npm - @geolonia/geonicdb-cli - Versions diffs - 0.4.0 → 0.5.0 - Mend

@geolonia/geonicdb-cli 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.js CHANGED Viewed

@@ -240,14 +240,34 @@ function collectKeys(items) {
   sorted.push(...Array.from(keySet).sort());
   return sorted;
 }
+function formatGeoJSON(geo) {
+  const geoType = String(geo.type);
+  const coords = geo.coordinates;
+  if (geoType === "Point" && Array.isArray(coords) && coords.length >= 2) {
+    return `Point(${Number(coords[0]).toFixed(2)}, ${Number(coords[1]).toFixed(2)})`;
+  }
+  if (Array.isArray(coords)) {
+    const count = geoType === "Polygon" ? Array.isArray(coords[0]) ? coords[0].length : 0 : coords.length;
+    return `${geoType}(${count} coords)`;
+  }
+  return `${geoType}(...)`;
+}
+function isGeoJSON(v) {
+  if (typeof v !== "object" || v === null) return false;
+  const o = v;
+  return typeof o.type === "string" && "coordinates" in o;
+}
 function cellValue(val) {
   if (val === void 0 || val === null) return "";
-  if (typeof val === "object") {
-    const obj = val;
-    if ("value" in obj) return String(obj.value);
-    return JSON.stringify(val);
+  if (typeof val !== "object") return String(val);
+  const obj = val;
+  if (isGeoJSON(obj)) return formatGeoJSON(obj);
+  if ("value" in obj) {
+    const v = obj.value;
+    if (isGeoJSON(v)) return formatGeoJSON(v);
+    return String(v);
   }
-  return String(val);
+  return JSON.stringify(val);
 }
 function toGeoJSON(data) {
   if (Array.isArray(data)) {
@@ -582,6 +602,7 @@ function registerConfigCommand(program2) {
 }
 // src/commands/auth.ts
+import { createHash } from "crypto";
 import { Command } from "commander";
 // src/oauth.ts
@@ -653,7 +674,7 @@ var GdbClient = class _GdbClient {
     if (this.token) {
       headers["Authorization"] = `Bearer ${this.token}`;
     } else if (this.apiKey) {
-      headers["Authorization"] = `Bearer ${this.apiKey}`;
+      headers["X-Api-Key"] = this.apiKey;
     }
     if (extra) {
       Object.assign(headers, extra);
@@ -674,13 +695,15 @@ var GdbClient = class _GdbClient {
   getBasePath() {
     return "/ngsi-ld/v1";
   }
-  static SENSITIVE_HEADERS = /* @__PURE__ */ new Set(["authorization"]);
+  static SENSITIVE_HEADERS = /* @__PURE__ */ new Set(["authorization", "x-api-key"]);
   static SENSITIVE_BODY_KEYS = /* @__PURE__ */ new Set([
     "password",
     "refreshToken",
     "token",
     "client_secret",
-    "clientSecret"
+    "clientSecret",
+    "key",
+    "apiKey"
   ]);
   logRequest(method, url, headers, body) {
     if (!this.verbose) return;
@@ -963,6 +986,13 @@ function withErrorHandler(fn) {
       }
       if (err instanceof GdbClientError && err.status === 401) {
         printError("Authentication failed. Please run `geonic login` to re-authenticate.");
+      } else if (err instanceof GdbClientError && err.status === 403) {
+        const detail = (err.ngsiError?.detail ?? err.ngsiError?.description ?? "").toLowerCase();
+        if (detail.includes("entity type") || detail.includes("allowedentitytypes")) {
+          printError(`Entity type restriction: ${err.message}`);
+        } else {
+          printError(err.message);
+        }
       } else if (err instanceof Error) {
         printError(err.message);
       } else {
@@ -1323,6 +1353,126 @@ function addMeOAuthClientsSubcommand(me) {
   ]);
 }
+// src/commands/me-api-keys.ts
+function addMeApiKeysSubcommand(me) {
+  const apiKeys = me.command("api-keys").description("Manage your API keys");
