@proveanything/smartlinks 1.14.16 → 1.15.0

package/README.md

@@ -123,7 +123,8 @@ import { products } from '@proveanything/smartlinks'
 
 await products.get(collectionId, productId, false)
 await products.list(collectionId, false)
-await products.query(collectionId, { query: { search: 'cabernet' } })
+await products.query(collectionId, { query: { search: 'cabernet' } }) // public
+await products.query(collectionId, { query: { search: 'cabernet' } }, true) // admin
 ```
 
 Quick mapping:

package/dist/api/authKit.d.ts

@@ -96,6 +96,11 @@ export declare namespace authKit {
         clientName?: string;
     }): Promise<PasswordResetRequestResponse>;
     function verifyResetToken(clientId: string, token: string): Promise<VerifyResetTokenResponse>;
+    /**
+     * Complete a password reset / invite acceptance. On invite acceptance under
+     * `verify-auto-login` the server returns a session — adopt it so the caller is logged
+     * straight in (plain resets return no token and leave the bearer untouched).
+     */
     function completePasswordReset(clientId: string, token: string, newPassword: string): Promise<PasswordResetCompleteResponse>;
     function sendEmailVerification(clientId: string, data: {
         userId: string;
@@ -103,6 +108,7 @@ export declare namespace authKit {
         redirectUrl?: string;
         clientName?: string;
     }): Promise<EmailVerificationActionResponse>;
+    /** Verify an email token; under `verify-auto-login` the server returns a session — adopt it. */
     function verifyEmail(clientId: string, token: string): Promise<EmailVerifyTokenResponse>;
     function resendEmailVerification(clientId: string, data: {
         userId: string;

package/dist/api/authKit.js

@@ -197,8 +197,18 @@ export var authKit;
         return post(`/authkit/${encodeURIComponent(clientId)}/auth/verify-reset-token`, { token });
     }
     authKit.verifyResetToken = verifyResetToken;
+    /**
+     * Complete a password reset / invite acceptance. On invite acceptance under
+     * `verify-auto-login` the server returns a session — adopt it so the caller is logged
+     * straight in (plain resets return no token and leave the bearer untouched).
+     */
     async function completePasswordReset(clientId, token, newPassword) {
-        return post(`/authkit/${encodeURIComponent(clientId)}/auth/complete-reset`, { token, newPassword });
+        const res = await post(`/authkit/${encodeURIComponent(clientId)}/auth/complete-reset`, { token, newPassword });
+        if (res.token) {
+            setBearerToken(res.token);
+            invalidateCache();
+        }
+        return res;
     }
     authKit.completePasswordReset = completePasswordReset;
     /* ===================================
@@ -208,8 +218,14 @@ export var authKit;
         return post(`/authkit/${encodeURIComponent(clientId)}/auth/send-verification`, data);
     }
     authKit.sendEmailVerification = sendEmailVerification;
+    /** Verify an email token; under `verify-auto-login` the server returns a session — adopt it. */
     async function verifyEmail(clientId, token) {
-        return post(`/authkit/${encodeURIComponent(clientId)}/auth/verify-email`, { token });
+        const res = await post(`/authkit/${encodeURIComponent(clientId)}/auth/verify-email`, { token });
+        if (res.token) {
+            setBearerToken(res.token);
+            invalidateCache();
+        }
+        return res;
     }
     authKit.verifyEmail = verifyEmail;
     async function resendEmailVerification(clientId, data) {

package/dist/api/products.d.ts

@@ -5,7 +5,26 @@ export declare namespace products {
     function create(collectionId: string, data: ProductCreateRequest): Promise<ProductResponse>;
     function update(collectionId: string, productId: string, data: ProductUpdateRequest): Promise<ProductResponse>;
     function remove(collectionId: string, productId: string): Promise<void>;
-    function query(collectionId: string, body: ProductQueryRequest): Promise<ProductQueryResponse>;
+    /**
+     * Query products in a collection with filtering, sorting, and pagination.
+     *
+     * @param collectionId - Identifier of the parent collection
+     * @param body - Query parameters with filters, sorting, and pagination
+     * @param admin - When `true`, targets the `/admin` endpoint (requires an
+     *   authenticated admin context). Defaults to `false`, which targets the
+     *   `/public` endpoint — consistent with `get`, `list`, and `listAssets`.
+     * @returns Promise resolving to a ProductQueryResponse
+     *
+     * @example
+     * ```typescript
+     * // Public query (default)
+     * await products.query(collectionId, { query: { search: 'cabernet' } })
+     *
+     * // Admin query (authenticated)
+     * await products.query(collectionId, { query: { search: 'cabernet' } }, true)
+     * ```
+     */
+    function query(collectionId: string, body: ProductQueryRequest, admin?: boolean): Promise<ProductQueryResponse>;
     function clone(collectionId: string, productId: string, body?: Record<string, JsonValue>): Promise<ProductResponse>;
     function listAssets(collectionId: string, productId: string, admin?: boolean): Promise<unknown>;
     function createClaimWindow(collectionId: string, productId: string, body: Record<string, JsonValue>): Promise<unknown>;

package/dist/api/products.js

@@ -28,8 +28,28 @@ export var products;
         return del(path);
     }
     products.remove = remove;
-    async function query(collectionId, body) {
-        const path = `/admin/collection/${encodeURIComponent(collectionId)}/products/query`;
+    /**
+     * Query products in a collection with filtering, sorting, and pagination.
+     *
+     * @param collectionId - Identifier of the parent collection
+     * @param body - Query parameters with filters, sorting, and pagination
+     * @param admin - When `true`, targets the `/admin` endpoint (requires an
+     *   authenticated admin context). Defaults to `false`, which targets the
+     *   `/public` endpoint — consistent with `get`, `list`, and `listAssets`.
+     * @returns Promise resolving to a ProductQueryResponse
+     *
+     * @example
+     * ```typescript
+     * // Public query (default)
+     * await products.query(collectionId, { query: { search: 'cabernet' } })
+     *
+     * // Admin query (authenticated)
+     * await products.query(collectionId, { query: { search: 'cabernet' } }, true)
+     * ```
+     */
+    async function query(collectionId, body, admin) {
+        const base = admin ? '/admin' : '/public';
+        const path = `${base}/collection/${encodeURIComponent(collectionId)}/products/query`;
         return post(path, body);
     }
     products.query = query;

package/dist/docs/API_SUMMARY.md

@@ -1,6 +1,6 @@
 # Smartlinks API Summary
 
-Version: 1.14.16  |  Generated: 2026-06-01T09:33:51.336Z
+Version: 1.15.0  |  Generated: 2026-06-03T10:03:05.999Z
 
 This is a concise summary of all available API functions and types.
 
@@ -3053,6 +3053,13 @@ interface VerifyResetTokenResponse {
 interface PasswordResetCompleteResponse {
   success: boolean
   message: string
+  token?: string
+  user?: AuthKitUser
+  accountData?: Record<string, any> | null
+  emailVerificationMode?: 'immediate' | 'verify-auto-login' | 'verify-manual-login'
+  refreshToken?: string
+  refreshTokenExpiresAt?: number
+  expiresAt?: number
 }
 ```
 
