@idapt/browser-app-sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,372 @@
1
+ import { I as IdaptClient } from './client-CO-P-xYI.cjs';
2
+ export { A as AddMemberInput, a as AgentsApi, b as ApiKeysApi, c as AudioApi, B as BlobMeta, d as BlobsApi, e as BlobsListOptions, C as COMMAND_BINDINGS, f as ChannelHandle, g as ChatsApi, h as CodeRunsApi, i as CommandBinding, j as ComputersApi, k as CreateAgentInput, l as CreateApiKeyInput, m as CreateChatInput, n as CreateCollectionInput, o as CreateComputerInput, p as CreateComputerUserInput, q as CreateFolderInput, r as CreateInvitationInput, s as CreateInvitationResult, t as CreateProviderEndpointInput, u as CreateSecretInput, v as CreateShareInput, w as CreateUserEnvVarInput, x as CreateWorkspaceInput, D as DatastoreApi, y as DatastoreListOptions, z as DatastoreSetOptions, E as DeleteInvitationResult, F as DeletedResult, G as DocsApi, H as ExecCommandInput, J as ExecuteCommandOptions, K as FilesApi, L as FireTriggerInput, M as GenerateImageInput, N as GuideApi, O as GuideContent, P as IdaptClientDeps, Q as ImagesApi, R as InstallStoreItemInput, S as ListAgentsQuery, T as ListApiKeysQuery, U as ListChatsQuery, V as ListComputersQuery, W as ListExecutionsQuery, X as ListFilesQuery, Y as ListMessagesQuery, Z as ListNotificationsQuery, _ as ListResult, $ as ListRunsQuery, a0 as ListSharedWithMeQuery, a1 as ListSharesQuery, a2 as ListTriggerRunsQuery, a3 as ListUsageHistoryQuery, a4 as ModelsApi, a5 as NotificationAudience, a6 as NotificationPreferenceUpdate, a7 as NotificationsApi, a8 as PairComputerInput, a9 as PairComputerResult, aa as PatchFileInput, ab as PatchPortInput, ac as PresenceEntry, ad as PresenceHeartbeatOptions, ae as ProviderEndpointModelMappingInput, af as ProviderEndpointsApi, ag as RealtimeApi, ah as RealtimeEvent, ai as RemoveShareInput, aj as RepromptMessageInput, ak as RotateApiKeyInput, al as RotateApiKeyResult, am as RunCodeInput, an as RunFileInput, ao as SearchApi, ap as SearchInput, aq as SearchStoreQuery, ar as SecretsApi, as as SendMessageInput, at as SendNotificationInput, au as SendNotificationResult, av as SettingsApi, aw as SftpInput, ax as SftpListResult, ay as SftpOp, az as SftpUploadInput, aA as SharingApi, aB as SpeakInput, aC as SseEvent, aD as StoreApi, aE as SubscribeOptions, aF as SubscriptionApi, aG as TableQuery, aH as TablesApi, aI as TmuxInput, aJ as TmuxOp, aK as TranscribeInput, aL as TriggersApi, aM as UpdateAgentInput, aN as UpdateApiKeyInput, aO as UpdateChatInput, aP as UpdateCollectionInput, aQ as UpdateComputerInput, aR as UpdateComputerUserInput, aS as UpdateMemberInput, aT as UpdateNotificationInput, aU as UpdateProviderEndpointInput, aV as UpdateSecretInput, aW as UpdateSettingsInput, aX as UpdateShareInput, aY as UpdateWorkspaceInput, aZ as UploadInput, a_ as UserApi, a$ as V1CommandName, b0 as WebSearchApi, b1 as WebSearchInput, b2 as WorkspacesApi, b3 as WritableMemberRole, b4 as awaitOperation, b5 as executeCommand, b6 as getFileBlob, b7 as getFileText, b8 as listFiles } from './client-CO-P-xYI.cjs';
3
