@hiofu/apply-sdk 0.1.3 → 0.1.5

package/README.md

@@ -1,43 +1,24 @@
 # @hiofu/apply-sdk
 
-Browser SDK for HIOFU's Apply with HSP1 flow.
+Browser SDK for the HIOFU Apply flow.
 
-It gives partner job boards, ATS products, and employer career sites a full candidate handoff flow:
+It gives job boards, ATS products, and employer career sites a full candidate handoff flow:
 
 - OAuth 2.0 Authorization Code with PKCE
 - consented HSP1 variation review inside the popup
 - immutable application snapshot creation
 - idempotent application submission to HIOFU
-- structured response payload for immediate partner-side handling
+- structured response payload for immediate handling
 
 ## Install
 
-The SDK is a private package. Partners must be granted registry access before
-installing it.
-
-```sh
-npm config set @hiofu:registry https://registry.npmjs.org/
-npm config set //registry.npmjs.org/:_authToken $HIOFU_NPM_TOKEN
-```
-
 ```sh
 npm install @hiofu/apply-sdk
 ```
 
-### Private preview (if not public yet)
-
-If you received a private access token from HIOFU, add it to your project-level `.npmrc` so `npm install` can fetch the package:
-
-```ini
-//registry.npmjs.org/:_authToken=${NPM_TOKEN}
-@hiofu:registry=https://registry.npmjs.org/
-```
-
-Then install as usual (with `NPM_TOKEN` set in your environment or CI).
-
 ## Quick Start
 
-Use sandbox keys for fake CV/HSP1 testing and live keys only after Hiofu grants
+Use sandbox keys for testing and live keys only after HIOFU grants
 production access.
 
 ```ts
@@ -48,7 +29,7 @@ const hiofu = createApplyClient({
   publicKey: "pk_test_xxx",
   redirectUri: "https://jobs.example.com/oauth/callback.html",
   onComplete(result) {
-    console.log(result.applicationId, result.status);
+    console.log(result.application.id, result.application.status);
   },
   onError(error) {
     console.error(error.code, error.correlationId, error.message);
@@ -56,28 +37,31 @@ const hiofu = createApplyClient({
 });
 
 const result = await hiofu.apply({
-  externalJobId: "job_123",
-  externalEmployerId: "emp_456",
+  jobId: "job_123",
+  jobTitle: "Senior Engineer",
+  employerId: "emp_456",
+  employerName: "Acme Inc",
   role: {
+    externalRoleId: "job_123",
+    externalEmployerId: "emp_456",
     title: "Senior Engineer",
     locations: ["London", "Remote"],
-    dimensions: { department: "Engineering" },
+    metadata: { department: "Engineering" },
   },
   idempotencyKey: "apply_attempt_01JXYZ...",
 });
 
-console.log(result.applicationId);
-console.log(result.hiofuRoleId);
-console.log(result.raw.snapshot);
+console.log(result.application.id);
+console.log(result.snapshot?.trustBand);
 ```
 
 ## Configuration
 
-`createApplyClient` is the recommended partner API. It resolves the correct Hiofu URLs from `environment` and rejects key/environment mismatches before opening the popup.
+`createApplyClient` is the recommended API. It resolves the correct HIOFU URLs from `environment` and rejects key/environment mismatches before opening the popup.
 
 - `environment` (required): `sandbox` or `production`.
 - `publicKey` (required): Your publishable key, e.g. `pk_test_…` or `pk_live_…`.
-- `redirectUri` (required): One of your registered, partner-owned callback URLs.
+- `redirectUri` (required): One of your registered callback URLs.
 - `storage` (default `memory`): Token storage, either `memory` (cleared on reload) or `session` (persists the access token for the browser session; refresh tokens are not persisted in browser storage).
 - `scopes` / `applyScopes` (optional): Default scopes for `authorize()` / `apply()`.
 - `popupOptions.timeoutMs` (default 300_000): Popup wait limit in milliseconds.
@@ -88,6 +72,84 @@ console.log(result.raw.snapshot);
 
 `HiofuClient` remains available as the lower-level compatibility API using `clientId`, `hiofuOrigin`, and `apiBase`.
 
+## Manage Setup From The SDK
+
+If your team prefers automation over the HIOFU Developer settings UI,
+the same setup actions are available from the management client.
+
+Use this from your backend or internal tooling. The access token should
+stay on trusted infrastructure.
+
+```ts
+import { createManagementClient } from "@hiofu/apply-sdk";
+
+const management = createManagementClient({
+  apiBase: "https://api.sandbox.hiofu.com/api", // or production
+  accessToken: process.env.HIOFU_EMPLOYER_ACCESS_TOKEN,
+});
+```
+
+### Create the destination role
+
+```ts
+const role = await management.createRole({
+  title: "Senior Engineer",
+  department: "Engineering",
+  description: "Role description from your system.",
+  locations: ["London", "Remote"],
+});
+
+await management.updateRoleStatus(role.id, "hiring");
+```
+
+### Issue the publishable key, register the callback, and save the route
+
+```ts
+await management.issuePublishableKey();
+
+await management.addRedirectUri({
+  mode: "test",
+  uri: "https://jobs.example.com/oauth/callback-shim.html",
+});
+
+await management.saveRoleMapping({
+  mode: "test",
+  externalRoleId: "job_123",
+  employerRoleId: role.id,
+});
+```
+
+### Update or remove setup later
+
+```ts
+await management.updateRole(role.id, {
+  title: "Senior Platform Engineer",
+  description: "Updated role description from your system.",
+});
+
+await management.updateRoleStatus(role.id, "hiring");
+
+await management.removeRedirectUri("redirect_uri_id_from_hiofu");
+```
+
+### Read the current saved configuration
+
+```ts
+const settings = await management.getDeveloperSettings();
+
+console.log(settings.environments);
+```
+
+The management client covers the same setup steps exposed in the
+HIOFU Developer settings UI:
+
+- create roles
+- update role status
+- issue publishable keys
+- register or remove callback URIs
+- save job/page route mappings
+- read the current environment configuration
+
 ### Sandbox vs Production
 
 Switch environments by key and base URLs. The SDK rejects mismatches before
@@ -148,9 +210,8 @@ function ApplyButton() {
 }
 ```
 
-`HiofuApplyButton` ships the three canonical variants from the partner example:
-`primary`, `secondary`, and `ghost`. Use `useHiofuApply()` only when you need a
-fully custom button or status layout.
+`HiofuApplyButton` ships three variants: `primary`, `secondary`, and `ghost`.
+Use `useHiofuApply()` only when you need a fully custom button or status layout.
 
 ### Error-aware button UX
 
@@ -218,31 +279,31 @@ function ApplyButton() {
 
 ## Environments
 
-| Mode | Client ID | Hiofu origin | API base |
+| Mode | Client ID | HIOFU origin | API base |
 | --- | --- | --- | --- |
 | Sandbox | `pk_test_*` | `https://sandbox.hiofu.com` | `https://api.sandbox.hiofu.com/api` |
 | Production | `pk_live_*` | `https://hiofu.com` | `https://api.hiofu.com/api` |
 
-`pk_test_*` is for fake sandbox data only. `pk_live_*` is for live candidate
-and employer data after Hiofu production approval.
+`pk_test_*` is for sandbox data only. `pk_live_*` is for live candidate
+and employer data after HIOFU grants production access.
 
-## Role Capture
+## Role Routing
 
-Partners should pass their own stable role identifiers in `role`. Before going
-live, map each partner role/page ID to the destination Hiofu HMD role in
-Hiofu developer settings:
+Keep sending the same job or page ID your own system already uses. Before
+going live, save a route from that ID to the destination HIOFU role — either
+in the Developer settings UI or with the management client:
 
 ```text
-partner job/page ID -> Hiofu HMD role
+your job/page ID -> HIOFU role
 ```
 
-For direct employer integrations, Hiofu derives the employer/workspace side
-from the API key. Marketplace partners that submit jobs for many employers can
-also pass `role.externalEmployerId` to disambiguate IDs.
+For single-employer integrations, HIOFU derives the workspace from the
+publishable key. If your site routes jobs for multiple employers, also pass
+`role.externalEmployerId` to disambiguate.
 
-The SDK should keep sending the partner job/page ID, not the internal Hiofu role ID.
-If no mapping exists for the current environment, the API rejects the submit
-request with a role mapping error and no application is created.
+The SDK should always send your own job/page ID, not the internal HIOFU
+role ID. If no route exists for the current environment, the API rejects
+the submission with a routing error and no application is created.
 
 ```ts
 await hiofu.apply({
@@ -254,7 +315,7 @@ await hiofu.apply({
     externalRoleId: "job_123",
     externalEmployerId: "emp_456",
     title: "Senior Engineer",
-    description: "Build user-facing product surfaces.",
+    description: "Role description from your system.",
     locations: ["London", "Remote"],
   },
 });
@@ -262,7 +323,7 @@ await hiofu.apply({
 
 ## Callback Handling
 
-Register a partner-owned callback page (e.g. `https://jobs.example.com/oauth/callback.html`) in your HIOFU partner settings. Do not register callback URLs on domains you do not control. The page should relay the OAuth result back to the opener. Minimal example:
+Register your callback page (e.g. `https://jobs.example.com/oauth/callback.html`) in HIOFU Developer settings. Do not register callback URLs on domains you do not control. The page should relay the OAuth result back to the opener. Minimal example:
 
 ```html
 <!doctype html>
@@ -270,7 +331,7 @@ Register a partner-owned callback page (e.g. `https://jobs.example.com/oauth/cal
   <meta charset="UTF-8" />
   <title>Returning…</title>
   <body>
-    Returning you to the partner site…
+    Returning to the application…
     <script>
       (() => {
         const p = new URLSearchParams(window.location.search);
@@ -309,11 +370,11 @@ Register a partner-owned callback page (e.g. `https://jobs.example.com/oauth/cal
 
 ## Scopes
 
-- `profile.basic`: minimal profile summary intended for partner-side apply UX
+- `profile.basic`: minimal profile summary for your apply UX
 - `profile.full`: sanitised HSP1 profile summary including skills and redacted work/education history
 - `evidence.read`: evidence titles, types, and aggregate trust signals
 - `applications.write`: submit an application on the candidate's behalf
-- `passport.snapshot`: create and return an immutable, partner-safe hiring snapshot with summary previews
+- `passport.snapshot`: create and return an immutable hiring snapshot with summary previews
 
 ## Apply Flow Behaviour
 
@@ -327,18 +388,18 @@ If no `variationId` is passed, the popup asks the candidate which HSP1 view to s
 Returned payload highlights:
 
 - `application`: the HIOFU application record
-- `sharedView`, `versionNumber`, and `snapshot`: immutable snapshot context plus safe hiring previews
-- `profile`, `evidence`, `snapshot`: minimised partner-consumable response data based on granted scopes
+- `sharedView`, `versionNumber`, and `snapshot`: immutable snapshot context plus hiring previews
+- `profile`, `evidence`, `snapshot`: response data based on granted scopes
 - `delivery`: whether HIOFU also queued webhook delivery or returned response-only data
 - `idempotencyKey`: the exact key used for this apply attempt
 
 ## Security Notes
 
-- Register a partner-owned callback page like `https://jobs.example.com/oauth/callback.html` and pass it explicitly as `redirectUri`; never use domains you do not control.
-- Browser integrations receive a short-lived access token only through the SDK runtime. Refresh tokens are never exposed to partner UI code.
-- The SDK does not inject third-party fonts or global styles into partner pages. Keep typography ownership inside your app shell.
+- Register your callback page (e.g. `https://jobs.example.com/oauth/callback.html`) and pass it explicitly as `redirectUri`; never use domains you do not control.
+- Browser integrations receive a short-lived access token only through the SDK runtime. Refresh tokens are never exposed to your UI code.
+- The SDK does not inject third-party fonts or global styles into your pages. Keep typography ownership inside your app shell.
 - Do not log raw application payloads in production UIs.
-- Pass a stable partner-generated `idempotencyKey` when you already have an application-attempt identifier.
+- Pass a stable `idempotencyKey` when you already have an application-attempt identifier.
 - If you omit `idempotencyKey`, the SDK generates one for you and mirrors it into both the request header and body.
 - The SDK defaults to in-memory token storage. Only opt into session storage if your threat model explicitly allows it; session storage persists access tokens only and strips refresh tokens.
 - The popup times out after 5 minutes by default. Override `authorizeTimeoutMs` if your flow needs a different review window.
@@ -370,7 +431,7 @@ import {
 } from "@hiofu/apply-sdk";
 ```
 
-Examples in this repo load Geist explicitly. Production partner apps should choose their own font-loading strategy rather than relying on the SDK to inject one.
+Examples in this repo load Geist explicitly. Your app should use its own font-loading strategy rather than relying on the SDK to inject one.
 
 ## Examples
 
@@ -379,7 +440,7 @@ See [`partner-examples/`](../partner-examples) for working integrations: Next.js
 ## Errors
 
