@proveanything/smartlinks 1.13.17 → 1.13.19

package/dist/api/authKit.js

@@ -10,7 +10,10 @@ export var authKit;
      * =================================== */
     /** Login with email + password (public). */
     async function login(clientId, email, password) {
-        return post(`/authkit/${encodeURIComponent(clientId)}/auth/login`, { email, password });
+        const res = await post(`/authkit/${encodeURIComponent(clientId)}/auth/login`, { email, password });
+        if (res.token)
+            setBearerToken(res.token);
+        return res;
     }
     authKit.login = login;
     /** Register a new user (public). */
@@ -20,7 +23,10 @@ export var authKit;
     authKit.register = register;
     /** Google OAuth login (public). */
     async function googleLogin(clientId, idToken) {
-        return post(`/authkit/${encodeURIComponent(clientId)}/auth/google`, { idToken });
+        const res = await post(`/authkit/${encodeURIComponent(clientId)}/auth/google`, { idToken });
+        if (res.token)
+            setBearerToken(res.token);
+        return res;
     }
     authKit.googleLogin = googleLogin;
     /** Send a magic link email to the user (public). */
@@ -43,7 +49,9 @@ export var authKit;
     authKit.sendPhoneCode = sendPhoneCode;
     /** Verify phone verification code (public). */
     async function verifyPhoneCode(clientId, phoneNumber, code) {
-        return post(`/authkit/${encodeURIComponent(clientId)}/auth/phone/verify`, { phoneNumber, code });
+        const res = await post(`/authkit/${encodeURIComponent(clientId)}/auth/phone/verify`, { phoneNumber, code });
+        setBearerToken(res.token);
+        return res;
     }
     authKit.verifyPhoneCode = verifyPhoneCode;
     /** Send a WhatsApp verification deep-link (public). */
@@ -64,7 +72,9 @@ export var authKit;
     authKit.getWhatsAppStatus = getWhatsAppStatus;
     /** Exchange a verified WhatsApp token for an Auth Kit session (public). */
     async function exchangeWhatsAppSession(clientId, token, sessionKey) {
-        return post(`/authkit/${encodeURIComponent(clientId)}/auth/whatsapp/exchange-session`, { token, sessionKey });
+        const res = await post(`/authkit/${encodeURIComponent(clientId)}/auth/whatsapp/exchange-session`, { token, sessionKey });
+        setBearerToken(res.token);
+        return res;
     }
     authKit.exchangeWhatsAppSession = exchangeWhatsAppSession;
     /** Send an SMS click-to-verify link (public). */

package/dist/docs/API_SUMMARY.md

@@ -1,6 +1,6 @@
 # Smartlinks API Summary
 
-Version: 1.13.17  |  Generated: 2026-05-15T20:47:03.471Z
+Version: 1.13.19  |  Generated: 2026-05-16T07:35:10.379Z
 
 This is a concise summary of all available API functions and types.
 
@@ -162,7 +162,7 @@ Enable/disable automatic "ngrok-skip-browser-warning" header.
 Replace or augment globally applied custom headers.
 
 **setBearerToken**(token: string | undefined) → `void`
-Allows setting the bearerToken at runtime (e.g. after login/logout).
+Allows setting the bearerToken at runtime (e.g. after login/logout). Clears the HTTP cache whenever the token actually changes so that stale user-scoped responses (e.g. /account/profile) are not served after a login or logout event.
 
