@drmhse/sso-sdk 0.3.2 → 0.3.3

package/README.md

@@ -210,6 +210,45 @@ await sso.organizations.setSmtp('acme-corp', {
 });
 ```
 
+## Subscription & Billing
+
+The SDK provides provider-agnostic billing integration that works with both Stripe and Polar.
+
+```typescript
+// Check billing status
+const billingInfo = await sso.organizations.billing.getInfo('acme-corp');
+console.log(billingInfo.has_billing_account); // true/false
+console.log(billingInfo.provider); // "stripe" or "polar"
+
+// Open billing portal for subscription management
+const portal = await sso.organizations.billing.createPortalSession('acme-corp', {
+  return_url: 'https://app.acme.com/settings/billing'
+});
+// Redirect user to manage their subscription
+window.location.href = portal.url;
+```
+
+### BYOP - Bring Your Own Payment
+
+Organizations can configure their own billing provider credentials to charge their end-users:
+
+```typescript
+// Configure organization's own Stripe credentials
+await sso.organizations.billingCredentials.set('acme-corp', 'stripe', {
+  api_key: 'sk_live_...',
+  webhook_secret: 'whsec_...',
+  mode: 'live' // or 'test'
+});
+
+// Check credential status
+const status = await sso.organizations.billingCredentials.get('acme-corp', 'stripe');
+console.log(status.configured); // true
+console.log(status.mode); // "live"
+
+// Remove credentials
+await sso.organizations.billingCredentials.delete('acme-corp', 'stripe');
+```
+
 ## Services & API Keys
 
 ```typescript

package/dist/index.d.mts

@@ -3688,6 +3688,124 @@ declare class OrganizationsModule {
          */
         test: (orgSlug: string, configId: string) => Promise<TestConnectionResponse>;
     };
+    /**
+     * Billing and subscription management methods
+     */
+    billing: {
+        /**
+         * Get billing information for an organization.
+         * Returns whether a billing account exists and which provider is being used.
+         * Requires 'owner' or 'admin' role.
+         *
+         * @param orgSlug Organization slug
+         * @returns Billing information
+         *
+         * @example
+         * ```typescript
+         * const info = await sso.organizations.billing.getInfo('acme-corp');
+         * if (info.has_billing_account) {
+         *   console.log('Billing provider:', info.provider);
+         * }
+         * ```
+         */
+        getInfo: (orgSlug: string) => Promise<{
+            has_billing_account: boolean;
+            provider: string | null;
+        }>;
+        /**
+         * Create a billing portal session.
+         * Redirects the user to the billing provider's self-service portal to manage their subscription,
+         * update payment methods, view invoices, etc.
+         * Requires 'owner' role.
+         *
+         * @param orgSlug Organization slug
+         * @param returnUrl URL to redirect the user to after they leave the portal
+         * @returns Object containing the portal session URL
+         *
+         * @example
+         * ```typescript
+         * const session = await sso.organizations.billing.createPortalSession('acme-corp', {
+         *   return_url: 'https://app.acme.com/billing'
+         * });
+         * // Redirect user to billing portal
+         * window.location.href = session.url;
+         * ```
+         */
+        createPortalSession: (orgSlug: string, payload: {
+            return_url: string;
+        }) => Promise<{
+            url: string;
+        }>;
+    };
+    /**
+     * BYOP (Bring Your Own Payment) credential management.
+     * Allows organizations to configure their own billing provider credentials
+     * to charge their end-users directly.
+     */
+    billingCredentials: {
+        /**
+         * Get the status of billing credentials for a provider.
+         * Returns whether credentials are configured and the mode (test/live).
+         * Requires 'owner' role.
+         *
+         * @param orgSlug Organization slug
+         * @param provider Billing provider ('stripe' or 'polar')
+         * @returns Credential configuration status
+         *
+         * @example
+         * ```typescript
+         * const status = await sso.organizations.billingCredentials.get('acme-corp', 'stripe');
+         * if (status.configured) {
+         *   console.log('Mode:', status.mode); // 'test' or 'live'
+         *   console.log('Enabled:', status.enabled);
+         * }
+         * ```
+         */
+        get: (orgSlug: string, provider: "stripe" | "polar") => Promise<{
+            configured: boolean;
+            provider: string;
+            mode: "test" | "live" | null;
+            enabled: boolean;
+        }>;
+        /**
+         * Set or update billing credentials for a provider.
+         * Enables the organization to charge their end-users using their own
+         * payment provider account.
+         * Requires 'owner' role.
+         *
+         * @param orgSlug Organization slug
+         * @param provider Billing provider ('stripe' or 'polar')
+         * @param payload Billing credentials
+         *
+         * @example
+         * ```typescript
+         * await sso.organizations.billingCredentials.set('acme-corp', 'stripe', {
+         *   api_key: 'sk_live_...',
+         *   webhook_secret: 'whsec_...',
+         *   mode: 'live'
+         * });
+         * ```
+         */
+        set: (orgSlug: string, provider: "stripe" | "polar", payload: {
+            api_key: string;
+            webhook_secret: string;
+            mode: "test" | "live";
+        }) => Promise<void>;
+        /**
+         * Delete billing credentials for a provider.
+         * The organization will no longer be able to charge end-users directly.
+         * Requires 'owner' role.
+         *
+         * @param orgSlug Organization slug
+         * @param provider Billing provider ('stripe' or 'polar')
+         *
+         * @example
+         * ```typescript
+         * await sso.organizations.billingCredentials.delete('acme-corp', 'stripe');
+         * ```
+         */
+        delete: (orgSlug: string, provider: "stripe" | "polar") => Promise<void>;
+    };
 }
 
