npm - @gpt-platform/client - Versions diffs - 0.2.0 → 0.2.1 - Mend

@gpt-platform/client 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -3882,7 +3882,7 @@ declare class BrowserApiKeyError extends Error {
 }
 /** SDK version — updated automatically by mix update.sdks */
-declare const SDK_VERSION = "0.2.0";
+declare const SDK_VERSION = "0.2.1";
 /** Default API version sent in every request — updated automatically by mix update.sdks */
 declare const DEFAULT_API_VERSION = "2026-02-25";
@@ -4352,6 +4352,123 @@ declare function createVoiceNamespace(rb: RequestBuilder): {
     };
 };
+type OAuthProvider = "google" | "github" | "microsoft";
+interface OAuthSignInOptions {
+    /** Application ID (app_id) — required to scope the OAuth flow to your ISV application */
+    appId: string;
+    /**
+     * URL to redirect to after OAuth completes. Must be in your application's
+     * allowed callback URLs. If omitted, uses the application's default callback URL.
+     */
+    redirectUrl?: string;
+}
+declare function createIdentityNamespace(rb: RequestBuilder, baseUrl?: string): {
+    /** Login with email and password — returns a token object */
+    login: (email: string, password: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Register a new user account */
+    register: (email: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Get the currently authenticated user */
+    me: (options?: RequestOptions) => Promise<User>;
+    /** Get the current user profile (alias for me()) */
+    profile: (options?: RequestOptions) => Promise<User>;
+    list: (options?: {
+        page?: number;
+        pageSize?: number;
+    } & RequestOptions) => Promise<User[]>;
+    listAll: (options?: RequestOptions) => Promise<User[]>;
+    get: (id: string, options?: RequestOptions) => Promise<User>;
+    create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<User>;
+    /** Resend confirmation email to an unconfirmed user */
+    resendConfirmation: (options?: RequestOptions) => Promise<User>;
+    /** Confirm an email address using the token from the confirmation email */
+    confirmEmail: (email: string, confirmationToken: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Request a magic link sign-in email */
+    requestMagicLink: (email: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /**
+     * Request a password reset email — always returns success to prevent email enumeration.
+     * The user will receive an email with a reset token if the account exists.
+     */
+    requestPasswordReset: (email: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Sign in using a token from a magic link email */
+    signInWithMagicLink: (token: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Reset a password using the token from a password reset email */
+    resetPasswordWithToken: (token: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Change password for the currently authenticated user */
+    changePassword: (currentPassword: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    delete: (id: string, options?: RequestOptions) => Promise<true>;
+    tokens: {
+        create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<Token>;
+    };
+    profiles: {
+        delete: (id: string, options?: RequestOptions) => Promise<true>;
+        list: (options?: {
+            page?: number;
+            pageSize?: number;
+        } & RequestOptions) => Promise<UserProfile[]>;
+        listAll: (options?: RequestOptions) => Promise<UserProfile[]>;
+        get: (id: string, options?: RequestOptions) => Promise<UserProfile>;
+        create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
+        update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
+    };
+    /**
+     * Social OAuth sign-in (Google, GitHub, Microsoft).
+     *
+     * This is a browser-redirect flow — the backend redirects the user's browser
+     * to the provider, then back to your `redirectUrl` with `?token=JWT` appended.
+     *
+     * @example
+     * ```typescript
+     * // Get the URL and redirect manually
+     * const url = client.identity.oauth.getAuthorizationUrl('google', {
+     *   appId: 'your-app-id',
+     *   redirectUrl: 'https://yourapp.com/auth/callback',
+     * });
+     * window.location.href = url;
+     *
+     * // Or use the convenience helper (browser only)
+     * client.identity.oauth.signIn('google', {
+     *   appId: 'your-app-id',
+     *   redirectUrl: 'https://yourapp.com/auth/callback',
+     * });
+     *
+     * // On your callback page, extract the token:
+     * const token = new URLSearchParams(window.location.search).get('token');
+     * ```
+     */
+    oauth: {
+        /**
+         * Build the authorization URL for the given OAuth provider.
+         * Navigate the user's browser to this URL to begin the sign-in flow.
+         */
+        getAuthorizationUrl(provider: OAuthProvider, options: OAuthSignInOptions): string;
+        /**
+         * Redirect the browser to the OAuth sign-in page for the given provider.
+         * Only works in browser environments (sets `window.location.href`).
