npm - @gpt-platform/client - Versions diffs - 0.4.2 → 0.4.3 - Mend

@gpt-platform/client 0.4.2 → 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/index.js CHANGED Viewed

@@ -24,6 +24,7 @@ __export(index_exports, {
   AuthenticationError: () => AuthenticationError,
   AuthorizationError: () => AuthorizationError,
   BrowserApiKeyError: () => BrowserApiKeyError,
+  CardDeclinedError: () => CardDeclinedError,
   ConflictError: () => ConflictError,
   DEFAULT_API_VERSION: () => DEFAULT_API_VERSION,
   DEFAULT_RETRY_CONFIG: () => DEFAULT_RETRY_CONFIG,
@@ -33,12 +34,14 @@ __export(index_exports, {
   LOG_LEVELS: () => LOG_LEVELS,
   NetworkError: () => NetworkError,
   NotFoundError: () => NotFoundError,
+  PaymentRequiredError: () => PaymentRequiredError,
   RateLimitError: () => RateLimitError,
   RequestBuilder: () => RequestBuilder,
   RetryTimeoutError: () => RetryTimeoutError,
   SDK_VERSION: () => SDK_VERSION,
   SdkEventEmitter: () => SdkEventEmitter,
   ServerError: () => ServerError,
+  SubscriptionConflictError: () => SubscriptionConflictError,
   TimeoutError: () => TimeoutError,
   ValidationError: () => ValidationError,
   WebhookSignatureError: () => WebhookSignatureError,
@@ -962,6 +965,34 @@ var ConflictError = class extends GptCoreError {
     super(message, { statusCode: 409, code: "conflict_error", ...options });
   }
 };
+var PaymentRequiredError = class extends GptCoreError {
+  constructor(message = "Payment required", options) {
+    super(message, {
+      statusCode: 402,
+      code: "payment_required",
+      ...options
+    });
+  }
+};
+var CardDeclinedError = class extends GptCoreError {
+  constructor(message = "Card declined", declineCode, options) {
+    super(message, {
+      statusCode: 402,
+      code: "card_declined",
+      ...options
+    });
+    this.declineCode = declineCode;
+  }
+};
+var SubscriptionConflictError = class extends GptCoreError {
+  constructor(message = "Subscription conflict", options) {
+    super(message, {
+      statusCode: 409,
+      code: "subscription_conflict",
+      ...options
+    });
+  }
+};
 function handleApiError(error) {
   if (typeof error !== "object" || error === null) {
     throw new NetworkError(
@@ -970,7 +1001,7 @@ function handleApiError(error) {
   }
   const err = error;
   const response = err.response || err;
-  const statusCode = response.status || err.status || err.statusCode;
+  let statusCode = response.status || err.status || err.statusCode;
   const headers = response.headers || err.headers;
   const requestId = (headers && typeof headers === "object" && "get" in headers ? headers.get("x-request-id") : headers?.["x-request-id"]) || void 0;
   const body = response.body || response.data || err.body || err.data || err;
@@ -984,6 +1015,10 @@ function handleApiError(error) {
       field: err2.source?.pointer?.split("/").pop(),
       message: err2.detail || err2.title || "Unknown error"
     }));
+    if (!statusCode && firstError?.status) {
+      const parsed = parseInt(firstError.status, 10);
+      if (!isNaN(parsed)) statusCode = parsed;
+    }
   } else if (typeof body === "object" && body !== null && "message" in body && typeof body.message === "string") {
     message = body.message;
   } else if (typeof body === "string") {
@@ -1030,8 +1065,21 @@ function handleApiError(error) {
       throw new AuthorizationError(message, errorOptions);
     case 404:
       throw new NotFoundError(message, errorOptions);
-    case 409:
+    case 402: {
+      const bodyCode = typeof body === "object" && body !== null && "code" in body ? body.code : void 0;
+      const declineCode = typeof body === "object" && body !== null && "decline_code" in body ? body.decline_code : void 0;
+      if (bodyCode === "card_declined") {
+        throw new CardDeclinedError(message, declineCode, errorOptions);
+      }
+      throw new PaymentRequiredError(message, errorOptions);
+    }
+    case 409: {
+      const bodyCode409 = typeof body === "object" && body !== null && "code" in body ? body.code : void 0;
+      if (bodyCode409 === "subscription_conflict") {
+        throw new SubscriptionConflictError(message, errorOptions);
+      }
       throw new ConflictError(message, errorOptions);
+    }
     case 400:
     case 422:
       throw new ValidationError(message, errors, errorOptions);
@@ -1285,7 +1333,7 @@ function buildUserAgent(sdkVersion, appInfo) {
 }
 // src/version.ts
-var SDK_VERSION = "0.4.2";
+var SDK_VERSION = "0.4.3";
 var DEFAULT_API_VERSION = "2026-02-27";
 // src/base-client.ts
@@ -1798,6 +1846,11 @@ var patchApiKeysByIdRotate = (options) => (options.client ?? client).patch({
     ...options.headers
   }
 });
+var getApplicationsCurrent = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/applications/current",
+  ...options
+});
 var patchWorkspaceMembershipsByWorkspaceIdByUserIdProfile = (options) => (options.client ?? client).patch({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/workspace-memberships/{workspace_id}/{user_id}/profile",
@@ -1807,6 +1860,15 @@ var patchWorkspaceMembershipsByWorkspaceIdByUserIdProfile = (options) => (option
     ...options.headers
   }
 });
+var postInvitationsAcceptByToken = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/invitations/accept-by-token",
+  ...options,
+  headers: {
+    "Content-Type": "application/vnd.api+json",
+    ...options.headers
+  }
+});
