@brainerce/mcp-server 3.8.0 → 3.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/bin/stdio.js CHANGED
@@ -1153,6 +1153,8 @@ const material = getProductMetafieldValue(product, 'material');
1153
1153
 
1154
1154
  **Metafield fields:** \`definitionName\` (display label), \`definitionKey\` (lookup key), \`value\`, \`type\` (IMAGE, GALLERY, URL, COLOR, BOOLEAN, DATE, DATETIME, TEXT, TEXTAREA, NUMBER, DIMENSION, WEIGHT, JSON)
1155
1155
 
1156
+ **Translations:** When the store has i18n enabled and \`client.setLocale()\` is active, both the \`definitionName\` (the merchant-authored label like "Warranty Info" / "\u05DE\u05D9\u05D3\u05E2 \u05D0\u05D7\u05E8\u05D9\u05D5\u05EA") **and** free-text \`value\` come back already translated. No per-call locale param needed.
1157
+
1156
1158
  ### Product Customization Fields (Customer Input)
1157
1159
 
1158
1160
  Some products allow customers to provide input at purchase time (e.g., text on a cake, upload a logo). Check \`product.customizationFields\` and render input fields accordingly.
@@ -1286,6 +1288,8 @@ await client.removeCoupon(cartId);
1286
1288
  const totals = getCartTotals(cart); // { subtotal, discount, shipping, total }
1287
1289
  \`\`\`
1288
1290
 
1291
+ > **Region-restricted coupons:** a coupon may carry \`regionIds\`. If the buyer's checkout region isn't in that list, \`applyCoupon\` / \`applyCheckoutCoupon\` reject the code even when everything else matches. Empty/omitted \`regionIds\` = valid in all regions.
1292
+
1289
1293
  **On the checkout page** (after checkout session exists \u2014 ALWAYS use this when checkoutId is available):
1290
1294
  \`\`\`typescript
1291
1295
  // Applies to cart AND updates checkout totals in one call
@@ -1613,6 +1617,8 @@ const groups: ModifierGroup[] = product.modifierGroups ?? [];
1613
1617
 
1614
1618
  **Money fields are strings.** \`priceDelta\` is \`"5.00"\` (or \`"-2.00"\` for downsell modifiers \u2014 see below). Use \`parseFloat()\` for display arithmetic; never compute the line total client-side \u2014 the server runs the free-allocation policy and returns the final \`unitPrice\` snapshot on the cart line.
1615
1619
 
1620
+ **Translations are automatic.** Both \`group.name\`/\`group.description\` and each \`modifier.name\`/\`modifier.description\` are overlay-resolved by the server on every read. Call \`client.setLocale('he')\` once and the modifier picker renders in Hebrew with no extra code (\`"\u05EA\u05D5\u05E1\u05E4\u05D5\u05EA"\` / \`"\u05D6\u05D9\u05EA\u05D9\u05DD"\`). See the \`i18n\` topic for the full multi-language flow.
1621
+
1616
1622
  ### Render: SINGLE \u2192 radio, MULTIPLE \u2192 checkbox
1617
1623
 
1618
1624
  Walk \`groups\` and pick the input type by \`selectionType\`. Sort modifiers by \`position\`.
@@ -2014,19 +2020,24 @@ window.location.href = authorizationUrl;
2014
2020
  \`\`\`typescript
2015
2021
  const params = new URLSearchParams(window.location.search);
2016
2022
  if (params.get('oauth_success') === 'true') {
2017
- const token = params.get('token');
2018
- if (token) {
2019
- client.setCustomerToken(token);
2020
- localStorage.setItem('customerToken', token);
2021
- // Optional: read customer_id, customer_email, is_new from params
2023
+ // Single-use auth_code is exchanged for the JWT via POST \u2014 keeps the JWT
2024
+ // out of the URL (browser history, CDN logs, Referer header).
2025
+ const code = params.get('auth_code');
2026
+ if (code) {
2027
+ const result = await client.exchangeOAuthCode(code);
2028
+ client.setCustomerToken(result.token);
2029
+ localStorage.setItem('customerToken', result.token);
2030
+ // Optional: result.customer, result.isNewCustomer, result.redirectUrl
2022
2031
  // Link guest cart: await client.linkCart(cartId);
2023
- window.location.href = '/account';
2032
+ window.location.href = result.redirectUrl || '/account';
2024
2033
  }
2025
2034
  } else if (params.get('oauth_error')) {
2026
2035
  // Show error: params.get('oauth_error')
2027
2036
  }
2028
2037
  \`\`\`
2029
2038
 
