@proveanything/smartlinks 1.6.3 → 1.6.4

package/dist/api/auth.d.ts

@@ -98,6 +98,11 @@ export declare namespace auth {
      * Throws a `SmartlinksApiError` with `statusCode 401` and
      * `details.local = true` so callers can distinguish "never authenticated"
      * from an actual server-side token rejection.
+     *
+     * This short-circuit is skipped when proxy mode is enabled, because in that
+     * case credentials are held by the parent frame and the local SDK may have
+     * no token set yet — the request must be forwarded to the parent to determine
+     * whether the user is authenticated.
      */
     function getAccount(): Promise<AccountInfoResponse>;
 }

package/dist/api/auth.js

@@ -1,4 +1,4 @@
-import { post, request, setBearerToken, getApiHeaders, hasAuthCredentials } from "../http";
+import { post, request, setBearerToken, getApiHeaders, hasAuthCredentials, isProxyEnabled } from "../http";
 import { SmartlinksApiError } from "../types/error";
 /*
   user: Record<string, any>
@@ -91,9 +91,14 @@ export var auth;
      * Throws a `SmartlinksApiError` with `statusCode 401` and
      * `details.local = true` so callers can distinguish "never authenticated"
      * from an actual server-side token rejection.
+     *
+     * This short-circuit is skipped when proxy mode is enabled, because in that
+     * case credentials are held by the parent frame and the local SDK may have
+     * no token set yet — the request must be forwarded to the parent to determine
+     * whether the user is authenticated.
      */
     async function getAccount() {
-        if (!hasAuthCredentials()) {
+        if (!hasAuthCredentials() && !isProxyEnabled()) {
             throw new SmartlinksApiError('Not authenticated: no bearer token or API key is set.', 401, { code: 401, errorCode: 'NOT_AUTHENTICATED', message: 'Not authenticated: no bearer token or API key is set.', details: { local: true } });
         }
         return request("/public/auth/account");

package/dist/docs/API_SUMMARY.md

@@ -1,6 +1,6 @@
 # Smartlinks API Summary
 
-Version: 1.6.3  |  Generated: 2026-02-26T11:49:31.908Z
+Version: 1.6.4  |  Generated: 2026-02-26T12:33:27.813Z
 
 This is a concise summary of all available API functions and types.
 
@@ -4987,7 +4987,7 @@ Tries to register a new user account. Can return a bearer token, or a Firebase t
 Admin: Get a user bearer token (impersonation/automation). POST /admin/auth/userToken All fields are optional; at least one identifier should be provided.
 
 **getAccount**() → `Promise<AccountInfoResponse>`
-Gets current account information for the logged in user. Returns user, owner, account, and location objects. Short-circuits immediately (no network request) when the SDK has no bearer token or API key set — the server would return 401 anyway. Throws a `SmartlinksApiError` with `statusCode 401` and `details.local = true` so callers can distinguish "never authenticated" from an actual server-side token rejection.
+Gets current account information for the logged in user. Returns user, owner, account, and location objects. Short-circuits immediately (no network request) when the SDK has no bearer token or API key set — the server would return 401 anyway. Throws a `SmartlinksApiError` with `statusCode 401` and `details.local = true` so callers can distinguish "never authenticated" from an actual server-side token rejection. This short-circuit is skipped when proxy mode is enabled, because in that case credentials are held by the parent frame and the local SDK may have no token set yet — the request must be forwarded to the parent to determine whether the user is authenticated.
 
 ### authKit
 

package/docs/API_SUMMARY.md

@@ -1,6 +1,6 @@
 # Smartlinks API Summary
 
-Version: 1.6.3  |  Generated: 2026-02-26T11:49:31.908Z
+Version: 1.6.4  |  Generated: 2026-02-26T12:33:27.813Z
 
 This is a concise summary of all available API functions and types.
 
@@ -4987,7 +4987,7 @@ Tries to register a new user account. Can return a bearer token, or a Firebase t
 Admin: Get a user bearer token (impersonation/automation). POST /admin/auth/userToken All fields are optional; at least one identifier should be provided.
 
 **getAccount**() → `Promise<AccountInfoResponse>`
-Gets current account information for the logged in user. Returns user, owner, account, and location objects. Short-circuits immediately (no network request) when the SDK has no bearer token or API key set — the server would return 401 anyway. Throws a `SmartlinksApiError` with `statusCode 401` and `details.local = true` so callers can distinguish "never authenticated" from an actual server-side token rejection.
+Gets current account information for the logged in user. Returns user, owner, account, and location objects. Short-circuits immediately (no network request) when the SDK has no bearer token or API key set — the server would return 401 anyway. Throws a `SmartlinksApiError` with `statusCode 401` and `details.local = true` so callers can distinguish "never authenticated" from an actual server-side token rejection. This short-circuit is skipped when proxy mode is enabled, because in that case credentials are held by the parent frame and the local SDK may have no token set yet — the request must be forwarded to the parent to determine whether the user is authenticated.
 
 ### authKit
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@proveanything/smartlinks",
-  "version": "1.6.3",
+  "version": "1.6.4",
   "description": "Official JavaScript/TypeScript SDK for the Smartlinks API",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",