+         *
+         * After the user authenticates, they are redirected back to `redirectUrl`
+         * with a `?token=JWT` query parameter containing their session token.
+         */
+        signIn(provider: OAuthProvider, options: OAuthSignInOptions): void;
+    };
+    apiKeys: {
+        list: (options?: {
+            page?: number;
+            pageSize?: number;
+        } & RequestOptions) => Promise<ApiKey[]>;
+        listAll: (options?: RequestOptions) => Promise<ApiKey[]>;
+        delete: (id: string, options?: RequestOptions) => Promise<true>;
+        update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ApiKey>;
+        create: (name: string, options?: RequestOptions) => Promise<ApiKey>;
+        get: (id: string, options?: RequestOptions) => Promise<ApiKey>;
+        /** Revoke an API key (permanently disables it) */
+        revoke: (id: string, options?: RequestOptions) => Promise<ApiKey>;
+        /** Rotate an API key (generates a new secret) */
+        rotate: (id: string, options?: RequestOptions) => Promise<ApiKey>;
+        /** Allocate credits to an API key */
+        allocate: (id: string, amount: number, description: string, options?: RequestOptions) => Promise<ApiKey>;
+    };
+};
 /**
  * A single attribute filter predicate for server-side JSONB row filtering.
  * Operators: eq, not_eq, contains, in, lt, gt, not_null
@@ -4765,6 +4882,10 @@ declare class GptClient extends BaseClient {
             create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
             update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
         };
+        oauth: {
+            getAuthorizationUrl(provider: OAuthProvider, options: OAuthSignInOptions): string;
+            signIn(provider: OAuthProvider, options: OAuthSignInOptions): void;
+        };
         apiKeys: {
             list: (options?: {
                 page?: number;
@@ -5245,73 +5366,6 @@ declare function createSearchNamespace(rb: RequestBuilder): {
     };
 };
-declare function createIdentityNamespace(rb: RequestBuilder): {
-    /** Login with email and password — returns a token object */
-    login: (email: string, password: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Register a new user account */
-    register: (email: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Get the currently authenticated user */
-    me: (options?: RequestOptions) => Promise<User>;
-    /** Get the current user profile (alias for me()) */
-    profile: (options?: RequestOptions) => Promise<User>;
-    list: (options?: {
-        page?: number;
-        pageSize?: number;
-    } & RequestOptions) => Promise<User[]>;
-    listAll: (options?: RequestOptions) => Promise<User[]>;
-    get: (id: string, options?: RequestOptions) => Promise<User>;
-    create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<User>;
-    /** Resend confirmation email to an unconfirmed user */
-    resendConfirmation: (options?: RequestOptions) => Promise<User>;
-    /** Confirm an email address using the token from the confirmation email */
-    confirmEmail: (email: string, confirmationToken: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Request a magic link sign-in email */
-    requestMagicLink: (email: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /**
-     * Request a password reset email — always returns success to prevent email enumeration.
-     * The user will receive an email with a reset token if the account exists.
-     */
-    requestPasswordReset: (email: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Sign in using a token from a magic link email */
-    signInWithMagicLink: (token: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Reset a password using the token from a password reset email */
-    resetPasswordWithToken: (token: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Change password for the currently authenticated user */
-    changePassword: (currentPassword: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    delete: (id: string, options?: RequestOptions) => Promise<true>;
-    tokens: {
-        create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<Token>;
-    };
-    profiles: {
-        delete: (id: string, options?: RequestOptions) => Promise<true>;
-        list: (options?: {
-            page?: number;
-            pageSize?: number;
-        } & RequestOptions) => Promise<UserProfile[]>;
-        listAll: (options?: RequestOptions) => Promise<UserProfile[]>;
-        get: (id: string, options?: RequestOptions) => Promise<UserProfile>;
-        create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
-        update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
-    };
-    apiKeys: {
-        list: (options?: {
-            page?: number;
-            pageSize?: number;
-        } & RequestOptions) => Promise<ApiKey[]>;
-        listAll: (options?: RequestOptions) => Promise<ApiKey[]>;
-        delete: (id: string, options?: RequestOptions) => Promise<true>;
-        update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ApiKey>;
-        create: (name: string, options?: RequestOptions) => Promise<ApiKey>;
-        get: (id: string, options?: RequestOptions) => Promise<ApiKey>;
-        /** Revoke an API key (permanently disables it) */
-        revoke: (id: string, options?: RequestOptions) => Promise<ApiKey>;
-        /** Rotate an API key (generates a new secret) */
-        rotate: (id: string, options?: RequestOptions) => Promise<ApiKey>;
-        /** Allocate credits to an API key */
-        allocate: (id: string, amount: number, description: string, options?: RequestOptions) => Promise<ApiKey>;
-    };
-};
 declare function createBillingNamespace(rb: RequestBuilder): {
     wallet: {
         /** Get the current workspace wallet balance and details */

package/dist/index.d.ts CHANGED Viewed

@@ -3882,7 +3882,7 @@ declare class BrowserApiKeyError extends Error {
 }
 /** SDK version — updated automatically by mix update.sdks */
-declare const SDK_VERSION = "0.2.0";
+declare const SDK_VERSION = "0.2.1";
 /** Default API version sent in every request — updated automatically by mix update.sdks */
 declare const DEFAULT_API_VERSION = "2026-02-25";
@@ -4352,6 +4352,123 @@ declare function createVoiceNamespace(rb: RequestBuilder): {
     };
 };
+type OAuthProvider = "google" | "github" | "microsoft";
+interface OAuthSignInOptions {
+    /** Application ID (app_id) — required to scope the OAuth flow to your ISV application */
+    appId: string;
+    /**
+     * URL to redirect to after OAuth completes. Must be in your application's
+     * allowed callback URLs. If omitted, uses the application's default callback URL.