2039
+ > The legacy redirect format placed the JWT directly in the URL as \`?token=\`. That format is still emitted for backward compatibility, but it will be removed in the next major release \u2014 migrate to \`auth_code\` + \`exchangeOAuthCode()\` now.
2040
+
2030
2041
  ### Account Page (/account) \u2014 uses getMyProfile() and getMyOrders()
2031
2042
 
2032
2043
  \`\`\`typescript
@@ -2255,7 +2266,17 @@ overlay needed:
2255
2266
  - \`variants[].name\`
2256
2267
  - \`variant.attributes\` keys and values \u2014 \`getVariantOptions(variant)\` returns translated attribute names and option values automatically
2257
2268
  - \`productAttributeOptions[].attribute.name\`, \`attributeOption.name\`
2258
- - \`metafields[].value\`
2269
+ - \`metafields[].value\` (the free-text values customers submit)
2270
+ - \`metafields[].definition.name\`, \`metafields[].definition.description\` (the merchant-authored custom-field labels \u2014 "Warranty Info" / "\u05DE\u05D9\u05D3\u05E2 \u05D0\u05D7\u05E8\u05D9\u05D5\u05EA")
2271
+ - \`modifierGroups[].name\`, \`modifierGroups[].description\` (the group label shown on the PDP \u2014 e.g. "Toppings" / "\u05EA\u05D5\u05E1\u05E4\u05D5\u05EA")
2272
+ - \`modifierGroups[].modifiers[].name\`, \`modifierGroups[].modifiers[].description\` (each individual modifier \u2014 e.g. "Olives" / "\u05D6\u05D9\u05EA\u05D9\u05DD")
2273
+
2274
+ **Promotional surfaces:**
2275
+ - \`cart.bundles[].name\`, \`cart.bundles[].description\` (the bundle's own merchant-typed label, e.g. "Lunch Combo" / "\u05D0\u05E8\u05D5\u05D7\u05EA \u05E6\u05D4\u05E8\u05D9\u05D9\u05DD")
2276
+ - \`cart.bundles[].offeredProducts[].name\`, \`.slug\` (each product inside the bundle \u2014 fetched fresh from \`Product.translations\`)
2277
+ - \`checkout.bumps[].title\`, \`checkout.bumps[].description\` (the bump headline shown at checkout \u2014 falls back to the translated product name when merchant didn't override)
2278
+ - \`checkout.bumps[].bumpProduct.name\`, \`.slug\` (the underlying product)
2279
+ - Discount-rule names/descriptions (when surfaced as banner text via \`displayConfig\`)
2259
2280
 
2260
2281
  **Taxonomy (\`getCategories\`, \`getBrands\`, \`getTags\`):**
2261
2282
  - \`name\` on each item
@@ -2357,7 +2378,9 @@ const admin = new BrainerceClient({ apiKey: 'brainerce_...' });
2357
2378
 
2358
2379
  // Taxonomy: listCategories(), listBrands(), listTags(), listAttributes()
2359
2380
  // Shipping: listShippingZones(), createZoneShippingRate()
2360
- // Tax: getTaxRates(), createTaxRate()
2381
+ // Tax: getTaxRates(), createTaxRate() \u2014 a rate may target a tax class via taxClassId
2382
+ // Tax classes: getTaxClasses(), createTaxClass(), assignTaxClass(), mergeTaxClasses() (scope tax-classes:*)
2383
+ // Regions: getRegions(), createRegion(), setDefaultRegion(), updateRegionPaymentProviders() (scope regions:*)
2361
2384
  // Metafields: getMetafieldDefinitions(), setProductMetafield()
2362
2385
  // Team: getTeamMembers(), inviteTeamMember()
2363
2386
  // Email: getEmailTemplates(), createEmailTemplate()
@@ -2365,6 +2388,13 @@ const admin = new BrainerceClient({ apiKey: 'brainerce_...' });
2365
2388
  // OAuth: getOAuthProviders(), configureOAuthProvider()
2366
2389
  \`\`\`
2367
2390
 
