@brainerce/mcp-server 3.8.0 → 3.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -1179,6 +1179,8 @@ const material = getProductMetafieldValue(product, 'material');
1179
1179
 
1180
1180
  **Metafield fields:** \`definitionName\` (display label), \`definitionKey\` (lookup key), \`value\`, \`type\` (IMAGE, GALLERY, URL, COLOR, BOOLEAN, DATE, DATETIME, TEXT, TEXTAREA, NUMBER, DIMENSION, WEIGHT, JSON)
1181
1181
 
1182
+ **Translations:** When the store has i18n enabled and \`client.setLocale()\` is active, both the \`definitionName\` (the merchant-authored label like "Warranty Info" / "\u05DE\u05D9\u05D3\u05E2 \u05D0\u05D7\u05E8\u05D9\u05D5\u05EA") **and** free-text \`value\` come back already translated. No per-call locale param needed.
1183
+
1182
1184
  ### Product Customization Fields (Customer Input)
1183
1185
 
1184
1186
  Some products allow customers to provide input at purchase time (e.g., text on a cake, upload a logo). Check \`product.customizationFields\` and render input fields accordingly.
@@ -1312,6 +1314,8 @@ await client.removeCoupon(cartId);
1312
1314
  const totals = getCartTotals(cart); // { subtotal, discount, shipping, total }
1313
1315
  \`\`\`
1314
1316
 
1317
+ > **Region-restricted coupons:** a coupon may carry \`regionIds\`. If the buyer's checkout region isn't in that list, \`applyCoupon\` / \`applyCheckoutCoupon\` reject the code even when everything else matches. Empty/omitted \`regionIds\` = valid in all regions.
1318
+
1315
1319
  **On the checkout page** (after checkout session exists \u2014 ALWAYS use this when checkoutId is available):
1316
1320
  \`\`\`typescript
1317
1321
  // Applies to cart AND updates checkout totals in one call
@@ -1639,6 +1643,8 @@ const groups: ModifierGroup[] = product.modifierGroups ?? [];
1639
1643
 
1640
1644
  **Money fields are strings.** \`priceDelta\` is \`"5.00"\` (or \`"-2.00"\` for downsell modifiers \u2014 see below). Use \`parseFloat()\` for display arithmetic; never compute the line total client-side \u2014 the server runs the free-allocation policy and returns the final \`unitPrice\` snapshot on the cart line.
1641
1645
 
1646
+ **Translations are automatic.** Both \`group.name\`/\`group.description\` and each \`modifier.name\`/\`modifier.description\` are overlay-resolved by the server on every read. Call \`client.setLocale('he')\` once and the modifier picker renders in Hebrew with no extra code (\`"\u05EA\u05D5\u05E1\u05E4\u05D5\u05EA"\` / \`"\u05D6\u05D9\u05EA\u05D9\u05DD"\`). See the \`i18n\` topic for the full multi-language flow.
1647
+
1642
1648
  ### Render: SINGLE \u2192 radio, MULTIPLE \u2192 checkbox
1643
1649
 
1644
1650
  Walk \`groups\` and pick the input type by \`selectionType\`. Sort modifiers by \`position\`.
@@ -2040,19 +2046,24 @@ window.location.href = authorizationUrl;
2040
2046
  \`\`\`typescript
2041
2047
  const params = new URLSearchParams(window.location.search);
2042
2048
  if (params.get('oauth_success') === 'true') {
2043
- const token = params.get('token');
2044
- if (token) {
2045
- client.setCustomerToken(token);
2046
- localStorage.setItem('customerToken', token);
2047
- // Optional: read customer_id, customer_email, is_new from params
2049
+ // Single-use auth_code is exchanged for the JWT via POST \u2014 keeps the JWT
2050
+ // out of the URL (browser history, CDN logs, Referer header).
2051
+ const code = params.get('auth_code');
2052
+ if (code) {
2053
+ const result = await client.exchangeOAuthCode(code);
2054
+ client.setCustomerToken(result.token);
2055
+ localStorage.setItem('customerToken', result.token);
2056
+ // Optional: result.customer, result.isNewCustomer, result.redirectUrl
2048
2057
  // Link guest cart: await client.linkCart(cartId);
2049
- window.location.href = '/account';
2058
+ window.location.href = result.redirectUrl || '/account';
2050
2059
  }
2051
2060
  } else if (params.get('oauth_error')) {
2052
2061
  // Show error: params.get('oauth_error')
2053
2062
  }
2054
2063
  \`\`\`
2055
2064
 