+  const list = apiKeys.command("list").description("List your API keys").action(
+    withErrorHandler(async (_opts, cmd) => {
+      const client = createClient(cmd);
+      const format = getFormat(cmd);
+      const response = await client.rawRequest("GET", "/me/api-keys");
+      outputResponse(response, format);
+    })
+  );
+  addExamples(list, [
+    {
+      description: "List your API keys",
+      command: "geonic me api-keys list"
+    }
+  ]);
+  const create = apiKeys.command("create [json]").description("Create a new API key").option("--name <name>", "Key name").option("--scopes <scopes>", "Allowed scopes (comma-separated)").option("--origins <origins>", "Allowed origins (comma-separated)").option("--entity-types <types>", "Allowed entity types (comma-separated)").option("--rate-limit <n>", "Rate limit per minute").option("--save", "Save the API key to config for automatic use").action(
+    withErrorHandler(async (json, _opts, cmd) => {
+      const opts = cmd.opts();
+      if (opts.origins !== void 0) {
+        const parsed = opts.origins.split(",").map((s) => s.trim()).filter(Boolean);
+        if (parsed.length === 0) {
+          printError("allowedOrigins must contain at least 1 item. Use '*' to allow all origins.");
+          process.exit(1);
+        }
+      }
+      let body;
+      if (json) {
+        body = await parseJsonInput(json);
+      } else if (opts.name || opts.scopes || opts.origins || opts.entityTypes || opts.rateLimit) {
+        const payload = {};
+        if (opts.name) payload.name = opts.name;
+        if (opts.scopes) payload.allowedScopes = opts.scopes.split(",").map((s) => s.trim()).filter(Boolean);
+        if (opts.origins) payload.allowedOrigins = opts.origins.split(",").map((s) => s.trim()).filter(Boolean);
+        if (opts.entityTypes) payload.allowedEntityTypes = opts.entityTypes.split(",").map((s) => s.trim()).filter(Boolean);
+        if (opts.rateLimit) {
+          const raw = opts.rateLimit.trim();
+          if (!/^\d+$/.test(raw)) {
+            printError("--rate-limit must be a positive integer.");
+            process.exit(1);
+          }
+          const perMinute = Number(raw);
+          if (perMinute <= 0) {
+            printError("--rate-limit must be a positive integer.");
+            process.exit(1);
+          }
+          payload.rateLimit = { perMinute };
+        }
+        body = payload;
+      } else {
+        body = await parseJsonInput();
+      }
+      if (body && typeof body === "object" && "allowedOrigins" in body) {
+        const origins = body.allowedOrigins;
+        if (Array.isArray(origins) && origins.filter((o) => typeof o === "string" && o.trim() !== "").length === 0) {
+          printError("allowedOrigins must contain at least 1 item. Use '*' to allow all origins.");
+          process.exit(1);
+        }
+      }
+      const client = createClient(cmd);
+      const format = getFormat(cmd);
+      const response = await client.rawRequest("POST", "/me/api-keys", { body });
+      const data = response.data;
+      if (opts.save) {
+        const globalOpts = resolveOptions(cmd);
+        const key = data.key;
+        if (!key) {
+          printError("Response missing key. API key was created, but it could not be saved.");
+          outputResponse(response, format);
+          process.exitCode = 1;
+          return;
+        }
+        const config = loadConfig(globalOpts.profile);
+        config.apiKey = key;
+        saveConfig(config, globalOpts.profile);
