@moovio/sdk 25.5.6 → 25.6.0

package/src/lib/config.ts

@@ -27,6 +27,11 @@ export type SDKOptions = {
     | (() => Promise<components.Security>)
     | undefined;
 
+  /**
+   * Allows setting the accessToken parameter for all supported operations
+   */
+  accessToken?: string | undefined;
+
   httpClient?: HTTPClient;
   /**
    * Allows overriding the default server used by the SDK
@@ -68,7 +73,7 @@ export function serverURLFromOptions(options: SDKOptions): URL | null {
 export const SDK_METADATA = {
   language: "typescript",
   openapiDocVersion: "v2025.04.00",
-  sdkVersion: "25.5.6",
-  genVersion: "2.882.0",
-  userAgent: "speakeasy-sdk/typescript 25.5.6 2.882.0 v2025.04.00 @moovio/sdk",
+  sdkVersion: "25.6.0",
+  genVersion: "2.884.4",
+  userAgent: "speakeasy-sdk/typescript 25.6.0 2.884.4 v2025.04.00 @moovio/sdk",
 } as const;

package/src/mcp-server/cli/start/command.ts

@@ -51,6 +51,15 @@ export const startCommand = buildCommand({
           return z.string().parse(value);
         },
       },
+      "access-token": {
+        kind: "parsed",
+        brief:
+          "Allows setting the accessToken parameter for all supported operations",
+        optional: true,
+        parse: (value) => {
+          return z.string().parse(value);
+        },
+      },
       "server-url": {
         kind: "parsed",
         brief: "Overrides the default server URL used by the SDK",

package/src/mcp-server/cli/start/impl.ts

@@ -20,6 +20,7 @@ interface StartCommandFlags {
   readonly tool?: string[];
   readonly username?: string | undefined;
   readonly password?: string | undefined;
+  readonly "access-token"?: SDKOptions["accessToken"] | undefined;
   readonly "server-url"?: string;
   readonly "server-index"?: SDKOptions["serverIdx"];
   readonly "log-level": ConsoleLoggerLevel;
@@ -53,6 +54,7 @@ async function startStdio(flags: StartCommandFlags) {
       username: flags.username ?? "",
       password: flags.password ?? "",
     }),
+    accessToken: flags["access-token"],
     serverURL: flags["server-url"],
     serverIdx: flags["server-index"],
   });
@@ -76,6 +78,7 @@ async function startSSE(flags: StartCommandFlags) {
       username: flags.username ?? "",
       password: flags.password ?? "",
     }),
+    accessToken: flags["access-token"],
     serverURL: flags["server-url"],
     serverIdx: flags["server-index"],
   });

package/src/mcp-server/mcp-server.ts

@@ -19,7 +19,7 @@ const routes = buildRouteMap({
 export const app = buildApplication(routes, {
   name: "mcp",
   versionInfo: {
-    currentVersion: "25.5.6",
+    currentVersion: "25.6.0",
   },
 });
 

package/src/mcp-server/server.ts

@@ -186,15 +186,17 @@ export function createMCPServer(deps: {
   scopes?: MCPScope[] | undefined;
   serverURL?: string | undefined;
   security?: SDKOptions["security"] | undefined;
+  accessToken?: SDKOptions["accessToken"] | undefined;
   serverIdx?: SDKOptions["serverIdx"] | undefined;
 }) {
   const server = new McpServer({
     name: "Moov",
-    version: "25.5.6",
+    version: "25.6.0",
   });
 
   const client = new MoovCore({
     security: deps.security,
+    accessToken: deps.accessToken,
     serverURL: deps.serverURL,
     serverIdx: deps.serverIdx,
   });