 - `HiofuConfigurationError`: Thrown before network requests when SDK config is invalid, including `hiofu.environment_mismatch`.
-- `HiofuApiError`: Thrown for HTTP errors from the partner API. Includes `status` and parsed `body` when available.
+- `HiofuApiError`: Thrown for HTTP errors from the HIOFU API. Includes `status` and parsed `body` when available.
 - Popup errors: "Popup blocked" (user agent blocks window.open), "Authorization timed out" (no result within `authorizeTimeoutMs`).
 
 ```ts

package/dist/{chunk-S5RLAIWP.js → chunk-MFY3F4OY.js}

@@ -885,7 +885,9 @@ function hiofuLogoSvg({
 }
 
 export {
+  DEFAULT_API_BASE,
   HiofuApiError,
+  jsonFetch,
   HiofuConfigurationError,
   HiofuPopupError,
   createRandomId,

package/dist/{client-BTGUPzt9.d.cts → client-Ct5xyQMk.d.cts}

@@ -257,6 +257,154 @@ type HiofuEvent = {
     type: "apply_error";
     error: Error;
 };
+interface HiofuManagementConfig {
+    /** Employer/admin bearer token from HIOFU. Keep this on your server or internal tool. */
+    accessToken?: string;
+    /** Override for sandbox or internal environments. Defaults to https://api.hiofu.com/api */
+    apiBase?: string;
+    /** Optional fetch credentials mode. Defaults to `include` when no access token is supplied. */
+    credentials?: RequestCredentials;
+    /** Optional shared headers for all management requests. */
+    headers?: HeadersInit;
+}
+type HiofuManagementEnvironmentMode = "test" | "live";
+type HiofuManagementRoleStatus = "draft" | "hiring" | "paused" | "closed";
+type HiofuManagementVerificationSensitivity = "low" | "medium" | "high";
+interface HiofuManagementPaginationMeta {
+    page: number;
+    limit: number;
+    total: number;
+    totalPages: number;
+    hasNext: boolean;
+    hasPrev: boolean;
+}
+interface HiofuManagementPaginatedResult<T> {
+    message: string;
+    data: T[];
+    meta: HiofuManagementPaginationMeta;
+}
+interface HiofuManagementRoleDimensionSkill {
+    name: string;
+    canonicalName?: string;
+    ontologyConceptId?: string;
+    ontologyId?: string;
+    ontologyFramework?: "lightcast" | "esco" | "sfia" | "onet" | "hiofu" | "custom";
+    ontologyVersion?: string;
+    importance: "required" | "preferred" | "nice_to_have";
+}
+interface HiofuManagementRoleDimension {
+    name: string;
+    weight: number;
+    skills: HiofuManagementRoleDimensionSkill[];
+}
+interface HiofuManagementRole {
+    id: string;
+    employerId: string;
+    title: string;
+    department: string | null;
+    description: string | null;
+    status: HiofuManagementRoleStatus;
+    dimensions: HiofuManagementRoleDimension[] | null;
+    verificationSensitivity: string;
+    locations: string[];
+    jobTypes: string[];
+    salaryMin: number | null;
+    salaryMax: number | null;
+    salaryCurrency: string | null;
+    experienceMin: number | null;
+    experienceMax: number | null;
+    createdAt: string;
+    updatedAt: string;
+}
+interface HiofuManagementRoleListItem extends HiofuManagementRole {
+    candidateCount: number;
+    avgMatch: number;
+    interviewCount: number;
+}
+interface HiofuManagementListRolesParams {
+    page?: number;
+    limit?: number;
+    search?: string;
+    status?: HiofuManagementRoleStatus;
+}
+interface HiofuManagementCreateRoleInput {
+    title: string;
+    department?: string;
+    description?: string;
+    dimensions?: HiofuManagementRoleDimension[];
+    verificationSensitivity?: HiofuManagementVerificationSensitivity;
+    locations?: string[];
+    jobTypes?: string[];
+    salaryMin?: number;
+    salaryMax?: number;
+    salaryCurrency?: string;
+    experienceMin?: number;
+    experienceMax?: number;
+}
+type HiofuManagementUpdateRoleInput = Partial<HiofuManagementCreateRoleInput>;
+interface HiofuManagementRoleMapping {
+    id: string;
+    externalEmployerId: string | null;
+    externalRoleId: string;
+    organizationId: string;
+    employerRoleId: string;
+    title: string;
+    description: string | null;
+    locations: string[];
+    isActive: boolean;
+    updatedAt: string;
+    employerRole: {
+        id: string;
+        title: string;
+        status: string;
+    } | null;
+}
+interface HiofuManagementRedirectUri {
+    id: string;
+    uri: string;
+    createdAt: string;
+}
+interface HiofuManagementEnvironment {
+    id: string;
+    mode: HiofuManagementEnvironmentMode;
+    clientId: string;
+    isActive: boolean;
+    totalApiCalls: number;
+    totalAuthorizations: number;
+    lastUsedAt: string | null;
+    redirectUris: HiofuManagementRedirectUri[];
+    roleMappings: HiofuManagementRoleMapping[];
+}
+interface HiofuManagementDeveloperSettings {
+    organization: {
+        organizationId: string;
+        organizationName: string | null;
+        organizationSlug: string | null;
+    };
+    partner: {
+        id: string;
+        name: string;
+        slug: string;
+        status: string;
+        allowedScopes: string[];
+        defaultScopes: string[];
+    } | null;
+    environments: HiofuManagementEnvironment[];
+}
+interface HiofuManagementSaveRoleMappingInput {
+    mode: HiofuManagementEnvironmentMode;
+    externalRoleId: string;
+    externalEmployerId?: string;
+    employerRoleId: string;
+    title?: string;
+    description?: string;
+    locations?: string[];
+    metadata?: Record<string, unknown>;
+}
+interface HiofuManagementAddRedirectUriInput {
+    mode: HiofuManagementEnvironmentMode;
+    uri: string;
+}
 
 declare const DEFAULT_AUTHORIZE_SCOPES: HiofuScope[];
 declare const DEFAULT_APPLY_SCOPES: HiofuScope[];
@@ -276,4 +424,4 @@ declare class HiofuClient {
     logout(): Promise<void>;
 }
 
-export { DEFAULT_APPLY_SCOPES as D, HiofuClient as H, type HiofuScope as a, type HiofuApplyResult as b, type HiofuConfig as c, type HiofuEvent as d, type HiofuApplyOptions as e, type HiofuTokenSet as f, DEFAULT_AUTHORIZE_SCOPES as g, type HiofuApplyRole as h, type HiofuPartner as i };
+export { DEFAULT_APPLY_SCOPES as D, HiofuClient as H, type HiofuScope as a, type HiofuApplyResult as b, type HiofuConfig as c, type HiofuEvent as d, type HiofuManagementConfig as e, type HiofuManagementListRolesParams as f, type HiofuManagementPaginatedResult as g, type HiofuManagementRoleListItem as h, type HiofuManagementRole as i, type HiofuManagementCreateRoleInput as j, type HiofuManagementUpdateRoleInput as k, type HiofuManagementRoleStatus as l, type HiofuManagementDeveloperSettings as m, type HiofuManagementSaveRoleMappingInput as n, type HiofuManagementAddRedirectUriInput as o, type HiofuApplyOptions as p, type HiofuTokenSet as q, DEFAULT_AUTHORIZE_SCOPES as r, type HiofuApplyRole as s, type HiofuManagementEnvironment as t, type HiofuManagementEnvironmentMode as u, type HiofuManagementRedirectUri as v, type HiofuManagementRoleDimension as w, type HiofuManagementRoleDimensionSkill as x, type HiofuManagementRoleMapping as y, type HiofuPartner as z };

package/dist/{client-BTGUPzt9.d.ts → client-Ct5xyQMk.d.ts}

@@ -257,6 +257,154 @@ type HiofuEvent = {
     type: "apply_error";
     error: Error;
 };
+interface HiofuManagementConfig {
+    /** Employer/admin bearer token from HIOFU. Keep this on your server or internal tool. */
+    accessToken?: string;
+    /** Override for sandbox or internal environments. Defaults to https://api.hiofu.com/api */
+    apiBase?: string;
+    /** Optional fetch credentials mode. Defaults to `include` when no access token is supplied. */
+    credentials?: RequestCredentials;
+    /** Optional shared headers for all management requests. */
+    headers?: HeadersInit;
+}
+type HiofuManagementEnvironmentMode = "test" | "live";
+type HiofuManagementRoleStatus = "draft" | "hiring" | "paused" | "closed";
+type HiofuManagementVerificationSensitivity = "low" | "medium" | "high";
+interface HiofuManagementPaginationMeta {
+    page: number;
+    limit: number;
+    total: number;
+    totalPages: number;
+    hasNext: boolean;
+    hasPrev: boolean;
+}
+interface HiofuManagementPaginatedResult<T> {
+    message: string;
+    data: T[];
+    meta: HiofuManagementPaginationMeta;
+}
+interface HiofuManagementRoleDimensionSkill {
+    name: string;
+    canonicalName?: string;
+    ontologyConceptId?: string;
+    ontologyId?: string;
+    ontologyFramework?: "lightcast" | "esco" | "sfia" | "onet" | "hiofu" | "custom";
+    ontologyVersion?: string;
+    importance: "required" | "preferred" | "nice_to_have";
+}
+interface HiofuManagementRoleDimension {
+    name: string;
+    weight: number;
+    skills: HiofuManagementRoleDimensionSkill[];
+}
+interface HiofuManagementRole {
+    id: string;
+    employerId: string;
+    title: string;
+    department: string | null;
+    description: string | null;
+    status: HiofuManagementRoleStatus;
+    dimensions: HiofuManagementRoleDimension[] | null;
+    verificationSensitivity: string;
+    locations: string[];
+    jobTypes: string[];
+    salaryMin: number | null;
+    salaryMax: number | null;
+    salaryCurrency: string | null;
+    experienceMin: number | null;
+    experienceMax: number | null;
+    createdAt: string;
+    updatedAt: string;
+}
+interface HiofuManagementRoleListItem extends HiofuManagementRole {
+    candidateCount: number;
+    avgMatch: number;
+    interviewCount: number;
+}
+interface HiofuManagementListRolesParams {
+    page?: number;
+    limit?: number;
+    search?: string;
+    status?: HiofuManagementRoleStatus;
+}
+interface HiofuManagementCreateRoleInput {
+    title: string;
+    department?: string;
+    description?: string;
+    dimensions?: HiofuManagementRoleDimension[];
+    verificationSensitivity?: HiofuManagementVerificationSensitivity;
+    locations?: string[];
+    jobTypes?: string[];
+    salaryMin?: number;
+    salaryMax?: number;
+    salaryCurrency?: string;
+    experienceMin?: number;
+    experienceMax?: number;
+}
+type HiofuManagementUpdateRoleInput = Partial<HiofuManagementCreateRoleInput>;
+interface HiofuManagementRoleMapping {
+    id: string;
+    externalEmployerId: string | null;
+    externalRoleId: string;
+    organizationId: string;
+    employerRoleId: string;
+    title: string;
+    description: string | null;
+    locations: string[];
+    isActive: boolean;
+    updatedAt: string;
+    employerRole: {
+        id: string;
+        title: string;
+        status: string;
+    } | null;
+}
+interface HiofuManagementRedirectUri {
+    id: string;
+    uri: string;
+    createdAt: string;
+}
+interface HiofuManagementEnvironment {
+    id: string;
+    mode: HiofuManagementEnvironmentMode;
+    clientId: string;
+    isActive: boolean;
+    totalApiCalls: number;
+    totalAuthorizations: number;
+    lastUsedAt: string | null;
+    redirectUris: HiofuManagementRedirectUri[];
+    roleMappings: HiofuManagementRoleMapping[];
+}
+interface HiofuManagementDeveloperSettings {
+    organization: {
+        organizationId: string;
+        organizationName: string | null;
+        organizationSlug: string | null;
+    };
+    partner: {
+        id: string;
+        name: string;
+        slug: string;
+        status: string;
+        allowedScopes: string[];
+        defaultScopes: string[];
+    } | null;
+    environments: HiofuManagementEnvironment[];
+}
+interface HiofuManagementSaveRoleMappingInput {
+    mode: HiofuManagementEnvironmentMode;
+    externalRoleId: string;
+    externalEmployerId?: string;
+    employerRoleId: string;
+    title?: string;
+    description?: string;
+    locations?: string[];
+    metadata?: Record<string, unknown>;
+}
+interface HiofuManagementAddRedirectUriInput {
+    mode: HiofuManagementEnvironmentMode;
+    uri: string;
+}
 
 declare const DEFAULT_AUTHORIZE_SCOPES: HiofuScope[];
 declare const DEFAULT_APPLY_SCOPES: HiofuScope[];
@@ -276,4 +424,4 @@ declare class HiofuClient {
     logout(): Promise<void>;
 }
 
-export { DEFAULT_APPLY_SCOPES as D, HiofuClient as H, type HiofuScope as a, type HiofuApplyResult as b, type HiofuConfig as c, type HiofuEvent as d, type HiofuApplyOptions as e, type HiofuTokenSet as f, DEFAULT_AUTHORIZE_SCOPES as g, type HiofuApplyRole as h, type HiofuPartner as i };
+export { DEFAULT_APPLY_SCOPES as D, HiofuClient as H, type HiofuScope as a, type HiofuApplyResult as b, type HiofuConfig as c, type HiofuEvent as d, type HiofuManagementConfig as e, type HiofuManagementListRolesParams as f, type HiofuManagementPaginatedResult as g, type HiofuManagementRoleListItem as h, type HiofuManagementRole as i, type HiofuManagementCreateRoleInput as j, type HiofuManagementUpdateRoleInput as k, type HiofuManagementRoleStatus as l, type HiofuManagementDeveloperSettings as m, type HiofuManagementSaveRoleMappingInput as n, type HiofuManagementAddRedirectUriInput as o, type HiofuApplyOptions as p, type HiofuTokenSet as q, DEFAULT_AUTHORIZE_SCOPES as r, type HiofuApplyRole as s, type HiofuManagementEnvironment as t, type HiofuManagementEnvironmentMode as u, type HiofuManagementRedirectUri as v, type HiofuManagementRoleDimension as w, type HiofuManagementRoleDimensionSkill as x, type HiofuManagementRoleMapping as y, type HiofuPartner as z };

package/dist/index.cjs

@@ -34,10 +34,12 @@ __export(src_exports, {
   HiofuApplyError: () => HiofuApplyError,
   HiofuClient: () => HiofuClient,
   HiofuConfigurationError: () => HiofuConfigurationError,
+  HiofuManagementClient: () => HiofuManagementClient,
   HiofuPopupError: () => HiofuPopupError,
   autoBind: () => autoBind,
   bootstrapFromScriptTag: () => bootstrapFromScriptTag,
   createApplyClient: () => createApplyClient,
+  createManagementClient: () => createManagementClient,
   hiofuLogoSvg: () => hiofuLogoSvg,
   isAutoBound: () => isAutoBound
 });
@@ -1252,6 +1254,149 @@ function createApplyClient(config) {
   };
 }
 
+// src/management.ts
+function buildQuery(params) {
+  if (!params) {
+    return "";
+  }
+  const search = new URLSearchParams();
+  if (typeof params.page === "number") {
+    search.set("page", String(params.page));
+  }
+  if (typeof params.limit === "number") {
+    search.set("limit", String(params.limit));
+  }
+  if (params.status) {
+    search.set("status", params.status);