@@ -8371,19 +8378,19 @@ Upsert contact identity after lightweight verification (public).
 Upsert contact identity after lightweight verification (public).
 
 **completePasswordReset**(clientId: string, token: string, newPassword: string) → `Promise<PasswordResetCompleteResponse>`
-Upsert contact identity after lightweight verification (public).
+Complete a password reset / invite acceptance. On invite acceptance under `verify-auto-login` the server returns a session — adopt it so the caller is logged straight in (plain resets return no token and leave the bearer untouched).
 
 **sendEmailVerification**(clientId: string, data: { userId: string; email: string; redirectUrl?: string; clientName?: string }) → `Promise<EmailVerificationActionResponse>`
-Upsert contact identity after lightweight verification (public).
+Complete a password reset / invite acceptance. On invite acceptance under `verify-auto-login` the server returns a session — adopt it so the caller is logged straight in (plain resets return no token and leave the bearer untouched).
 
 **verifyEmail**(clientId: string, token: string) → `Promise<EmailVerifyTokenResponse>`
-Upsert contact identity after lightweight verification (public).
+Verify an email token; under `verify-auto-login` the server returns a session — adopt it.
 
 **resendEmailVerification**(clientId: string, data: { userId: string; email: string; redirectUrl?: string; clientName?: string }) → `Promise<EmailVerificationActionResponse>`
-Upsert contact identity after lightweight verification (public).
+Verify an email token; under `verify-auto-login` the server returns a session — adopt it.
 