2065
+ > The legacy redirect format placed the JWT directly in the URL as \`?token=\`. That format is still emitted for backward compatibility, but it will be removed in the next major release \u2014 migrate to \`auth_code\` + \`exchangeOAuthCode()\` now.
2066
+
2056
2067
  ### Account Page (/account) \u2014 uses getMyProfile() and getMyOrders()
2057
2068
 
2058
2069
  \`\`\`typescript
@@ -2281,7 +2292,17 @@ overlay needed:
2281
2292
  - \`variants[].name\`
2282
2293
  - \`variant.attributes\` keys and values \u2014 \`getVariantOptions(variant)\` returns translated attribute names and option values automatically
2283
2294
  - \`productAttributeOptions[].attribute.name\`, \`attributeOption.name\`
2284
- - \`metafields[].value\`
2295
+ - \`metafields[].value\` (the free-text values customers submit)
2296
+ - \`metafields[].definition.name\`, \`metafields[].definition.description\` (the merchant-authored custom-field labels \u2014 "Warranty Info" / "\u05DE\u05D9\u05D3\u05E2 \u05D0\u05D7\u05E8\u05D9\u05D5\u05EA")
2297
+ - \`modifierGroups[].name\`, \`modifierGroups[].description\` (the group label shown on the PDP \u2014 e.g. "Toppings" / "\u05EA\u05D5\u05E1\u05E4\u05D5\u05EA")
2298
+ - \`modifierGroups[].modifiers[].name\`, \`modifierGroups[].modifiers[].description\` (each individual modifier \u2014 e.g. "Olives" / "\u05D6\u05D9\u05EA\u05D9\u05DD")
2299
+
2300
+ **Promotional surfaces:**
2301
+ - \`cart.bundles[].name\`, \`cart.bundles[].description\` (the bundle's own merchant-typed label, e.g. "Lunch Combo" / "\u05D0\u05E8\u05D5\u05D7\u05EA \u05E6\u05D4\u05E8\u05D9\u05D9\u05DD")
2302
+ - \`cart.bundles[].offeredProducts[].name\`, \`.slug\` (each product inside the bundle \u2014 fetched fresh from \`Product.translations\`)
2303
+ - \`checkout.bumps[].title\`, \`checkout.bumps[].description\` (the bump headline shown at checkout \u2014 falls back to the translated product name when merchant didn't override)
2304
+ - \`checkout.bumps[].bumpProduct.name\`, \`.slug\` (the underlying product)
2305
+ - Discount-rule names/descriptions (when surfaced as banner text via \`displayConfig\`)
2285
2306
 
2286
2307
  **Taxonomy (\`getCategories\`, \`getBrands\`, \`getTags\`):**
2287
2308
  - \`name\` on each item
@@ -2383,7 +2404,9 @@ const admin = new BrainerceClient({ apiKey: 'brainerce_...' });
2383
2404
 
2384
2405
  // Taxonomy: listCategories(), listBrands(), listTags(), listAttributes()
2385
2406
  // Shipping: listShippingZones(), createZoneShippingRate()
2386
- // Tax: getTaxRates(), createTaxRate()
2407
+ // Tax: getTaxRates(), createTaxRate() \u2014 a rate may target a tax class via taxClassId
2408
+ // Tax classes: getTaxClasses(), createTaxClass(), assignTaxClass(), mergeTaxClasses() (scope tax-classes:*)
2409
+ // Regions: getRegions(), createRegion(), setDefaultRegion(), updateRegionPaymentProviders() (scope regions:*)
2387
2410
  // Metafields: getMetafieldDefinitions(), setProductMetafield()
2388
2411
  // Team: getTeamMembers(), inviteTeamMember()
2389
2412
  // Email: getEmailTemplates(), createEmailTemplate()
@@ -2391,6 +2414,13 @@ const admin = new BrainerceClient({ apiKey: 'brainerce_...' });
2391
2414
  // OAuth: getOAuthProviders(), configureOAuthProvider()
2392
2415
  \`\`\`
2393
2416
 
