+  }
+  // Environment Overrides
+  async getEnvOverrides() {
+    this.requireAuth();
+    return this.http.get("/api/v1/admin/env-overrides");
+  }
+  // Cache
+  async invalidateCache(params) {
+    this.requireAuth();
+    return this.http.post("/api/v1/admin/invalidate-cache", params);
+  }
+  async getCacheStatus() {
+    this.requireAuth();
+    return this.http.get("/api/v1/admin/invalidating-cache-status");
+  }
+  // Usage Report
+  async generateUsageReport() {
+    this.requireAuth();
+    return this.http.post("/api/v1/admin/usage-report/generate");
+  }
+};
+
+// src/resources/org-admin.ts
+var OrgAdminResource = class extends BaseResource {
+  constructor(http, authState) {
+    super(http, authState, "orgAdmin");
+  }
+  async listProjects(params) {
+    this.requireAuth();
+    return this.http.get(
+      "/api/v1/org-admin/projects",
+      { ...params }
+    );
+  }
+  async grantProjectAccess(params) {
+    this.requireAuth();
+    return this.http.post(
+      `/api/v1/org-admin/projects/${encodeURIComponent(params.projectId)}/grant-admin-access`
+    );
+  }
+};
+
+// src/client.ts
+var InfisicalClient = class {
+  mfa;
+  mfaSessions;
+  users;
+  password;
+  serviceTokens;
+  organizations;
+  organizationIdentities;
+  secretFolders;
+  secretImports;
+  pki;
+  secretTags;
+  identities;
+  identityAccessTokens;
+  identityAuth;
+  projects;
+  webhooks;
+  secretSharing;
+  secrets;
+  kms;
+  integrationAuth;
+  appConnections;
+  secretSyncs;
+  admin;
+  orgAdmin;
+  _authState;
+  _authManager;
+  constructor(config = {}) {
+    this._authState = new AuthState();
+    const http = new HttpClient({
+      baseUrl: config.baseUrl ?? "https://app.infisical.com",
+      authState: this._authState,
+      fetch: config.fetch ?? import_cross_fetch.default,
+      timeout: config.timeout ?? 3e4,
+      headers: config.headers
+    });
+    const as = this._authState;
+    this.mfa = new MfaResource(http, as);
+    this.mfaSessions = new MfaSessionsResource(http, as);
+    this.users = new UsersResource(http, as);
+    this.password = new PasswordResource(http, as);
+    this.serviceTokens = new ServiceTokensResource(http, as);
+    this.organizations = new OrganizationsResource(http, as);
+    this.organizationIdentities = new OrganizationIdentitiesResource(http, as);
+    this.secretFolders = new SecretFoldersResource(http, as);
+    this.secretImports = new SecretImportsResource(http, as);
+    this.pki = {
+      ca: new PkiCaResource(http, as),
+      templates: new PkiTemplatesResource(http, as),
+      alerts: new PkiAlertsResource(http, as),
+      certificates: new PkiCertificatesResource(http, as)
+    };
+    this.secretTags = new SecretTagsResource(http, as);
+    this.identities = new IdentitiesResource(http, as);
+    this.identityAccessTokens = new IdentityAccessTokensResource(http, as);
+    const identityAuthResources = {
+      universal: new IdentityUniversalAuthResource(http, as),
+      token: new IdentityTokenAuthResource(http, as),
+      aws: new IdentityAwsAuthResource(http, as),
+      gcp: new IdentityGcpAuthResource(http, as),
+      azure: new IdentityAzureAuthResource(http, as),
+      kubernetes: new IdentityKubernetesAuthResource(http, as),
+      oidc: new IdentityOidcAuthResource(http, as),
+      jwt: new IdentityJwtAuthResource(http, as),
+      ldap: new IdentityLdapAuthResource(http, as),
+      tlsCert: new IdentityTlsCertAuthResource(http, as),
+      oci: new IdentityOciAuthResource(http, as),
+      alicloud: new IdentityAlicloudAuthResource(http, as)
+    };
+    this.identityAuth = identityAuthResources;
+    this._authManager = new AuthManager(this._authState, identityAuthResources);
+    this.projects = new ProjectsResource(http, as);
+    this.webhooks = new WebhooksResource(http, as);
+    this.secretSharing = new SecretSharingResource(http, as);
+    this.secrets = new SecretsResource(http, as);
+    this.kms = new KmsResource(http, as);
+    this.integrationAuth = new IntegrationAuthResource(http, as);
+    this.appConnections = new AppConnectionsResource(http, as);
+    this.secretSyncs = new SecretSyncsResource(http, as);
+    this.admin = new AdminResource(http, as);
+    this.orgAdmin = new OrgAdminResource(http, as);
+  }
+  async login(params) {
+    return this._authManager.login(params);
+  }
+  /**
+   * Set a pre-existing identity access token directly (e.g., from external auth).
