@moovio/sdk 25.8.7 → 25.9.0

package/README.md

@@ -95,7 +95,8 @@ Add the following server definition to your `claude_desktop_config.json` file:
         "--",
         "mcp", "start",
         "--username", "...",
-        "--password", "..."
+        "--password", "...",
+        "--access-token", "..."
       ]
     }
   }
@@ -119,7 +120,8 @@ Create a `.cursor/mcp.json` file in your project root with the following content
         "--",
         "mcp", "start",
         "--username", "...",
-        "--password", "..."
+        "--password", "...",
+        "--access-token", "..."
       ]
     }
   }
@@ -238,6 +240,32 @@ run();
 ```
 <!-- End Authentication [security] -->
 
+Client-side authentication is supported through the `accessToken` parameter. For example:
+```typescript
+import { Moov } from "@moovio/sdk";
+
+const moov = new Moov({
+  accessToken: "",
+});
+
+async function run() {
+  const result = await moov.accounts.create({
+    accountType: "business",
+    profile: {
+      business: {
+        legalBusinessName: "Whole Body Fitness LLC",
+      },
+    },
+  });
+
+  console.log(result);
+}
+
+run();
+
+```
+See the [Moov authentication docs](https://docs.moov.io/api/authentication/api-authentication/) for more information.
+
 <!-- Start Available Resources and Operations [operations] -->
 ## Available Resources and Operations
 

package/bin/mcp-server.js

@@ -52835,6 +52835,36 @@ var init_mcp = __esm(() => {
   };
 });
 
+// src/hooks/access-token-hook.ts
+class AccessTokenHook {
+  sdkInit(opts) {
+    const token = opts.accessToken;
+    const hasToken = typeof token === "string" && token.length > 0;
+    if (hasToken && opts.security != null) {
+      throw new Error("Moov SDK: `accessToken` and `security.username`/`password` cannot " + "both be set. Use `accessToken` for OAuth2 bearer auth " + "(typically client-side) or `security.username`/`password` for " + "HTTP Basic auth with API keys (server-side).");
+    }
+    if (isBrowserLike && opts.security != null) {
+      throw new Error("Moov SDK: HTTP Basic credentials were provided in a browser-like " + "environment. API keys must never be embedded in client-side " + "code. Mint a short-lived OAuth2 access token on your server " + "and pass it via the `accessToken` option instead.");
+    }
+    return opts;
+  }
+  beforeRequest(ctx, request) {
+    const token = ctx.options.accessToken;
+    if (!token || request.headers.has("Authorization")) {
+      return request;
+    }
+    const next = new Request(request);
+    next.headers.set("Authorization", `Bearer ${token}`);
+    return next;
+  }
+}
+var gt, webWorkerLike, isBrowserLike;
+var init_access_token_hook = __esm(() => {
+  gt = typeof globalThis === "undefined" ? null : globalThis;
+  webWorkerLike = typeof gt === "object" && gt != null && "importScripts" in gt && typeof gt["importScripts"] === "function";
+  isBrowserLike = webWorkerLike || typeof navigator !== "undefined" && "serviceWorker" in navigator || typeof window === "object" && typeof window.document !== "undefined";
+});
+
 // src/lib/url.ts
 function pathToFunc(pathPattern, options) {
   const paramRE = /\{([a-zA-Z0-9_][a-zA-Z0-9_-]*?)\}/g;
@@ -52879,9 +52909,9 @@ var init_config = __esm(() => {
   SDK_METADATA = {
     language: "typescript",
     openapiDocVersion: "v2025.07.00",
-    sdkVersion: "25.8.7",
-    genVersion: "2.884.0",
-    userAgent: "speakeasy-sdk/typescript 25.8.7 2.884.0 v2025.07.00 @moovio/sdk"
+    sdkVersion: "25.9.0",
+    genVersion: "2.884.4",
+    userAgent: "speakeasy-sdk/typescript 25.9.0 2.884.4 v2025.07.00 @moovio/sdk"
   };
 });
 
@@ -52901,8 +52931,12 @@ var init_moov_version_hook = __esm(() => {
 function initHooks(hooks) {
   const versionHook = new MoovVersionHook;