2417
+ Store-level team management (\`inviteStoreMember\`, \`updateStoreMember\`) is the
2418
+ canonical replacement for the deprecated account-level helpers above. The
2419
+ invite accepts an optional \`salesChannelIds\` (vibe-coded \`connectionId\`s,
2420
+ \`vc_*\`) to restrict a member to specific channels \u2014 omit or pass \`[]\` for all
2421
+ channels. Use \`updateStoreMemberSalesChannels(storeId, memberId, { salesChannelIds })\`
2422
+ to change that scope later.
2423
+
2394
2424
  ### Per-Channel Publishing
2395
2425
 
2396
2426
  Categories, tags, brands, and metafield definitions are gated to specific
@@ -2422,7 +2452,70 @@ calls fail with \`404 Not Found\`.
2422
2452
 
2423
2453
  The vibe-coded read endpoints (used by storefront SDK calls in \`connectionId\`
2424
2454
  mode) automatically filter by these junction tables, so storefronts never see
2425
- entities that weren't published to their site.`;
2455
+ entities that weren't published to their site.
2456
+
2457
+ ### Tax classes (differential tax rates)
2458
+
2459
+ Charge different rates for different product types. A \`TaxRate\` may target a
2460
+ class via \`taxClassId\`; a rate with \`taxClassId: null\` is the **Standard
2461
+ fallback**. Checkout resolves each line's class **variant \u2192 product \u2192 category
2462
+ \u2192 store default \u2192 null**, then picks the matching rate (Standard if none).
2463
+ \`rate\` is a whole percentage (\`7.25\` = 7.25%). Requires the
2464
+ \`tax-classes:read\` / \`tax-classes:write\` scopes.
2465
+
2466
+ \`\`\`typescript
2467
+ const food = await admin.createTaxClass({ name: 'Food', slug: 'food' });
2468
+ await admin.assignTaxClass(food.id, { productIds: ['prod_1'], categoryIds: ['cat_food'] });
2469
+
2470
+ // class-specific rate \u2014 only food lines use it; everything else uses Standard
2471
+ await admin.createTaxRate({ name: 'VAT (Food)', rate: 0, country: 'GB', taxClassId: food.id });
2472
+
2473
+ // delete is blocked (409) while dependents exist \u2014 merge moves FKs then deletes:
2474
+ await admin.mergeTaxClasses(food.id, standardClassId);
2475
+ \`\`\`
2476
+
2477
+ Storefront (public, no apiKey \u2014 \`storeId\` mode): \`getStoreTaxClasses()\` lists
2478
+ the store's classes (storefront-safe fields only) for a transparency badge.
2479
+
2480
+ ### Regions (multi-currency / per-region providers)
2481
+
2482
+ A region binds countries \u2192 currency + tax-display mode + enabled payment
2483
+ providers. Manage them via the SDK (scopes \`regions:read\` / \`regions:write\`).
2484
+ \`detectRegion\` is a pure client-side helper to map a buyer's country to a
2485
+ region; pass the resolved \`regionId\` to \`createCheckout\` to associate the
2486
+ checkout with a region (recorded for reporting + provider scoping; currency
2487
+ follows the cart until FX price conversion lands).
2488
+
2489
+ \`\`\`typescript
2490
+ const eu = await admin.createRegion({
2491
+ name: 'EU', currency: 'EUR', countries: ['DE', 'FR'],
2492
+ taxInclusive: true, paymentProviderIds: ['app_inst_stripe'],
2493
+ });
2494
+ await admin.setDefaultRegion(eu.id);
2495
+
2496
+ const { data: regions } = await admin.getRegions();
