@creature-ai/sdk 0.1.14 → 0.1.15

package/dist/server/index.d.ts

@@ -207,13 +207,13 @@ interface ToolContext {
      */
     instanceId: string;
     /**
-     * Creature App Token for identity verification.
+     * Creature App Token for identity retrieval.
      * ONLY present when:
      * 1. App opted into Creature-managed auth (`auth: { creatureManaged: true }`)
      * 2. Tool call originated from Creature host
      *
-     * Use `verifyCreatureToken(context.creatureToken)` to verify and extract
-     * user identity for multi-tenant data access.
+     * Use `getIdentity(context.creatureToken)` to retrieve user identity
+     * for multi-tenant data access.
      *
      * @example
      * ```typescript
@@ -221,7 +221,7 @@ interface ToolContext {
      *   if (!context.creatureToken) {
      *     return { error: "Authentication required" };
      *   }
-     *   const identity = await verifyCreatureToken(context.creatureToken);
+     *   const identity = await getIdentity(context.creatureToken);
      *   await db.notes.insert({
      *     user_id: identity.user.id,
      *     content,
@@ -715,7 +715,7 @@ declare function htmlLoader(htmlOrPath: string, basePath?: string): () => string
 declare function wrapServer<T extends McpServer>(server: T): T;
 
 /**
- * User identity from a verified Creature token.
+ * User identity from a Creature token.
  */
 interface CreatureUser {
     /** Unique, stable user identifier */
@@ -726,7 +726,7 @@ interface CreatureUser {
     name?: string;
 }
 /**
- * Organization context from a verified Creature token.
+ * Organization context from a Creature token.
  */
 interface CreatureOrganization {
     /** Unique organization identifier */
@@ -737,7 +737,7 @@ interface CreatureOrganization {
     slug: string;
 }
 /**
- * Project context from a verified Creature token.
+ * Project context from a Creature token.
  */
 interface CreatureProject {
     /** Unique project identifier */
@@ -746,15 +746,15 @@ interface CreatureProject {
     name: string;
 }
 /**
- * Session context from a verified Creature token.
+ * Session context from a Creature token.
  */
 interface CreatureSession {
     /** Unique session identifier */
     id: string;
 }
 /**
- * Verified identity claims from a Creature App Token.
- * Returned by verifyCreatureToken() on successful verification.
+ * Identity claims from a Creature App Token.
+ * Returned by getIdentity() on successful retrieval.
  */
 interface CreatureIdentity {
     /** User identity (always present for valid tokens) */
@@ -769,10 +769,10 @@ interface CreatureIdentity {
     expiresAt: string;
 }
 /**
- * Error thrown when token verification fails.
+ * Error thrown when identity retrieval fails.
  */
-declare class CreatureTokenError extends Error {
-    /** Error code from the verification API */
+declare class CreatureIdentityError extends Error {
+    /** Error code from the identity API */
     code: string;
     constructor({ code, message }: {
         code: string;
@@ -780,9 +780,9 @@ declare class CreatureTokenError extends Error {
     });
 }
 /**
- * Configuration for the Creature token verification API.
+ * Configuration for the Creature identity API.
  */
-interface VerifyConfig {
+interface IdentityConfig {
     /**
      * Base URL for the Creature API.
      * Defaults to https://api.creature.run
@@ -791,43 +791,46 @@ interface VerifyConfig {
     apiUrl?: string;
 }
 /**
- * Verifies a Creature App Token and returns the identity claims.
+ * Retrieves user identity from a Creature App Token.
  *
- * Use this in your backend API to authenticate requests from your MCP App UI.
- * The token is provided to your UI via `hostContext.creature.token` when you
+ * Use this in your MCP App tool handlers to get the authenticated user's
+ * identity. The token is provided via `context.creatureToken` when you
  * opt into Creature-managed auth.
  *
- * @param tokenOrHeader - The App Token (raw) or Authorization header ("Bearer <token>")
+ * @param creatureToken - The App Token from context.creatureToken
  * @param config - Optional configuration (e.g., custom API URL)
- * @returns The verified identity claims
- * @throws {CreatureTokenError} If verification fails (invalid, expired, or malformed token)
+ * @returns The identity claims (user, organization, project, session)
+ * @throws {CreatureIdentityError} If the token is invalid, expired, or malformed
  *
  * @example
  * ```typescript
- * import { verifyCreatureToken } from "@creature-ai/sdk/server";
+ * import { getIdentity } from "@creature-ai/sdk/server";
+ *
+ * app.tool("save_note", { ... }, async ({ content }, context) => {
+ *   if (!context.creatureToken) {
+ *     return { text: "Authentication required", isError: true };
+ *   }
  *
- * // In your Express/Hono/etc. API handler:
- * app.post("/api/notes", async (req, res) => {
  *   try {
- *     const identity = await verifyCreatureToken(req.headers.authorization);
+ *     const identity = await getIdentity(context.creatureToken);
  *
  *     // Use identity to scope data access
- *     const notes = await db.notes.find({
+ *     await db.notes.insert({
  *       user_id: identity.user.id,
  *       org_id: identity.organization?.id,
+ *       content,
  *     });
  *
- *     res.json({ notes });
+ *     return { text: "Note saved" };
  *   } catch (err) {
- *     if (err instanceof CreatureTokenError) {
- *       res.status(401).json({ error: err.code, message: err.message });
- *     } else {
- *       res.status(500).json({ error: "internal_error" });
+ *     if (err instanceof CreatureIdentityError) {
+ *       return { text: err.message, isError: true };
  *     }
+ *     throw err;
  *   }
  * });
  * ```
  */
-declare const verifyCreatureToken: (tokenOrHeader: string | undefined | null, config?: VerifyConfig) => Promise<CreatureIdentity>;
+declare const getIdentity: (creatureToken: string | undefined | null, config?: IdentityConfig) => Promise<CreatureIdentity>;
 