2391
+ Store-level team management (\`inviteStoreMember\`, \`updateStoreMember\`) is the
2392
+ canonical replacement for the deprecated account-level helpers above. The
2393
+ invite accepts an optional \`salesChannelIds\` (vibe-coded \`connectionId\`s,
2394
+ \`vc_*\`) to restrict a member to specific channels \u2014 omit or pass \`[]\` for all
2395
+ channels. Use \`updateStoreMemberSalesChannels(storeId, memberId, { salesChannelIds })\`
2396
+ to change that scope later.
2397
+
2368
2398
  ### Per-Channel Publishing
2369
2399
 
2370
2400
  Categories, tags, brands, and metafield definitions are gated to specific
@@ -2396,7 +2426,70 @@ calls fail with \`404 Not Found\`.
2396
2426
 
2397
2427
  The vibe-coded read endpoints (used by storefront SDK calls in \`connectionId\`
2398
2428
  mode) automatically filter by these junction tables, so storefronts never see
2399
- entities that weren't published to their site.`;
2429
+ entities that weren't published to their site.
2430
+
2431
+ ### Tax classes (differential tax rates)
2432
+
2433
+ Charge different rates for different product types. A \`TaxRate\` may target a
2434
+ class via \`taxClassId\`; a rate with \`taxClassId: null\` is the **Standard
2435
+ fallback**. Checkout resolves each line's class **variant \u2192 product \u2192 category
2436
+ \u2192 store default \u2192 null**, then picks the matching rate (Standard if none).
2437
+ \`rate\` is a whole percentage (\`7.25\` = 7.25%). Requires the
2438
+ \`tax-classes:read\` / \`tax-classes:write\` scopes.
2439
+
2440
+ \`\`\`typescript
2441
+ const food = await admin.createTaxClass({ name: 'Food', slug: 'food' });
2442
+ await admin.assignTaxClass(food.id, { productIds: ['prod_1'], categoryIds: ['cat_food'] });
2443
+
2444
+ // class-specific rate \u2014 only food lines use it; everything else uses Standard
2445
+ await admin.createTaxRate({ name: 'VAT (Food)', rate: 0, country: 'GB', taxClassId: food.id });
2446
+
2447
+ // delete is blocked (409) while dependents exist \u2014 merge moves FKs then deletes:
2448
+ await admin.mergeTaxClasses(food.id, standardClassId);
2449
+ \`\`\`
2450
+
2451
+ Storefront (public, no apiKey \u2014 \`storeId\` mode): \`getStoreTaxClasses()\` lists
2452
+ the store's classes (storefront-safe fields only) for a transparency badge.
2453
+
2454
+ ### Regions (multi-currency / per-region providers)
2455
+
2456
+ A region binds countries \u2192 currency + tax-display mode + enabled payment
2457
+ providers. Manage them via the SDK (scopes \`regions:read\` / \`regions:write\`).
2458
+ \`detectRegion\` is a pure client-side helper to map a buyer's country to a
2459
+ region; pass the resolved \`regionId\` to \`createCheckout\` to associate the
2460
+ checkout with a region (recorded for reporting + provider scoping; currency
2461
+ follows the cart until FX price conversion lands).
2462
+
2463
+ \`\`\`typescript
2464
+ const eu = await admin.createRegion({
2465
+ name: 'EU', currency: 'EUR', countries: ['DE', 'FR'],
2466
+ taxInclusive: true, paymentProviderIds: ['app_inst_stripe'],
2467
+ });
2468
+ await admin.setDefaultRegion(eu.id);
2469
+
2470
+ const { data: regions } = await admin.getRegions();