2497
+ const region = admin.detectRegion('DE', regions); // \u2192 eu, else default, else null
2498
+ \`\`\`
2499
+
2500
+ Storefront (public, no apiKey \u2014 \`storeId\` mode): \`getStoreRegions()\` lists
2501
+ active regions, \`getStoreRegion(id)\` returns one region + its payment providers.
2502
+ Pair with \`detectRegion\` to pick the buyer's region for currency display.
2503
+
2504
+ \`\`\`typescript
2505
+ const store = new BrainerceClient({ storeId: 'store_123' });
2506
+ const { data: regions } = await store.getStoreRegions();
2507
+ const region = await store.getStoreRegion(regions[0].id);
2508
+ \`\`\`
2509
+
2510
+ A shipping zone can be limited to regions via \`regionIds\` \u2014 the zone is then
2511
+ only offered to checkouts that resolved to one of those regions. Empty/omitted =
2512
+ available for any region (default); each id must belong to the same store.
2513
+
2514
+ \`\`\`typescript
2515
+ await admin.createShippingZone({
2516
+ name: 'EU Express', countries: ['DE', 'FR', 'IT'], regionIds: [eu.id],
2517
+ });
2518
+ \`\`\``;
2426
2519
  }
2427
2520
  function getContactInquiriesSection() {
2428
2521
  return `## Contact Inquiries & Forms (optional)
@@ -3080,11 +3173,11 @@ interface Product {
3080
3173
  description?: string | null;
3081
3174
  descriptionFormat?: 'text' | 'html' | 'markdown' | null;
3082
3175
  sku: string;
3083
- basePrice: string; // Use parseFloat() for calculations
3084
- salePrice?: string | null;
3176
+ basePrice: string; // For VARIABLE products: MIN(variants.price). For SIMPLE: the parent price. parseFloat() for math.
3177
+ salePrice?: string | null; // For VARIABLE: MIN(variants.salePrice WHERE NOT NULL) \u2014 null iff no variant is on sale (WC is_on_sale() semantic). For SIMPLE: the parent sale price. Reliable "on sale?" check: product.salePrice !== null.
3085
3178
  costPrice?: string | null;
3086
- priceMin?: string | null; // Lowest variant price (VARIABLE products). Use for catalog/JSON-LD range display.
3087
- priceMax?: string | null; // Highest variant price (VARIABLE products).
3179
+ priceMin?: string | null; // Lowest variant price (VARIABLE products) \u2014 same as basePrice for VARIABLE, kept for back-compat and JSON-LD range display.
3180
+ priceMax?: string | null; // Highest variant price (VARIABLE products). Use with priceMin for "\u20AA49 \u2013 \u20AA199" range.
3088
3181
  priceVaries?: boolean; // true when variant prices differ \u2014 show "\u20AA49 \u2013 \u20AA199" range.
3089
3182
  status: string;
3090
3183
  type: 'SIMPLE' | 'VARIABLE';
@@ -3200,6 +3293,11 @@ interface ProductQueryParams {
3200
3293
  metafields?: Record<string, string | string[]>;
3201
3294
  sortBy?: 'name' | 'price' | 'createdAt';
3202
3295
  sortOrder?: 'asc' | 'desc';
3296
+ // PRD \xA722: resolve DISPLAY prices for this region. When set + valid, each
3297
+ // product/variant gains resolvedPrice/resolvedCurrency/priceSource (additive;
3298
+ // basePrice/salePrice untouched). Absent/invalid region \u2192 nothing attached.
3299
+ // Display-only. Ignored in vibe-coded (vc_*) mode (storefront/admin paths only).
3300
+ regionId?: string;
3203
3301
  }
3204
3302
 