+ import { H as HttpContext, C as CallOptions, A as AiGatewayProvider, a as AiGatewayUsageRow, D as DataStore, F as File, W as WriteOptions, b as DeletedResponse, c as DataStoreUploadInput, d as FileUploadResult, e as DataStoreCreateFolderInput, f as ConnectOptions } from './data-Chus9wn2.cjs';
4
+ export { g as Agent, h as AgentRun, i as AgentRunState, j as ApiKey, k as AppFolder, l as AudioModel, m as AudioModelCapabilities, n as AudioModelPricing, o as AuthMode, B as BlobObject, p as BundleReader, q as Chat, r as ChatCost, s as ChatCostByCallType, t as ChatStopResult, u as ClientMeta, v as Computer, w as ComputerEnvVar, x as ComputerExecResult, y as ComputerLoggingLevel, z as ComputerPort, E as ComputerServerInfo, G as ComputerState, I as ComputerType, J as ComputerUser, K as CreateTriggerInput, L as DataCreateFolderInput, M as DataFolder, N as DataUploadInput, O as DatastoreEntry, P as EscalateRequest, Q as ExecutionBackend, R as ExecutionRun, S as ExecutionRunStatus, T as FileList, U as HttpRequest, V as ImageGenerationResult, X as ImageModel, Y as ImageModelPricing, Z as LLMModel, _ as LLMModelCapabilities, $ as LLMModelPricing, a0 as ListEnvelope, a1 as ManagedProviderPreset, a2 as Message, a3 as MessageCostEntry, a4 as MessageCosts, a5 as ModelBase, a6 as ModelModality, a7 as Notification, a8 as NotificationConfig, a9 as NotificationPreference, aa as NotificationSenderKind, ab as Pagination, ac as Permission, ad as ProviderEndpoint, ae as ProviderEndpointConnectionType, af as ProviderEndpointKind, ag as ProviderEndpointModality, ah as ProviderEndpointModelMapping, ai as ProviderEndpointProtocol, aj as ProviderEndpointProviderKey, ak as ProviderEndpointRuntime, al as ProviderEndpointTestResult, am as ProviderEndpointTransport, an as ProviderEndpointVisibility, ao as QueryInput, ap as RemoteBundleReader, aq as RepromptResult, ar as RunCostMetrics, as as RuntimeMode, at as SearchResult, au as Secret, av as SecretWithValue, aw as SendMessageResult, ax as Settings, ay as SftpEntry, az as Share, aA as ShareDeletedResult, aB as SharePermission, aC as ShareResourceType, aD as SharedWithMeItem, aE as SingleEnvelope, aF as SpeechResult, aG as SpeechStreamEvent, aH as StoreInstallResult, aI as StoreItem, aJ as StoreItemType, aK as StoredCredential, aL as Subscription, aM as SubscriptionPlan, aN as TableCollection, aO as TableRecord, aP as TmuxWindow, aQ as TranscriptionResult, aR as TranscriptionStreamEvent, aS as Trigger, aT as TriggerActionType, aU as TriggerCostStats, aV as TriggerRun, aW as TriggerType, aX as TriggerWithSecret, aY as TtsVoice, aZ as TtsVoiceGender, a_ as UpdateTriggerInput, a$ as UsageRecord, b0 as UsageSummary, b1 as User, b2 as WebSearchHit, b3 as WebSearchResponse, b4 as Workspace, b5 as WorkspaceInvitation, b6 as WorkspaceMember, b7 as WorkspaceMemberRole, b8 as buildUrl, b9 as request, ba as requestRaw } from './data-Chus9wn2.cjs';
5
+ import 'zod';
6
+
7
+ /**
8
+ * AiGatewayApi — `/api/v1/ai-gateway`.
9
+ *
10
+ * The Idapt AI Gateway routing read surface: the routable provider catalog and
11
+ * the per-model / per-provider usage breakdown. (BYOK provider endpoints are
12
+ * `client.providerEndpoints`; routing PREFERENCES are managed in-app.)
