npm - @bagelink/auth - Versions diffs - 1.12.5 → 1.12.11 - Mend

@bagelink/auth 1.12.5 → 1.12.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/api.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { RegisterRequest, UpdateAccountRequest, ChangePasswordRequest, ForgotPasswordRequest, ResetPasswordRequest, SendVerificationRequest, VerifyEmailRequest, AuthenticationAccount, PasswordLoginRequest, EmailTokenSendRequest, EmailTokenVerifyRequest, OTPSendRequest, OTPVerifyRequest, SSOLoginRequest, LoginResponse, RegisterResponse, LogoutResponse, GetMeResponse, UpdateMeResponse, DeleteMeResponse, ChangePasswordResponse, ForgotPasswordResponse, ResetPasswordResponse, VerifyResetTokenResponse, SendVerificationResponse, VerifyEmailResponse, RefreshSessionResponse, GetSessionsResponse, DeleteSessionResponse, DeleteAllSessionsResponse, CleanupSessionsResponse, GetMethodsResponse, GetAuthStatusResponse, SendEmailTokenResponse, VerifyEmailTokenResponse, SendOTPResponse, VerifyOTPResponse, LegacySSOLoginResponse, SSOProvider, SSOInitiateRequest, SSOCallbackRequest, SSOLinkRequest, InitiateSSOResponse, CallbackSSOResponse, LinkSSOResponse, UnlinkSSOResponse, GetTenantsResponse } from './types';
+import { RegisterRequest, UpdateAccountRequest, ChangePasswordRequest, ForgotPasswordRequest, ResetPasswordRequest, SendVerificationRequest, VerifyEmailRequest, AuthenticationAccount, PasswordLoginRequest, EmailTokenSendRequest, EmailTokenVerifyRequest, OTPSendRequest, OTPVerifyRequest, SSOLoginRequest, LoginResponse, RegisterResponse, LogoutResponse, GetMeResponse, UpdateMeResponse, DeleteMeResponse, ChangePasswordResponse, ForgotPasswordResponse, ResetPasswordResponse, VerifyResetTokenResponse, SendVerificationResponse, VerifyEmailResponse, RefreshSessionResponse, GetSessionsResponse, DeleteSessionResponse, DeleteAllSessionsResponse, CleanupSessionsResponse, GetMethodsResponse, GetAuthStatusResponse, SendEmailTokenResponse, VerifyEmailTokenResponse, SendOTPResponse, VerifyOTPResponse, LegacySSOLoginResponse, SSOProvider, SSOInitiateRequest, SSOCallbackRequest, SSOLinkRequest, InitiateSSOResponse, CallbackSSOResponse, LinkSSOResponse, UnlinkSSOResponse, GetTenantsResponse, GetTenantResponse, CreateTenantResponse, UpdateTenantResponse, DeleteTenantResponse, GetTenantMembersResponse, AddTenantMemberResponse, UpdateTenantMemberResponse, DeleteTenantMemberResponse, GetTenantRolesResponse, CreateInvitationResponse, GetInvitationResponse, AcceptInvitationResponse, CreateTenantRequest, UpdateTenantRequest, AddMemberRequest, UpdateMemberRequest, CreateInvitationRequest, AcceptInvitationRequest } from './types';
 export declare class AuthApi {
     private api;
     private currentTenantId;
@@ -129,4 +129,57 @@ export declare class AuthApi {
      * Get list of tenants the authenticated user belongs to
      */
     getTenants(): Promise<GetTenantsResponse>;
+    /**
+     * Get a single tenant by ID or slug
+     */
+    getTenant(idOrSlug: string): Promise<GetTenantResponse>;
+    /**
+     * Create a new tenant (caller is auto-added as admin)
+     */
+    createTenant(data: CreateTenantRequest): Promise<CreateTenantResponse>;
+    /**
+     * Update a tenant
+     */
+    updateTenant(tenantId: string, data: UpdateTenantRequest): Promise<UpdateTenantResponse>;
+    /**
+     * Delete a tenant
+     */
+    deleteTenant(tenantId: string): Promise<DeleteTenantResponse>;
+    /**
+     * List members of a tenant
+     */
+    getTenantMembers(tenantId: string, status?: string): Promise<GetTenantMembersResponse>;
+    /**
+     * Add a member to a tenant by identity_id
+     */
+    addTenantMember(tenantId: string, data: AddMemberRequest): Promise<AddTenantMemberResponse>;
+    /**
+     * Update a tenant member's roles/status/metadata
+     */
+    updateTenantMember(tenantId: string, identityId: string, data: UpdateMemberRequest): Promise<UpdateTenantMemberResponse>;
+    /**
+     * Activate a pending membership
+     */
+    activateTenantMember(tenantId: string, identityId: string): Promise<AddTenantMemberResponse>;
+    /**
+     * Remove a member from a tenant
+     */
+    removeTenantMember(tenantId: string, identityId: string): Promise<DeleteTenantMemberResponse>;
+    /**
+     * List available roles
+     */
+    getTenantRoles(): Promise<GetTenantRolesResponse>;
+    /**
+     * Create an invitation for a new user to join a tenant
+     * Requires X-Tenant-ID header (set via setTenantId)
+     */
+    createInvitation(data: CreateInvitationRequest): Promise<CreateInvitationResponse>;
+    /**
+     * Get invitation metadata by token (no auth required)
+     */
+    getInvitation(token: string): Promise<GetInvitationResponse>;
+    /**
+     * Accept an invitation — creates TenantMembership for the authenticated user
+     */
+    acceptInvitation(token: string, data?: AcceptInvitationRequest): Promise<AcceptInvitationResponse>;
 }