 **getProfile**(clientId: string) → `Promise<UserProfile>`
-Upsert contact identity after lightweight verification (public).
+Verify an email token; under `verify-auto-login` the server returns a session — adopt it.
 
 **updateProfile**(clientId: string, data: ProfileUpdateData) → `Promise<UpdateProfileResponse>`
 Update the authenticated user's profile and replace the bearer token when refreshed claims are returned.
@@ -9392,44 +9399,55 @@ Look up a serial number by code for a product (admin only).
     productId: string) → `Promise<void>`
 
 **query**(collectionId: string,
-    body: ProductQueryRequest) → `Promise<ProductQueryResponse>`
+    body: ProductQueryRequest,
+    admin?: boolean) → `Promise<ProductQueryResponse>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **clone**(collectionId: string,
     productId: string,
     body: Record<string, JsonValue> = {}) → `Promise<ProductResponse>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **listAssets**(collectionId: string,
     productId: string,
     admin?: boolean) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **createClaimWindow**(collectionId: string,
     productId: string,
     body: Record<string, JsonValue>) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **updateClaimWindow**(collectionId: string,
     productId: string,
     claimId: string,
     body: Record<string, JsonValue>) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **refresh**(collectionId: string,
     productId: string) → `Promise<ProductResponse>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **getSN**(collectionId: string,
     productId: string,
     startIndex: number = 0,
     count: number = 10) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **lookupSN**(collectionId: string,
     productId: string,
     codeId: string) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **publicLookupClaim**(collectionId: string,
     productId: string,
     claimId: string) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **publicCreateClaim**(collectionId: string,
     productId: string,
     body: ProductClaimCreateRequestBody) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 ### proof
 

package/dist/openapi.yaml

@@ -6639,39 +6639,6 @@ paths:
           application/json:
             schema:
               $ref: "#/components/schemas/ProductCreateRequest"
-  /admin/collection/{collectionId}/products/query:
-    post:
-      tags:
-        - products
-      summary: products.query
-      operationId: products_query
-      security:
-        - bearerAuth: []
-      parameters:
-        - name: collectionId
-          in: path
-          required: true
-          schema:
-            type: string
-      responses:
-        200:
-          description: Success
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/ProductQueryResponse"
-        400:
-          description: Bad request
-        401:
-          description: Unauthorized
-        404:
-          description: Not found
-      requestBody:
-        required: true
-        content:
-          application/json:
-            schema:
-              $ref: "#/components/schemas/ProductQueryRequest"
   /admin/collection/{collectionId}/products/{productId}:
     put:
       tags:
@@ -8071,7 +8038,7 @@ paths:
     get:
       tags:
         - authKit
-      summary: authKit.getProfile
+      summary: "Verify an email token; under `verify-auto-login` the server returns a session — adopt it."
       operationId: authKit_getProfile
       security: []
       parameters:
@@ -8213,7 +8180,7 @@ paths:
     post:
       tags:
         - authKit
-      summary: authKit.completePasswordReset
+      summary: Complete a password reset / invite acceptance.
       operationId: authKit_completePasswordReset
       security: []
       parameters:
@@ -8579,7 +8546,7 @@ paths:
     post:
       tags:
         - authKit
-      summary: authKit.sendEmailVerification
+      summary: Complete a password reset / invite acceptance.
       operationId: authKit_sendEmailVerification
       security: []
       parameters:
@@ -8670,7 +8637,7 @@ paths:
     post:
       tags:
         - authKit
-      summary: authKit.verifyEmail
+      summary: "Verify an email token; under `verify-auto-login` the server returns a session — adopt it."
       operationId: authKit_verifyEmail
       security: []
       parameters:
@@ -18126,6 +18093,25 @@ components:
           type: boolean
         message:
           type: string
+        token:
+          type: string
+        user:
+          $ref: "#/components/schemas/AuthKitUser"
+        accountData:
+          type: object
+          additionalProperties: true
+        emailVerificationMode:
+          type: string
+          enum:
+            - immediate
+            - verify-auto-login
+            - verify-manual-login
+        refreshToken:
+          type: string
+        refreshTokenExpiresAt:
+          type: number
+        expiresAt:
+          type: number
       required:
         - success
         - message