+  }
+  if (params.search?.trim()) {
+    search.set("search", params.search.trim());
+  }
+  const query = search.toString();
+  return query ? `?${query}` : "";
+}
+var HiofuManagementClient = class {
+  constructor(config = {}) {
+    this.config = config;
+  }
+  async request(path, init = {}) {
+    const apiBase = this.config.apiBase ?? DEFAULT_API_BASE;
+    const headers = new Headers(this.config.headers);
+    if (init.headers) {
+      new Headers(init.headers).forEach((value, key) => {
+        headers.set(key, value);
+      });
+    }
+    return jsonFetch(`${apiBase}${path}`, {
+      ...init,
+      headers,
+      token: this.config.accessToken,
+      credentials: this.config.credentials ?? (this.config.accessToken ? void 0 : "include")
+    });
+  }
+  async listRoles(params) {
+    return this.request(
+      `/employer-roles${buildQuery(params)}`
+    );
+  }
+  async getRole(roleId) {
+    const response = await this.request(
+      `/employer-roles/${roleId}`
+    );
+    return response.data;
+  }
+  async createRole(input) {
+    const response = await this.request(
+      "/employer-roles",
+      {
+        method: "POST",
+        body: JSON.stringify(input)
+      }
+    );
+    return response.data;
+  }
+  async updateRole(roleId, input) {
+    const response = await this.request(
+      `/employer-roles/${roleId}`,
+      {
+        method: "PATCH",
+        body: JSON.stringify(input)
+      }
+    );
+    return response.data;
+  }
+  async updateRoleStatus(roleId, status) {
+    const response = await this.request(
+      `/employer-roles/${roleId}/status`,
+      {
+        method: "PATCH",
+        body: JSON.stringify({ status })
+      }
+    );
+    return response.data;
+  }
+  async getDeveloperSettings() {
+    const response = await this.request(
+      "/employers/developer/apply-sdk"
+    );
+    return response.data;
+  }
+  async issuePublishableKey() {
+    const response = await this.request(
+      "/employers/developer/apply-sdk",
+      {
+        method: "POST"
+      }
+    );
+    return response.data;
+  }
+  async saveRoleMapping(input) {
+    let resolvedRole = null;
+    if (!input.title || !input.description || !input.locations) {
+      resolvedRole = await this.getRole(input.employerRoleId);
+    }
+    const response = await this.request(
+      "/employers/developer/apply-sdk/role-mappings",
+      {
+        method: "POST",
+        body: JSON.stringify({
+          mode: input.mode,
+          externalRoleId: input.externalRoleId,
+          externalEmployerId: input.externalEmployerId,
+          employerRoleId: input.employerRoleId,
+          title: input.title ?? resolvedRole?.title,
+          description: input.description ?? resolvedRole?.description ?? void 0,
+          locations: input.locations ?? resolvedRole?.locations ?? void 0,
+          metadata: input.metadata
+        })
+      }
+    );
+    return response.data;
+  }
+  async addRedirectUri(input) {
+    const response = await this.request(
+      "/employers/developer/apply-sdk/redirect-uris",
+      {
+        method: "POST",
+        body: JSON.stringify(input)
+      }
+    );
+    return response.data;
+  }
+  async removeRedirectUri(uriId) {
+    const response = await this.request(
+      `/employers/developer/apply-sdk/redirect-uris/${uriId}`,
+      {
+        method: "DELETE"
+      }
+    );
+    return response.data;
+  }
+};
+function createManagementClient(config = {}) {
+  return new HiofuManagementClient(config);
+}
+
 // src/index.ts
 var _instance = null;
 var Hiofu = {

package/dist/index.d.cts

@@ -1,5 +1,5 @@
-import { H as HiofuClient, a as HiofuScope, b as HiofuApplyResult, c as HiofuConfig, d as HiofuEvent, e as HiofuApplyOptions, f as HiofuTokenSet } from './client-BTGUPzt9.cjs';
-export { D as DEFAULT_APPLY_SCOPES, g as DEFAULT_AUTHORIZE_SCOPES, h as HiofuApplyRole, i as HiofuPartner } from './client-BTGUPzt9.cjs';
+import { H as HiofuClient, a as HiofuScope, b as HiofuApplyResult, c as HiofuConfig, d as HiofuEvent, e as HiofuManagementConfig, f as HiofuManagementListRolesParams, g as HiofuManagementPaginatedResult, h as HiofuManagementRoleListItem, i as HiofuManagementRole, j as HiofuManagementCreateRoleInput, k as HiofuManagementUpdateRoleInput, l as HiofuManagementRoleStatus, m as HiofuManagementDeveloperSettings, n as HiofuManagementSaveRoleMappingInput, o as HiofuManagementAddRedirectUriInput, p as HiofuApplyOptions, q as HiofuTokenSet } from './client-Ct5xyQMk.cjs';
+export { D as DEFAULT_APPLY_SCOPES, r as DEFAULT_AUTHORIZE_SCOPES, s as HiofuApplyRole, t as HiofuManagementEnvironment, u as HiofuManagementEnvironmentMode, v as HiofuManagementRedirectUri, w as HiofuManagementRoleDimension, x as HiofuManagementRoleDimensionSkill, y as HiofuManagementRoleMapping, z as HiofuPartner } from './client-Ct5xyQMk.cjs';
 
 /**
  * Scan the document for `[data-hiofu-apply]` buttons and wire them up to call
@@ -117,6 +117,23 @@ declare class HiofuConfigurationError extends Error {
     constructor(code: HiofuConfigurationErrorCode, message: string, details?: Record<string, unknown>);
 }
 
+declare class HiofuManagementClient {
+    private readonly config;
+    constructor(config?: HiofuManagementConfig);
+    private request;
+    listRoles(params?: HiofuManagementListRolesParams): Promise<HiofuManagementPaginatedResult<HiofuManagementRoleListItem>>;
+    getRole(roleId: string): Promise<HiofuManagementRole>;
+    createRole(input: HiofuManagementCreateRoleInput): Promise<HiofuManagementRole>;
+    updateRole(roleId: string, input: HiofuManagementUpdateRoleInput): Promise<HiofuManagementRole>;
+    updateRoleStatus(roleId: string, status: HiofuManagementRoleStatus): Promise<HiofuManagementRole>;
+    getDeveloperSettings(): Promise<HiofuManagementDeveloperSettings>;
+    issuePublishableKey(): Promise<HiofuManagementDeveloperSettings>;
+    saveRoleMapping(input: HiofuManagementSaveRoleMappingInput): Promise<HiofuManagementDeveloperSettings>;
+    addRedirectUri(input: HiofuManagementAddRedirectUriInput): Promise<HiofuManagementDeveloperSettings>;
+    removeRedirectUri(uriId: string): Promise<HiofuManagementDeveloperSettings>;
+}
+declare function createManagementClient(config?: HiofuManagementConfig): HiofuManagementClient;
+
 type HiofuPopupErrorReason = "user_closed" | "timed_out";
 declare class HiofuPopupError extends Error {
     readonly reason: HiofuPopupErrorReason;
@@ -161,4 +178,4 @@ declare const Hiofu: {
     logout(): Promise<void>;
 };
 
-export { HIOFU_BRAND_COLOR, HIOFU_BRAND_SOFT, HIOFU_BUTTON_LABEL, HIOFU_FONT_FAMILY, HIOFU_FONT_URL, HIOFU_TAGLINE, HIOFU_WORDMARK, Hiofu, HiofuApiError, type HiofuApplyClient, HiofuApplyError, type HiofuApplyErrorCode, HiofuApplyOptions, type HiofuApplyPayload, HiofuApplyResult, type HiofuCancelContext, HiofuClient, HiofuConfig, HiofuConfigurationError, type HiofuCreateApplyClientConfig, type HiofuEnvironment, HiofuEvent, type HiofuNormalizedApplyResult, HiofuPopupError, HiofuScope, HiofuTokenSet, autoBind, bootstrapFromScriptTag, createApplyClient, hiofuLogoSvg, isAutoBound };
+export { HIOFU_BRAND_COLOR, HIOFU_BRAND_SOFT, HIOFU_BUTTON_LABEL, HIOFU_FONT_FAMILY, HIOFU_FONT_URL, HIOFU_TAGLINE, HIOFU_WORDMARK, Hiofu, HiofuApiError, type HiofuApplyClient, HiofuApplyError, type HiofuApplyErrorCode, HiofuApplyOptions, type HiofuApplyPayload, HiofuApplyResult, type HiofuCancelContext, HiofuClient, HiofuConfig, HiofuConfigurationError, type HiofuCreateApplyClientConfig, type HiofuEnvironment, HiofuEvent, HiofuManagementAddRedirectUriInput, HiofuManagementClient, HiofuManagementConfig, HiofuManagementCreateRoleInput, HiofuManagementDeveloperSettings, HiofuManagementListRolesParams, HiofuManagementPaginatedResult, HiofuManagementRole, HiofuManagementRoleListItem, HiofuManagementRoleStatus, HiofuManagementSaveRoleMappingInput, HiofuManagementUpdateRoleInput, type HiofuNormalizedApplyResult, HiofuPopupError, HiofuScope, HiofuTokenSet, autoBind, bootstrapFromScriptTag, createApplyClient, createManagementClient, hiofuLogoSvg, isAutoBound };

package/dist/index.d.ts

@@ -1,5 +1,5 @@
-import { H as HiofuClient, a as HiofuScope, b as HiofuApplyResult, c as HiofuConfig, d as HiofuEvent, e as HiofuApplyOptions, f as HiofuTokenSet } from './client-BTGUPzt9.js';
-export { D as DEFAULT_APPLY_SCOPES, g as DEFAULT_AUTHORIZE_SCOPES, h as HiofuApplyRole, i as HiofuPartner } from './client-BTGUPzt9.js';
+import { H as HiofuClient, a as HiofuScope, b as HiofuApplyResult, c as HiofuConfig, d as HiofuEvent, e as HiofuManagementConfig, f as HiofuManagementListRolesParams, g as HiofuManagementPaginatedResult, h as HiofuManagementRoleListItem, i as HiofuManagementRole, j as HiofuManagementCreateRoleInput, k as HiofuManagementUpdateRoleInput, l as HiofuManagementRoleStatus, m as HiofuManagementDeveloperSettings, n as HiofuManagementSaveRoleMappingInput, o as HiofuManagementAddRedirectUriInput, p as HiofuApplyOptions, q as HiofuTokenSet } from './client-Ct5xyQMk.js';
+export { D as DEFAULT_APPLY_SCOPES, r as DEFAULT_AUTHORIZE_SCOPES, s as HiofuApplyRole, t as HiofuManagementEnvironment, u as HiofuManagementEnvironmentMode, v as HiofuManagementRedirectUri, w as HiofuManagementRoleDimension, x as HiofuManagementRoleDimensionSkill, y as HiofuManagementRoleMapping, z as HiofuPartner } from './client-Ct5xyQMk.js';
 
 /**
  * Scan the document for `[data-hiofu-apply]` buttons and wire them up to call
@@ -117,6 +117,23 @@ declare class HiofuConfigurationError extends Error {
     constructor(code: HiofuConfigurationErrorCode, message: string, details?: Record<string, unknown>);
 }
 
+declare class HiofuManagementClient {
+    private readonly config;
+    constructor(config?: HiofuManagementConfig);
+    private request;
+    listRoles(params?: HiofuManagementListRolesParams): Promise<HiofuManagementPaginatedResult<HiofuManagementRoleListItem>>;
+    getRole(roleId: string): Promise<HiofuManagementRole>;
+    createRole(input: HiofuManagementCreateRoleInput): Promise<HiofuManagementRole>;
+    updateRole(roleId: string, input: HiofuManagementUpdateRoleInput): Promise<HiofuManagementRole>;
+    updateRoleStatus(roleId: string, status: HiofuManagementRoleStatus): Promise<HiofuManagementRole>;
+    getDeveloperSettings(): Promise<HiofuManagementDeveloperSettings>;
+    issuePublishableKey(): Promise<HiofuManagementDeveloperSettings>;
+    saveRoleMapping(input: HiofuManagementSaveRoleMappingInput): Promise<HiofuManagementDeveloperSettings>;
+    addRedirectUri(input: HiofuManagementAddRedirectUriInput): Promise<HiofuManagementDeveloperSettings>;
+    removeRedirectUri(uriId: string): Promise<HiofuManagementDeveloperSettings>;
+}
+declare function createManagementClient(config?: HiofuManagementConfig): HiofuManagementClient;
+
 type HiofuPopupErrorReason = "user_closed" | "timed_out";
 declare class HiofuPopupError extends Error {
     readonly reason: HiofuPopupErrorReason;
@@ -161,4 +178,4 @@ declare const Hiofu: {
     logout(): Promise<void>;
 };
 
-export { HIOFU_BRAND_COLOR, HIOFU_BRAND_SOFT, HIOFU_BUTTON_LABEL, HIOFU_FONT_FAMILY, HIOFU_FONT_URL, HIOFU_TAGLINE, HIOFU_WORDMARK, Hiofu, HiofuApiError, type HiofuApplyClient, HiofuApplyError, type HiofuApplyErrorCode, HiofuApplyOptions, type HiofuApplyPayload, HiofuApplyResult, type HiofuCancelContext, HiofuClient, HiofuConfig, HiofuConfigurationError, type HiofuCreateApplyClientConfig, type HiofuEnvironment, HiofuEvent, type HiofuNormalizedApplyResult, HiofuPopupError, HiofuScope, HiofuTokenSet, autoBind, bootstrapFromScriptTag, createApplyClient, hiofuLogoSvg, isAutoBound };
+export { HIOFU_BRAND_COLOR, HIOFU_BRAND_SOFT, HIOFU_BUTTON_LABEL, HIOFU_FONT_FAMILY, HIOFU_FONT_URL, HIOFU_TAGLINE, HIOFU_WORDMARK, Hiofu, HiofuApiError, type HiofuApplyClient, HiofuApplyError, type HiofuApplyErrorCode, HiofuApplyOptions, type HiofuApplyPayload, HiofuApplyResult, type HiofuCancelContext, HiofuClient, HiofuConfig, HiofuConfigurationError, type HiofuCreateApplyClientConfig, type HiofuEnvironment, HiofuEvent, HiofuManagementAddRedirectUriInput, HiofuManagementClient, HiofuManagementConfig, HiofuManagementCreateRoleInput, HiofuManagementDeveloperSettings, HiofuManagementListRolesParams, HiofuManagementPaginatedResult, HiofuManagementRole, HiofuManagementRoleListItem, HiofuManagementRoleStatus, HiofuManagementSaveRoleMappingInput, HiofuManagementUpdateRoleInput, type HiofuNormalizedApplyResult, HiofuPopupError, HiofuScope, HiofuTokenSet, autoBind, bootstrapFromScriptTag, createApplyClient, createManagementClient, hiofuLogoSvg, isAutoBound };

package/dist/index.global.js

@@ -1 +1 @@