package/dist/index.cjs CHANGED Viewed

@@ -299,6 +299,91 @@ class AuthApi {
   async getTenants() {
     return this.api.get("tenants");
   }
+  /**
+   * Get a single tenant by ID or slug
+   */
+  async getTenant(idOrSlug) {
+    return this.api.get(`tenants/${idOrSlug}`);
+  }
+  /**
+   * Create a new tenant (caller is auto-added as admin)
+   */
+  async createTenant(data) {
+    return this.api.post("tenants/", data);
+  }
+  /**
+   * Update a tenant
+   */
+  async updateTenant(tenantId, data) {
+    return this.api.put(`tenants/${tenantId}`, data);
+  }
+  /**
+   * Delete a tenant
+   */
+  async deleteTenant(tenantId) {
+    return this.api.delete(`tenants/${tenantId}`);
+  }
+  // ============================================
+  // Tenant Member Methods
+  // ============================================
+  /**
+   * List members of a tenant
+   */
+  async getTenantMembers(tenantId, status) {
+    return this.api.get(`tenants/${tenantId}/members`, { params: status ? { status } : void 0 });
+  }
+  /**
+   * Add a member to a tenant by identity_id
+   */
+  async addTenantMember(tenantId, data) {
+    return this.api.post(`tenants/${tenantId}/members`, data);
+  }
+  /**
+   * Update a tenant member's roles/status/metadata
+   */
+  async updateTenantMember(tenantId, identityId, data) {
+    return this.api.put(`tenants/${tenantId}/members/${identityId}`, data);
+  }
+  /**
+   * Activate a pending membership
+   */
+  async activateTenantMember(tenantId, identityId) {
+    return this.api.post(`tenants/${tenantId}/members/${identityId}/activate`, {});
+  }
+  /**
+   * Remove a member from a tenant
+   */
+  async removeTenantMember(tenantId, identityId) {
+    return this.api.delete(`tenants/${tenantId}/members/${identityId}`);
+  }
+  /**
+   * List available roles
+   */
+  async getTenantRoles() {
+    return this.api.get("tenants/roles");
+  }
+  // ============================================
+  // Invitation Methods
+  // ============================================
+  /**
+   * Create an invitation for a new user to join a tenant
+   * Requires X-Tenant-ID header (set via setTenantId)
+   */
+  async createInvitation(data) {
+    return this.api.post("invitations/", data);
+  }
+  /**
+   * Get invitation metadata by token (no auth required)
+   */
+  async getInvitation(token) {
+    return this.api.get(`invitations/${token}`);
+  }
+  /**
+   * Accept an invitation — creates TenantMembership for the authenticated user
+   */
+  async acceptInvitation(token, data) {
+    return this.api.post(`invitations/${token}/accept`, data ?? {});
+  }
 }
 const INTAKE_WORKFLOW_ID = "fdba1933-0964-4850-b52a-7a4324175790";
 const DEFAULT_AGENT_ID = "fdba1933-0964-4850-b52a-7a4324175790";
@@ -1125,6 +1210,60 @@ function useAuth() {
   function getCurrentTenant() {
     return currentTenant.value;
   }
+  async function createTenant(data) {
+    const { data: tenant } = await api.createTenant(data);
+    await loadTenants();
+    return tenant;
+  }
+  async function updateTenant(tenantId, data) {
+    const { data: tenant } = await api.updateTenant(tenantId, data);
+    await loadTenants();
+    return tenant;
+  }
+  async function deleteTenant(tenantId) {
+    var _a;
+    await api.deleteTenant(tenantId);
+    if (((_a = currentTenant.value) == null ? void 0 : _a.id) === tenantId) {
+      currentTenant.value = null;
+      api.setTenantId(null);
+    }
+    await loadTenants();
+  }
+  async function getTenantMembers(tenantId, status) {
+    const { data } = await api.getTenantMembers(tenantId, status);
+    return data;
+  }
+  async function addTenantMember(tenantId, member) {
+    const { data } = await api.addTenantMember(tenantId, member);
+    return data;
+  }
+  async function updateTenantMember(tenantId, identityId, updates) {
+    const { data } = await api.updateTenantMember(tenantId, identityId, updates);
+    return data;
+  }
+  async function activateTenantMember(tenantId, identityId) {
+    const { data } = await api.activateTenantMember(tenantId, identityId);
+    return data;
+  }
+  async function removeTenantMember(tenantId, identityId) {
+    await api.removeTenantMember(tenantId, identityId);
+  }
+  async function getTenantRoles() {
+    const { data } = await api.getTenantRoles();
+    return data;
+  }
+  async function createInvitation(data) {
+    const { data: invitation } = await api.createInvitation(data);
+    return invitation;
+  }
+  async function getInvitation(token) {
+    const { data } = await api.getInvitation(token);
+    return data;
+  }
+  async function acceptInvitation(token, data) {
+    await api.acceptInvitation(token, data);
+    await checkAuth();
+  }
   async function signup(newUser) {
     const hasPassword = newUser.password !== void 0 && newUser.password.length > 0;
     if (hasPassword && newUser.password !== newUser.confirmPassword) {
@@ -1261,7 +1400,22 @@ function useAuth() {
     // Multi-Tenancy Actions
     loadTenants,
     setTenant,
-    switchTenant
+    switchTenant,
+    // Tenant CRUD (requires tenancy: true)
+    createTenant,
+    updateTenant,
+    deleteTenant,
+    // Tenant Members
+    getTenantMembers,
+    addTenantMember,
+    updateTenantMember,
+    activateTenantMember,
+    removeTenantMember,
+    getTenantRoles,
+    // Invitations
+    createInvitation,
+    getInvitation,
+    acceptInvitation
   };
 }
 const useAuth$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({

