@nimbleflux/fluxbase-sdk 2026.3.6 → 2026.3.7-rc.2

package/dist/index.cjs

@@ -7,6 +7,7 @@ var FluxbaseFetch = class {
     this.isRefreshing = false;
     this.refreshPromise = null;
     this.anonKey = null;
+    this.beforeRequestCallback = null;
     this.baseUrl = baseUrl.replace(/\/$/, "");
     this.defaultHeaders = {
       "Content-Type": "application/json",
@@ -22,6 +23,14 @@ var FluxbaseFetch = class {
   setRefreshTokenCallback(callback) {
     this.refreshTokenCallback = callback;
   }
+  /**
+   * Register a callback to be called before every request.
+   * The callback receives the headers object and can modify it in place.
+   * This is useful for dynamically injecting headers at request time.
+   */
+  setBeforeRequestCallback(callback) {
+    this.beforeRequestCallback = callback;
+  }
   /**
    * Set the anon key for fallback authentication
    * When setAuthToken(null) is called, the Authorization header will be
@@ -43,6 +52,18 @@ var FluxbaseFetch = class {
       delete this.defaultHeaders["Authorization"];
     }
   }
+  /**
+   * Set a custom header on all requests
+   */
+  setHeader(name, value) {
+    this.defaultHeaders[name] = value;
+  }
+  /**
+   * Remove a custom header
+   */
+  removeHeader(name) {
+    delete this.defaultHeaders[name];
+  }
   /**
    * Make an HTTP request
    */
@@ -55,15 +76,23 @@ var FluxbaseFetch = class {
   async requestInternal(path, options, isRetry) {
     const url = `${this.baseUrl}${path}`;
     const headers = { ...this.defaultHeaders, ...options.headers };
+    if (this.beforeRequestCallback) {
+      this.beforeRequestCallback(headers);
+    }
     const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), options.timeout ?? this.timeout);
+    const timeoutId = setTimeout(
+      () => controller.abort(),
+      options.timeout ?? this.timeout
+    );
     if (this.debug) {
       console.log(`[Fluxbase SDK] ${options.method} ${url}`, options.body);
     }
     try {
       const isFormData = options.body && (options.body.constructor?.name === "FormData" || options.body instanceof FormData);
       const requestHeaders = isFormData ? Object.fromEntries(
-        Object.entries(headers).filter(([key]) => key.toLowerCase() !== "content-type")
+        Object.entries(headers).filter(
+          ([key]) => key.toLowerCase() !== "content-type"
+        )
       ) : headers;
       const response = await fetch(url, {
         method: options.method,
@@ -159,7 +188,11 @@ var FluxbaseFetch = class {
    * POST request that returns response with headers (for POST-based queries with count)
    */
   async postWithHeaders(path, body, options = {}) {
-    return this.requestWithHeaders(path, { ...options, method: "POST", body });
+    return this.requestWithHeaders(path, {
+      ...options,
+      method: "POST",
+      body
+    });
   }
   /**
    * Make an HTTP request and return response with headers
@@ -173,15 +206,23 @@ var FluxbaseFetch = class {
   async requestWithHeadersInternal(path, options, isRetry) {
     const url = `${this.baseUrl}${path}`;
     const headers = { ...this.defaultHeaders, ...options.headers };
+    if (this.beforeRequestCallback) {
+      this.beforeRequestCallback(headers);
+    }
     const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), options.timeout ?? this.timeout);
+    const timeoutId = setTimeout(
+      () => controller.abort(),
+      options.timeout ?? this.timeout
+    );
     if (this.debug) {
       console.log(`[Fluxbase SDK] ${options.method} ${url}`, options.body);
     }
     try {
       const isFormData = options.body && (options.body.constructor?.name === "FormData" || options.body instanceof FormData);
       const requestHeaders = isFormData ? Object.fromEntries(
-        Object.entries(headers).filter(([key]) => key.toLowerCase() !== "content-type")
+        Object.entries(headers).filter(
+          ([key]) => key.toLowerCase() !== "content-type"
+        )
       ) : headers;
       const response = await fetch(url, {
         method: options.method,
@@ -262,6 +303,9 @@ var FluxbaseFetch = class {
   async head(path, options = {}) {
     const url = `${this.baseUrl}${path}`;
     const headers = { ...this.defaultHeaders, ...options.headers };
+    if (this.beforeRequestCallback) {
+      this.beforeRequestCallback(headers);
+    }
     const response = await fetch(url, {
       method: "HEAD",
       headers
@@ -274,9 +318,15 @@ var FluxbaseFetch = class {
   async getBlob(path, options = {}) {
     const url = `${this.baseUrl}${path}`;
     const headers = { ...this.defaultHeaders, ...options.headers };
+    if (this.beforeRequestCallback) {
+      this.beforeRequestCallback(headers);
+    }
     delete headers["Content-Type"];
     const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), options.timeout ?? this.timeout);
+    const timeoutId = setTimeout(
+      () => controller.abort(),
+      options.timeout ?? this.timeout
+    );
     if (this.debug) {
       console.log(`[Fluxbase SDK] GET (blob) ${url}`);
     }
@@ -5130,6 +5180,59 @@ var EmailSettingsManager = class {
   async setProvider(provider) {
     return await this.update({ provider });
   }
+  // Tenant-scoped methods
+  /**
+   * Get tenant-level email settings (resolved through cascade)
+   *
+   * Returns email settings resolved for the current tenant context,
+   * including source information for each field.