+     */
+    redirectUrl?: string;
+}
+declare function createIdentityNamespace(rb: RequestBuilder, baseUrl?: string): {
+    /** Login with email and password — returns a token object */
+    login: (email: string, password: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Register a new user account */
+    register: (email: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Get the currently authenticated user */
+    me: (options?: RequestOptions) => Promise<User>;
+    /** Get the current user profile (alias for me()) */
+    profile: (options?: RequestOptions) => Promise<User>;
+    list: (options?: {
+        page?: number;
+        pageSize?: number;
+    } & RequestOptions) => Promise<User[]>;
+    listAll: (options?: RequestOptions) => Promise<User[]>;
+    get: (id: string, options?: RequestOptions) => Promise<User>;
+    create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<User>;
+    /** Resend confirmation email to an unconfirmed user */
+    resendConfirmation: (options?: RequestOptions) => Promise<User>;
+    /** Confirm an email address using the token from the confirmation email */
+    confirmEmail: (email: string, confirmationToken: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Request a magic link sign-in email */
+    requestMagicLink: (email: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /**
+     * Request a password reset email — always returns success to prevent email enumeration.
+     * The user will receive an email with a reset token if the account exists.
+     */
+    requestPasswordReset: (email: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Sign in using a token from a magic link email */
+    signInWithMagicLink: (token: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Reset a password using the token from a password reset email */
+    resetPasswordWithToken: (token: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    /** Change password for the currently authenticated user */
+    changePassword: (currentPassword: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
+    delete: (id: string, options?: RequestOptions) => Promise<true>;
+    tokens: {
+        create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<Token>;
+    };
+    profiles: {
+        delete: (id: string, options?: RequestOptions) => Promise<true>;
+        list: (options?: {
+            page?: number;
+            pageSize?: number;
+        } & RequestOptions) => Promise<UserProfile[]>;
+        listAll: (options?: RequestOptions) => Promise<UserProfile[]>;
+        get: (id: string, options?: RequestOptions) => Promise<UserProfile>;
+        create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
+        update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
+    };
+    /**
+     * Social OAuth sign-in (Google, GitHub, Microsoft).
+     *
+     * This is a browser-redirect flow — the backend redirects the user's browser
+     * to the provider, then back to your `redirectUrl` with `?token=JWT` appended.
+     *
+     * @example
+     * ```typescript
+     * // Get the URL and redirect manually
+     * const url = client.identity.oauth.getAuthorizationUrl('google', {
+     *   appId: 'your-app-id',
+     *   redirectUrl: 'https://yourapp.com/auth/callback',
+     * });
+     * window.location.href = url;
+     *
+     * // Or use the convenience helper (browser only)
+     * client.identity.oauth.signIn('google', {
+     *   appId: 'your-app-id',
+     *   redirectUrl: 'https://yourapp.com/auth/callback',
+     * });
+     *
+     * // On your callback page, extract the token:
+     * const token = new URLSearchParams(window.location.search).get('token');
+     * ```
+     */
+    oauth: {
+        /**
+         * Build the authorization URL for the given OAuth provider.
+         * Navigate the user's browser to this URL to begin the sign-in flow.