3205
3303
  interface SearchSuggestions {
@@ -3325,6 +3423,7 @@ interface Checkout {
3325
3423
  status: CheckoutStatus;
3326
3424
  email?: string | null;
3327
3425
  customerId?: string | null;
3426
+ regionId?: string | null; // multi-region: recorded for reporting + provider scoping (currency follows the cart until FX lands)
3328
3427
  shippingAddress?: CheckoutAddress | null;
3329
3428
  billingAddress?: CheckoutAddress | null;
3330
3429
  shippingRateId?: string | null;
@@ -3401,6 +3500,7 @@ interface CreateCheckoutDto {
3401
3500
  cartId: string;
3402
3501
  customerId?: string;
3403
3502
  selectedItemIds?: string[]; // Partial checkout
3503
+ regionId?: string; // multi-region: associate the checkout with a region (must belong to the store; 400 if unknown)
3404
3504
  }
3405
3505
 
3406
3506
  // startGuestCheckout() return type \u2014 DISCRIMINATED UNION
@@ -3419,6 +3519,8 @@ interface TaxBreakdownItem {
3419
3519
  name: string;
3420
3520
  rate: number; // decimal: 0.17 = 17%
3421
3521
  amount: number;
3522
+ taxClassId?: string | null; // rate's tax class (null = Standard)
3523
+ taxClassSlug?: string | null; // class slug for attribution (null = Standard)
3422
3524
  }`;
3423
3525
  var ORDERS_TYPES = `// ---- Orders ----
3424
3526
 
@@ -3476,6 +3578,7 @@ interface OrderItem {
3476
3578
  // Snapshot of buyer-submitted customization values captured at checkout.
3477
3579
  // Keyed by metafield slug. \`value\` is string[] for MULTI_SELECT / GALLERY, string otherwise.
3478
3580
  customizations?: Record<string, { label: string; value: string | string[]; type: string }>;
3581
+ taxClassSlug?: string; // frozen slug of the line's resolved tax class (omitted = Standard fallback)
3479
3582
  }
3480
3583
 
3481
3584
  interface OrderCustomer {
@@ -3658,7 +3761,7 @@ function formatPrice(priceString: string | number | undefined | null, options?:
3658
3761
  function getProductPrice(product: Pick<Product, 'basePrice' | 'salePrice'>): number;
3659
3762
  function getProductPriceInfo(product: Pick<Product, 'basePrice' | 'salePrice' | 'discount' | 'priceMin' | 'priceVaries'>): {
3660
3763
  price: number; originalPrice: number; isOnSale: boolean; discountAmount: number; discountPercent: number;
3661
- }; // Falls back to priceMin when basePrice=0 (VARIABLE products)
3764
+ }; // For VARIABLE products, basePrice/salePrice are pre-aggregated (MIN of variants) \u2014 the helper just reads them. Use this whenever you need an "on sale?" badge or a "X% off" label.
3662
3765
  function getVariantPrice(variant: Pick<ProductVariant, 'price' | 'salePrice'>, productBasePrice: string): number;
3663
3766
 