 var getWorkspaces = (options) => (options.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/workspaces",
@@ -1845,6 +1907,11 @@ var getAgentsByIdStats = (options) => (options.client ?? client).get({
   url: "/agents/{id}/stats",
   ...options
 });
+var getSchedulingEventsByParticipant = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/scheduling/events/by_participant",
+  ...options
+});
 var getEmailTrackingEventsById = (options) => (options.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/email/tracking-events/{id}",
@@ -1898,15 +1965,6 @@ var patchCrmDealsById = (options) => (options.client ?? client).patch({
     ...options.headers
   }
 });
-var postUsersAuthResetPasswordRequest = (options) => (options.client ?? client).post({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/users/auth/reset-password/request",
-  ...options,
-  headers: {
-    "Content-Type": "application/vnd.api+json",
-    ...options.headers
-  }
-});
 var getSupportTagsWorkspaceByWorkspaceId = (options) => (options.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/support/tags/workspace/{workspace_id}",
@@ -2038,6 +2096,11 @@ var getAgentsByIdTrainingExamples = (options) => (options.client ?? client).get(
   url: "/agents/{id}/training-examples",
   ...options
 });
+var getInvitationsConsumeByToken = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/invitations/consume/{token}",
+  ...options
+});
 var postEmailMarketingCampaignsByIdOptimizeSendTimes = (options) => (options.client ?? client).post({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/email-marketing/campaigns/{id}/optimize-send-times",
@@ -2104,6 +2167,15 @@ var patchRetentionPoliciesById = (options) => (options.client ?? client).patch({
     ...options.headers
   }
 });
+var patchInvitationsByIdRevoke = (options) => (options.client ?? client).patch({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/invitations/{id}/revoke",
+  ...options,
+  headers: {
+    "Content-Type": "application/vnd.api+json",
+    ...options.headers
+  }
+});
 var getCatalogTaxonomiesApplicationByApplicationId = (options) => (options.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/catalog/taxonomies/application/{application_id}",
@@ -2409,6 +2481,15 @@ var getEmailMarketingUnsubscribersWorkspaceByWorkspaceId = (options) => (options
   url: "/email-marketing/unsubscribers/workspace/{workspace_id}",
   ...options
 });
+var patchInvitationsByIdResend = (options) => (options.client ?? client).patch({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/invitations/{id}/resend",
+  ...options,
+  headers: {
+    "Content-Type": "application/vnd.api+json",
+    ...options.headers
+  }
+});
 var getSearchSaved = (options) => (options.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/search/saved",
@@ -2654,6 +2735,15 @@ var postSupportTickets = (options) => (options.client ?? client).post({
     ...options.headers
   }
 });
+var patchInvitationsByIdAccept = (options) => (options.client ?? client).patch({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/invitations/{id}/accept",
+  ...options,
+  headers: {
+    "Content-Type": "application/vnd.api+json",
+    ...options.headers
+  }
+});
 var getCreditPackagesById = (options) => (options.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/credit-packages/{id}",
@@ -2847,6 +2937,20 @@ var getSchedulingBookingsById = (options) => (options.client ?? client).get({
   url: "/scheduling/bookings/{id}",
   ...options
 });
+var getTenantMemberships = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/tenant-memberships",
+  ...options
+});
+var postTenantMemberships = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/tenant-memberships",
+  ...options,
+  headers: {
+    "Content-Type": "application/vnd.api+json",
+    ...options.headers
+  }
+});
 var getWebhookDeliveriesById = (options) => (options.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/webhook-deliveries/{id}",
@@ -3449,6 +3553,11 @@ var getEmailTrackingEventsWorkspaceByWorkspaceId = (options) => (options.client
   url: "/email/tracking-events/workspace/{workspace_id}",
   ...options
 });
+var getTenants = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/tenants",
+  ...options
+});
 var getExtractionSchemaDiscoveriesById = (options) => (options.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/extraction/schema-discoveries/{id}",
@@ -3858,6 +3967,15 @@ var getApplicationsById = (options) => (options.client ?? client).get({
   url: "/applications/{id}",
   ...options
 });
+var patchApplicationsById = (options) => (options.client ?? client).patch({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/applications/{id}",
+  ...options,
+  headers: {
+    "Content-Type": "application/vnd.api+json",
+    ...options.headers
+  }
+});
 var patchEmailOutboundEmailsByIdSchedule = (options) => (options.client ?? client).patch({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/email/outbound-emails/{id}/schedule",
@@ -4332,15 +4450,6 @@ var getExtractionDocumentsWorkspaceByWorkspaceId = (options) => (options.client
   url: "/extraction/documents/workspace/{workspace_id}",
   ...options
 });
-var patchApplicationsByIdAllocateCredits = (options) => (options.client ?? client).patch({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/applications/{id}/allocate-credits",
-  ...options,
-  headers: {
-    "Content-Type": "application/vnd.api+json",
-    ...options.headers
-  }
-});
