@fusebase/fusebase-gate-sdk 2.2.15-sdk.5 → 2.2.15-sdk.7

package/dist/apis/AppMagicLinksApi.d.ts

@@ -0,0 +1,45 @@
+/**
+ * AppMagicLinks API
+ *
+ * Generated from contract introspection
+ * Domain: app-magic-links
+ */
+import type { Client } from "../runtime/transport";
+import type { ActivateAppMagicLinkResponseContract, CreateAppMagicLinkRequestContract, CreateAppMagicLinkResponseContract, orgIdInPathRequired, RequestAppMagicLinkRequestContract, RequestAppMagicLinkResponseContract } from "../types";
+export declare class AppMagicLinksApi {
+    private client;
+    constructor(client: Client);
+    /**
+     * Activate an app magic link
+     * Unauthenticated activation: exchange a magic-link globalId for a session token (used to set the eversessionid cookie on the app subdomain), a Gate feature token, and a Dashboard feature token, all scoped to the magic link's app and target user. Re-evaluates accessPrincipals at activation time so a link issued before access was revoked can no longer be redeemed. Within the 24h TTL the link can be activated more than once.
+     */
+    activateAppMagicLink(params: {
+        path: {
+            globalId: string;
+        };
+        headers?: Record<string, string>;
+    }): Promise<ActivateAppMagicLinkResponseContract>;
+    /**
+     * Create an app magic link (invite flow)
+     * Owner/admin invite flow. Issues a 24h magic link for the recipient email and dispatches it via the magic_link_app email template. When addToAccessPrincipals is true (default), provisions a brand-new user record if needed and appends a user principal to every feature of the app. Requires app_magic_link.write and org access.
+     */
+    createAppMagicLink(params: {
+        path: {
+            orgId: orgIdInPathRequired;
+            appId: string;
+        };
+        headers?: Record<string, string>;
+        body: CreateAppMagicLinkRequestContract;
+    }): Promise<CreateAppMagicLinkResponseContract>;
+    /**
+     * Request an app magic link (visitor self-service flow)
+     * Unauthenticated visitor flow. The link is dispatched only when the email already has access to the app under its current accessPrincipals; otherwise the call is a no-op. Always returns 200 with `{ ok: true }` so the response cannot be used to enumerate emails or access. Apply per-IP rate limiting upstream of this call.
+     */
+    requestAppMagicLink(params: {
+        path: {
+            host: string;
+        };
+        headers?: Record<string, string>;
+        body: RequestAppMagicLinkRequestContract;
+    }): Promise<RequestAppMagicLinkResponseContract>;
+}

package/dist/apis/AppMagicLinksApi.js

@@ -0,0 +1,59 @@
+"use strict";
+/**
+ * AppMagicLinks API
+ *
+ * Generated from contract introspection
+ * Domain: app-magic-links
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AppMagicLinksApi = void 0;
+class AppMagicLinksApi {
+    constructor(client) {
+        this.client = client;
+    }
+    /**
+     * Activate an app magic link
+     * Unauthenticated activation: exchange a magic-link globalId for a session token (used to set the eversessionid cookie on the app subdomain), a Gate feature token, and a Dashboard feature token, all scoped to the magic link's app and target user. Re-evaluates accessPrincipals at activation time so a link issued before access was revoked can no longer be redeemed. Within the 24h TTL the link can be activated more than once.
+     */
+    async activateAppMagicLink(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/apps/magic-links/:globalId/activate",
+            pathParams: params.path,
+            headers: params.headers,
+            opId: "activateAppMagicLink",
+            expectedContentType: "application/json",
+        });
+    }
+    /**
+     * Create an app magic link (invite flow)
+     * Owner/admin invite flow. Issues a 24h magic link for the recipient email and dispatches it via the magic_link_app email template. When addToAccessPrincipals is true (default), provisions a brand-new user record if needed and appends a user principal to every feature of the app. Requires app_magic_link.write and org access.
+     */
+    async createAppMagicLink(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/:orgId/apps/:appId/magic-links",
+            pathParams: params.path,
+            headers: params.headers,
+            body: params.body,
+            opId: "createAppMagicLink",
+            expectedContentType: "application/json",
+        });
+    }
+    /**
+     * Request an app magic link (visitor self-service flow)
+     * Unauthenticated visitor flow. The link is dispatched only when the email already has access to the app under its current accessPrincipals; otherwise the call is a no-op. Always returns 200 with `{ ok: true }` so the response cannot be used to enumerate emails or access. Apply per-IP rate limiting upstream of this call.
+     */
+    async requestAppMagicLink(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/apps/by-host/:host/magic-links/request",
+            pathParams: params.path,
+            headers: params.headers,
+            body: params.body,
+            opId: "requestAppMagicLink",
+            expectedContentType: "application/json",
+        });
+    }
+}
+exports.AppMagicLinksApi = AppMagicLinksApi;

