@cimplify/cli 0.7.8 → 0.7.10

package/dist/dispatcher.mjs

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
-import { TEMPLATES } from './chunk-7ULQCWYD.mjs';
-import { package_default } from './chunk-LH7Y27BQ.mjs';
+import { TEMPLATES } from './chunk-YFLBC6BL.mjs';
+import { package_default } from './chunk-DTKRN5WC.mjs';
 
 // src/dispatcher.ts
 var VERSION = package_default.version ?? "unknown";
@@ -138,16 +138,16 @@ var COMMANDS = {
   logs: () => import('./logs-YNN2PQ24.mjs'),
   status: () => import('./status-JSYXM5RT.mjs'),
   dev: () => import('./dev-ONW2S77K.mjs'),
-  introspect: () => import('./introspect-JFJOCF5M.mjs'),
+  introspect: () => import('./introspect-YKAWUZ6D.mjs'),
   inspect: () => import('./inspect-CGYX4DDF.mjs'),
-  doctor: () => import('./doctor-U7QRYEFG.mjs'),
-  explain: () => import('./explain-ZPBYGQWC.mjs'),
+  doctor: () => import('./doctor-DD2HRC43.mjs'),
+  explain: () => import('./explain-H46SCM2M.mjs'),
   assets: () => import('./assets-74SK63TR.mjs'),
   repo: () => import('./repo-KNQMSPVV.mjs'),
-  list: () => import('./list-LOKEBW5S.mjs'),
-  add: () => import('./add-BMHJY65N.mjs'),
-  update: () => import('./update-EJGLLHRW.mjs'),
-  upgrade: () => import('./update-EJGLLHRW.mjs'),
+  list: () => import('./list-6FF2UPH2.mjs'),
+  add: () => import('./add-SMWNH54I.mjs'),
+  update: () => import('./update-STXI3CS4.mjs'),
+  upgrade: () => import('./update-STXI3CS4.mjs'),
   "auth-step-up": () => import('./auth-step-up-BIUYQJP6.mjs')
 };
 var COMMAND_PREFIXES = {

package/dist/{doctor-U7QRYEFG.mjs → doctor-DD2HRC43.mjs}

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
-import { gatherIntrospection } from './chunk-WO2KN3QD.mjs';
+import { gatherIntrospection } from './chunk-AGJ3GDM5.mjs';
 import './chunk-K5464A3L.mjs';
 import './chunk-DBZ3UOQ2.mjs';
-import './chunk-LH7Y27BQ.mjs';
+import './chunk-DTKRN5WC.mjs';
 import { parseArgs, flagBool } from './chunk-C4M3DXKC.mjs';
 import { ApiClient } from './chunk-MAOO6ZZ5.mjs';
 import { readAuthOrNull } from './chunk-UBAI443T.mjs';

package/dist/{explain-ZPBYGQWC.mjs → explain-H46SCM2M.mjs}

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { package_default } from './chunk-LH7Y27BQ.mjs';
+import { package_default } from './chunk-DTKRN5WC.mjs';
 import { parseArgs } from './chunk-C4M3DXKC.mjs';
 import { bold, dim, info, result, CliError, CLI_ERROR_CODE } from './chunk-E2T2SBP5.mjs';
 

package/dist/{introspect-JFJOCF5M.mjs → introspect-YKAWUZ6D.mjs}

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
-export { run as default, extractMockSeed, gatherIntrospection, renderIntrospection } from './chunk-WO2KN3QD.mjs';
+export { run as default, extractMockSeed, gatherIntrospection, renderIntrospection } from './chunk-AGJ3GDM5.mjs';
 import './chunk-K5464A3L.mjs';
 import './chunk-DBZ3UOQ2.mjs';
-import './chunk-LH7Y27BQ.mjs';
+import './chunk-DTKRN5WC.mjs';
 import './chunk-C4M3DXKC.mjs';
 import './chunk-UBAI443T.mjs';
 import './chunk-E2T2SBP5.mjs';

package/dist/{list-LOKEBW5S.mjs → list-6FF2UPH2.mjs}

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { REGISTRY_INDEX } from './chunk-7ULQCWYD.mjs';
+import { REGISTRY_INDEX } from './chunk-YFLBC6BL.mjs';
 import { parseArgs, flagBool } from './chunk-C4M3DXKC.mjs';
 import { CliError, CLI_ERROR_CODE, info, bold, dim, green, result } from './chunk-E2T2SBP5.mjs';
 