 var postUsersAuthMagicLinkRequest = (options) => (options.client ?? client).post({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/users/auth/magic-link/request",
@@ -4439,6 +4548,25 @@ var getExtractionDocuments = (options) => (options.client ?? client).get({
   url: "/extraction/documents",
   ...options
 });
+var getDataStoreRecordsByNamespace = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/data_store/records/by_namespace",
+  ...options
+});
+var deleteTenantMembershipsByTenantIdByUserId = (options) => (options.client ?? client).delete({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/tenant-memberships/{tenant_id}/{user_id}",
+  ...options
+});
+var patchTenantMembershipsByTenantIdByUserId = (options) => (options.client ?? client).patch({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/tenant-memberships/{tenant_id}/{user_id}",
+  ...options,
+  headers: {
+    "Content-Type": "application/vnd.api+json",
+    ...options.headers
+  }
+});
 var getCrmDealsWorkspaceByWorkspaceId = (options) => (options.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/crm/deals/workspace/{workspace_id}",
@@ -4903,6 +5031,11 @@ var deleteWorkspaceMembershipsByWorkspaceIdByUserId = (options) => (options.clie
   url: "/workspace-memberships/{workspace_id}/{user_id}",
   ...options
 });
+var getWorkspaceMembershipsByWorkspaceIdByUserId = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/workspace-memberships/{workspace_id}/{user_id}",
+  ...options
+});
 var patchWorkspaceMembershipsByWorkspaceIdByUserId = (options) => (options.client ?? client).patch({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/workspace-memberships/{workspace_id}/{user_id}",
@@ -4955,6 +5088,15 @@ var getUsers = (options) => (options.client ?? client).get({
   url: "/users",
   ...options
 });
+var postDataStoreRecordsUpsert = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/data_store/records/upsert",
+  ...options,
+  headers: {
+    "Content-Type": "application/vnd.api+json",
+    ...options.headers
+  }
+});
 var deleteSupportTicketsById = (options) => (options.client ?? client).delete({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/support/tickets/{id}",
@@ -7249,6 +7391,9 @@ function createBillingNamespace(rb) {
        * Preview the cost and effective date of a plan change before committing.
        *
        * @param planSlug - The slug of the target plan (e.g. `"pro-monthly"`).
+       * @returns A projected `Wallet` representing the hypothetical post-change
+       *   state — **not** the caller's current wallet. Do not cache or use this
+       *   as live balance data. Call `wallet.get()` for authoritative state.
        */
       previewPlanChange: async (planSlug, options) => {
         return rb.execute(
@@ -7260,14 +7405,41 @@ function createBillingNamespace(rb) {
       /**
        * Change the workspace's subscription plan.
        *
+       * Two call signatures:
+       * - `changePlan(planSlug)` — fetches the wallet automatically (recommended)
+       * - `changePlan(walletId, planSlug)` — use when you already have the wallet ID
+       *
        * Upgrades charge a prorated amount immediately against the default payment
        * method. Downgrades are deferred to the end of the current billing period.
        * Use `previewPlanChange` first to show the user a cost estimate.
        *
-       * @param walletId - The wallet UUID from `wallet.get()`.
-       * @param planSlug - The slug of the target plan (e.g. `"pro-monthly"`).
+       * @example
+       * ```typescript
+       * // Simple form — no wallet ID needed
+       * await client.billing.wallet.changePlan("pro-monthly");
+       *
+       * // Explicit form — when walletId is already known
+       * await client.billing.wallet.changePlan(wallet.id, "pro-monthly");
+       * ```
        */
-      changePlan: async (walletId, planSlug, options) => {
+      changePlan: async (walletIdOrSlug, planSlugOrOptions, options) => {
+        let walletId;
+        let planSlug;
+        let reqOptions;
+        if (typeof planSlugOrOptions === "string") {
+          walletId = walletIdOrSlug;
+          planSlug = planSlugOrOptions;
+          reqOptions = options;
+        } else {
+          const wallet = await rb.execute(
+            getWallet,
+            {},
+            planSlugOrOptions
+          );
+          walletId = wallet.id;
+          planSlug = walletIdOrSlug;
+          reqOptions = planSlugOrOptions;
+        }
         return rb.execute(
           patchWalletPlan,
           {
@@ -7279,7 +7451,7 @@ function createBillingNamespace(rb) {
               }
             }
           },
-          options
+          reqOptions
         );
       },
       /**
@@ -7748,8 +7920,12 @@ function createBillingNamespace(rb) {
        * const client = new GptClient({ apiKey: 'sk_app_...' });
        *
        * const method = await client.billing.paymentMethods.create({
-       *   token: 'tok_visa_4242',
-       *   billing_name: 'Acme Corp',
+       *   provider_token: 'tok_visa_4242',
+       *   type: 'card',
+       *   last4: '4242',
+       *   exp_month: 12,
+       *   exp_year: 2027,
+       *   brand: 'Visa',
        * });
        * console.log(`Added card ending in ${method.last4}`);
        * ```
@@ -7764,14 +7940,21 @@ function createBillingNamespace(rb) {
       /**
        * Tokenizes a raw card server-side and saves the resulting payment method.