package/dist/index.mjs CHANGED Viewed

@@ -297,6 +297,91 @@ class AuthApi {
   async getTenants() {
     return this.api.get("tenants");
   }
+  /**
+   * Get a single tenant by ID or slug
+   */
+  async getTenant(idOrSlug) {
+    return this.api.get(`tenants/${idOrSlug}`);
+  }
+  /**
+   * Create a new tenant (caller is auto-added as admin)
+   */
+  async createTenant(data) {
+    return this.api.post("tenants/", data);
+  }
+  /**
+   * Update a tenant
+   */
+  async updateTenant(tenantId, data) {
+    return this.api.put(`tenants/${tenantId}`, data);
+  }
+  /**
+   * Delete a tenant
+   */
+  async deleteTenant(tenantId) {
+    return this.api.delete(`tenants/${tenantId}`);
+  }
+  // ============================================
+  // Tenant Member Methods
+  // ============================================
+  /**
+   * List members of a tenant
+   */
+  async getTenantMembers(tenantId, status) {
+    return this.api.get(`tenants/${tenantId}/members`, { params: status ? { status } : void 0 });
+  }
+  /**
+   * Add a member to a tenant by identity_id
+   */
+  async addTenantMember(tenantId, data) {
+    return this.api.post(`tenants/${tenantId}/members`, data);
+  }
+  /**
+   * Update a tenant member's roles/status/metadata
+   */
+  async updateTenantMember(tenantId, identityId, data) {
+    return this.api.put(`tenants/${tenantId}/members/${identityId}`, data);
+  }
+  /**
+   * Activate a pending membership
+   */
+  async activateTenantMember(tenantId, identityId) {
+    return this.api.post(`tenants/${tenantId}/members/${identityId}/activate`, {});
+  }
+  /**
+   * Remove a member from a tenant
+   */
+  async removeTenantMember(tenantId, identityId) {
+    return this.api.delete(`tenants/${tenantId}/members/${identityId}`);
+  }
+  /**
+   * List available roles
+   */
+  async getTenantRoles() {
+    return this.api.get("tenants/roles");
+  }
+  // ============================================
+  // Invitation Methods
+  // ============================================
+  /**
+   * Create an invitation for a new user to join a tenant
+   * Requires X-Tenant-ID header (set via setTenantId)
+   */
+  async createInvitation(data) {
+    return this.api.post("invitations/", data);
+  }
+  /**
+   * Get invitation metadata by token (no auth required)
+   */
+  async getInvitation(token) {
+    return this.api.get(`invitations/${token}`);
+  }
+  /**
+   * Accept an invitation — creates TenantMembership for the authenticated user
+   */
+  async acceptInvitation(token, data) {
+    return this.api.post(`invitations/${token}/accept`, data ?? {});
+  }
 }
 const INTAKE_WORKFLOW_ID = "fdba1933-0964-4850-b52a-7a4324175790";
 const DEFAULT_AGENT_ID = "fdba1933-0964-4850-b52a-7a4324175790";
@@ -1123,6 +1208,60 @@ function useAuth() {
   function getCurrentTenant() {
     return currentTenant.value;
   }
+  async function createTenant(data) {
+    const { data: tenant } = await api.createTenant(data);
+    await loadTenants();
+    return tenant;
+  }
+  async function updateTenant(tenantId, data) {
+    const { data: tenant } = await api.updateTenant(tenantId, data);
+    await loadTenants();
+    return tenant;
+  }
+  async function deleteTenant(tenantId) {
+    var _a;
+    await api.deleteTenant(tenantId);
+    if (((_a = currentTenant.value) == null ? void 0 : _a.id) === tenantId) {
+      currentTenant.value = null;
+      api.setTenantId(null);
+    }
+    await loadTenants();
+  }
+  async function getTenantMembers(tenantId, status) {
+    const { data } = await api.getTenantMembers(tenantId, status);
+    return data;
+  }
+  async function addTenantMember(tenantId, member) {
+    const { data } = await api.addTenantMember(tenantId, member);
+    return data;
+  }
+  async function updateTenantMember(tenantId, identityId, updates) {
+    const { data } = await api.updateTenantMember(tenantId, identityId, updates);
+    return data;
+  }
+  async function activateTenantMember(tenantId, identityId) {
+    const { data } = await api.activateTenantMember(tenantId, identityId);
+    return data;
+  }
+  async function removeTenantMember(tenantId, identityId) {
+    await api.removeTenantMember(tenantId, identityId);
+  }
+  async function getTenantRoles() {
+    const { data } = await api.getTenantRoles();
+    return data;
+  }
+  async function createInvitation(data) {
+    const { data: invitation } = await api.createInvitation(data);
+    return invitation;
+  }
+  async function getInvitation(token) {
+    const { data } = await api.getInvitation(token);
+    return data;
+  }
+  async function acceptInvitation(token, data) {
+    await api.acceptInvitation(token, data);
+    await checkAuth();
+  }
   async function signup(newUser) {
     const hasPassword = newUser.password !== void 0 && newUser.password.length > 0;
     if (hasPassword && newUser.password !== newUser.confirmPassword) {
@@ -1259,7 +1398,22 @@ function useAuth() {
     // Multi-Tenancy Actions
     loadTenants,
     setTenant,
-    switchTenant
+    switchTenant,
+    // Tenant CRUD (requires tenancy: true)
+    createTenant,
+    updateTenant,
+    deleteTenant,
+    // Tenant Members
+    getTenantMembers,
+    addTenantMember,
+    updateTenantMember,
+    activateTenantMember,
+    removeTenantMember,
+    getTenantRoles,
+    // Invitations
+    createInvitation,
+    getInvitation,
+    acceptInvitation
   };
 }
 const useAuth$1 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({