 **getBaseURL**() → `string | null`
 Get the currently configured API base URL. Returns null if initializeApi() has not been called yet.
@@ -3030,6 +3030,7 @@ interface WhatsAppReplyCta {
   body: string
   buttonLabel: string
   buttonUrl: string
+  mediaUrl?: string  // optional image (JPEG/PNG, public https) — selects image card template
 }
 ```
 

package/dist/docs/auth-kit.md

@@ -105,6 +105,7 @@ const wa = await authKit.sendWhatsApp(clientId);
 //       body: "You're verified and ready to bid.",
 //       buttonLabel: 'Back to Auction',
 //       buttonUrl: '{{returnUrl}}',
+//       // mediaUrl: 'https://cdn.example.com/bid-confirmed.jpg',  // optional: include to use image card template
 //     },
 //     text: "You're verified. Return to the app to continue.",
 //   },
@@ -170,11 +171,15 @@ Verification status values returned by `authKit.getWhatsAppStatus` are:
 Pass a `reply` object in `sendWhatsApp` to send a message back to the user after they confirm `CONFIRM <token>`. Reply resolution order:
 
 1. `reply.contentSid` — explicit Twilio Content SID
-2. `reply.cta` — CTA shorthand using the shared generic Twilio Content template SID (`TWILIO_WHATSAPP_GENERIC_CTA_SID`)
+2. `reply.cta` — CTA shorthand:
+   - If `cta.mediaUrl` is present (valid public `https://` URL), uses the **image card** Twilio Content template (`TWILIO_WHATSAPP_IMAGE_CTA_SID`)
+   - Otherwise uses the **text CTA** template (`TWILIO_WHATSAPP_GENERIC_CTA_SID`)
 3. `reply.text` — plain-text fallback
 4. Per-client default (`authKit/{clientId}.whatsapp` config)
 5. Built-in default text
 
+> **Important:** Only pass `mediaUrl` when you have a valid, publicly reachable `https://` JPEG or PNG. If the field is absent or blank, the text-only CTA template is selected automatically. Never pass an empty string — omit the field entirely to avoid Twilio rejecting the send.
+
 The following template placeholders are available in `reply.text`, `reply.cta` fields, and `reply.contentVariables` values:
 
 | Placeholder | Description |

package/dist/http.d.ts

@@ -30,6 +30,9 @@ export declare function setNgrokSkipBrowserWarning(flag: boolean): void;
 export declare function setExtraHeaders(headers: Record<string, string>): void;
 /**
  * Allows setting the bearerToken at runtime (e.g. after login/logout).
+ * Clears the HTTP cache whenever the token actually changes so that stale
+ * user-scoped responses (e.g. /account/profile) are not served after a
+ * login or logout event.
  */
 export declare function setBearerToken(token: string | undefined): void;
 /**

package/dist/http.js

@@ -405,9 +405,17 @@ export function setExtraHeaders(headers) {
 }
 /**
  * Allows setting the bearerToken at runtime (e.g. after login/logout).
+ * Clears the HTTP cache whenever the token actually changes so that stale
+ * user-scoped responses (e.g. /account/profile) are not served after a
+ * login or logout event.
  */
 export function setBearerToken(token) {
+    if (token === bearerToken)
+        return;
     bearerToken = token;
+    httpCache.clear();
+    if (cachePersistence !== 'none')
+        idbClear().catch(() => { });
 }
 /**
  * Get the currently configured API base URL.

package/dist/index.d.ts

@@ -28,3 +28,4 @@ AdminMobileHostContext, AdminMobileComponentManifest, AdminMobileBundleManifest,
 MobileAdminBundleManifest, } from './mobile-admin/types';
 export { HostCapabilityUnavailableError, HostPermissionDeniedError, HostTimeoutError, } from './mobile-admin/errors';
 export type { NativeCapability, NativeFacade, ShareFacade, ClipboardFacade, HapticImpactStyle, HapticNotificationStyle, HapticsFacade, NetworkStatus, NetworkFacade, DeviceInfo, DeviceFacade, StorageFacade, QrScanOptions, QrFacade, AuthFacade, NfcReadResult, NfcFacade, RfidScanOptions, RfidFacade, EventsFacade, WebSourceMode, WebSourceConfig, WebSourceFacade, } from './native/types';
+export type { AuthKitUser, UserProfile, ProfileUpdateData, UpdateProfileResponse, SuccessResponse, AuthLoginResponse, MagicLinkSendResponse, MagicLinkVerifyResponse, PhoneSendCodeResponse, PhoneVerifyResponse, PasswordResetRequestResponse, VerifyResetTokenResponse, PasswordResetCompleteResponse, EmailVerificationActionResponse, EmailVerifyTokenResponse, VerifyStatus, WhatsAppReplyCta, WhatsAppReplyOptions, WhatsAppContactData, SendWhatsAppRequest, SendWhatsAppResponse, ExchangeWhatsAppSessionResponse, VerifyWhatsAppResponse, WhatsAppStatusResponse, SendSmsVerifyRequest, SendSmsVerifyResponse, VerifySmsResponse, UpsertContactRequest, UpsertContactResponse, AuthKitBrandingConfig, AuthKitConfig, } from './types/authKit';

package/dist/openapi.yaml

@@ -17906,6 +17906,8 @@ components:
           type: string
         buttonUrl:
           type: string
+        mediaUrl:
+          type: string
       required:
         - body
         - buttonLabel

package/dist/types/authKit.d.ts

@@ -83,6 +83,7 @@ export interface WhatsAppReplyCta {
     body: string;
     buttonLabel: string;
     buttonUrl: string;
+    mediaUrl?: string;
 }
 export interface WhatsAppReplyOptions {
     /** Option A: explicit Twilio Content SID */

package/docs/API_SUMMARY.md

@@ -1,6 +1,6 @@
 # Smartlinks API Summary
 
-Version: 1.13.17  |  Generated: 2026-05-15T20:47:03.471Z
+Version: 1.13.19  |  Generated: 2026-05-16T07:35:10.379Z
 
 This is a concise summary of all available API functions and types.
 
@@ -162,7 +162,7 @@ Enable/disable automatic "ngrok-skip-browser-warning" header.
 Replace or augment globally applied custom headers.
 
 **setBearerToken**(token: string | undefined) → `void`
-Allows setting the bearerToken at runtime (e.g. after login/logout).
+Allows setting the bearerToken at runtime (e.g. after login/logout). Clears the HTTP cache whenever the token actually changes so that stale user-scoped responses (e.g. /account/profile) are not served after a login or logout event.
 
 **getBaseURL**() → `string | null`
 Get the currently configured API base URL. Returns null if initializeApi() has not been called yet.
@@ -3030,6 +3030,7 @@ interface WhatsAppReplyCta {
   body: string
   buttonLabel: string
   buttonUrl: string
+  mediaUrl?: string  // optional image (JPEG/PNG, public https) — selects image card template
 }
 ```
 