        *
-       * Use this for direct card collection flows where your server handles card
-       * data (PCI-DSS scope applies). The platform tokenizes the card with QorPay
-       * and stores only the token — raw card data is never persisted.
+       * @remarks **SERVER-SIDE ONLY — PCI-DSS.**
+       * This method transmits raw card numbers (`card_number`, `cvc`) over the
+       * network. It **must only be called from a trusted server context** (Node.js,
+       * server-side rendering). Calling this method from browser/client-side code
+       * (React, Vue, browser fetch) is a **PCI-DSS violation** — raw card numbers
+       * must never pass through browser memory or JavaScript bundles.
+       *
+       * For browser flows, use the payment provider's hosted fields iframe to tokenize
+       * on the client side, then call `paymentMethods.create({ provider_token })` instead.
        *
-       * For hosted-fields flows where the client tokenizes the card, use
-       * `paymentMethods.create({ provider_token })` instead.
+       * The platform forwards `cardDetails` to the payment gateway over TLS and stores
+       * only the resulting token — raw card data is never persisted.
        *
-       * @param cardDetails - Raw card fields including number, CVC, expiry, and billing address.
+       * @param cardDetails - Raw PCI-sensitive card fields. All fields must be treated
+       *   as sensitive: do not log, serialize, or pass through error reporters.
        */
       tokenize: async (cardDetails, options) => {
         return rb.execute(
@@ -16205,8 +16388,12 @@ function createIdentityNamespace(rb, baseUrl) {
       );
     },
     /** Resend confirmation email to an unconfirmed user */
-    resendConfirmation: async (options) => {
-      return rb.execute(postUsersAuthResendConfirmation, {}, options);
+    resendConfirmation: async (email, options) => {
+      return rb.execute(
+        postUsersAuthResendConfirmation,
+        { body: { data: { type: "user", attributes: { email } } } },
+        options
+      );
     },
     /** Confirm an email address using the token from the confirmation email */
     confirmEmail: async (email, confirmationToken, options) => {
@@ -16247,7 +16434,7 @@ function createIdentityNamespace(rb, baseUrl) {
     requestPasswordReset: async (email, options) => {
       RequestPasswordResetSchema.parse({ email });
       return rb.execute(
-        postUsersAuthResetPasswordRequest,
+        patchUsersAuthResetPassword,
         {
           body: {
             data: { type: "user", attributes: { email } }
@@ -17125,7 +17312,7 @@ function createPlatformNamespace(rb) {
        */
       update: async (id, attributes, options) => {
         return rb.execute(
-          patchApplicationsByIdAllocateCredits,
+          patchApplicationsById,
           {
             path: { id },
             body: { data: { id, type: "application", attributes } }
@@ -17172,7 +17359,7 @@ function createPlatformNamespace(rb) {
        * ```
        */
       readCurrent: async (options) => {
-        return rb.execute(postApplications, {}, options);
+        return rb.execute(getApplicationsCurrent, {}, options);
       }
     },
     /**
@@ -17183,6 +17370,21 @@ function createPlatformNamespace(rb) {
      * ISVs provision tenants when onboarding new customers.
      */
     tenants: {
+      /**
+       * List all tenants (paginated).
+       *
+       * Returns tenants accessible to the current actor (application-scoped).
+       *
+       * @param options - Optional page number, page size, and request options.
+       * @returns A page of `Tenant` records.
+       */
+      list: async (options) => {
+        return rb.execute(
+          getTenants,
+          buildPageQuery(options?.page, options?.pageSize),
+          options
+        );
+      },
       /**
        * List document statistics for tenants (paginated).
        *
@@ -17199,30 +17401,35 @@ function createPlatformNamespace(rb) {
        * stats.forEach(s => console.log(s.attributes?.document_count));
        * ```
        */
-      listDocumentStats: async (options) => {
+      listDocumentStats: async (tenantId, options) => {
         return rb.execute(
           getTenantsByTenantIdDocumentStats,
-          buildPageQuery(options?.page, options?.pageSize),
+          {
+            path: { tenant_id: tenantId },
+            ...buildPageQuery(options?.page, options?.pageSize)
+          },
           options
         );
       },
       /**
        * List all document statistics for tenants, auto-paginating.