2471
+ const region = admin.detectRegion('DE', regions); // \u2192 eu, else default, else null
2472
+ \`\`\`
2473
+
2474
+ Storefront (public, no apiKey \u2014 \`storeId\` mode): \`getStoreRegions()\` lists
2475
+ active regions, \`getStoreRegion(id)\` returns one region + its payment providers.
2476
+ Pair with \`detectRegion\` to pick the buyer's region for currency display.
2477
+
2478
+ \`\`\`typescript
2479
+ const store = new BrainerceClient({ storeId: 'store_123' });
2480
+ const { data: regions } = await store.getStoreRegions();
2481
+ const region = await store.getStoreRegion(regions[0].id);
2482
+ \`\`\`
2483
+
2484
+ A shipping zone can be limited to regions via \`regionIds\` \u2014 the zone is then
2485
+ only offered to checkouts that resolved to one of those regions. Empty/omitted =
2486
+ available for any region (default); each id must belong to the same store.
2487
+
2488
+ \`\`\`typescript
2489
+ await admin.createShippingZone({
2490
+ name: 'EU Express', countries: ['DE', 'FR', 'IT'], regionIds: [eu.id],
2491
+ });
2492
+ \`\`\``;
2400
2493
  }
2401
2494
  function getContactInquiriesSection() {
2402
2495
  return `## Contact Inquiries & Forms (optional)
@@ -3054,11 +3147,11 @@ interface Product {
3054
3147
  description?: string | null;
3055
3148
  descriptionFormat?: 'text' | 'html' | 'markdown' | null;
3056
3149
  sku: string;
3057
- basePrice: string; // Use parseFloat() for calculations
3058
- salePrice?: string | null;
3150
+ basePrice: string; // For VARIABLE products: MIN(variants.price). For SIMPLE: the parent price. parseFloat() for math.
3151
+ salePrice?: string | null; // For VARIABLE: MIN(variants.salePrice WHERE NOT NULL) \u2014 null iff no variant is on sale (WC is_on_sale() semantic). For SIMPLE: the parent sale price. Reliable "on sale?" check: product.salePrice !== null.
3059
3152
  costPrice?: string | null;
3060
- priceMin?: string | null; // Lowest variant price (VARIABLE products). Use for catalog/JSON-LD range display.
3061
- priceMax?: string | null; // Highest variant price (VARIABLE products).
3153
+ priceMin?: string | null; // Lowest variant price (VARIABLE products) \u2014 same as basePrice for VARIABLE, kept for back-compat and JSON-LD range display.
3154
+ priceMax?: string | null; // Highest variant price (VARIABLE products). Use with priceMin for "\u20AA49 \u2013 \u20AA199" range.
3062
3155
  priceVaries?: boolean; // true when variant prices differ \u2014 show "\u20AA49 \u2013 \u20AA199" range.
3063
3156
  status: string;
3064
3157
  type: 'SIMPLE' | 'VARIABLE';
@@ -3174,6 +3267,11 @@ interface ProductQueryParams {
3174
3267
  metafields?: Record<string, string | string[]>;
3175
3268
  sortBy?: 'name' | 'price' | 'createdAt';
3176
3269
  sortOrder?: 'asc' | 'desc';
3270
+ // PRD \xA722: resolve DISPLAY prices for this region. When set + valid, each
3271
+ // product/variant gains resolvedPrice/resolvedCurrency/priceSource (additive;
3272
+ // basePrice/salePrice untouched). Absent/invalid region \u2192 nothing attached.
3273
+ // Display-only. Ignored in vibe-coded (vc_*) mode (storefront/admin paths only).
3274
+ regionId?: string;
3177
3275
  }
3178
3276
 