-"use strict";var Hiofu=(()=>{var Q=Object.defineProperty;var Ke=Object.getOwnPropertyDescriptor;var Ve=Object.getOwnPropertyNames;var Je=Object.prototype.hasOwnProperty;var qe=(e,t)=>{for(var o in t)Q(e,o,{get:t[o],enumerable:!0})},Ge=(e,t,o,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let n of Ve(t))!Je.call(e,n)&&n!==o&&Q(e,n,{get:()=>t[n],enumerable:!(i=Ke(t,n))||i.enumerable});return e};var We=e=>Ge(Q({},"__esModule",{value:!0}),e);var mt={};qe(mt,{DEFAULT_APPLY_SCOPES:()=>ce,DEFAULT_AUTHORIZE_SCOPES:()=>ue,HIOFU_BRAND_COLOR:()=>le,HIOFU_BRAND_SOFT:()=>Pe,HIOFU_BUTTON_LABEL:()=>Ue,HIOFU_FONT_FAMILY:()=>W,HIOFU_FONT_URL:()=>Ne,HIOFU_TAGLINE:()=>Be,HIOFU_WORDMARK:()=>Re,Hiofu:()=>dt,HiofuApiError:()=>P,HiofuApplyError:()=>I,HiofuClient:()=>v,HiofuConfigurationError:()=>x,HiofuPopupError:()=>R,autoBind:()=>z,bootstrapFromScriptTag:()=>Z,createApplyClient:()=>Me,hiofuLogoSvg:()=>Le,isAutoBound:()=>je});var B="https://api.hiofu.com/api",P=class extends Error{constructor(o,i,n){super(o);this.status=i;this.body=n}};async function N(e,t={}){let o=new Headers(t.headers);o.set("Content-Type","application/json"),t.token&&o.set("Authorization",`Bearer ${t.token}`);let i=await fetch(e,{...t,headers:o}),n=await i.text(),a=n;try{a=n?JSON.parse(n):null}catch{}if(!i.ok){let r=a?.message?.toString()??`Request failed (${i.status})`;throw new P(r,i.status,a)}return a}async function ee(e,t){let o=e.apiBase??B,i=await N(`${o}/oauth/token`,{method:"POST",body:JSON.stringify({grant_type:"authorization_code",client_id:e.clientId,code:t.code,code_verifier:t.verifier,redirect_uri:t.redirectUri})});return{accessToken:i.data.access_token,refreshToken:i.data.refresh_token??null,expiresAt:Date.now()+i.data.expires_in*1e3,scopes:i.data.scope.split(" ").filter(Boolean)}}async function Ce(e,t){let o=e.apiBase??B,i=await N(`${o}/oauth/token`,{method:"POST",body:JSON.stringify({grant_type:"refresh_token",client_id:e.clientId,refresh_token:t})});return{accessToken:i.data.access_token,refreshToken:i.data.refresh_token??null,expiresAt:Date.now()+i.data.expires_in*1e3,scopes:i.data.scope.split(" ").filter(Boolean)}}async function be(e,t){let o=e.apiBase??B;await N(`${o}/oauth/revoke`,{method:"POST",body:JSON.stringify({token:t,client_id:e.clientId})})}async function we(e,t){let o=e.apiBase??B;return N(`${o}/v1/partner/me`,{token:t})}async function _e(e,t){let o=e.apiBase??B;return N(`${o}/v1/partner/me/full`,{token:t})}async function xe(e,t,o){let i=e.apiBase??B;return N(`${i}/v1/partner/applications`,{method:"POST",token:t,headers:o.idempotencyKey?{"Idempotency-Key":o.idempotencyKey}:void 0,body:JSON.stringify(o)})}var x=class extends Error{constructor(t,o,i){super(o),this.name="HiofuConfigurationError",this.code=t,this.details=i}},Ye=new Set(["https://hiofu.com","https://www.hiofu.com","https://api.hiofu.com"]),Ze=new Set(["https://sandbox.hiofu.com","https://api.sandbox.hiofu.com"]);function Xe(e){if(e.startsWith("pk_test_"))return"test";if(e.startsWith("pk_live_"))return"live";throw new x("hiofu.configuration_error","Hiofu clientId must start with pk_test_ or pk_live_.",{clientIdPrefix:e.slice(0,8)})}function He(e){let t;try{t=new URL(e)}catch{throw new x("hiofu.configuration_error","Hiofu origin and API URLs must be absolute URLs.",{value:e})}return["localhost","127.0.0.1","0.0.0.0"].includes(t.hostname)?"local":Ze.has(t.origin)?"sandbox":Ye.has(t.origin)?"production":"unknown"}function ve(e,t,o,i){if(!(t==="local"||t==="unknown")){if(e==="test"&&t==="production")throw new x("hiofu.environment_mismatch","pk_test_* client IDs must use sandbox Hiofu origins, not production.",{field:o,value:i,expected:"sandbox",received:"production"});if(e==="live"&&t==="sandbox")throw new x("hiofu.environment_mismatch","pk_live_* client IDs must use production Hiofu origins, not sandbox.",{field:o,value:i,expected:"production",received:"sandbox"})}}function Ae(e){let t=Xe(e.clientId);ve(t,He(e.hiofuOrigin),"hiofuOrigin",e.hiofuOrigin),ve(t,He(e.apiBase),"apiBase",e.apiBase)}var Se="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";function te(e=64){if(e<43||e>128)throw new Error("PKCE verifier length must be 43..128");let t=globalThis.crypto;if(!t?.getRandomValues)throw new Error("Secure random generation is unavailable in this browser.");let o=new Uint8Array(e);t.getRandomValues(o);let i="";for(let n=0;n<e;n++)i+=Se[o[n]%Se.length];return i}function Qe(e){let t=new Uint8Array(e),o="";for(let i of t)o+=String.fromCharCode(i);return btoa(o).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}var et=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]);function H(e,t){return e>>>t|e<<32-t}function tt(e){let t=e.length+1+8;for(;t%64!==0;)t++;let o=new Uint8Array(t);o.set(e),o[e.length]=128;let i=new DataView(o.buffer),n=e.length*8;i.setUint32(t-8,Math.floor(n/4294967296)),i.setUint32(t-4,n>>>0);let a=1779033703,r=3144134277,f=1013904242,p=2773480762,d=1359893119,y=2600822924,u=528734635,h=1541459225,l=new Uint32Array(64);for(let k=0;k<t;k+=64){for(let c=0;c<16;c++)l[c]=i.getUint32(k+c*4);for(let c=16;c<64;c++){let O=H(l[c-15],7)^H(l[c-15],18)^l[c-15]>>>3,w=H(l[c-2],17)^H(l[c-2],19)^l[c-2]>>>10;l[c]=l[c-16]+O+l[c-7]+w>>>0}let m=a,T=r,A=f,b=p,C=d,S=y,_=u,E=h;for(let c=0;c<64;c++){let O=H(C,6)^H(C,11)^H(C,25),w=C&S^~C&_,D=E+O+w+et[c]+l[c]>>>0,X=H(m,2)^H(m,13)^H(m,22),$=m&T^m&A^T&A,K=X+$>>>0;E=_,_=S,S=C,C=b+D>>>0,b=A,A=T,T=m,m=D+K>>>0}a=a+m>>>0,r=r+T>>>0,f=f+A>>>0,p=p+b>>>0,d=d+C>>>0,y=y+S>>>0,u=u+_>>>0,h=h+E>>>0}let g=new ArrayBuffer(32),F=new DataView(g);return[a,r,f,p,d,y,u,h].forEach((k,m)=>{F.setUint32(m*4,k)}),g}async function Ie(e){let t=new TextEncoder().encode(e),o=globalThis.crypto?.subtle?.digest?await globalThis.crypto.subtle.digest("SHA-256",t):tt(t);return Qe(o)}function ke(e=43){return te(e)}var ot="https://hiofu.com",it=5*6e4,R=class extends Error{constructor(t,o){super(o),this.name="HiofuPopupError",this.reason=t}};function nt(e,t){if(e.redirectUri)return e.redirectUri;let o=new URL(t).origin;return typeof window<"u"&&window.location.origin&&window.location.origin!==o?new URL("/oauth/callback.html",window.location.origin).toString():`${o}/oauth/callback-shim`}async function oe(e,t,o,i){let n=e.hiofuOrigin??ot,a=new URL(n).origin,r=nt(e,n),f=e.authorizeTimeoutMs??it,p=te(),d=await Ie(p),y=ke(),u=new URL(`${n}/oauth/consent`);u.searchParams.set("client_id",e.clientId),u.searchParams.set("redirect_uri",r),u.searchParams.set("scope",t.join(" ")),u.searchParams.set("state",y),u.searchParams.set("code_challenge",d),u.searchParams.set("code_challenge_method","S256"),u.searchParams.set("popup","1"),u.searchParams.set("sdk","apply"),o?.jobId&&u.searchParams.set("job_id",o.jobId),o?.jobTitle&&u.searchParams.set("job_title",o.jobTitle),o?.employerId&&u.searchParams.set("employer_id",o.employerId),o?.employerName&&u.searchParams.set("employer_name",o.employerName),o?.variationId&&u.searchParams.set("variation_id",o.variationId);let h=480,l=720,g=window.screenX+(window.outerWidth-h)/2,F=window.screenY+(window.outerHeight-l)/2,k=`popup=yes,width=${h},height=${l},left=${g},top=${F},scrollbars=yes`,m=window.open(u.toString(),"hiofu_apply",k);if(!m)throw new Error("Popup blocked. Allow popups for this site to continue.");i?.onPopupOpened?.({redirectUri:r});try{localStorage.removeItem("hiofu_oauth_result")}catch{}return new Promise((T,A)=>{let b=!1,C=null,S=null,_=null,E=!1,c=!1,O=()=>{if(b=!0,window.removeEventListener("message",$),window.removeEventListener("storage",K),window.removeEventListener("blur",me),window.removeEventListener("focus",he),document.removeEventListener("visibilitychange",ge),window.clearInterval(ze),C&&clearTimeout(C),S&&clearTimeout(S),_)try{_.close()}catch{}try{localStorage.removeItem("hiofu_oauth_result")}catch{}},w=(s,U)=>{if(b||!s||s.type!=="hiofu_oauth")return;let j=s.state===y;if(i?.onPopupResultReceived?.({channel:U,hasCode:!!s.code,hasError:!!s.error,stateMatches:j,error:s.error??null,variationId:s.variationId??null}),!!j){if(s.error){O();try{m.close()}catch{}i?.onPopupClosed?.(s.error==="access_denied"?"denied":"completed"),A(new Error(s.error));return}if(s.code){O();try{m.close()}catch{}i?.onPopupClosed?.("completed"),T({code:s.code,state:y,verifier:p,redirectUri:r,variationId:s.variationId??null})}}},D=new URL(r).origin,X=new Set([a,D]),$=s=>{b||X.has(s.origin)&&w(s.data,"message")},K=s=>{if(!b&&!(s.key!=="hiofu_oauth_result"||!s.newValue))try{w(JSON.parse(s.newValue),"storage")}catch{}},me=()=>{E=!0},ge=()=>{document.visibilityState==="hidden"&&(E=!0)};if(typeof BroadcastChannel<"u")try{_=new BroadcastChannel("hiofu_oauth"),_.onmessage=s=>{b||w(s.data,"broadcast")}}catch{_=null}let he=()=>{b||(E&&(c=!0),C&&clearTimeout(C),C=setTimeout(()=>{try{let s=localStorage.getItem("hiofu_oauth_result");if(s){w(JSON.parse(s),"focus_storage");return}}catch{}},3e3))};window.addEventListener("message",$),window.addEventListener("storage",K),window.addEventListener("blur",me),window.addEventListener("focus",he),document.addEventListener("visibilitychange",ge);let ze=window.setInterval(()=>{if(!b){try{let s=m.location.href;if(s){let U=new URL(s),j=U.searchParams.get("code"),De=U.searchParams.get("state"),ye=U.searchParams.get("error"),$e=U.searchParams.get("variation_id");if(j||ye){w({type:"hiofu_oauth",code:j,state:De,error:ye,variationId:$e},"poll_url");return}}}catch{}try{let s=localStorage.getItem("hiofu_oauth_result");if(s){w(JSON.parse(s),"poll_storage");return}}catch{}if(m.closed&&c)try{let s=localStorage.getItem("hiofu_oauth_result");s&&w(JSON.parse(s),"close_check")}catch{}}},500);S=window.setTimeout(()=>{if(!b){O();try{m.close()}catch{}i?.onPopupClosed?.("timed_out"),A(new R("timed_out","Authorization timed out. Please try again."))}},f)})}var Te=0;function V(e="hiofu"){let t=globalThis.crypto;if(typeof t?.randomUUID=="function")return`${e}_${t.randomUUID()}`;if(typeof t?.getRandomValues=="function"){let i=new Uint8Array(16);t.getRandomValues(i);let n=Array.from(i,a=>a.toString(16).padStart(2,"0")).join("");return`${e}_${Date.now()}_${n}`}Te+=1;let o=typeof globalThis.performance?.now=="function"?Math.floor(globalThis.performance.now()*1e3):0;return`${e}_${Date.now()}_${o}_${Te}`}var ne=new Map;function re(e){return`hiofu:${e}:token`}function rt(){return typeof window>"u"?"server":window.location?.origin||"unknown-origin"}function se(e){return`hiofu:${rt()}:${e}:token`}function Ee(e){try{return JSON.parse(e)}catch{return null}}function ie(e){return{...e,refreshToken:null}}function J(e,t){if(t==="memory")return ne.get(e)??null;if(typeof window>"u")return null;try{let o=se(e),i=window.sessionStorage.getItem(o);if(i){let p=Ee(i);return p?ie(p):null}let n=re(e),a=window.sessionStorage.getItem(n);if(!a)return null;let r=Ee(a);if(!r)return null;let f=ie(r);return window.sessionStorage.setItem(o,JSON.stringify(f)),window.sessionStorage.removeItem(n),f}catch{return null}}function q(e,t,o){if(t==="memory"){ne.set(e,o);return}if(!(typeof window>"u"))try{window.sessionStorage.setItem(se(e),JSON.stringify(ie(o))),window.sessionStorage.removeItem(re(e))}catch{}}function ae(e,t){if(t==="memory"){ne.delete(e);return}if(!(typeof window>"u"))try{window.sessionStorage.removeItem(se(e)),window.sessionStorage.removeItem(re(e))}catch{}}var ue=["profile.basic"],ce=["applications.write","passport.snapshot"];function Oe(e){return[...new Set(e)]}function st(e){let t=[...e];return t.includes("applications.write")||t.push("applications.write"),t.includes("passport.snapshot")||t.push("passport.snapshot"),Oe(t)}function at(){return V()}function G(e){return{expiresAt:e.expiresAt,scopes:[...e.scopes]}}var v=class{constructor(t){this.listeners=new Set;if(!t.clientId)throw new Error("HiofuClient: clientId is required");this.config={...t,hiofuOrigin:t.hiofuOrigin??"https://hiofu.com",apiBase:t.apiBase??"https://api.hiofu.com/api",storage:t.storage??"memory",authorizeTimeoutMs:t.authorizeTimeoutMs??5*6e4},Ae(this.config)}subscribe(t){return this.listeners.add(t),()=>{this.listeners.delete(t)}}emit(t){try{this.config.onEvent?.(t)}catch{}for(let o of this.listeners)try{o(t)}catch{}}async getAccessToken(){let t=J(this.config.clientId,this.config.storage);if(!t)return null;if(t.expiresAt-3e4>Date.now())return t.accessToken;if(!t.refreshToken)return null;try{let o=await Ce(this.config,t.refreshToken);return q(this.config.clientId,this.config.storage,o),this.emit({type:"token_issued",token:G(o)}),o.accessToken}catch{return ae(this.config.clientId,this.config.storage),null}}async authorize(t=this.config.scopes??ue,o){let i=await oe(this.config,Oe(t),o,{onPopupOpened:({redirectUri:r})=>{this.emit({type:"popup_opened",redirectUri:r})},onPopupClosed:r=>{this.emit({type:"popup_closed",reason:r})},onPopupResultReceived:r=>{this.emit({type:"popup_result_received",...r})}}),n=await ee(this.config,{code:i.code,verifier:i.verifier,redirectUri:i.redirectUri});q(this.config.clientId,this.config.storage,n);let a=G(n);return this.emit({type:"token_issued",token:a}),a}async apply(t){this.emit({type:"apply_started",input:{jobId:t.jobId,jobTitle:t.jobTitle,employerId:t.employerId,employerName:t.employerName,variationId:t.variationId??void 0}});try{let o=await this.getAccessToken(),i=J(this.config.clientId,this.config.storage),n=st(t.scopes??this.config.applyScopes??this.config.scopes??ce),a=i&&n.every(u=>i.scopes.includes(u)),r=!t.variationId,f=t.idempotencyKey?.trim()||at(),p=t.variationId??null;if(!o||!a||r){let u=await oe(this.config,n,{jobId:t.jobId,jobTitle:t.jobTitle,employerId:t.employerId,employerName:t.employerName,variationId:t.variationId},{onPopupOpened:({redirectUri:l})=>{this.emit({type:"popup_opened",redirectUri:l})},onPopupClosed:l=>{this.emit({type:"popup_closed",reason:l})},onPopupResultReceived:l=>{this.emit({type:"popup_result_received",...l})}}),h=await ee(this.config,{code:u.code,verifier:u.verifier,redirectUri:u.redirectUri});q(this.config.clientId,this.config.storage,h),this.emit({type:"token_issued",token:G(h)}),i=h,o=h.accessToken,p=u.variationId??t.variationId??null}this.emit({type:"apply_submitting",idempotencyKey:f,variationId:p});let d=await xe(this.config,o,{jobId:t.jobId,jobTitle:t.jobTitle,employerId:t.employerId,employerName:t.employerName,role:t.role,variationId:p??void 0,idempotencyKey:f}),y={application:d.data.application,authorization:G(i),idempotencyKey:f,sharedView:d.data.sharedView??(p?{type:"variation",label:null}:{type:"full_passport",label:null}),versionNumber:d.data.versionNumber??null,profile:d.data.profile??null,evidence:d.data.evidence??null,snapshot:d.data.snapshot??null,delivery:d.data.delivery??null};return this.emit({type:"apply_success",result:y}),y}catch(o){let i=o instanceof Error?o:new Error(String(o));throw this.emit({type:"apply_error",error:i}),i}}async getProfile(t="basic"){let o=await this.getAccessToken();if(!o)throw new Error("Not authorised. Call authorize() or apply().");return t==="full"?