13
+ */
14
+
15
+ interface AiGatewayProvidersOptions extends CallOptions {
16
+ /** Restrict to providers that serve this idapt model id (author/model). */
17
+ modelId?: string;
18
+ }
19
+ interface AiGatewayUsageOptions extends CallOptions {
20
+ /** Grouping — `model` (default) or `provider`. */
21
+ view?: "model" | "provider";
22
+ /** Public workspace id — defaults to the caller's personal workspace. */
23
+ workspaceId?: string;
24
+ /** Look-back window in days (1–365, default 30). */
25
+ windowDays?: number;
26
+ }
27
+ declare class AiGatewayApi {
28
+ private readonly ctx;
29
+ constructor(ctx: HttpContext);
30
+ /** List the routable serving providers (optionally for one model). */
31
+ providers(opts?: AiGatewayProvidersOptions): Promise<AiGatewayProvider[]>;
32
+ /** Per-model / per-provider usage breakdown over a window. */
33
+ usage(opts?: AiGatewayUsageOptions): Promise<AiGatewayUsageRow[]>;
34
+ }
35
+
36
+ /**
37
+ * IdaptClient — the generic, isomorphic Idapt v1 API client.
38
+ *
39
+ * Holds one typed surface per v1 resource, all wired against a single bearer
40
+ * {@link HttpContext}. This is the polyglot-generatable core of the SDK: it has
41
+ * NO browser-app runtime (cookie bootstrap, app-data KV, React hooks) — that
42
+ * lives in `@idapt/browser-app-sdk`, which composes this client.
43
+ *
44
+ * Construct it via {@link connect} (`connect({ apiUrl, key })`) rather than
45
+ * directly.
46
+ */
47
+
48
+ interface IdaptClientOptions {
49
+ /** API origin, e.g. `https://idapt.app`. */
50
+ apiUrl: string;
51
+ /** Bearer credential (`uk_` / `pk_` / `ap_`). */
52
+ key: string;
53
+ /** Custom fetch (tests / polyfills). Defaults to `globalThis.fetch`. */
54
+ fetch?: typeof fetch;
55
+ }
56
+
57
+ /**
58
+ * Typed error hierarchy for @idapt/sdk.
59
+ *
60
+ * Every API-originated failure is surfaced as an `IdaptError` or a subclass.
61
+ * Consumers can branch on `error.code` (stable string) or `instanceof`
62
+ * (preferred in TypeScript). The raw HTTP status is preserved on `.status`.
63
+ *
64
+ * Why a class hierarchy (not just codes)?
65
+ * - `catch (err) { if (err instanceof AuthError) ... }` reads cleanly
66
+ * - Each subclass has a `.name` that matches its constructor, so stack
67
+ * traces and devtools show the right label
68
+ * - Adding a subclass is a non-breaking change
69
+ *
70
+ * ## Wire error envelope — `{ error: { type, message, code? } }`
71
+ *
72
+ * The v1 error envelope splits its old flat `code` field into two:
73
+ * - **`type`** — the coarse category (`invalid_request`, `unauthorized`,
74
+ * `forbidden`, `not_found`, `conflict`, `rate_limit`,
75
+ * `service_unavailable`, `internal_error`). This is what clients branch
76
+ * on for coarse handling — the SDK mirrors it onto `IdaptError.type`.
77
+ * - **`code`** — an OPTIONAL finer computer-branchable sub-code carried
78
+ * alongside `type`, present only on specific errors (today the only
79
+ * value is `model_not_available_for_tier`). The SDK surfaces it as
80
+ * `IdaptError.subCode`. A client that does not recognise a sub-code
81
+ * falls back to `type`, so new sub-codes are never breaking.
82
+ *
83
+ * Note: `IdaptError.code` is the SDK's own stable discriminant (it predates
84
+ * the wire split and pairs 1:1 with the `instanceof` subclasses). The wire
85
+ * `error.type` lands on `.type`; the wire `error.code` lands on `.subCode`.
86
+ */
87
+ /**
88
+ * SDK-internal stable error discriminant. Pairs 1:1 with the `instanceof`
89
+ * subclasses. This is NOT the wire `error.type` — see `IdaptErrorType` for
90
+ * that — it is the SDK's own long-stable code (kept for back-compat).
91
+ */
92
+ type IdaptErrorCode = "network_error" | "auth_expired" | "auth_missing" | "permission_denied" | "not_found" | "conflict" | "rate_limited" | "invalid_request" | "service_unavailable" | "server_error" | "unknown";
93
+ /**
94
+ * The wire `error.type` enum — the coarse category the v1 API stamps on
95
+ * every error envelope. Mirrored onto `IdaptError.type` verbatim.