3179
3277
  interface SearchSuggestions {
@@ -3299,6 +3397,7 @@ interface Checkout {
3299
3397
  status: CheckoutStatus;
3300
3398
  email?: string | null;
3301
3399
  customerId?: string | null;
3400
+ regionId?: string | null; // multi-region: recorded for reporting + provider scoping (currency follows the cart until FX lands)
3302
3401
  shippingAddress?: CheckoutAddress | null;
3303
3402
  billingAddress?: CheckoutAddress | null;
3304
3403
  shippingRateId?: string | null;
@@ -3375,6 +3474,7 @@ interface CreateCheckoutDto {
3375
3474
  cartId: string;
3376
3475
  customerId?: string;
3377
3476
  selectedItemIds?: string[]; // Partial checkout
3477
+ regionId?: string; // multi-region: associate the checkout with a region (must belong to the store; 400 if unknown)
3378
3478
  }
3379
3479
 
3380
3480
  // startGuestCheckout() return type \u2014 DISCRIMINATED UNION
@@ -3393,6 +3493,8 @@ interface TaxBreakdownItem {
3393
3493
  name: string;
3394
3494
  rate: number; // decimal: 0.17 = 17%
3395
3495
  amount: number;
3496
+ taxClassId?: string | null; // rate's tax class (null = Standard)
3497
+ taxClassSlug?: string | null; // class slug for attribution (null = Standard)
3396
3498
  }`;
3397
3499
  var ORDERS_TYPES = `// ---- Orders ----
3398
3500
 
@@ -3450,6 +3552,7 @@ interface OrderItem {
3450
3552
  // Snapshot of buyer-submitted customization values captured at checkout.
3451
3553
  // Keyed by metafield slug. \`value\` is string[] for MULTI_SELECT / GALLERY, string otherwise.
3452
3554
  customizations?: Record<string, { label: string; value: string | string[]; type: string }>;
3555
+ taxClassSlug?: string; // frozen slug of the line's resolved tax class (omitted = Standard fallback)
3453
3556
  }
3454
3557
 
3455
3558
  interface OrderCustomer {
@@ -3632,7 +3735,7 @@ function formatPrice(priceString: string | number | undefined | null, options?:
3632
3735
  function getProductPrice(product: Pick<Product, 'basePrice' | 'salePrice'>): number;
3633
3736
  function getProductPriceInfo(product: Pick<Product, 'basePrice' | 'salePrice' | 'discount' | 'priceMin' | 'priceVaries'>): {
3634
3737
  price: number; originalPrice: number; isOnSale: boolean; discountAmount: number; discountPercent: number;
3635
- }; // Falls back to priceMin when basePrice=0 (VARIABLE products)
3738
+ }; // For VARIABLE products, basePrice/salePrice are pre-aggregated (MIN of variants) \u2014 the helper just reads them. Use this whenever you need an "on sale?" badge or a "X% off" label.
3636
3739
  function getVariantPrice(variant: Pick<ProductVariant, 'price' | 'salePrice'>, productBasePrice: string): number;
3637
3740
 