package/dist/types.d.ts CHANGED Viewed

@@ -36,6 +36,74 @@ export interface TenantInfo {
     created_at: string;
     updated_at: string;
 }
+export interface CreateTenantRequest {
+    name: string;
+    slug?: string;
+    settings?: Record<string, any>;
+}
+export interface UpdateTenantRequest {
+    name?: string;
+    slug?: string;
+    settings?: Record<string, any>;
+    status?: TenantStatus;
+}
+export type MemberStatus = 'pending' | 'active' | 'inactive' | 'suspended';
+export interface TenantMember {
+    identity_id: string;
+    tenant_id: string;
+    roles: string[];
+    status: MemberStatus;
+    metadata: Record<string, any> | null;
+    created_at: string;
+    updated_at: string;
+}
+export interface AddMemberRequest {
+    identity_id: string;
+    roles?: string[];
+    status?: MemberStatus;
+}
+export interface UpdateMemberRequest {
+    roles?: string[];
+    status?: MemberStatus;
+    metadata?: Record<string, any>;
+}
+export type InvitationStatus = 'pending' | 'accepted' | 'expired' | 'revoked';
+export interface TenantInvitation {
+    id: string;
+    tenant_id: string;
+    email: string;
+    role: string;
+    status: InvitationStatus;
+    created_at: string;
+    expires_at: string | null;
+}
+export interface CreateInvitationRequest {
+    email: string;
+    role?: string;
+    message?: string;
+}
+export interface AcceptInvitationRequest {
+    first_name: string;
+    last_name: string;
+    password: string;
+}
+export type GetTenantsResponse = AxiosResponse<TenantInfo[]>;
+export type GetTenantResponse = AxiosResponse<TenantInfo>;
+export type CreateTenantResponse = AxiosResponse<TenantInfo>;
+export type UpdateTenantResponse = AxiosResponse<TenantInfo>;
+export type DeleteTenantResponse = AxiosResponse<MessageResponse>;
+export type GetTenantMembersResponse = AxiosResponse<TenantMember[]>;
+export type AddTenantMemberResponse = AxiosResponse<TenantMember>;
+export type UpdateTenantMemberResponse = AxiosResponse<TenantMember>;
+export type DeleteTenantMemberResponse = AxiosResponse<MessageResponse>;
+export type GetTenantRolesResponse = AxiosResponse<string[]>;
+export type CreateInvitationResponse = AxiosResponse<TenantInvitation>;
+export type GetInvitationResponse = AxiosResponse<{
+    email: string;
+    first_name?: string | null;
+    last_name?: string | null;
+}>;
+export type AcceptInvitationResponse = AxiosResponse<MessageResponse>;
 export type AuthenticationMethodType = 'password' | 'email_token' | 'sso' | 'otp';
 export type SSOProvider = 'google' | 'microsoft' | 'github' | 'okta' | 'apple' | 'facebook' | 'custom';
 export interface AuthenticationAccount {
@@ -298,7 +366,6 @@ export type InitiateSSOResponse = AxiosResponse<SSOInitiateResponse>;
 export type CallbackSSOResponse = AxiosResponse<SSOCallbackResponse>;
 export type LinkSSOResponse = AxiosResponse<SSOLinkResponse>;
 export type UnlinkSSOResponse = AxiosResponse<SSOUnlinkResponse>;
-export type GetTenantsResponse = AxiosResponse<TenantInfo[]>;
 export type GetAuthStatusResponse = AxiosResponse<AuthStatusResponse>;
 export type SendEmailTokenResponse = AxiosResponse<AuthenticationResponse>;
 export type VerifyEmailTokenResponse = AxiosResponse<AuthenticationResponse>;