+   *
+   * @returns Promise resolving to TenantEmailProviderSettings
+   */
+  async getForTenant() {
+    return await this.fetch.get(
+      "/api/v1/admin/email/settings/tenant"
+    );
+  }
+  /**
+   * Update tenant-level email settings
+   *
+   * Only provided fields are updated. These override instance-level defaults.
+   *
+   * @param request - Settings to update
+   * @returns Promise resolving to TenantEmailProviderSettings
+   */
+  async updateForTenant(request) {
+    return await this.fetch.put(
+      "/api/v1/admin/email/settings/tenant",
+      request
+    );
+  }
+  /**
+   * Delete a tenant-level email setting override
+   *
+   * Removes the tenant override for a specific field, reverting to the instance default.
+   *
+   * @param field - The field name to remove the override for
+   * @returns Promise resolving to TenantEmailProviderSettings
+   */
+  async deleteTenantOverride(field) {
+    return await this.fetch.delete(
+      `/api/v1/admin/email/settings/tenant/${field}`
+    );
+  }
+  /**
+   * Test tenant-level email configuration
+   *
+   * @param recipientEmail - Email address to send the test email to
+   * @returns Promise resolving to TestEmailSettingsResponse
+   */
+  async testForTenant(recipientEmail) {
+    return await this.fetch.post(
+      "/api/v1/admin/email/settings/tenant/test",
+      { recipient_email: recipientEmail }
+    );
+  }
 };
 var FluxbaseSettings = class {
   constructor(fetch2) {
@@ -6130,7 +6233,10 @@ var ClientKeysManager = class {
    * ```
    */
   async create(request) {
-    return await this.fetch.post("/api/v1/client-keys", request);
+    return await this.fetch.post(
+      "/api/v1/client-keys",
+      request
+    );
   }
   /**
    * List all client keys for the authenticated user
@@ -6180,7 +6286,10 @@ var ClientKeysManager = class {
    * ```
    */
   async update(keyId, updates) {
-    return await this.fetch.patch(`/api/v1/client-keys/${keyId}`, updates);
+    return await this.fetch.patch(
+      `/api/v1/client-keys/${keyId}`,
+      updates
+    );
   }
   /**
    * Revoke a client key
@@ -6197,7 +6306,10 @@ var ClientKeysManager = class {
    * ```
    */
   async revoke(keyId) {
-    return await this.fetch.post(`/api/v1/client-keys/${keyId}/revoke`, {});
+    return await this.fetch.post(
+      `/api/v1/client-keys/${keyId}/revoke`,
+      {}
+    );
   }
   /**
    * Delete a client key
@@ -6214,7 +6326,9 @@ var ClientKeysManager = class {
    * ```
    */
   async delete(keyId) {
-    return await this.fetch.delete(`/api/v1/client-keys/${keyId}`);
+    return await this.fetch.delete(
+      `/api/v1/client-keys/${keyId}`
+    );
   }
 };
 var APIKeysManager = ClientKeysManager;
@@ -6289,7 +6403,10 @@ var WebhooksManager = class {
    * ```
    */
   async update(webhookId, updates) {
-    return await this.fetch.patch(`/api/v1/webhooks/${webhookId}`, updates);
+    return await this.fetch.patch(
+      `/api/v1/webhooks/${webhookId}`,
+      updates
+    );
   }
   /**
    * Delete a webhook
@@ -6304,7 +6421,9 @@ var WebhooksManager = class {
    * ```
    */
   async delete(webhookId) {
-    return await this.fetch.delete(`/api/v1/webhooks/${webhookId}`);
+    return await this.fetch.delete(
+      `/api/v1/webhooks/${webhookId}`
+    );
   }
   /**
    * Test a webhook by sending a test payload
@@ -6324,7 +6443,10 @@ var WebhooksManager = class {
    * ```
    */
   async test(webhookId) {
-    return await this.fetch.post(`/api/v1/webhooks/${webhookId}/test`, {});
+    return await this.fetch.post(
+      `/api/v1/webhooks/${webhookId}/test`,
+      {}
+    );
   }
   /**
    * List webhook delivery history
@@ -6371,7 +6493,10 @@ var InvitationsManager = class {
    * ```
    */
   async create(request) {
-    return await this.fetch.post("/api/v1/admin/invitations", request);
+    return await this.fetch.post(
+      "/api/v1/admin/invitations",
+      request
+    );
   }
   /**
    * List all invitations (admin only)
@@ -6424,7 +6549,9 @@ var InvitationsManager = class {
    * ```
    */
   async validate(token) {
-    return await this.fetch.get(`/api/v1/invitations/${token}/validate`);
+    return await this.fetch.get(
+      `/api/v1/invitations/${token}/validate`
+    );