3664
3767
  // Cart helpers
@@ -4191,6 +4294,95 @@ export interface Content<T extends ContentType = ContentType> extends ContentSum
4191
4294
  // stale-while-revalidate=60. Storefront changes propagate within ~5 min
4192
4295
  // of the merchant publishing. Do not add extra client-side caching
4193
4296
  // beyond Next.js's default fetch cache.`;
4297
+ var REGIONS_TYPES = `// ---- Regions & Tax Classes (Admin mode, apiKey) ----
4298
+ // storeId is derived from the API key \u2014 never pass it on admin calls.
4299
+
4300
+ // ---- Regions ---- (scopes: regions:read / regions:write)
4301
+ // A region binds countries \u2192 currency + tax-display mode + payment providers.
4302
+ interface Region {
4303
+ id: string;
4304
+ accountId: string;
4305
+ storeId: string;
4306
+ name: string;
4307
+ slug: string;
4308
+ currency: string; // ISO 4217, e.g. "EUR"
4309
+ countries: string[]; // ISO 3166-1 alpha-2, e.g. ["DE","FR"]
4310
+ taxInclusive: boolean; // show prices tax-inclusive in this region?
4311
+ automaticTaxes: boolean;
4312
+ isDefault: boolean; // fallback when buyer's country maps to no region
4313
+ isActive: boolean;
4314
+ paymentProviders?: RegionPaymentProvider[];
4315
+ createdAt: string;
4316
+ updatedAt: string;
4317
+ }
4318
+
4319
+ interface RegionPaymentProvider {
4320
+ id: string;
4321
+ regionId: string;
4322
+ appInstallationId: string;
4323
+ isEnabled: boolean;
4324
+ createdAt: string;
4325
+ }
4326
+
4327
+ interface CreateRegionDto {
4328
+ name: string;
4329
+ currency: string; // ISO 4217
4330
+ countries: string[]; // ISO 3166-1 alpha-2
4331
+ taxInclusive?: boolean;
4332
+ automaticTaxes?: boolean;
4333
+ isDefault?: boolean;
4334
+ paymentProviderIds?: string[]; // AppInstallation IDs to enable here
4335
+ }
4336
+ interface UpdateRegionDto extends Partial<CreateRegionDto> { isActive?: boolean }
4337
+
4338
+ // client.detectRegion(country, regions): Region | null \u2014 pure, no network.
4339
+ // \u2192 region whose countries includes the code, else the default region, else null.
4340
+ // Pass the resolved regionId to createCheckout to associate the checkout with a
4341
+ // region (recorded for reporting + provider scoping; currency follows the cart
4342
+ // until FX price conversion lands).
4343
+ //
4344
+ // Storefront (public, no apiKey \u2014 storeId mode):
4345
+ interface PublicRegion {
4346
+ id: string; name: string; slug: string; currency: string;
4347
+ countries: string[]; taxInclusive: boolean; isDefault: boolean;
4348
+ }
4349
+ interface PublicRegionDetail extends PublicRegion {
4350
+ paymentProviders: Array<{ id: string; appId: string; name: string | null }>;
4351
+ }
4352
+ // getStoreRegions(): { data: PublicRegion[] } \u2014 active regions, default first.
4353
+ // getStoreRegion(regionId): PublicRegionDetail \u2014 one region + its providers.
4354
+
4355
+ // ---- Tax Classes ---- (scopes: tax-classes:read / tax-classes:write)
4356
+ // Charge differential rates by product type. A TaxRate may target a class via
4357
+ // taxClassId; a rate with taxClassId=null is the Standard fallback. Per-line
4358
+ // resolution: variant \u2192 product \u2192 category \u2192 store default \u2192 null.
4359
+ interface TaxClass {
4360
+ id: string;
4361
+ accountId: string;
4362
+ storeId: string;
4363
+ name: string;
4364
+ slug: string; // kebab-case, unique per store
4365
+ description?: string | null;
4366
+ isDefault: boolean; // auto-applied to products without an explicit class
4367
+ createdAt: string;
4368
+ updatedAt: string;
4369
+ }
4370
+ interface CreateTaxClassDto { name: string; slug: string; description?: string; isDefault?: boolean }
4371
+ type UpdateTaxClassDto = Partial<CreateTaxClassDto>;
4372
+ // Bulk-assign a class to entities:
4373
+ interface AssignTaxClassDto { productIds?: string[]; variantIds?: string[]; categoryIds?: string[] }
4374
+
4375
+ // TaxRate / CreateTaxRateDto carry an optional taxClassId (null = Standard).
4376
+ // rate is a WHOLE PERCENTAGE (7.25 = 7.25%).
4377
+ //
4378
+ // SDK methods (admin):