_e(this.config,o):we(this.config,o)}async logout(){let t=J(this.config.clientId,this.config.storage);if(t?.accessToken)try{await be(this.config,t.accessToken)}catch{}ae(this.config.clientId,this.config.storage)}};var le="#667eea",Pe="#eaf4ff",Re="HIOFU",Ue="Apply with HSP1",Be="Skills Passport Platform",W="'Geist', ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif",Ne="https://fonts.googleapis.com/css2?family=Geist:wght@400;600&display=swap";function Le({size:e=24,color:t=le}={}){return`<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 4000 4000" width="${e}" height="${e}" fill="none" aria-hidden="true"><path fill="${t}" transform="translate(1034,1034)" d="M0 0 C212.85 0 425.7 0 645 0 C645 212.52 645 425.04 645 644 C856.89636356 643.96037473 856.89636356 643.96037473 1068.79272461 643.90991211 C1109.66711426 643.90539551 1109.66711426 643.90539551 1128.76930237 643.90455627 C1143.06830418 643.90355843 1157.3673013 643.89923459 1171.66630179 643.89332657 C1186.22879895 643.88739059 1200.79129313 643.88515942 1215.35379145 643.88655505 C1224.02511491 643.88727558 1232.69642734 643.8852541 1241.36774878 643.8791924 C1247.08119714 643.87546737 1252.79463809 643.87531229 1258.50808695 643.87816466 C1261.76999766 643.87968819 1265.03188252 643.87902557 1268.29379189 643.87511742 C1271.80233562 643.87115732 1275.31082282 643.87323457 1278.8193655 643.87695217 C1279.84998128 643.87432515 1280.88059705 643.87169812 1281.94244361 643.86899149 C1282.86776725 643.87123879 1283.7930909 643.8734861 1284.74645466 643.8758015 C1285.54991085 643.87564552 1286.35336705 643.87548954 1287.1811704 643.87532884 C1289 644 1289 644 1290 645 C1290.09699984 646.41513221 1290.12447387 647.83509264 1290.1241985 649.25354534 C1290.1264458 650.17886899 1290.12869311 651.10419264 1290.13100851 652.05755639 C1290.12706797 653.60348006 1290.12706797 653.60348006 1290.12304783 655.1806345 C1290.12477845 656.81393262 1290.12477845 656.81393262 1290.12654402 658.48022666 C1290.12921807 662.17649429 1290.12468308 665.87271951 1290.12025452 669.56898499 C1290.12069145 672.21977348 1290.12152514 674.87055912 1290.12284851 677.52134705 C1290.12493343 683.3176645 1290.12326705 689.11397171 1290.11921513 694.91028798 C1290.11313165 703.64128822 1290.11284368 712.37228222 1290.11368043 721.1032842 C1290.11492471 735.73246789 1290.11162001 750.36164711 1290.10557556 764.99082947 C1290.09741702 784.77151653 1290.09547353 804.55219592 1290.09460449 824.33288574 C1290.08934731 871.90942474 1290.07538629 919.48596246 1290.0625 967.0625 C1290.041875 1073.301875 1290.02125 1179.54125 1290 1289 C1502.52 1289 1715.04 1289 1934 1289 C1934 1501.85 1934 1714.7 1934 1934 C1721.15 1934 1508.3 1934 1289 1934 C1288.625 1772.5 1288.625 1772.5 1288.52197266 1721.65039062 C1288.48202947 1706.50774795 1288.48202947 1706.50774795 1288.43954468 1691.3651123 C1288.42080214 1684.66068632 1288.40721862 1677.95627536 1288.39730835 1671.25183105 C1288.38581716 1663.49036763 1288.36742107 1655.72895444 1288.34107121 1647.96752676 C1288.3278415 1644.01067253 1288.31732704 1640.05387476 1288.31574559 1636.09699726 C1288.30745247 1620.60432768 1288.04882577 1605.17510698 1287.08163452 1589.70935059 C1287.00124612 1588.42143317 1286.92085773 1587.13351575 1286.83803332 1585.80657053 C1282.06455978 1515.63263785 1252.40600162 1448.19883165 1205.11328125 1396.33203125 C1203.22623463 1394.24965264 1201.38941767 1392.13496936 1199.5625 1390 C1192.95235187 1382.42587194 1185.71742314 1375.4353351 1178 1369 C1177.46697266 1368.55317871 1176.93394531 1368.10635742 1176.38476562 1367.64599609 C1159.24283074 1353.32553103 1141.43739688 1341.01413992 1122 1330 C1121.33468262 1329.61505371 1120.66936523 1329.23010742 1119.98388672 1328.83349609 C1079.10735154 1305.20781221 1028.19860917 1291.13249309 980.95703125 1290.76171875 C979.92285568 1290.7519249 978.88868011 1290.74213104 977.82316589 1290.73204041 C954.89597459 1290.55972646 932.58691104 1290.71914018 910 1295 C908.85321777 1295.21430664 907.70643555 1295.42861328 906.52490234 1295.64941406 C850.7227533 1306.40136369 798.57630888 1331.24788422 756 1369 C755.03191406 1369.85722656 754.06382812 1370.71445313 753.06640625 1371.59765625 C741.20418581 1382.29413391 729.84647149 1393.39927075 720 1406 C719.04945705 1407.16357244 718.09615669 1408.32489584 717.140625 1409.484375 C710.17564591 1417.97433671 703.86187772 1426.7156136 698 1436 C697.63342285 1436.57621094 697.2668457 1437.15242188 696.88916016 1437.74609375 C667.61100204 1484.08675854 650.28720896 1537.03647257 646.91055298 1591.7442627 C646.86805293 1592.4281217 646.82555287 1593.11198071 646.78176494 1593.81656271 C645.83996196 1609.26927039 645.68958126 1624.69941296 645.68335578 1640.17642534 C645.67948705 1644.19779951 645.66412082 1648.21913577 645.6503849 1652.24048615 C645.62553662 1659.99201109 645.61033146 1667.74352268 645.59880099 1675.49507764 C645.58498323 1684.49056295 645.55865582 1693.48598508 645.5324707 1702.48144531 C645.46955608 1726.15427147 645.42326434 1749.82713944 645.375 1773.5 C645.25125 1826.465 645.1275 1879.43 645 1934 C432.15 1934 219.3 1934 0 1934 C0 1721.15 0 1508.3 0 1289 C160.5625 1288.625 160.5625 1288.625 211.12329102 1288.52197266 C226.17547199 1288.48203099 226.17547199 1288.48203099 241.22764587 1288.43954468 C247.89378247 1288.42079659 254.55990392 1288.407216 261.22605896 1288.39730835 C268.94216177 1288.38582173 276.65821399 1288.36743205 284.37428081 1288.34107121 C288.30848121 1288.32783468 292.24262471 1288.31732587 296.17684853 1288.31574559 C311.39652544 1288.3075441 326.56079366 1288.06692488 341.75254822 1287.08944702 C342.99136232 1287.01010599 344.23017642 1286.93076495 345.50653034 1286.84901965 C387.02631279 1283.93222903 427.79434077 1272.55595424 465 1254 C466.31967773 1253.35925537 466.31967773 1253.35925537 467.66601562 1252.70556641 C492.1979482 1240.77197411 514.44418239 1224.84575596 535 1207 C535.80695312 1206.30648437 536.61390625 1205.61296875 537.4453125 1204.8984375 C549.58245126 1194.2424411 561.09572755 1182.76471215 571 1170 C571.94755571 1168.83872009 572.89829595 1167.68003411 573.8515625 1166.5234375 C580.82061869 1158.03191742 587.13612786 1149.28754528 593 1140 C593.36657715 1139.42378906 593.7331543 1138.84757812 594.11083984 1138.25390625 C623.52719041 1091.69451424 642.93520462 1035.77851825 643.203125 980.33984375 C643.21018463 979.36022675 643.21724426 978.38060974 643.22451782 977.37130737 C643.46827251 947.05917734 643.46827251 947.05917734 640 917 C639.79600586 915.85160645 639.59201172 914.70321289 639.38183594 913.52001953 C624.33070602 831.13315773 579.21845208 754.47206937 510.04174805 705.98974609 C499.64395414 698.85804342 488.92923007 692.28184987 478 686 C477.31856934 685.60361328 476.63713867 685.20722656 475.93505859 684.79882812 C421.32602944 653.31303265 359.70138388 645.90857123 297.84687839 645.79942851 C293.78017846 645.79117312 289.71349636 645.77734735 285.64680958 645.76427555 C277.78419488 645.73981035 269.92157578 645.72012322 262.05894377 645.70219031 C252.94736361 645.6811969 243.83580796 645.65411741 234.72424316 645.6270752 C210.71200946 645.55876501 186.69975307 645.4986243 162.6875 645.4375 C109.000625 645.293125 55.31375 645.14875 0 645 C0 432.15 0 219.3 0 0 Z"/><path fill="${t}" opacity="0.55" transform="translate(2665.2273972332478,1033.88392727077)" d="M0 0 C4.13109652 0.00441336 8.26219201 0.00290235 12.39329025 0.00218208 C20.38739589 0.0016536 28.38149015 0.00623972 36.37559288 0.01268341 C45.6357789 0.01992215 54.89595822 0.02068027 64.15614769 0.02146824 C88.56996783 0.02670501 112.98378547 0.04066624 137.39760277 0.05357273 C191.97135277 0.07419773 246.54510277 0.09482273 302.77260277 0.11607273 C302.77260277 212.96607273 302.77260277 425.81607273 302.77260277 645.11607273 C245.88885277 645.17794773 189.00510277 645.23982273 130.39760277 645.30357273 C112.46625999 645.33088474 94.53491722 645.35819675 76.06020042 645.3863364 C54.08778831 645.39988621 54.08778831 645.39988621 43.78685448 645.40240391 C36.62463329 645.40518787 29.46248328 645.41613414 22.30028221 645.43279941 C14.01926219 645.45203915 5.73830981 645.46054737 -2.54273266 645.45640758 C-6.76923774 645.45461797 -10.99559212 645.457241 -15.22206882 645.47371812 C-38.9778459 645.56183254 -62.35832648 644.49213945 -85.66489723 639.42857273 C-86.85824684 639.17366062 -88.05159645 638.91874851 -89.28110817 638.65611179 C-116.04222495 632.75696648 -142.12677201 623.98604368 -166.36020973 611.0960532 C-168.27037284 610.09351728 -170.198279 609.13534185 -172.13364723 608.18247898 C-189.97415333 599.26222593 -206.80822277 587.75093662 -222.22739723 575.11607273 C-222.73706032 574.70115574 -223.24672341 574.28623874 -223.77183083 573.85874851 C-243.26481687 557.928418 -261.11849809 540.28009887 -276.22739723 520.11607273 C-277.12709111 518.93635037 -278.02683124 517.75666329 -278.92661598 516.57701023 C-286.30270586 506.80899554 -292.90835946 496.59425731 -299.22739723 486.11607273 C-299.65907204 485.40144871 -300.09074684 484.68682468 -300.5355027 483.95054539 C-326.42724396 440.54826299 -342.06636784 387.5809744 -342.46567848 336.97544773 C-342.48036926 335.4263068 -342.48036926 335.4263068 -342.49535683 333.84587009 C-342.66772841 310.94951731 -342.5024975 288.67259489 -338.22739723 266.11607273 C-337.90593727 264.39589939 -337.90593727 264.39589939 -337.57798317 262.64097507 C-332.85158743 238.11118756 -325.49772666 214.57345459 -315.38853005 191.7391196 C-314.36606186 189.42932183 -313.36859721 187.11059599 -312.37583473 184.78794773 C-297.62667222 151.13976141 -274.6137392 121.36945591 -249.22739723 95.11607273 C-248.74754372 94.61962253 -248.2676902 94.12317234 -247.77329567 93.6116782 C-242.48368784 88.16894019 -237.05255716 82.9797985 -231.22739723 78.11607273 C-230.70500466 77.67456882 -230.18261208 77.23306492 -229.64438942 76.7781821 C-213.69661083 63.34013123 -196.8285241 51.45493394 -178.5511277 41.3953696 C-177.02513958 40.55525847 -175.50316193 39.70781288 -173.98569801 38.85240085 C-120.15120122 8.53576352 -60.86821967 -0.08189714 0 0 Z"/></svg>`}var pe=!1,M=null;function fe(e){if(!e)return;let t=e.split(/[\s,]+/).map(o=>o.trim()).filter(Boolean);return t.length?t:void 0}function Fe(e){if(!e)return;let t=e.split(",").map(o=>o.trim()).filter(Boolean);return t.length?t:void 0}function Y(e){if(!e)return;let t=Number(e);return Number.isFinite(t)?t:void 0}function z(e){if(typeof document>"u")return()=>{};M&&M();let t=async i=>{let n=i.target?.closest("[data-hiofu-apply]");if(!n)return;i.preventDefault();let a=n.getAttribute("data-job-id"),r=n.getAttribute("data-job-title"),f=n.getAttribute("data-employer-id"),p=n.getAttribute("data-employer-name"),d=n.getAttribute("data-external-role-id"),y=n.getAttribute("data-external-employer-id"),u=n.getAttribute("data-hiofu-variation-id")??void 0,h=n.getAttribute("data-hiofu-idempotency-key")??void 0,l=fe(n.getAttribute("data-hiofu-scopes"));if(!a||!r){let g=new Error("data-job-id and data-job-title are required");n.dispatchEvent(new CustomEvent("hiofu:apply:error",{bubbles:!0,detail:g}));return}n.setAttribute("data-hiofu-loading","1");try{let g={jobId:a,jobTitle:r};f&&(g.employerId=f),p&&(g.employerName=p),u&&(g.variationId=u),h&&(g.idempotencyKey=h),l&&(g.scopes=l),(d||y)&&(g.role={externalRoleId:d??a,externalEmployerId:y??f??void 0,title:n.getAttribute("data-role-title")??r,description:n.getAttribute("data-role-description")??void 0,department:n.getAttribute("data-role-department")??void 0,locations:Fe(n.getAttribute("data-role-locations")),jobTypes:Fe(n.getAttribute("data-role-job-types")),salaryMin:Y(n.getAttribute("data-role-salary-min")),salaryMax:Y(n.getAttribute("data-role-salary-max")),salaryCurrency:n.getAttribute("data-role-salary-currency")??void 0,experienceMin:Y(n.getAttribute("data-role-experience-min")),experienceMax:Y(n.getAttribute("data-role-experience-max"))});let F=await e.apply(g);n.dispatchEvent(new CustomEvent("hiofu:apply:success",{bubbles:!0,detail:F}))}catch(g){n.dispatchEvent(new CustomEvent("hiofu:apply:error",{bubbles:!0,detail:g}))}finally{n.removeAttribute("data-hiofu-loading")}};document.querySelectorAll("[data-hiofu-apply]").forEach(i=>{i.style.fontFamily=W}),document.addEventListener("click",t),pe=!0;let o=()=>{document.removeEventListener("click",t),pe=!1,M===o&&(M=null)};return M=o,o}function je(){return pe}function Z(){if(typeof document>"u")return null;let e=document.currentScript;if(!e)return null;let t=e.getAttribute("data-client-id");if(!t)return null;let o={clientId:t,hiofuOrigin:e.getAttribute("data-hiofu-origin")??void 0,apiBase:e.getAttribute("data-api-base")??void 0,redirectUri:e.getAttribute("data-redirect-uri")??void 0,scopes:fe(e.getAttribute("data-scopes")),applyScopes:fe(e.getAttribute("data-apply-scopes"))},i=new v(o);return z(i),i}var I=class extends Error{constructor(t){super(t.message),this.name="HiofuApplyError",this.code=t.code,this.correlationId=t.correlationId,this.retryable=t.retryable,this.cause=t.cause}},ut={sandbox:{hiofuOrigin:"https://sandbox.hiofu.com",apiBase:"https://api.sandbox.hiofu.com/api"},production:{hiofuOrigin:"https://hiofu.com",apiBase:"https://api.hiofu.com/api"}};function de(){return V()}function ct(e,t){if(e==="sandbox"&&!t.startsWith("pk_test_"))throw new I({code:"environment_mismatch",message:"Sandbox integrations must use a pk_test_* publishable key.",correlationId:de(),retryable:!1});if(e==="production"&&!t.startsWith("pk_live_"))throw new I({code:"environment_mismatch",message:"Production integrations must use a pk_live_* publishable key.",correlationId:de(),retryable:!1})}function lt(e){let t=e.role.locations??(e.role.location?[e.role.location]:void 0),o={jobId:e.externalJobId,jobTitle:e.jobTitle??e.role.title,scopes:e.scopes,variationId:e.variationId,idempotencyKey:e.idempotencyKey,role:{externalRoleId:e.externalJobId,title:e.role.title,description:e.role.description,locations:t,metadata:{...e.role.metadata??{},...e.role.skills?{skills:e.role.skills}:{},...e.role.salary?{salary:e.role.salary}:{},...e.role.dimensions?{dimensions:e.role.dimensions}:{},...e.callbackState?{callbackState:e.callbackState}:{},...e.partnerTags?{partnerTags:e.partnerTags}:{}}}};return e.externalEmployerId&&(o.employerId=e.externalEmployerId,o.role.externalEmployerId=e.externalEmployerId),e.employerName&&(o.employerName=e.employerName),o}function pt(e,t,o){let i=e.application.submittedAt instanceof Date?e.application.submittedAt.toISOString():e.application.submittedAt??new Date().toISOString();return{applicationId:e.application.id,partnerApplicationId:o,hiofuRoleId:e.application.jobId??"",status:e.application.status,environment:t,submittedAt:String(i),raw:e}}function ft(e,t){if(e instanceof I)return e;let o=e instanceof Error?e.message:String(e),i="submit_failed",n=!1;if(e instanceof x)i=e.code==="hiofu.environment_mismatch"?"environment_mismatch":"configuration_error";else if(e instanceof R)e.reason==="timed_out"?i="timeout":i="popup_closed",n=!0;else if(/popup blocked/i.test(o))i="popup_blocked",n=!0;else if(/authorization popup closed|popup closed/i.test(o))i="popup_closed",n=!0;else if(/timed out/i.test(o))i="timeout",n=!0;else if(/unknown or inactive client|redirect_uri not registered|partner is not approved|must accept dpa|unknown scope|scope\(s\) not permitted|pkce/i.test(o))i="configuration_error";else if(/access_denied|consent/i.test(o))i="consent_required";else if(e instanceof P){let a=e.body,r=a?.code??a?.error?.code??"";e.status===401||e.status===403?i="auth_failed":/role/i.test(r)||/role/i.test(o)?i="role_mapping_failed":(i="submit_failed",n=e.status>=500)}return new I({code:i,message:o,correlationId:t,retryable:n,cause:e})}function Me(e){ct(e.environment,e.publicKey);let t=ut[e.environment],o=new v({clientId:e.publicKey,hiofuOrigin:e.hiofuOrigin??t.hiofuOrigin,apiBase:e.apiBase??t.apiBase,redirectUri:e.redirectUri,scopes:e.scopes,applyScopes:e.applyScopes,storage:e.storage,authorizeTimeoutMs:e.popupOptions?.timeoutMs,onEvent:e.onEvent});return{rawClient:o,authorize(i){return o.authorize(i)},getAccessToken(){return o.getAccessToken()},logout(){return o.logout()},async apply(i){let n=de();try{let a=await o.apply(lt(i)),r=pt(a,e.environment,i.idempotencyKey);return e.onComplete?.(r),r}catch(a){let r=ft(a,n);throw r.code==="consent_required"?e.onCancel?.({reason:"user_cancelled",correlationId:n}):r.code==="popup_closed"?e.onCancel?.({reason:"popup_closed",correlationId:n}):r.code==="timeout"&&e.onCancel?.({reason:"timeout",correlationId:n}),e.onError?.(r),r}}}}var L=null,dt={init(e){return L=new v(e),z(L),L},client(){if(!L)throw new Error("Hiofu.init({ clientId }) was not called");return L},apply(e){return this.client().apply(e)},authorize(e){return this.client().authorize(e)},getAccessToken(){return this.client().getAccessToken()},logout(){return this.client().logout()}};if(typeof document<"u"){let e=Z();e&&(L=e)}return We(mt);})();