   }
   /**
    * Accept an invitation and create a new user (public endpoint)
@@ -6446,7 +6573,10 @@ var InvitationsManager = class {
    * ```
    */
   async accept(token, request) {
-    return await this.fetch.post(`/api/v1/invitations/${token}/accept`, request);
+    return await this.fetch.post(
+      `/api/v1/invitations/${token}/accept`,
+      request
+    );
   }
   /**
    * Revoke an invitation (admin only)
@@ -6461,7 +6591,9 @@ var InvitationsManager = class {
    * ```
    */
   async revoke(token) {
-    return await this.fetch.delete(`/api/v1/admin/invitations/${token}`);
+    return await this.fetch.delete(
+      `/api/v1/admin/invitations/${token}`
+    );
   }
 };
 var FluxbaseManagement = class {
@@ -9782,6 +9914,271 @@ var FluxbaseAdminRealtime = class {
   }
 };
 
+// src/admin-service-keys.ts
+var ServiceKeysManager = class {
+  constructor(fetch2) {
+    this.fetch = fetch2;
+  }
+  /**
+   * List all service keys
+   *
+   * @returns List of service keys
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.admin.serviceKeys.list()
+   * ```
+   */
+  async list() {
+    try {
+      const data = await this.fetch.get("/service-keys");
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Get a service key by ID
+   *
+   * @param id - Service key ID
+   * @returns Service key details
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.admin.serviceKeys.get('key-id')
+   * ```
+   */
+  async get(id) {
+    try {
+      const data = await this.fetch.get(`/service-keys/${id}`);
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Create a new service key
+   *
+   * The full key value is only returned once - store it securely!
+   *
+   * @param request - Key creation options
+   * @returns Created key with full key value
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.admin.serviceKeys.create({
+   *   name: 'Production API Key',
+   *   key_type: 'service',
+   *   scopes: ['*'],
+   *   rate_limit_per_minute: 1000
+   * })
+   *
+   * if (data) {
+   *   // Store data.key securely - it won't be shown again!
+   *   console.log('Key created:', data.key)
+   * }
+   * ```
+   */
+  async create(request) {
+    try {
+      const data = await this.fetch.post(
+        "/service-keys",
+        request
+      );
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Update a service key
+   *
+   * @param id - Service key ID
+   * @param request - Update options
+   * @returns Updated key
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.admin.serviceKeys.update('key-id', {
+   *   name: 'New Name',
+   *   rate_limit_per_minute: 2000
+   * })
+   * ```
+   */
+  async update(id, request) {
+    try {
+      const data = await this.fetch.put(
+        `/service-keys/${id}`,
+        request
+      );
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Delete a service key permanently
+   *
+   * @param id - Service key ID
+   * @returns Success or error
+   *
+   * @example
+   * ```typescript
+   * const { error } = await client.admin.serviceKeys.delete('key-id')
+   * ```
+   */
+  async delete(id) {
+    try {
+      await this.fetch.delete(`/service-keys/${id}`);
+      return { error: null };
+    } catch (error) {
+      return { error };
+    }
+  }
+  /**
+   * Disable a service key (temporarily)
+   *
+   * @param id - Service key ID
+   * @returns Success or error
+   *
+   * @example
+   * ```typescript
+   * const { error } = await client.admin.serviceKeys.disable('key-id')
+   * ```
+   */
+  async disable(id) {
+    try {
+      await this.fetch.post(`/service-keys/${id}/disable`, {});
+      return { error: null };
+    } catch (error) {
+      return { error };
+    }
+  }
+  /**
+   * Enable a disabled service key
+   *
+   * @param id - Service key ID
+   * @returns Success or error
+   *
+   * @example
+   * ```typescript
+   * const { error } = await client.admin.serviceKeys.enable('key-id')
+   * ```
+   */
+  async enable(id) {
+    try {
+      await this.fetch.post(`/service-keys/${id}/enable`, {});
+      return { error: null };
+    } catch (error) {
+      return { error };
+    }
+  }
+  /**
+   * Revoke a service key permanently (emergency)
+   *
+   * Use for immediate revocation when a key is compromised.