+   * This bypasses the login flow and sets the token directly on the auth state.
+   */
+  setAccessToken(accessToken, expiresIn, renewFn) {
+    this._authState.setAuth(
+      { mode: "identityAccessToken", accessToken },
+      expiresIn
+    );
+    if (renewFn) {
+      this._authState.setRenewFn(async () => {
+        const result = await renewFn();
+        return {
+          auth: { mode: "identityAccessToken", accessToken: result.accessToken },
+          expiresIn: result.expiresIn
+        };
+      });
+    }
+  }
+  /**
+   * Set a pre-existing JWT token directly (e.g., from bootstrap or user login).
+   * Use this for admin operations that require JWT auth mode.
+   */
+  setJwtToken(token, expiresIn, renewFn) {
+    this._authState.setAuth(
+      { mode: "jwt", token },
+      expiresIn
+    );
+    if (renewFn) {
+      this._authState.setRenewFn(async () => {
+        const result = await renewFn();
+        return {
+          auth: { mode: "jwt", token: result.token },
+          expiresIn: result.expiresIn
+        };
+      });
+    }
+  }
+  get isAuthenticated() {
+    return this._authState.isAuthenticated;
+  }
+  get authMode() {
+    return this._authState.mode;
+  }
+  logout() {
+    this._authState.clearAuth();
+  }
+};
+
+// src/types/common.ts
+var AuthMethod = /* @__PURE__ */ ((AuthMethod2) => {
+  AuthMethod2["EMAIL"] = "email";
+  AuthMethod2["GOOGLE"] = "google";
+  AuthMethod2["GITHUB"] = "github";
+  AuthMethod2["GITLAB"] = "gitlab";
+  return AuthMethod2;
+})(AuthMethod || {});
+var MfaMethod = /* @__PURE__ */ ((MfaMethod2) => {
+  MfaMethod2["EMAIL"] = "email";
+  MfaMethod2["TOTP"] = "totp";
+  MfaMethod2["WEBAUTHN"] = "webauthn";
+  return MfaMethod2;
+})(MfaMethod || {});
+var OrgMembershipStatus = /* @__PURE__ */ ((OrgMembershipStatus2) => {
+  OrgMembershipStatus2["Accepted"] = "accepted";
+  OrgMembershipStatus2["Invited"] = "invited";
+  return OrgMembershipStatus2;
+})(OrgMembershipStatus || {});
+var OrgIdentityOrderBy = /* @__PURE__ */ ((OrgIdentityOrderBy2) => {
+  OrgIdentityOrderBy2["Name"] = "name";
+  return OrgIdentityOrderBy2;
+})(OrgIdentityOrderBy || {});
+var OrderByDirection = /* @__PURE__ */ ((OrderByDirection2) => {
+  OrderByDirection2["ASC"] = "asc";
+  OrderByDirection2["DESC"] = "desc";
+  return OrderByDirection2;
+})(OrderByDirection || {});
+var MfaSessionStatus = /* @__PURE__ */ ((MfaSessionStatus2) => {
+  MfaSessionStatus2["PENDING"] = "pending";
+  MfaSessionStatus2["VERIFIED"] = "verified";
+  MfaSessionStatus2["EXPIRED"] = "expired";
+  return MfaSessionStatus2;
+})(MfaSessionStatus || {});
+var PkiAlertEventType = /* @__PURE__ */ ((PkiAlertEventType2) => {
+  PkiAlertEventType2["EXPIRING"] = "expiring";
+  return PkiAlertEventType2;
+})(PkiAlertEventType || {});
+var PkiAlertChannelType = /* @__PURE__ */ ((PkiAlertChannelType2) => {
+  PkiAlertChannelType2["EMAIL"] = "email";
+  PkiAlertChannelType2["WEBHOOK"] = "webhook";
+  PkiAlertChannelType2["SLACK"] = "slack";
+  PkiAlertChannelType2["PAGERDUTY"] = "pagerduty";
+  return PkiAlertChannelType2;
+})(PkiAlertChannelType || {});
+var CertKeyUsage = /* @__PURE__ */ ((CertKeyUsage2) => {
+  CertKeyUsage2["DIGITAL_SIGNATURE"] = "digitalSignature";
+  CertKeyUsage2["KEY_ENCIPHERMENT"] = "keyEncipherment";