+        console.error("API key saved to config. X-Api-Key header will be sent automatically.");
+      } else {
+        printWarning("Save the API key now \u2014 it will not be shown again. Use --save to store it automatically.");
+      }
+      outputResponse(response, format);
+      console.error("API key created.");
+    })
+  );
+  addExamples(create, [
+    {
+      description: "Create an API key with flags",
+      command: "geonic me api-keys create --name my-app --scopes read:entities --origins 'https://example.com'"
+    },
+    {
+      description: "Create and save API key to config",
+      command: "geonic me api-keys create --name my-app --save"
+    },
+    {
+      description: "Create an API key from JSON",
+      command: `geonic me api-keys create '{"name":"my-app","allowedScopes":["read:entities"]}'`
+    },
+    {
+      description: "Create an API key with rate limiting",
+      command: "geonic me api-keys create --name my-app --rate-limit 100"
+    }
+  ]);
+  const del = apiKeys.command("delete <keyId>").description("Delete an API key").action(
+    withErrorHandler(async (keyId, _opts, cmd) => {
+      const client = createClient(cmd);
+      await client.rawRequest(
+        "DELETE",
+        `/me/api-keys/${encodeURIComponent(String(keyId))}`
+      );
+      console.error("API key deleted.");
+    })
+  );
+  addExamples(del, [
+    {
+      description: "Delete an API key",
+      command: "geonic me api-keys delete <key-id>"
+    }
+  ]);
+}
 // src/commands/auth.ts
 function createLoginCommand() {
   return new Command("login").description("Authenticate and save token").option("--client-credentials", "Use OAuth 2.0 Client Credentials flow").option("--client-id <id>", "OAuth client ID").option("--client-secret <secret>", "OAuth client secret").option("--scope <scopes>", "OAuth scopes (space-separated)").option("--tenant-id <id>", "Tenant ID for scoped authentication").action(
@@ -1450,6 +1600,117 @@ function createMeAction() {
     printInfo(`Profile: ${profileName}`);
   });
 }
+async function fetchNonce(baseUrl, apiKey) {
+  const origin = new URL(baseUrl).origin;
+  const url = new URL("/auth/nonce", baseUrl).toString();
+  const response = await fetch(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "Origin": origin
+    },
+    body: JSON.stringify({ api_key: apiKey })
+  });
+  if (!response.ok) {
+    const text = await response.text();
+    throw new Error(`Nonce request failed: ${text || `HTTP ${response.status}`}`);
+  }
+  return await response.json();
+}
+function createNonceCommand() {
+  return new Command("nonce").description("Get a nonce and PoW challenge for API key authentication").option("--api-key <key>", "API key to get nonce for").action(
+    withErrorHandler(async (...args) => {
+      const cmd = args[args.length - 1];
+      const nonceOpts = cmd.opts();
+      const globalOpts = resolveOptions(cmd);
+      const apiKey = nonceOpts.apiKey ?? globalOpts.apiKey;
+      if (!apiKey) {
+        printError("API key is required. Use --api-key or configure it with `geonic config set api-key <key>`.");
+        process.exit(1);
+      }
+      if (!globalOpts.url) {
+        printError("No URL configured. Use `geonic config set url <url>` or pass --url.");
+        process.exit(1);
+      }
+      const baseUrl = validateUrl(globalOpts.url);
+      const data = await fetchNonce(baseUrl, apiKey);
+      const format = getFormat(cmd);
+      outputResponse({ status: 200, headers: new Headers(), data }, format);