 /**
@@ -4348,6 +4466,32 @@ declare class PlatformModule {
          * ```
          */
         updateTier: (orgId: string, payload: UpdateOrganizationTierPayload) => Promise<Organization>;
+        /**
+         * Update an organization's feature overrides.
+         *
+         * @param orgId Organization ID
+         * @param payload Feature override flags
+         * @returns Updated organization
+         *
+         * @example
+         * ```typescript
+         * await sso.platform.organizations.updateFeatures('org-id', {
+         *   allow_saml: true,
+         *   allow_scim: false,
+         *   allow_custom_domain: true,
+         *   allow_custom_branding: false
+         * });
+         * ```
+         */
+        updateFeatures: (orgId: string, payload: {
+            allow_saml?: boolean;
+            allow_scim?: boolean;
+            allow_custom_domain?: boolean;
+            allow_custom_branding?: boolean;
+            allow_advanced_risk_engine?: boolean;
+            allow_siem_integration?: boolean;
+            allow_webhooks?: boolean;
+        }) => Promise<Organization>;
         /**
          * Delete an organization and all its associated data.
          * This is a destructive operation that cannot be undone.

package/dist/index.d.ts

@@ -3688,6 +3688,124 @@ declare class OrganizationsModule {
          */
         test: (orgSlug: string, configId: string) => Promise<TestConnectionResponse>;
     };
+    /**
+     * Billing and subscription management methods
+     */
+    billing: {
+        /**
+         * Get billing information for an organization.
+         * Returns whether a billing account exists and which provider is being used.
+         * Requires 'owner' or 'admin' role.
+         *
+         * @param orgSlug Organization slug
+         * @returns Billing information
+         *
+         * @example
+         * ```typescript
+         * const info = await sso.organizations.billing.getInfo('acme-corp');
+         * if (info.has_billing_account) {
+         *   console.log('Billing provider:', info.provider);
+         * }
+         * ```
+         */
+        getInfo: (orgSlug: string) => Promise<{
+            has_billing_account: boolean;
+            provider: string | null;
+        }>;
+        /**
+         * Create a billing portal session.
+         * Redirects the user to the billing provider's self-service portal to manage their subscription,
+         * update payment methods, view invoices, etc.
+         * Requires 'owner' role.
+         *
+         * @param orgSlug Organization slug
+         * @param returnUrl URL to redirect the user to after they leave the portal
+         * @returns Object containing the portal session URL
+         *
+         * @example
+         * ```typescript
+         * const session = await sso.organizations.billing.createPortalSession('acme-corp', {
+         *   return_url: 'https://app.acme.com/billing'
+         * });
+         * // Redirect user to billing portal
+         * window.location.href = session.url;
+         * ```
+         */
+        createPortalSession: (orgSlug: string, payload: {
+            return_url: string;
+        }) => Promise<{
+            url: string;
+        }>;
+    };
+    /**
+     * BYOP (Bring Your Own Payment) credential management.
+     * Allows organizations to configure their own billing provider credentials
+     * to charge their end-users directly.
+     */
+    billingCredentials: {
+        /**
+         * Get the status of billing credentials for a provider.
+         * Returns whether credentials are configured and the mode (test/live).
+         * Requires 'owner' role.
+         *
+         * @param orgSlug Organization slug
+         * @param provider Billing provider ('stripe' or 'polar')
+         * @returns Credential configuration status
+         *
+         * @example
+         * ```typescript
+         * const status = await sso.organizations.billingCredentials.get('acme-corp', 'stripe');
+         * if (status.configured) {
+         *   console.log('Mode:', status.mode); // 'test' or 'live'
+         *   console.log('Enabled:', status.enabled);
+         * }
+         * ```
+         */
+        get: (orgSlug: string, provider: "stripe" | "polar") => Promise<{
+            configured: boolean;
+            provider: string;
+            mode: "test" | "live" | null;
+            enabled: boolean;
+        }>;
+        /**
+         * Set or update billing credentials for a provider.
+         * Enables the organization to charge their end-users using their own
+         * payment provider account.
+         * Requires 'owner' role.
+         *
+         * @param orgSlug Organization slug
+         * @param provider Billing provider ('stripe' or 'polar')
+         * @param payload Billing credentials
+         *
+         * @example
+         * ```typescript
+         * await sso.organizations.billingCredentials.set('acme-corp', 'stripe', {
+         *   api_key: 'sk_live_...',
+         *   webhook_secret: 'whsec_...',
+         *   mode: 'live'
+         * });
+         * ```
+         */
+        set: (orgSlug: string, provider: "stripe" | "polar", payload: {
+            api_key: string;
+            webhook_secret: string;
+            mode: "test" | "live";
+        }) => Promise<void>;
+        /**
+         * Delete billing credentials for a provider.
+         * The organization will no longer be able to charge end-users directly.
+         * Requires 'owner' role.
+         *
+         * @param orgSlug Organization slug
+         * @param provider Billing provider ('stripe' or 'polar')
+         *
+         * @example
+         * ```typescript
+         * await sso.organizations.billingCredentials.delete('acme-corp', 'stripe');
+         * ```
+         */
+        delete: (orgSlug: string, provider: "stripe" | "polar") => Promise<void>;
+    };
 }
 