+  CertKeyUsage2["DATA_ENCIPHERMENT"] = "dataEncipherment";
+  CertKeyUsage2["KEY_AGREEMENT"] = "keyAgreement";
+  CertKeyUsage2["KEY_CERT_SIGN"] = "keyCertSign";
+  CertKeyUsage2["CRL_SIGN"] = "cRLSign";
+  CertKeyUsage2["NON_REPUDIATION"] = "nonRepudiation";
+  CertKeyUsage2["ENCIPHER_ONLY"] = "encipherOnly";
+  CertKeyUsage2["DECIPHER_ONLY"] = "decipherOnly";
+  return CertKeyUsage2;
+})(CertKeyUsage || {});
+var CertExtendedKeyUsage = /* @__PURE__ */ ((CertExtendedKeyUsage2) => {
+  CertExtendedKeyUsage2["SERVER_AUTH"] = "serverAuth";
+  CertExtendedKeyUsage2["CLIENT_AUTH"] = "clientAuth";
+  CertExtendedKeyUsage2["CODE_SIGNING"] = "codeSigning";
+  CertExtendedKeyUsage2["EMAIL_PROTECTION"] = "emailProtection";
+  CertExtendedKeyUsage2["TIME_STAMPING"] = "timeStamping";
+  CertExtendedKeyUsage2["OCSP_SIGNING"] = "ocspSigning";
+  return CertExtendedKeyUsage2;
+})(CertExtendedKeyUsage || {});
+var CaType = /* @__PURE__ */ ((CaType2) => {
+  CaType2["INTERNAL"] = "internal";
+  CaType2["ACME"] = "acme";
+  CaType2["AZURE_AD_CS"] = "azure-ad-cs";
+  return CaType2;
+})(CaType || {});
+var JwtSignatureAlgorithm = /* @__PURE__ */ ((JwtSignatureAlgorithm2) => {
+  JwtSignatureAlgorithm2["RS256"] = "RS256";
+  JwtSignatureAlgorithm2["RS384"] = "RS384";
+  JwtSignatureAlgorithm2["RS512"] = "RS512";
+  JwtSignatureAlgorithm2["ES256"] = "ES256";
+  JwtSignatureAlgorithm2["ES384"] = "ES384";
+  JwtSignatureAlgorithm2["ES512"] = "ES512";
+  JwtSignatureAlgorithm2["PS256"] = "PS256";
+  JwtSignatureAlgorithm2["PS384"] = "PS384";
+  JwtSignatureAlgorithm2["PS512"] = "PS512";
+  JwtSignatureAlgorithm2["EdDSA"] = "EdDSA";
+  return JwtSignatureAlgorithm2;
+})(JwtSignatureAlgorithm || {});
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AdminResource,
+  AppConnectionsResource,
+  AuthManager,
+  AuthMethod,
+  AuthState,
+  AuthenticationError,
+  BadRequestError,
+  CaType,
+  CertExtendedKeyUsage,
+  CertKeyUsage,
+  ForbiddenError,
+  HttpClient,
+  IdentitiesResource,
+  IdentityAccessTokensResource,
+  IdentityAlicloudAuthResource,
+  IdentityAwsAuthResource,
+  IdentityAzureAuthResource,
+  IdentityGcpAuthResource,
+  IdentityJwtAuthResource,
+  IdentityKubernetesAuthResource,
+  IdentityLdapAuthResource,
+  IdentityOciAuthResource,
+  IdentityOidcAuthResource,
+  IdentityTlsCertAuthResource,
+  IdentityTokenAuthResource,
+  IdentityUniversalAuthResource,
+  InfisicalApiError,
+  InfisicalClient,
+  InfisicalNetworkError,
+  IntegrationAuthResource,
+  InternalServerError,
+  JwtSignatureAlgorithm,
+  KmsResource,
+  MfaMethod,
+  MfaResource,
+  MfaSessionStatus,
+  MfaSessionsResource,
+  NotFoundError,
+  OrderByDirection,
+  OrgAdminResource,
+  OrgIdentityOrderBy,
+  OrgMembershipStatus,
+  OrganizationIdentitiesResource,
+  OrganizationsResource,
+  PasswordResource,
+  PkiAlertChannelType,
+  PkiAlertEventType,
+  PkiAlertsResource,
+  PkiCaResource,
+  PkiCertificatesResource,
+  PkiTemplatesResource,
+  ProjectsResource,
+  RESOURCE_AUTH_MODES,
+  RateLimitError,
+  SecretFoldersResource,
+  SecretImportsResource,
+  SecretSharingResource,
+  SecretSyncsResource,
+  SecretTagsResource,
+  SecretsResource,
+  ServiceTokensResource,
+  UnauthorizedError,
+  UsersResource,
+  ValidationError,
+  WebhooksResource
+});
+//# sourceMappingURL=index.js.map