+    })
+  );
+}
+function hasLeadingZeroBits(hash, bits) {
+  const fullBytes = Math.floor(bits / 8);
+  const remainingBits = bits % 8;
+  for (let i = 0; i < fullBytes; i++) {
+    if (hash[i] !== 0) return false;
+  }
+  if (remainingBits > 0) {
+    const mask = 255 << 8 - remainingBits;
+    if ((hash[fullBytes] & mask) !== 0) return false;
+  }
+  return true;
+}
+var MAX_POW_ITERATIONS = 1e7;
+function solvePoW(challenge, difficulty) {
+  for (let nonce = 0; nonce < MAX_POW_ITERATIONS; nonce++) {
+    const hash = createHash("sha256").update(`${challenge}${nonce}`).digest();
+    if (hasLeadingZeroBits(hash, difficulty)) return nonce;
+  }
+  throw new Error(`PoW could not be solved within ${MAX_POW_ITERATIONS} iterations`);
+}
+function createTokenExchangeCommand() {
+  return new Command("token-exchange").description("Exchange API key for a session JWT via nonce + PoW").option("--api-key <key>", "API key to exchange").option("--save", "Save the obtained token to profile config").action(
+    withErrorHandler(async (...args) => {
+      const cmd = args[args.length - 1];
+      const exchangeOpts = cmd.opts();
+      const globalOpts = resolveOptions(cmd);
+      const apiKey = exchangeOpts.apiKey ?? globalOpts.apiKey;
+      if (!apiKey) {
+        printError("API key is required. Use --api-key or configure it with `geonic config set api-key <key>`.");
+        process.exit(1);
+      }
+      if (!globalOpts.url) {
+        printError("No URL configured. Use `geonic config set url <url>` or pass --url.");
+        process.exit(1);
+      }
+      const baseUrl = validateUrl(globalOpts.url);
+      const origin = new URL(baseUrl).origin;
+      const nonceData = await fetchNonce(baseUrl, apiKey);
+      printInfo(`Nonce received. Solving PoW (difficulty=${nonceData.difficulty})...`);
+      const powNonce = solvePoW(nonceData.challenge, nonceData.difficulty);
+      const tokenUrl = new URL("/oauth/token", baseUrl).toString();
+      const tokenResponse = await fetch(tokenUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Origin": origin
+        },
+        body: JSON.stringify({
+          grant_type: "api_key",
+          api_key: apiKey,
+          nonce: nonceData.nonce,
+          proof: String(powNonce)
+        })
+      });
+      if (!tokenResponse.ok) {
+        const text = await tokenResponse.text();
+        throw new Error(`Token exchange failed: ${text || `HTTP ${tokenResponse.status}`}`);
+      }
+      const tokenData = await tokenResponse.json();
+      if (exchangeOpts.save) {
+        const config = loadConfig(globalOpts.profile);
+        config.token = tokenData.access_token;
+        saveConfig(config, globalOpts.profile);
+        printSuccess("Token exchange successful. Token saved to config.");
+      } else {
+        const format = getFormat(cmd);
+        outputResponse({ status: tokenResponse.status, headers: tokenResponse.headers, data: tokenData }, format);
+        printSuccess("Token exchange successful.");
+      }
+    })
+  );
+}
 function registerAuthCommands(program2) {
   const auth = program2.command("auth").description("Manage authentication");
   const login = createLoginCommand();
@@ -1480,6 +1741,22 @@ function registerAuthCommands(program2) {
     }
   ]);
   auth.addCommand(logout);
+  const nonce = createNonceCommand();
+  addExamples(nonce, [
+    {
+      description: "Get a nonce for API key authentication",
+      command: "geonic auth nonce --api-key gdb_abcdef..."