package/dist/types/authKit.d.ts

@@ -144,9 +144,36 @@ export interface VerifyResetTokenResponse {
     expiresAt?: number;
     message?: string;
 }
+/**
+ * Response from {@link authKit.completePasswordReset}.
+ *
+ * For a **plain password reset**, or an invite accepted under `verify-manual-login`,
+ * the server returns only `success` + `message` and the user is sent to the login screen.
+ *
+ * For **invite acceptance under `verify-auto-login`** (the default), the server also
+ * completes email verification and returns a full session — `token`, `user`, and
+ * `accountData` — so the user can be logged straight in, mirroring
+ * {@link EmailVerifyTokenResponse}. The native-only fields are populated when the request
+ * opted in via `initializeApi({ platform: 'native' })` (the `X-Client-Platform: native`
+ * header). Every session field is therefore optional.
+ */
 export interface PasswordResetCompleteResponse {
     success: boolean;
     message: string;
+    /** Session token (a `SL.` bearer JWT). Present only on invite auto-login. Adopt it and skip the login screen. */
+    token?: string;
+    /** The authenticated user. Present only when a `token` is returned. `emailVerified` is `true` once completion verifies the invite. */
+    user?: AuthKitUser;
+    /** The `clients[clientId]` account-data slice, or `null`. Present only when a `token` is returned. */
+    accountData?: Record<string, any> | null;
+    /** Configured verification mode echoed back; auto-login only occurs for `verify-auto-login`. */
+    emailVerificationMode?: 'immediate' | 'verify-auto-login' | 'verify-manual-login';
+    /** Opaque, single-use refresh token. **Native clients only** — pairs with the short-lived `token`. */
+    refreshToken?: string;
+    /** Absolute expiry of the refresh-token family, in **ms since epoch**. Native only. */
+    refreshTokenExpiresAt?: number;
+    /** Access-token expiry, in **ms since epoch**. Native only. */
+    expiresAt?: number;
 }
 export interface EmailVerificationActionResponse {
     success: boolean;

package/docs/API_SUMMARY.md

@@ -1,6 +1,6 @@
 # Smartlinks API Summary
 
-Version: 1.14.16  |  Generated: 2026-06-01T09:33:51.336Z
+Version: 1.15.0  |  Generated: 2026-06-03T10:03:05.999Z
 
 This is a concise summary of all available API functions and types.
 
