@omnikit-ai/sdk 2.0.3 → 2.0.4

package/dist/index.mjs

@@ -2075,6 +2075,59 @@ Example: await ${collectionName}.list({ limit: 100, sort: '-created_at' })`,
     }
     return response;
   }
+  /**
+   * Get a secret value at runtime (for backend functions).
+   *
+   * This method securely fetches secrets from the Omnikit API using the app's API key.
+   * Use this in Supabase Edge Functions instead of storing secrets in Supabase's
+   * environment variables to ensure proper isolation between apps.
+   *
+   * @example
+   * ```typescript
+   * // In a backend function (Deno Edge Function)
+   * const omnikit = createClient({
+   *   appId: __OMNIKIT_APP_ID__,
+   *   serverUrl: __OMNIKIT_API_URL__,
+   *   apiKey: __OMNIKIT_API_KEY__,
+   * });
+   *
+   * const stripeKey = await omnikit.getSecret('STRIPE_SECRET_KEY');
+   * const stripe = new Stripe(stripeKey);
+   * ```
+   *
+   * @param secretName - Name of the secret to retrieve
+   * @returns The decrypted secret value
+   * @throws Error if the secret is not found or API key is invalid
+   */
+  async getSecret(secretName) {
+    if (!this._apiKey) {
+      throw new OmnikitError(
+        "API key is required to fetch secrets. Provide apiKey in config.",
+        403,
+        "API_KEY_REQUIRED"
+      );
+    }
+    const response = await fetch(
+      `${this.baseUrl}/apps/${this.appId}/secrets/${secretName}/value`,
+      {
+        method: "GET",
+        headers: {
+          "X-API-Key": this._apiKey,
+          "Content-Type": "application/json"
+        }
+      }
+    );
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({}));
+      throw new OmnikitError(
+        error.detail || `Failed to fetch secret: ${response.statusText}`,
+        response.status,
+        "SECRET_FETCH_FAILED"
+      );
+    }
+    const data = await response.json();
+    return data.value;
+  }
 };
 function createClient(config) {
   return new APIClient(config);