package/dist/apis/FusebaseAuthApi.d.ts

@@ -0,0 +1,83 @@
+/**
+ * FusebaseAuth API
+ *
+ * Generated from contract introspection
+ * Domain: fusebase-auth
+ */
+import type { Client } from "../runtime/transport";
+import type { FusebaseAuthChallengeRequestContract, FusebaseAuthChallengeResponseContract, FusebaseAuthLoginRequestContract, FusebaseAuthLoginResponseContract, FusebaseAuthLogoutResponseContract, FusebaseAuthPasswordResetRequestContract, FusebaseAuthPasswordResetResponseContract, FusebaseAuthPasswordRestoreKeyResponseContract, FusebaseAuthPasswordRestoreRequestContract, FusebaseAuthPasswordRestoreResponseContract, FusebaseAuthRegisterMemberRequestContract, FusebaseAuthRegisterMemberResponseContract, FusebaseAuthRegisterRequestContract, FusebaseAuthRegisterResponseContract, orgIdInPathRequired } from "../types";
+export declare class FusebaseAuthApi {
+    private client;
+    constructor(client: Client);
+    /**
+     * Check Fusebase password restore key
+     * Checks a restore-password session key through user-service. Returns `{ valid: false }` instead of exposing upstream errors.
+     */
+    checkFusebasePasswordRestoreKey(params: {
+        path: {
+            key: string;
+        };
+        headers?: Record<string, string>;
+    }): Promise<FusebaseAuthPasswordRestoreKeyResponseContract>;
+    /**
+     * Complete Fusebase auth challenge
+     * Visitor-safe challenge completion endpoint for CAPTCHA, OTP, mail OTP, and MFA flows returned by register/login.
+     */
+    completeFusebaseAuthChallenge(params: {
+        headers?: Record<string, string>;
+        body: FusebaseAuthChallengeRequestContract;
+    }): Promise<FusebaseAuthChallengeResponseContract>;
+    /**
+     * Login a Fusebase user
+     * Visitor-safe email/password login proxy for AI App auth. Forwards to auth-form `/auth/api/auth` server-side and returns sessionId for the app backend to set as its own cookie. Never provisions org membership.
+     */
+    loginFusebaseUser(params: {
+        headers?: Record<string, string>;
+        body: FusebaseAuthLoginRequestContract;
+    }): Promise<FusebaseAuthLoginResponseContract>;
+    /**
+     * Get Fusebase auth logout cookie hints
+     * Returns the app-domain cookies that the AI App backend/frontend should clear. Gate cannot clear cookies for an app domain when called on the Gate domain.
+     */
+    logoutFusebaseUser(params: {
+        headers?: Record<string, string>;
+    }): Promise<FusebaseAuthLogoutResponseContract>;
+    /**
+     * Register a Fusebase user and add org membership
+     * Protected AI App onboarding flow. Creates a Fusebase account through auth-form, then adds the newly created user to the path org with the requested role. Requires org.members.write and org access. This endpoint is for registration only; do not call it on login because that can overwrite or duplicate existing membership intent.
+     */
+    registerFusebaseOrgMember(params: {
+        path: {
+            orgId: orgIdInPathRequired;
+        };
+        headers?: Record<string, string>;
+        body: FusebaseAuthRegisterMemberRequestContract;
+    }): Promise<FusebaseAuthRegisterMemberResponseContract>;
+    /**
+     * Register a Fusebase user
+     * Visitor-safe email/password Fusebase registration proxy for AI App auth. Forwards to auth-form `/auth/api/register` server-side and returns the Fusebase sessionId for the app backend to set as its own cookie. Does not add org membership.
+     */
+    registerFusebaseUser(params: {
+        headers?: Record<string, string>;
+        body: FusebaseAuthRegisterRequestContract;
+    }): Promise<FusebaseAuthRegisterResponseContract>;
+    /**
+     * Request Fusebase password restore
+     * Visitor-safe password restore request. Forwards to auth-form `/auth/api/remind` and always returns a generic success shape so the route does not enumerate accounts.
+     */
+    requestFusebasePasswordRestore(params: {
+        headers?: Record<string, string>;
+        body: FusebaseAuthPasswordRestoreRequestContract;
+    }): Promise<FusebaseAuthPasswordRestoreResponseContract>;
+    /**
+     * Reset Fusebase password
+     * Completes a password restore session by setting a new password through user-service.
+     */
+    resetFusebasePassword(params: {
+        path: {
+            key: string;
+        };
+        headers?: Record<string, string>;
+        body: FusebaseAuthPasswordResetRequestContract;
+    }): Promise<FusebaseAuthPasswordResetResponseContract>;
+}