+         */
+        getAuthorizationUrl(provider: OAuthProvider, options: OAuthSignInOptions): string;
+        /**
+         * Redirect the browser to the OAuth sign-in page for the given provider.
+         * Only works in browser environments (sets `window.location.href`).
+         *
+         * After the user authenticates, they are redirected back to `redirectUrl`
+         * with a `?token=JWT` query parameter containing their session token.
+         */
+        signIn(provider: OAuthProvider, options: OAuthSignInOptions): void;
+    };
+    apiKeys: {
+        list: (options?: {
+            page?: number;
+            pageSize?: number;
+        } & RequestOptions) => Promise<ApiKey[]>;
+        listAll: (options?: RequestOptions) => Promise<ApiKey[]>;
+        delete: (id: string, options?: RequestOptions) => Promise<true>;
+        update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ApiKey>;
+        create: (name: string, options?: RequestOptions) => Promise<ApiKey>;
+        get: (id: string, options?: RequestOptions) => Promise<ApiKey>;
+        /** Revoke an API key (permanently disables it) */
+        revoke: (id: string, options?: RequestOptions) => Promise<ApiKey>;
+        /** Rotate an API key (generates a new secret) */
+        rotate: (id: string, options?: RequestOptions) => Promise<ApiKey>;
+        /** Allocate credits to an API key */
+        allocate: (id: string, amount: number, description: string, options?: RequestOptions) => Promise<ApiKey>;
+    };
+};
 /**
  * A single attribute filter predicate for server-side JSONB row filtering.
  * Operators: eq, not_eq, contains, in, lt, gt, not_null
@@ -4765,6 +4882,10 @@ declare class GptClient extends BaseClient {
             create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
             update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
         };
+        oauth: {
+            getAuthorizationUrl(provider: OAuthProvider, options: OAuthSignInOptions): string;
+            signIn(provider: OAuthProvider, options: OAuthSignInOptions): void;
+        };
         apiKeys: {
             list: (options?: {
                 page?: number;
@@ -5245,73 +5366,6 @@ declare function createSearchNamespace(rb: RequestBuilder): {
     };
 };
-declare function createIdentityNamespace(rb: RequestBuilder): {
-    /** Login with email and password — returns a token object */
-    login: (email: string, password: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Register a new user account */
-    register: (email: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Get the currently authenticated user */
-    me: (options?: RequestOptions) => Promise<User>;
-    /** Get the current user profile (alias for me()) */
-    profile: (options?: RequestOptions) => Promise<User>;
-    list: (options?: {
-        page?: number;
-        pageSize?: number;
-    } & RequestOptions) => Promise<User[]>;
-    listAll: (options?: RequestOptions) => Promise<User[]>;
-    get: (id: string, options?: RequestOptions) => Promise<User>;
-    create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<User>;
-    /** Resend confirmation email to an unconfirmed user */
-    resendConfirmation: (options?: RequestOptions) => Promise<User>;
-    /** Confirm an email address using the token from the confirmation email */
-    confirmEmail: (email: string, confirmationToken: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Request a magic link sign-in email */
-    requestMagicLink: (email: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /**
-     * Request a password reset email — always returns success to prevent email enumeration.
-     * The user will receive an email with a reset token if the account exists.