 /**
@@ -4348,6 +4466,32 @@ declare class PlatformModule {
          * ```
          */
         updateTier: (orgId: string, payload: UpdateOrganizationTierPayload) => Promise<Organization>;
+        /**
+         * Update an organization's feature overrides.
+         *
+         * @param orgId Organization ID
+         * @param payload Feature override flags
+         * @returns Updated organization
+         *
+         * @example
+         * ```typescript
+         * await sso.platform.organizations.updateFeatures('org-id', {
+         *   allow_saml: true,
+         *   allow_scim: false,
+         *   allow_custom_domain: true,
+         *   allow_custom_branding: false
+         * });
+         * ```
+         */
+        updateFeatures: (orgId: string, payload: {
+            allow_saml?: boolean;
+            allow_scim?: boolean;
+            allow_custom_domain?: boolean;
+            allow_custom_branding?: boolean;
+            allow_advanced_risk_engine?: boolean;
+            allow_siem_integration?: boolean;
+            allow_webhooks?: boolean;
+        }) => Promise<Organization>;
         /**
          * Delete an organization and all its associated data.
          * This is a destructive operation that cannot be undone.

package/dist/index.js

@@ -1986,6 +1986,137 @@ var OrganizationsModule = class {
         return response.data;
       }
     };
+    // ============================================================================
+    // BILLING
+    // ============================================================================
+    /**
+     * Billing and subscription management methods
+     */
+    this.billing = {
+      /**
+       * Get billing information for an organization.
+       * Returns whether a billing account exists and which provider is being used.
+       * Requires 'owner' or 'admin' role.
+       *
+       * @param orgSlug Organization slug
+       * @returns Billing information
+       *
+       * @example
+       * ```typescript
+       * const info = await sso.organizations.billing.getInfo('acme-corp');
+       * if (info.has_billing_account) {
+       *   console.log('Billing provider:', info.provider);
+       * }
+       * ```
+       */
+      getInfo: async (orgSlug) => {
+        const response = await this.http.get(
+          `/api/organizations/${orgSlug}/billing/info`
+        );
+        return response.data;
+      },
+      /**
+       * Create a billing portal session.
+       * Redirects the user to the billing provider's self-service portal to manage their subscription,
+       * update payment methods, view invoices, etc.
+       * Requires 'owner' role.
+       *
+       * @param orgSlug Organization slug
+       * @param returnUrl URL to redirect the user to after they leave the portal
+       * @returns Object containing the portal session URL
+       *
+       * @example
+       * ```typescript
+       * const session = await sso.organizations.billing.createPortalSession('acme-corp', {
+       *   return_url: 'https://app.acme.com/billing'
+       * });
+       * // Redirect user to billing portal
+       * window.location.href = session.url;
+       * ```
+       */
+      createPortalSession: async (orgSlug, payload) => {
+        const response = await this.http.post(
+          `/api/organizations/${orgSlug}/billing/portal`,
+          payload
+        );
+        return response.data;
+      }
+    };
+    // ============================================================================
+    // BYOP - BRING YOUR OWN PAYMENT
+    // ============================================================================
+    /**