@@ -3053,6 +3053,13 @@ interface VerifyResetTokenResponse {
 interface PasswordResetCompleteResponse {
   success: boolean
   message: string
+  token?: string
+  user?: AuthKitUser
+  accountData?: Record<string, any> | null
+  emailVerificationMode?: 'immediate' | 'verify-auto-login' | 'verify-manual-login'
+  refreshToken?: string
+  refreshTokenExpiresAt?: number
+  expiresAt?: number
 }
 ```
 
@@ -8371,19 +8378,19 @@ Upsert contact identity after lightweight verification (public).
 Upsert contact identity after lightweight verification (public).
 
 **completePasswordReset**(clientId: string, token: string, newPassword: string) → `Promise<PasswordResetCompleteResponse>`
-Upsert contact identity after lightweight verification (public).
+Complete a password reset / invite acceptance. On invite acceptance under `verify-auto-login` the server returns a session — adopt it so the caller is logged straight in (plain resets return no token and leave the bearer untouched).
 
 **sendEmailVerification**(clientId: string, data: { userId: string; email: string; redirectUrl?: string; clientName?: string }) → `Promise<EmailVerificationActionResponse>`
-Upsert contact identity after lightweight verification (public).
+Complete a password reset / invite acceptance. On invite acceptance under `verify-auto-login` the server returns a session — adopt it so the caller is logged straight in (plain resets return no token and leave the bearer untouched).
 
 **verifyEmail**(clientId: string, token: string) → `Promise<EmailVerifyTokenResponse>`
-Upsert contact identity after lightweight verification (public).
+Verify an email token; under `verify-auto-login` the server returns a session — adopt it.
 
 **resendEmailVerification**(clientId: string, data: { userId: string; email: string; redirectUrl?: string; clientName?: string }) → `Promise<EmailVerificationActionResponse>`
-Upsert contact identity after lightweight verification (public).
+Verify an email token; under `verify-auto-login` the server returns a session — adopt it.
 
 **getProfile**(clientId: string) → `Promise<UserProfile>`
-Upsert contact identity after lightweight verification (public).
+Verify an email token; under `verify-auto-login` the server returns a session — adopt it.
 
 **updateProfile**(clientId: string, data: ProfileUpdateData) → `Promise<UpdateProfileResponse>`
 Update the authenticated user's profile and replace the bearer token when refreshed claims are returned.
@@ -9392,44 +9399,55 @@ Look up a serial number by code for a product (admin only).
     productId: string) → `Promise<void>`
 
 **query**(collectionId: string,
-    body: ProductQueryRequest) → `Promise<ProductQueryResponse>`
+    body: ProductQueryRequest,
+    admin?: boolean) → `Promise<ProductQueryResponse>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **clone**(collectionId: string,
     productId: string,
     body: Record<string, JsonValue> = {}) → `Promise<ProductResponse>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **listAssets**(collectionId: string,
     productId: string,
     admin?: boolean) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **createClaimWindow**(collectionId: string,
     productId: string,
     body: Record<string, JsonValue>) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **updateClaimWindow**(collectionId: string,
     productId: string,
     claimId: string,
     body: Record<string, JsonValue>) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **refresh**(collectionId: string,
     productId: string) → `Promise<ProductResponse>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **getSN**(collectionId: string,
     productId: string,
     startIndex: number = 0,
     count: number = 10) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **lookupSN**(collectionId: string,
     productId: string,
     codeId: string) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **publicLookupClaim**(collectionId: string,
     productId: string,
     claimId: string) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 **publicCreateClaim**(collectionId: string,
     productId: string,
     body: ProductClaimCreateRequestBody) → `Promise<unknown>`
+Query products in a collection with filtering, sorting, and pagination. authenticated admin context). Defaults to `false`, which targets the `/public` endpoint — consistent with `get`, `list`, and `listAssets`. ```typescript // Public query (default) await products.query(collectionId, { query: { search: 'cabernet' } }) // Admin query (authenticated) await products.query(collectionId, { query: { search: 'cabernet' } }, true) ```
 
 ### proof
 

package/openapi.yaml

@@ -6639,39 +6639,6 @@ paths:
           application/json:
             schema:
               $ref: "#/components/schemas/ProductCreateRequest"
-  /admin/collection/{collectionId}/products/query:
-    post:
-      tags:
-        - products
-      summary: products.query
-      operationId: products_query
-      security:
-        - bearerAuth: []
-      parameters:
-        - name: collectionId
-          in: path
-          required: true
-          schema:
-            type: string
-      responses:
-        200:
-          description: Success
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/ProductQueryResponse"
-        400:
-          description: Bad request
-        401:
-          description: Unauthorized
-        404:
-          description: Not found
-      requestBody:
-        required: true
-        content:
-          application/json:
-            schema:
-              $ref: "#/components/schemas/ProductQueryRequest"
   /admin/collection/{collectionId}/products/{productId}:
     put:
       tags:
@@ -8071,7 +8038,7 @@ paths:
     get:
       tags:
         - authKit
-      summary: authKit.getProfile
+      summary: "Verify an email token; under `verify-auto-login` the server returns a session — adopt it."
       operationId: authKit_getProfile
       security: []
       parameters:
@@ -8213,7 +8180,7 @@ paths:
     post:
       tags:
         - authKit
-      summary: authKit.completePasswordReset
+      summary: Complete a password reset / invite acceptance.
       operationId: authKit_completePasswordReset
       security: []
       parameters:
@@ -8579,7 +8546,7 @@ paths:
     post:
       tags:
         - authKit
-      summary: authKit.sendEmailVerification
+      summary: Complete a password reset / invite acceptance.
       operationId: authKit_sendEmailVerification
       security: []
       parameters:
@@ -8670,7 +8637,7 @@ paths:
     post:
       tags:
         - authKit
-      summary: authKit.verifyEmail
+      summary: "Verify an email token; under `verify-auto-login` the server returns a session — adopt it."
       operationId: authKit_verifyEmail
       security: []
       parameters:
@@ -18126,6 +18093,25 @@ components:
           type: boolean
         message:
           type: string
+        token:
+          type: string
+        user:
+          $ref: "#/components/schemas/AuthKitUser"
+        accountData:
+          type: object
+          additionalProperties: true
+        emailVerificationMode:
+          type: string
+          enum:
+            - immediate
+            - verify-auto-login
+            - verify-manual-login
+        refreshToken:
+          type: string
+        refreshTokenExpiresAt:
+          type: number
+        expiresAt:
+          type: number
       required:
         - success
         - message

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@proveanything/smartlinks",
-  "version": "1.14.16",
+  "version": "1.15.0",
   "description": "Official JavaScript/TypeScript SDK for the Smartlinks API",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",