package/dist/{update-EJGLLHRW.mjs → update-STXI3CS4.mjs}

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { package_default } from './chunk-LH7Y27BQ.mjs';
+import { package_default } from './chunk-DTKRN5WC.mjs';
 import { promptYesNo } from './chunk-ITAFAORS.mjs';
 import { parseArgs, flagBool, flagString } from './chunk-C4M3DXKC.mjs';
 import { success, bold, info, dim, result, failure, CliError, CLI_ERROR_CODE, step, isJsonMode } from './chunk-E2T2SBP5.mjs';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cimplify/cli",
-  "version": "0.7.8",
+  "version": "0.7.10",
   "description": "Cimplify CLI — deploy, manage env vars, link projects, and scaffold storefronts",
   "keywords": [
     "cimplify",
@@ -45,6 +45,6 @@
     "vitest": "^4.1.5"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.60.0"
+    "@cimplify/sdk": "^0.64.1"
   }
 }

package/templates/manifest.json

@@ -1,6 +1,6 @@
 {
-  "cliVersion": "0.7.8",
-  "generatedAt": "2026-05-29T18:52:46.276Z",
+  "cliVersion": "0.7.9",
+  "generatedAt": "2026-05-30T06:25:45.125Z",
   "templates": [
     {
       "id": "bakery",
@@ -18,9 +18,9 @@
         "seedName": "default",
         "seedBusinessId": "bus_default_akua_bakery"
       },
-      "objectKey": "templates/bakery-v0.7.8.tar.gz",
-      "sha256": "703cfa58d00bdfcb7efabea4bf38970425a924815a96670b3e034cc89cea4e01",
-      "sizeBytes": 77159
+      "objectKey": "templates/bakery-v0.7.9.tar.gz",
+      "sha256": "b82c6c4167db7a2e16d238441931eba02cf3f3bf78959df7ad5e7610a2c9b24d",
+      "sizeBytes": 77900
     },
     {
       "id": "restaurant",
@@ -38,9 +38,9 @@
         "seedName": "restaurant",
         "seedBusinessId": "bus_mamas_kitchen"
       },
-      "objectKey": "templates/restaurant-v0.7.8.tar.gz",
-      "sha256": "dfb73ea0823b51599fd992a64e91610b8c267ebb4ddc41c582b8005066713de6",
-      "sizeBytes": 144037
+      "objectKey": "templates/restaurant-v0.7.9.tar.gz",
+      "sha256": "5258a2189d1252068ec028ad3308dafe0cd4cf4f0a38587955e6c0b523690229",
+      "sizeBytes": 144756
     },
     {
       "id": "retail",
@@ -58,9 +58,9 @@
         "seedName": "retail",
         "seedBusinessId": "bus_currents_electronics"
       },
-      "objectKey": "templates/retail-v0.7.8.tar.gz",
-      "sha256": "187e2153cf0dd04b47620ce2a3a62f1075296fc03013ae6db65bcae98fd1b4c0",
-      "sizeBytes": 154591
+      "objectKey": "templates/retail-v0.7.9.tar.gz",
+      "sha256": "f9d7b06f11d78101186f5a54931fa5f5493dd61e18d1edfd8d3c190cc0ac9c12",
+      "sizeBytes": 155330
     },
     {
       "id": "services",
@@ -78,9 +78,9 @@
         "seedName": "services",
         "seedBusinessId": "bus_serene_spa"
       },
-      "objectKey": "templates/services-v0.7.8.tar.gz",
-      "sha256": "a7b7e88e72610cc1b3bc3f5132dd3fbe4bfe0ef97150876e8a34b4d45205b3cb",
-      "sizeBytes": 76843
+      "objectKey": "templates/services-v0.7.9.tar.gz",
+      "sha256": "cf86eb081ecd8a79ce3cc9a4f0b267dc08af5936a88679e9815db48dd759265f",
+      "sizeBytes": 77555
     },
     {
       "id": "grocery",
@@ -98,9 +98,9 @@
         "seedName": "grocery",
         "seedBusinessId": "bus_freshmart"
       },
-      "objectKey": "templates/grocery-v0.7.8.tar.gz",
-      "sha256": "c8dca986c5d2291266886115247e2172c92ea3d0256bb3475cdd66141a5f0fa3",
-      "sizeBytes": 74319
+      "objectKey": "templates/grocery-v0.7.9.tar.gz",
+      "sha256": "14d60546272a849cbed181ac5fd01ffecc1dc857615140a6a43c6e04133944f5",
+      "sizeBytes": 75037
     },
     {
       "id": "fashion",
@@ -118,9 +118,9 @@
         "seedName": "fashion",
         "seedBusinessId": "bus_studio_frx"
       },
-      "objectKey": "templates/fashion-v0.7.8.tar.gz",
-      "sha256": "b4b1d5178bee794b6deeda388b9d28a6fadf10950e312dae8f10b4f6f735c1ba",
-      "sizeBytes": 162319
+      "objectKey": "templates/fashion-v0.7.9.tar.gz",
+      "sha256": "9950e7b2d6d5c5814d989c4050c4533ba8b46d887ae73bff7749b7b376b87213",
+      "sizeBytes": 163095
     },
     {
       "id": "pharmacy",
@@ -138,9 +138,9 @@
         "seedName": "pharmacy",
         "seedBusinessId": "bus_wellspring_pharmacy"
       },
-      "objectKey": "templates/pharmacy-v0.7.8.tar.gz",
-      "sha256": "e9e248e3d90c9f7da61a08243f9152b0ea25bb22beb591e9eccf8f6e902dcfbd",
-      "sizeBytes": 158835
+      "objectKey": "templates/pharmacy-v0.7.9.tar.gz",
+      "sha256": "753b7413abde2597d534e4d1598ca604e51c209931f89ef73e7acd0da45d7b23",
+      "sizeBytes": 159598
     },
     {
       "id": "auto",
@@ -158,9 +158,9 @@
         "seedName": "auto",
         "seedBusinessId": "bus_driveline_auto"
       },
-      "objectKey": "templates/auto-v0.7.8.tar.gz",
-      "sha256": "4215739fa1e548f0648122bb73e859e76527512184f1a47e024d67462a78b1be",
-      "sizeBytes": 209176617
+      "objectKey": "templates/auto-v0.7.9.tar.gz",
+      "sha256": "28ae007267cd96793f553d77447d355dd6e10f6ea3afbe7173d41aa4e0b1f303",
+      "sizeBytes": 191829916
     }
   ]
 }