        *
+       * @param tenantId - The UUID of the tenant.
        * @param options - Optional request options.
        * @returns All tenant document stat records as a flat array.
        *
        * @example
        * ```typescript
        * const client = new GptClient({ apiKey: 'sk_app_...' });
-       * const allStats = await client.platform.tenants.listAllDocumentStats();
+       * const allStats = await client.platform.tenants.listAllDocumentStats('tenant_abc123');
        * ```
        */
-      listAllDocumentStats: async (options) => {
+      listAllDocumentStats: async (tenantId, options) => {
         return paginateToArray(
           rb.createPaginatedFetcher(
             getTenantsByTenantIdDocumentStats,
             (page, pageSize) => ({
+              path: { tenant_id: tenantId },
               query: { page: { number: page, size: pageSize } }
             }),
             options
@@ -17247,10 +17454,15 @@ function createPlatformNamespace(rb) {
        * console.log(tenant.attributes?.credit_balance);
        * ```
        */
-      credit: async (id, options) => {
+      credit: async (id, amount, description, options) => {
+        const attributes = { amount };
+        if (description !== void 0) attributes.description = description;
         return rb.execute(
           postTenantsByIdCredit,
-          { path: { id }, body: {} },
+          {
+            path: { id },
+            body: { data: { type: "tenant", attributes } }
+          },
           options
         );
       },
@@ -17358,24 +17570,6 @@ function createPlatformNamespace(rb) {
         );
       },
       /**
-       * Add a payment method to a tenant via raw details (server-to-server proxy).
-       *
-       * Proxies payment method registration to the underlying payment provider
-       * on behalf of the tenant. Used in server-side flows where the payment
-       * form is embedded by the ISV rather than the platform.
-       *
-       * @param options - Optional request options.
-       * @returns The updated `Tenant` with new payment method reference.
-       *
-       * @example
-       * ```typescript
-       * const client = new GptClient({ apiKey: 'sk_app_...' });
-       * const tenant = await client.platform.tenants.addPaymentMethod();
-       * ```
-       */
-      addPaymentMethod: async (options) => {
-        return rb.execute(postTenantsIsv, {}, options);
-      },
       /**
        * Retrieve a single tenant by its ID.
        *
@@ -17392,6 +17586,33 @@ function createPlatformNamespace(rb) {
        */
       get: async (id, options) => {
         return rb.execute(getTenantsById, { path: { id } }, options);
+      },
+      /**
+       * Transfer ownership of a tenant to another admin member.
+       *
+       * The new owner must already be a tenant admin. The previous owner
+       * retains their admin role. Cannot be used on personal tenants.
+       *
+       * @param tenantId - The UUID of the tenant to transfer.
+       * @param newOwnerId - The UUID of the user to become the new owner.
+       * @param options - Optional request options.
+       * @returns The updated `Tenant`.
+       */
+      transferOwnership: async (tenantId, newOwnerId, options) => {
+        return rb.execute(
+          patchTenantsById,
+          {
+            path: { id: tenantId },
+            body: {
+              data: {
+                id: tenantId,
+                type: "tenant",
+                attributes: { new_owner_id: newOwnerId }
+              }
+            }
+          },
+          options
+        );
       }
     },
     /**
@@ -17399,22 +17620,63 @@ function createPlatformNamespace(rb) {
      */
     invitations: {
       /**
-       * Delete (revoke) the current user's pending invitation.
+       * Accept a pending invitation (authenticated user flow).
        *
-       * Removes the invitation so it can no longer be accepted or declined.
-       * Typically used by the inviting party to cancel an outstanding invite.
+       * Accepts an invitation the current user received, creating
+       * the appropriate membership records.
        *
+       * @param id - The UUID of the invitation to accept.
        * @param options - Optional request options.
-       * @returns `true` on successful deletion.
+       * @returns The updated `Invitation`.
+       */
+      accept: async (id, options) => {
+        return rb.execute(
+          patchInvitationsByIdAccept,
+          {
+            path: { id },
+            body: { data: { id, type: "invitation", attributes: {} } }
+          },
+          options
+        );
+      },
+      /**
+       * Decline a pending invitation.
        *
-       * @example
-       * ```typescript
-       * const client = new GptClient({ apiKey: 'sk_app_...' });
-       * await client.platform.invitations.delete();
-       * ```
+       * The invitation status is set to `:declined` and no membership is created.
+       *
+       * @param id - The UUID of the invitation to decline.
+       * @param options - Optional request options.
+       * @returns The updated `Invitation`.
        */
-      delete: async (options) => {
-        return rb.executeDelete(getInvitationsMe, { path: {} }, options);
+      decline: async (id, options) => {
+        return rb.execute(
+          patchInvitationsByIdDecline,
+          {
+            path: { id },
+            body: { data: { id, type: "invitation", attributes: {} } }
+          },
+          options
+        );
+      },
+      /**
+       * Revoke a pending invitation (inviter flow).
+       *
+       * Cancels the invitation so it can no longer be accepted or declined.