96
+ */
97
+ type IdaptErrorType = "invalid_request" | "unauthorized" | "forbidden" | "not_found" | "conflict" | "rate_limit" | "service_unavailable" | "internal_error";
98
+ /**
99
+ * The wire `error.code` finer sub-code enum. Optional — present only on
100
+ * specific errors. Typed as a union with `string` so an unrecognised
101
+ * future sub-code still type-checks (consumers fall back to `.type`).
102
+ */
103
+ type IdaptErrorSubCode = "model_not_available_for_tier" | (string & {});
104
+ interface IdaptErrorInit {
105
+ message: string;
106
+ code: IdaptErrorCode;
107
+ status?: number;
108
+ body?: unknown;
109
+ cause?: unknown;
110
+ /** Wire `error.type` — the coarse category. */
111
+ type?: IdaptErrorType;
112
+ /** Wire `error.code` — the optional finer sub-code. */
113
+ subCode?: IdaptErrorSubCode;
114
+ }
115
+ declare class IdaptError extends Error {
116
+ /** SDK-internal stable discriminant (back-compat; pairs with subclasses). */
117
+ readonly code: IdaptErrorCode;
118
+ /** Wire `error.type` — the coarse category the server reported. */
119
+ readonly type?: IdaptErrorType;
120
+ /**
121
+ * Wire `error.code` — the optional finer sub-code, present only on
122
+ * specific errors (e.g. `model_not_available_for_tier`). Branch on this
123
+ * for fine-grained handling and fall back to `type` / the subclass when
124
+ * it is absent or unrecognised.
125
+ */
126
+ readonly subCode?: IdaptErrorSubCode;
127
+ readonly status: number;
128
+ readonly body: unknown;
129
+ constructor(init: IdaptErrorInit);
130
+ }
131
+ declare class NetworkError extends IdaptError {
132
+ constructor(init: Omit<IdaptErrorInit, "code"> & {
133
+ code?: "network_error";
134
+ });
135
+ }
136
+ declare class AuthError extends IdaptError {
137
+ constructor(init: Omit<IdaptErrorInit, "code"> & {
138
+ code?: "auth_expired" | "auth_missing";
139
+ });
140
+ }
141
+ declare class PermissionError extends IdaptError {
142
+ constructor(init: Omit<IdaptErrorInit, "code">);
143
+ }
144
+ declare class NotFoundError extends IdaptError {
145
+ constructor(init: Omit<IdaptErrorInit, "code">);
146
+ }
147
+ declare class ConflictError extends IdaptError {
148
+ constructor(init: Omit<IdaptErrorInit, "code">);
149
+ }
150
+ declare class RateLimitError extends IdaptError {
151
+ constructor(init: Omit<IdaptErrorInit, "code"> & {
152
+ retryAfter?: number;
153
+ });
154
+ readonly retryAfter?: number;
155
+ }
156
+ declare class InvalidRequestError extends IdaptError {
157
+ constructor(init: Omit<IdaptErrorInit, "code">);
158
+ }
159
+ /**
160
+ * HTTP 503 — an upstream dependency the request needed (a computer daemon,
161
+ * an inference provider) was unreachable. The request itself was valid, so
162
+ * this is **retryable**: `retryable` is always `true` and `retryAfter`
163
+ * carries the server's `retry_after` hint when one is present.
164
+ *
165
+ * Returned by the computer `exec` / `tmux` / `sftp` endpoints and
166
+ * `POST /v1/audio/transcriptions`.
167
+ */
168
+ declare class ServiceUnavailableError extends IdaptError {
169
+ /** Always `true` — a 503 means "retry later", the request was fine. */
170
+ readonly retryable = true;
171
+ /** Server-suggested seconds to wait before retrying, when provided. */
172
+ readonly retryAfter?: number;
173
+ constructor(init: Omit<IdaptErrorInit, "code"> & {
174
+ retryAfter?: number;
175
+ });
176
+ }
177
+ declare class ServerError extends IdaptError {
178
+ constructor(init: Omit<IdaptErrorInit, "code">);
179
+ }
180
+ /**
181
+ * Map an HTTP response status code to the correct error subclass.