package/docs/auth-kit.md

@@ -105,6 +105,7 @@ const wa = await authKit.sendWhatsApp(clientId);
 //       body: "You're verified and ready to bid.",
 //       buttonLabel: 'Back to Auction',
 //       buttonUrl: '{{returnUrl}}',
+//       // mediaUrl: 'https://cdn.example.com/bid-confirmed.jpg',  // optional: include to use image card template
 //     },
 //     text: "You're verified. Return to the app to continue.",
 //   },
@@ -170,11 +171,15 @@ Verification status values returned by `authKit.getWhatsAppStatus` are:
 Pass a `reply` object in `sendWhatsApp` to send a message back to the user after they confirm `CONFIRM <token>`. Reply resolution order:
 
 1. `reply.contentSid` — explicit Twilio Content SID
-2. `reply.cta` — CTA shorthand using the shared generic Twilio Content template SID (`TWILIO_WHATSAPP_GENERIC_CTA_SID`)
+2. `reply.cta` — CTA shorthand:
+   - If `cta.mediaUrl` is present (valid public `https://` URL), uses the **image card** Twilio Content template (`TWILIO_WHATSAPP_IMAGE_CTA_SID`)
+   - Otherwise uses the **text CTA** template (`TWILIO_WHATSAPP_GENERIC_CTA_SID`)
 3. `reply.text` — plain-text fallback
 4. Per-client default (`authKit/{clientId}.whatsapp` config)
 5. Built-in default text
 
+> **Important:** Only pass `mediaUrl` when you have a valid, publicly reachable `https://` JPEG or PNG. If the field is absent or blank, the text-only CTA template is selected automatically. Never pass an empty string — omit the field entirely to avoid Twilio rejecting the send.
+
 The following template placeholders are available in `reply.text`, `reply.cta` fields, and `reply.contentVariables` values:
 
 | Placeholder | Description |

package/openapi.yaml

@@ -17906,6 +17906,8 @@ components:
           type: string
         buttonUrl:
           type: string
+        mediaUrl:
+          type: string
       required:
         - body
         - buttonLabel

package/package.json

@@ -1,9 +1,15 @@
 {
   "name": "@proveanything/smartlinks",
-  "version": "1.13.17",
+  "version": "1.13.19",
   "description": "Official JavaScript/TypeScript SDK for the Smartlinks API",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    }
+  },
   "files": [
     "dist/",
     "docs/",