+"use strict";var Hiofu=(()=>{var ee=Object.defineProperty;var Je=Object.getOwnPropertyDescriptor;var Ve=Object.getOwnPropertyNames;var Ge=Object.prototype.hasOwnProperty;var We=(e,t)=>{for(var o in t)ee(e,o,{get:t[o],enumerable:!0})},Ye=(e,t,o,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let n of Ve(t))!Ge.call(e,n)&&n!==o&&ee(e,n,{get:()=>t[n],enumerable:!(i=Je(t,n))||i.enumerable});return e};var Ze=e=>Ye(ee({},"__esModule",{value:!0}),e);var yt={};We(yt,{DEFAULT_APPLY_SCOPES:()=>ce,DEFAULT_AUTHORIZE_SCOPES:()=>ue,HIOFU_BRAND_COLOR:()=>pe,HIOFU_BRAND_SOFT:()=>Oe,HIOFU_BUTTON_LABEL:()=>Ue,HIOFU_FONT_FAMILY:()=>Y,HIOFU_FONT_URL:()=>Ne,HIOFU_TAGLINE:()=>Be,HIOFU_WORDMARK:()=>Me,Hiofu:()=>ht,HiofuApiError:()=>M,HiofuApplyError:()=>T,HiofuClient:()=>S,HiofuConfigurationError:()=>v,HiofuManagementClient:()=>$,HiofuPopupError:()=>U,autoBind:()=>j,bootstrapFromScriptTag:()=>X,createApplyClient:()=>je,createManagementClient:()=>$e,hiofuLogoSvg:()=>Le,isAutoBound:()=>Fe});var A="https://api.hiofu.com/api",M=class extends Error{constructor(o,i,n){super(o);this.status=i;this.body=n}};async function k(e,t={}){let o=new Headers(t.headers);o.set("Content-Type","application/json"),t.token&&o.set("Authorization",`Bearer ${t.token}`);let i=await fetch(e,{...t,headers:o}),n=await i.text(),s=n;try{s=n?JSON.parse(n):null}catch{}if(!i.ok){let r=s?.message?.toString()??`Request failed (${i.status})`;throw new M(r,i.status,s)}return s}async function te(e,t){let o=e.apiBase??A,i=await k(`${o}/oauth/token`,{method:"POST",body:JSON.stringify({grant_type:"authorization_code",client_id:e.clientId,code:t.code,code_verifier:t.verifier,redirect_uri:t.redirectUri})});return{accessToken:i.data.access_token,refreshToken:i.data.refresh_token??null,expiresAt:Date.now()+i.data.expires_in*1e3,scopes:i.data.scope.split(" ").filter(Boolean)}}async function be(e,t){let o=e.apiBase??A,i=await k(`${o}/oauth/token`,{method:"POST",body:JSON.stringify({grant_type:"refresh_token",client_id:e.clientId,refresh_token:t})});return{accessToken:i.data.access_token,refreshToken:i.data.refresh_token??null,expiresAt:Date.now()+i.data.expires_in*1e3,scopes:i.data.scope.split(" ").filter(Boolean)}}async function He(e,t){let o=e.apiBase??A;await k(`${o}/oauth/revoke`,{method:"POST",body:JSON.stringify({token:t,client_id:e.clientId})})}async function we(e,t){let o=e.apiBase??A;return k(`${o}/v1/partner/me`,{token:t})}async function ve(e,t){let o=e.apiBase??A;return k(`${o}/v1/partner/me/full`,{token:t})}async function _e(e,t,o){let i=e.apiBase??A;return k(`${i}/v1/partner/applications`,{method:"POST",token:t,headers:o.idempotencyKey?{"Idempotency-Key":o.idempotencyKey}:void 0,body:JSON.stringify(o)})}var v=class extends Error{constructor(t,o,i){super(o),this.name="HiofuConfigurationError",this.code=t,this.details=i}},Xe=new Set(["https://hiofu.com","https://www.hiofu.com","https://api.hiofu.com"]),Qe=new Set(["https://sandbox.hiofu.com","https://api.sandbox.hiofu.com"]);function et(e){if(e.startsWith("pk_test_"))return"test";if(e.startsWith("pk_live_"))return"live";throw new v("hiofu.configuration_error","Hiofu clientId must start with pk_test_ or pk_live_.",{clientIdPrefix:e.slice(0,8)})}function Se(e){let t;try{t=new URL(e)}catch{throw new v("hiofu.configuration_error","Hiofu origin and API URLs must be absolute URLs.",{value:e})}return["localhost","127.0.0.1","0.0.0.0"].includes(t.hostname)?"local":Qe.has(t.origin)?"sandbox":Xe.has(t.origin)?"production":"unknown"}function xe(e,t,o,i){if(!(t==="local"||t==="unknown")){if(e==="test"&&t==="production")throw new v("hiofu.environment_mismatch","pk_test_* client IDs must use sandbox Hiofu origins, not production.",{field:o,value:i,expected:"sandbox",received:"production"});if(e==="live"&&t==="sandbox")throw new v("hiofu.environment_mismatch","pk_live_* client IDs must use production Hiofu origins, not sandbox.",{field:o,value:i,expected:"production",received:"sandbox"})}}function Ie(e){let t=et(e.clientId);xe(t,Se(e.hiofuOrigin),"hiofuOrigin",e.hiofuOrigin),xe(t,Se(e.apiBase),"apiBase",e.apiBase)}var Ae="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";function oe(e=64){if(e<43||e>128)throw new Error("PKCE verifier length must be 43..128");let t=globalThis.crypto;if(!t?.getRandomValues)throw new Error("Secure random generation is unavailable in this browser.");let o=new Uint8Array(e);t.getRandomValues(o);let i="";for(let n=0;n<e;n++)i+=Ae[o[n]%Ae.length];return i}function tt(e){let t=new Uint8Array(e),o="";for(let i of t)o+=String.fromCharCode(i);return btoa(o).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}var ot=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]);function _(e,t){return e>>>t|e<<32-t}function it(e){let t=e.length+1+8;for(;t%64!==0;)t++;let o=new Uint8Array(t);o.set(e),o[e.length]=128;let i=new DataView(o.buffer),n=e.length*8;i.setUint32(t-8,Math.floor(n/4294967296)),i.setUint32(t-4,n>>>0);let s=1779033703,r=3144134277,f=1013904242,p=2773480762,d=1359893119,y=2600822924,l=528734635,h=1541459225,c=new Uint32Array(64);for(let R=0;R<t;R+=64){for(let u=0;u<16;u++)c[u]=i.getUint32(R+u*4);for(let u=16;u<64;u++){let O=_(c[u-15],7)^_(c[u-15],18)^c[u-15]>>>3,H=_(c[u-2],17)^_(c[u-2],19)^c[u-2]>>>10;c[u]=c[u-16]+O+c[u-7]+H>>>0}let m=s,E=r,x=f,b=p,C=d,I=y,w=l,P=h;for(let u=0;u<64;u++){let O=_(C,6)^_(C,11)^_(C,25),H=C&I^~C&w,z=P+O+H+ot[u]+c[u]>>>0,Q=_(m,2)^_(m,13)^_(m,22),K=m&E^m&x^E&x,q=Q+K>>>0;P=w,w=I,I=C,C=b+z>>>0,b=x,x=E,E=m,m=z+q>>>0}s=s+m>>>0,r=r+E>>>0,f=f+x>>>0,p=p+b>>>0,d=d+C>>>0,y=y+I>>>0,l=l+w>>>0,h=h+P>>>0}let g=new ArrayBuffer(32),L=new DataView(g);return[s,r,f,p,d,y,l,h].forEach((R,m)=>{L.setUint32(m*4,R)}),g}async function ke(e){let t=new TextEncoder().encode(e),o=globalThis.crypto?.subtle?.digest?await globalThis.crypto.subtle.digest("SHA-256",t):it(t);return tt(o)}function Te(e=43){return oe(e)}var nt="https://hiofu.com",rt=5*6e4,U=class extends Error{constructor(t,o){super(o),this.name="HiofuPopupError",this.reason=t}};function st(e,t){if(e.redirectUri)return e.redirectUri;let o=new URL(t).origin;return typeof window<"u"&&window.location.origin&&window.location.origin!==o?new URL("/oauth/callback.html",window.location.origin).toString():`${o}/oauth/callback-shim`}async function ie(e,t,o,i){let n=e.hiofuOrigin??nt,s=new URL(n).origin,r=st(e,n),f=e.authorizeTimeoutMs??rt,p=oe(),d=await ke(p),y=Te(),l=new URL(`${n}/oauth/consent`);l.searchParams.set("client_id",e.clientId),l.searchParams.set("redirect_uri",r),l.searchParams.set("scope",t.join(" ")),l.searchParams.set("state",y),l.searchParams.set("code_challenge",d),l.searchParams.set("code_challenge_method","S256"),l.searchParams.set("popup","1"),l.searchParams.set("sdk","apply"),o?.jobId&&l.searchParams.set("job_id",o.jobId),o?.jobTitle&&l.searchParams.set("job_title",o.jobTitle),o?.employerId&&l.searchParams.set("employer_id",o.employerId),o?.employerName&&l.searchParams.set("employer_name",o.employerName),o?.variationId&&l.searchParams.set("variation_id",o.variationId);let h=480,c=720,g=window.screenX+(window.outerWidth-h)/2,L=window.screenY+(window.outerHeight-c)/2,R=`popup=yes,width=${h},height=${c},left=${g},top=${L},scrollbars=yes`,m=window.open(l.toString(),"hiofu_apply",R);if(!m)throw new Error("Popup blocked. Allow popups for this site to continue.");i?.onPopupOpened?.({redirectUri:r});try{localStorage.removeItem("hiofu_oauth_result")}catch{}return new Promise((E,x)=>{let b=!1,C=null,I=null,w=null,P=!1,u=!1,O=()=>{if(b=!0,window.removeEventListener("message",K),window.removeEventListener("storage",q),window.removeEventListener("blur",ge),window.removeEventListener("focus",ye),document.removeEventListener("visibilitychange",he),window.clearInterval(ze),C&&clearTimeout(C),I&&clearTimeout(I),w)try{w.close()}catch{}try{localStorage.removeItem("hiofu_oauth_result")}catch{}},H=(a,B)=>{if(b||!a||a.type!=="hiofu_oauth")return;let D=a.state===y;if(i?.onPopupResultReceived?.({channel:B,hasCode:!!a.code,hasError:!!a.error,stateMatches:D,error:a.error??null,variationId:a.variationId??null}),!!D){if(a.error){O();try{m.close()}catch{}i?.onPopupClosed?.(a.error==="access_denied"?"denied":"completed"),x(new Error(a.error));return}if(a.code){O();try{m.close()}catch{}i?.onPopupClosed?.("completed"),E({code:a.code,state:y,verifier:p,redirectUri:r,variationId:a.variationId??null})}}},z=new URL(r).origin,Q=new Set([s,z]),K=a=>{b||Q.has(a.origin)&&H(a.data,"message")},q=a=>{if(!b&&!(a.key!=="hiofu_oauth_result"||!a.newValue))try{H(JSON.parse(a.newValue),"storage")}catch{}},ge=()=>{P=!0},he=()=>{document.visibilityState==="hidden"&&(P=!0)};if(typeof BroadcastChannel<"u")try{w=new BroadcastChannel("hiofu_oauth"),w.onmessage=a=>{b||H(a.data,"broadcast")}}catch{w=null}let ye=()=>{b||(P&&(u=!0),C&&clearTimeout(C),C=setTimeout(()=>{try{let a=localStorage.getItem("hiofu_oauth_result");if(a){H(JSON.parse(a),"focus_storage");return}}catch{}},3e3))};window.addEventListener("message",K),window.addEventListener("storage",q),window.addEventListener("blur",ge),window.addEventListener("focus",ye),document.addEventListener("visibilitychange",he);let ze=window.setInterval(()=>{if(!b){try{let a=m.location.href;if(a){let B=new URL(a),D=B.searchParams.get("code"),Ke=B.searchParams.get("state"),Ce=B.searchParams.get("error"),qe=B.searchParams.get("variation_id");if(D||Ce){H({type:"hiofu_oauth",code:D,state:Ke,error:Ce,variationId:qe},"poll_url");return}}}catch{}try{let a=localStorage.getItem("hiofu_oauth_result");if(a){H(JSON.parse(a),"poll_storage");return}}catch{}if(m.closed&&u)try{let a=localStorage.getItem("hiofu_oauth_result");a&&H(JSON.parse(a),"close_check")}catch{}}},500);I=window.setTimeout(()=>{if(!b){O();try{m.close()}catch{}i?.onPopupClosed?.("timed_out"),x(new U("timed_out","Authorization timed out. Please try again."))}},f)})}var Re=0;function J(e="hiofu"){let t=globalThis.crypto;if(typeof t?.randomUUID=="function")return`${e}_${t.randomUUID()}`;if(typeof t?.getRandomValues=="function"){let i=new Uint8Array(16);t.getRandomValues(i);let n=Array.from(i,s=>s.toString(16).padStart(2,"0")).join("");return`${e}_${Date.now()}_${n}`}Re+=1;let o=typeof globalThis.performance?.now=="function"?Math.floor(globalThis.performance.now()*1e3):0;return`${e}_${Date.now()}_${o}_${Re}`}var re=new Map;function se(e){return`hiofu:${e}:token`}function at(){return typeof window>"u"?"server":window.location?.origin||"unknown-origin"}function ae(e){return`hiofu:${at()}:${e}:token`}function Ee(e){try{return JSON.parse(e)}catch{return null}}function ne(e){return{...e,refreshToken:null}}function V(e,t){if(t==="memory")return re.get(e)??null;if(typeof window>"u")return null;try{let o=ae(e),i=window.sessionStorage.getItem(o);if(i){let p=Ee(i);return p?ne(p):null}let n=se(e),s=window.sessionStorage.getItem(n);if(!s)return null;let r=Ee(s);if(!r)return null;let f=ne(r);return window.sessionStorage.setItem(o,JSON.stringify(f)),window.sessionStorage.removeItem(n),f}catch{return null}}function G(e,t,o){if(t==="memory"){re.set(e,o);return}if(!(typeof window>"u"))try{window.sessionStorage.setItem(ae(e),JSON.stringify(ne(o))),window.sessionStorage.removeItem(se(e))}catch{}}function le(e,t){if(t==="memory"){re.delete(e);return}if(!(typeof window>"u"))try{window.sessionStorage.removeItem(ae(e)),window.sessionStorage.removeItem(se(e))}catch{}}var ue=["profile.basic"],ce=["applications.write","passport.snapshot"];function Pe(e){return[...new Set(e)]}function lt(e){let t=[...e];return t.includes("applications.write")||t.push("applications.write"),t.includes("passport.snapshot")||t.push("passport.snapshot"),Pe(t)}function ut(){return J()}function W(e){return{expiresAt:e.expiresAt,scopes:[...e.scopes]}}var S=class{constructor(t){this.listeners=new Set;if(!t.clientId)throw new Error("HiofuClient: clientId is required");this.config={...t,hiofuOrigin:t.hiofuOrigin??"https://hiofu.com",apiBase:t.apiBase??"https://api.hiofu.com/api",storage:t.storage??"memory",authorizeTimeoutMs:t.authorizeTimeoutMs??5*6e4},Ie(this.config)}subscribe(t){return this.listeners.add(t),()=>{this.listeners.delete(t)}}emit(t){try{this.config.onEvent?.