package/templates/storefront-auto/components/auth-error-toast.tsx

@@ -0,0 +1,46 @@
+"use client";
+
+import { useEffect, useState } from "react";
+
+const MESSAGES: Record<string, string> = {
+  state_mismatch: "Sign-in didn't complete. Please try again.",
+  exchange_failed: "We couldn't finish signing you in. Please try again.",
+  missing_code: "Sign-in didn't complete. Please try again.",
+  missing_id_token: "Sign-in didn't complete. Please try again.",
+  id_token_invalid: "Sign-in didn't complete. Please try again.",
+  access_denied: "Sign-in was cancelled.",
+  login_required: "Please sign in to continue.",
+};
+
+export function AuthErrorToast() {
+  const [message, setMessage] = useState<string | null>(null);
+
+  useEffect(() => {
+    const url = new URL(window.location.href);
+    const err = url.searchParams.get("cimplify_auth_error");
+    if (!err) return;
+    setMessage(MESSAGES[err] ?? "Sign-in didn't complete. Please try again.");
+    url.searchParams.delete("cimplify_auth_error");
+    window.history.replaceState(null, "", url.toString());
+  }, []);
+
+  if (!message) return null;
+
+  return (
+    <div
+      role="status"
+      aria-live="polite"
+      className="fixed bottom-4 left-1/2 -translate-x-1/2 z-50 max-w-sm rounded-lg bg-zinc-900 text-white px-4 py-3 text-sm shadow-lg flex items-center gap-3"
+    >
+      <span>{message}</span>
+      <button
+        type="button"
+        onClick={() => setMessage(null)}
+        aria-label="Dismiss"
+        className="text-zinc-400 hover:text-white transition-colors text-base leading-none"
+      >
+        ×
+      </button>
+    </div>
+  );
+}

package/templates/storefront-auto/components/providers.tsx

@@ -3,6 +3,7 @@
 import { useMemo, type ReactNode } from "react";
 import { createCimplifyClient } from "@cimplify/sdk";
 import { CimplifyProvider, CartDrawerProvider } from "@cimplify/sdk/react";
+import { AuthErrorToast } from "@/components/auth-error-toast";
 