+       * Callable by the original inviter or a tenant admin.
+       *
+       * @param id - The UUID of the invitation to revoke.
+       * @param options - Optional request options.
+       * @returns The updated `Invitation`.
+       */
+      revoke: async (id, options) => {
+        return rb.execute(
+          patchInvitationsByIdRevoke,
+          {
+            path: { id },
+            body: { data: { id, type: "invitation", attributes: {} } }
+          },
+          options
+        );
       },
       /**
        * List pending invitations for the currently authenticated user (paginated).
@@ -17493,31 +17755,119 @@ function createPlatformNamespace(rb) {
         );
       },
       /**
-       * Update an invitation (e.g., decline it).
+      /**
+       * Resend an invitation email with a refreshed token and new 7-day expiry.
        *
-       * Used by the invited user to respond to an invitation. Pass
-       * `{ status: "declined" }` in attributes to decline. Accepting
-       * an invitation is handled separately through the acceptance flow.
+       * Only pending invitations can be resent. Generates a new token (invalidating
+       * the old one) and re-sends the invitation email. Callable by the original
+       * inviter or the tenant owner.
        *
-       * @param id - The UUID of the invitation to update.
-       * @param attributes - Attribute map, typically `{ status: "declined" }`.
+       * @param id - The UUID of the invitation to resend.
        * @param options - Optional request options.
        * @returns The updated `Invitation`.
        *
        * @example
        * ```typescript
        * const client = new GptClient({ apiKey: 'sk_app_...' });
-       * const invite = await client.platform.invitations.update('inv_abc123', {
-       *   status: 'declined',
-       * });
+       * await client.platform.invitations.resend('inv_abc123');
        * ```
        */
-      update: async (id, attributes, options) => {
+      resend: async (id, applicationId, options) => {
         return rb.execute(
-          patchInvitationsByIdDecline,
+          patchInvitationsByIdResend,
           {
             path: { id },
-            body: { data: { id, type: "invitation", attributes } }
+            body: {
+              data: {
+                id,
+                type: "invitation",
+                ...applicationId ? { attributes: { application_id: applicationId } } : {}
+              }
+            }
+          },
+          options
+        );
+      },
+      /**
+       * Look up a pending invitation by its raw token.
+       *
+       * Call this on the `/invite/:token` landing page to display invitation
+       * details before the user accepts. Returns the full invitation record
+       * including `email` (to pre-fill the register form), `role`, `scope_type`,
+       * `scope_id`, `tenant_id`, `expires_at`, and the `inviter` relationship
+       * (pass `include=inviter` via request options to embed inviter email).
+       *
+       * Returns `null` if the token is invalid, already used, or expired —
+       * there is no partial response for consumed tokens.
+       *
+       * **Note:** The response does not include the workspace or tenant name.
+       * Fetch it separately using `platform.workspaces.get(scope_id)` or
+       * `platform.tenants.get(scope_id)` based on `scope_type`.
+       *
+       * @param token - The raw invitation token from the email link (`/invite/:token`).
+       * @param options - Optional request options (e.g., `{ headers: { include: 'inviter' } }`).
+       * @returns The pending `Invitation` record, or `null` if not found.
+       *
+       * @example
+       * ```typescript
+       * // On your /invite/:token page
+       * const invite = await client.platform.invitations.consumeByToken(token);
+       * if (!invite) {
+       *   // Token expired or already used
+       *   return redirect('/invite/expired');
+       * }
+       * // Pre-fill form
+       * setEmail(invite.attributes?.email);
+       * setRole(invite.attributes?.role);
+       * ```
+       */
+      consumeByToken: async (token, options) => {
+        try {
+          return await rb.execute(
+            getInvitationsConsumeByToken,
+            { path: { token } },
+            options
+          );
+        } catch {
+          return null;
+        }
+      },
+      /**
+       * Accept a pending invitation using only the raw token.
+       *
+       * Call this after the user is authenticated (either via `registerViaInvitation`
+       * or an existing account login). The platform validates the token, creates or
+       * upgrades the user's `TenantMembership` and `WorkspaceMembership`, and returns
+       * the accepted invitation.
+       *
+       * For new users: `registerViaInvitation` accepts the invitation atomically —
+       * do NOT call `acceptByToken` again after registration. Only call this for
+       * existing users accepting a new invite after sign-in.
+       *
+       * @param token - The raw invitation token from the email link.
+       * @param options - Optional request options.
+       * @returns The accepted `Invitation` with `scope_id` and `tenant_id` populated.
+       *
+       * @example
+       * ```typescript
+       * // Existing user accepting an invite after login
+       * const accepted = await client.platform.invitations.acceptByToken(token);
+       * const workspaceId = accepted.attributes?.scope_type === 'workspace'
+       *   ? accepted.attributes?.scope_id
+       *   : null;
+       * const tenantId = accepted.attributes?.tenant_id;
+       * ```
+       */
+      acceptByToken: async (token, options) => {
+        return rb.execute(
+          postInvitationsAcceptByToken,
+          {
+            body: {
+              data: {
+                type: "invitation",
+                attributes: { token }
+              }
+            }
           },
           options
         );
@@ -17560,6 +17910,42 @@ function createPlatformNamespace(rb) {
           options
         );
       },
+      /**
+       * List workspace members with user profile data (name, email, avatar) included.