+     * BYOP (Bring Your Own Payment) credential management.
+     * Allows organizations to configure their own billing provider credentials
+     * to charge their end-users directly.
+     */
+    this.billingCredentials = {
+      /**
+       * Get the status of billing credentials for a provider.
+       * Returns whether credentials are configured and the mode (test/live).
+       * Requires 'owner' role.
+       *
+       * @param orgSlug Organization slug
+       * @param provider Billing provider ('stripe' or 'polar')
+       * @returns Credential configuration status
+       *
+       * @example
+       * ```typescript
+       * const status = await sso.organizations.billingCredentials.get('acme-corp', 'stripe');
+       * if (status.configured) {
+       *   console.log('Mode:', status.mode); // 'test' or 'live'
+       *   console.log('Enabled:', status.enabled);
+       * }
+       * ```
+       */
+      get: async (orgSlug, provider) => {
+        const response = await this.http.get(`/api/organizations/${orgSlug}/billing-credentials/${provider}`);
+        return response.data;
+      },
+      /**
+       * Set or update billing credentials for a provider.
+       * Enables the organization to charge their end-users using their own
+       * payment provider account.
+       * Requires 'owner' role.
+       *
+       * @param orgSlug Organization slug
+       * @param provider Billing provider ('stripe' or 'polar')
+       * @param payload Billing credentials
+       *
+       * @example
+       * ```typescript
+       * await sso.organizations.billingCredentials.set('acme-corp', 'stripe', {
+       *   api_key: 'sk_live_...',
+       *   webhook_secret: 'whsec_...',
+       *   mode: 'live'
+       * });
+       * ```
+       */
+      set: async (orgSlug, provider, payload) => {
+        await this.http.post(
+          `/api/organizations/${orgSlug}/billing-credentials/${provider}`,
+          payload
+        );
+      },
+      /**
+       * Delete billing credentials for a provider.
+       * The organization will no longer be able to charge end-users directly.
+       * Requires 'owner' role.
+       *
+       * @param orgSlug Organization slug
+       * @param provider Billing provider ('stripe' or 'polar')
+       *
+       * @example
+       * ```typescript
+       * await sso.organizations.billingCredentials.delete('acme-corp', 'stripe');
+       * ```
+       */
+      delete: async (orgSlug, provider) => {
+        await this.http.delete(
+          `/api/organizations/${orgSlug}/billing-credentials/${provider}`
+        );
+      }
+    };
     this.auditLogs = new AuditLogsModule(http);
     this.webhooks = new WebhooksModule(http);
   }
@@ -3122,6 +3253,30 @@ var PlatformModule = class {
         );
         return response.data;
       },
+      /**
+       * Update an organization's feature overrides.
+       *
+       * @param orgId Organization ID
+       * @param payload Feature override flags
+       * @returns Updated organization
+       *
+       * @example
+       * ```typescript
+       * await sso.platform.organizations.updateFeatures('org-id', {
+       *   allow_saml: true,
+       *   allow_scim: false,
+       *   allow_custom_domain: true,
+       *   allow_custom_branding: false
+       * });
+       * ```
+       */
+      updateFeatures: async (orgId, payload) => {
+        const response = await this.http.patch(
+          `/api/platform/organizations/${orgId}/features`,
+          payload
+        );
+        return response.data;
+      },
       /**
        * Delete an organization and all its associated data.
        * This is a destructive operation that cannot be undone.