4379
+ // Regions: getRegions(), getRegion(id), createRegion(dto), updateRegion(id, dto),
4380
+ // deleteRegion(id), setDefaultRegion(id), updateRegionPaymentProviders(id, ids),
4381
+ // addRegionCountries(id, codes), removeRegionCountry(id, code),
4382
+ // getRegionCompatibleProviders(id), detectRegion(country, regions)
4383
+ // Tax classes: getTaxClasses(), getTaxClass(id), createTaxClass(dto), updateTaxClass(id, dto),
4384
+ // deleteTaxClass(id), setDefaultTaxClass(id), assignTaxClass(id, dto),
4385
+ // mergeTaxClasses(id, targetId)`;
4194
4386
  var TYPES_BY_DOMAIN = {
4195
4387
  products: PRODUCTS_TYPES,
4196
4388
  cart: CART_TYPES,
@@ -4202,7 +4394,8 @@ var TYPES_BY_DOMAIN = {
4202
4394
  inquiries: INQUIRIES_TYPES,
4203
4395
  reviews: REVIEWS_TYPES,
4204
4396
  "modifier-groups": MODIFIER_GROUPS_TYPES,
4205
- content: CONTENT_TYPES
4397
+ content: CONTENT_TYPES,
4398
+ regions: REGIONS_TYPES
4206
4399
  };
4207
4400
  function getTypesByDomain(domain) {
4208
4401
  if (domain === "all") {
@@ -4233,10 +4426,12 @@ var GET_TYPE_DEFINITIONS_SCHEMA = {
4233
4426
  "helpers",
4234
4427
  "inquiries",
4235
4428
  "reviews",
4429
+ "modifier-groups",
4236
4430
  "content",
4431
+ "regions",
4237
4432
  "all"
4238
4433
  ]).describe(
4239
- 'The domain of types to retrieve. Use "helpers" for helper function signatures and common types like StoreInfo, PaginatedResponse. Use "content" for FAQ / Footer / Header / Announcement / RichText / Page.'
4434
+ 'The domain of types to retrieve. Use "helpers" for helper function signatures and common types like StoreInfo, PaginatedResponse. Use "content" for FAQ / Footer / Header / Announcement / RichText / Page. Use "regions" for Region / TaxClass admin types.'
4240
4435
  )
4241
4436
  };
4242
4437
  async function handleGetTypeDefinitions(args) {
@@ -6026,11 +6221,16 @@ Build both steps EVEN IF the store has no email provider configured today \u2014
6026
6221
  });
6027
6222
  window.location.href = authorizationUrl; // full-page redirect, NOT a popup
6028
6223
  \`\`\`
6029
- 3. **On the callback page** the URL contains \`token\` + \`oauth_success\` (or \`oauth_error\`) query params. Extract and apply the token:
6224
+ 3. **On the callback page** the URL contains \`auth_code\` + \`oauth_success\` (or \`oauth_error\`) query params. Exchange the single-use code for the JWT \u2014 never read the token from the URL:
6030
6225
  \`\`\`ts
6031
- const token = new URLSearchParams(location.search).get('token');
6032
- if (token) client.setCustomerToken(token); // then redirect to account
6226
+ const params = new URLSearchParams(location.search);
6227
+ const code = params.get('auth_code');
6228
+ if (code) {
6229
+ const result = await client.exchangeOAuthCode(code);
6230
+ client.setCustomerToken(result.token); // then redirect to account
6231
+ }
6033
6232
  \`\`\`
6233
+ The legacy \`?token=\` URL param is still emitted for backward compatibility but will be removed in the next major release \u2014 migrate to \`auth_code\` now.
6034
6234
  4. **On \`oauth_error\`:** redirect to login with an error message.
6035
6235
 
6036
6236
  Build the OAuth button region AND the callback handler even when no providers are configured. They auto-hide.`
@@ -6512,7 +6712,9 @@ function renderCapabilitiesSummary(caps) {
6512
6712
  );
6513
6713
  lines.push(`- Downloadable products: ${caps.features.hasDownloadableProducts ? "yes" : "no"}`);
6514
6714
  lines.push(`- Checkout custom fields: ${caps.features.hasCheckoutCustomFields ? "yes" : "no"}`);
6515
- lines.push(`- Content (FAQ/footer/header/announcements/pages): ${caps.features.hasContent ? "seeded" : "none \u2014 build chrome UI with fallbacks"}`);
6715
+ lines.push(
6716
+ `- Content (FAQ/footer/header/announcements/pages): ${caps.features.hasContent ? "seeded" : "none \u2014 build chrome UI with fallbacks"}`
6717
+ );
6516
6718
  lines.push(
6517
6719
  `- Email verification: ${caps.connection.requireEmailVerification ? "required" : "not required (still build the verify-email flow)"}`
6518
6720
  );