package/src/models/components/webhookdata.ts

@@ -240,6 +240,7 @@ export type WebhookData =
   | WebhookDataRefundUpdated
   | WebhookDataWalletTransactionUpdated
   | WebhookDataBankAccountCreated
+  | WebhookDataBankAccountDeleted
   | WebhookDataCancellationCreated
   | WebhookDataCancellationUpdated
   | WebhookDataCardAutoUpdated
@@ -253,7 +254,6 @@ export type WebhookData =
   | WebhookDataTransferCreated
   | WebhookDataWalletUpdated
   | WebhookDataBalanceUpdated
-  | WebhookDataBankAccountDeleted
   | WebhookDataCapabilityRequested
   | WebhookDataInvoiceCreated
   | WebhookDataRepresentativeCreated
@@ -284,6 +284,7 @@ export const WebhookData$inboundSchema: z.ZodType<
   WebhookDataRefundUpdated$inboundSchema,
   WebhookDataWalletTransactionUpdated$inboundSchema,
   WebhookDataBankAccountCreated$inboundSchema,
+  WebhookDataBankAccountDeleted$inboundSchema,
   WebhookDataCancellationCreated$inboundSchema,
   WebhookDataCancellationUpdated$inboundSchema,
   WebhookDataCardAutoUpdated$inboundSchema,
@@ -297,7 +298,6 @@ export const WebhookData$inboundSchema: z.ZodType<
   WebhookDataTransferCreated$inboundSchema,
   WebhookDataWalletUpdated$inboundSchema,
   WebhookDataBalanceUpdated$inboundSchema,
-  WebhookDataBankAccountDeleted$inboundSchema,
   WebhookDataCapabilityRequested$inboundSchema,
   WebhookDataInvoiceCreated$inboundSchema,
   WebhookDataRepresentativeCreated$inboundSchema,
@@ -324,6 +324,7 @@ export type WebhookData$Outbound =
   | WebhookDataRefundUpdated$Outbound
   | WebhookDataWalletTransactionUpdated$Outbound
   | WebhookDataBankAccountCreated$Outbound
+  | WebhookDataBankAccountDeleted$Outbound
   | WebhookDataCancellationCreated$Outbound
   | WebhookDataCancellationUpdated$Outbound
   | WebhookDataCardAutoUpdated$Outbound
@@ -337,7 +338,6 @@ export type WebhookData$Outbound =
   | WebhookDataTransferCreated$Outbound
   | WebhookDataWalletUpdated$Outbound
   | WebhookDataBalanceUpdated$Outbound
-  | WebhookDataBankAccountDeleted$Outbound
   | WebhookDataCapabilityRequested$Outbound
   | WebhookDataInvoiceCreated$Outbound
   | WebhookDataRepresentativeCreated$Outbound
@@ -368,6 +368,7 @@ export const WebhookData$outboundSchema: z.ZodType<
   WebhookDataRefundUpdated$outboundSchema,
   WebhookDataWalletTransactionUpdated$outboundSchema,
   WebhookDataBankAccountCreated$outboundSchema,
+  WebhookDataBankAccountDeleted$outboundSchema,
   WebhookDataCancellationCreated$outboundSchema,
   WebhookDataCancellationUpdated$outboundSchema,
   WebhookDataCardAutoUpdated$outboundSchema,
@@ -381,7 +382,6 @@ export const WebhookData$outboundSchema: z.ZodType<
   WebhookDataTransferCreated$outboundSchema,
   WebhookDataWalletUpdated$outboundSchema,
   WebhookDataBalanceUpdated$outboundSchema,
-  WebhookDataBankAccountDeleted$outboundSchema,
   WebhookDataCapabilityRequested$outboundSchema,
   WebhookDataInvoiceCreated$outboundSchema,
   WebhookDataRepresentativeCreated$outboundSchema,

package/src/models/components/webhookdatabankaccountdeleted.ts

@@ -6,10 +6,16 @@ import * as z from "zod/v3";
 import { safeParse } from "../../lib/schemas.js";
 import { Result as SafeParseResult } from "../../types/fp.js";
 import { SDKValidationError } from "../errors/sdkvalidationerror.js";
+import {
+  BankAccountStatus,
+  BankAccountStatus$inboundSchema,
+  BankAccountStatus$outboundSchema,
+} from "./bankaccountstatus.js";
 
 export type WebhookDataBankAccountDeleted = {
   bankAccountID: string;
   accountID: string;
+  status: BankAccountStatus;
 };
 