 // Same-origin client — every request goes through the Next.js rewrite in
 // next.config.ts, so no CORS preflight ever hits the browser.
@@ -20,7 +21,10 @@ export function Providers({ children }: { children: ReactNode }) {
 
   return (
     <CimplifyProvider client={client}>
-      <CartDrawerProvider>{children}</CartDrawerProvider>
+      <CartDrawerProvider>
+        {children}
+        <AuthErrorToast />
+      </CartDrawerProvider>
     </CimplifyProvider>
   );
 }

package/templates/storefront-auto/package.json

@@ -17,7 +17,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.60.0",
+    "@cimplify/sdk": "^0.64.1",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-bakery/components/auth-error-toast.tsx

@@ -0,0 +1,46 @@
+"use client";
+
+import { useEffect, useState } from "react";
+
+const MESSAGES: Record<string, string> = {
+  state_mismatch: "Sign-in didn't complete. Please try again.",
+  exchange_failed: "We couldn't finish signing you in. Please try again.",
+  missing_code: "Sign-in didn't complete. Please try again.",
+  missing_id_token: "Sign-in didn't complete. Please try again.",
+  id_token_invalid: "Sign-in didn't complete. Please try again.",
+  access_denied: "Sign-in was cancelled.",
+  login_required: "Please sign in to continue.",
+};
+
+export function AuthErrorToast() {
+  const [message, setMessage] = useState<string | null>(null);
+
+  useEffect(() => {
+    const url = new URL(window.location.href);
+    const err = url.searchParams.get("cimplify_auth_error");
+    if (!err) return;
+    setMessage(MESSAGES[err] ?? "Sign-in didn't complete. Please try again.");
+    url.searchParams.delete("cimplify_auth_error");
+    window.history.replaceState(null, "", url.toString());
+  }, []);
+
+  if (!message) return null;
+
+  return (
+    <div
+      role="status"
+      aria-live="polite"
+      className="fixed bottom-4 left-1/2 -translate-x-1/2 z-50 max-w-sm rounded-lg bg-zinc-900 text-white px-4 py-3 text-sm shadow-lg flex items-center gap-3"
+    >
+      <span>{message}</span>
+      <button
+        type="button"
+        onClick={() => setMessage(null)}
+        aria-label="Dismiss"
+        className="text-zinc-400 hover:text-white transition-colors text-base leading-none"
+      >
+        ×
+      </button>
+    </div>
+  );
+}

package/templates/storefront-bakery/components/providers.tsx

@@ -3,6 +3,7 @@
 import { useMemo, type ReactNode } from "react";
 import { createCimplifyClient } from "@cimplify/sdk";
 import { CimplifyProvider, CartDrawerProvider } from "@cimplify/sdk/react";
+import { AuthErrorToast } from "@/components/auth-error-toast";
 
 // Same-origin client — every request goes through the Next.js rewrite in
 // next.config.ts, so no CORS preflight ever hits the browser.
@@ -20,7 +21,10 @@ export function Providers({ children }: { children: ReactNode }) {
 
   return (
     <CimplifyProvider client={client}>
-      <CartDrawerProvider>{children}</CartDrawerProvider>
+      <CartDrawerProvider>
+        {children}
+        <AuthErrorToast />
+      </CartDrawerProvider>
     </CimplifyProvider>
   );
 }

package/templates/storefront-bakery/package.json

@@ -17,7 +17,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.60.0",
+    "@cimplify/sdk": "^0.64.1",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-fashion/components/auth-error-toast.tsx

@@ -0,0 +1,46 @@
+"use client";
+
+import { useEffect, useState } from "react";
+
+const MESSAGES: Record<string, string> = {
+  state_mismatch: "Sign-in didn't complete. Please try again.",
+  exchange_failed: "We couldn't finish signing you in. Please try again.",
+  missing_code: "Sign-in didn't complete. Please try again.",
+  missing_id_token: "Sign-in didn't complete. Please try again.",
+  id_token_invalid: "Sign-in didn't complete. Please try again.",
+  access_denied: "Sign-in was cancelled.",
+  login_required: "Please sign in to continue.",
+};
+
+export function AuthErrorToast() {
+  const [message, setMessage] = useState<string | null>(null);
+
+  useEffect(() => {
+    const url = new URL(window.location.href);
+    const err = url.searchParams.get("cimplify_auth_error");
+    if (!err) return;
+    setMessage(MESSAGES[err] ?? "Sign-in didn't complete. Please try again.");
+    url.searchParams.delete("cimplify_auth_error");
+    window.history.replaceState(null, "", url.toString());
+  }, []);
+
+  if (!message) return null;
+
+  return (
+    <div
+      role="status"
+      aria-live="polite"
+      className="fixed bottom-4 left-1/2 -translate-x-1/2 z-50 max-w-sm rounded-lg bg-zinc-900 text-white px-4 py-3 text-sm shadow-lg flex items-center gap-3"
+    >
+      <span>{message}</span>
+      <button
+        type="button"
+        onClick={() => setMessage(null)}
+        aria-label="Dismiss"
+        className="text-zinc-400 hover:text-white transition-colors text-base leading-none"
+      >
+        ×
+      </button>
+    </div>
+  );
+}