package/dist/useAuth.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { App, ObjectPlugin } from 'vue';
-import { AccountInfo, User, NewUser, UpdatePasswordForm, UpdateAccountRequest, AuthEventMap, SSOProvider, SSOInitiateRequest, SSOCallbackRequest, SSOLinkRequest, TenantInfo, AuthState } from './types';
+import { AccountInfo, User, NewUser, UpdatePasswordForm, UpdateAccountRequest, AuthEventMap, SSOProvider, SSOInitiateRequest, SSOCallbackRequest, SSOLinkRequest, TenantInfo, CreateTenantRequest, UpdateTenantRequest, AddMemberRequest, UpdateMemberRequest, CreateInvitationRequest, AcceptInvitationRequest, AuthState } from './types';
 import { RedirectConfig, NormalizedRedirectConfig } from './types/redirect';
 interface InitParams {
     baseURL: string;
@@ -194,5 +194,21 @@ export declare function useAuth(): {
     loadTenants: () => Promise<TenantInfo[]>;
     setTenant: (tenantId: string | null) => void;
     switchTenant: (tenantId: string) => void;
+    createTenant: (data: CreateTenantRequest) => Promise<TenantInfo>;
+    updateTenant: (tenantId: string, data: UpdateTenantRequest) => Promise<TenantInfo>;
+    deleteTenant: (tenantId: string) => Promise<void>;
+    getTenantMembers: (tenantId: string, status?: string) => Promise<import('./types').TenantMember[]>;
+    addTenantMember: (tenantId: string, member: AddMemberRequest) => Promise<import('./types').TenantMember>;
+    updateTenantMember: (tenantId: string, identityId: string, updates: UpdateMemberRequest) => Promise<import('./types').TenantMember>;
+    activateTenantMember: (tenantId: string, identityId: string) => Promise<import('./types').TenantMember>;
+    removeTenantMember: (tenantId: string, identityId: string) => Promise<void>;
+    getTenantRoles: () => Promise<string[]>;
+    createInvitation: (data: CreateInvitationRequest) => Promise<import('./types').TenantInvitation>;
+    getInvitation: (token: string) => Promise<{
+        email: string;
+        first_name?: string | null;
+        last_name?: string | null;
+    }>;
+    acceptInvitation: (token: string, data?: AcceptInvitationRequest) => Promise<void>;
 };
 export {};

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@bagelink/auth",
   "type": "module",
-  "version": "1.12.5",
+  "version": "1.12.11",
   "description": "Bagelink auth package",
   "author": {
     "name": "Bagel Studio",

package/src/api.ts CHANGED Viewed

@@ -47,6 +47,24 @@ import type {
 	LinkSSOResponse,
 	UnlinkSSOResponse,
 	GetTenantsResponse,
+	GetTenantResponse,
+	CreateTenantResponse,
+	UpdateTenantResponse,
+	DeleteTenantResponse,
+	GetTenantMembersResponse,
+	AddTenantMemberResponse,
+	UpdateTenantMemberResponse,
+	DeleteTenantMemberResponse,
+	GetTenantRolesResponse,
+	CreateInvitationResponse,
+	GetInvitationResponse,
+	AcceptInvitationResponse,
+	CreateTenantRequest,
+	UpdateTenantRequest,
+	AddMemberRequest,
+	UpdateMemberRequest,
+	CreateInvitationRequest,
+	AcceptInvitationRequest,
 } from './types'
 import { createAxiosInstance } from './utils'
@@ -336,4 +354,104 @@ export class AuthApi {
 	async getTenants(): Promise<GetTenantsResponse> {