+       *
+       * Equivalent to `list()` with `?include=user,user.profile` appended. Each
+       * membership in the response will have `relationships.user` and nested
+       * `user.relationships.profile` populated in the JSON:API `included` array.
+       *
+       * The `RequestBuilder` flattens included relationships automatically, so
+       * each membership object will have `user` and `user.profile` accessible.
+       *
+       * @param workspaceId - The UUID of the workspace to list members for.
+       * @param options - Optional page number, page size, and request options.
+       * @returns A page of `WorkspaceMembership` records with embedded user + profile.
+       *
+       * @example
+       * ```typescript
+       * const members = await client.platform.workspaceMembers.listWithProfiles('ws_abc123');
+       * members.forEach(m => {
+       *   console.log(m.attributes?.user_id, m.attributes?.role);
+       *   // Profile fields come from included relationships
+       * });
+       * ```
+       */
+      listWithProfiles: async (workspaceId, options) => {
+        return rb.execute(
+          getWorkspaceMemberships,
+          {
+            query: {
+              filter: { workspace_id: workspaceId },
+              include: "user,user.profile",
+              ...buildPageQuery(options?.page, options?.pageSize)?.query
+            }
+          },
+          options
+        );
+      },
       /**
        * Retrieve the membership record for a specific user within a workspace.
        *
@@ -17579,8 +17965,9 @@ function createPlatformNamespace(rb) {
        * ```
        */
       get: async (workspaceId, memberId, options) => {
-        return rb.rawGet(
-          `/workspace-memberships/${workspaceId}/${memberId}`,
+        return rb.execute(
+          getWorkspaceMembershipsByWorkspaceIdByUserId,
+          { path: { workspace_id: workspaceId, user_id: memberId } },
           options
         );
       },
@@ -17811,6 +18198,95 @@ function createPlatformNamespace(rb) {
           options
         );
       }
+    },
+    /**
+     * Tenant Members — manage tenant-level membership (org roles).
+     *
+     * TenantMembership records represent a user's role within a tenant.
+     * Roles are either `"admin"` or `"member"`.
+     */
+    tenantMembers: {
+      /**
+       * List members of a tenant (paginated).
+       *
+       * @param tenantId - The UUID of the tenant.
+       * @param options - Optional page number, page size, and request options.
+       * @returns A page of `TenantMembership` records.
+       */
+      list: async (tenantId, options) => {
+        return rb.execute(
+          getTenantMemberships,
+          {
+            query: {
+              filter: { tenant_id: tenantId },
+              ...buildPageQuery(options?.page, options?.pageSize).query
+            }
+          },
+          options
+        );
+      },
+      /**
+       * Add a user to a tenant with the given role.
+       *
+       * @param tenantId - The UUID of the tenant.
+       * @param userId - The UUID of the user to add.
+       * @param role - The role to assign (`"admin"` or `"member"`).
+       * @param options - Optional request options.
+       * @returns The created `TenantMembership`.
+       */
+      create: async (tenantId, userId, role, options) => {
+        return rb.execute(
+          postTenantMemberships,
+          {
+            body: {
+              data: {
+                type: "tenant_membership",
+                attributes: { tenant_id: tenantId, user_id: userId, role }
+              }
+            }
+          },
+          options
+        );
+      },
+      /**
+       * Change a member's role within a tenant.
+       *
+       * @param tenantId - The UUID of the tenant.
+       * @param userId - The UUID of the user.
+       * @param role - The new role (`"admin"` or `"member"`).
+       * @param options - Optional request options.
+       * @returns The updated `TenantMembership`.
+       */
+      updateRole: async (tenantId, userId, role, options) => {
+        return rb.execute(
+          patchTenantMembershipsByTenantIdByUserId,
+          {
+            path: { tenant_id: tenantId, user_id: userId },
+            body: {
+              data: {
+                type: "tenant_membership",
+                attributes: { role }
+              }
+            }
+          },
+          options
+        );
+      },
+      /**
+       * Remove a user from a tenant.
+       *
+       * @param tenantId - The UUID of the tenant.
+       * @param userId - The UUID of the user to remove.
+       * @param options - Optional request options.
+       * @returns `true` on success.
+       */
+      remove: async (tenantId, userId, options) => {
+        return rb.executeDelete(
+          deleteTenantMembershipsByTenantIdByUserId,
+          { path: { tenant_id: tenantId, user_id: userId } },
+          options
+        );
+      }
     }
   };
 }
@@ -18099,6 +18575,42 @@ function createSchedulingNamespace(rb) {
           },
           options
         );
+      },
+      /**
+       * List events that include a specific participant by email.
+       *
+       * Use this to retrieve all sessions for a client (e.g., all appointments
+       * for a given patient). Filters events in the workspace where a Participant
+       * record with the given email exists.