package/templates/storefront-fashion/components/providers.tsx

@@ -3,6 +3,7 @@
 import { useMemo, type ReactNode } from "react";
 import { createCimplifyClient } from "@cimplify/sdk";
 import { CimplifyProvider, CartDrawerProvider } from "@cimplify/sdk/react";
+import { AuthErrorToast } from "@/components/auth-error-toast";
 
 // Same-origin client — every request goes through the Next.js rewrite in
 // next.config.ts, so no CORS preflight ever hits the browser.
@@ -20,7 +21,10 @@ export function Providers({ children }: { children: ReactNode }) {
 
   return (
     <CimplifyProvider client={client}>
-      <CartDrawerProvider>{children}</CartDrawerProvider>
+      <CartDrawerProvider>
+        {children}
+        <AuthErrorToast />
+      </CartDrawerProvider>
     </CimplifyProvider>
   );
 }

package/templates/storefront-fashion/package.json

@@ -19,7 +19,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.60.0",
+    "@cimplify/sdk": "^0.64.1",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-grocery/components/auth-error-toast.tsx

@@ -0,0 +1,46 @@
+"use client";
+
+import { useEffect, useState } from "react";
+
+const MESSAGES: Record<string, string> = {
+  state_mismatch: "Sign-in didn't complete. Please try again.",
+  exchange_failed: "We couldn't finish signing you in. Please try again.",
+  missing_code: "Sign-in didn't complete. Please try again.",
+  missing_id_token: "Sign-in didn't complete. Please try again.",
+  id_token_invalid: "Sign-in didn't complete. Please try again.",
+  access_denied: "Sign-in was cancelled.",
+  login_required: "Please sign in to continue.",
+};
+
+export function AuthErrorToast() {
+  const [message, setMessage] = useState<string | null>(null);
+
+  useEffect(() => {
+    const url = new URL(window.location.href);
+    const err = url.searchParams.get("cimplify_auth_error");
+    if (!err) return;
+    setMessage(MESSAGES[err] ?? "Sign-in didn't complete. Please try again.");
+    url.searchParams.delete("cimplify_auth_error");
+    window.history.replaceState(null, "", url.toString());
+  }, []);
+
+  if (!message) return null;
+
+  return (
+    <div
+      role="status"
+      aria-live="polite"
+      className="fixed bottom-4 left-1/2 -translate-x-1/2 z-50 max-w-sm rounded-lg bg-zinc-900 text-white px-4 py-3 text-sm shadow-lg flex items-center gap-3"
+    >
+      <span>{message}</span>
+      <button
+        type="button"
+        onClick={() => setMessage(null)}
+        aria-label="Dismiss"
+        className="text-zinc-400 hover:text-white transition-colors text-base leading-none"
+      >
+        ×
+      </button>
+    </div>
+  );
+}

package/templates/storefront-grocery/components/providers.tsx

@@ -3,6 +3,7 @@
 import { useMemo, type ReactNode } from "react";
 import { createCimplifyClient } from "@cimplify/sdk";
 import { CimplifyProvider, CartDrawerProvider } from "@cimplify/sdk/react";
+import { AuthErrorToast } from "@/components/auth-error-toast";
 
 // Same-origin client — every request goes through the Next.js rewrite in
 // next.config.ts, so no CORS preflight ever hits the browser.
@@ -20,7 +21,10 @@ export function Providers({ children }: { children: ReactNode }) {
 
   return (
     <CimplifyProvider client={client}>
-      <CartDrawerProvider>{children}</CartDrawerProvider>
+      <CartDrawerProvider>
+        {children}
+        <AuthErrorToast />
+      </CartDrawerProvider>
     </CimplifyProvider>
   );
 }

package/templates/storefront-grocery/package.json

@@ -17,7 +17,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.60.0",
+    "@cimplify/sdk": "^0.64.1",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-pharmacy/components/auth-error-toast.tsx