182
+ * Centralised so the mapping stays consistent across every SDK call site.
183
+ *
184
+ * The v1 contract pins each failure mode to a specific status:
185
+ * - `invalid_request` → always HTTP 422 (validation failures)
186
+ * - `not_found` → always HTTP 404 (missing resource)
187
+ * - `permission_denied` → 403, `auth_*` → 401, `conflict` → 409,
188
+ * `rate_limited` → 429
189
+ * - `service_unavailable` → 503 (upstream dependency down — retryable)
190
+ * - `server_error` → any other 5xx (500, 502, …)
191
+ * Any other 4xx the server emits is unmapped and surfaces as the
192
+ * `IdaptError` base with code `unknown` — we do NOT label a bare 400 as
193
+ * `invalid_request`, since that code is reserved for 422.
194
+ *
195
+ * `type` / `subCode` are the wire `error.type` / `error.code` lifted off
196
+ * the response envelope by `extractErrorFields`; they ride along so
197
+ * consumers can branch on the fine-grained sub-code.
198
+ */
199
+ declare function errorFromStatus(status: number, message: string, body: unknown): IdaptError;
200
+
201
+ declare const VERSION: string;
202
+
203
+ /**
204
+ * Remote `DataStore` — the Idapt-backend-backed implementation of the
205
+ * read-write data surface used by {@link DataFolder}.
206
+ *
207
+ * It backs onto the dedicated **per-(user × app) app-data KV** at
208
+ * `/api/browser-app/data/{appResId}/{key}` — NOT Drive. Each entry is a
209
+ * `browser_app_data` row keyed `(browserAppId, principalId, key)` and is
210
+ * authenticated by the app's `ap_` credential (carried as the Bearer on the
211
+ * SDK's {@link HttpContext}). This is the DB-first replacement for the old
212
+ * `.app-data/{appResId}/` Drive folder, which no longer exists.
213
+ *
214
+ * ## Key model — the KV key IS the file name
215
+ *
216
+ * The KV has no notion of file *ids* separate from *names*: there is one flat
217
+ * namespace of string keys per principal. `DataFolder` is written against a
218
+ * Drive-ish `{id, name}` `File` shape, so this adapter collapses the two: for
219
+ * every entry **`id === name === key`**. `DataFolder`'s name-cache and
220
+ * name-based API (`set`/`get`/`has`/`setJSON`/`getJSON`/`remove`) therefore
221
+ * resolve a name straight to its key with no id indirection.
222
+ *
223
+ * ## Wire mapping
224
+ *
225
+ * | `DataStore` method | HTTP | Notes |
226
+ * |--------------------|-----------------------------------------------|-------|
227
+ * | `read(key)` | `GET /api/browser-app/data/{app}/{key}` | returns the stored string (`{value}` body, or raw blob text) |
228
+ * | `write(key, s)` | `PUT /api/browser-app/data/{app}/{key}` `{value: s}` | |
229
+ * | `delete(key)` | `DELETE /api/browser-app/data/{app}/{key}` | idempotent |
230
+ * | `list()` | `GET /api/browser-app/data/{app}/` | principal's keys → `File[]` (id=name=key) |
231
+ * | `getMetadata(key)` | `GET /api/browser-app/data/{app}/{key}` | 404 → `NotFoundError` |
232
+ * | `readBlob(key)` | `GET /api/browser-app/data/{app}/{key}` | bytes as `Blob` |
233
+ * | `upload({file,name})` | `PUT /api/browser-app/data/{app}/{name}` `{value: <text>}` | the `set()`/`setJSON()` create path; stores the blob's **text** |
234
+ *
235
+ * ## Unsupported surfaces
236
+ *
237
+ * The KV is flat — there are no folders and no separate-id move. `createFolder`,
238
+ * `move`, and `listFolder(parentId)` have no KV analogue and throw a typed
239
+ * {@link InvalidRequestError} (`code: "invalid_request"`). `DataFolder`'s
240
+ * name-based API never reaches them; only an app calling the raw folder methods
241
+ * does, and it gets a clear, branchable error.