+       *
+       * @param email - The participant's email address to filter by.
+       * @param workspaceId - The workspace to scope the query to.
+       * @param options - Optional page number, page size, and request options.
+       * @returns A flat array of `SchedulingEvent` records.
+       *
+       * @example
+       * ```typescript
+       * const client = new GptClient({ apiKey: 'sk_app_...' });
+       * const sessions = await client.scheduling.events.listByParticipant(
+       *   'patient@example.com',
+       *   workspaceId,
+       * );
+       * sessions.forEach(s => console.log(s.attributes?.start_time, s.attributes?.status));
+       * ```
+       */
+      listByParticipant: async (email, workspaceId, options) => {
+        return rb.execute(
+          getSchedulingEventsByParticipant,
+          {
+            query: {
+              email,
+              workspace_id: workspaceId,
+              ...options?.pageSize && { "page[size]": options.pageSize },
+              ...options?.page && { "page[number]": options.page }
+            }
+          },
+          options
+        );
       }
     },
     /**
@@ -18659,6 +19171,91 @@ function createSchedulingNamespace(rb) {
           options
         );
       }
+    },
+    /**
+     * Session Notes — clinical notes per appointment, stored in DataStore.
+     *
+     * Notes are keyed by `{eventId}:{noteType}` under the `sessions` namespace.
+     * Each event supports up to 4 note types: `adime`, `soap`, `goals`, `email`.
+     *
+     * Notes are versioned automatically by DataStore — each `upsert` increments
+     * the version counter. Full version history retrieval requires a future
+     * DataStore enhancement.
+     *
+     * @example
+     * ```typescript
+     * const client = new GptClient({ apiKey: 'sk_app_...' });
+     *
+     * // Read an ADIME note
+     * const note = await client.scheduling.sessionNotes.get(sessionId, 'adime');
+     * console.log(note?.attributes?.value?.content);
+     *
+     * // Write/update a SOAP note
+     * await client.scheduling.sessionNotes.upsert(sessionId, 'soap', {
+     *   content: 'S: Patient reports...',
+     *   reviewed_by_user_id: currentUserId,
+     *   reviewed_at: new Date().toISOString(),
+     * });
+     * ```
+     */
+    sessionNotes: {
+      /**
+       * Get the current version of a session note.
+       *
+       * Returns `null` if no note of this type exists for the event yet.
+       *
+       * @param eventId - The UUID of the scheduling event (session).
+       * @param noteType - The note type: `"adime"`, `"soap"`, `"goals"`, or `"email"`.
+       * @param workspaceId - The workspace UUID. Required for application-scoped API keys.
+       * @param options - Optional request options.
+       * @returns The `DataStoreRecord`, or `null` if not found.
+       */
+      get: async (eventId, noteType, workspaceId, options) => {
+        const results = await rb.execute(
+          getDataStoreRecordsByNamespace,
+          {
+            query: {
+              workspace_id: workspaceId,
+              namespace: "sessions",
+              "filter[record_key]": `${eventId}:${noteType}`
+            }
+          },
+          options
+        );
+        return results.length > 0 ? results[0] ?? null : null;
+      },
+      /**
+       * Create or update a session note (auto-versions on update).
+       *
+       * If the note does not exist, it is created. If it exists, its value
+       * is replaced and the version counter is incremented.
+       *
+       * @param eventId - The UUID of the scheduling event (session).
+       * @param noteType - The note type: `"adime"`, `"soap"`, `"goals"`, or `"email"`.
+       * @param workspaceId - The workspace UUID. Required for application-scoped API keys.
+       * @param value - The note content and optional metadata.
+       * @param options - Optional request options.
+       * @returns The upserted `DataStoreRecord`.
+       */
+      upsert: async (eventId, noteType, workspaceId, value, options) => {
+        return rb.execute(
+          postDataStoreRecordsUpsert,
+          {
+            body: {
+              data: {
+                type: "data_store_record",
+                attributes: {
+                  namespace: "sessions",
+                  record_key: `${eventId}:${noteType}`,
+                  workspace_id: workspaceId,
+                  value
+                }
+              }
+            }
+          },
+          options
+        );
+      }
     }
   };
 }
@@ -22529,6 +23126,7 @@ var Webhooks = class _Webhooks {
   AuthenticationError,
   AuthorizationError,
   BrowserApiKeyError,
+  CardDeclinedError,
   ConflictError,
   DEFAULT_API_VERSION,
   DEFAULT_RETRY_CONFIG,
@@ -22538,12 +23136,14 @@ var Webhooks = class _Webhooks {
   LOG_LEVELS,
   NetworkError,
   NotFoundError,
+  PaymentRequiredError,
   RateLimitError,
   RequestBuilder,
   RetryTimeoutError,
   SDK_VERSION,
   SdkEventEmitter,
   ServerError,
+  SubscriptionConflictError,
   TimeoutError,
   ValidationError,
   WebhookSignatureError,