3638
3741
  // Cart helpers
@@ -4165,6 +4268,95 @@ export interface Content<T extends ContentType = ContentType> extends ContentSum
4165
4268
  // stale-while-revalidate=60. Storefront changes propagate within ~5 min
4166
4269
  // of the merchant publishing. Do not add extra client-side caching
4167
4270
  // beyond Next.js's default fetch cache.`;
4271
+ var REGIONS_TYPES = `// ---- Regions & Tax Classes (Admin mode, apiKey) ----
4272
+ // storeId is derived from the API key \u2014 never pass it on admin calls.
4273
+
4274
+ // ---- Regions ---- (scopes: regions:read / regions:write)
4275
+ // A region binds countries \u2192 currency + tax-display mode + payment providers.
4276
+ interface Region {
4277
+ id: string;
4278
+ accountId: string;
4279
+ storeId: string;
4280
+ name: string;
4281
+ slug: string;
4282
+ currency: string; // ISO 4217, e.g. "EUR"
4283
+ countries: string[]; // ISO 3166-1 alpha-2, e.g. ["DE","FR"]
4284
+ taxInclusive: boolean; // show prices tax-inclusive in this region?
4285
+ automaticTaxes: boolean;
4286
+ isDefault: boolean; // fallback when buyer's country maps to no region
4287
+ isActive: boolean;
4288
+ paymentProviders?: RegionPaymentProvider[];
4289
+ createdAt: string;
4290
+ updatedAt: string;
4291
+ }
4292
+
4293
+ interface RegionPaymentProvider {
4294
+ id: string;
4295
+ regionId: string;
4296
+ appInstallationId: string;
4297
+ isEnabled: boolean;
4298
+ createdAt: string;
4299
+ }
4300
+
4301
+ interface CreateRegionDto {
4302
+ name: string;
4303
+ currency: string; // ISO 4217
4304
+ countries: string[]; // ISO 3166-1 alpha-2
4305
+ taxInclusive?: boolean;
4306
+ automaticTaxes?: boolean;
4307
+ isDefault?: boolean;
4308
+ paymentProviderIds?: string[]; // AppInstallation IDs to enable here
4309
+ }
4310
+ interface UpdateRegionDto extends Partial<CreateRegionDto> { isActive?: boolean }
4311
+
4312
+ // client.detectRegion(country, regions): Region | null \u2014 pure, no network.
4313
+ // \u2192 region whose countries includes the code, else the default region, else null.
4314
+ // Pass the resolved regionId to createCheckout to associate the checkout with a
4315
+ // region (recorded for reporting + provider scoping; currency follows the cart
4316
+ // until FX price conversion lands).
4317
+ //
4318
+ // Storefront (public, no apiKey \u2014 storeId mode):
4319
+ interface PublicRegion {
4320
+ id: string; name: string; slug: string; currency: string;
4321
+ countries: string[]; taxInclusive: boolean; isDefault: boolean;
4322
+ }
4323
+ interface PublicRegionDetail extends PublicRegion {
4324
+ paymentProviders: Array<{ id: string; appId: string; name: string | null }>;
4325
+ }
4326
+ // getStoreRegions(): { data: PublicRegion[] } \u2014 active regions, default first.
4327
+ // getStoreRegion(regionId): PublicRegionDetail \u2014 one region + its providers.
4328
+
4329
+ // ---- Tax Classes ---- (scopes: tax-classes:read / tax-classes:write)
4330
+ // Charge differential rates by product type. A TaxRate may target a class via
4331
+ // taxClassId; a rate with taxClassId=null is the Standard fallback. Per-line
4332
+ // resolution: variant \u2192 product \u2192 category \u2192 store default \u2192 null.
4333
+ interface TaxClass {
4334
+ id: string;
4335
+ accountId: string;
4336
+ storeId: string;
4337
+ name: string;
4338
+ slug: string; // kebab-case, unique per store
4339
+ description?: string | null;
4340
+ isDefault: boolean; // auto-applied to products without an explicit class
4341
+ createdAt: string;
4342
+ updatedAt: string;
4343
+ }
4344
+ interface CreateTaxClassDto { name: string; slug: string; description?: string; isDefault?: boolean }
4345
+ type UpdateTaxClassDto = Partial<CreateTaxClassDto>;
4346
+ // Bulk-assign a class to entities:
4347
+ interface AssignTaxClassDto { productIds?: string[]; variantIds?: string[]; categoryIds?: string[] }
4348
+
4349
+ // TaxRate / CreateTaxRateDto carry an optional taxClassId (null = Standard).
4350
+ // rate is a WHOLE PERCENTAGE (7.25 = 7.25%).
4351
+ //
4352
+ // SDK methods (admin):