 		return this.api.get('tenants')
 	}
+	/**
+	 * Get a single tenant by ID or slug
+	 */
+	async getTenant(idOrSlug: string): Promise<GetTenantResponse> {
+		return this.api.get(`tenants/${idOrSlug}`)
+	}
+	/**
+	 * Create a new tenant (caller is auto-added as admin)
+	 */
+	async createTenant(data: CreateTenantRequest): Promise<CreateTenantResponse> {
+		return this.api.post('tenants/', data)
+	}
+	/**
+	 * Update a tenant
+	 */
+	async updateTenant(tenantId: string, data: UpdateTenantRequest): Promise<UpdateTenantResponse> {
+		return this.api.put(`tenants/${tenantId}`, data)
+	}
+	/**
+	 * Delete a tenant
+	 */
+	async deleteTenant(tenantId: string): Promise<DeleteTenantResponse> {
+		return this.api.delete(`tenants/${tenantId}`)
+	}
+	// ============================================
+	// Tenant Member Methods
+	// ============================================
+	/**
+	 * List members of a tenant
+	 */
+	async getTenantMembers(tenantId: string, status?: string): Promise<GetTenantMembersResponse> {
+		return this.api.get(`tenants/${tenantId}/members`, { params: status ? { status } : undefined })
+	}
+	/**
+	 * Add a member to a tenant by identity_id
+	 */
+	async addTenantMember(tenantId: string, data: AddMemberRequest): Promise<AddTenantMemberResponse> {
+		return this.api.post(`tenants/${tenantId}/members`, data)
+	}
+	/**
+	 * Update a tenant member's roles/status/metadata
+	 */
+	async updateTenantMember(tenantId: string, identityId: string, data: UpdateMemberRequest): Promise<UpdateTenantMemberResponse> {
+		return this.api.put(`tenants/${tenantId}/members/${identityId}`, data)
+	}
+	/**
+	 * Activate a pending membership
+	 */
+	async activateTenantMember(tenantId: string, identityId: string): Promise<AddTenantMemberResponse> {
+		return this.api.post(`tenants/${tenantId}/members/${identityId}/activate`, {})
+	}
+	/**
+	 * Remove a member from a tenant
+	 */
+	async removeTenantMember(tenantId: string, identityId: string): Promise<DeleteTenantMemberResponse> {
+		return this.api.delete(`tenants/${tenantId}/members/${identityId}`)
+	}
+	/**
+	 * List available roles
+	 */
+	async getTenantRoles(): Promise<GetTenantRolesResponse> {
+		return this.api.get('tenants/roles')
+	}
+	// ============================================
+	// Invitation Methods
+	// ============================================
+	/**
+	 * Create an invitation for a new user to join a tenant
+	 * Requires X-Tenant-ID header (set via setTenantId)
+	 */
+	async createInvitation(data: CreateInvitationRequest): Promise<CreateInvitationResponse> {
+		return this.api.post('invitations/', data)
+	}
+	/**
+	 * Get invitation metadata by token (no auth required)
+	 */
+	async getInvitation(token: string): Promise<GetInvitationResponse> {
+		return this.api.get(`invitations/${token}`)
+	}
+	/**
+	 * Accept an invitation — creates TenantMembership for the authenticated user
+	 */
+	async acceptInvitation(token: string, data?: AcceptInvitationRequest): Promise<AcceptInvitationResponse> {
+		return this.api.post(`invitations/${token}/accept`, data ?? {})
+	}
 }