-export { type AdapterOptions, App, type AppConfig, type AwsLambdaOptions, type CreatureIdentity, type CreatureOrganization, type CreatureProject, type CreatureSession, CreatureTokenError, type CreatureUser, type DisplayMode, type IconConfig, type InstanceDestroyContext, MIME_TYPES, type RealtimeAdapter, type ResourceConfig, type StateAdapter, type ToolConfig, type ToolContext, type ToolHandler, type ToolResult, type ToolVisibility, type TransportSessionInfo, type TransportType, type VercelMcpOptions, type WebSocketConnection, createApp, htmlLoader, isHtmlContent, loadHtml, svgToDataUri, verifyCreatureToken, wrapServer };
+export { type AdapterOptions, App, type AppConfig, type AwsLambdaOptions, type CreatureIdentity, CreatureIdentityError, type CreatureOrganization, type CreatureProject, type CreatureSession, type CreatureUser, type DisplayMode, type IconConfig, type InstanceDestroyContext, MIME_TYPES, type RealtimeAdapter, type ResourceConfig, type StateAdapter, type ToolConfig, type ToolContext, type ToolHandler, type ToolResult, type ToolVisibility, type TransportSessionInfo, type TransportType, type VercelMcpOptions, type WebSocketConnection, createApp, getIdentity, htmlLoader, isHtmlContent, loadHtml, svgToDataUri, wrapServer };

package/dist/server/index.js

@@ -14892,12 +14892,12 @@ function wrapServer(server) {
 }
 
 // src/server/auth.ts
-var CreatureTokenError = class extends Error {
-  /** Error code from the verification API */
+var CreatureIdentityError = class extends Error {
+  /** Error code from the identity API */
   code;
   constructor({ code, message }) {
     super(message);
-    this.name = "CreatureTokenError";
+    this.name = "CreatureIdentityError";
     this.code = code;
   }
 };
@@ -14909,33 +14909,32 @@ var extractToken = (tokenOrHeader) => {
   }
   return trimmed;
 };
-var verifyCreatureToken = async (tokenOrHeader, config) => {
-  if (!tokenOrHeader) {
-    throw new CreatureTokenError({
+var getIdentity = async (creatureToken, config) => {
+  if (!creatureToken) {
+    throw new CreatureIdentityError({
       code: "missing_token",
-      message: "No token provided. Expected Authorization header or raw token."
+      message: "No token provided. Pass context.creatureToken to getIdentity()."
     });
   }
-  const token = extractToken(tokenOrHeader);
+  const token = extractToken(creatureToken);
   if (!token) {
-    throw new CreatureTokenError({
+    throw new CreatureIdentityError({
       code: "missing_token",
-      message: "Empty token after extraction from Authorization header."
+      message: "Empty token after extraction."
     });
   }
   const apiUrl = config?.apiUrl || DEFAULT_API_URL;
-  const verifyUrl = `${apiUrl}/apps/v1/token/verify`;
+  const identityUrl = `${apiUrl}/apps/v1/identity`;
   let response;
   try {
-    response = await fetch(verifyUrl, {
-      method: "POST",
+    response = await fetch(identityUrl, {
+      method: "GET",
       headers: {
-        Authorization: `Bearer ${token}`,
-        "Content-Type": "application/json"
+        Authorization: `Bearer ${token}`
       }
     });
   } catch (err) {
-    throw new CreatureTokenError({
+    throw new CreatureIdentityError({
       code: "network_error",
       message: `Failed to reach Creature API: ${err instanceof Error ? err.message : "Unknown error"}`
     });
@@ -14946,44 +14945,44 @@ var verifyCreatureToken = async (tokenOrHeader, config) => {
       errorData = await response.json();
     } catch {
     }
-    throw new CreatureTokenError({
-      code: errorData.error || "verification_failed",
-      message: errorData.error_description || `Token verification failed (HTTP ${response.status})`
+    throw new CreatureIdentityError({
+      code: errorData.error || "identity_error",
+      message: errorData.error_description || `Identity request failed (HTTP ${response.status})`
     });
   }
   let data;
   try {
     data = await response.json();
   } catch {
-    throw new CreatureTokenError({
+    throw new CreatureIdentityError({
       code: "invalid_response",
       message: "Invalid JSON response from Creature API"
     });
   }
-  if (!data.valid || !data.claims?.user) {
-    throw new CreatureTokenError({
+  if (!data.user) {
+    throw new CreatureIdentityError({
       code: "invalid_token",
       message: "Token is not valid"
     });
   }
   return {
-    user: data.claims.user,
-    organization: data.claims.organization,
-    project: data.claims.project,
-    session: data.claims.session,
+    user: data.user,
+    organization: data.organization,
+    project: data.project,
+    session: data.session,
     expiresAt: data.expires_at
   };
 };
 export {
   App,
-  CreatureTokenError,
+  CreatureIdentityError,
   MIME_TYPES,
   createApp,
+  getIdentity,
   htmlLoader,
   isHtmlContent,
   loadHtml,
   svgToDataUri,
-  verifyCreatureToken,
   wrapServer
 };
 //# sourceMappingURL=index.js.map