package/dist/apis/FusebaseAuthApi.js

@@ -0,0 +1,128 @@
+"use strict";
+/**
+ * FusebaseAuth API
+ *
+ * Generated from contract introspection
+ * Domain: fusebase-auth
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FusebaseAuthApi = void 0;
+class FusebaseAuthApi {
+    constructor(client) {
+        this.client = client;
+    }
+    /**
+     * Check Fusebase password restore key
+     * Checks a restore-password session key through user-service. Returns `{ valid: false }` instead of exposing upstream errors.
+     */
+    async checkFusebasePasswordRestoreKey(params) {
+        return this.client.request({
+            method: "GET",
+            path: "/auth/fusebase/password-restore/:key",
+            pathParams: params.path,
+            headers: params.headers,
+            opId: "checkFusebasePasswordRestoreKey",
+            expectedContentType: "application/json",
+        });
+    }
+    /**
+     * Complete Fusebase auth challenge
+     * Visitor-safe challenge completion endpoint for CAPTCHA, OTP, mail OTP, and MFA flows returned by register/login.
+     */
+    async completeFusebaseAuthChallenge(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/auth/fusebase/challenge",
+            headers: params.headers,
+            body: params.body,
+            opId: "completeFusebaseAuthChallenge",
+            expectedContentType: "application/json",
+        });
+    }
+    /**
+     * Login a Fusebase user
+     * Visitor-safe email/password login proxy for AI App auth. Forwards to auth-form `/auth/api/auth` server-side and returns sessionId for the app backend to set as its own cookie. Never provisions org membership.
+     */
+    async loginFusebaseUser(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/auth/fusebase/login",
+            headers: params.headers,
+            body: params.body,
+            opId: "loginFusebaseUser",
+            expectedContentType: "application/json",
+        });
+    }
+    /**
+     * Get Fusebase auth logout cookie hints
+     * Returns the app-domain cookies that the AI App backend/frontend should clear. Gate cannot clear cookies for an app domain when called on the Gate domain.
+     */
+    async logoutFusebaseUser(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/auth/fusebase/logout",
+            headers: params.headers,
+            opId: "logoutFusebaseUser",
+            expectedContentType: "application/json",
+        });
+    }
+    /**
+     * Register a Fusebase user and add org membership
+     * Protected AI App onboarding flow. Creates a Fusebase account through auth-form, then adds the newly created user to the path org with the requested role. Requires org.members.write and org access. This endpoint is for registration only; do not call it on login because that can overwrite or duplicate existing membership intent.
+     */
+    async registerFusebaseOrgMember(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/:orgId/auth/fusebase/register-member",
+            pathParams: params.path,
+            headers: params.headers,
+            body: params.body,
+            opId: "registerFusebaseOrgMember",
+            expectedContentType: "application/json",
+        });
+    }
+    /**
+     * Register a Fusebase user
+     * Visitor-safe email/password Fusebase registration proxy for AI App auth. Forwards to auth-form `/auth/api/register` server-side and returns the Fusebase sessionId for the app backend to set as its own cookie. Does not add org membership.
+     */
+    async registerFusebaseUser(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/auth/fusebase/register",
+            headers: params.headers,
+            body: params.body,
+            opId: "registerFusebaseUser",
+            expectedContentType: "application/json",
+        });
+    }
+    /**
+     * Request Fusebase password restore
+     * Visitor-safe password restore request. Forwards to auth-form `/auth/api/remind` and always returns a generic success shape so the route does not enumerate accounts.
+     */
+    async requestFusebasePasswordRestore(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/auth/fusebase/password-restore",
+            headers: params.headers,
+            body: params.body,
+            opId: "requestFusebasePasswordRestore",
+            expectedContentType: "application/json",
+        });
+    }
+    /**
+     * Reset Fusebase password
+     * Completes a password restore session by setting a new password through user-service.
+     */
+    async resetFusebasePassword(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/auth/fusebase/password-restore/:key",
+            pathParams: params.path,
+            headers: params.headers,
+            body: params.body,
+            opId: "resetFusebasePassword",
+            expectedContentType: "application/json",
+        });
+    }
+}
+exports.FusebaseAuthApi = FusebaseAuthApi;

package/dist/index.d.ts

@@ -7,9 +7,11 @@ export * from "./runtime";
 export * from "./types";
 export { AccessApi } from "./apis/AccessApi";
 export { AppApisApi } from "./apis/AppApisApi";
+export { AppMagicLinksApi } from "./apis/AppMagicLinksApi";
 export { BillingApi } from "./apis/BillingApi";
 export { EmailsApi } from "./apis/EmailsApi";
 export { FilesApi } from "./apis/FilesApi";
+export { FusebaseAuthApi } from "./apis/FusebaseAuthApi";
 export { HealthApi } from "./apis/HealthApi";
 export { IsolatedStoresApi } from "./apis/IsolatedStoresApi";
 export { McpManagerApi } from "./apis/McpManagerApi";