+   *
+   * @param id - Service key ID
+   * @param request - Revocation options
+   * @returns Success or error
+   *
+   * @example
+   * ```typescript
+   * const { error } = await client.admin.serviceKeys.revoke('key-id', {
+   *   reason: 'Key was compromised'
+   * })
+   * ```
+   */
+  async revoke(id, request) {
+    try {
+      const body = request?.reason ? new URLSearchParams({ reason: request.reason }) : {};
+      await this.fetch.post(`/service-keys/${id}/revoke`, body);
+      return { error: null };
+    } catch (error) {
+      return { error };
+    }
+  }
+  /**
+   * Deprecate a service key (graceful rotation)
+   *
+   * Marks the key for removal but keeps it active during grace period.
+   *
+   * @param id - Service key ID
+   * @param request - Deprecation options
+   * @returns Deprecation details
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.admin.serviceKeys.deprecate('key-id', {
+   *   reason: 'Rotating to new key',
+   *   grace_period_hours: 48
+   * })
+   * ```
+   */
+  async deprecate(id, request) {
+    try {
+      const params = new URLSearchParams();
+      if (request?.grace_period_hours) {
+        params.set("grace_period_hours", String(request.grace_period_hours));
+      }
+      const body = request?.grace_period_hours ? Object.fromEntries(params) : {};
+      const data = await this.fetch.post(`/service-keys/${id}/deprecate`, body);
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Rotate a service key (create replacement)
+   *
+   * Creates a new key with the same settings and deprecates the old one.
+   * The new key is returned with its full value.
+   *
+   * @param id - Service key ID to rotate
+   * @returns New key with full key value
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.admin.serviceKeys.rotate('old-key-id')
+   *
+   * if (data) {
+   *   console.log('New key:', data.key)
+   *   console.log('Old key deprecated at:', data.deprecated_at)
+   * }
+   * ```
+   */
+  async rotate(id) {
+    try {
+      const data = await this.fetch.post(
+        `/service-keys/${id}/rotate`,
+        {}
+      );
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Get revocation history for a service key
+   *
+   * @param id - Service key ID
+   * @returns Revocation history
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.admin.serviceKeys.getRevocationHistory('key-id')
+   * ```
+   */
+  async getRevocationHistory(id) {
+    try {
+      const data = await this.fetch.get(`/service-keys/${id}/revocations`);
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+};
+
 // src/admin.ts
 var FluxbaseAdmin = class {
   constructor(fetch2) {
@@ -9800,6 +10197,7 @@ var FluxbaseAdmin = class {
     this.rpc = new FluxbaseAdminRPC(fetch2);
     this.storage = new FluxbaseAdminStorage(fetch2);
     this.realtime = new FluxbaseAdminRealtime(fetch2);
+    this.serviceKeys = new ServiceKeysManager(fetch2);
   }
   /**
    * Set admin authentication token
@@ -11624,6 +12022,228 @@ var FluxbaseBranching = class {
   }
 };
 
+// src/tenant.ts
+var FluxbaseTenant = class {
+  constructor(fetch2) {
+    this.fetch = fetch2;
+  }
+  /**
+   * List all tenants (instance admin only)
+   *
+   * @returns Promise with tenants list or error
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.tenant.list()
+   * ```
+   */
+  async list() {
+    try {
+      const data = await this.fetch.get("/tenants");
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * List tenants the current user has access to
+   *
+   * @returns Promise with tenants and user's role in each
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.tenant.listMine()
+   * // data: [{ id: '...', slug: 'acme', name: 'Acme', my_role: 'tenant_admin', status: 'active' }]
+   * ```
+   */
+  async listMine() {
+    try {
+      const data = await this.fetch.get("/tenants/mine");
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Get a tenant by ID
+   *
+   * @param id - Tenant ID
+   * @returns Promise with tenant details or error
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.tenant.get('tenant-id')
+   * ```
+   */
+  async get(id) {
+    try {
+      const data = await this.fetch.get(`/tenants/${id}`);
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Create a new tenant (instance admin only)
+   *
+   * This creates a new isolated database for the tenant.