(t)}catch{}for(let o of this.listeners)try{o(t)}catch{}}async getAccessToken(){let t=V(this.config.clientId,this.config.storage);if(!t)return null;if(t.expiresAt-3e4>Date.now())return t.accessToken;if(!t.refreshToken)return null;try{let o=await be(this.config,t.refreshToken);return G(this.config.clientId,this.config.storage,o),this.emit({type:"token_issued",token:W(o)}),o.accessToken}catch{return le(this.config.clientId,this.config.storage),null}}async authorize(t=this.config.scopes??ue,o){let i=await ie(this.config,Pe(t),o,{onPopupOpened:({redirectUri:r})=>{this.emit({type:"popup_opened",redirectUri:r})},onPopupClosed:r=>{this.emit({type:"popup_closed",reason:r})},onPopupResultReceived:r=>{this.emit({type:"popup_result_received",...r})}}),n=await te(this.config,{code:i.code,verifier:i.verifier,redirectUri:i.redirectUri});G(this.config.clientId,this.config.storage,n);let s=W(n);return this.emit({type:"token_issued",token:s}),s}async apply(t){this.emit({type:"apply_started",input:{jobId:t.jobId,jobTitle:t.jobTitle,employerId:t.employerId,employerName:t.employerName,variationId:t.variationId??void 0}});try{let o=await this.getAccessToken(),i=V(this.config.clientId,this.config.storage),n=lt(t.scopes??this.config.applyScopes??this.config.scopes??ce),s=i&&n.every(l=>i.scopes.includes(l)),r=!t.variationId,f=t.idempotencyKey?.trim()||ut(),p=t.variationId??null;if(!o||!s||r){let l=await ie(this.config,n,{jobId:t.jobId,jobTitle:t.jobTitle,employerId:t.employerId,employerName:t.employerName,variationId:t.variationId},{onPopupOpened:({redirectUri:c})=>{this.emit({type:"popup_opened",redirectUri:c})},onPopupClosed:c=>{this.emit({type:"popup_closed",reason:c})},onPopupResultReceived:c=>{this.emit({type:"popup_result_received",...c})}}),h=await te(this.config,{code:l.code,verifier:l.verifier,redirectUri:l.redirectUri});G(this.config.clientId,this.config.storage,h),this.emit({type:"token_issued",token:W(h)}),i=h,o=h.accessToken,p=l.variationId??t.variationId??null}this.emit({type:"apply_submitting",idempotencyKey:f,variationId:p});let d=await _e(this.config,o,{jobId:t.jobId,jobTitle:t.jobTitle,employerId:t.employerId,employerName:t.employerName,role:t.role,variationId:p??void 0,idempotencyKey:f}),y={application:d.data.application,authorization:W(i),idempotencyKey:f,sharedView:d.data.sharedView??(p?{type:"variation",label:null}:{type:"full_passport",label:null}),versionNumber:d.data.versionNumber??null,profile:d.data.profile??null,evidence:d.data.evidence??null,snapshot:d.data.snapshot??null,delivery:d.data.delivery??null};return this.emit({type:"apply_success",result:y}),y}catch(o){let i=o instanceof Error?o:new Error(String(o));throw this.emit({type:"apply_error",error:i}),i}}async getProfile(t="basic"){let o=await this.getAccessToken();if(!o)throw new Error("Not authorised. Call authorize() or apply().");return t==="full"?ve(this.config,o):we(this.config,o)}async logout(){let t=V(this.config.clientId,this.config.storage);if(t?.accessToken)try{await He(this.config,t.accessToken)}catch{}le(this.config.clientId,this.config.storage)}};var pe="#667eea",Oe="#eaf4ff",Me="HIOFU",Ue="Apply with HSP1",Be="Skills Passport Platform",Y="'Geist', ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif",Ne="https://fonts.googleapis.com/css2?family=Geist:wght@400;600&display=swap";function Le({size:e=24,color:t=pe}={}){return`<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 4000 4000" width="${e}" height="${e}" fill="none" aria-hidden="true"><path fill="${t}" transform="translate(1034,1034)" d="M0 0 C212.85 0 425.7 0 645 0 C645 212.52 645 425.04 645 644 C856.89636356 643.96037473 856.89636356 643.96037473 1068.79272461 643.90991211 C1109.66711426 643.90539551 1109.66711426 643.90539551 1128.76930237 643.90455627 C1143.06830418 643.90355843 1157.3673013 643.89923459 1171.66630179 643.89332657 C1186.22879895 643.88739059 1200.79129313 643.88515942 1215.35379145 643.88655505 C1224.02511491 643.88727558 1232.69642734 643.8852541 1241.36774878 643.8791924 C1247.08119714 643.87546737 1252.79463809 643.87531229 1258.50808695 643.87816466 C1261.76999766 643.87968819 1265.03188252 643.87902557 1268.29379189 643.87511742 C1271.80233562 643.87115732 1275.31082282 643.87323457 1278.8193655 643.87695217 C1279.84998128 643.87432515 1280.88059705 643.87169812 1281.94244361 643.86899149 C1282.86776725 643.87123879 1283.7930909 643.8734861 1284.74645466 643.8758015 C1285.54991085 643.87564552 1286.35336705 643.87548954 1287.1811704 643.87532884 C1289 644 1289 644 1290 645 C1290.09699984 646.41513221 1290.12447387 647.83509264 1290.1241985 649.25354534 C1290.1264458 650.17886899 1290.12869311 651.10419264 1290.13100851 652.05755639 C1290.12706797 653.60348006 1290.12706797 653.60348006 1290.12304783 655.1806345 C1290.12477845 656.81393262 1290.12477845 656.81393262 1290.12654402 658.48022666 C1290.12921807 662.17649429 1290.12468308 665.87271951 1290.12025452 669.56898499 C1290.12069145 672.21977348 1290.12152514 674.87055912 1290.12284851 677.52134705 C1290.12493343 683.3176645 1290.12326705 689.11397171 1290.11921513 694.91028798 C1290.11313165 703.64128822 1290.11284368 712.37228222 1290.11368043 721.1032842 C1290.11492471 735.73246789 1290.11162001 750.36164711 1290.10557556 764.99082947 C1290.09741702 784.77151653 1290.09547353 804.55219592 1290.09460449 824.33288574 C1290.08934731 871.90942474 1290.07538629 919.48596246 1290.0625 967.0625 C1290.041875 1073.301875 1290.02125 1179.54125 1290 1289 C1502.52 1289 1715.04 1289 1934 1289 C1934 1501.85 1934 1714.7 1934 1934 C1721.15 1934 1508.3 1934 1289 1934 C1288.625 1772.5 1288.625 1772.5 1288.52197266 1721.65039062 C1288.48202947 1706.50774795 1288.48202947 1706.50774795 1288.43954468 1691.3651123 C1288.42080214 1684.66068632 1288.40721862 1677.95627536 1288.39730835 1671.25183105 C1288.38581716 1663.49036763 1288.36742107 1655.72895444 1288.34107121 1647.96752676 C1288.3278415 1644.01067253 1288.31732704 1640.05387476 1288.31574559 1636.09699726 C1288.30745247 1620.60432768 1288.04882577 1605.17510698 1287.08163452 1589.70935059 C1287.00124612 1588.42143317 1286.92085773 1587.13351575 1286.83803332 1585.80657053 C1282.06455978 1515.63263785 1252.40600162 1448.19883165 1205.11328125 1396.33203125 C1203.22623463 1394.24965264 1201.38941767 1392.13496936 1199.5625 1390 C1192.95235187 1382.42587194 1185.71742314 1375.4353351 1178 1369 C1177.46697266 1368.55317871 1176.93394531 1368.10635742 1176.38476562 1367.64599609 C1159.24283074 1353.32553103 1141.43739688 1341.01413992 1122 1330 C1121.33468262 1329.61505371 1120.66936523 1329.23010742 1119.98388672 1328.83349609 C1079.10735154 1305.20781221 1028.19860917 1291.13249309 980.95703125 1290.76171875 C979.92285568 1290.7519249 978.88868011 1290.74213104 977.82316589 1290.73204041 C954.89597459 1290.55972646 932.58691104 1290.71914018 910 1295 C908.85321777 1295.21430664 907.70643555 1295.42861328 906.52490234 1295.64941406 C850.7227533 1306.40136369 798.57630888 1331.24788422 756 1369 C755.03191406 1369.85722656 754.06382812 1370.71445313 753.06640625 1371.59765625 C741.20418581 1382.29413391 729.84647149 1393.39927075 720 1406 C719.04945705 1407.16357244 718.09615669 1408.32489584 717.140625 1409.484375 C710.17564591 1417.97433671 703.86187772 1426.7156136 698 1436 C697.63342285 1436.57621094 697.2668457 1437.15242188 696.88916016 1437.74609375 C667.61100204 1484.08675854 650.28720896 1537.03647257 646.91055298 1591.7442627 C646.86805293 1592.4281217 646.82555287 1593.11198071 646.78176494 1593.81656271 C645.83996196 1609.26927039 645.68958126 1624.69941296 645.68335578 1640.17642534 C645.67948705 1644.19779951 645.66412082 1648.21913577 645.6503849 1652.24048615 C645.62553662 1659.99201109 645.61033146 1667.74352268 645.59880099 1675.49507764 C645.58498323 1684.49056295 645.55865582 1693.48598508 645.5324707 1702.48144531 C645.46955608 1726.15427147 645.42326434 1749.82713944 645.375 1773.5 C645.25125 1826.465 645.1275 1879.43 645 1934 C432.15 1934 219.3 1934 0 1934 C0 1721.15 0 1508.3 0 1289 C160.5625 1288.625 160.5625 1288.625 211.12329102 1288.52197266 C226.17547199 1288.48203099 226.17547199 1288.48203099 241.22764587 1288.43954468 C247.89378247 1288.42079659 254.55990392 1288.407216 261.22605896 1288.39730835 C268.94216177 1288.38582173 276.65821399 1288.36743205 284.37428081 1288.34107121 C288.30848121 1288.32783468 292.24262471 1288.31732587 296.17684853 1288.31574559 C311.39652544 1288.3075441 326.56079366 1288.06692488 341.75254822 1287.08944702 C342.99136232 1287.01010599 344.23017642 1286.93076495 345.50653034 1286.84901965 C387.02631279 1283.93222903 427.79434077 1272.55595424 465 1254 C466.31967773 1253.35925537 466.31967773 1253.35925537 467.66601562 1252.70556641 C492.1979482 1240.77197411 514.44418239 1224.84575596 535 1207 C535.80695312 1206.30648437 536.61390625 1205.61296875 537.4453125 1204.8984375 C549.58245126 1194.2424411 561.09572755 1182.76471215 571 1170 C571.94755571 1168.83872009 572.89829595 1167.68003411 573.8515625 1166.5234375 C580.82061869 1158.03191742 587.13612786 1149.28754528 593 1140 C593.36657715 1139.42378906 593.7331543 1138.84757812 594.11083984 1138.25390625 C623.52719041 1091.69451424 642.93520462 1035.77851825 643.203125 980.33984375 C643.21018463 979.36022675 643.21724426 978.38060974 643.22451782 977.37130737 C643.46827251 947.05917734 643.46827251 947.05917734 640 917 C639.79600586 915.85160645 639.59201172 914.70321289 639.38183594 913.52001953 C624.33070602 831.13315773 579.21845208 754.47206937 510.04174805 705.98974609 C499.64395414 698.85804342 488.92923007 692.28184987 478 686 C477.31856934 685.60361328 476.63713867 685.20722656 475.93505859 684.79882812 C421.32602944 653.31303265 359.70138388 645.90857123 297.84687839 645.79942851 C293.78017846 645.79117312 289.71349636 645.77734735 285.64680958 645.76427555 C277.78419488 645.73981035 269.92157578 645.72012322 262.05894377 645.70219031 C252.94736361 645.6811969 243.83580796 645.65411741 234.72424316 645.6270752 C210.71200946 645.55876501 186.69975307 645.4986243 162.6875 645.4375 C109.000625 645.293125 55.31375 645.14875 0 645 C0 432.15 0 219.3 0 0 Z"/><path fill="${t}" opacity="0.55" transform="translate(2665.2273972332478,1033.88392727077)" d="M0 0 C4.13109652 0.00441336 8.26219201 0.00290235 12.39329025 0.00218208 C20.38739589 0.0016536 28.38149015 0.00623972 36.37559288 0.01268341 C45.6357789 0.01992215 54.89595822 0.02068027 64.15614769 0.02146824 C88.56996783 0.02670501 112.98378547 0.04066624 137.39760277 0.05357273 C191.97135277 0.07419773 246.54510277 0.09482273 302.77260277 0.11607273 C302.77260277 212.96607273 302.77260277 425.81607273 302.77260277 645.11607273 C245.88885277 645.17794773 189.00510277 645.23982273 130.39760277 645.30357273 C112.46625999 645.33088474 94.53491722 645.35819675 76.06020042 645.3863364 C54.08778831 645.39988621 54.08778831 645.39988621 43.78685448 645.40240391 C36.62463329 645.40518787 29.46248328 645.41613414 22.30028221 645.43279941 C14.01926219 645.45203915 5.73830981 645.46054737 -2.54273266 645.45640758 C-6.76923774 645.45461797 -10.99559212 645.457241 -15.22206882 645.47371812 C-38.9778459 645.56183254 -62.35832648 644.49213945 -85.66489723 639.42857273 C-86.85824684 639.17366062 -88.05159645 638.91874851 -89.28110817 638.65611179 C-116.04222495 632.75696648 -142.12677201 623.98604368 -166.36020973 611.0960532 C-168.27037284 610.09351728 -170.198279 609.13534185 -172.13364723 608.18247898 C-189.97415333 599.26222593 -206.80822277 587.75093662 -222.22739723 575.11607273 C-222.73706032 574.70115574 -223.24672341 574.28623874 -223.77183083 573.85874851 C-243.26481687 557.928418 -261.11849809 540.28009887 -276.22739723 520.11607273 C-277.12709111 518.93635037 -278.02683124 517.75666329 -278.92661598 516.57701023 C-286.30270586 506.80899554 -292.90835946 496.59425731 -299.22739723 486.11607273 C-299.65907204 485.40144871 -300.09074684 484.68682468 -300.5355027 483.95054539 C-326.42724396 440.54826299 -342.06636784 387.5809744 -342.46567848 336.97544773 C-342.48036926 335.4263068 -342.48036926 335.4263068 -342.49535683 333.84587009 C-342.66772841 310.94951731 -342.5024975 288.67259489 -338.22739723 266.11607273 C-337.90593727 264.39589939 -337.90593727 264.39589939 -337.57798317 262.64097507 C-332.85158743 238.11118756 -325.49772666 214.57345459 -315.38853005 191.7391196 C-314.36606186 189.42932183 -313.36859721 187.11059599 -312.37583473 184.78794773 C-297.62667222 151.13976141 -274.6137392 121.36945591 -249.22739723 95.11607273 C-248.74754372 94.61962253 -248.2676902 94.12317234 -247.77329567 93.6116782 C-242.48368784 88.16894019 -237.05255716 82.9797985 -231.22739723 78.11607273 C-230.70500466 77.67456882 -230.18261208 77.23306492 -229.64438942 76.7781821 C-213.69661083 63.34013123 -196.8285241 51.45493394 -178.5511277 41.3953696 C-177.02513958 40.55525847 -175.50316193 39.70781288 -173.98569801 38.85240085 C-120.15120122 8.53576352 -60.86821967 -0.08189714 0 0 Z"/></svg>`}var fe=!1,F=null;function de(e){if(!e)return;let t=e.split(/[\s,]+/).map(o=>o.trim()).filter(Boolean);return t.length?t:void 0}function De(e){if(!e)return;let t=e.split(",").map(o=>o.trim()).filter(Boolean);return t.length?t:void 0}function Z(e){if(!e)return;let t=Number(e);return Number.isFinite(t)?t:void 0}function j(e){if(typeof document>"u")return()=>{};F&&F();let t=async i=>{let n=i.target?.closest("[data-hiofu-apply]");if(!n)return;i.preventDefault();let s=n.getAttribute("data-job-id"),r=n.getAttribute("data-job-title"),f=n.getAttribute("data-employer-id"),p=n.getAttribute("data-employer-name"),d=n.getAttribute("data-external-role-id"),y=n.getAttribute("data-external-employer-id"),l=n.getAttribute("data-hiofu-variation-id")??void 0,h=n.getAttribute("data-hiofu-idempotency-key")??void 0,c=de(n.getAttribute("data-hiofu-scopes"));if(!s||!r){let g=new Error("data-job-id and data-job-title are required");n.dispatchEvent(new CustomEvent("hiofu:apply:error",{bubbles:!0,detail:g}));return}n.setAttribute("data-hiofu-loading","1");try{let g={jobId:s,jobTitle:r};f&&(g.employerId=f),p&&(g.employerName=p),l&&(g.variationId=l),h&&(g.idempotencyKey=h),c&&(g.scopes=c),(d||y)&&(g.role={externalRoleId:d??s,externalEmployerId:y??f??void 0,title:n.getAttribute("data-role-title")??r,description:n.getAttribute("data-role-description")??void 