package/dist/index.js

@@ -19,19 +19,23 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.WorkspacesApi = exports.TokensApi = exports.SystemApi = exports.PortalsApi = exports.OrgUsersApi = exports.OrgGroupsApi = exports.NotesApi = exports.McpManagerApi = exports.IsolatedStoresApi = exports.HealthApi = exports.FilesApi = exports.EmailsApi = exports.BillingApi = exports.AppApisApi = exports.AccessApi = void 0;
+exports.WorkspacesApi = exports.TokensApi = exports.SystemApi = exports.PortalsApi = exports.OrgUsersApi = exports.OrgGroupsApi = exports.NotesApi = exports.McpManagerApi = exports.IsolatedStoresApi = exports.HealthApi = exports.FusebaseAuthApi = exports.FilesApi = exports.EmailsApi = exports.BillingApi = exports.AppMagicLinksApi = exports.AppApisApi = exports.AccessApi = void 0;
 __exportStar(require("./runtime"), exports);
 __exportStar(require("./types"), exports);
 var AccessApi_1 = require("./apis/AccessApi");
 Object.defineProperty(exports, "AccessApi", { enumerable: true, get: function () { return AccessApi_1.AccessApi; } });
 var AppApisApi_1 = require("./apis/AppApisApi");
 Object.defineProperty(exports, "AppApisApi", { enumerable: true, get: function () { return AppApisApi_1.AppApisApi; } });
+var AppMagicLinksApi_1 = require("./apis/AppMagicLinksApi");
+Object.defineProperty(exports, "AppMagicLinksApi", { enumerable: true, get: function () { return AppMagicLinksApi_1.AppMagicLinksApi; } });
 var BillingApi_1 = require("./apis/BillingApi");
 Object.defineProperty(exports, "BillingApi", { enumerable: true, get: function () { return BillingApi_1.BillingApi; } });
 var EmailsApi_1 = require("./apis/EmailsApi");
 Object.defineProperty(exports, "EmailsApi", { enumerable: true, get: function () { return EmailsApi_1.EmailsApi; } });
 var FilesApi_1 = require("./apis/FilesApi");
 Object.defineProperty(exports, "FilesApi", { enumerable: true, get: function () { return FilesApi_1.FilesApi; } });
+var FusebaseAuthApi_1 = require("./apis/FusebaseAuthApi");
+Object.defineProperty(exports, "FusebaseAuthApi", { enumerable: true, get: function () { return FusebaseAuthApi_1.FusebaseAuthApi; } });
 var HealthApi_1 = require("./apis/HealthApi");
 Object.defineProperty(exports, "HealthApi", { enumerable: true, get: function () { return HealthApi_1.HealthApi; } });
 var IsolatedStoresApi_1 = require("./apis/IsolatedStoresApi");

package/dist/types/app-magic-link/app-magic-link.d.ts

@@ -0,0 +1,106 @@
+/**
+ * Request body for createAppMagicLink (owner/admin invite flow).
+ */
+export interface CreateAppMagicLinkRequestContract {
+    /**
+     * Recipient email address. The link is dispatched to this address.
+     * @format email
+     */
+    email: string;
+    /**
+     * Relative app path to land on after activation (e.g. /proposals/abc).
+     * Omit for root.
+     * @nullable true
+     */