242
+ */
243
+
244
+ declare class RemoteDataStore implements DataStore {
245
+ private readonly ctx;
246
+ readonly id: string;
247
+ /**
248
+ * @param ctx HTTP context (carries the app's `ap_` bearer + api origin).
249
+ * @param id The app's **resource id** (the `{appResId}` path segment) — this
250
+ * is the boot's `appResourceId`, NOT a Drive folder id.
251
+ */
252
+ constructor(ctx: HttpContext, id: string);
253
+ /** Idapt origin this store talks to — surfaced by `DataFolder` for tooling. */
254
+ get apiUrl(): string;
255
+ /** URL-encode a single key segment for the `{...key}` catch-all route. */
256
+ private keyPath;
257
+ /** List the principal's keys for this app → `File[]` with `id = name = key`. */
258
+ list(opts?: CallOptions): Promise<File[]>;
259
+ /**
260
+ * No KV analogue — the app-data KV is a flat per-principal namespace with no
261
+ * subfolders. Throws so apps that try to enumerate a folder get a clear error.
262
+ */
263
+ listFolder(_parentId: string, _opts?: CallOptions): Promise<File[]>;
264
+ /** Metadata for one key — GET it; 404 surfaces as `NotFoundError`. */
265
+ getMetadata(key: string, opts?: CallOptions): Promise<File>;
266
+ /** Read a key's stored string. Inline JSON → `{value}`; blob → raw text. */
267
+ read(key: string, opts?: CallOptions): Promise<string>;
268
+ /** Read a key's raw bytes as a Blob (handles blob-backed binary entries). */
269
+ readBlob(key: string, opts?: CallOptions): Promise<Blob>;
270
+ /** Upsert a key's value. `content` is stored verbatim as `{value: content}`. */
271
+ write(key: string, content: string, opts?: WriteOptions): Promise<File>;
272
+ /** Delete a key (idempotent — DELETE on a missing key still resolves). */
273
+ delete(key: string, opts?: CallOptions): Promise<DeletedResponse>;
274
+ /**
275
+ * Store a blob under `name` (the KV key). This is the create path behind
276
+ * `DataFolder.set()` / `setJSON()`, which always upload a `text/plain` blob —
277
+ * we read the blob as **text** and PUT it as the key's `{value}`. Binary
278
+ * blobs are stored as their UTF-8 text (the KV PUT route is JSON-only); use
279
+ * `set()`/`setJSON()` for structured data.
280
+ */
281
+ upload(input: DataStoreUploadInput, opts?: CallOptions): Promise<FileUploadResult>;
282
+ /** No KV analogue — the namespace is flat. */
283
+ createFolder(_input: DataStoreCreateFolderInput, _opts?: CallOptions): Promise<File>;
284
+ /** No KV analogue — there are no folders to move between. */
285
+ move(_key: string, _parentId: string | null, _opts?: CallOptions): Promise<File>;
286
+ }
287
+
288
+ /**
289
+ * connect() — the browser-app bootstrap. Browser apps are **npm-only** and
290
+ * always run on Idapt; there is no off-Idapt local mode. Two modes:
291
+ *
292
+ * 1. **Library (explicit key)** — `connect({ apiUrl, key })`. Skips the
293
+ * cookie dance and talks to `apiUrl` with the key as Bearer. `remote`.
294
+ * 2. **Hosted (cookie/bootstrap)** — the default on an Idapt app subdomain:
295
+ * - `/__idapt__/init` plants an HttpOnly `__idapt_app_key` cookie on
296
+ * this subdomain at iframe mount time.
297
+ * - `/__idapt__/bootstrap` returns the SDK's runtime context (DB-first
298
+ * `BrowserAppBootstrap`: `appResourceId`, `appId`, granted
299
+ * permissions, entrypoint). There is NO raw key and NO Drive folder
300
+ * ids — auth is the httpOnly cookie, which the browser attaches on
301
+ * every same-origin request (`credentials: "include"`). `remote` /
302
+ * cookie auth. If bootstrap 401s, the response carries
303
+ * `X-Idapt-Authorize-Url` and we navigate the browser through the
304
+ * consent round-trip.