4353
+ // Regions: getRegions(), getRegion(id), createRegion(dto), updateRegion(id, dto),
4354
+ // deleteRegion(id), setDefaultRegion(id), updateRegionPaymentProviders(id, ids),
4355
+ // addRegionCountries(id, codes), removeRegionCountry(id, code),
4356
+ // getRegionCompatibleProviders(id), detectRegion(country, regions)
4357
+ // Tax classes: getTaxClasses(), getTaxClass(id), createTaxClass(dto), updateTaxClass(id, dto),
4358
+ // deleteTaxClass(id), setDefaultTaxClass(id), assignTaxClass(id, dto),
4359
+ // mergeTaxClasses(id, targetId)`;
4168
4360
  var TYPES_BY_DOMAIN = {
4169
4361
  products: PRODUCTS_TYPES,
4170
4362
  cart: CART_TYPES,
@@ -4176,7 +4368,8 @@ var TYPES_BY_DOMAIN = {
4176
4368
  inquiries: INQUIRIES_TYPES,
4177
4369
  reviews: REVIEWS_TYPES,
4178
4370
  "modifier-groups": MODIFIER_GROUPS_TYPES,
4179
- content: CONTENT_TYPES
4371
+ content: CONTENT_TYPES,
4372
+ regions: REGIONS_TYPES
4180
4373
  };
4181
4374
  function getTypesByDomain(domain) {
4182
4375
  if (domain === "all") {
@@ -4207,10 +4400,12 @@ var GET_TYPE_DEFINITIONS_SCHEMA = {
4207
4400
  "helpers",
4208
4401
  "inquiries",
4209
4402
  "reviews",
4403
+ "modifier-groups",
4210
4404
  "content",
4405
+ "regions",
4211
4406
  "all"
4212
4407
  ]).describe(
4213
- 'The domain of types to retrieve. Use "helpers" for helper function signatures and common types like StoreInfo, PaginatedResponse. Use "content" for FAQ / Footer / Header / Announcement / RichText / Page.'
4408
+ 'The domain of types to retrieve. Use "helpers" for helper function signatures and common types like StoreInfo, PaginatedResponse. Use "content" for FAQ / Footer / Header / Announcement / RichText / Page. Use "regions" for Region / TaxClass admin types.'
4214
4409
  )
4215
4410
  };
4216
4411
  async function handleGetTypeDefinitions(args) {
@@ -6000,11 +6195,16 @@ Build both steps EVEN IF the store has no email provider configured today \u2014
6000
6195
  });
6001
6196
  window.location.href = authorizationUrl; // full-page redirect, NOT a popup
6002
6197
  \`\`\`
6003
- 3. **On the callback page** the URL contains \`token\` + \`oauth_success\` (or \`oauth_error\`) query params. Extract and apply the token:
6198
+ 3. **On the callback page** the URL contains \`auth_code\` + \`oauth_success\` (or \`oauth_error\`) query params. Exchange the single-use code for the JWT \u2014 never read the token from the URL:
6004
6199
  \`\`\`ts
6005
- const token = new URLSearchParams(location.search).get('token');
6006
- if (token) client.setCustomerToken(token); // then redirect to account
6200
+ const params = new URLSearchParams(location.search);
6201
+ const code = params.get('auth_code');
6202
+ if (code) {
6203
+ const result = await client.exchangeOAuthCode(code);
6204
+ client.setCustomerToken(result.token); // then redirect to account
6205
+ }
6007
6206
  \`\`\`
6207
+ The legacy \`?token=\` URL param is still emitted for backward compatibility but will be removed in the next major release \u2014 migrate to \`auth_code\` now.
6008
6208
  4. **On \`oauth_error\`:** redirect to login with an error message.
6009
6209
 
6010
6210
  Build the OAuth button region AND the callback handler even when no providers are configured. They auto-hide.`
@@ -6486,7 +6686,9 @@ function renderCapabilitiesSummary(caps) {
6486
6686
  );
6487
6687
  lines.push(`- Downloadable products: ${caps.features.hasDownloadableProducts ? "yes" : "no"}`);
6488
6688
  lines.push(`- Checkout custom fields: ${caps.features.hasCheckoutCustomFields ? "yes" : "no"}`);
6489
- lines.push(`- Content (FAQ/footer/header/announcements/pages): ${caps.features.hasContent ? "seeded" : "none \u2014 build chrome UI with fallbacks"}`);
6689
+ lines.push(
6690
+ `- Content (FAQ/footer/header/announcements/pages): ${caps.features.hasContent ? "seeded" : "none \u2014 build chrome UI with fallbacks"}`
6691
+ );
6490
6692
  lines.push(
6491
6693
  `- Email verification: ${caps.connection.requireEmailVerification ? "required" : "not required (still build the verify-email flow)"}`
6492
6694
  );