package/dist/index.mjs

@@ -1943,6 +1943,137 @@ var OrganizationsModule = class {
         return response.data;
       }
     };
+    // ============================================================================
+    // BILLING
+    // ============================================================================
+    /**
+     * Billing and subscription management methods
+     */
+    this.billing = {
+      /**
+       * Get billing information for an organization.
+       * Returns whether a billing account exists and which provider is being used.
+       * Requires 'owner' or 'admin' role.
+       *
+       * @param orgSlug Organization slug
+       * @returns Billing information
+       *
+       * @example
+       * ```typescript
+       * const info = await sso.organizations.billing.getInfo('acme-corp');
+       * if (info.has_billing_account) {
+       *   console.log('Billing provider:', info.provider);
+       * }
+       * ```
+       */
+      getInfo: async (orgSlug) => {
+        const response = await this.http.get(
+          `/api/organizations/${orgSlug}/billing/info`
+        );
+        return response.data;
+      },
+      /**
+       * Create a billing portal session.
+       * Redirects the user to the billing provider's self-service portal to manage their subscription,
+       * update payment methods, view invoices, etc.
+       * Requires 'owner' role.
+       *
+       * @param orgSlug Organization slug
+       * @param returnUrl URL to redirect the user to after they leave the portal
+       * @returns Object containing the portal session URL
+       *
+       * @example
+       * ```typescript
+       * const session = await sso.organizations.billing.createPortalSession('acme-corp', {
+       *   return_url: 'https://app.acme.com/billing'
+       * });
+       * // Redirect user to billing portal
+       * window.location.href = session.url;
+       * ```
+       */
+      createPortalSession: async (orgSlug, payload) => {
+        const response = await this.http.post(
+          `/api/organizations/${orgSlug}/billing/portal`,
+          payload
+        );
+        return response.data;
+      }
+    };
+    // ============================================================================
+    // BYOP - BRING YOUR OWN PAYMENT
+    // ============================================================================
+    /**
+     * BYOP (Bring Your Own Payment) credential management.
+     * Allows organizations to configure their own billing provider credentials
+     * to charge their end-users directly.
+     */
+    this.billingCredentials = {
+      /**
+       * Get the status of billing credentials for a provider.
+       * Returns whether credentials are configured and the mode (test/live).
+       * Requires 'owner' role.
+       *
+       * @param orgSlug Organization slug
+       * @param provider Billing provider ('stripe' or 'polar')
+       * @returns Credential configuration status
+       *
+       * @example
+       * ```typescript
+       * const status = await sso.organizations.billingCredentials.get('acme-corp', 'stripe');
+       * if (status.configured) {
+       *   console.log('Mode:', status.mode); // 'test' or 'live'
+       *   console.log('Enabled:', status.enabled);
+       * }
+       * ```
+       */
+      get: async (orgSlug, provider) => {
+        const response = await this.http.get(`/api/organizations/${orgSlug}/billing-credentials/${provider}`);
+        return response.data;
+      },
+      /**
+       * Set or update billing credentials for a provider.
+       * Enables the organization to charge their end-users using their own
+       * payment provider account.
+       * Requires 'owner' role.
+       *
+       * @param orgSlug Organization slug
+       * @param provider Billing provider ('stripe' or 'polar')
+       * @param payload Billing credentials
+       *
+       * @example
+       * ```typescript
+       * await sso.organizations.billingCredentials.set('acme-corp', 'stripe', {
+       *   api_key: 'sk_live_...',
+       *   webhook_secret: 'whsec_...',
+       *   mode: 'live'
+       * });
+       * ```
+       */
+      set: async (orgSlug, provider, payload) => {
+        await this.http.post(
+          `/api/organizations/${orgSlug}/billing-credentials/${provider}`,
+          payload
+        );
+      },
+      /**
+       * Delete billing credentials for a provider.
+       * The organization will no longer be able to charge end-users directly.
+       * Requires 'owner' role.
+       *
+       * @param orgSlug Organization slug
+       * @param provider Billing provider ('stripe' or 'polar')
+       *
+       * @example
+       * ```typescript
+       * await sso.organizations.billingCredentials.delete('acme-corp', 'stripe');
+       * ```
+       */
+      delete: async (orgSlug, provider) => {
+        await this.http.delete(
+          `/api/organizations/${orgSlug}/billing-credentials/${provider}`
+        );
+      }
+    };
     this.auditLogs = new AuditLogsModule(http);
     this.webhooks = new WebhooksModule(http);
   }
@@ -3079,6 +3210,30 @@ var PlatformModule = class {
         );
         return response.data;
       },
+      /**
+       * Update an organization's feature overrides.
+       *
+       * @param orgId Organization ID
+       * @param payload Feature override flags
+       * @returns Updated organization
+       *
+       * @example
+       * ```typescript
+       * await sso.platform.organizations.updateFeatures('org-id', {
+       *   allow_saml: true,
+       *   allow_scim: false,
+       *   allow_custom_domain: true,
+       *   allow_custom_branding: false
+       * });
+       * ```
+       */
+      updateFeatures: async (orgId, payload) => {
+        const response = await this.http.patch(
+          `/api/platform/organizations/${orgId}/features`,
+          payload
+        );
+        return response.data;
+      },
       /**
        * Delete an organization and all its associated data.
        * This is a destructive operation that cannot be undone.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@drmhse/sso-sdk",
-  "version": "0.3.2",
+  "version": "0.3.3",
   "description": "Zero-dependency TypeScript SDK for AuthOS, the multi-tenant authentication platform",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -60,4 +60,4 @@
   "publishConfig": {
     "access": "public"
   }
-}
+}