+    }
+  ]);
+  auth.addCommand(nonce);
+  const tokenExchange = createTokenExchangeCommand();
+  addExamples(tokenExchange, [
+    {
+      description: "Exchange API key for a JWT and save it",
+      command: "geonic auth token-exchange --api-key gdb_abcdef... --save"
+    }
+  ]);
+  auth.addCommand(tokenExchange);
   const me = program2.command("me").description("Display current authenticated user and manage user resources");
   const meInfo = me.command("info", { isDefault: true, hidden: true }).description("Display current authenticated user").action(createMeAction());
   addExamples(me, [
@@ -1490,6 +1767,10 @@ function registerAuthCommands(program2) {
     {
       description: "List your OAuth clients",
       command: "geonic me oauth-clients list"
+    },
+    {
+      description: "List your API keys",
+      command: "geonic me api-keys list"
     }
   ]);
   addExamples(meInfo, [
@@ -1499,6 +1780,7 @@ function registerAuthCommands(program2) {
     }
   ]);
   addMeOAuthClientsSubcommand(me);
+  addMeApiKeysSubcommand(me);
   program2.addCommand(createLoginCommand(), { hidden: true });
   program2.addCommand(createLogoutCommand(), { hidden: true });
   const hiddenWhoami = new Command("whoami").description("Display current authenticated user").action(createMeAction());
@@ -1696,7 +1978,7 @@ function registerAttrsSubcommand(entitiesCmd) {
 // src/commands/entities.ts
 function registerEntitiesCommand(program2) {
   const entities = program2.command("entities").description("Manage context entities");
-  const list = entities.command("list").description("List entities with optional filters").option("--type <type>", "Filter by entity type").option("--id-pattern <pat>", "Filter by entity ID pattern (regex)").option("--query <q>", "NGSI query expression").option("--attrs <a,b>", "Comma-separated list of attributes to include").option("--georel <rel>", "Geo-relationship (e.g. near;maxDistance:1000)").option("--geometry <geo>", "Geometry type for geo-query (e.g. point)").option("--coords <coords>", "Coordinates for geo-query").option("--spatial-id <zfxy>", "Spatial ID filter (ZFXY tile)").option("--limit <n>", "Maximum number of entities to return", parseInt).option("--offset <n>", "Skip first N entities", parseInt).option("--order-by <field>", "Order results by field").option("--count", "Include total count in response").option("--key-values", "Request simplified key-value format").action(
+  const list = entities.command("list").description("List entities with optional filters").option("--type <type>", "Filter by entity type").option("--id-pattern <pat>", "Filter by entity ID pattern (regex)").option("--query <q>", "NGSI query expression").option("--attrs <a,b>", "Comma-separated list of attributes to include").option("--georel <rel>", "Geo-relationship (e.g. near;maxDistance:1000)").option("--geometry <geo>", "Geometry type for geo-query (e.g. point)").option("--coords <coords>", "Coordinates for geo-query").option("--spatial-id <zfxy>", "Spatial ID filter (ZFXY tile)").option("--limit <n>", "Maximum number of entities to return", parseInt).option("--offset <n>", "Skip first N entities", parseInt).option("--order-by <field>", "Order results by field").option("--count", "Include total count in response").option("--count-only", "Only show the total count without listing entities").option("--key-values", "Request simplified key-value format").action(
     withErrorHandler(async (opts, cmd) => {
       const client = createClient(cmd);
       const format = getFormat(cmd);
@@ -1712,10 +1994,15 @@ function registerEntitiesCommand(program2) {
       if (opts.limit !== void 0) params.limit = String(opts.limit);
       if (opts.offset !== void 0) params.offset = String(opts.offset);
       if (opts.orderBy) params.orderBy = String(opts.orderBy);
-      if (opts.count) params.count = "true";
+      if (opts.count || opts.countOnly) params.count = "true";
+      if (opts.countOnly) params.limit = "0";
       if (opts.keyValues) params.options = "keyValues";
       const response = await client.get("/entities", params);
-      outputResponse(response, format, !!opts.count);
+      if (opts.countOnly) {
+        printCount(response.count ?? 0);
+      } else {