package/src/types.ts CHANGED Viewed

@@ -56,6 +56,87 @@ export interface TenantInfo {
 	updated_at: string
 }
+export interface CreateTenantRequest {
+	name: string
+	slug?: string
+	settings?: Record<string, any>
+}
+export interface UpdateTenantRequest {
+	name?: string
+	slug?: string
+	settings?: Record<string, any>
+	status?: TenantStatus
+}
+// ─── Tenant Membership ────────────────────────────────────────────────────────
+export type MemberStatus = 'pending' | 'active' | 'inactive' | 'suspended'
+export interface TenantMember {
+	identity_id: string
+	tenant_id: string
+	roles: string[]
+	status: MemberStatus
+	metadata: Record<string, any> | null
+	created_at: string
+	updated_at: string
+}
+export interface AddMemberRequest {
+	identity_id: string
+	roles?: string[]
+	status?: MemberStatus
+}
+export interface UpdateMemberRequest {
+	roles?: string[]
+	status?: MemberStatus
+	metadata?: Record<string, any>
+}
+// ─── Invitations ──────────────────────────────────────────────────────────────
+export type InvitationStatus = 'pending' | 'accepted' | 'expired' | 'revoked'
+export interface TenantInvitation {
+	id: string
+	tenant_id: string
+	email: string
+	role: string
+	status: InvitationStatus
+	created_at: string
+	expires_at: string | null
+}
+export interface CreateInvitationRequest {
+	email: string
+	role?: string
+	message?: string
+}
+export interface AcceptInvitationRequest {
+	first_name: string
+	last_name: string
+	password: string
+}
+// ─── Tenant API response types ────────────────────────────────────────────────
+export type GetTenantsResponse = AxiosResponse<TenantInfo[]>
+export type GetTenantResponse = AxiosResponse<TenantInfo>
+export type CreateTenantResponse = AxiosResponse<TenantInfo>
+export type UpdateTenantResponse = AxiosResponse<TenantInfo>
+export type DeleteTenantResponse = AxiosResponse<MessageResponse>
+export type GetTenantMembersResponse = AxiosResponse<TenantMember[]>
+export type AddTenantMemberResponse = AxiosResponse<TenantMember>
+export type UpdateTenantMemberResponse = AxiosResponse<TenantMember>
+export type DeleteTenantMemberResponse = AxiosResponse<MessageResponse>
+export type GetTenantRolesResponse = AxiosResponse<string[]>
+export type CreateInvitationResponse = AxiosResponse<TenantInvitation>
+export type GetInvitationResponse = AxiosResponse<{ email: string, first_name?: string | null, last_name?: string | null }>
+export type AcceptInvitationResponse = AxiosResponse<MessageResponse>
 export type AuthenticationMethodType
 	= | 'password'
 		| 'email_token'
@@ -363,7 +444,6 @@ export type InitiateSSOResponse = AxiosResponse<SSOInitiateResponse>
 export type CallbackSSOResponse = AxiosResponse<SSOCallbackResponse>
 export type LinkSSOResponse = AxiosResponse<SSOLinkResponse>
 export type UnlinkSSOResponse = AxiosResponse<SSOUnlinkResponse>
-export type GetTenantsResponse = AxiosResponse<TenantInfo[]>
 export type GetAuthStatusResponse = AxiosResponse<AuthStatusResponse>
 export type SendEmailTokenResponse = AxiosResponse<AuthenticationResponse>
 export type VerifyEmailTokenResponse = AxiosResponse<AuthenticationResponse>