+    redirectPath?: string | null;
+    /**
+     * When true (default), append a user principal to every feature of the app
+     * and provision a new user record if the email is not yet known.
+     * When false, the user must already exist or the call rejects with NotFound.
+     */
+    addToAccessPrincipals?: boolean;
+}
+/**
+ * Response body for createAppMagicLink.
+ */
+export interface CreateAppMagicLinkResponseContract {
+    /**
+     * globalId of the magic link row, also the value passed to the activation
+     * endpoint.
+     */
+    id: string;
+    /**
+     * Fully qualified URL to the app `/link` route with `id` (and optional
+     * `redirect`) query params.
+     */
+    magicLinkUrl: string;
+    /**
+     * Unix timestamp (seconds) when the link expires (createdAt + 24h).
+     */
+    expiresAt: number;
+}
+/**
+ * Request body for requestAppMagicLink (visitor self-service flow).
+ */
+export interface RequestAppMagicLinkRequestContract {
+    /**
+     * Email address typed by the visitor. The link is dispatched to this address
+     * only when it already has access to the app.
+     * @format email
+     */
+    email: string;
+    /**
+     * Optional relative app path to land on after activation
+     * (e.g. /proposals/abc). Omit for root.
+     * @nullable true
+     */
+    redirectPath?: string | null;
+}
+/**
+ * Generic acknowledgment. Returned for both allowed and denied requests so
+ * the response cannot be used to enumerate emails or access state.
+ */
+export interface RequestAppMagicLinkResponseContract {
+    /**
+     * Always true.
+     */
+    ok: boolean;
+}
+/**
+ * Response body for activateAppMagicLink.
+ */
+export interface ActivateAppMagicLinkResponseContract {
+    /**
+     * globalId of the magic link that was activated.
+     */
+    id: string;
+    /**
+     * Session id usable as the `eversessionid` cookie value.
+     */
+    sessionToken: string;
+    /**
+     * Fusebase Gate token scoped to the resolved app feature and target user.
+     * May be empty if upstream token issuance failed; the activation itself
+     * still succeeded and the SPA can retry.
+     */
+    featureToken: string;
+    /**
+     * Dashboard service token scoped to the same feature and user. May be empty
+     * if upstream token issuance failed.
+     */
+    dashboardToken: string;
+    /**
+     * Relative app path the SPA should navigate to after the cookie is set
+     * (e.g. /proposals/abc). Defaults to `/` when no `redirectPath` was provided
+     * when the link was created.
+     */
+    redirectPath: string;
+    /**
+     * Unix timestamp (seconds) when the magic link expires.
+     */
+    expiresAt: number;
+    /**
+     * globalId of the resolved app feature whose access the tokens are scoped to.
+     */
+    appFeatureId: string;
+}