+   *
+   * @param options - Tenant creation options
+   * @returns Promise with created tenant or error
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.tenant.create({
+   *   slug: 'acme-corp',
+   *   name: 'Acme Corporation',
+   *   metadata: { plan: 'enterprise' }
+   * })
+   * ```
+   */
+  async create(options) {
+    try {
+      const data = await this.fetch.post("/tenants", options);
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Update a tenant (tenant admin only)
+   *
+   * @param id - Tenant ID
+   * @param options - Update options
+   * @returns Promise with updated tenant or error
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.tenant.update('tenant-id', {
+   *   name: 'New Name'
+   * })
+   * ```
+   */
+  async update(id, options) {
+    try {
+      const data = await this.fetch.patch(`/tenants/${id}`, options);
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Delete a tenant (instance admin only)
+   *
+   * This permanently deletes the tenant's database and all its data.
+   * Cannot delete the default tenant.
+   *
+   * @param id - Tenant ID
+   * @returns Promise that resolves when deleted
+   *
+   * @example
+   * ```typescript
+   * const { error } = await client.tenant.delete('tenant-id')
+   * ```
+   */
+  async delete(id) {
+    try {
+      await this.fetch.delete(`/tenants/${id}`);
+      return { data: void 0, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Migrate a tenant database to the latest schema (instance admin only)
+   *
+   * @param id - Tenant ID
+   * @returns Promise with migration status or error
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.tenant.migrate('tenant-id')
+   * // data: { status: 'migrated' }
+   * ```
+   */
+  async migrate(id) {
+    try {
+      const data = await this.fetch.post(
+        `/tenants/${id}/migrate`,
+        {}
+      );
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * List admins of a tenant
+   *
+   * @param tenantId - Tenant ID
+   * @returns Promise with admin list or error
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.tenant.listAdmins('tenant-id')
+   * // data: [{ id: '...', tenant_id: '...', user_id: '...', email: 'admin@example.com' }]
+   * ```
+   */
+  async listAdmins(tenantId) {
+    try {
+      const data = await this.fetch.get(
+        `/tenants/${tenantId}/admins`
+      );
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Assign an admin to a tenant (tenant admin only)
+   *
+   * @param tenantId - Tenant ID
+   * @param options - Admin assignment options
+   * @returns Promise with created assignment or error
+   *
+   * @example
+   * ```typescript
+   * const { data, error } = await client.tenant.assignAdmin('tenant-id', {
+   *   user_id: 'user-id'
+   * })
+   * ```
+   */
+  async assignAdmin(tenantId, options) {
+    try {
+      const data = await this.fetch.post(
+        `/tenants/${tenantId}/admins`,
+        options
+      );
+      return { data, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+  /**
+   * Remove an admin from a tenant (tenant admin only)
+   *
+   * @param tenantId - Tenant ID
+   * @param userId - User ID
+   * @returns Promise that resolves when removed
+   *
+   * @example
+   * ```typescript
+   * const { error } = await client.tenant.removeAdmin('tenant-id', 'user-id')
+   * ```
+   */
+  async removeAdmin(tenantId, userId) {
+    try {
+      await this.fetch.delete(`/tenants/${tenantId}/admins/${userId}`);
+      return { data: void 0, error: null };
+    } catch (error) {
+      return { data: null, error };
+    }
+  }
+};
+
 // src/query-builder.ts
 var URL_LENGTH_THRESHOLD = 4096;
 var QueryBuilder = class {
@@ -12915,7 +13535,7 @@ var SchemaQueryBuilder = class {
 };
 
 // src/client.ts
-var FluxbaseClient = class {
+var FluxbaseClient = class _FluxbaseClient {
   /**
    * Create a new Fluxbase client instance
    *
@@ -12935,6 +13555,7 @@ var FluxbaseClient = class {
   constructor(fluxbaseUrl, fluxbaseKey, options) {
     this.fluxbaseUrl = fluxbaseUrl;
     this.fluxbaseKey = fluxbaseKey;
+    this.options = options;
     const headers = {
       apikey: fluxbaseKey,
       Authorization: `Bearer ${fluxbaseKey}`,
@@ -12987,6 +13608,7 @@ var FluxbaseClient = class {
       waitForCompletion: rpcInstance.waitForCompletion.bind(rpcInstance)
     });
     this.rpc = rpcCallable;
+    this.tenant = new FluxbaseTenant(this.fetch);
     this.setupAuthSync();
   }
   /**
@@ -13092,6 +13714,96 @@ var FluxbaseClient = class {
     this.fetch.setAuthToken(token);
     this.realtime.setAuth(token);
   }
+  /**
+   * Get the current tenant ID
+   *
+   * Returns the tenant ID from X-FB-Tenant header or JWT claim, or default tenant.