@@ -0,0 +1,46 @@
+"use client";
+
+import { useEffect, useState } from "react";
+
+const MESSAGES: Record<string, string> = {
+  state_mismatch: "Sign-in didn't complete. Please try again.",
+  exchange_failed: "We couldn't finish signing you in. Please try again.",
+  missing_code: "Sign-in didn't complete. Please try again.",
+  missing_id_token: "Sign-in didn't complete. Please try again.",
+  id_token_invalid: "Sign-in didn't complete. Please try again.",
+  access_denied: "Sign-in was cancelled.",
+  login_required: "Please sign in to continue.",
+};
+
+export function AuthErrorToast() {
+  const [message, setMessage] = useState<string | null>(null);
+
+  useEffect(() => {
+    const url = new URL(window.location.href);
+    const err = url.searchParams.get("cimplify_auth_error");
+    if (!err) return;
+    setMessage(MESSAGES[err] ?? "Sign-in didn't complete. Please try again.");
+    url.searchParams.delete("cimplify_auth_error");
+    window.history.replaceState(null, "", url.toString());
+  }, []);
+
+  if (!message) return null;
+
+  return (
+    <div
+      role="status"
+      aria-live="polite"
+      className="fixed bottom-4 left-1/2 -translate-x-1/2 z-50 max-w-sm rounded-lg bg-zinc-900 text-white px-4 py-3 text-sm shadow-lg flex items-center gap-3"
+    >
+      <span>{message}</span>
+      <button
+        type="button"
+        onClick={() => setMessage(null)}
+        aria-label="Dismiss"
+        className="text-zinc-400 hover:text-white transition-colors text-base leading-none"
+      >
+        ×
+      </button>
+    </div>
+  );
+}

package/templates/storefront-pharmacy/components/providers.tsx

@@ -3,6 +3,7 @@
 import { useMemo, type ReactNode } from "react";
 import { createCimplifyClient } from "@cimplify/sdk";
 import { CimplifyProvider, CartDrawerProvider } from "@cimplify/sdk/react";
+import { AuthErrorToast } from "@/components/auth-error-toast";
 
 // Same-origin client — every request goes through the Next.js rewrite in
 // next.config.ts, so no CORS preflight ever hits the browser.
@@ -20,7 +21,10 @@ export function Providers({ children }: { children: ReactNode }) {
 
   return (
     <CimplifyProvider client={client}>
-      <CartDrawerProvider>{children}</CartDrawerProvider>
+      <CartDrawerProvider>
+        {children}
+        <AuthErrorToast />
+      </CartDrawerProvider>
     </CimplifyProvider>
   );
 }

package/templates/storefront-pharmacy/package.json

@@ -17,7 +17,7 @@
     "check": "bun run typecheck && bun run test:run"
   },
   "dependencies": {
-    "@cimplify/sdk": "^0.60.0",
+    "@cimplify/sdk": "^0.64.1",
     "next": "^16.2.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0"

package/templates/storefront-restaurant/components/auth-error-toast.tsx

@@ -0,0 +1,46 @@
+"use client";
+
+import { useEffect, useState } from "react";
+
+const MESSAGES: Record<string, string> = {
+  state_mismatch: "Sign-in didn't complete. Please try again.",
+  exchange_failed: "We couldn't finish signing you in. Please try again.",
+  missing_code: "Sign-in didn't complete. Please try again.",
+  missing_id_token: "Sign-in didn't complete. Please try again.",
+  id_token_invalid: "Sign-in didn't complete. Please try again.",
+  access_denied: "Sign-in was cancelled.",
+  login_required: "Please sign in to continue.",
+};
+
+export function AuthErrorToast() {
+  const [message, setMessage] = useState<string | null>(null);
+
+  useEffect(() => {
+    const url = new URL(window.location.href);
+    const err = url.searchParams.get("cimplify_auth_error");
+    if (!err) return;
+    setMessage(MESSAGES[err] ?? "Sign-in didn't complete. Please try again.");
+    url.searchParams.delete("cimplify_auth_error");
+    window.history.replaceState(null, "", url.toString());
+  }, []);
+
+  if (!message) return null;
+
+  return (
+    <div
+      role="status"
+      aria-live="polite"
+      className="fixed bottom-4 left-1/2 -translate-x-1/2 z-50 max-w-sm rounded-lg bg-zinc-900 text-white px-4 py-3 text-sm shadow-lg flex items-center gap-3"
+    >
+      <span>{message}</span>
+      <button
+        type="button"
+        onClick={() => setMessage(null)}
+        aria-label="Dismiss"
+        className="text-zinc-400 hover:text-white transition-colors text-base leading-none"
+      >
+        ×
+      </button>
+    </div>
+  );
+}