-     */
-    requestPasswordReset: (email: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Sign in using a token from a magic link email */
-    signInWithMagicLink: (token: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Reset a password using the token from a password reset email */
-    resetPasswordWithToken: (token: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    /** Change password for the currently authenticated user */
-    changePassword: (currentPassword: string, password: string, passwordConfirmation: string, options?: RequestOptions) => Promise<Record<string, unknown>>;
-    delete: (id: string, options?: RequestOptions) => Promise<true>;
-    tokens: {
-        create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<Token>;
-    };
-    profiles: {
-        delete: (id: string, options?: RequestOptions) => Promise<true>;
-        list: (options?: {
-            page?: number;
-            pageSize?: number;
-        } & RequestOptions) => Promise<UserProfile[]>;
-        listAll: (options?: RequestOptions) => Promise<UserProfile[]>;
-        get: (id: string, options?: RequestOptions) => Promise<UserProfile>;
-        create: (attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
-        update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<UserProfile>;
-    };
-    apiKeys: {
-        list: (options?: {
-            page?: number;
-            pageSize?: number;
-        } & RequestOptions) => Promise<ApiKey[]>;
-        listAll: (options?: RequestOptions) => Promise<ApiKey[]>;
-        delete: (id: string, options?: RequestOptions) => Promise<true>;
-        update: (id: string, attributes: Record<string, unknown>, options?: RequestOptions) => Promise<ApiKey>;
-        create: (name: string, options?: RequestOptions) => Promise<ApiKey>;
-        get: (id: string, options?: RequestOptions) => Promise<ApiKey>;
-        /** Revoke an API key (permanently disables it) */
-        revoke: (id: string, options?: RequestOptions) => Promise<ApiKey>;
-        /** Rotate an API key (generates a new secret) */
-        rotate: (id: string, options?: RequestOptions) => Promise<ApiKey>;
-        /** Allocate credits to an API key */
-        allocate: (id: string, amount: number, description: string, options?: RequestOptions) => Promise<ApiKey>;
-    };
-};
 declare function createBillingNamespace(rb: RequestBuilder): {
     wallet: {
         /** Get the current workspace wallet balance and details */

package/dist/index.js CHANGED Viewed

@@ -1285,7 +1285,7 @@ function buildUserAgent(sdkVersion, appInfo) {
 }
 // src/version.ts
-var SDK_VERSION = "0.2.0";
+var SDK_VERSION = "0.2.1";
 var DEFAULT_API_VERSION = "2026-02-25";
 // src/base-client.ts
@@ -4347,7 +4347,7 @@ var ChangePasswordSchema = import_zod2.z.object({
   message: "Passwords do not match",
   path: ["password_confirmation"]
 });
-function createIdentityNamespace(rb) {
+function createIdentityNamespace(rb, baseUrl) {
   return {
     /** Login with email and password — returns a token object */
     login: async (email, password, options) => {
@@ -4600,6 +4600,58 @@ function createIdentityNamespace(rb) {
         );
       }
     },
+    /**
+     * Social OAuth sign-in (Google, GitHub, Microsoft).
+     *
+     * This is a browser-redirect flow — the backend redirects the user's browser
+     * to the provider, then back to your `redirectUrl` with `?token=JWT` appended.
+     *
+     * @example
+     * ```typescript
+     * // Get the URL and redirect manually
+     * const url = client.identity.oauth.getAuthorizationUrl('google', {
+     *   appId: 'your-app-id',
+     *   redirectUrl: 'https://yourapp.com/auth/callback',
+     * });
+     * window.location.href = url;
+     *
+     * // Or use the convenience helper (browser only)
+     * client.identity.oauth.signIn('google', {
+     *   appId: 'your-app-id',
+     *   redirectUrl: 'https://yourapp.com/auth/callback',
+     * });
+     *
+     * // On your callback page, extract the token:
+     * const token = new URLSearchParams(window.location.search).get('token');
+     * ```
+     */
+    oauth: {
+      /**
+       * Build the authorization URL for the given OAuth provider.
+       * Navigate the user's browser to this URL to begin the sign-in flow.
+       */
+      getAuthorizationUrl(provider, options) {
+        const base = (baseUrl ?? "").replace(/\/$/, "");
+        const params = { app_id: options.appId };
+        if (options.redirectUrl) params["redirect_url"] = options.redirectUrl;
+        return `${base}/oauth/${provider}?${new URLSearchParams(params).toString()}`;
+      },
+      /**
+       * Redirect the browser to the OAuth sign-in page for the given provider.
+       * Only works in browser environments (sets `window.location.href`).
+       *
+       * After the user authenticates, they are redirected back to `redirectUrl`
+       * with a `?token=JWT` query parameter containing their session token.
+       */
+      signIn(provider, options) {
+        if (typeof window === "undefined") {
+          throw new Error(
+            "identity.oauth.signIn() requires a browser environment. Use identity.oauth.getAuthorizationUrl() to get the URL and redirect manually."
+          );
+        }
+        window.location.href = this.getAuthorizationUrl(provider, options);
+      }
+    },
     apiKeys: {
       list: async (options) => {
         return rb.execute(
@@ -6496,7 +6548,7 @@ var GptClient = class extends BaseClient {
     this.billing = createBillingNamespace(rb);
     this.communication = createCommunicationNamespace(rb);
     this.extraction = createExtractionNamespace(rb);
-    this.identity = createIdentityNamespace(rb);
+    this.identity = createIdentityNamespace(rb, this.config?.baseUrl);
     this.platform = createPlatformNamespace(rb);
     this.scheduling = createSchedulingNamespace(rb);
     this.search = createSearchNamespace(rb);