+        outputResponse(response, format, !!opts.count);
+      }
     })
   );
   addExamples(list, [
@@ -1774,6 +2061,10 @@ function registerEntitiesCommand(program2) {
     {
       description: "Get total count with results",
       command: "geonic entities list --type Sensor --count"
+    },
+    {
+      description: "Get only the total count (no entity data)",
+      command: "geonic entities list --type Sensor --count-only"
     }
   ]);
   const get = entities.command("get").description("Get a single entity by ID").argument("<id>", "Entity ID").option("--key-values", "Request simplified key-value format").action(
@@ -3036,6 +3327,190 @@ function registerCaddeCommand(parent) {
   ]);
 }
+// src/commands/admin/api-keys.ts
+function validateOrigins(body, opts) {
+  if (opts.origins !== void 0) {
+    const origins = String(opts.origins).split(",").map((s) => s.trim()).filter(Boolean);
+    if (origins.length === 0) {
+      printError("allowedOrigins must contain at least 1 item. Use '*' to allow all origins.");
+      process.exit(1);
+    }
+  }
+  if (body && typeof body === "object" && "allowedOrigins" in body) {
+    const origins = body.allowedOrigins;
+    if (Array.isArray(origins) && origins.filter((o) => typeof o === "string" && o.trim() !== "").length === 0) {
+      printError("allowedOrigins must contain at least 1 item. Use '*' to allow all origins.");
+      process.exit(1);
+    }
+  }
+}
+function buildBodyFromFlags(opts) {
+  const payload = {};
+  if (opts.name) payload.name = opts.name;
+  if (opts.scopes) payload.allowedScopes = opts.scopes.split(",").map((s) => s.trim()).filter(Boolean);
+  if (opts.origins) payload.allowedOrigins = opts.origins.split(",").map((s) => s.trim()).filter(Boolean);
+  if (opts.entityTypes) payload.allowedEntityTypes = opts.entityTypes.split(",").map((s) => s.trim()).filter(Boolean);
+  if (opts.rateLimit) {
+    const raw = String(opts.rateLimit).trim();
+    if (!/^\d+$/.test(raw)) {
+      printError("--rate-limit must be a positive integer.");
+      process.exit(1);
+    }
+    const perMinute = Number(raw);
+    if (perMinute <= 0) {
+      printError("--rate-limit must be a positive integer.");
+      process.exit(1);
+    }
+    payload.rateLimit = { perMinute };
+  }
+  if (opts.tenantId) payload.tenantId = opts.tenantId;
+  return payload;
+}
+function registerApiKeysCommand(parent) {
+  const apiKeys = parent.command("api-keys").description("Manage API keys");
+  const list = apiKeys.command("list").description("List all API keys").option("--tenant-id <id>", "Filter by tenant ID").action(
+    withErrorHandler(async (_opts, cmd) => {
+      const opts = cmd.opts();
+      const client = createClient(cmd);
+      const format = getFormat(cmd);
+      const params = {};
+      if (opts.tenantId) params.tenantId = opts.tenantId;
+      const response = await client.rawRequest("GET", "/admin/api-keys", {
+        params
+      });
+      outputResponse(response, format);
+    })
+  );
+  addExamples(list, [
+    {
+      description: "List all API keys",
+      command: "geonic admin api-keys list"
+    },
+    {
+      description: "List API keys for a specific tenant",
+      command: "geonic admin api-keys list --tenant-id <tenant-id>"
+    }
+  ]);
+  const get = apiKeys.command("get <keyId>").description("Get an API key by ID").action(
+    withErrorHandler(async (keyId, _opts, cmd) => {
+      const client = createClient(cmd);
+      const format = getFormat(cmd);
+      const response = await client.rawRequest(
+        "GET",
+        `/admin/api-keys/${encodeURIComponent(String(keyId))}`
+      );
+      outputResponse(response, format);
+    })
+  );
+  addExamples(get, [
+    {
+      description: "Get an API key by ID",
+      command: "geonic admin api-keys get <key-id>"
+    }
+  ]);
+  const create = apiKeys.command("create [json]").description("Create a new API key").option("--name <name>", "Key name").option("--scopes <scopes>", "Comma-separated scopes").option("--origins <origins>", "Comma-separated origins").option("--entity-types <types>", "Comma-separated entity types").option("--rate-limit <n>", "Rate limit per minute").option("--tenant-id <id>", "Tenant ID").option("--save", "Save the API key to profile config").action(