package/dist/types/app-magic-link/app-magic-link.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/types/fusebase-auth/fusebase-auth.d.ts

@@ -0,0 +1,104 @@
+export interface FusebaseAuthSessionContract {
+    sessionId: string;
+    userId: number;
+}
+export interface FusebaseAuthChallengeContract {
+    type: string;
+    state: string;
+    image?: string;
+    question?: string;
+    email?: string;
+}
+export interface FusebaseAuthRegisterRequestContract {
+    /**
+     * User email. Forwarded to auth-form as `login`.
+     * @format email
+     */
+    email: string;
+    password: string;
+    firstName?: string;
+    lastName?: string;
+    fullName?: string;
+    subscribe?: boolean;
+    redirectPath?: string | null;
+    tags?: string[];
+}
+export interface FusebaseAuthRegisterResponseContract {
+    status: "authenticated" | "challenge_required";
+    session?: FusebaseAuthSessionContract;
+    challenge?: FusebaseAuthChallengeContract;
+    redirectPath: string;
+}
+export interface FusebaseAuthRegisterMemberRequestContract extends FusebaseAuthRegisterRequestContract {
+    /**
+     * Org role to grant after the Fusebase account is created.
+     * Defaults to `client`.
+     */
+    orgRole?: string;
+    memberTTL?: number | null;
+    defaultWorkspaceRole?: string;
+}
+export interface FusebaseAuthRegisterMemberResponseContract extends FusebaseAuthRegisterResponseContract {
+    membership?: {
+        orgId: string;
+        userId: number;
+        role: string;
+        memberTTL?: number | null;
+    };
+}
+export interface FusebaseAuthLoginRequestContract {
+    /**
+     * User email. Forwarded to auth-form as `login`.
+     * @format email
+     */
+    email: string;
+    password: string;
+    redirectPath?: string | null;
+    device?: Record<string, unknown>;
+}
+export interface FusebaseAuthLoginResponseContract {
+    status: "authenticated" | "challenge_required";
+    session?: FusebaseAuthSessionContract;
+    challenge?: FusebaseAuthChallengeContract;
+    redirectPath: string;
+}
+export interface FusebaseAuthChallengeRequestContract {
+    state: string;
+    answer: string;
+    redirectPath?: string | null;
+}
+export interface FusebaseAuthChallengeResponseContract {
+    status: "authenticated" | "challenge_required";
+    session?: FusebaseAuthSessionContract;
+    challenge?: FusebaseAuthChallengeContract;
+    redirectPath: string;
+}
+export interface FusebaseAuthPasswordRestoreRequestContract {
+    /**
+     * User email. The response is intentionally generic.
+     * @format email
+     */
+    email: string;
+    customAuthUrl?: string;
+    portalId?: string;
+    workspaceId?: string;
+}
+export interface FusebaseAuthPasswordRestoreResponseContract {
+    ok: true;
+}
+export interface FusebaseAuthPasswordRestoreKeyResponseContract {
+    valid: boolean;
+}
+export interface FusebaseAuthPasswordResetRequestContract {
+    password: string;
+}
+export interface FusebaseAuthPasswordResetResponseContract {
+    ok: true;
+}
+export interface FusebaseAuthLogoutResponseContract {
+    ok: true;
+    /**
+     * App/BFF should clear these cookies on its own domain.
+     */
+    cookiesToDelete: string[];
+}