305
+ *
306
+ * If the bootstrap endpoint is unreachable (the app is NOT served by Idapt —
307
+ * a static host, `file://`, etc.), `connect()` throws: a browser app must run
308
+ * on Idapt. There is no IndexedDB / relative-fetch degradation.
309
+ *
310
+ * In the cookie-bootstrap flow the `ap_` key never exists anywhere
311
+ * JS-readable at all — it lives only in the httpOnly app-key cookie, which the
312
+ * browser attaches automatically. Only library mode (mode 1) ever holds a raw
313
+ * key in JS, and that one is caller-supplied.
314
+ */
315
+
316
+ /**
317
+ * Defaults the bundled IIFE wires in at build time via sentinel replacement.
318
+ * Library consumers can override both via `ConnectOptions`.
319
+ */
320
+ interface DefaultConnectConfig {
321
+ apiUrl: string;
322
+ browserAppDomain: string;
323
+ }
324
+ /**
325
+ * Error thrown by connect() when the browser has been navigated away
326
+ * to `/app-authorize`. The call-site (SDK boot code) uses the tag to
327
+ * distinguish "connect will never complete" from genuine failures —
328
+ * e.g. to keep the overlay visible with an install CTA while
329
+ * navigation is in-flight.
330
+ */
331
+ interface IdaptRedirectingError extends Error {
332
+ __redirecting: true;
333
+ }
334
+ declare function makeConnect(defaults: DefaultConnectConfig): (options?: ConnectOptions) => Promise<IdaptClient>;
335
+
336
+ /**
337
+ * App-id and base-URL detection.
338
+ *
339
+ * Browser apps are served at `{resId}.{BROWSER_APP_DOMAIN}/...`. Subdomain is
340
+ * the only supported shape — the path-based `/app/{resId}/` variant was
341
+ * removed with the auth-unification migration because it cannot carry
342
+ * the subdomain-scoped `__idapt_app_key` cookie.
343
+ *
344
+ * Pure functions → trivially testable with a mock Location.
345
+ */
346
+ type LocationLike = Pick<Location, "hostname" | "pathname" | "origin" | "href" | "search">;
347
+ /**
348
+ * Extract the app id from the current window location.
349
+ *
350
+ * @param browserAppDomain The configured browser-app domain (e.g. "idapt.host").
351
+ * @param loc Location-like. Defaults to window.location.
352
+ * @returns Lowercased app id, or empty string if none detected.
353
+ */
354
+ declare function detectAppId(browserAppDomain: string, loc?: LocationLike): string;
355
+ /**
356
+ * Build the origin base URL for the app. Used to compute the `redirect`
357
+ * query param on consent / escalate redirects back to the app.
358
+ */
359
+ declare function getAppBaseUrl(_browserAppDomain: string, loc?: LocationLike): string;
360
+
361
+ /**
362
+ * Connect to Idapt from a browser app. Defaults to the cookie-bootstrap flow on
363
+ * an app subdomain; pass `{ key }` for library/bearer mode. Shadows the generic
364
+ * `@idapt/sdk` `connect`. Throws if the app is not running on Idapt.
365
+ */
366
+ declare function connect(options?: ConnectOptions): Promise<IdaptClient>;
367
+ /** Namespace object for consumers that prefer `Idapt.connect()` style. */
368
+ declare const Idapt: {
369
+ connect: typeof connect;
370
+ };
371
+
372
+ export { AiGatewayApi, AiGatewayProvider, type AiGatewayProvidersOptions, type AiGatewayUsageOptions, AiGatewayUsageRow, AuthError, CallOptions, ConflictError, ConnectOptions, DataStore, DataStoreCreateFolderInput, DataStoreUploadInput, type DefaultConnectConfig, DeletedResponse, File, FileUploadResult, HttpContext, Idapt, IdaptClient, type IdaptClientOptions, IdaptError, type IdaptErrorCode, type IdaptErrorInit, type IdaptErrorSubCode, type IdaptErrorType, type IdaptRedirectingError, InvalidRequestError, type LocationLike, NetworkError, NotFoundError, PermissionError, RateLimitError, RemoteDataStore, ServerError, ServiceUnavailableError, VERSION, WriteOptions, connect, detectAppId, errorFromStatus, getAppBaseUrl, makeConnect };