+   *
+   * @returns The current tenant ID, or undefined if not set
+   *
+   * @category Multi-Tenancy
+   */
+  getTenantId() {
+    return this._tenantId;
+  }
+  /**
+   * Set the tenant context for all subsequent requests
+   *
+   * This adds the X-FB-Tenant header to all HTTP requests and updates
+   * the realtime connection to filter by tenant.
+   *
+   * @param tenantId - The tenant ID to use for scoping
+   *
+   * @example
+   * ```typescript
+   * // Switch to a specific tenant
+   * client.setTenant('tenant-uuid-here')
+   *
+   * // All subsequent requests will be scoped to this tenant
+   * const { data } = await client.from('users').select('*').execute()
+   * ```
+   *
+   * @category Multi-Tenancy
+   */
+  setTenant(tenantId) {
+    this._tenantId = tenantId;
+    if (tenantId) {
+      this.fetch.setHeader("X-FB-Tenant", tenantId);
+    } else {
+      this.fetch.removeHeader("X-FB-Tenant");
+    }
+  }
+  /**
+   * Register a callback that is called before every request.
+   * The callback receives the headers object and can modify it in place.
+   * This is useful for dynamically injecting headers at request time
+   * (e.g., reading tenant context from an external store).
+   *
+   * The callback runs after static headers are merged, so it can override them.
+   *
+   * @param callback - A function that receives the headers object, or null to remove
+   *
+   * @category Advanced
+   */
+  setBeforeRequestCallback(callback) {
+    this.fetch.setBeforeRequestCallback(callback);
+  }
+  /**
+   * Create a new client scoped to a specific tenant
+   *
+   * This returns a new client instance with the tenant context set.
+   * The original client is not modified.
+   *
+   * @param tenantId - The tenant ID to scope to
+   * @returns A new FluxbaseClient instance scoped to the tenant
+   *
+   * @example
+   * ```typescript
+   * // Create a tenant-scoped client
+   * const tenantClient = client.forTenant('tenant-uuid')
+   *
+   * // Use the scoped client for tenant-specific operations
+   * const { data } = await tenantClient.from('users').select('*').execute()
+   * ```
+   *
+   * @category Multi-Tenancy
+   */
+  forTenant(tenantId) {
+    const options = {
+      ...this.options,
+      headers: {
+        ...this.options?.headers,
+        "X-FB-Tenant": tenantId
+      }
+    };
+    const scopedClient = new _FluxbaseClient(
+      this.fluxbaseUrl,
+      this.fluxbaseKey,
+      options
+    );
+    scopedClient._tenantId = tenantId;
+    return scopedClient;
+  }
   /**
    * Create or get a realtime channel (Supabase-compatible)
    *
@@ -13258,6 +13970,7 @@ exports.FluxbaseRPC = FluxbaseRPC;
 exports.FluxbaseRealtime = FluxbaseRealtime;
 exports.FluxbaseSettings = FluxbaseSettings;
 exports.FluxbaseStorage = FluxbaseStorage;
+exports.FluxbaseTenant = FluxbaseTenant;
 exports.FluxbaseVector = FluxbaseVector;
 exports.ImpersonationManager = ImpersonationManager;
 exports.InvitationsManager = InvitationsManager;
@@ -13266,6 +13979,7 @@ exports.QueryBuilder = QueryBuilder;
 exports.RealtimeChannel = RealtimeChannel;
 exports.SchemaQueryBuilder = SchemaQueryBuilder;
 exports.SecretsManager = SecretsManager;
+exports.ServiceKeysManager = ServiceKeysManager;
 exports.SettingsClient = SettingsClient;
 exports.StorageBucket = StorageBucket;
 exports.SystemSettingsManager = SystemSettingsManager;