package/dist/types/fusebase-auth/fusebase-auth.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/types/index.d.ts

@@ -6,9 +6,11 @@
  */
 export type { AuthenticatedUserSummaryContract, MyOrgAccessResponseContract } from "./access/access";
 export type { AppApiOperationContract, AppApiOperationListResponseContract, CallAppApiRequestContract, CallAppApiResponseContract } from "./app-api/app-api";
+export type { ActivateAppMagicLinkResponseContract, CreateAppMagicLinkRequestContract, CreateAppMagicLinkResponseContract, RequestAppMagicLinkRequestContract, RequestAppMagicLinkResponseContract } from "./app-magic-link/app-magic-link";
 export * from "./billing/billing";
 export type { OrgEmailSendRequestContract, OrgEmailSendResponseContract } from "./email/email";
 export * from "./file/file";
+export type { FusebaseAuthChallengeContract, FusebaseAuthChallengeRequestContract, FusebaseAuthChallengeResponseContract, FusebaseAuthLoginRequestContract, FusebaseAuthLoginResponseContract, FusebaseAuthLogoutResponseContract, FusebaseAuthPasswordResetRequestContract, FusebaseAuthPasswordResetResponseContract, FusebaseAuthPasswordRestoreKeyResponseContract, FusebaseAuthPasswordRestoreRequestContract, FusebaseAuthPasswordRestoreResponseContract, FusebaseAuthRegisterMemberRequestContract, FusebaseAuthRegisterMemberResponseContract, FusebaseAuthRegisterRequestContract, FusebaseAuthRegisterResponseContract, FusebaseAuthSessionContract } from "./fusebase-auth/fusebase-auth";
 export * from "./isolated-store/isolated-store";
 export * from "./mcp-manager/mcp-manager";
 export type { MeAuthContract, MeOrgGroupContract, MeResponseContract, MeScopeContract, MeUserContract } from "./me/me";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fusebase/fusebase-gate-sdk",
-  "version": "2.2.15-sdk.5",
+  "version": "2.2.15-sdk.7",
   "description": "TypeScript SDK for Fusebase Gate APIs - Generated from contract introspection",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",

package/release-notes/2.2.15-sdk.7.md

@@ -0,0 +1,9 @@
+# Release Notes 2.2.15-sdk.7
+
+- Current ref: `HEAD`
+- Previous tag: `v2.2.15-sdk.7`
+- Generated at: 2026-05-22T11:43:38.015Z
+
+## Included Drafts
+
+- None

package/release-notes/latest.md

@@ -1,8 +1,8 @@
-# Release Notes 2.2.15-sdk.5
+# Release Notes 2.2.15-sdk.7
 
 - Current ref: `HEAD`
-- Previous tag: `v2.2.15-sdk.5`
-- Generated at: 2026-05-18T10:10:39.543Z
+- Previous tag: `v2.2.15-sdk.7`
+- Generated at: 2026-05-22T11:43:38.015Z
 
 ## Included Drafts
 

package/release-notes/2.2.15-sdk.5.md

@@ -1,9 +0,0 @@
-# Release Notes 2.2.15-sdk.5
-
-- Current ref: `HEAD`
-- Previous tag: `v2.2.15-sdk.5`
-- Generated at: 2026-05-18T10:10:39.543Z
-
-## Included Drafts
-
-- None