+    withErrorHandler(async (json, _opts, cmd) => {
+      const opts = cmd.opts();
+      validateOrigins(void 0, opts);
+      let body;
+      if (json) {
+        body = await parseJsonInput(json);
+      } else if (opts.name || opts.scopes || opts.origins || opts.entityTypes || opts.rateLimit || opts.tenantId) {
+        body = buildBodyFromFlags(opts);
+      } else {
+        body = await parseJsonInput();
+      }
+      validateOrigins(body, {});
+      const client = createClient(cmd);
+      const format = getFormat(cmd);
+      const response = await client.rawRequest("POST", "/admin/api-keys", {
+        body
+      });
+      const data = response.data;
+      if (opts.save) {
+        const globalOpts = resolveOptions(cmd);
+        const key = data.key;
+        if (!key) {
+          printError("Response missing key. API key was created, but it could not be saved.");
+          outputResponse(response, format);
+          process.exitCode = 1;
+          return;
+        }
+        const config = loadConfig(globalOpts.profile);
+        config.apiKey = key;
+        saveConfig(config, globalOpts.profile);
+        console.error("API key saved to config. X-Api-Key header will be sent automatically.");
+      } else {
+        printWarning("Save the API key now \u2014 it will not be shown again. Use --save to store it automatically.");
+      }
+      outputResponse(response, format);
+      console.error("API key created.");
+    })
+  );
+  addExamples(create, [
+    {
+      description: "Create an API key with flags",
+      command: "geonic admin api-keys create --name my-key --scopes entities:read,entities:write --origins '*'"
+    },
+    {
+      description: "Create an API key from JSON and save to config",
+      command: "geonic admin api-keys create @key.json --save"
+    }
+  ]);
+  const update = apiKeys.command("update <keyId> [json]").description("Update an API key").option("--name <name>", "Key name").option("--scopes <scopes>", "Comma-separated scopes").option("--origins <origins>", "Comma-separated origins").option("--entity-types <types>", "Comma-separated entity types").option("--rate-limit <n>", "Rate limit per minute").action(
+    withErrorHandler(
+      async (keyId, json, _opts, cmd) => {
+        const opts = cmd.opts();
+        validateOrigins(void 0, opts);
+        let body;
+        if (json) {
+          body = await parseJsonInput(json);
+        } else if (opts.name || opts.scopes || opts.origins || opts.entityTypes || opts.rateLimit) {
+          body = buildBodyFromFlags(opts);
+        } else {
+          body = await parseJsonInput();
+        }
+        validateOrigins(body, {});
+        const client = createClient(cmd);
+        const format = getFormat(cmd);
+        const response = await client.rawRequest(
+          "PATCH",
+          `/admin/api-keys/${encodeURIComponent(String(keyId))}`,
+          { body }
+        );
+        outputResponse(response, format);
+        console.error("API key updated.");
+      }
+    )
+  );
+  addExamples(update, [
+    {
+      description: "Update an API key name",
+      command: "geonic admin api-keys update <key-id> --name new-name"
+    },
+    {
+      description: "Update an API key from a JSON file",
+      command: "geonic admin api-keys update <key-id> @key.json"
+    }
+  ]);
+  const del = apiKeys.command("delete <keyId>").description("Delete an API key").action(
+    withErrorHandler(async (keyId, _opts, cmd) => {
+      const client = createClient(cmd);
+      await client.rawRequest(
+        "DELETE",
+        `/admin/api-keys/${encodeURIComponent(String(keyId))}`
+      );
+      console.error("API key deleted.");
+    })
+  );
+  addExamples(del, [
+    {
+      description: "Delete an API key",
+      command: "geonic admin api-keys delete <key-id>"
+    }
+  ]);
+}
 // src/commands/admin/index.ts
 function registerAdminCommand(program2) {
   const admin = program2.command("admin").description("Manage admin resources");
@@ -3043,6 +3518,7 @@ function registerAdminCommand(program2) {
   registerUsersCommand(admin);
   registerPoliciesCommand(admin);
   registerOAuthClientsCommand(admin);
+  registerApiKeysCommand(admin);
   registerCaddeCommand(admin);
 }