   hooks.registerBeforeRequestHook(versionHook);
+  const accessTokenHook = new AccessTokenHook;
+  hooks.registerSDKInitHook(accessTokenHook);
+  hooks.registerBeforeRequestHook(accessTokenHook);
 }
 var init_registration = __esm(() => {
+  init_access_token_hook();
   init_moov_version_hook();
 });
 
@@ -53685,7 +53719,7 @@ class ClientSDK {
     for (const [k2, v2] of userHeaders) {
       headers.set(k2, v2);
     }
-    if (!isBrowserLike) {
+    if (!isBrowserLike2) {
       headers.set(conf.uaHeader ?? "user-agent", conf.userAgent ?? SDK_METADATA.userAgent);
     }
     const fetchOptions = {
@@ -53830,7 +53864,7 @@ async function logResponse(logger, res, req) {
   logger.groupEnd();
   logger.groupEnd();
 }
-var gt, webWorkerLike, isBrowserLike, jsonLikeContentTypeRE, jsonlLikeContentTypeRE;
+var gt2, webWorkerLike2, isBrowserLike2, jsonLikeContentTypeRE, jsonlLikeContentTypeRE;
 var init_sdks = __esm(() => {
   init_hooks();
   init_httpclienterrors();
@@ -53839,9 +53873,9 @@ var init_sdks = __esm(() => {
   init_encodings();
   init_http();
   init_retries();
-  gt = typeof globalThis === "undefined" ? null : globalThis;
-  webWorkerLike = typeof gt === "object" && gt != null && "importScripts" in gt && typeof gt["importScripts"] === "function";
-  isBrowserLike = webWorkerLike || typeof navigator !== "undefined" && "serviceWorker" in navigator || typeof window === "object" && typeof window.document !== "undefined";
+  gt2 = typeof globalThis === "undefined" ? null : globalThis;
+  webWorkerLike2 = typeof gt2 === "object" && gt2 != null && "importScripts" in gt2 && typeof gt2["importScripts"] === "function";
+  isBrowserLike2 = webWorkerLike2 || typeof navigator !== "undefined" && "serviceWorker" in navigator || typeof window === "object" && typeof window.document !== "undefined";
   jsonLikeContentTypeRE = /^(application|text)\/([^+]+\+)*json.*/;
   jsonlLikeContentTypeRE = /^(application|text)\/([^+]+\+)*(jsonl|x-ndjson)\b.*/;
 });
@@ -98310,10 +98344,11 @@ var init_webhooksUpdate2 = __esm(() => {
 function createMCPServer(deps) {
   const server = new McpServer({
     name: "Moov",
-    version: "25.8.7"
+    version: "25.9.0"
   });
   const client = new MoovCore({
     security: deps.security,
+    accessToken: deps.accessToken,
     serverURL: deps.serverURL,
     serverIdx: deps.serverIdx
   });
@@ -98707,6 +98742,7 @@ async function startStdio(flags) {
       username: flags.username ?? "",
       password: flags.password ?? ""
     }),
+    accessToken: flags["access-token"],
     serverURL: flags["server-url"],
     serverIdx: flags["server-index"]
   });
@@ -98728,6 +98764,7 @@ async function startSSE(flags) {
       username: flags.username ?? "",
       password: flags.password ?? ""
     }),
+    accessToken: flags["access-token"],
     serverURL: flags["server-url"],
     serverIdx: flags["server-index"]
   });
@@ -99808,6 +99845,14 @@ var startCommand = tn({
           return stringType().parse(value);
         }
       },
+      "access-token": {
+        kind: "parsed",
+        brief: "Allows setting the accessToken parameter for all supported operations",
+        optional: true,
+        parse: (value) => {
+          return stringType().parse(value);
+        }
+      },
       "server-url": {
         kind: "parsed",
         brief: "Overrides the default server URL used by the SDK",
@@ -99867,7 +99912,7 @@ var routes = rn({
 var app = Ve(routes, {
   name: "mcp",
   versionInfo: {
-    currentVersion: "25.8.7"
+    currentVersion: "25.9.0"
   }
 });
 _t(app, process3.argv.slice(2), buildContext(process3));
@@ -99875,5 +99920,5 @@ export {
   app
 };
 
-//# debugId=D5D99B4AE7EAB01F64756E2164756E21
+//# debugId=EEEBAC57213C4BAE64756E2164756E21
 //# sourceMappingURL=mcp-server.js.map