 /** @internal */
@@ -20,11 +26,13 @@ export const WebhookDataBankAccountDeleted$inboundSchema: z.ZodType<
 > = z.object({
   bankAccountID: z.string(),
   accountID: z.string(),
+  status: BankAccountStatus$inboundSchema,
 });
 /** @internal */
 export type WebhookDataBankAccountDeleted$Outbound = {
   bankAccountID: string;
   accountID: string;
+  status: string;
 };
 
 /** @internal */
@@ -35,6 +43,7 @@ export const WebhookDataBankAccountDeleted$outboundSchema: z.ZodType<
 > = z.object({
   bankAccountID: z.string(),
   accountID: z.string(),
+  status: BankAccountStatus$outboundSchema,
 });
 
 export function webhookDataBankAccountDeletedToJSON(

package/test/tests/accessToken.test.ts

@@ -0,0 +1,86 @@
+import { describe, expect, test } from "bun:test";
+import { HTTPClient, Moov } from "@moovio/sdk";
+
+/**
+ * Builds a Moov SDK instance whose HTTPClient captures every outgoing
+ * Request without hitting the network. The captured Request can then be
+ * inspected for headers, URL, etc.
+ */
+function captureRequests(opts: ConstructorParameters<typeof Moov>[0]) {
+  const requests: Request[] = [];
+  const httpClient = new HTTPClient({
+    fetcher: async (input, init) => {
+      const req = input instanceof Request ? input : new Request(input, init);
+      requests.push(req.clone());
+      return new Response(null, { status: 200 });
+    },
+  });
+
+  const moov = new Moov({ ...opts, httpClient });
+  return { moov, requests };
+}
+
+describe("accessToken option", () => {
+  test("sets Authorization: Bearer header on outgoing requests", async () => {
+    const { moov, requests } = captureRequests({
+      accessToken: "test-access-token-123",
+    });
+
+    await moov.ping.ping();
+
+    expect(requests.length).toBe(1);
+    expect(requests[0].headers.get("Authorization")).toBe(
+      "Bearer test-access-token-123",
+    );
+  });
+
+  test("applies bearer auth on every request, not just the first", async () => {
+    const { moov, requests } = captureRequests({
+      accessToken: "another-token",
+    });
+
+    await moov.ping.ping();
+    await moov.ping.ping();
+    await moov.ping.ping();
+
+    expect(requests.length).toBe(3);
+    for (const req of requests) {
+      expect(req.headers.get("Authorization")).toBe("Bearer another-token");
+    }
+  });
+
+  test("HTTP Basic auth still works when accessToken is not set", async () => {
+    const { moov, requests } = captureRequests({
+      security: { username: "my-public-key", password: "my-secret-key" },
+    });
+
+    await moov.ping.ping();
+
+    expect(requests.length).toBe(1);
+    const auth = requests[0].headers.get("Authorization");
+    expect(auth).toMatch(/^Basic /);
+
+    // Decode the base64 portion and confirm the credentials round-trip.
+    const encoded = auth!.slice("Basic ".length);
+    const decoded = Buffer.from(encoded, "base64").toString("utf8");
+    expect(decoded).toBe("my-public-key:my-secret-key");
+  });
+
+  test("no Authorization header is sent when neither auth mode is configured", async () => {
+    const { moov, requests } = captureRequests({});
+
+    await moov.ping.ping();
+
+    expect(requests.length).toBe(1);
+    expect(requests[0].headers.get("Authorization")).toBeNull();
+  });
+
+  test("throws at construction when both accessToken and Basic creds are set", () => {
+    expect(() =>
+      new Moov({
+        accessToken: "some-token",
+        security: { username: "u", password: "p" },
+      })
+    ).toThrow(/cannot both be set/i);
+  });
+});