package/src/useAuth.ts CHANGED Viewed

@@ -11,6 +11,12 @@ import type {
 	SSOCallbackRequest,
 	SSOLinkRequest,
 	TenantInfo,
+	CreateTenantRequest,
+	UpdateTenantRequest,
+	AddMemberRequest,
+	UpdateMemberRequest,
+	CreateInvitationRequest,
+	AcceptInvitationRequest,
 } from './types'
 import type { RedirectConfig, NormalizedRedirectConfig } from './types/redirect'
 import { ref, computed } from 'vue'
@@ -382,6 +388,85 @@ export function useAuth() {
 		return currentTenant.value
 	}
+	// ============================================
+	// Tenant CRUD
+	// ============================================
+	async function createTenant(data: CreateTenantRequest) {
+		const { data: tenant } = await api.createTenant(data)
+		await loadTenants()
+		return tenant
+	}
+	async function updateTenant(tenantId: string, data: UpdateTenantRequest) {
+		const { data: tenant } = await api.updateTenant(tenantId, data)
+		// Refresh list so currentTenant stays in sync
+		await loadTenants()
+		return tenant
+	}
+	async function deleteTenant(tenantId: string) {
+		await api.deleteTenant(tenantId)
+		if (currentTenant.value?.id === tenantId) {
+			currentTenant.value = null
+			api.setTenantId(null)
+		}
+		await loadTenants()
+	}
+	// ============================================
+	// Tenant Members
+	// ============================================
+	async function getTenantMembers(tenantId: string, status?: string) {
+		const { data } = await api.getTenantMembers(tenantId, status)
+		return data
+	}
+	async function addTenantMember(tenantId: string, member: AddMemberRequest) {
+		const { data } = await api.addTenantMember(tenantId, member)
+		return data
+	}
+	async function updateTenantMember(tenantId: string, identityId: string, updates: UpdateMemberRequest) {
+		const { data } = await api.updateTenantMember(tenantId, identityId, updates)
+		return data
+	}
+	async function activateTenantMember(tenantId: string, identityId: string) {
+		const { data } = await api.activateTenantMember(tenantId, identityId)
+		return data
+	}
+	async function removeTenantMember(tenantId: string, identityId: string) {
+		await api.removeTenantMember(tenantId, identityId)
+	}
+	async function getTenantRoles() {
+		const { data } = await api.getTenantRoles()
+		return data
+	}
+	// ============================================
+	// Invitations
+	// ============================================
+	async function createInvitation(data: CreateInvitationRequest) {
+		const { data: invitation } = await api.createInvitation(data)
+		return invitation
+	}
+	async function getInvitation(token: string) {
+		const { data } = await api.getInvitation(token)
+		return data
+	}
+	async function acceptInvitation(token: string, data?: AcceptInvitationRequest) {
+		await api.acceptInvitation(token, data)
+		// Re-check auth so tenants are reloaded after membership is created
+		await checkAuth()
+	}
 	async function signup(newUser: NewUser) {
 		// Check password match if password is provided
 		const hasPassword = newUser.password !== undefined && newUser.password.length > 0
@@ -572,5 +657,23 @@ export function useAuth() {
 		loadTenants,
 		setTenant,
 		switchTenant,
+		// Tenant CRUD (requires tenancy: true)
+		createTenant,
+		updateTenant,
+		deleteTenant,
+		// Tenant Members
+		getTenantMembers,
+		addTenantMember,
+		updateTenantMember,
+		activateTenantMember,
+		removeTenantMember,
+		getTenantRoles,
+		// Invitations
+		createInvitation,
+		getInvitation,
+		acceptInvitation,
 	}
 }