0,department:n.getAttribute("data-role-department")??void 0,locations:De(n.getAttribute("data-role-locations")),jobTypes:De(n.getAttribute("data-role-job-types")),salaryMin:Z(n.getAttribute("data-role-salary-min")),salaryMax:Z(n.getAttribute("data-role-salary-max")),salaryCurrency:n.getAttribute("data-role-salary-currency")??void 0,experienceMin:Z(n.getAttribute("data-role-experience-min")),experienceMax:Z(n.getAttribute("data-role-experience-max"))});let L=await e.apply(g);n.dispatchEvent(new CustomEvent("hiofu:apply:success",{bubbles:!0,detail:L}))}catch(g){n.dispatchEvent(new CustomEvent("hiofu:apply:error",{bubbles:!0,detail:g}))}finally{n.removeAttribute("data-hiofu-loading")}};document.querySelectorAll("[data-hiofu-apply]").forEach(i=>{i.style.fontFamily=Y}),document.addEventListener("click",t),fe=!0;let o=()=>{document.removeEventListener("click",t),fe=!1,F===o&&(F=null)};return F=o,o}function Fe(){return fe}function X(){if(typeof document>"u")return null;let e=document.currentScript;if(!e)return null;let t=e.getAttribute("data-client-id");if(!t)return null;let o={clientId:t,hiofuOrigin:e.getAttribute("data-hiofu-origin")??void 0,apiBase:e.getAttribute("data-api-base")??void 0,redirectUri:e.getAttribute("data-redirect-uri")??void 0,scopes:de(e.getAttribute("data-scopes")),applyScopes:de(e.getAttribute("data-apply-scopes"))},i=new S(o);return j(i),i}var T=class extends Error{constructor(t){super(t.message),this.name="HiofuApplyError",this.code=t.code,this.correlationId=t.correlationId,this.retryable=t.retryable,this.cause=t.cause}},ct={sandbox:{hiofuOrigin:"https://sandbox.hiofu.com",apiBase:"https://api.sandbox.hiofu.com/api"},production:{hiofuOrigin:"https://hiofu.com",apiBase:"https://api.hiofu.com/api"}};function me(){return J()}function pt(e,t){if(e==="sandbox"&&!t.startsWith("pk_test_"))throw new T({code:"environment_mismatch",message:"Sandbox integrations must use a pk_test_* publishable key.",correlationId:me(),retryable:!1});if(e==="production"&&!t.startsWith("pk_live_"))throw new T({code:"environment_mismatch",message:"Production integrations must use a pk_live_* publishable key.",correlationId:me(),retryable:!1})}function ft(e){let t=e.role.locations??(e.role.location?[e.role.location]:void 0),o={jobId:e.externalJobId,jobTitle:e.jobTitle??e.role.title,scopes:e.scopes,variationId:e.variationId,idempotencyKey:e.idempotencyKey,role:{externalRoleId:e.externalJobId,title:e.role.title,description:e.role.description,locations:t,metadata:{...e.role.metadata??{},...e.role.skills?{skills:e.role.skills}:{},...e.role.salary?{salary:e.role.salary}:{},...e.role.dimensions?{dimensions:e.role.dimensions}:{},...e.callbackState?{callbackState:e.callbackState}:{},...e.partnerTags?{partnerTags:e.partnerTags}:{}}}};return e.externalEmployerId&&(o.employerId=e.externalEmployerId,o.role.externalEmployerId=e.externalEmployerId),e.employerName&&(o.employerName=e.employerName),o}function dt(e,t,o){let i=e.application.submittedAt instanceof Date?e.application.submittedAt.toISOString():e.application.submittedAt??new Date().toISOString();return{applicationId:e.application.id,partnerApplicationId:o,hiofuRoleId:e.application.jobId??"",status:e.application.status,environment:t,submittedAt:String(i),raw:e}}function mt(e,t){if(e instanceof T)return e;let o=e instanceof Error?e.message:String(e),i="submit_failed",n=!1;if(e instanceof v)i=e.code==="hiofu.environment_mismatch"?"environment_mismatch":"configuration_error";else if(e instanceof U)e.reason==="timed_out"?i="timeout":i="popup_closed",n=!0;else if(/popup blocked/i.test(o))i="popup_blocked",n=!0;else if(/authorization popup closed|popup closed/i.test(o))i="popup_closed",n=!0;else if(/timed out/i.test(o))i="timeout",n=!0;else if(/unknown or inactive client|redirect_uri not registered|partner is not approved|must accept dpa|unknown scope|scope\(s\) not permitted|pkce/i.test(o))i="configuration_error";else if(/access_denied|consent/i.test(o))i="consent_required";else if(e instanceof M){let s=e.body,r=s?.code??s?.error?.code??"";e.status===401||e.status===403?i="auth_failed":/role/i.test(r)||/role/i.test(o)?i="role_mapping_failed":(i="submit_failed",n=e.status>=500)}return new T({code:i,message:o,correlationId:t,retryable:n,cause:e})}function je(e){pt(e.environment,e.publicKey);let t=ct[e.environment],o=new S({clientId:e.publicKey,hiofuOrigin:e.hiofuOrigin??t.hiofuOrigin,apiBase:e.apiBase??t.apiBase,redirectUri:e.redirectUri,scopes:e.scopes,applyScopes:e.applyScopes,storage:e.storage,authorizeTimeoutMs:e.popupOptions?.timeoutMs,onEvent:e.onEvent});return{rawClient:o,authorize(i){return o.authorize(i)},getAccessToken(){return o.getAccessToken()},logout(){return o.logout()},async apply(i){let n=me();try{let s=await o.apply(ft(i)),r=dt(s,e.environment,i.idempotencyKey);return e.onComplete?.(r),r}catch(s){let r=mt(s,n);throw r.code==="consent_required"?e.onCancel?.({reason:"user_cancelled",correlationId:n}):r.code==="popup_closed"?e.onCancel?.({reason:"popup_closed",correlationId:n}):r.code==="timeout"&&e.onCancel?.({reason:"timeout",correlationId:n}),e.onError?.(r),r}}}}function gt(e){if(!e)return"";let t=new URLSearchParams;typeof e.page=="number"&&t.set("page",String(e.page)),typeof e.limit=="number"&&t.set("limit",String(e.limit)),e.status&&t.set("status",e.status),e.search?.trim()&&t.set("search",e.search.trim());let o=t.toString();return o?`?${o}`:""}var $=class{constructor(t={}){this.config=t}async request(t,o={}){let i=this.config.apiBase??A,n=new Headers(this.config.headers);return o.headers&&new Headers(o.headers).forEach((s,r)=>{n.set(r,s)}),k(`${i}${t}`,{...o,headers:n,token:this.config.accessToken,credentials:this.config.credentials??(this.config.accessToken?void 0:"include")})}async listRoles(t){return this.request(`/employer-roles${gt(t)}`)}async getRole(t){return(await this.request(`/employer-roles/${t}`)).data}async createRole(t){return(await this.request("/employer-roles",{method:"POST",body:JSON.stringify(t)})).data}async updateRole(t,o){return(await this.request(`/employer-roles/${t}`,{method:"PATCH",body:JSON.stringify(o)})).data}async updateRoleStatus(t,o){return(await this.request(`/employer-roles/${t}/status`,{method:"PATCH",body:JSON.stringify({status:o})})).data}async getDeveloperSettings(){return(await this.request("/employers/developer/apply-sdk")).data}async issuePublishableKey(){return(await this.request("/employers/developer/apply-sdk",{method:"POST"})).data}async saveRoleMapping(t){let o=null;return(!t.title||!t.description||!t.locations)&&(o=await this.getRole(t.employerRoleId)),(await this.request("/employers/developer/apply-sdk/role-mappings",{method:"POST",body:JSON.stringify({mode:t.mode,externalRoleId:t.externalRoleId,externalEmployerId:t.externalEmployerId,employerRoleId:t.employerRoleId,title:t.title??o?.title,description:t.description??o?.description??void 0,locations:t.locations??o?.locations??void 0,metadata:t.metadata})})).data}async addRedirectUri(t){return(await this.request("/employers/developer/apply-sdk/redirect-uris",{method:"POST",body:JSON.stringify(t)})).data}async removeRedirectUri(t){return(await this.request(`/employers/developer/apply-sdk/redirect-uris/${t}`,{method:"DELETE"})).data}};function $e(e={}){return new $(e)}var N=null,ht={init(e){return N=new S(e),j(N),N},client(){if(!N)throw new Error("Hiofu.init({ clientId }) was not called");return N},apply(e){return this.client().apply(e)},authorize(e){return this.client().authorize(e)},getAccessToken(){return this.client().getAccessToken()},logout(){return this.client().logout()}};if(typeof document<"u"){let e=X();e&&(N=e)}return Ze(yt);})();

package/dist/index.js

@@ -1,4 +1,5 @@
 import {
+  DEFAULT_API_BASE,
   DEFAULT_APPLY_SCOPES,
   DEFAULT_AUTHORIZE_SCOPES,
   HIOFU_BRAND_COLOR,
@@ -13,8 +14,9 @@ import {
   HiofuConfigurationError,
   HiofuPopupError,
   createRandomId,
-  hiofuLogoSvg
-} from "./chunk-S5RLAIWP.js";
+  hiofuLogoSvg,
+  jsonFetch
+} from "./chunk-MFY3F4OY.js";
 
 // src/auto-bind.ts
 var bound = false;
@@ -339,6 +341,149 @@ function createApplyClient(config) {
   };
 }
 
+// src/management.ts
+function buildQuery(params) {
+  if (!params) {
+    return "";
+  }
+  const search = new URLSearchParams();
+  if (typeof params.page === "number") {
+    search.set("page", String(params.page));
+  }
+  if (typeof params.limit === "number") {
+    search.set("limit", String(params.limit));
+  }
+  if (params.status) {
+    search.set("status", params.status);
+  }
+  if (params.search?.trim()) {
+    search.set("search", params.search.trim());
+  }
+  const query = search.toString();
+  return query ? `?${query}` : "";
+}
+var HiofuManagementClient = class {
+  constructor(config = {}) {
+    this.config = config;
+  }
+  async request(path, init = {}) {
+    const apiBase = this.config.apiBase ?? DEFAULT_API_BASE;
+    const headers = new Headers(this.config.headers);
+    if (init.headers) {
+      new Headers(init.headers).forEach((value, key) => {
+        headers.set(key, value);
+      });
+    }
+    return jsonFetch(`${apiBase}${path}`, {
+      ...init,
+      headers,
+      token: this.config.accessToken,
+      credentials: this.config.credentials ?? (this.config.accessToken ? void 0 : "include")
+    });
+  }
+  async listRoles(params) {
+    return this.request(
+      `/employer-roles${buildQuery(params)}`
+    );
+  }
+  async getRole(roleId) {
+    const response = await this.request(
+      `/employer-roles/${roleId}`
+    );
+    return response.data;
+  }
+  async createRole(input) {
+    const response = await this.request(
+      "/employer-roles",
+      {
+        method: "POST",
+        body: JSON.stringify(input)
+      }
+    );
+    return response.data;
+  }
+  async updateRole(roleId, input) {
+    const response = await this.request(
+      `/employer-roles/${roleId}`,
+      {
+        method: "PATCH",
+        body: JSON.stringify(input)
+      }
+    );
+    return response.data;
+  }
+  async updateRoleStatus(roleId, status) {
+    const response = await this.request(
+      `/employer-roles/${roleId}/status`,
+      {
+        method: "PATCH",
+        body: JSON.stringify({ status })
+      }
+    );
+    return response.data;
+  }
+  async getDeveloperSettings() {
+    const response = await this.request(
+      "/employers/developer/apply-sdk"
+    );
+    return response.data;
+  }
+  async issuePublishableKey() {
+    const response = await this.request(
+      "/employers/developer/apply-sdk",
+      {
+        method: "POST"
+      }
+    );
+    return response.data;
+  }
+  async saveRoleMapping(input) {
+    let resolvedRole = null;
+    if (!input.title || !input.description || !input.locations) {
+      resolvedRole = await this.getRole(input.employerRoleId);
+    }
+    const response = await this.request(
+      "/employers/developer/apply-sdk/role-mappings",
+      {
+        method: "POST",
+        body: JSON.stringify({
+          mode: input.mode,
+          externalRoleId: input.externalRoleId,
+          externalEmployerId: input.externalEmployerId,
+          employerRoleId: input.employerRoleId,
+          title: input.title ?? resolvedRole?.title,
+          description: input.description ?? resolvedRole?.description ?? void 0,
+          locations: input.locations ?? resolvedRole?.locations ?? void 0,
+          metadata: input.metadata
+        })
+      }
+    );
+    return response.data;
+  }
+  async addRedirectUri(input) {
+    const response = await this.request(
+      "/employers/developer/apply-sdk/redirect-uris",
+      {
+        method: "POST",
+        body: JSON.stringify(input)
+      }
+    );
+    return response.data;
+  }
+  async removeRedirectUri(uriId) {
+    const response = await this.request(
+      `/employers/developer/apply-sdk/redirect-uris/${uriId}`,
+      {
+        method: "DELETE"
+      }
+    );
+    return response.data;
+  }
+};
+function createManagementClient(config = {}) {
+  return new HiofuManagementClient(config);
+}
+
 // src/index.ts
 var _instance = null;
 var Hiofu = {
@@ -384,10 +529,12 @@ export {
   HiofuApplyError,
   HiofuClient,
   HiofuConfigurationError,
+  HiofuManagementClient,
   HiofuPopupError,
   autoBind,
   bootstrapFromScriptTag,
   createApplyClient,
+  createManagementClient,
   hiofuLogoSvg,
   isAutoBound
 };

package/dist/react.d.cts

@@ -1,6 +1,6 @@
 import * as react from 'react';
 import { CSSProperties, ButtonHTMLAttributes, ReactNode, MouseEvent } from 'react';
-import { e as HiofuApplyOptions, b as HiofuApplyResult, c as HiofuConfig, H as HiofuClient } from './client-BTGUPzt9.cjs';
+import { p as HiofuApplyOptions, b as HiofuApplyResult, c as HiofuConfig, H as HiofuClient } from './client-Ct5xyQMk.cjs';
 
 interface HiofuProviderProps {
     config: HiofuConfig;

package/dist/react.d.ts

@@ -1,6 +1,6 @@
 import * as react from 'react';
 import { CSSProperties, ButtonHTMLAttributes, ReactNode, MouseEvent } from 'react';
-import { e as HiofuApplyOptions, b as HiofuApplyResult, c as HiofuConfig, H as HiofuClient } from './client-BTGUPzt9.js';
+import { p as HiofuApplyOptions, b as HiofuApplyResult, c as HiofuConfig, H as HiofuClient } from './client-Ct5xyQMk.js';
 
 interface HiofuProviderProps {
     config: HiofuConfig;

package/dist/react.js

@@ -5,7 +5,7 @@ import {
   HIOFU_FONT_FAMILY,
   HiofuClient,
   hiofuLogoSvg
-} from "./chunk-S5RLAIWP.js";
+} from "./chunk-MFY3F4OY.js";
 
 // src/react.ts
 import {

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@hiofu/apply-sdk",
-  "version": "0.1.3",
-  "description": "Partner-ready browser SDK for HIOFU Apply with OAuth, HSP1 review, and idempotent application submission.",
+  "version": "0.1.5",
+  "description": "Browser SDK for HIOFU Apply with OAuth, HSP1 review, and idempotent application submission.",
   "type": "module",
   "main": "./dist/index.cjs",
   "module": "./dist/index.js",
@@ -48,7 +48,7 @@
   "license": "Apache-2.0",
   "homepage": "https://hiofu.com",
   "publishConfig": {
-    "access": "restricted"
+    "access": "public"
   },
   "engines": {
     "node": ">=18"